Bump brakeman from 4.7.1 to 4.7.2 (!1072) · Merge requests · David Rodríguez / nipanipa

NipaNipa requested to merge dependabot/bundler/brakeman-4.7.2 into master Nov 26, 2019

Bumps brakeman from 4.7.1 to 4.7.2.

Release notes

4.7.2

Add request.params as query parameters (#1398)

Handle more permit! cases (#1426)

Remove version guard for named_scope vs. scope

Find SQL injection in String#strip_heredoc target (#1433)

Ensure file name is set when processing models

Bundle ruby_parser version 3.14.1 (#1429)

Changelog

Sourced from brakeman's changelog.

4.7.2 - 2019-11-25

Remove version guard for named_scope vs. scope

Find SQL injection in String#strip_heredoc target

Handle more permit! cases

Ensure file name is set when processing model

Add request.params as query parameters

Commits

0d9d3d0 Update gemspec metadata
221bb9e Bump to 4.7.2
196fad6 Merge pull request #1435 from presidentbeef/scopes_for_all
502b07c Remove version check for named_scope vs. scope
ec8339d Merge pull request #1434 from presidentbeef/sqli_strip_heredoc
26da3e7 Find SQL injection in String#strip_heredoc
bac27a1 Merge pull request #1431 from presidentbeef/model_file_names
23c8d11 Add test to check that every warning has a file
7b87045 Ensure file name is set during model processing
72b85bd Merge pull request #1427 from presidentbeef/more_or_less_permit_bang
Additional commits viewable in compare view

Bump brakeman from 4.7.1 to 4.7.2

4.7.2

4.7.2 - 2019-11-25

Merge request reports