Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency brakeman to v7 #195

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update dependency brakeman to v7 #195

wants to merge 1 commit into from
+1 −1

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Dec 31, 2024

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
brakeman (source, changelog) 6.2.2 -> 7.0.0 age adoption passing confidence

Release Notes

presidentbeef/brakeman (brakeman)

v7.0.0

Compare Source

  • Always warn about deserializing from Marshal
  • Output originalBaseUriIds for SARIF format report
  • Default to using Prism parser if available (disable with --no-prism)
  • Update terminal-table version to use latest
  • Update eval check to be a little noisier
  • Fix array/hash unknown index handling
  • Disable following symbolic links by default, re-enable with --follow-symlinks
  • Add step (and timing) for finding files
  • Add CSV library as explicit dependency for Ruby 3.4 support
  • Major changes to how rescanning works
  • Raise minimum Ruby version to 3.1
  • Fix hardcoded globally excluded paths
  • Remove updated entry in Brakeman ignore files (Toby Hsieh)
  • Fix recursion when handling multiple assignment expressions

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from a team as a code owner December 31, 2024 06:59
@renovate renovate bot force-pushed the renovate/brakeman-7.x-lockfile branch from 4634754 to b7762f5 Compare December 31, 2024 13:11
@renovate renovate bot force-pushed the renovate/brakeman-7.x-lockfile branch from b7762f5 to 4cab383 Compare January 7, 2025 14:38
@github-actions GitHub Actions
Copy link

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 24 hours if no further activity occurs.
If this change is desirable, please accelerate completing it. If it is not, please close the PR. If you're blocked on something, please ensure there's a reference to this PR in a story on your team's board so the team will follow up, and consider closing the PR for now.
Please do not artificially extend the deadline with a dummy comment. If necessary, provide a status update, such as "this change is being actively tested".
Thank you for your contributions and your collaboration in reducing WIP and cycle time.

@github-actions github-actions bot added the Stale label Jan 12, 2025
@github-actions github-actions bot closed this Jan 14, 2025
@github-actions github-actions bot deleted the renovate/brakeman-7.x-lockfile branch January 14, 2025 19:31
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Jan 14, 2025

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update. You will not get PRs for any future 7.x releases. But if you manually upgrade to 7.x then Renovate will re-enable minor and patch updates automatically.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.

@c-gerke c-gerke restored the renovate/brakeman-7.x-lockfile branch January 14, 2025 19:38
@c-gerke c-gerke reopened this Jan 14, 2025
@c-gerke c-gerke added dependencies Pull requests that update a dependency file and removed Stale labels Jan 14, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@derricklannaman derricklannaman

Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@derricklannaman @c-gerke