Brakeman 1.6.0 is out! Ruport is gone, JSON reports have changed, scans can be compared, and scanning should be just a little bit faster.
Changes since 1.5.3: * Remove the Ruport dependency (Neil Matatall) * Add more informational JSON output (Neil Matatall) * Add comparison to previous JSON report (Neil Matatall) * Add highlighting of dangerous values in HTML/text reports * Model#update_attribute should not raise mass assignment warning (Dave Worth) * Don’t check find_by_* method for SQL injection * Fix duplicate reporting of mass assignment and SQL injection * Fix rescanning of deleted files * Properly check for rails_xss in Gemfile Please see the release post for full details: http://brakemanscanner.org/blog/2012/04/20/brakeman-1-dot-6-released/