https://github.com/presidentbeef/brakeman
brakeman rails ruby security security-audit security-tools security-vulnerability static-analysis vulnerabilities
Last synced: 1 day ago
Repository metadata:
A static analysis security vulnerability scanner for Ruby on Rails applications
- Host: GitHub
- URL: https://github.com/presidentbeef/brakeman
- Owner: presidentbeef
- License: other
- Created: 2010-08-27T00:00:58.000Z (about 14 years ago)
- Default Branch: main
- Last Pushed: 2024-11-07T00:13:34.000Z (6 days ago)
- Last Synced: 2024-11-08T20:06:23.695Z (4 days ago)
- Topics: brakeman, rails, ruby, security, security-audit, security-tools, security-vulnerability, static-analysis, vulnerabilities
- Language: Ruby
- Homepage: https://brakemanscanner.org/
- Size: 38.7 MB
- Stars: 7,015
- Watchers: 166
- Forks: 734
- Open Issues: 108
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGES.md
- Contributing: CONTRIBUTING.md
- License: COPYING.md
- Code of conduct: CODE_OF_CONDUCT.md
- Security: SECURITY.md
Owner metadata:
- Name: Justin Collins
- Login: presidentbeef
- Email:
- Kind: user
- Description: I work on Brakeman and do web security stuff.
- Website: https://presidentbeef.com
- Location: "The Bay"
- Twitter:
- Company:
- Icon url: https://avatars.githubusercontent.com/u/75613?u=ce662367116d8d32164b77a6812b38e952cd684b&v=4
- Repositories: 80
- Last Synced at: 2023-04-15T11:35:49.751Z
- Profile URL: https://github.com/presidentbeef
- Sponsor URL:
Committers metadata
Last synced: 1 day ago
Total Commits: 2,973
Total Committers: 173
Avg Commits per committer: 17.185
Development Distribution Score (DDS): 0.392
Commits in past year: 58
Committers in past year: 13
Avg Commits per committer in past year: 4.462
Development Distribution Score (DDS) in past year: 0.379
| Name | Commits | |
|---|---|---|
| Justin Collins | j****n@p****m | 1809 |
| Justin Collins | j****s@a****m | 423 |
| Justin Collins | j****n@s****m | 152 |
| Justin Collins | c****s@t****m | 126 |
| oreoshake | n****l@g****m | 57 |
| Justin Collins | p****f | 31 |
| Patrick Toomey | p****3@b****m | 23 |
| Bart ten Brinke | i****o@r****m | 11 |
| Mastahyeti | m****i | 10 |
| Andy Waite | g****w@a****m | 10 |
| soffolk | l****u@e****y | 9 |
| bethanyr | b****z@h****m | 9 |
| Jacob Evelyn | j****n@p****m | 9 |
| Esty Scheiner | s****1@g****m | 9 |
| David Lanner | d****r@p****m | 8 |
| themetric | m****p@g****m | 8 |
| Dave Worth | d****e@h****m | 7 |
| Jason Yeo | j****8@g****m | 7 |
| Nick | n****n@t****m | 6 |
| Noah Davis | n****1@y****m | 6 |
| Gabriel Arcangel Zayas | g****s@h****m | 6 |
| Mastahyeti | m****i@g****m | 5 |
| Neil Matatall | n****m@t****m | 5 |
| Will Fleming | w****l@f****g | 5 |
| grosser | g****l@g****m | 5 |
| Eli Block | 3****k | 5 |
| Aaron Bedra | a****n@a****m | 4 |
| Geoffrey Hichborn | g****f@s****m | 4 |
| fsword | l****e@g****m | 4 |
| Jeff Rafter | j****r@g****m | 4 |
| and 143 more... | ||
Issue and Pull Request metadata
Last synced: 2 days ago
Package metadata
- Total packages: 4
-
Total downloads:
- rubygems: 139,547,694 total
- Total docker downloads: 201,175,164
- Total dependent packages: 119 (may contain duplicates)
- Total dependent repositories: 9,060 (may contain duplicates)
- Total versions: 464
- Total maintainers: 1
rubygems: brakeman
Brakeman detects security vulnerabilities in Ruby on Rails applications via static analysis.
