Once set in your application’s
Gemfile as a dependency, the Brakeman Pro Engine can integrate directly into your tests. This is a great method for always running Brakeman Pro against your code base.
The test integration will run Brakeman Pro in a separate process to avoid contaminating the application tests with Brakeman dependencies.
Contact us if you have any questions about advanced configurations for Brakeman Pro scans inside tests.
Brakeman Pro has three assertions for use with Minitest:
assert_brakeman_warnings method can be used to test for specific numbers of warnings, by confidence.
Any assertion can accept a hash table of options to control the scan for advanced configurations.
Failures will print out all warnings found.
Brakeman Pro has three matchers for use with RSpec:
The call to
Brakeman::Test.run can accept a hash table of options to control the scan for advanced configurations.
Failures will print out all Brakeman warnings found.
For general use,
Brakeman::Test.run may be used as needed. Options may be passed in for advanced configuration.
Brakeman::Test::Result object has the following methods:
warningsreturns hash table of warnings by confidence
Our test API is brand new, so please contact us if you have questions or suggestions.