Brakeman
Brakeman is an open-source security tool designed to analyze Ruby on Rails applications for potential security vulnerabilities. As a static analysis tool, Brakeman scans the application's source code to identify common security issues, such as SQL injection, cross-site scripting (XSS), and other vulnerabilities. RubyMine supports running Brakeman as an inspection and displays analysis results in a user-friendly format.
Install Brakeman
Add the brakeman gem (version 5.0.0 or later) to your Gemfile.
Run Brakeman
In the main menu, go to or press Ctrl+Alt+Shift+I.
In the popup, start typing
Brakemanand select the needed inspection from the drop-down list.
Configure the inspection scope.
If necessary, configure Brakeman warnings in the Inspection Options section:
Confidence level: specify the minimum level of warnings to report, where Weak includes all warnings and High includes only severe warnings.
Weak/Medium/High: configure how warnings of a particular level are presented in RubyMine. Brakeman's confidence levels are mapped to RubyMine's severity levels directly.
Click OK to run the inspection.
Examine Brakeman analysis results
RubyMine opens inspection results in the Problems tool window.
RubyMine shows the code chunk, file, and details of the found weaknesses and provides links to the dedicated topics in the Brakeman documentation.
Use the Ignore button to ignore a specific warning and add it to the brakeman.ignore file. If you don't have such a file in your project yet, RubyMine will create it automatically.
Use the Skip checks of this type button to skip all warnings of the current type and stop checking them when running the Brakeman inspection. RubyMine will add the necessary configuration to the brakeman.yml file. If you don't have such a file in your project yet, RubyMine will create it automatically.