Highlights

• Further OWASP Top 10 coverage on both Ruby and JavaScript
• Fix some false positives notably #673 and #675

Changelog

• b978e905 chore(deps): bump github.com/aws/aws-sdk-go from 1.44.204 to 1.44.209 (#669)
• 44cad85c chore(deps): bump github.com/open-policy-agent/opa from 0.49.0 to 0.49.2 (#668)
• cb333813 chore(deps): bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#670)
• 84fd36b5 chore(deps): bump github.com/weppos/publicsuffix-go from 0.20.0 to 0.30.0 (#671)
• ee20cb9c chore(deps): bump github.com/zricethezav/gitleaks/v8 from 8.15.3 to 8.16.0 (#672)
• 8bbf6bc1 chore: fix open redirect snapshot (#653)
• 92ef2f96 docs(action): update links and version of github action (#677)
• 5031541f docs(fix): readme broken link (#681)
• 4efef6bd docs(rename): readme updates (#620)
• b0adc931 docs(update): Updating documentation (#663)
• a8606c4d feat(JS rules): Add CWE 89 SQL injection rule for AWS lambda (#655)
• b49b54ae feat(JS rules): add CWE-78 AWS OS command injection (#661)
• 83b946d4 feat(JS rules): add express rule for UI redress / clickjacking (#651)
• c0d3f29a feat(JS rules): express sendFile with request data (#622)
• 8f94547d feat(javascript rule): hardcoded string support (#678)
• f018419f feat(ruby rule): add rails render to path rule (#656)
• 850933a4 feat(ruby rule): add rule for exec using user input (#654)
• e1d08595 feat: add js express knex sqli rule (#662)
• fb746ef5 feat: add rule for dangerous eval (#658)
• e98d4395 feat: enrich eval user input rule (#667)
• 8c341ce1 feat: rails rule for insecure disabling callback (#657)
• ab95571f feat: update JS express rule descriptions (#660)
• 79bfd054 fix(rules): check languages in data types for missing encryption (#675)
• 3b78b05e fix(summary): fix display for summary (#680)
• 1ca0ad54 fix: fix false positives on req detection (#673)