Build(deps-dev): Bump brakeman from 7.0.0 to 7.0.2 (#816)

rsmithlal · web-flow · commit ddc623b44707 · 2025-04-17T14:55:28.000-02:30
Bumps [brakeman](https://github.com/presidentbeef/brakeman) from 7.0.0 to 7.0.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/presidentbeef/brakeman/releases">brakeman's releases</a>.</em></p> <blockquote> <h2>7.0.2</h2> <ul> <li>Fix error with empty <code>BUNDLE_GEMFILE</code> env variable</li> </ul> <h2>7.0.1</h2> <ul> <li>Avoid warning on evaluation of plain strings (<a href="https://redirect.github.com/presidentbeef/brakeman/issues/1919">#1919</a>)</li> <li>Enable use of custom/alternative Gemfiles (<a href="https://redirect.github.com/presidentbeef/brakeman/issues/1840">#1840</a>, <a href="https://redirect.github.com/presidentbeef/brakeman/issues/1907">#1907</a>)</li> <li>Fix error on directory with <code>rb</code> extension (<a href="https://github.com/viralpraxis">viralpraxis</a>)</li> <li>Support <code>terminal-table</code> 4.0 (<a href="https://github.com/viralpraxis">Chedli Bourguiba</a>)</li> <li>Better support Prism 1.4.0 (<a href="https://redirect.github.com/presidentbeef/brakeman/issues/1927">#1927</a>)</li> <li>Only output timing for each file when using <code>--debug</code></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/presidentbeef/brakeman/blob/main/CHANGES.md">brakeman's changelog</a>.</em></p> <blockquote> <h1>7.0.2 - 2025-04-04</h1> <ul> <li>Fix error with empty <code>BUNDLE_GEMFILE</code> env variable</li> </ul> <h1>7.0.1 - 2025-04-03</h1> <ul> <li>Avoid warning on evaluation of plain strings</li> <li>Enable use of custom/alternative Gemfiles</li> <li>Fix error on directory with <code>rb</code> extension (viralpraxis)</li> <li>Support <code>terminal-table</code> 4.0 (Chedli Bourguiba)</li> <li>Better support Prism 1.4.0</li> <li>Only output timing for each file when using <code>--debug</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/presidentbeef/brakeman/commit/835dc2825d919ed4ec8fe2b484e086015282ff02"><code>835dc28</code></a> Bump to 7.0.2</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/c1ae1db957f6a644cda8a2e68927f6a1c6cbdb82"><code>c1ae1db</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/1932">#1932</a> from presidentbeef/fix_empty_bundle_gemfile_env</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/794414aa9196f7f6f457489c9862ea5d0f3d452a"><code>794414a</code></a> Fix issue with empty BUNDLE_GEMFILE env variable</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/bcef7ffe210e0f8995e0be0aaf09e8c6a619dd33"><code>bcef7ff</code></a> Bump to 7.0.1</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/1d9884f38c88b88f4635fcdd69bcdbecbc451334"><code>1d9884f</code></a> Update CHANGES</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/9f920855707db246cdcb2cd7f76c529e52cf4005"><code>9f92085</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/1917">#1917</a> from chaadow/patch-2</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/c8eb7c172ee41d43515f3598c882529b40989eb0"><code>c8eb7c1</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/1928">#1928</a> from presidentbeef/fix_prism_frozen_strings</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/543aca577e8119588b80021bb11db1a0187f53cd"><code>543aca5</code></a> Merge pull request <a href="https://redirect.github.com/presidentbeef/brakeman/issues/1920">#1920</a> from presidentbeef/eval_with_known_strings</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/1af70b28d6874d9241ea7d2e1fef3368e9253e81"><code>1af70b2</code></a> Frozen string in string concatenation</li> <li><a href="https://github.com/presidentbeef/brakeman/commit/167e228ae628c9b5b8da46e2f2c61ffee5afd5fa"><code>167e228</code></a> Frozen string in WeakRSAKey check</li> <li>Additional commits viewable in <a href="https://github.com/presidentbeef/brakeman/compare/v7.0.0...v7.0.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=brakeman&package-manager=bundler&previous-version=7.0.0&new-version=7.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -203,7 +203,7 @@ GEM
     bootstrap (5.3.3)
       autoprefixer-rails (>= 9.1.0)
       popper_js (>= 2.11.8, < 3)
-    brakeman (7.0.0)
+    brakeman (7.0.2)
       racc
     builder (3.3.0)
     bundler-audit (0.9.2)
