Skip to content

B
Brakeman

李少辉-开发者 / Brakeman

通知 1
Star 0
Fork 0
B
Brakeman

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

切换分支/标签
  1. 19 8月, 2014 1 次提交
  3. 08 8月, 2014 1 次提交
    • J
      Update CHANGES · 16715a01
      Justin Collins 提交于 
      * Expand app path in one place instead of all over (Jeff Rafter)
* Add `--add-checks-path` option for external checks (Clint Gibler)
* Fix SQL injection detection in deep nested string building
* Add `-4` option to force Rails 4 mode
* Check entire call for `send`
* Check for .gitignore of secrets in subdirectories
* Fix block statment endings in Erubis
* Fix undefined variable in controller processing error (Jason Barnabe)
      16715a01
  5. 03 7月, 2014 1 次提交
  7. 07 6月, 2014 1 次提交
  9. 27 5月, 2014 1 次提交
    • J
      Update CHANGES · 43f92bf4
      Justin Collins 提交于 
      * Update to use RubyParser 3.5.0 (Patrick Toomey)
* Improve default route detection in Rails 3/4 (Jeff Jarmoc)
* Handle controllers and models split across files (Patrick Toomey)
* Fix handling of `protected_attributes` gem in Rails 4 (Geoffrey
* Hichborn)
* Ignore more model methods in redirects
* Fix CheckRender with nested render calls
      43f92bf4
  11. 30 4月, 2014 1 次提交
    • J
      Update CHANGES · 4e0bb644
      Justin Collins 提交于 
      * Add support for RailsLTS 2.3.18.7 and 2.3.18.8
* Add support for Rails 4 `before_actions` and friends
* Move SQLi CVE checks to `CheckSQLCVEs`
* Check for protected_attributes gem
* Fix SQLi detection in chain calls in scopes
* Add GitHub-flavored Markdown output format (Greg Ose)
      4e0bb644
  13. 11 4月, 2014 1 次提交
    • J
      Update CHANGES · c093c3d8
      Justin Collins 提交于 
       * Fix false positives when sanitize() is used in SQL (Jeff Yip)
 * Add String#intern and Hash#symbolize_keys DoS check (Jan Rusnacko)
 * Check all arguments in Model.select for SQLi
 * Fix false positive when :host is specified in redirect
 * Handle more non-literals in routes
      c093c3d8
  15. 01 4月, 2014 1 次提交
  17. 23 3月, 2014 1 次提交
  19. 21 3月, 2014 1 次提交
    • J
      Update CHANGES · f6ed341e
      Justin Collins 提交于 
       * Remove `rescue Exception`
 * Fix duplicate warnings about sanitize CVE
      f6ed341e
  21. 19 2月, 2014 1 次提交
  23. 14 2月, 2014 1 次提交
    • J
      Update CHANGES · b3b15be7
      Justin Collins 提交于 
       * Reuse duplicate call location information
 * Only track original template output locations
 * Skip identically rendered templates
 * Fix HAML template processing
      b3b15be7
  25. 05 2月, 2014 1 次提交
    • J
      Update CHANGES · fbd10279
      Justin Collins 提交于 
       * Detect Rails LTS versions
 * Reduce false positives for SQL injection in string building
 * More accurate user input marking for SQL injection warnings
 * Detect SQL injection in `delete_all`/`destroy_all`
 * Detect SQL injection raw SQL queries using `connection`
 * Update to RubyParser 3.4.0
      fbd10279
  27. 23 1月, 2014 1 次提交
  29. 22 1月, 2014 1 次提交
  31. 14 1月, 2014 1 次提交
    • J
      Update CHANGES · 0579dd81
      Justin Collins 提交于 
       * Fix false positives when SQL methods are not called on AR models (Aaron Bedra)
 * Add check for uses of OpenSSL::SSL::VERIFY_NONE (Aaron Bedra)
 * No longer raise exceptions if a class name cannot be determined
      0579dd81
  33. 31 12月, 2013 1 次提交
  35. 13 12月, 2013 1 次提交
  37. 12 12月, 2013 1 次提交
  39. 27 11月, 2013 1 次提交
  41. 29 10月, 2013 1 次提交
  43. 22 10月, 2013 1 次提交
  45. 16 10月, 2013 1 次提交
  47. 18 9月, 2013 1 次提交
  49. 17 9月, 2013 1 次提交
  51. 29 8月, 2013 1 次提交
  53. 22 8月, 2013 2 次提交
  55. 20 8月, 2013 1 次提交
  57. 18 7月, 2013 1 次提交
  59. 17 7月, 2013 1 次提交
  61. 13 7月, 2013 1 次提交
  63. 11 7月, 2013 1 次提交
  65. 01 7月, 2013 1 次提交
  67. 26 6月, 2013 1 次提交
  69. 21 6月, 2013 1 次提交
  71. 19 6月, 2013 1 次提交
  73. 12 6月, 2013 1 次提交
  75. 21 5月, 2013 2 次提交