Product SiteDocumentation Site

1.3.1. Continuous integration

Good way to use Brakeman is to integrate it into workflow of a project and fix the reported problems before they are committed into repository.
Creating a rake task is easy with
$ brakeman --rake
which creates file lib/tasks/brakeman.rake
Another useful options is to create a configuration file from a command line options:
$ brakeman -C <config file> <options>
which can be later used:
$ brakeman -c <config file>
Very useful feature is comparison with older scan result and outputting only difference between reports - developers can then easily identify warnings that were just added or fixed:
$ brakeman --compare <old result in json> -o <output in json>
The output is always in json (-f is ignored).