Brakeman Pro 1.5.0 Released

Jun 30, 2017

In this release, we close the loop between Brakeman Pro Engine and Brakeman Pro Desktop with the ability to import full Brakeman Pro results from the Engine into the Desktop!

Engine to Desktop to Engine

It is now possible to run Brakeman Pro Engine as part of an automated workflow, but still manage the results with the convenience of Brakeman Pro Desktop.

After triage, false positive information can be exported for use with Brakeman Pro Engine again.

We have also thoroughly documented various methods of automating Brakeman Pro, including information for Jenkins, Circle CI, and Travis CI.

Latest Changes

  • New Desktop option to import reports from Engine
  • New --export option to Engine to allow importing reports into Desktop
  • New --parse-threads option to set number of parsing threads
  • Limit parsing threads to 10 by default
  • Avoid interpolating hashes/arrays on failed access (performance fix)
  • Show progress indicator in interactive mode with -I
  • Handle simple conditional guards that use return
  • Fixed false positive for redirect_to in Rails 4+
  • Improved support for rails4/rails5 options in config file

Brakeman Pro is a static analysis security tool for Ruby on Rails applications.

Brakeman Pro can be used as a desktop application, Ruby Gem, and as a Code Climate engine.

If you have not purchased Brakeman Pro yet, you can review pricing and purchase licenses directly from our site.

Need to try before buying? Take Brakeman Pro Desktop for a spin.

Please feel free to contact us with any questions!