search for: presidentbeef

Hi, I just released rails-brakeman.com, it is an online service to find security issues in your rails projects, it works based on Justin''s great gem brakeman <https://github.com/presidentbeef/brakeman>. Rails developers always write code fast, but sometimes they leave some security issues in their rails project. Do you still remember mass assignment issues from github? Using rails-brakeman service can help you find out potential security issues before pushing them on production. An...

Hello rubyonrails-core, I’ve been looking into possible changes to ActiveRecord / Arel to make it easier to write Rails applications that are free of SQL injection vulnerabilities, and in particular do so in a way that makes it easy for a code reviewer to verify that the app is safe from such bugs. The concern: ----------------- With the ActiveRecord API as is, it’s relatively easy to write