Brakeman 1.4.0 Release
- From:
- Justin
- Date:
- 2012-02-25 @ 19:26
Sorry for the delay. Brakeman 1.4.0 was released yesterday.
Work on Brakeman is picking up again. This is not a huge release, but
there is a new check for the href parameter for `link_to` and some
internal changes.
Changes since 1.3.0:
* Add check for user input in link_to href parameter (Neil Matatall)
* Match ERB processing to rails_xss plugin when plugin used
* Add Brakeman::Report#to_json, Brakeman::Warning#to_json
* Warnings below minimum confidence are dropped completely
* Brakeman.run will now always return a Tracker
See the blog post for more information:
http://brakemanscanner.org/blog/2012/02/25/brakeman-1-dot-4-0-released/