- Homepage: https://brakemanscanner.org/
- Documentation: http://www.rubydoc.info/gems/brakeman/
- Licenses: Brakeman Public Use License
- Latest release: 6.1.2 (published 9 months ago)
- Last Synced: 2024-11-10T21:07:51.319Z (2 days ago)
- Versions: 155
- Dependent Packages: 119
- Dependent Repositories: 9,050
- Downloads: 139,103,620 Total
- Docker Downloads: 201,175,164
-
Rankings:
- Downloads: 0.145%
- Stargazers count: 0.17%
- Dependent packages count: 0.294%
- Dependent repos count: 0.345%
- Average: 0.395%
- Docker downloads count: 0.588%
- Forks count: 0.826%
- Maintainers (1)
go: github.com/presidentbeef/brakeman
- Homepage:
- Documentation: https://pkg.go.dev/github.com/presidentbeef/brakeman#section-documentation
- Licenses: other
- Latest release: v6.1.2+incompatible (published 9 months ago)
- Last Synced: 2024-11-10T21:07:49.437Z (2 days ago)
- Versions: 144
- Dependent Packages: 0
- Dependent Repositories: 1
-
Rankings:
- Stargazers count: 0.811%
- Forks count: 1.072%
- Average: 3.782%
- Dependent repos count: 4.794%
- Dependent packages count: 8.453%
rubygems: brakeman-min
Brakeman detects security vulnerabilities in Ruby on Rails applications via static analysis. This version of the gem only requires the minimum number of dependencies. Use the 'brakeman' gem for a full install.
- Homepage: https://brakemanscanner.org/
- Documentation: http://www.rubydoc.info/gems/brakeman-min/
- Licenses: Brakeman Public Use License
- Latest release: 6.1.2 (published 9 months ago)
- Last Synced: 2024-11-10T21:07:51.511Z (2 days ago)
- Versions: 104
- Dependent Packages: 0
- Dependent Repositories: 6
- Downloads: 331,612 Total
-
Rankings:
- Stargazers count: 0.172%
- Forks count: 0.8%
- Downloads: 4.409%
- Average: 6.017%
- Dependent repos count: 9.128%
- Dependent packages count: 15.575%
- Maintainers (1)
rubygems: brakeman-lib
Brakeman detects security vulnerabilities in Ruby on Rails applications via static analysis. This package declares gem dependencies instead of bundling them.
- Homepage: https://brakemanscanner.org/
- Documentation: http://www.rubydoc.info/gems/brakeman-lib/
- Licenses: Brakeman Public Use License
- Latest release: 6.1.2 (published 9 months ago)
- Last Synced: 2024-11-10T21:07:52.220Z (2 days ago)
- Versions: 61
- Dependent Packages: 0
- Dependent Repositories: 3
- Downloads: 112,462 Total
-
Rankings:
- Stargazers count: 0.172%
- Forks count: 0.8%
- Average: 7.615%
- Downloads: 8.829%
- Dependent repos count: 12.698%
- Dependent packages count: 15.575%
- Maintainers (1)
Dependencies
.github/workflows/docker-hub-push.yml
actions
- actions/checkout v3 composite
- docker/build-push-action v3 composite
- docker/login-action v2 composite
- docker/setup-buildx-action v2 composite
- docker/setup-qemu-action v2 composite
Dockerfile
docker
- ruby 2.7-alpine build
test/apps/rails6/package.json
npm
- webpack-dev-server ^3.2.1 development
- @rails/actioncable ^6.0.0-alpha
- @rails/activestorage ^6.0.0-alpha
- @rails/ujs ^6.0.0-alpha
- @rails/webpacker ^4.0.2
- turbolinks ^5.2.0
test/apps/rails6/yarn.lock
npm
- 935 dependencies
Gemfile
