- Added a new query,
rb/insecure-dependency. The query finds cases where Ruby gems may be downloaded over an insecure communication channel. - Added a new query,
rb/weak-cryptographic-algorithm. The query finds uses of cryptographic algorithms that are known to be weak, such as DES. - Added a new query,
rb/http-tainted-format-string. The query finds cases where data from remote user input is used in a string formatting method in a way that allows arbitrary format specifiers to be inserted. - Added a new query,
rb/http-to-file-access. The query finds cases where data from remote user input is written to a file. - Added a new query,
rb/incomplete-url-substring-sanitization. The query finds instances where a URL is incompletely sanitized due to insufficient checks.