In this release, we close the loop between Brakeman Pro Engine and Brakeman Pro Desktop with the ability to import full Brakeman Pro results from the Engine into the Desktop!
It is now possible to run Brakeman Pro Engine as part of an automated workflow, but still manage the results with the convenience of Brakeman Pro Desktop.
After triage, false positive information can be exported for use with Brakeman Pro Engine again.
We have also thoroughly documented various methods of automating Brakeman Pro, including information for Jenkins, Circle CI, and Travis CI.
- New Desktop option to import reports from Engine
--exportoption to Engine to allow importing reports into Desktop
--parse-threadsoption to set number of parsing threads
- Limit parsing threads to 10 by default
- Avoid interpolating hashes/arrays on failed access (performance fix)
- Show progress indicator in interactive mode with
- Handle simple conditional guards that use
- Fixed false positive for
redirect_toin Rails 4+
- Improved support for rails4/rails5 options in config file
Brakeman Pro is a static analysis security tool for Ruby on Rails applications.
If you have not purchased Brakeman Pro yet, you can review pricing and purchase licenses directly from our site.
Need to try before buying? Take Brakeman Pro Desktop for a spin.
Please feel free to contact us with any questions!