rubygems
- rake >= 0
test/apps/active_record_only/Gemfile
rubygems
- activerecord ~> 5.2.4.3
test/apps/rails3/Gemfile
rubygems
- rails = 3.0.3
- sqlite3 >= 0
test/apps/rails3/Gemfile.lock
rubygems
- abstract 1.0.0
- actionmailer 3.0.3
- actionpack 3.0.3
- activemodel 3.0.3
- activerecord 3.0.3
- activeresource 3.0.3
- activesupport 3.0.3
- arel 2.0.10
- builder 2.1.2
- erubis 2.6.6
- i18n 0.6.0
- json_pure 1.6.4
- mail 2.2.19
- mime-types 1.16
- polyglot 0.3.2
- rack 1.2.3
- rack-mount 0.6.14
- rack-test 0.5.7
- rails 3.0.3
- railties 3.0.3
- rake 0.9.2
- sqlite3 1.3.3
- thor 0.14.6
- treetop 1.4.10
- tzinfo 0.3.29
test/apps/rails3.1/Gemfile
rubygems
- coffee-rails ~> 3.1.0 development
- sass-rails ~> 3.1.0 development
- uglifier >= 0 development
- draper >= 0
- jquery-rails >= 0
- json >= 0
- mysql >= 0
- rails = 3.1.0
- therubyracer >= 0
test/apps/rails3.1/Gemfile.lock
rubygems
- actionmailer 3.1.0
- actionpack 3.1.0
- activemodel 3.1.0
- activerecord 3.1.0
- activeresource 3.1.0
- activesupport 3.1.0
- arel 2.2.1
- bcrypt-ruby 3.0.0
- builder 3.0.0
- coffee-rails 3.1.0
- coffee-script 2.2.0
- coffee-script-source 1.1.2
- erubis 2.7.0
- execjs 1.2.4
- hike 1.2.1
- i18n 0.6.0
- jquery-rails 1.0.13
- json 1.5.4
- libv8 3.3.10.2
- mail 2.3.0
- mime-types 1.16
- multi_json 1.0.3
- mysql 2.9.1
- polyglot 0.3.2
- rack 1.3.2
- rack-cache 1.0.3
- rack-mount 0.8.3
- rack-ssl 1.3.2
- rack-test 0.6.1
- rails 3.1.0
- railties 3.1.0
- rake 0.9.2
- rdoc 3.9.4
- sass 3.1.7
- sass-rails 3.1.0
- sprockets 2.0.0
- therubyracer 0.9.4
- thor 0.14.6
- tilt 1.3.3
- treetop 1.4.10
- tzinfo 0.3.29
- uglifier 1.0.3
test/apps/rails3.2/Gemfile
rubygems
- coffee-rails ~> 3.2.1 development
- sass-rails ~> 3.2.3 development
- uglifier >= 1.0.3 development
- jquery-rails >= 0
- json >= 0
- rails = 3.2.9.rc2
- sqlite3 >= 0
test/apps/rails3.2/Gemfile.lock
rubygems
- actionmailer 3.2.9.rc2
- actionpack 3.2.9.rc2
- activemodel 3.2.9.rc2
- activerecord 3.2.9.rc2
- activeresource 3.2.9.rc2
- activesupport 3.2.9.rc2
- arel 3.0.2
- builder 3.0.3
- coffee-rails 3.2.2
- coffee-script 2.2.0
- coffee-script-source 1.3.3
- erubis 2.7.0
- execjs 1.4.0
- hike 1.2.1
- i18n 0.6.1
- journey 1.0.4
- jquery-rails 2.1.2
- json 1.7.5
- mail 2.4.4
- mime-types 1.19
- multi_json 1.3.6
- polyglot 0.3.3
- rack 1.4.1
- rack-cache 1.2
- rack-ssl 1.3.2
- rack-test 0.6.1
- rails 3.2.9.rc2
- railties 3.2.9.rc2
- rake 0.9.2.2
- rdoc 3.12
- sass 3.2.1
- sass-rails 3.2.5
- sprockets 2.1.3
- sqlite3 1.3.6
- thor 0.16.0
- tilt 1.3.3
- treetop 1.4.10
- tzinfo 0.3.33
- uglifier 1.3.0
test/apps/rails4/Gemfile
rubygems
- coffee-rails ~> 4.0.0 development
- sass-rails ~> 4.0.0 development
- uglifier >= 1.0.3 development
- haml >= 0
- jbuilder ~> 1.0.1
- jquery-rails >= 0
- pg >= 0
- rails = 4.0.0
- turbolinks >= 0
test/apps/rails4_non_standard_structure/rails4test.gemspec
rubygems
- haml >= 0
- rails >= 4.1.8
test/apps/rails4_with_engines/gems.rb
rubygems
- coffee-rails ~> 4.0.0 development
- sass-rails ~> 4.0.0 development
- uglifier >= 1.0.3 development
- jbuilder ~> 1.0.1
- jquery-rails >= 0
- rails = 4.0.0
