https://github.com/presidentbeef/brakeman

brakeman rails ruby security security-audit security-tools security-vulnerability static-analysis vulnerabilities

Last synced: about 1 month ago

Repository metadata:

A static analysis security vulnerability scanner for Ruby on Rails applications


Owner metadata:


Committers metadata

Last synced: about 1 month ago

Total Commits: 2,973
Total Committers: 173
Avg Commits per committer: 17.185
Development Distribution Score (DDS): 0.392

Commits in past year: 58
Committers in past year: 13
Avg Commits per committer in past year: 4.462
Development Distribution Score (DDS) in past year: 0.379

Name Email Commits
Justin Collins j****n@p****m 1809
Justin Collins j****s@a****m 423
Justin Collins j****n@s****m 152
Justin Collins c****s@t****m 126
oreoshake n****l@g****m 57
Justin Collins p****f 31
Patrick Toomey p****3@b****m 23
Bart ten Brinke i****o@r****m 11
Mastahyeti m****i 10
Andy Waite g****w@a****m 10
soffolk l****u@e****y 9
bethanyr b****z@h****m 9
Jacob Evelyn j****n@p****m 9
Esty Scheiner s****1@g****m 9
David Lanner d****r@p****m 8
themetric m****p@g****m 8
Dave Worth d****e@h****m 7
Jason Yeo j****8@g****m 7
Nick n****n@t****m 6
Noah Davis n****1@y****m 6
Gabriel Arcangel Zayas g****s@h****m 6
Mastahyeti m****i@g****m 5
Neil Matatall n****m@t****m 5
Will Fleming w****l@f****g 5
grosser g****l@g****m 5
Eli Block 3****k 5
Aaron Bedra a****n@a****m 4
Geoffrey Hichborn g****f@s****m 4
fsword l****e@g****m 4
Jeff Rafter j****r@g****m 4
and 143 more...

Issue and Pull Request metadata

Last synced: about 1 month ago


Package metadata

rubygems: brakeman

Brakeman detects security vulnerabilities in Ruby on Rails applications via static analysis.

  • Homepage: https://brakemanscanner.org/
  • Documentation: http://www.rubydoc.info/gems/brakeman/
  • Licenses: Brakeman Public Use License
  • Latest release: 6.1.2 (published 11 months ago)
  • Last Synced: 2024-11-10T21:07:51.319Z (about 1 month ago)
  • Versions: 155
  • Dependent Packages: 119
  • Dependent Repositories: 9,050
  • Downloads: 139,103,620 Total
  • Docker Downloads: 201,175,164
  • Rankings:
    • Downloads: 0.145%
    • Stargazers count: 0.17%
    • Dependent packages count: 0.294%
    • Dependent repos count: 0.345%
    • Average: 0.395%
    • Docker downloads count: 0.588%
    • Forks count: 0.826%
  • Maintainers (1)
go: github.com/presidentbeef/brakeman

  • Homepage:
  • Documentation: https://pkg.go.dev/github.com/presidentbeef/brakeman#section-documentation
  • Licenses: other
  • Latest release: v6.1.2+incompatible (published 11 months ago)
  • Last Synced: 2024-11-10T21:07:49.437Z (about 1 month ago)
  • Versions: 144
  • Dependent Packages: 0
  • Dependent Repositories: 1
  • Rankings:
    • Stargazers count: 0.811%
    • Forks count: 1.072%
    • Average: 3.782%
    • Dependent repos count: 4.794%
    • Dependent packages count: 8.453%
rubygems: brakeman-min

Brakeman detects security vulnerabilities in Ruby on Rails applications via static analysis. This version of the gem only requires the minimum number of dependencies. Use the 'brakeman' gem for a full install.

  • Homepage: https://brakemanscanner.org/
  • Documentation: http://www.rubydoc.info/gems/brakeman-min/
  • Licenses: Brakeman Public Use License
  • Latest release: 6.1.2 (published 11 months ago)
  • Last Synced: 2024-11-10T21:07:51.511Z (about 1 month ago)
  • Versions: 104
  • Dependent Packages: 0
  • Dependent Repositories: 6
  • Downloads: 331,612 Total
  • Rankings:
    • Stargazers count: 0.172%
    • Forks count: 0.8%
    • Downloads: 4.409%
    • Average: 6.017%
    • Dependent repos count: 9.128%
    • Dependent packages count: 15.575%
  • Maintainers (1)
rubygems: brakeman-lib

Brakeman detects security vulnerabilities in Ruby on Rails applications via static analysis. This package declares gem dependencies instead of bundling them.

