Fix metaprogramming documentation issues (Issue #169) This comprehensive update addresses the confusing and incomplete metaprogramming documentation that has been open since 2014. Changes: 1. Extras:-Constantize.md (Complete rewrite) - Clearly separated constantize vulnerability from path traversal - Added three realistic attack examples (Pathname, ERB, DoS) - Explained why the old Logger example was confusing - Provided comprehensive secure code examples - Added best practices and proper whitelisting approaches 2. Extras:-Send-Method.md (New file) - Created complete documentation for send() method vulnerability - Explained how send bypasses access controls - Provided real-world attack scenarios - Showed both insecure and secure code patterns - Compared send vs public_send - Added extensive best practices 3. Extras:-Metaprogramming.md (Complete rewrite) - Transformed from single link into comprehensive overview - Added introduction to metaprogramming security risks - Listed all dangerous metaprogramming methods - Explained common attack patterns - Provided defense strategies - Added testing guidance and key takeaways These changes make the metaprogramming security documentation much clearer for learners and properly separate the different vulnerability types. Resolves: #169 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>

cktricky committed Dec 9, 2025