brakeman 7.1.2 → 8.0.0

data/lib/brakeman.rb

@@ -1,4 +1,5 @@
 require 'set'
+require 'brakeman/logger'
 require 'brakeman/version'
 
 module Brakeman
@@ -32,6 +33,7 @@ module Brakeman
   @quiet = false
   @loaded_dependencies = []
   @vendored_paths = false
+  @logger = nil
 
   #Run Brakeman scan. Returns Tracker object.
   #
@@ -52,7 +54,6 @@ module Brakeman
   #  * :highlight_user_input - highlight user input in reported warnings (default: true)
   #  * :html_style - path to CSS file
   #  * :ignore_model_output - consider models safe (default: false)
-  #  * :index_libs - add libraries to call index (default: true)
   #  * :interprocedural - limited interprocedural processing of method calls (default: false)
   #  * :message_limit - limit length of messages
   #  * :min_confidence - minimum confidence (0-2, 0 is highest)
@@ -71,7 +72,6 @@ module Brakeman
   #  * :safe_methods - array of methods to consider safe
   #  * :show_ignored - Display warnings that are usually ignored
   #  * :sql_safe_methods - array of sql sanitization methods to consider safe
-  #  * :skip_libs - do not process lib/ directory (default: false)
   #  * :skip_vendor - do not process vendor/ directory (default: true)
   #  * :skip_checks - checks not to run (run all if not specified)
   #  * :absolute_paths - show absolute path of each file (default: false)
@@ -79,6 +79,10 @@ module Brakeman
   #
   #Alternatively, just supply a path as a string.
   def self.run options
+    if not $stderr.tty? and options[:report_progress].nil?
+      options[:report_progress] = false
+    end
+
     options = set_options options
 
     @quiet = !!options[:quiet]
@@ -88,18 +92,37 @@ module Brakeman
       options[:report_progress] = false
     end
 
+    @logger = options[:logger] || set_default_logger(options)
+
     if options[:use_prism]
       begin
         require 'prism'
-        notify '[Notice] Using Prism parser'
       rescue LoadError => e
-        Brakeman.debug "[Notice] Asked to use Prism, but failed to load: #{e}"
+        Brakeman.alert "Asked to use Prism, but failed to load: #{e}"
       end
     end
 
+    Brakeman.announce "Brakeman v#{Brakeman::Version}"
+
     scan options
   end
 
+  def self.logger
+    @logger
+  end
+
+  def self.logger= log
+    @logger = log
+  end
+
+  def self.set_default_logger(options = {})
+    @logger = Brakeman::Logger.get_logger(options)
+  end
+
+  def self.cleanup(newline = true)
+    @logger.cleanup(newline) if @logger
+  end
+
   #Sets up options for run, checks given application path
   def self.set_options options
     if options.is_a? String
@@ -152,6 +175,9 @@ module Brakeman
       require 'yaml'
       options = YAML.safe_load_file config, permitted_classes: [Symbol], symbolize_names: true
 
+      # Brakeman.logger is probably not set yet
+      logger = Brakeman::Logger.get_logger(options || line_options)
+
       if options
         options.each { |k, v| options[k] = Set.new v if v.is_a? Array }
 
@@ -162,15 +188,16 @@ module Brakeman
           if options.include? :additional_checks_path
             options.delete :additional_checks_path
 
-            notify "[Notice] Ignoring additional check paths in config file. Use --allow-check-paths-in-config to allow" unless (options[:quiet] || quiet)
+            logger.alert 'Ignoring additional check paths in config file. Use --allow-check-paths-in-config to allow' unless (options[:quiet] || quiet)
           end
         end
 
