Haha, thanks. But the Ruport removal, JSON output, and JSON diffing was
done by Neil Matatall, and Dave Worth also snuck some commits into this one.
-Justin
On 04/19/2012 07:31 PM, Michael McCabe wrote:
Justin,
You're awesome.
Thanks.
On Apr 19, 2012 10:27 PM, "Justin" <jus...@presidentbeef.com
<mailto:jus...@presidentbeef.com>> wrote:
Some significant code changes are coming in 1.6 (such as the
removal of
Ruport and new JSON output), so there is a pre-release gem available
(https://rubygems.org/gems/brakeman/versions/1.6.0.pre1) so people can
kick the tires just a little bit.
However, the full release of Brakeman 1.6 will be tomorrow (UTC-7), so
there is only a limited amount of time to get in any bug reports
before
the actual release. So please try out the pre-release gem and
report any
issues!
Major changes:
* No more Ruport for reports (yay!)
* Compare scan results to previous (JSON) reports via `--compare`!
* Rescanning and comparing results should be more accurate (in
terms of
fixed/new)!
* JSON reports are much more informative now!
* "Dangerous" user input is highlighted in text/HTML reports!
* Fixed duplicate reporting of SQL injection and mass assignment in
views!