提交 · b6e2dfad3901802170bee276b627059f2770b40b · 李少辉-开发者 / Brakeman

21 2月, 2014 1 次提交
- J
  Merge pull request #446 from presidentbeef/remove_rescue_exception · b6e2dfad
  由 Justin 提交于 2月 20, 2014
```
Remove `rescue Exception` instances
```
  b6e2dfad
20 2月, 2014 1 次提交
- J
  Merge remote-tracking branch 'origin/Feb_18_CVEs' · a41b8fb3
  由 Justin Collins 提交于 2月 19, 2014
```
Conflicts:
	CHANGES
```
  a41b8fb3
19 2月, 2014 8 次提交
- J
  
  Bump to 2.4.1 · 662b2425
  由 Justin Collins 提交于 2月 19, 2014
  
  662b2425
- J
  Merge pull request #449 from presidentbeef/CVE_2014_0082 · 98ec5204
  由 Justin 提交于 2月 19, 2014
```
Add check for CVE-2014-0082
```
  98ec5204
- J
  
  Add check for CVE-2014-0082 · 5a499e96
  由 Justin Collins 提交于 2月 18, 2014
  
  5a499e96
- J
  Merge pull request #448 from presidentbeef/CVE_2014_0081 · 3401276a
  由 Justin 提交于 2月 18, 2014
```
Add check for CVE-2014-0081
```
  3401276a
- J
  Merge pull request #447 from presidentbeef/CVE_2014_0080 · 1fda1a66
  由 Justin 提交于 2月 18, 2014
```
Add check for CVE-2014-0080
```
  1fda1a66
- J
  
  Add check for CVE-2014-0081 · 25107787
  由 Justin Collins 提交于 2月 18, 2014
  
  25107787
- J
  
  Merge branch 'CVE_2014_0080' into Feb_18_CVEs · 0733340b
  由 Justin Collins 提交于 2月 18, 2014
  
  0733340b
- J
  
  Add check for CVE-2014-0080 · 93d35d48
  由 Justin Collins 提交于 2月 18, 2014
  
  93d35d48
18 2月, 2014 1 次提交
- J
  Remove `rescue Exception` instances · 2b5e521f
  由 Justin Collins 提交于 1月 22, 2014
```
closes #428
```
  2b5e521f
15 2月, 2014 2 次提交
- J
  Merge pull request #445 from presidentbeef/skip_duplicate_sanitize_warnings · 18c84428
  由 Justin 提交于 2月 15, 2014
```
Skip duplicate sanitize CVE warnings
```
  18c84428
- J
  
  Fix duplicate warnings about sanitize CVE · 94d3e5c2
  由 Justin Collins 提交于 2月 14, 2014
  
  94d3e5c2
14 2月, 2014 2 次提交
- J
  Update CHANGES · b3b15be7
  由 Justin Collins 提交于 2月 13, 2014
```
 * Reuse duplicate call location information
 * Only track original template output locations
 * Skip identically rendered templates
 * Fix HAML template processing
```
  b3b15be7
- J
  
  Skip duplicate sanitize CVE warnings · 5e8dd159
  由 Justin Collins 提交于 2月 13, 2014
  
  5e8dd159
12 2月, 2014 4 次提交
- J
  Merge pull request #444 from presidentbeef/call_location_reuse · 45f93861
  由 Justin 提交于 2月 12, 2014
```
Reuse call locations in CallIndex
```
  45f93861
- J
  Merge pull request #443 from presidentbeef/only_original_outputs · 04cd0958
  由 Justin 提交于 2月 12, 2014
```
Only store original template outputs
```
  04cd0958
- J
  Merge pull request #442 from presidentbeef/ignore_duplicate_renders · 6b14a521
  由 Justin 提交于 2月 12, 2014
```
Ignore identically rendered templates
```
  6b14a521
- J
  Merge pull request #441 from presidentbeef/fix_haml_template_processing · 49fd86c0
  由 Justin 提交于 2月 12, 2014
```
Fix HAML template processing
```
  49fd86c0
08 2月, 2014 4 次提交
- J
  