         # notify if options[:quiet] and quiet is nil||false
-        notify "[Notice] Using configuration in #{config}" unless (options[:quiet] || quiet)
+        # potentially remove these checks now that logger is used
+        logger.alert "Using configuration in #{config}" unless (options[:quiet] || quiet)
         options
       else
-        notify "[Notice] Empty configuration file: #{config}" unless quiet
+        logger.alert "Empty configuration file: #{config}" unless quiet
         {}
       end
     else
@@ -209,7 +236,6 @@ module Brakeman
       :html_style => "#{File.expand_path(File.dirname(__FILE__))}/brakeman/format/style.css",
       :ignore_model_output => false,
       :ignore_redirect_to_model => true,
-      :index_libs => true,
       :message_limit => 100,
       :min_confidence => 2,
       :output_color => true,
@@ -367,6 +393,12 @@ module Brakeman
 
     options.delete :create_config
 
+    if options[:logger]
+      @logger = options.delete(:logger)
+    else
+      set_default_logger(options)
+    end
+
     options.each do |k,v|
       if v.is_a? Set
         options[k] = v.to_a
@@ -377,9 +409,10 @@ module Brakeman
       File.open file, "w" do |f|
         YAML.dump options, f
       end
-      notify "Output configuration to #{file}"
+
+      announce "Output configuration to #{file}"
     else
-      notify YAML.dump(options)
+      $stdout.puts YAML.dump(options)
     end
   end
 
@@ -394,43 +427,39 @@ module Brakeman
   #Run a scan. Generally called from Brakeman.run instead of directly.
   def self.scan options
     #Load scanner
-    notify "Loading scanner..."
+    scanner, tracker = nil
 
-    begin
-      require 'brakeman/scanner'
-    rescue LoadError
-      raise NoBrakemanError, "Cannot find lib/ directory."
-    end
+    process_step 'Loading scanner' do
+      begin
+        require 'brakeman/scanner'
+      rescue LoadError
+        raise NoBrakemanError, 'Cannot find lib/ directory.'
+      end
 
-    add_external_checks options
+      add_external_checks options
 
-    #Start scanning
-    scanner = Scanner.new options
-    tracker = scanner.tracker
+      #Start scanning
+      scanner = Scanner.new options
+      tracker = scanner.tracker
 
-    check_for_missing_checks options[:run_checks], options[:skip_checks], options[:enable_checks]
+      check_for_missing_checks options[:run_checks], options[:skip_checks], options[:enable_checks]
+    end
 
-    notify "Processing application in #{tracker.app_path}"
+    logger.announce "Scanning #{tracker.app_path}"
     scanner.process
 
-    if options[:parallel_checks]
-      notify "Running checks in parallel..."
-    else
-      notify "Running checks..."
-    end
-
     tracker.run_checks
 
     self.filter_warnings tracker, options
 
     if options[:output_files]
-      notify "Generating report..."
-
-      write_report_to_files tracker, options[:output_files]
+      process_step 'Generating report' do
+        write_report_to_files tracker, options[:output_files]
+      end
     elsif options[:print_report]
-      notify "Generating report..."
-
-      write_report_to_formats tracker, options[:output_formats]
+      process_step 'Generating report' do
+        write_report_to_formats tracker, options[:output_formats]
+      end
     end
 
     tracker
@@ -449,7 +478,8 @@ module Brakeman
       File.open output_file, "w" do |f|
         f.write tracker.report.format(tracker.options[:output_formats][idx])
       end
-      notify "Report saved in '#{output_file}'"
+
+      logger.announce "Report saved in '#{output_file}'"
     end
   end
   private_class_method :write_report_to_files
@@ -493,12 +523,16 @@ module Brakeman
     Rescanner.new(options, tracker.processor, files).recheck
   end
 
-  def self.notify message
-    $stderr.puts message unless @quiet
+  def self.announce message
+    logger.announce message
+  end
+
+  def self.alert message
+    logger.alert message
   end
 
   def self.debug message
-    $stderr.puts message if @debug
+    logger.debug message
   end
 
   # Compare JSON output from a previous scan and return the diff of the two scans
@@ -510,7 +544,7 @@ module Brakeman
     begin
       previous_results = JSON.parse(File.read(options[:previous_results_json]), :symbolize_names => true)[:warnings]
     rescue JSON::ParserError
-      self.notify "Error parsing comparison file: #{options[:previous_results_json]}"
+      self.alert "Error parsing comparison file: #{options[:previous_results_json]}"
       exit!
     end
 
