Update dependency brakeman to v7 #290

Open

renovate wants to merge 1 commit from renovate/brakeman-7.x-lockfile into main

pull from: renovate/brakeman-7.x-lockfile

merge into: casper:main

casper:main

casper:renovate/major-ruby-on-rails-packages

casper:renovate/sentry-ruby-monorepo

casper:renovate/good_job-4.x-lockfile

casper:renovate/ruby-3.x

casper:renovate/stackprof-0.x-lockfile

casper:renovate/puma-6.x-lockfile

casper:renovate/dartsass-sprockets-3.x-lockfile

casper:renovate/rspec-rails-7.x-lockfile

casper:renovate/bootsnap-1.x-lockfile

Conversation 0 Commits 1 Files changed 1 +1 -1

renovate commented 2024-12-31 06:03:58 +00:00

Collaborator

Copy link

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
brakeman (source, changelog)	6.2.2 -> 7.1.1

---

Release Notes

presidentbeef/brakeman (brakeman)

v7.1.1

Compare Source

• Fix false positive when calling with_content on ViewComponents (Peer Allan)
• Word wrap text output in pager
• Consider Tempfile.create.path as safe input (Ali Ismayilov)
• Exclude directories before searching for files
• Check each side of or SQL arguments
• Ignore attribute builder in Haml 6
• Add FilePath#to_path for Ruby 3.5 compatibility (S-H-GAMELINKS)
• Fix SQL injection check for calculate method (Rohan Sharma)
• Fix missing td in HTML report (John Hawthorn)
• Check for unsafe SQL when two arguments are passed to AR methods (Patrick Brinich-Langlois)

v7.1.0

Compare Source

• Add EOL dates for Rails 8.0 and Ruby 3.4
• Support render model shortcut
• Use lazy file lists for AppTree
• Add Haml 6.x support
• Improve ignored warnings layout in HTML report (Sebastien Savater)
• Update JUnit report for CircleCI (Philippe Bernery)
• Only load escape functionality from cgi library (Earlopain)
• Add --ensure-no-obsolete-ignore-entries option (viralpraxis)

v7.0.2

Compare Source

• Fix error with empty BUNDLE_GEMFILE env variable

v7.0.1

Compare Source

• Avoid warning on evaluation of plain strings
• Enable use of custom/alternative Gemfiles
• Fix error on directory with rb extension (viralpraxis)
• Support terminal-table 4.0 (Chedli Bourguiba)
• Better support Prism 1.4.0
• Only output timing for each file when using --debug

v7.0.0

Compare Source

• Always warn about deserializing from Marshal
• Output originalBaseUriIds for SARIF format report
• Default to using Prism parser if available (disable with --no-prism)
• Update terminal-table version to use latest
• Update eval check to be a little noisier
• Fix array/hash unknown index handling
• Disable following symbolic links by default, re-enable with --follow-symlinks
• Add step (and timing) for finding files
• Add CSV library as explicit dependency for Ruby 3.4 support
• Major changes to how rescanning works
• Raise minimum Ruby version to 3.1
• Fix hardcoded globally excluded paths
• Remove updated entry in Brakeman ignore files (Toby Hsieh)
• Fix recursion when handling multiple assignment expressions

