RubyMine 2023.3 Help

Brakeman

Brakeman is an open-source security tool designed to analyze Ruby on Rails applications for potential security vulnerabilities. As a static analysis tool, Brakeman scans the application's source code to identify common security issues, such as SQL injection, cross-site scripting (XSS), and other vulnerabilities. RubyMine supports running Brakeman as an inspection and displays analysis results in a user-friendly format.

Install Brakeman

  1. Add the brakeman gem (version 5.0.0 or later) to your Gemfile.

  2. Install the gem to your project SDK.

Run Brakeman

  1. In the main menu, go to Code | Analyze Code | Run Inspection by Name… or press Control+Alt+Shift+I.

  2. In the popup, start typing Brakeman and select the needed inspection from the drop-down list.

    Run the Brakeman inspection
  3. Configure the inspection scope.

    If necessary, configure Brakeman warnings in the Inspection Options section:

    • Confidence level: specify the minimum level of warnings to report, where Weak includes all warnings and High includes only severe warnings.

    • Weak / Medium / High: configure how warnings of a particular level are presented in RubyMine. Brakeman's confidence levels are mapped to RubyMine's severity levels directly.

    Configure Warning options
  4. Click OK to run the inspection.

Examine Brakeman analysis results

RubyMine opens inspection results in the Problems tool window.

Brakeman analysis results

RubyMine shows the code chunk, file, and details of the found weaknesses and provides links to the dedicated topics in the Brakeman documentation.

  • Use the Ignore button to ignore a specific warning and add it to the brakeman.ignore file. If you don't have such a file in your project yet, RubyMine will create it automatically.

  • Use the Skip checks of this type button to skip all warnings of the current type and stop checking them when running the Brakeman inspection. RubyMine will add the necessary configuration to the brakeman.yml file. If you don't have such a file in your project yet, RubyMine will create it automatically.

Last modified: 27 December 2023