Brakeman detects security vulnerabilities in Ruby on Rails applications via static analysis.
Used 94 times
V
Viktor Schmidt
Usage
Run this command in your Rails app directory in the terminal:
rails app:template LOCATION="https://railsbytes.com/script/XnJsQ5"
Template Source
Review the code before running this template on your machine.
def do_bundle
Bundler.with_unbundled_env { run "bundle install" }
end
def print_green(heredoc)
puts set_color heredoc, :green
end
def print_yellow(heredoc)
puts set_color heredoc, :yellow
end
def do_commit
git :init
git add: "."
Bundler.with_unbundled_env { git commit: " -m 'Add Brakeman static analysis tool' " }
end
def puts_usage
say "\nUsage:"
say "`bin/brakeman -Aq`"
end
say "\nApplying Brakeman static analysis tool..."
if Rails.version < "7.2"
inject_into_file 'Gemfile', after: 'group :development, :test do' do
<<-RUBY
# Static analysis for security vulnerabilities [https://brakemanscanner.org/]
gem "brakeman", require: false
RUBY
end
do_bundle
run "bundle binstubs brakeman"
end
run "bin/brakeman -AI"
say "\nAdding documentation for developers..."
create_file "docs/security.md", "# Security\n" unless File.exist? "docs/security.md"
append_file "docs/security.md" do
<<~EOF
## Brakeman
[Brakeman](https://rubygems.org/gems/brakeman) detects security vulnerabilities in Ruby on Rails applications via static analysis.
`$ bin/brakeman -AI`
EOF
end
do_commit
print_green "\nAdded Brakeman successfully!"
print_yellow "\nNotice: Brakeman is under Public Use License only! See https://github.com/rails/rails/issues/51195."
puts_usage
Comments
Viktor Schmidt
Included by default in Rails 8, see https://github.com/rails/rails/pull/50507
Viktor Schmidt