casper/advent_leaderboard

Fork 0

Update dependency brakeman to v7 #290

Open

renovate wants to merge 1 commit from renovate/brakeman-7.x-lockfile into main

renovate commented

2024-12-31 06:03:58 +00:00

Collaborator

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
brakeman (source, changelog)	`6.2.2` -> `7.1.0`

Release Notes

presidentbeef/brakeman (brakeman)

`v7.1.0`

Compare Source

Add EOL dates for Rails 8.0 and Ruby 3.4
Support render model shortcut
Use lazy file lists for AppTree
Add Haml 6.x support
Improve ignored warnings layout in HTML report (Sebastien Savater)
Update JUnit report for CircleCI (Philippe Bernery)
Only load escape functionality from cgi library (Earlopain)
Add --ensure-no-obsolete-config-entries option (viralpraxis)

`v7.0.2`

Compare Source

Fix error with empty BUNDLE_GEMFILE env variable

`v7.0.1`

Compare Source

Avoid warning on evaluation of plain strings
Enable use of custom/alternative Gemfiles
Fix error on directory with rb extension (viralpraxis)
Support terminal-table 4.0 (Chedli Bourguiba)
Better support Prism 1.4.0
Only output timing for each file when using --debug

`v7.0.0`

Compare Source

Always warn about deserializing from Marshal
Output originalBaseUriIds for SARIF format report
Default to using Prism parser if available (disable with --no-prism)
Update terminal-table version to use latest
Update eval check to be a little noisier
Fix array/hash unknown index handling
Disable following symbolic links by default, re-enable with --follow-symlinks
Add step (and timing) for finding files
Add CSV library as explicit dependency for Ruby 3.4 support
Major changes to how rescanning works
Raise minimum Ruby version to 3.1
Fix hardcoded globally excluded paths
Remove updated entry in Brakeman ignore files (Toby Hsieh)
Fix recursion when handling multiple assignment expressions

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [brakeman](https://brakemanscanner.org/) ([source](https://github.com/presidentbeef/brakeman), [changelog](https://github.com/presidentbeef/brakeman/releases)) | `6.2.2` -> `7.1.0` | [![age](https://developer.mend.io/api/mc/badges/age/rubygems/brakeman/7.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/rubygems/brakeman/7.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/rubygems/brakeman/6.2.2/7.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/rubygems/brakeman/6.2.2/7.1.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>presidentbeef/brakeman (brakeman)</summary> ### [`v7.1.0`](https://github.com/presidentbeef/brakeman/blob/HEAD/CHANGES.md#710---2025-07-18) [Compare Source](https://github.com/presidentbeef/brakeman/compare/v7.0.2...v7.1.0) - Add EOL dates for Rails 8.0 and Ruby 3.4 - Support render model shortcut - Use lazy file lists for AppTree - Add Haml 6.x support - Improve ignored warnings layout in HTML report (Sebastien Savater) - Update JUnit report for CircleCI (Philippe Bernery) - Only load escape functionality from cgi library (Earlopain) - Add `--ensure-no-obsolete-config-entries` option (viralpraxis) ### [`v7.0.2`](https://github.com/presidentbeef/brakeman/blob/HEAD/CHANGES.md#702---2025-04-04) [Compare Source](https://github.com/presidentbeef/brakeman/compare/v7.0.1...v7.0.2) - Fix error with empty `BUNDLE_GEMFILE` env variable ### [`v7.0.1`](https://github.com/presidentbeef/brakeman/blob/HEAD/CHANGES.md#701---2025-04-03) [Compare Source](https://github.com/presidentbeef/brakeman/compare/v7.0.0...v7.0.1) - Avoid warning on evaluation of plain strings - Enable use of custom/alternative Gemfiles - Fix error on directory with `rb` extension (viralpraxis) - Support `terminal-table` 4.0 (Chedli Bourguiba) - Better support Prism 1.4.0 - Only output timing for each file when using `--debug` ### [`v7.0.0`](https://github.com/presidentbeef/brakeman/blob/HEAD/CHANGES.md#700---2024-12-30) [Compare Source](https://github.com/presidentbeef/brakeman/compare/v6.2.2...v7.0.0) - Always warn about deserializing from Marshal - Output `originalBaseUriIds` for SARIF format report - Default to using Prism parser if available (disable with `--no-prism`) - Update `terminal-table` version to use latest - Update `eval` check to be a little noisier - Fix array/hash unknown index handling - Disable following symbolic links by default, re-enable with --follow-symlinks - Add step (and timing) for finding files - Add CSV library as explicit dependency for Ruby 3.4 support - Major changes to how rescanning works - Raise minimum Ruby version to 3.1 - Fix hardcoded globally excluded paths - Remove updated entry in Brakeman ignore files (Toby Hsieh) - Fix recursion when handling multiple assignment expressions </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

renovate force-pushed renovate/brakeman-7.x-lockfile from 2285cb8ab2 to 6d1c9df622

2025-04-04 02:51:10 +00:00

Compare

renovate force-pushed renovate/brakeman-7.x-lockfile from 6d1c9df622 to e84bb64e41

2025-04-04 16:51:11 +00:00

Compare

renovate force-pushed renovate/brakeman-7.x-lockfile from e84bb64e41 to 6836290626

2025-07-18 21:31:19 +00:00

Compare

ci/woodpecker/pr/test Pipeline was successful

Details

This pull request can be merged automatically.

This branch is out-of-date with the base branch

You are not authorized to merge this pull request.

View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u origin renovate/brakeman-7.x-lockfile:renovate/brakeman-7.x-lockfile

git switch renovate/brakeman-7.x-lockfile

Merge

Merge the changes and update on Forgejo.

Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.

git switch main

git merge --no-ff renovate/brakeman-7.x-lockfile

git switch renovate/brakeman-7.x-lockfile

git rebase main

git switch main

git merge --ff-only renovate/brakeman-7.x-lockfile

git switch renovate/brakeman-7.x-lockfile

git rebase main

git switch main

git merge --no-ff renovate/brakeman-7.x-lockfile

git switch main

git merge --squash renovate/brakeman-7.x-lockfile

git switch main

git merge --ff-only renovate/brakeman-7.x-lockfile

git switch main

git merge renovate/brakeman-7.x-lockfile

git push origin main

No reviewers

No labels

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: casper/advent_leaderboard#290

No description provided.

Rows
Columns