Skip to content
/ pronto-brakeman Public
forked from prontolabs/pronto-brakeman

Pronto runner for Brakeman, security vulnerability scanner for RoR

License

MIT license
0 stars 35 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

storypark/pronto-brakeman

BranchesTags
 
 

Repository files navigation

Pronto runner for Brakeman

Code Climate Build Status Gem Version

Pronto runner for Brakeman, security vulnerability scanner for RoR. What is Pronto?

Severity mapping

Brakeman Confidence is mapped to severity levels on the messages generated by Pronto. High confidence maps to fatal, medium confidence maps to warning, and low confidence maps to info.

Options

Brakeman also includes some optional checks and by setting the following in your .pronto.yml you can run every check included in the gem:

Running in a Subdirectory

brakeman:
  path: "some_folder/"

Run all checks

brakeman:
  run_all_checks: true

(This is the equivalent of running brakeman -A on the command line.)

Ignore file

brakeman:
  ignore_file: '.brakeman'

(This is the equivalent of running brakeman -i IGNOREFILE on the command line.)

Extra Brakeman configuration

You can define additional Brakeman configuration by creating a config/brakeman.yml file. This file will be automatically loaded by Brakeman.

For example, if you want to run Brakeman with the following options brakeman --run-all-checks --rails6 --branch-limit -1 you can use the --create-config flag to generate the config/brakeman.yml file, and it will look something like this:

---
:run_all_checks: true
:rails3: true
:rails4: true
:rails5: true
:rails6: true
:branch_limit: -1

About

Pronto runner for Brakeman, security vulnerability scanner for RoR

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Ruby 100.0%