  • Homepage: https://brakemanscanner.org/
  • Documentation: http://www.rubydoc.info/gems/brakeman-lib/
  • Licenses: Brakeman Public Use License
  • Latest release: 6.1.2 (published 11 months ago)
  • Last Synced: 2024-11-10T21:07:52.220Z (about 1 month ago)
  • Versions: 61
  • Dependent Packages: 0
  • Dependent Repositories: 3
  • Downloads: 112,462 Total
  • Rankings:
    • Stargazers count: 0.172%
    • Forks count: 0.8%
    • Average: 7.615%
    • Downloads: 8.829%
    • Dependent repos count: 12.698%
    • Dependent packages count: 15.575%
  • Maintainers (1)

Dependencies

.github/workflows/docker-hub-push.yml actions
  • actions/checkout v3 composite
  • docker/build-push-action v3 composite
  • docker/login-action v2 composite
  • docker/setup-buildx-action v2 composite
  • docker/setup-qemu-action v2 composite
Dockerfile docker
  • ruby 2.7-alpine build
test/apps/rails6/package.json npm
  • webpack-dev-server ^3.2.1 development
  • @rails/actioncable ^6.0.0-alpha
  • @rails/activestorage ^6.0.0-alpha
  • @rails/ujs ^6.0.0-alpha
  • @rails/webpacker ^4.0.2
  • turbolinks ^5.2.0
test/apps/rails6/yarn.lock npm
  • 935 dependencies
Gemfile rubygems
  • rake >= 0
test/apps/active_record_only/Gemfile rubygems
  • activerecord ~> 5.2.4.3
test/apps/rails3/Gemfile rubygems
  • rails = 3.0.3
  • sqlite3 >= 0
test/apps/rails3/Gemfile.lock rubygems
  • abstract 1.0.0
  • actionmailer 3.0.3
  • actionpack 3.0.3
  • activemodel 3.0.3
  • activerecord 3.0.3
  • activeresource 3.0.3
  • activesupport 3.0.3
  • arel 2.0.10
  • builder 2.1.2
  • erubis 2.6.6
  • i18n 0.6.0
  • json_pure 1.6.4
  • mail 2.2.19
  • mime-types 1.16
  • polyglot 0.3.2
  • rack 1.2.3
  • rack-mount 0.6.14
  • rack-test 0.5.7
  • rails 3.0.3
  • railties 3.0.3
  • rake 0.9.2
  • sqlite3 1.3.3
  • thor 0.14.6
  • treetop 1.4.10
  • tzinfo 0.3.29
test/apps/rails3.1/Gemfile rubygems
  • coffee-rails ~> 3.1.0 development
  • sass-rails ~> 3.1.0 development
  • uglifier >= 0 development
  • draper >= 0
  • jquery-rails >= 0
  • json >= 0
  • mysql >= 0
  • rails = 3.1.0
  • therubyracer >= 0
test/apps/rails3.1/Gemfile.lock rubygems
  • actionmailer 3.1.0
  • actionpack 3.1.0
  • activemodel 3.1.0
  • activerecord 3.1.0
  • activeresource 3.1.0
  • activesupport 3.1.0
  • arel 2.2.1
  • bcrypt-ruby 3.0.0
  • builder 3.0.0
  • coffee-rails 3.1.0
  • coffee-script 2.2.0
  • coffee-script-source 1.1.2
  • erubis 2.7.0
  • execjs 1.2.4
  • hike 1.2.1
  • i18n 0.6.0
  • jquery-rails 1.0.13
  • json 1.5.4
  • libv8 3.3.10.2
  • mail 2.3.0
  • mime-types 1.16
  • multi_json 1.0.3
  • mysql 2.9.1
  • polyglot 0.3.2
  • rack 1.3.2
  • rack-cache 1.0.3
  • rack-mount 0.8.3
  • rack-ssl 1.3.2
  • rack-test 0.6.1
  • rails 3.1.0
  • railties 3.1.0
  • rake 0.9.2
  • rdoc 3.9.4
  • sass 3.1.7
  • sass-rails 3.1.0
  • sprockets 2.0.0