  Only store original template outputs · 2540d5cb
  由 Justin Collins 提交于 2月 07, 2014
  
  2540d5cb
- J
  
  Ignore identically rendered templates · 9fedae27
  由 Justin Collins 提交于 2月 07, 2014
  
  9fedae27
- J
  
  Add more tests for HAML XSS · 750ea2da
  由 Justin Collins 提交于 2月 07, 2014
  
  750ea2da
- J
  
  Fix HAML processing · fe38b257
  由 Justin Collins 提交于 2月 06, 2014
  
  fe38b257
07 2月, 2014 1 次提交
- J
  
  Reuse call locations in CallIndex · 48cc5b41
  由 Justin Collins 提交于 2月 07, 2014
  
  48cc5b41
06 2月, 2014 1 次提交
- J
  
  Bump to 2.4.0 · 9146de53
  由 Justin Collins 提交于 2月 05, 2014
  
  9146de53
05 2月, 2014 14 次提交
- J
  Update CHANGES · fbd10279
  由 Justin Collins 提交于 2月 05, 2014
```
 * Detect Rails LTS versions
 * Reduce false positives for SQL injection in string building
 * More accurate user input marking for SQL injection warnings
 * Detect SQL injection in `delete_all`/`destroy_all`
 * Detect SQL injection raw SQL queries using `connection`
 * Update to RubyParser 3.4.0
```
  fbd10279
- J
  
  Update ruby_parser to 3.4.0 · 29239377
  由 Justin Collins 提交于 2月 04, 2014
  
  29239377
- J
  Merge pull request #440 from presidentbeef/better_handling_of_sql_strings · 5279dd6a
  由 Justin 提交于 2月 04, 2014
```
Better handling of SQL strings and fewer false positives
```
  5279dd6a
- J
  Merge pull request #437 from presidentbeef/support_lts_versions · add9e26a
  由 Justin 提交于 2月 04, 2014
```
Add support for RailsLTS versions
```
  add9e26a
- J
  
  Fix Rails LTS detection · 5d99f32b
  由 Justin Collins 提交于 2月 04, 2014
  
  5d99f32b
- J
  Merge branch 'master' into support_lts_versions · 51a2a469
  由 Justin Collins 提交于 2月 04, 2014
```
Conflicts:
	lib/brakeman/checks/check_sql.rb
```
  51a2a469
- J
  
  Ignore `*_id` calls in SQL · b65e6940
  由 Justin Collins 提交于 2月 04, 2014
  
  b65e6940
- J
  Handle mix of string concatenation and interpolation · f40686d8
  由 Justin Collins 提交于 2月 04, 2014
```
in SQL queries
```
  f40686d8
- J
  
  Handle calls to #to_s better in SQL checks · f4e79635
  由 Justin Collins 提交于 2月 04, 2014
  
  f4e79635
- J
  
  Deeper checking of SQL interpolation · 28baa3c3
  由 Justin Collins 提交于 2月 03, 2014
  
  28baa3c3
- J
  
  Ignore sanitized SQL in string building · 64cfeaa0
  由 Justin Collins 提交于 2月 03, 2014
  
  64cfeaa0
- J
  Merge pull request #439 from presidentbeef/active_record_base_connect_sqli · 0c37f7de
  由 Justin 提交于 2月 04, 2014
```
Also catch #connection calls on ActiveRecord::Base
```
  0c37f7de
- J
  
  Also catch #connection calls on ActiveRecord::Base · f98e58e7
  由 Justin Collins 提交于 2月 04, 2014
  
  f98e58e7
- J
  Merge pull request #438 from presidentbeef/check_db_connection_for_sqli · 21201d49
  由 Justin 提交于 2月 04, 2014
```
Expand methods checked for SQLi significantly
```
  21201d49
04 2月, 2014 1 次提交
- J
  Expand methods checked for SQLi significantly · 6b816158
  由 Justin Collins 提交于 1月 30, 2014
```
include methods on #connection and delete_all/destroy_all
Fixes #434
```
  6b816158