Brakeman Pro is a static analysis tool which checks Ruby on Rails applications for security vulnerabilities.
Brakeman Pro Version: 3.7.0
To enable Brakeman Pro analysis, add the following to your
.codeclimate.yml configuration file:
engines brakeman-pro enabledtrue
It is also necessary to include a Brakeman Pro license file in the top directory of the project.
Read here for more information about obtaining a Brakeman Pro license.
Instead of editing the configuration file, you can also enable the engine via the CLI with
codeclimate engines:enable brakeman-pro. This will create a default configuration file for you if you don't already have one.
More information about the CLI is available in the README here: https://github.com/codeclimate/codeclimate.
The Brakeman Pro engine supports Brakeman configuration files (and ignore files) as described in the Brakeman documentation.
It is also possible to rename the license file or specify a custom location for the license file instead of keeping it in the top directory.
engines brakeman-pro enabledtrue config license_fileconfig/.bmp.license
To learn more about the Brakeman Pro engine, please visit the official site.