- Added a new query,
rb/hardcoded-data-interpreted-as-code, to detect cases where hardcoded data is executed as code, a technique associated with backdoors.
- The
rb/unsafe-deserializationquery now includes alerts for user-controlled data passed toHash.from_trusted_xml, since that method can deserialize YAML embedded in the XML, which in turn can result in deserialization of arbitrary objects. - The alert message of many queries have been changed to make the message consistent with other languages.