  • therubyracer 0.9.4
  • thor 0.14.6
  • tilt 1.3.3
  • treetop 1.4.10
  • tzinfo 0.3.29
  • uglifier 1.0.3
test/apps/rails3.2/Gemfile rubygems
  • coffee-rails ~> 3.2.1 development
  • sass-rails ~> 3.2.3 development
  • uglifier >= 1.0.3 development
  • jquery-rails >= 0
  • json >= 0
  • rails = 3.2.9.rc2
  • sqlite3 >= 0
test/apps/rails3.2/Gemfile.lock rubygems
  • actionmailer 3.2.9.rc2
  • actionpack 3.2.9.rc2
  • activemodel 3.2.9.rc2
  • activerecord 3.2.9.rc2
  • activeresource 3.2.9.rc2
  • activesupport 3.2.9.rc2
  • arel 3.0.2
  • builder 3.0.3
  • coffee-rails 3.2.2
  • coffee-script 2.2.0
  • coffee-script-source 1.3.3
  • erubis 2.7.0
  • execjs 1.4.0
  • hike 1.2.1
  • i18n 0.6.1
  • journey 1.0.4
  • jquery-rails 2.1.2
  • json 1.7.5
  • mail 2.4.4
  • mime-types 1.19
  • multi_json 1.3.6
  • polyglot 0.3.3
  • rack 1.4.1
  • rack-cache 1.2
  • rack-ssl 1.3.2
  • rack-test 0.6.1
  • rails 3.2.9.rc2
  • railties 3.2.9.rc2
  • rake 0.9.2.2
  • rdoc 3.12
  • sass 3.2.1
  • sass-rails 3.2.5
  • sprockets 2.1.3
  • sqlite3 1.3.6
  • thor 0.16.0
  • tilt 1.3.3
  • treetop 1.4.10
  • tzinfo 0.3.33
  • uglifier 1.3.0
test/apps/rails4/Gemfile rubygems
  • coffee-rails ~> 4.0.0 development
  • sass-rails ~> 4.0.0 development
  • uglifier >= 1.0.3 development
  • haml >= 0
  • jbuilder ~> 1.0.1
  • jquery-rails >= 0
  • pg >= 0
  • rails = 4.0.0
  • turbolinks >= 0
test/apps/rails4_non_standard_structure/rails4test.gemspec rubygems
  • haml >= 0
  • rails >= 4.1.8
test/apps/rails4_with_engines/gems.rb rubygems
  • coffee-rails ~> 4.0.0 development
  • sass-rails ~> 4.0.0 development
  • uglifier >= 1.0.3 development
  • jbuilder ~> 1.0.1
  • jquery-rails >= 0
  • rails = 4.0.0
  • sqlite3 >= 0
  • turbolinks >= 0
test/apps/rails5/Gemfile rubygems
  • byebug >= 0 development
  • spring >= 0 development
  • web-console ~> 3.0 development
  • actionpack-page_caching = 1.2.0
  • coffee-rails ~> 4.1.0
  • jbuilder ~> 2.0
  • jquery-rails >= 0
  • puma >= 0
  • rails >= 5.0.0.beta1, < 5.1
  • sqlite3 >= 0
  • turbolinks >= 0
  • tzinfo-data >= 0
  • uglifier >= 1.3.0
test/apps/rails5/Gemfile.lock rubygems
  • actioncable 5.0.0
  • actionmailer 5.0.0
  • actionpack 5.0.0
  • actionview 5.0.0
  • activejob 5.0.0
  • activemodel 5.0.0
  • activerecord 5.0.0
  • activesupport 5.0.0
  • arel 7.0.0
  • builder 3.2.2
  • byebug 8.2.1
  • celluloid 0.17.2
  • celluloid-essentials 0.20.5
  • celluloid-extras 0.20.5
  • celluloid-fsm 0.20.5
  • celluloid-pool 0.20.5
  • celluloid-supervision 0.20.5
  • coffee-rails 4.1.1
  • coffee-script 2.4.1
  • coffee-script-source 1.10.0
  • concurrent-ruby 1.0.0
  • debug_inspector 0.0.2
  • em-hiredis 0.3.0
  • erubis 2.7.0
  • eventmachine 1.0.9.1
  • execjs 2.6.0
  • faye-websocket 0.10.2
  • globalid 0.3.6
  • hiredis 0.5.2
