- 30 8月, 2012 2 次提交
- 29 8月, 2012 6 次提交
- 25 8月, 2012 6 次提交
-
-
由 Justin 提交于
Track render chain for templates
-
由 Justin 提交于
Allow Brakeman to be run without tty
-
由 Justin Collins 提交于
This tests when you have a partial that is rendered from more than one controller action, which in the past would cause rendered partials to be overwritten, possibly hiding warnings
-
由 Justin Collins 提交于
There was a bit of a logic error here, because a warning might be detected as a duplicate in `check_for_immediate_xss`, causing it to return 'false' and then the check would go ahead and process the `raw` call. This would result in 'weak' confidence warnings that were duplicates of 'high' confidence warnings.
-
由 Justin Collins 提交于
-
由 Justin Collins 提交于
instead of a single caller
-
- 24 8月, 2012 1 次提交
-
-
由 fsword 提交于
User can use the brakeman on admin tools which has no tty support
-
- 23 8月, 2012 4 次提交
-
-
由 Justin 提交于
Fix --rake when output to file(s) fixes #130
-
由 Deepak Kumar 提交于
-
由 Deepak Kumar 提交于
-
由 Deepak Kumar 提交于
-
- 22 8月, 2012 5 次提交
-
-
由 Justin 提交于
A little bit better error visibility
-
由 Justin Collins 提交于
Treat model attribute as immediate value in `or` expressions Conflicts: lib/brakeman/checks/base_check.rb
-
由 Justin Collins 提交于
Remove method_missing behavior from Sexp Conflicts: lib/ruby_parser/bm_sexp.rb
-
由 Justin 提交于
Add convenience methods for Sexp nodes instead of having to use array-like indexing which is hard to read and hard to remember
-
由 Justin Collins 提交于
Move along, nothing to see here! No idea how this snuck in.
-
- 16 8月, 2012 2 次提交
-
-
由 Justin Collins 提交于
`BaseCheck#has_immediate_model?` will return true if a model attribute is found in an `or` expression, just like `BaseCheck#has_immediate_user_input?` does for everything else.
-
由 Justin Collins 提交于
-
- 15 8月, 2012 8 次提交
-
-
由 Justin Collins 提交于
-
由 Justin Collins 提交于
-
由 Justin Collins 提交于
-
由 Justin Collins 提交于
-
由 Justin Collins 提交于
-
由 Justin Collins 提交于
because that behavior is not and should not be used, while having it hides bugs because calling a method on Sexp that does not exist
-
由 Justin Collins 提交于
mixed up method name
-
由 Justin Collins 提交于
-
- 14 8月, 2012 6 次提交
-
-
由 Justin Collins 提交于
-
由 Justin Collins 提交于
-
由 Justin Collins 提交于
[ci-skip]
-
由 Justin Collins 提交于
-
由 Justin Collins 提交于
Conflicts: test/tests/test_rails2.rb test/tests/test_rails3.rb test/tests/test_rails31.rb
-
由 Justin Collins 提交于
Conflicts: lib/brakeman/checks/check_cross_site_scripting.rb
-