chore(deps): update dependency brakeman to v6.2.1

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
brakeman (source, changelog)	'6.1.2' -> '6.2.1'

---

Release Notes

presidentbeef/brakeman (brakeman)

v6.2.1

Just a packaging fix for brakeman.gem

v6.2.0

• Add --show-ignored option (Gabriel Zayas)
• Add optional support for Prism parser
• Warn about unscoped finds with find_by!
• Treat ::X and X the same, for now (Jill Klang)
• Fix compatibility with default frozen string literals (Jean Boussier)
• Remediation advice for command injection (Nicholas Barone)
• Fix Ruby warnings in test suite (Jean Boussier)
• Support YAML aliases in secret configs (Chedli Bourguiba)
• Add initial Rails 8 support (Ron Shinall)
• Handle mass assignment with splats
• Add support for symbolic links (Lu Zhu)

---

Configuration

📅 Schedule: Branch creation - "* 0-4 * * 3" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

[puLL-Merge] - presidentbeef/[email protected]

Here's my review of the pull request:

Description

This PR introduces several updates and new features to the Brakeman gem:

1. Added support for Rails 8
2. Implemented a new --show-ignored option
3. Added support for the Prism parser
4. Enhanced warning detection for unscoped finds with find_by!
5. Improved handling of symbolic links
6. Updated dependencies and compatibility fixes

Changes

Changes

1. .circleci/config.yml:

   • Updated Ruby options for running tests

2. CHANGES.md:

   • Added changelog entries for versions 6.2.0 and 6.2.1

3. Dockerfile:

   • Updated base image to Ruby 3.3-alpine

4. OPTIONS.md and README.md:

   • Added documentation for the new --show-ignored option

5. build.rb:

   • Excluded 'strscan' from unshifted directories

6. gem_common.rb:

   • Updated dependencies and added 'csv' as a development dependency

7. lib/brakeman.rb:

   • Added show_ignored option to default options

8. lib/brakeman/app_tree.rb:

   • Implemented support for symbolic links in file globbing

9. lib/brakeman/checks/check_session_settings.rb:

   • Added support for YAML aliases in secrets config

10. lib/brakeman/checks/check_unscoped_find.rb:

    • Added find_by! to the list of checked methods

11. lib/brakeman/file_parser.rb:

    • Added optional support for the Prism parser

12. lib/brakeman/options.rb:

    • Added options for Rails 8 and Prism parser support

13. lib/brakeman/parsers/erubis_patch.rb:

    • Added patch for Erubis compatibility with frozen string literals

14. Various test files:

    • Updated and added tests for new features and Rails 8 support

Possible Issues

• The introduction of the Prism parser as an optional feature may lead to inconsistencies in parsing results between different environments or configurations.

Security Hotspots

None identified. The changes appear to enhance security by improving warning detection and adding support for newer Rails versions.