Browse files

Added Codesake::Dawn version 1.0.0 announcement.

  • Loading branch information...
1 parent 464af24 commit ba0afea87c502ed79944409c50a2d3f08fbadbdf @thesp0nge committed Jan 21, 2014
Showing with 40 additions and 1 deletion.
  1. +0 −1 .gitignore
  2. +40 −0 doc/dawn_1_0_announcement.md
View
1 .gitignore
@@ -10,7 +10,6 @@ Gemfile.lock
InstalledFiles
_yardoc
coverage
-doc/
lib/bundler/man
pkg
rdoc
View
40 doc/dawn_1_0_announcement.md
@@ -0,0 +1,40 @@
+After 9 months of development, it's now time for Codesake::Dawn security source
+code scanner first major release.
+
+Codesake::Dawn is a static analysis security scanner for ruby written web applications.
+It supports [Sinatra](http://www.sinatrarb.com),
+[Padrino](http://www.padrinorb.com) and [Ruby on Rails](http://rubyonrails.org)
+frameworks.
+
+Version 1.0 introduces 142 security checks against public bulletins since 2006,
+you can use to check the vulnerabilities introduced by third party libraries
+your web application include in its Gemfile.
+
+Writing safe code it's important, but sometimes security issues are introduced
+by third party code your application relies on. As example, consider a SQL
+Injection vulnerability introduced by Ruby on Rails framework. Despite the
+effort you spend in sanitize inputs, your web application inherits the
+vulnerability suffering as well. An attacker can easily exploit it and break
+into your database unless you upgrade the offended gem.
+
+There is a comprehensive set of command line flags you can read more by issuing
+```dawn -h``` flag or by reading [project README](https://github.com/codesake/codesake-dawn/raw/master/README.md) file.
+
+The list of security checks included in version 1.0.0 can be found online at:
+[http://dawn.codesake.com/knowledge-base](http://dawn.codesake.com/knowledge-base).
+
+You can use [facilities provided by
+github](https://github.com/codesake/codesake-dawn/issues) to submit bug
+reports, product enhancements, new security checks you want to me to add in
+future releases and even success stories.
+
+Now it's time for you to install Codesake::Dawn version 1.0.0 with the
+following command and start reviewing your code for security issues:
+
+```
+$ gem install codesake-dawn
+```
+
+You can find the announcement on the web here: [http://dawn.codesake.com/blog/announce-codesake-dawn-v1-0-0-released/](http://dawn.codesake.com/blog/announce-codesake-dawn-v1-0-0-released/)
+Enjoy it!
+Paolo - paolo@codesake.com

0 comments on commit ba0afea

Please sign in to comment.