Skip to content

Bump brakeman from 8.0.2 to 8.0.4#990

Merged
benmelz merged 2 commits intomainfrom
dependabot/bundler/brakeman-8.0.4
Feb 27, 2026
Merged

Bump brakeman from 8.0.2 to 8.0.4#990
benmelz merged 2 commits intomainfrom
dependabot/bundler/brakeman-8.0.4

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 27, 2026

Bumps brakeman from 8.0.2 to 8.0.4.

Release notes

Sourced from brakeman's releases.

8.0.3

  • Add release age option for --ensure-latest (#1989)
  • Fix polymorphic_name SQLi false positive (Fredrico Franco)
  • Fix logger behavior when loading config files (#2009)
  • Handle application names with module prefixes (#2011)
Changelog

Sourced from brakeman's changelog.

8.0.4 - 2026-02-26

  • Load 'date' library for --ensure-latest

8.0.3 - 2026-02-26

  • Fix polymorphic_name SQLi false positive (Fredrico Franco)
  • Fix logger behavior when loading config files
  • Handle application names with module prefixes
  • Add release age option for --ensure-latest
Commits
  • 2e55d45 Bump to 8.0.4
  • d6c6c9a Merge pull request #2016 from presidentbeef/fix-ensure-latest-date
  • 56f9324 Load 'date' for --ensure-latest
  • 8b644a6 Bump to 8.0.3
  • 08e0a18 Update CHANGES
  • a29fe44 Merge pull request #2014 from FFederi/fix-polymorphic-name-false-positive
  • 61150cf Fix polymorphic_name false positive
  • f65d077 Merge pull request #2013 from presidentbeef/better_logger_loading_options
  • c5dcda5 Fix logger behavior when loading config files
  • c1d7ccc Merge pull request #2012 from presidentbeef/handle_application_config_better
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump brakeman from 8.0.2 to 8.0.4
6fcd9ff 
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 8.0.2 to 8.0.4.
- [Release notes](https://github.com/presidentbeef/brakeman/releases)
- [Changelog](https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md)
- [Commits](presidentbeef/brakeman@v8.0.2...v8.0.4)

---
updated-dependencies:
- dependency-name: brakeman
  dependency-version: 8.0.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Feb 27, 2026
@benmelz benmelz merged commit 81b2ace into main Feb 27, 2026
4 checks passed
@dependabot dependabot bot deleted the dependabot/bundler/brakeman-8.0.4 branch February 27, 2026 15:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@benmelz benmelz benmelz approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@benmelz