@@ -565,6 +599,7 @@ module Brakeman
 
   def self.filter_warnings tracker, options
     require 'brakeman/report/ignore/config'
+    config = nil
 
     app_tree = Brakeman::AppTree.from_options(options)
 
@@ -576,16 +611,17 @@ module Brakeman
       return
     end
 
-    notify "Filtering warnings..."
-
-    if options[:interactive_ignore]
-      require 'brakeman/report/ignore/interactive'
-      config = InteractiveIgnorer.new(file, tracker.warnings).start
-    else
-      notify "[Notice] Using '#{file}' to filter warnings"
-      config = IgnoreConfig.new(file, tracker.warnings)
-      config.read_from_file
-      config.filter_ignored
+    process_step "Filtering warnings..." do
+      if options[:interactive_ignore]
+        require 'brakeman/report/ignore/interactive'
+        logger.cleanup
+        config = InteractiveIgnorer.new(file, tracker.warnings).start
+      else
+        logger.announce "Using '#{file}' to filter warnings"
+        config = IgnoreConfig.new(file, tracker.warnings)
+        config.read_from_file
+        config.filter_ignored
+      end
     end
 
     tracker.ignored_filter = config
@@ -615,6 +651,10 @@ module Brakeman
     @quiet = val
   end
 
+  def self.process_step(description, &)
+    logger.context(description, &)
+  end
+
   class DependencyError < RuntimeError; end
   class NoBrakemanError < RuntimeError; end
   class NoApplication < RuntimeError; end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: brakeman
 version: !ruby/object:Gem::Version
-  version: 7.1.2
+  version: 8.0.0
 platform: ruby
 authors:
 - Justin Collins
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-12-25 00:00:00.000000000 Z
+date: 2026-01-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: racc
@@ -50,39 +50,12 @@ files:
 - bundle/ruby/3.2.0/gems/csv-3.3.5/lib/csv/table.rb
 - bundle/ruby/3.2.0/gems/csv-3.3.5/lib/csv/version.rb
 - bundle/ruby/3.2.0/gems/csv-3.3.5/lib/csv/writer.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/CHANGES.txt
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/MIT-LICENSE
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/README.txt
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/contrib/erubis
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/contrib/erubis-run.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/contrib/inline-require
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/context.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/converter.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/engine.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/engine/ec.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/engine/ecpp.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/engine/ejava.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/engine/ejavascript.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/engine/enhanced.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/engine/eperl.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/engine/ephp.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/engine/eruby.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/engine/escheme.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/engine/optimized.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/enhancer.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/error.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/evaluator.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/generator.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/helper.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/helpers/rails_form_helper.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/helpers/rails_helper.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/local-setting.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/main.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/preprocessing.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/tiny.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/lib/erubis/util.rb
-- bundle/ruby/3.2.0/gems/erubis-2.7.0/setup.rb
+- bundle/ruby/3.2.0/gems/erubi-1.13.1/CHANGELOG
+- bundle/ruby/3.2.0/gems/erubi-1.13.1/MIT-LICENSE
+- bundle/ruby/3.2.0/gems/erubi-1.13.1/README.rdoc
+- bundle/ruby/3.2.0/gems/erubi-1.13.1/lib/erubi.rb
+- bundle/ruby/3.2.0/gems/erubi-1.13.1/lib/erubi/capture_block.rb
+- bundle/ruby/3.2.0/gems/erubi-1.13.1/lib/erubi/capture_end.rb
 - bundle/ruby/3.2.0/gems/haml-6.4.0/CHANGELOG.md
 - bundle/ruby/3.2.0/gems/haml-6.4.0/FAQ.md
 - bundle/ruby/3.2.0/gems/haml-6.4.0/Gemfile
@@ -408,46 +381,45 @@ files:
 - bundle/ruby/3.2.0/gems/terminal-table-4.0.0/lib/terminal-table/util.rb
 - bundle/ruby/3.2.0/gems/terminal-table-4.0.0/lib/terminal-table/version.rb
 - bundle/ruby/3.2.0/gems/terminal-table-4.0.0/terminal-table.gemspec
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/COPYING
