https://github.com/presidentbeef/ruby-lsp-brakeman
Ruby LSP Addon for Brakeman
https://github.com/presidentbeef/ruby-lsp-brakeman
Last synced: 8 days ago
JSON representation
Ruby LSP Addon for Brakeman
- Host: GitHub
- URL: https://github.com/presidentbeef/ruby-lsp-brakeman
- Owner: presidentbeef
- Created: 2024-07-24T06:47:49.000Z (9 months ago)
- Default Branch: main
- Last Pushed: 2025-01-09T07:34:59.000Z (3 months ago)
- Last Synced: 2025-04-14T17:48:22.846Z (8 days ago)
- Language: Ruby
- Homepage:
- Size: 14.6 KB
- Stars: 4
- Watchers: 1
- Forks: 1
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Brakeman for Ruby LSP
This library enables running [Brakeman](https://brakemanscanner.org/) via [Ruby LSP](https://shopify.github.io/ruby-lsp/).
The library is in early but working stages. It has only been tested with VS Code so far.
## Installation
Add `ruby-lsp-brakeman` to your `Gemfile`:
```ruby
gem 'ruby-lsp-brakeman', require: false
```
Bundle install and restart the Ruby LSP server/extension to enable.
## In Action
Initialization output should look like this:
Display of inline warnings on hover:
Display after clicking "View Problem":
Warnings are listed as "problems" in VS Code's panel:
When files are saved, Brakeman will rescan the files and update any impacted warnings.
Note that scans are asynchronous and only one scan will run at a time. If multiple files are changed while a scan is running, they will be queued and then rescanned all together when the current scan finishes.
## Limitations
* Column numbers are not available right now, so the entire line is always reported
* Brakeman's rescanning capabilities are currently being overhauled. They work but may be a little slow (but still faster than a full scan)
* Large applications may require way too much memory for incremental scans to be useful
* Warnings may not clear if Ruby LSP crashes
* VS Code does not seem to support `CodeDescription` which can link to more information
* No tests yet, so buyer beware
## License
The gem is available as open source under the terms of the MIT License.