Today, we’re excited to announce the release of the Brakeman Pro analysis engine.
Brakeman Pro is the commercial version of the Brakeman vulnerability scanner (also available as a Code Climate engine), providing deeper analysis, more in-depth feedback, and greater customization of your Ruby on Rails security scan.
Already available in desktop and Ruby gem versions, the Brakeman Pro engine lets you easily automate in-depth source code security scans as part of your Code Climate analysis.
To enable the Brakeman Pro engine for your project, you’ll need to include a Brakeman Pro license file in the top directory of the project. Check out the Brakeman Pro docs for more information about obtaining a license. Then add the following to your
.codeclimate.yml configuration file:
engines: brakeman-pro: enabled: true ratings: paths: - "**.rb"
If you have the CLI installed, you can enable the engine with the
brew update && brew upgrade codeclimate cd ~/my/awesome/app codeclimate engines:enable brakeman-pro
You can try Brakeman Pro free for 14 days - just head to the official site to get started.