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/_emacs_org.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/_handlebars.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/_jbuilder.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/_org.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/asciidoc.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/babel.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/builder.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/cli.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/coffee.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/commonmarker.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/creole.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/csv.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/erb.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/erubi.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/etanni.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/haml.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/kramdown.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/liquid.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/livescript.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/mapping.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/markaby.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/nokogiri.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/pandoc.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/pipeline.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/plain.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/prawn.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/radius.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/rdiscount.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/rdoc.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/redcarpet.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/redcloth.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/rst-pandoc.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/sass.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/slim.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/string.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/template.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/typescript.rb
-- bundle/ruby/3.2.0/gems/tilt-2.6.1/lib/tilt/yajl.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/COPYING
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/_emacs_org.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/_handlebars.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/_jbuilder.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/_org.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/asciidoc.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/babel.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/builder.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/cli.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/coffee.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/commonmarker.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/csv.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/erb.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/erubi.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/etanni.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/haml.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/kramdown.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/liquid.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/livescript.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/mapping.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/markaby.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/nokogiri.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/pandoc.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/pipeline.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/plain.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/prawn.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/radius.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/rdiscount.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/rdoc.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/redcarpet.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/redcloth.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/rst-pandoc.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/sass.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/slim.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/string.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/template.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/typescript.rb
+- bundle/ruby/3.2.0/gems/tilt-2.7.0/lib/tilt/yajl.rb
 - bundle/ruby/3.2.0/gems/unicode-display_width-3.2.0/CHANGELOG.md
 - bundle/ruby/3.2.0/gems/unicode-display_width-3.2.0/MIT-LICENSE.txt
 - bundle/ruby/3.2.0/gems/unicode-display_width-3.2.0/README.md
@@ -568,6 +540,7 @@ files:
 - lib/brakeman/checks/check_render.rb
 - lib/brakeman/checks/check_render_dos.rb
 - lib/brakeman/checks/check_render_inline.rb
+- lib/brakeman/checks/check_render_rce.rb
 - lib/brakeman/checks/check_response_splitting.rb
 - lib/brakeman/checks/check_reverse_tabnabbing.rb
 - lib/brakeman/checks/check_route_dos.rb
@@ -610,14 +583,12 @@ files:
 - lib/brakeman/file_parser.rb
 - lib/brakeman/file_path.rb
 - lib/brakeman/format/style.css
+- lib/brakeman/logger.rb
 - lib/brakeman/messages.rb
 - lib/brakeman/options.rb
-- lib/brakeman/parsers/erubis_patch.rb
 - lib/brakeman/parsers/haml6_embedded.rb
 - lib/brakeman/parsers/haml_embedded.rb
-- lib/brakeman/parsers/rails2_erubis.rb
-- lib/brakeman/parsers/rails2_xss_plugin_erubis.rb
-- lib/brakeman/parsers/rails3_erubis.rb
+- lib/brakeman/parsers/rails_erubi.rb
 - lib/brakeman/parsers/slim_embedded.rb
 - lib/brakeman/parsers/template_parser.rb
 - lib/brakeman/processor.rb
@@ -627,7 +598,7 @@ files:
 - lib/brakeman/processors/controller_alias_processor.rb
 - lib/brakeman/processors/controller_processor.rb
 - lib/brakeman/processors/erb_template_processor.rb
-- lib/brakeman/processors/erubis_template_processor.rb
+- lib/brakeman/processors/erubi_template_procesor.rb
 - lib/brakeman/processors/gem_processor.rb
 - lib/brakeman/processors/haml6_template_processor.rb
 - lib/brakeman/processors/haml_template_processor.rb