A static analysis security vulnerability scanner for Ruby on Rails applications
ViewComponentContrib::Base
as dynamic render paths (vividmuimui)Kernel#open("|...")
safe_yaml
gem dependency--timing
to add timing duration for scan stepsPG::Connection.escape_string
as a SQL sanitization method (Joévin Soulenq)class << self
This release is to fix the Ruby version used in the Docker image.
No other changes.
content_tag
in newer Rails (#1778)public
redirect_back
and redirect_back_or_to
to open redirect checkrequest.env
to only consider request headersurl_from
being marked as unsafe (Lachlan Sylvester)find_by(id: ...)
presence
, presence_in
and in?
(#1569)if
expressions in when
clauses (#1743)load_rails_defaults
overwriting settings in the Rails application (James Gregory-Monk)vendor/
(Joe Rafaniello)