- sqlite3 >= 0
- turbolinks >= 0
test/apps/rails5/Gemfile
rubygems
- byebug >= 0 development
- spring >= 0 development
- web-console ~> 3.0 development
- actionpack-page_caching = 1.2.0
- coffee-rails ~> 4.1.0
- jbuilder ~> 2.0
- jquery-rails >= 0
- puma >= 0
- rails >= 5.0.0.beta1, < 5.1
- sqlite3 >= 0
- turbolinks >= 0
- tzinfo-data >= 0
- uglifier >= 1.3.0
test/apps/rails5/Gemfile.lock
rubygems
- actioncable 5.0.0
- actionmailer 5.0.0
- actionpack 5.0.0
- actionview 5.0.0
- activejob 5.0.0
- activemodel 5.0.0
- activerecord 5.0.0
- activesupport 5.0.0
- arel 7.0.0
- builder 3.2.2
- byebug 8.2.1
- celluloid 0.17.2
- celluloid-essentials 0.20.5
- celluloid-extras 0.20.5
- celluloid-fsm 0.20.5
- celluloid-pool 0.20.5
- celluloid-supervision 0.20.5
- coffee-rails 4.1.1
- coffee-script 2.4.1
- coffee-script-source 1.10.0
- concurrent-ruby 1.0.0
- debug_inspector 0.0.2
- em-hiredis 0.3.0
- erubis 2.7.0
- eventmachine 1.0.9.1
- execjs 2.6.0
- faye-websocket 0.10.2
- globalid 0.3.6
- hiredis 0.5.2
- hitimes 1.2.3
- i18n 0.7.0
- jbuilder 2.4.0
- jquery-rails 4.1.0
- json 1.8.3
- loofah 2.0.3
- mail 2.6.3
- method_source 0.8.2
- mime-types 2.99
- mini_portile2 2.0.0
- minitest 5.8.3
- multi_json 1.11.2
- nokogiri 1.6.7.1
- puma 2.15.3
- rack 2.0.0.alpha
- rack-test 0.6.3
- rails 5.0.0
- rails-deprecated_sanitizer 1.0.3
- rails-dom-testing 1.0.7
- rails-html-sanitizer 1.0.2
- railties 5.0.0
- rake 10.5.0
- redis 3.2.2
- spring 1.6.2
- sprockets 3.5.2
- sprockets-rails 3.0.0
- sqlite3 1.3.11
- thor 0.19.1
- thread_safe 0.3.5
- timers 4.1.1
- turbolinks 2.5.3
- tzinfo 1.2.2
- uglifier 2.7.2
- web-console 3.0.0
- websocket-driver 0.6.3
- websocket-extensions 0.1.2
test/apps/rails5.2/Gemfile
rubygems
- byebug >= 0 development
- capybara ~> 2.15 development
- chromedriver-helper >= 0 development
- listen >= 3.0.5, < 3.2 development
- selenium-webdriver >= 0 development
- spring >= 0 development
- spring-watcher-listen ~> 2.0.0 development
- web-console >= 3.3.0 development
- bootsnap >= 1.1.0
- coffee-rails ~> 4.2
- haml ~> 5.0.3
- jbuilder ~> 2.5
- puma ~> 3.11
- rails ~> 5.2.0.beta2
- sass-rails ~> 5.0
- slim ~> 3.0.1
- sqlite3 >= 0
- turbolinks ~> 5
- tzinfo-data >= 0
- uglifier >= 1.3.0
test/apps/rails5.2/Gemfile.lock
rubygems
- actioncable 5.2.0.beta2
- actionmailer 5.2.0.beta2
- actionpack 5.2.0.beta2
- actionview 5.2.0.beta2
- activejob 5.2.0.beta2
- activemodel 5.2.0.beta2
- activerecord 5.2.0.beta2
- activestorage 5.2.0.beta2
- activesupport 5.2.0.beta2
- addressable 2.5.2
- archive-zip 0.7.0
- arel 9.0.0
- bindex 0.5.0
- bootsnap 1.1.5
- builder 3.2.3
- byebug 9.1.0
- capybara 2.16.1
- childprocess 0.8.0
- chromedriver-helper 1.1.0
- coffee-rails 4.2.2
- coffee-script 2.4.1
- coffee-script-source 1.12.2
- concurrent-ruby 1.0.5
- crass 1.0.3
- erubi 1.7.0
- execjs 2.7.0
- ffi 1.9.18
- globalid 0.4.1
- i18n 0.9.1
- io-like 0.3.0
- jbuilder 2.7.0
- listen 3.1.5
- loofah 2.1.1
- mail 2.7.0
- method_source 0.9.0
- mini_mime 1.0.0
- mini_portile2 2.3.0
- minitest 5.10.3
- msgpack 1.2.0
- multi_json 1.12.2
- nio4r 2.1.0
- nokogiri 1.8.1
- public_suffix 3.0.1
