{"id":15792906,"url":"https://github.com/klaxit/danger-brakeman_scanner","last_synced_at":"2025-04-01T16:30:46.077Z","repository":{"id":59152704,"uuid":"250312753","full_name":"klaxit/danger-brakeman_scanner","owner":"klaxit","description":"A Danger plugin for running Ruby files through Brakeman.","archived":false,"fork":false,"pushed_at":"2020-05-28T08:28:26.000Z","size":26,"stargazers_count":5,"open_issues_count":1,"forks_count":0,"subscribers_count":11,"default_branch":"master","last_synced_at":"2024-10-11T23:20:22.532Z","etag":null,"topics":["danger-plugin","ruby","ruby-on-rails","security-scanner"],"latest_commit_sha":null,"homepage":"https://git.io/danger-brakeman_scanner","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/klaxit.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-03-26T16:31:49.000Z","updated_at":"2021-03-20T10:56:44.000Z","dependencies_parsed_at":"2022-09-13T11:00:59.305Z","dependency_job_id":null,"html_url":"https://github.com/klaxit/danger-brakeman_scanner","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/klaxit%2Fdanger-brakeman_scanner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/klaxit%2Fdanger-brakeman_scanner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/klaxit%2Fdanger-brakeman_scanner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/klaxit%2Fdanger-brakeman_scanner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/klaxit","download_url":"https://codeload.github.com/klaxit/danger-brakeman_scanner/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246620323,"owners_count":20806750,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["danger-plugin","ruby","ruby-on-rails","security-scanner"],"created_at":"2024-10-04T23:06:49.003Z","updated_at":"2025-04-01T16:30:45.834Z","avatar_url":"https://github.com/klaxit.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Danger Brakeman Plugin [![CircleCI](https://circleci.com/gh/klaxit/danger-brakeman_scanner.svg?style=shield)](https://circleci.com/gh/klaxit/danger-brakeman_scanner) [![Gem Version](https://badge.fury.io/rb/danger-brakeman_scanner.svg)](https://badge.fury.io/rb/danger-brakeman_scanner)\n\nA [Danger] plugin for [Brakeman] security static analysis.\n\n## Installation\n\nAdd this line to your application's Gemfile:\n\n```ruby\ngem \"danger-brakeman_scanner\"\n```\n\n## Usage\n\nRun Ruby files through Brakeman. A markdown table will be shown as result.\n\n```ruby\nbrakeman.run(\"my_app_path\")\n```\n\nYou can pass a list of options as well, thoses will be given as-is to brakeman\nscanner.\n\n```ruby\nbrakeman.run(app_path: \"my_app_path\", github_repo: \"klaxit/fast-polylines\")\n```\n\nThe list of all options is available below, but not that some of those won't make sense here:\n\n\u003cdetails\u003e\n\u003csummary\u003e\nhttps://github.com/presidentbeef/brakeman/blob/1eef0997f2a8a01f885d3f4908447ab20bfd0b7d/lib/brakeman.rb#L32-L67\n\u003c/summary\u003e\n\n- `:app_path` - path to root of Rails app (required)\n- `:additional_checks_path` - array of additional directories containing additional out-of-tree checks to run\n- `:additional_libs_path` - array of additional application relative lib directories (ex. app/mailers) to process\n- `:assume_all_routes` - assume all methods are routes (default: true)\n- `:check_arguments` - check arguments of methods (default: true)\n- `:collapse_mass_assignment` - report unprotected models in single warning (default: false)\n- `:combine_locations` - combine warning locations (default: true)\n- `:config_file` - configuration file\n- `:escape_html` - escape HTML by default (automatic)\n- `:exit_on_error` - only affects Commandline module (default: true)\n- `:exit_on_warn` - only affects Commandline module (default: true)\n- `:github_repo` - github repo to use for file links (user/repo[/path][@ref])\n- `:highlight_user_input` - highlight user input in reported warnings (default: true)\n- `:html_style` - path to CSS file\n- `:ignore_model_output` - consider models safe (default: false)\n- `:index_libs` - add libraries to call index (default: true)\n- `:interprocedural` - limited interprocedural processing of method calls (default: false)\n- `:message_limit` - limit length of messages\n- `:min_confidence` - minimum confidence (0-2, 0 is highest)\n- `:output_files` - files for output\n- `:output_formats` - formats for output (:to_s, :to_tabs, :to_csv, :to_html)\n- `:parallel_checks` - run checks in parallel (default: true)\n- `:parser_timeout` - set timeout for parsing an individual file (default: 10 seconds)\n- `:print_report` - if no output file specified, print to stdout (default: false)\n- `:quiet` - suppress most messages (default: true)\n- `:rails3` - force Rails 3 mode (automatic)\n- `:rails4` - force Rails 4 mode (automatic)\n- `:rails5` - force Rails 5 mode (automatic)\n- `:rails6` - force Rails 6 mode (automatic)\n- `:report_routes` - show found routes on controllers (default: false)\n- `:run_checks` - array of checks to run (run all if not specified)\n- `:safe_methods` - array of methods to consider safe\n- `:skip_libs` - do not process lib/ directory (default: false)\n- `:skip_checks` - checks not to run (run all if not specified)\n- `:absolute_paths` - show absolute path of each file (default: false)\n- `:summary_only` - only output summary section of report for plain/table (:summary_only, :no_summary, true)\n\n\u003c/details\u003e\n\n## Development\n\nAfter checking out the repo, run `bin/setup` to install dependencies. Then, run `make` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.\n\n## Contributing\n\nBug reports and pull requests are welcome on GitHub at https://github.com/klaxit/danger-brakeman_scanner. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [code of conduct].\n\n\n## License\n\nThe gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).\n\n## Code of Conduct\n\nEveryone interacting in the Danger::Brakeman project's codebases, issue trackers, chat rooms and mailing lists is expected to follow the [code of conduct].\n\n[code of conduct]: https://github.com/klaxit/danger-brakeman_scanner/blob/master/CODE_OF_CONDUCT.md\n[brakeman]: https://brakemanscanner.org/\n[danger]: https://danger.systems/ruby/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fklaxit%2Fdanger-brakeman_scanner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fklaxit%2Fdanger-brakeman_scanner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fklaxit%2Fdanger-brakeman_scanner/lists"}