Updates Brakeman CI configuration to skip "low confidence" warnings. The only goal of this change is to unblock other in-flight PRs, which are having their builds go red due to such low-level warnings (see e.g. https://github.com/doubleunion/arooo/pull/763)
This PR also:
updates Ruby to the latest 2.x version
updates the Gemfile to refer to the .ruby-version file, instead of maintaining two separate copies of the Ruby version string
updates the Brakeman gem itself
On a higher-level note:
I don't know if the Brakeman checks are desirable at this point -- they are a good reminder to update things, but also maybe get in the way of the little development that happens on this repo? I don't have a strong opinion either way.
At some point soon-ish it would be good to upgrade to Ruby 3.x, but that will be a slightly larger task than this here minor version update.
Updates Brakeman CI configuration to skip "low confidence" warnings. The only goal of this change is to unblock other in-flight PRs, which are having their builds go red due to such low-level warnings (see e.g. https://github.com/doubleunion/arooo/pull/763)
This PR also:
.ruby-version
file, instead of maintaining two separate copies of the Ruby version stringOn a higher-level note: