New analysis engine: Brakeman Pro 🚂
Today, we’re excited to announce the release of the Brakeman Pro analysis engine.
Brakeman Pro is the commercial version of the Brakeman vulnerability scanner (also available as a Code Climate engine), providing deeper analysis, more in-depth feedback, and greater customization of your Ruby on Rails security scan.
Already available in desktop and Ruby gem versions, the Brakeman Pro engine lets you easily automate in-depth source code security scans as part of your Code Climate analysis.
To enable the Brakeman Pro engine for your project, you’ll need to include a Brakeman Pro license file in the top directory of the project. Check out the Brakeman Pro docs for more information about obtaining a license. Then add the following to your .codeclimate.yml
configuration file: ​
engines:
brakeman-pro:
enabled: true
ratings:
paths:
- "**.rb"
If you have the CLI installed, you can enable the engine with the engines:enable
command: ​
​
brew update && brew upgrade codeclimate
cd ~/my/awesome/app
codeclimate engines:enable brakeman-pro
You can try Brakeman Pro free for 14 days - just head to the official site to get started.