  • hitimes 1.2.3
  • i18n 0.7.0
  • jbuilder 2.4.0
  • jquery-rails 4.1.0
  • json 1.8.3
  • loofah 2.0.3
  • mail 2.6.3
  • method_source 0.8.2
  • mime-types 2.99
  • mini_portile2 2.0.0
  • minitest 5.8.3
  • multi_json 1.11.2
  • nokogiri 1.6.7.1
  • puma 2.15.3
  • rack 2.0.0.alpha
  • rack-test 0.6.3
  • rails 5.0.0
  • rails-deprecated_sanitizer 1.0.3
  • rails-dom-testing 1.0.7
  • rails-html-sanitizer 1.0.2
  • railties 5.0.0
  • rake 10.5.0
  • redis 3.2.2
  • spring 1.6.2
  • sprockets 3.5.2
  • sprockets-rails 3.0.0
  • sqlite3 1.3.11
  • thor 0.19.1
  • thread_safe 0.3.5
  • timers 4.1.1
  • turbolinks 2.5.3
  • tzinfo 1.2.2
  • uglifier 2.7.2
  • web-console 3.0.0
  • websocket-driver 0.6.3
  • websocket-extensions 0.1.2
test/apps/rails5.2/Gemfile rubygems
  • byebug >= 0 development
  • capybara ~> 2.15 development
  • chromedriver-helper >= 0 development
  • listen >= 3.0.5, < 3.2 development
  • selenium-webdriver >= 0 development
  • spring >= 0 development
  • spring-watcher-listen ~> 2.0.0 development
  • web-console >= 3.3.0 development
  • bootsnap >= 1.1.0
  • coffee-rails ~> 4.2
  • haml ~> 5.0.3
  • jbuilder ~> 2.5
  • puma ~> 3.11
  • rails ~> 5.2.0.beta2
  • sass-rails ~> 5.0
  • slim ~> 3.0.1
  • sqlite3 >= 0
  • turbolinks ~> 5
  • tzinfo-data >= 0
  • uglifier >= 1.3.0
test/apps/rails5.2/Gemfile.lock rubygems
  • actioncable 5.2.0.beta2
  • actionmailer 5.2.0.beta2
  • actionpack 5.2.0.beta2
  • actionview 5.2.0.beta2
  • activejob 5.2.0.beta2
  • activemodel 5.2.0.beta2
  • activerecord 5.2.0.beta2
  • activestorage 5.2.0.beta2
  • activesupport 5.2.0.beta2
  • addressable 2.5.2
  • archive-zip 0.7.0
  • arel 9.0.0
  • bindex 0.5.0
  • bootsnap 1.1.5
  • builder 3.2.3
  • byebug 9.1.0
  • capybara 2.16.1
  • childprocess 0.8.0
  • chromedriver-helper 1.1.0
  • coffee-rails 4.2.2
  • coffee-script 2.4.1
  • coffee-script-source 1.12.2
  • concurrent-ruby 1.0.5
  • crass 1.0.3
  • erubi 1.7.0
  • execjs 2.7.0
  • ffi 1.9.18
  • globalid 0.4.1
  • i18n 0.9.1
  • io-like 0.3.0
  • jbuilder 2.7.0
  • listen 3.1.5
  • loofah 2.1.1
  • mail 2.7.0
  • method_source 0.9.0
  • mini_mime 1.0.0
  • mini_portile2 2.3.0
  • minitest 5.10.3
  • msgpack 1.2.0
  • multi_json 1.12.2
  • nio4r 2.1.0
  • nokogiri 1.8.1
  • public_suffix 3.0.1
  • puma 3.11.0
  • rack 2.0.3
  • rack-test 0.8.2
  • rails 5.2.0.beta2
  • rails-dom-testing 2.0.3
  • rails-html-sanitizer 1.0.3
  • railties 5.2.0.beta2
  • rake 12.3.0
  • rb-fsevent 0.10.2
  • rb-inotify 0.9.10
  • ruby_dep 1.5.0
  • rubyzip 1.2.1
  • sass 3.5.3
  • sass-listen 4.0.0
  • sass-rails 5.0.7
  • selenium-webdriver 3.8.0
  • spring 2.0.2
  • spring-watcher-listen 2.0.1
  • sprockets 3.7.1
  • sprockets-rails 3.2.1
  • sqlite3 1.3.13
  • thor 0.20.0
  • thread_safe 0.3.6
  • tilt 2.0.8
  • turbolinks 5.0.1
