labml
labml copied to clipboard
labmlai
Add option to exclude "updated" in brakeman.ignore
The "updated" entry in brakeman.ignore is prone to merge conflicts, so I'm adding an option that allows users to omit it.
Hi there :wave:, @dryrunsecurity here, below is a summary of our analysis and findings.
| DryRun Security | Status | Findings |
|---|---|---|
| Secrets Analyzer (beta) | :white_check_mark: | 0 findings |
| Authn/Authz Analyzer | :white_check_mark: | 0 findings |
| Configured Codepaths Analyzer | :white_check_mark: | 0 findings |
| Sensitive Files Analyzer | :white_check_mark: | 0 findings |
[!Note] :green_circle: Risk threshold not exceeded.
[!Tip] Get answers to your security questions. Add a comment in this PR starting with @dryrunsecurity. For example...
@dryrunsecurity What are common security issues with web application cookies?
Powered by DryRun Security
![dryrunsecurity[bot] avatar](https://avatars.githubusercontent.com/in/377039?v=4 "Published by a pub.dev verified publisher"){kind=small}
I'm actually tempted to drop the timestamp altogether instead of adding a very specific option.
I'm actually tempted to drop the timestamp altogether instead of adding a very specific option.
That seems reasonable. I only implemented an option because removing the timestamp altogether breaks compatibility, but I'm not sure if anyone really relies on the updated entry in brakeman.ignore.
I opened a pull request to drop the updated entry altogether at https://github.com/presidentbeef/brakeman/pull/1860