brakeman 4.1.0 → 4.1.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES.md +5 -0
- data/lib/brakeman/checks/check_divide_by_zero.rb +2 -0
- data/lib/brakeman/checks/check_permit_attributes.rb +2 -2
- data/lib/brakeman/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8415945622378ed5786ec1a2f6a95e43da5c78dd
|
4
|
+
data.tar.gz: d2e4f64d195384e14dd9629af3b858a2137a631f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 80f963fb7bea3911adb45e90648b02e105087511163568e8f6eac7b1a4efac72878fa266614f44b8483491d39be3f381f6ad55e17ae41afa82c4194116f5a635
|
7
|
+
data.tar.gz: 34e491a6927e409a6cc1e80c4b2c21c152aaee8ab67e9b8cbff3b5e79dd50dc66052843106964eab1e161ecc64bc3121271f7847466caaa8d348bd9c74f6aa0e
|
data/CHANGES.md
CHANGED
@@ -19,14 +19,14 @@ class Brakeman::CheckPermitAttributes < Brakeman::BaseCheck
|
|
19
19
|
end
|
20
20
|
|
21
21
|
def check_permit result
|
22
|
+
return unless original? result
|
23
|
+
|
22
24
|
call = result[:call]
|
23
25
|
|
24
26
|
call.each_arg do |arg|
|
25
27
|
if symbol? arg
|
26
28
|
if SUSPICIOUS_KEYS.key? arg.value
|
27
29
|
warn_on_permit_key result, arg
|
28
|
-
elsif arg.value.match /_id$/
|
29
|
-
warn_on_permit_key result, arg, :medium
|
30
30
|
end
|
31
31
|
end
|
32
32
|
end
|
data/lib/brakeman/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: brakeman
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.1.
|
4
|
+
version: 4.1.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Justin Collins
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain:
|
11
11
|
- brakeman-public_cert.pem
|
12
|
-
date: 2017-12-
|
12
|
+
date: 2017-12-19 00:00:00.000000000 Z
|
13
13
|
dependencies: []
|
14
14
|
description: Brakeman detects security vulnerabilities in Ruby on Rails applications
|
15
15
|
via static analysis.
|