  • turbolinks-source 5.0.3
  • tzinfo 1.2.4
  • uglifier 4.0.1
  • web-console 3.5.1
  • websocket-driver 0.6.5
  • websocket-extensions 0.1.3
  • xpath 2.1.0
test/apps/rails6/Gemfile rubygems
  • byebug >= 0 development
  • capybara >= 2.15 development
  • chromedriver-helper >= 0 development
  • listen >= 3.0.5, < 3.2 development
  • selenium-webdriver >= 0 development
  • spring >= 0 development
  • spring-watcher-listen ~> 2.0.0 development
  • web-console >= 3.3.0 development
  • bootsnap >= 1.4.1
  • jbuilder ~> 2.5
  • puma ~> 3.11
  • rails ~> 6.0.0.beta2
  • safe_yaml >= 0
  • sass-rails ~> 5.0
  • sqlite3 ~> 1.3, >= 1.3.6
  • turbolinks ~> 5
  • tzinfo-data >= 0
  • webpacker >= 4.0.0.rc.3
test/apps/rails7/Gemfile rubygems
  • capybara >= 3.26 development
  • selenium-webdriver >= 4.0.0 development
  • web-console >= 4.1.0 development
  • webdrivers >= 0 development
  • bootsnap >= 1.4.4
  • importmap-rails >= 0.9.2
  • jbuilder ~> 2.11
  • puma ~> 5.0
  • rails ~> 7.0.0
  • sprockets-rails >= 3.4.1
  • sqlite3 ~> 1.4
  • stimulus-rails >= 0.7.3
  • turbo-rails >= 0.9.0
test/apps/rails7/Gemfile.lock rubygems
  • actioncable 7.0.4
  • actionmailbox 7.0.4
  • actionmailer 7.0.4
  • actionpack 7.0.4
  • actiontext 7.0.4
  • actionview 7.0.4
  • activejob 7.0.4
  • activemodel 7.0.4
  • activerecord 7.0.4
  • activestorage 7.0.4
  • activesupport 7.0.4
  • addressable 2.8.0
  • bindex 0.8.1
  • bootsnap 1.9.3
  • builder 3.2.4
  • capybara 3.36.0
  • childprocess 4.1.0
  • concurrent-ruby 1.1.10
  • crass 1.0.6
  • debug 1.3.4
  • digest 3.1.0
  • erubi 1.11.0
  • globalid 1.0.0
  • i18n 1.12.0
  • importmap-rails 0.9.3
  • io-console 0.5.9
  • irb 1.3.7
  • jbuilder 2.11.3
  • loofah 2.19.0
  • mail 2.7.1
  • marcel 1.0.2
  • matrix 0.4.2
  • method_source 1.0.0
  • mini_mime 1.1.2
  • mini_portile2 2.8.0
  • minitest 5.16.3
  • msgpack 1.4.2
  • net-imap 0.2.3
  • net-pop 0.1.1
  • net-protocol 0.1.3
  • net-smtp 0.3.1
  • nio4r 2.5.8
  • nokogiri 1.13.8
  • public_suffix 4.0.6
  • puma 5.5.2
  • racc 1.6.0
  • rack 2.2.4
  • rack-test 2.0.2
  • rails 7.0.4
  • rails-dom-testing 2.0.3
  • rails-html-sanitizer 1.4.2
  • railties 7.0.4
  • rake 13.0.6
  • regexp_parser 2.2.0
  • reline 0.2.7
  • rexml 3.2.5
  • rubyzip 2.3.2
  • selenium-webdriver 4.1.0
  • sprockets 4.0.2
  • sprockets-rails 3.4.1
  • sqlite3 1.4.2
  • stimulus-rails 0.7.3
  • strscan 3.0.4
  • thor 1.2.1
  • timeout 0.3.0
  • turbo-rails 0.9.0
  • tzinfo 2.0.5
  • web-console 4.2.0
  • webdrivers 5.0.0
  • websocket-driver 0.7.5
  • websocket-extensions 0.1.5
  • xpath 3.2.0
  • zeitwerk 2.6.0
test/apps/rails_with_xss_plugin/Gemfile rubygems
  • json = 1.1.0
  • rails = 2.3.14
  • sqlite3 >= 0
test/apps/rails5.2/package.json npm
brakeman-lib.gemspec rubygems
brakeman-min.gemspec rubygems
brakeman.gemspec rubygems