Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency brakeman to v6 #761

Merged
merged 1 commit into from
Sep 25, 2024
Merged

Update dependency brakeman to v6 #761

merged 1 commit into from
Sep 25, 2024
+2 −1

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Sep 25, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
brakeman (source, changelog) 5.4.1 -> 6.2.1 age adoption passing confidence

Release Notes

presidentbeef/brakeman (brakeman)

v6.2.1

Just a packaging fix for brakeman.gem

v6.2.0

  • Add --show-ignored option (Gabriel Zayas)
  • Add optional support for Prism parser
  • Warn about unscoped finds with find_by!
  • Treat ::X and X the same, for now (Jill Klang)
  • Fix compatibility with default frozen string literals (Jean Boussier)
  • Remediation advice for command injection (Nicholas Barone)
  • Fix Ruby warnings in test suite (Jean Boussier)
  • Support YAML aliases in secret configs (Chedli Bourguiba)
  • Add initial Rails 8 support (Ron Shinall)
  • Handle mass assignment with splats
  • Add support for symbolic links (Lu Zhu)

v6.1.2

Compare Source

  • Update Highline to 3.0
  • Add EOL date for Ruby 3.3.0
  • Avoid copying Sexps that are too large
  • Avoid detecting ViewComponentContrib::Base as dynamic render paths (vividmuimui)
  • Remove deprecated use of Kernel#open("|...")
  • Remove safe_yaml gem dependency
  • Avoid detecting Phlex components as dynamic render paths (Máximo Mussini)

v6.1.1

Compare Source

  • Handle racc as a default gem in Ruby 3.3.0

v6.1.0

Compare Source

  • Add --timing to add timing duration for scan steps
  • Fix keyword splats in filter arguments
  • Add check for unfiltered search with Ransack
  • Fix class method lookup in parent classes
  • Handle class << self
  • Add PG::Connection.escape_string as a SQL sanitization method (Joévin Soulenq)

v6.0.1

Compare Source

  • Accept strings for load_defaults version

v6.0.0

Compare Source

  • Add obsolete fingerprints to comparison report
  • Warn about missing CSRF protection when defaults are not loaded (Chris Kruger)
  • Scan directories that include the word public
  • Raise minimum Ruby version to 3.0
  • Drop support for Ruby 1.8/1.9 syntax
  • Fix end-of-life dates for Ruby
  • Fix false positive with content_tag in newer Rails

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - "after 10am every weekday,before 4pm every weekday" in timezone Europe/London.

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Sep 25, 2024
@renovate renovate bot force-pushed the renovate/brakeman-6.x-lockfile branch from b24e16a to f0eb279 Compare September 25, 2024 13:34
@jdudley1123 jdudley1123 merged commit f537468 into develop Sep 25, 2024
3 checks passed
@jdudley1123 jdudley1123 deleted the renovate/brakeman-6.x-lockfile branch September 25, 2024 13:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jdudley1123 jdudley1123 jdudley1123 approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jdudley1123