Brakeman

What is Brakeman?

Free static analysis security tool for Ruby on Rails. Zero-setup security scans for Rails applications based on source code analysis.

Brakeman is a tool in the Code Review category of a tech stack.

Brakeman Pros & Cons

Pros of Brakeman

No pros listed yet.

Cons of Brakeman

No cons listed yet.

Brakeman Integrations

ThreadFix are some of the popular tools that integrate with Brakeman. Here's a list of all 1 tools that integrate with Brakeman.

ThreadFix

Brakeman Discussions

Discover why developers choose Brakeman. Read real-world technical decisions and stack choices from the StackShare community.Showing 1 of 2 discussions.

Jerome Dalbert

Principal Backend Software Engineer at StackShare

Mar 24, 2019

Needs adviceon

GitHub

CircleCI

Code Climate

The continuous integration process for our Rails backend app starts by opening a GitHub pull request. This triggers a CircleCI build and some Code Climate checks.

The CircleCI build is a workflow that runs the following jobs:

check for security vulnerabilities with Brakeman
check code quality with RuboCop
run RSpec tests in parallel with the knapsack gem, and output test coverage reports with the simplecov gem
upload test coverage to Code Climate

Code Climate checks the following:

code quality metrics like code complexity
test coverage minimum thresholds

The CircleCI jobs and Code Climate checks above have corresponding GitHub status checks.

Once all the mandatory GitHub checks pass and the code+functionality have been reviewed, developers can merge their pull request into our Git master branch. Code is then ready to deploy!

#ContinuousIntegration

0 views0

Comments

View all 2 discussions

Brakeman Alternatives & Comparisons

What are some alternatives to Brakeman?

Jira

Jira's secret sauce is the way it simplifies the complexities of software development into manageable units of work. Jira comes out-of-the-box with everything agile teams need to ship value to customers faster.

ESLint

A pluggable and configurable linter tool for identifying and reporting on patterns in JavaScript. Maintain your code quality with ease.

Prettier

Prettier is an opinionated code formatter. It enforces a consistent style by parsing your code and re-printing it with its own rules that take the maximum line length into account, wrapping code when necessary.

TSLint

An extensible static analysis tool that checks TypeScript code for readability, maintainability, and functionality errors. It is widely supported across modern editors & build systems and can be customized with your own lint rules, configurations, and formatters.

Brakeman

What is Brakeman?

Brakeman Pros & Cons

Pros of Brakeman

Cons of Brakeman

Brakeman Integrations

Brakeman Discussions

Brakeman Alternatives & Comparisons

Jira

ESLint

Prettier

TSLint

Try It

Adoption

On StackShare

SonarQube

RuboCop

Brakeman Integrations

Brakeman Discussions

Try It

Adoption

On StackShare