Please sign in to comment.
Added Codesake::Dawn version 1.0.0 announcement.
- Loading branch information...
Showing with 40 additions and 1 deletion.
|@@ -0,0 +1,40 @@|
|+After 9 months of development, it's now time for Codesake::Dawn security source|
|+code scanner first major release.|
|+Codesake::Dawn is a static analysis security scanner for ruby written web applications.|
|+It supports [Sinatra](http://www.sinatrarb.com),|
|+[Padrino](http://www.padrinorb.com) and [Ruby on Rails](http://rubyonrails.org)|
|+Version 1.0 introduces 142 security checks against public bulletins since 2006,|
|+you can use to check the vulnerabilities introduced by third party libraries|
|+your web application include in its Gemfile.|
|+Writing safe code it's important, but sometimes security issues are introduced|
|+by third party code your application relies on. As example, consider a SQL|
|+Injection vulnerability introduced by Ruby on Rails framework. Despite the|
|+effort you spend in sanitize inputs, your web application inherits the|
|+vulnerability suffering as well. An attacker can easily exploit it and break|
|+into your database unless you upgrade the offended gem.|
|+There is a comprehensive set of command line flags you can read more by issuing|
|+```dawn -h``` flag or by reading [project README](https://github.com/codesake/codesake-dawn/raw/master/README.md) file.|
|+The list of security checks included in version 1.0.0 can be found online at:|
|+You can use [facilities provided by|
|+github](https://github.com/codesake/codesake-dawn/issues) to submit bug|
|+reports, product enhancements, new security checks you want to me to add in|
|+future releases and even success stories.|
|+Now it's time for you to install Codesake::Dawn version 1.0.0 with the|
|+following command and start reviewing your code for security issues:|
|+$ gem install codesake-dawn|
|+You can find the announcement on the web here: [http://dawn.codesake.com/blog/announce-codesake-dawn-v1-0-0-released/](http://dawn.codesake.com/blog/announce-codesake-dawn-v1-0-0-released/)|
|+Paolo - email@example.com|