← Back to changelog

New analysis engine: Brakeman Pro 🚂

Today, we’re excited to announce the release of the Brakeman Pro analysis engine.

Brakeman Pro is the commercial version of the Brakeman vulnerability scanner (also available as a Code Climate engine), providing deeper analysis, more in-depth feedback, and greater customization of your Ruby on Rails security scan.

Already available in desktop and Ruby gem versions, the Brakeman Pro engine lets you easily automate in-depth source code security scans as part of your Code Climate analysis.

To enable the Brakeman Pro engine for your project, you’ll need to include a Brakeman Pro license file in the top directory of the project. Check out the Brakeman Pro docs for more information about obtaining a license. Then add the following to your .codeclimate.yml configuration file: ​

    engines:
        brakeman-pro:
            enabled: true
    ratings:
        paths:
        - "**.rb"

If you have the CLI installed, you can enable the engine with the engines:enable command: ​ ​

   brew update && brew upgrade codeclimate
   cd ~/my/awesome/app
   codeclimate engines:enable brakeman-pro

You can try Brakeman Pro free for 14 days - just head to the official site to get started.

Actionable metrics for engineering leaders. Try Velocity Free