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [brakeman](https://brakemanscanner.org/) ([source](https://github.com/presidentbeef/brakeman), [changelog](https://github.com/presidentbeef/brakeman/releases)) | `6.2.2` -> `7.1.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>presidentbeef/brakeman (brakeman)</summary> ### [`v7.1.1`](https://github.com/presidentbeef/brakeman/blob/HEAD/CHANGES.md#711---2025-11-03) [Compare Source](https://github.com/presidentbeef/brakeman/compare/v7.1.0...v7.1.1) - Fix false positive when calling `with_content` on ViewComponents (Peer Allan) - Word wrap text output in pager - Consider Tempfile.create.path as safe input (Ali Ismayilov) - Exclude directories before searching for files - Check each side of `or` SQL arguments - Ignore attribute builder in Haml 6 - Add `FilePath#to_path` for Ruby 3.5 compatibility (S-H-GAMELINKS) - Fix SQL injection check for calculate method (Rohan Sharma) - Fix missing `td` in HTML report (John Hawthorn) - Check for unsafe SQL when two arguments are passed to AR methods (Patrick Brinich-Langlois) ### [`v7.1.0`](https://github.com/presidentbeef/brakeman/blob/HEAD/CHANGES.md#710---2025-07-18) [Compare Source](https://github.com/presidentbeef/brakeman/compare/v7.0.2...v7.1.0) - Add EOL dates for Rails 8.0 and Ruby 3.4 - Support render model shortcut - Use lazy file lists for AppTree - Add Haml 6.x support - Improve ignored warnings layout in HTML report (Sebastien Savater) - Update JUnit report for CircleCI (Philippe Bernery) - Only load escape functionality from cgi library (Earlopain) - Add `--ensure-no-obsolete-ignore-entries` option (viralpraxis) ### [`v7.0.2`](https://github.com/presidentbeef/brakeman/blob/HEAD/CHANGES.md#702---2025-04-04) [Compare Source](https://github.com/presidentbeef/brakeman/compare/v7.0.1...v7.0.2) - Fix error with empty `BUNDLE_GEMFILE` env variable ### [`v7.0.1`](https://github.com/presidentbeef/brakeman/blob/HEAD/CHANGES.md#701---2025-04-03) [Compare Source](https://github.com/presidentbeef/brakeman/compare/v7.0.0...v7.0.1) - Avoid warning on evaluation of plain strings - Enable use of custom/alternative Gemfiles - Fix error on directory with `rb` extension (viralpraxis) - Support `terminal-table` 4.0 (Chedli Bourguiba) - Better support Prism 1.4.0 - Only output timing for each file when using `--debug` ### [`v7.0.0`](https://github.com/presidentbeef/brakeman/blob/HEAD/CHANGES.md#700---2024-12-30) [Compare Source](https://github.com/presidentbeef/brakeman/compare/v6.2.2...v7.0.0) - Always warn about deserializing from Marshal - Output `originalBaseUriIds` for SARIF format report - Default to using Prism parser if available (disable with `--no-prism`) - Update `terminal-table` version to use latest - Update `eval` check to be a little noisier - Fix array/hash unknown index handling - Disable following symbolic links by default, re-enable with --follow-symlinks - Add step (and timing) for finding files - Add CSV library as explicit dependency for Ruby 3.4 support - Major changes to how rescanning works - Raise minimum Ruby version to 3.1 - Fix hardcoded globally excluded paths - Remove updated entry in Brakeman ignore files (Toby Hsieh) - Fix recursion when handling multiple assignment expressions </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS44Ni4xIiwidXBkYXRlZEluVmVyIjoiNDEuMTQwLjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbXX0=-->

renovate force-pushed renovate/brakeman-7.x-lockfile from 2285cb8ab2 to 6d1c9df622 2025-04-04 02:51:10 +00:00 Compare

renovate force-pushed renovate/brakeman-7.x-lockfile from 6d1c9df622 to e84bb64e41 2025-04-04 16:51:11 +00:00 Compare

renovate force-pushed renovate/brakeman-7.x-lockfile from e84bb64e41 to 6836290626 2025-07-18 21:31:19 +00:00 Compare

renovate force-pushed renovate/brakeman-7.x-lockfile from 6836290626 to a26013b840 2025-11-04 00:31:29 +00:00 Compare

All checks were successful

Hide all checks

ci/woodpecker/pr/test Pipeline was successful

Details

This pull request can be merged automatically.

You are not authorized to merge this pull request.

View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u origin renovate/brakeman-7.x-lockfile:renovate/brakeman-7.x-lockfile

git switch renovate/brakeman-7.x-lockfile

Merge

Merge the changes and update on Forgejo.

Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.

git switch main

git merge --no-ff renovate/brakeman-7.x-lockfile

git switch renovate/brakeman-7.x-lockfile

git rebase main

git switch main

git merge --ff-only renovate/brakeman-7.x-lockfile

git switch renovate/brakeman-7.x-lockfile

git rebase main

git switch main

git merge --no-ff renovate/brakeman-7.x-lockfile

git switch main

git merge --squash renovate/brakeman-7.x-lockfile

git switch main

git merge --ff-only renovate/brakeman-7.x-lockfile

git switch main

git merge renovate/brakeman-7.x-lockfile

git push origin main

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

casper/advent_leaderboard!290

No description provided.