Bump brakeman from 6.2.1 to 6.2.2 (#675)

rsmithlal · web-flow · commit 13b62f9ac3a6 · 2024-10-30T21:35:59.000-02:30
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 6.2.1 to 6.2.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/presidentbeef/brakeman/releases">brakeman's releases</a>.</em></p> <blockquote> <h2>6.2.2</h2> <ul> <li>New end-of-support dates for Rails</li> <li>Revamp command injection detection in <code>pipeline*</code> calls (<a href="https://redirect.github.com/presidentbeef/brakeman/issues/1862">#1862</a>)</li> <li>Exclude more native gems from vendored gems in <code>brakeman</code> gem (<a href="https://redirect.github.com/presidentbeef/brakeman/issues/1869">#1869</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md">brakeman's changelog</a>.</em></p> <blockquote> <h1>6.2.2 - 2024-10-15</h1> <ul> <li>Ignore more native gems when building gem</li> <li>Revamp command injection in <code>pipeline*</code> calls</li> <li>New end-of-support dates for Rails</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/presidentbeef/brakeman/commit/0aeceda0783176d43f44a5f0962f5ebfdee508f3"><code>0aeceda</code></a> Bump to 6.2.2</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/43612a65f565d271a996ceef4d8bae7c4b970bca"><code>43612a6</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/1872">#1872</a> from presidentbeef/more_native_gems_to_ignore</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/2ece3b4be629c1b4805adb735ed0aef8f0dde02d"><code>2ece3b4</code></a> Update CHANGES</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/72df013b9474daf0ce4bf532cd6a99898697ed56"><code>72df013</code></a> Ignore more native gems when building gem</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/e4f49f64d263f8001bac62eec182ad417152776d"><code>e4f49f6</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/1868">#1868</a> from presidentbeef/revamp_pipeline_check</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/9e8cd798144131cf572fb52be7c0b2359f1acbb6"><code>9e8cd79</code></a> Revamp command injection in <code>pipeline*</code> calls</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/f99539b5b27e176b9146a87bd2ed60043f2deaf5"><code>f99539b</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/1865">#1865</a> from presidentbeef/update_eol_dates_for_rails</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/1713d5fd903787a4c4f70a8c5a3c575cb9f584ff"><code>1713d5f</code></a> Remove Gitter link from README</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/c25fcae4638e135c3418dc24a3e1e90d20d60608"><code>c25fcae</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/1864">#1864</a> from presidentbeef/fix_docker_once_more</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/8da2a28b71072bfd2e75aa7f92950f72b08617fe"><code>8da2a28</code></a> New end-of-support dates for Rails</li> <li>Additional commits viewable in <a href="https://github.com/presidentbeef/brakeman/compare/v6.2.1...v6.2.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=brakeman&package-manager=bundler&previous-version=6.2.1&new-version=6.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -185,7 +185,7 @@ GEM
     bootstrap (5.3.3)
       autoprefixer-rails (>= 9.1.0)
       popper_js (>= 2.11.8, < 3)
-    brakeman (6.2.1)
+    brakeman (6.2.2)
       racc
     builder (3.3.0)
     bundler-audit (0.9.2)