- puma 3.11.0
- rack 2.0.3
- rack-test 0.8.2
- rails 5.2.0.beta2
- rails-dom-testing 2.0.3
- rails-html-sanitizer 1.0.3
- railties 5.2.0.beta2
- rake 12.3.0
- rb-fsevent 0.10.2
- rb-inotify 0.9.10
- ruby_dep 1.5.0
- rubyzip 1.2.1
- sass 3.5.3
- sass-listen 4.0.0
- sass-rails 5.0.7
- selenium-webdriver 3.8.0
- spring 2.0.2
- spring-watcher-listen 2.0.1
- sprockets 3.7.1
- sprockets-rails 3.2.1
- sqlite3 1.3.13
- thor 0.20.0
- thread_safe 0.3.6
- tilt 2.0.8
- turbolinks 5.0.1
- turbolinks-source 5.0.3
- tzinfo 1.2.4
- uglifier 4.0.1
- web-console 3.5.1
- websocket-driver 0.6.5
- websocket-extensions 0.1.3
- xpath 2.1.0
test/apps/rails6/Gemfile
rubygems
- byebug >= 0 development
- capybara >= 2.15 development
- chromedriver-helper >= 0 development
- listen >= 3.0.5, < 3.2 development
- selenium-webdriver >= 0 development
- spring >= 0 development
- spring-watcher-listen ~> 2.0.0 development
- web-console >= 3.3.0 development
- bootsnap >= 1.4.1
- jbuilder ~> 2.5
- puma ~> 3.11
- rails ~> 6.0.0.beta2
- safe_yaml >= 0
- sass-rails ~> 5.0
- sqlite3 ~> 1.3, >= 1.3.6
- turbolinks ~> 5
- tzinfo-data >= 0
- webpacker >= 4.0.0.rc.3
test/apps/rails7/Gemfile
rubygems
- capybara >= 3.26 development
- selenium-webdriver >= 4.0.0 development
- web-console >= 4.1.0 development
- webdrivers >= 0 development
- bootsnap >= 1.4.4
- importmap-rails >= 0.9.2
- jbuilder ~> 2.11
- puma ~> 5.0
- rails ~> 7.0.0
- sprockets-rails >= 3.4.1
- sqlite3 ~> 1.4
- stimulus-rails >= 0.7.3
- turbo-rails >= 0.9.0
test/apps/rails7/Gemfile.lock
rubygems
- actioncable 7.0.4
- actionmailbox 7.0.4
- actionmailer 7.0.4
- actionpack 7.0.4
- actiontext 7.0.4
- actionview 7.0.4
- activejob 7.0.4
- activemodel 7.0.4
- activerecord 7.0.4
- activestorage 7.0.4
- activesupport 7.0.4
- addressable 2.8.0
- bindex 0.8.1
- bootsnap 1.9.3
- builder 3.2.4
- capybara 3.36.0
- childprocess 4.1.0
- concurrent-ruby 1.1.10
- crass 1.0.6
- debug 1.3.4
- digest 3.1.0
- erubi 1.11.0
- globalid 1.0.0
- i18n 1.12.0
- importmap-rails 0.9.3
- io-console 0.5.9
- irb 1.3.7
- jbuilder 2.11.3
- loofah 2.19.0
- mail 2.7.1
- marcel 1.0.2
- matrix 0.4.2
- method_source 1.0.0
- mini_mime 1.1.2
- mini_portile2 2.8.0
- minitest 5.16.3
- msgpack 1.4.2
- net-imap 0.2.3
- net-pop 0.1.1
- net-protocol 0.1.3
- net-smtp 0.3.1
- nio4r 2.5.8
- nokogiri 1.13.8
- public_suffix 4.0.6
- puma 5.5.2
- racc 1.6.0
- rack 2.2.4
- rack-test 2.0.2
- rails 7.0.4
- rails-dom-testing 2.0.3
- rails-html-sanitizer 1.4.2
- railties 7.0.4
- rake 13.0.6
- regexp_parser 2.2.0
- reline 0.2.7
- rexml 3.2.5
- rubyzip 2.3.2
- selenium-webdriver 4.1.0
- sprockets 4.0.2
- sprockets-rails 3.4.1
- sqlite3 1.4.2
- stimulus-rails 0.7.3
- strscan 3.0.4
- thor 1.2.1
- timeout 0.3.0
- turbo-rails 0.9.0
- tzinfo 2.0.5
- web-console 4.2.0
- webdrivers 5.0.0
- websocket-driver 0.7.5
- websocket-extensions 0.1.5
- xpath 3.2.0
- zeitwerk 2.6.0
test/apps/rails_with_xss_plugin/Gemfile
rubygems
- json = 1.1.0
- rails = 2.3.14
- sqlite3 >= 0
test/apps/rails5.2/package.json
npm
brakeman-lib.gemspec
rubygems
brakeman-min.gemspec
rubygems
brakeman.gemspec
rubygems