Brakeman is a static analysis tool which checks Ruby on Rails applications for security vulnerabilities. It scans your application’s code for potential security issues and provides detailed reports about any vulnerabilities it finds.Documentation Index
Fetch the complete documentation index at: https://docs.coderabbit.ai/llms.txt
Use this file to discover all available pages before exploring further.
Supported Files
Brakeman will run on files with the following extensions:Gemfile*.rb*.erb
When we skip Brakeman
CodeRabbit will skip running Brakeman when:- No Rails files are found in the pull request.
- Brakeman is already running in GitHub workflows.
Features
Brakeman can detect many critical vulnerabilities such as:- SQL injection
- Cross-site scripting (XSS)
- Mass assignment
- Remote code execution
- And many more security vulnerabilities
- Out of date package versions
- Etc