Deploying Ruby on Rails in the wild, relying on multiple gems, having multiple people interacting with the code, Rails potential security breaches. With all these combined, we’ve been looking for some solutions to increase our code quality and code security.
First, meet Brakeman gem
Brakeman is the easiest solution to implement. Just install the gem, and run
brakemanIt will produce a nice and simple output for you in the console, with all your potential vulnerabilities.
It can also be ran as a rake task, create html reports and be integrated to you CI.
Second, rails-brakeman
Rails-Brakeman is an online service that uses Github hooks to test your code on each deploy. We are not using it as we are more looking to integrate Brakeman reports within our CI suite, but it might be interesting for some.
Thrid, codeclimate
CodeClimate is more that just a security tool. It’s an all in one code quality scanner. But they also have an interesting security scanner generating reports like these:
No excuse now!
With all these fantastic valuable tools, there is no excuse now. Your code WILL be secure!
