As mentioned previously, Brakeman 3.1.0 contains some changes which may cause things to break. Please read the release post carefully!
Note this release has dependencies which do not support Ruby 1.8. If you *really* need to run Brakeman with Ruby 1.8, the brakeman-min gem should work. This does *not* mean you cannot analyze apps that run on Ruby 1.8. Changes since 3.0.5: * Update dependencies to Ruby 1.8 incompatible versions * Update render path information in JSON reports * Remove renaming of several Sexp nodes * Treat html_safe like raw * Use railties version if rails gem is missing (Lucas Mazza) * Warn about unverified SSL mode in Net::HTTP.start * Expand XSS safe methods * Avoid warning on path creation methods in link_to * Add support for gems.rb/gems.locked * Fix low confidence XSS warning code * Avoid duplicate eval warnings * Convert YAML config keys to symbols (Karl Glaser) Please see the release post for more details: http://brakemanscanner.org/blog/2015/08/30/brakeman-3-dot-1-0-released/
