chore(deps): bump brakeman from 8.0.4 to 8.0.5 in /api in the ruby-dependencies group

[dependabot]

Bumps the ruby-dependencies group in /api with 1 update: brakeman.

Updates brakeman from 8.0.4 to 8.0.5

Release notes

Sourced from brakeman's releases.

8.0.5

• Add quote_schema_name to safe quote method list (changes by Zsolt Kozaroczy)
• Fix SQL injection false positive for compact_blank/compact on permitted params (changes by Arpit Jain)
• Fix inline render false positive for local named text (changes by Arpit Jain)
• Fix HAML crash on .raw calls (changes by Federico Franco)
• Fix Ruby version parsing - especially for non-CRuby versions (changes by Chris Southerland Jr)
• Fix TemplateAliasProcessor#template_name arity (changes by viralpraxis)
• Reduce false positives when using shell escaping (changes)

Changelog

Sourced from brakeman's changelog.

8.0.5 - 2026-06-12

• Add quote_schema_name to safe quote method list (Zsolt Kozaroczy)
• Fix SQL injection false positive for compact_blank/compact on permitted params (Arpit Jain)
• Fix inline render false positive for local named text (Arpit Jain)
• Fix HAML crash on .raw calls (Federico Franco)
• Fix Ruby version parsing - especially for non-CRuby versions (Chris Southerland Jr)
• Fix TemplateAliasProcessor#template_name arity (viralpraxis)
• Reduce false positives when using shell escaping

Commits

• 104443e Bump to 8.0.5
• 8e61e2a Update CHANGES
• f014c15 Merge pull request #2028 from kiskoza/fix/quote_schema_name
• 9227822 Merge pull request #2027 from arpitjain099/fix/brakeman-1915-render-partial-t...
• 6788d28 Merge pull request #2025 from arpitjain099/fix/sql-fp-compact-blank
• b7c3906 Add quote_schema_name to safe quote method list
• f95c500 test: update line number for still-warns SQL injection case after fixture shift
• 4fba779 base_processor: skip hash render-type extraction when type set positionally
• 1e63a41 Fix SQL injection false positive for compact_blank/compact on permitted params
• 7ff9e49 Merge pull request #2023 from FFederi/fix-haml-chained-raw-crash
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[netlify]

✅ Deploy Preview for giventotri canceled.

Name	Link
🔨 Latest commit	e8c7508
🔍 Latest deploy log	https://app.netlify.com/projects/giventotri/deploys/6a2d00a9f496a3000818b938