Brakeman is an open-source security tool designed to analyze Ruby on Rails applications for potential security vulnerabilities. As a static analysis tool, Brakeman scans the application's source code to identify common security issues, such as SQL injection, cross-site scripting (XSS), and other vulnerabilities. RubyMine supports running Brakeman as an inspection and displays analysis results in a user-friendly format.
Add the brakeman gem (version 5.0.0 or later) to your Gemfile.
In the main menu, go toor press Control+Alt+Shift+I.
In the popup, start typing
Brakemanand select the needed inspection from the drop-down list.
If necessary, configure Brakeman warnings in the Inspection Options section:
Confidence level: specify the minimum level of warnings to report, where Weak includes all warnings and High includes only severe warnings.
Click OK to run the inspection.
Examine Brakeman analysis results
RubyMine opens inspection results in the Problems tool window.
RubyMine shows the code chunk, file, and details of the found weaknesses and provides links to the dedicated topics in the Brakeman documentation.
Use the Ignore button to ignore a specific warning and add it to the brakeman.ignore file. If you don't have such a file in your project yet, RubyMine will create it automatically.
Use the Skip checks of this type button to skip all warnings of the current type and stop checking them when running the Brakeman inspection. RubyMine will add the necessary configuration to the brakeman.yml file. If you don't have such a file in your project yet, RubyMine will create it automatically.