prontolabs/pronto-brakeman

# Pronto runner for Brakeman

[![Code Climate](https://codeclimate.com/github/prontolabs/pronto-brakeman.png)](https://codeclimate.com/github/prontolabs/pronto-brakeman)
[![Build Status](https://github.com/prontolabs/pronto-brakeman/actions/workflows/checks.yml/badge.svg)](https://github.com/prontolabs/pronto-brakeman/actions/workflows/checks.yml)
[![Gem Version](https://badge.fury.io/rb/pronto-brakeman.png)](http://badge.fury.io/rb/pronto-brakeman)

Pronto runner for [Brakeman](https://github.com/presidentbeef/brakeman), security vulnerability scanner for RoR. [What is Pronto?](https://github.com/prontolabs/pronto)

## Severity mapping

Brakeman [Confidence](https://github.com/presidentbeef/brakeman#confidence-levels) is mapped to severity levels on the
messages generated by Pronto. High confidence maps to fatal, medium confidence maps to warning, and low confidence maps
to info.

# Options
Brakeman also includes some optional checks and by setting the following in your `.pronto.yml` you can run every check included in the gem:

## Run all checks

```yaml
brakeman:
  run_all_checks: true
```

(This is the equivalent of running `brakeman -A` on the command line.)

## Ignore file

```yaml
brakeman:
  ignore_file: '.brakeman'
```

(This is the equivalent of running `brakeman -i IGNOREFILE` on the command line.)