Skip to main content
Brakeman is a static analysis tool which checks Ruby on Rails applications for security vulnerabilities. It scans your application’s code for potential security issues and provides detailed reports about any vulnerabilities it finds.

​
Supported Files

Brakeman will run on files with the following extensions:
  • Gemfile
  • *.rb
  • *.erb

​
When we skip Brakeman

CodeRabbit will skip running Brakeman when:
  • No Rails files are found in the pull request.
  • Brakeman is already running in GitHub workflows.

​
Features

Brakeman can detect many critical vulnerabilities such as:
  • SQL injection
  • Cross-site scripting (XSS)
  • Mass assignment
  • Remote code execution
  • And many more security vulnerabilities
  • Out of date package versions
  • Etc