> ## Documentation Index
> Fetch the complete documentation index at: https://docs.coderabbit.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Brakeman

> CodeRabbit's guide to Brakeman.

[Brakeman](https://brakemanscanner.org/) is a static analysis tool which checks Ruby on Rails applications for security vulnerabilities. It scans your application's code for potential security issues and provides detailed reports about any vulnerabilities it finds.

## Supported Files

Brakeman will run on files with the following extensions:

* `Gemfile`
* `*.rb`
* `*.erb`

## When we skip Brakeman

CodeRabbit will skip running Brakeman when:

* No Rails files are found in the pull request.
* Brakeman is already running in GitHub workflows.

## Features

Brakeman can detect many critical vulnerabilities such as:

* SQL injection
* Cross-site scripting (XSS)
* Mass assignment
* Remote code execution
* And many more security vulnerabilities
* Out of date package versions
* Etc

## Links

* [Brakeman Official Website](https://brakemanscanner.org/)
* [Brakeman GitHub Repository](https://github.com/presidentbeef/brakeman)
* [Brakeman Documentation](https://brakemanscanner.org/docs/)
* [Warning Types](https://brakemanscanner.org/docs/warning_types/)