brakeman 6.0.1 → 6.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (68) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGES.md +9 -0
  3. data/bundle/load.rb +1 -1
  4. data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/NEWS.md +100 -2
  5. data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/README.md +10 -1
  6. data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/attribute.rb +14 -9
  7. data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/document.rb +1 -1
  8. data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/element.rb +3 -3
  9. data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/entity.rb +25 -15
  10. data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/formatters/pretty.rb +2 -2
  11. data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/namespace.rb +8 -4
  12. data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/parsers/xpathparser.rb +136 -86
  13. data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/rexml.rb +3 -1
  14. data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/text.rb +6 -4
  15. data/lib/brakeman/checks/check_ransack.rb +53 -0
  16. data/lib/brakeman/checks/check_sql.rb +1 -1
  17. data/lib/brakeman/options.rb +4 -0
  18. data/lib/brakeman/processors/alias_processor.rb +1 -2
  19. data/lib/brakeman/processors/lib/module_helper.rb +31 -1
  20. data/lib/brakeman/processors/library_processor.rb +6 -0
  21. data/lib/brakeman/scanner.rb +104 -42
  22. data/lib/brakeman/tracker/controller.rb +14 -10
  23. data/lib/brakeman/tracker.rb +1 -1
  24. data/lib/brakeman/version.rb +1 -1
  25. data/lib/brakeman/warning_codes.rb +1 -0
  26. metadata +56 -55
  27. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/LICENSE.txt +0 -0
  28. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/attlistdecl.rb +0 -0
  29. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/cdata.rb +0 -0
  30. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/child.rb +0 -0
  31. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/comment.rb +0 -0
  32. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/doctype.rb +0 -0
  33. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/dtd/attlistdecl.rb +0 -0
  34. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/dtd/dtd.rb +0 -0
  35. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/dtd/elementdecl.rb +0 -0
  36. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/dtd/entitydecl.rb +0 -0
  37. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/dtd/notationdecl.rb +0 -0
  38. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/encoding.rb +0 -0
  39. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/formatters/default.rb +0 -0
  40. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/formatters/transitive.rb +0 -0
  41. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/functions.rb +0 -0
  42. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/instruction.rb +0 -0
  43. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/light/node.rb +0 -0
  44. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/node.rb +0 -0
  45. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/output.rb +0 -0
  46. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/parent.rb +0 -0
  47. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/parseexception.rb +0 -0
  48. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/parsers/baseparser.rb +0 -0
  49. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/parsers/lightparser.rb +0 -0
  50. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/parsers/pullparser.rb +0 -0
  51. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/parsers/sax2parser.rb +0 -0
  52. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/parsers/streamparser.rb +0 -0
  53. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/parsers/treeparser.rb +0 -0
  54. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/parsers/ultralightparser.rb +0 -0
  55. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/quickpath.rb +0 -0
  56. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/sax2listener.rb +0 -0
  57. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/security.rb +0 -0
  58. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/source.rb +0 -0
  59. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/streamlistener.rb +0 -0
  60. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/undefinednamespaceexception.rb +0 -0
  61. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/validation/relaxng.rb +0 -0
  62. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/validation/validation.rb +0 -0
  63. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/validation/validationexception.rb +0 -0
  64. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/xmldecl.rb +0 -0
  65. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/xmltokens.rb +0 -0
  66. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/xpath.rb +0 -0
  67. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml/xpath_parser.rb +0 -0
  68. /data/bundle/ruby/3.1.0/gems/{rexml-3.2.5 → rexml-3.2.6}/lib/rexml.rb +0 -0