0.02
No commit activity in last 3 years
No release in over 3 years
Hunt out weak spots in your rails application
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

>= 2.12.0

Runtime

 Project Readme

Code Hunter

Hunt out weak spots in your rails application with 3 static metrics tools:

  • Brakeman - A static analysis security vulnerability scanner for Rails
  • RailsBestPractices - A code metric tool for rails projects
  • Pendaxes - A tool to detect pendings in spec files

Installation

$ gem install code_hunter

Usage

$ code_hunter --help
Usage: code_hunter [options]
        --application-path=          (default:    ./) rails application root path
        --format=                    (default:  yaml) output format (yaml or json)
        --no-brakeman                (default: false) disable brakeman
        --no-pendaxes                (default: false) disable pendaxes
        --no-rails-best-practices    (default: false) disable rails-best-practices

$ code_hunter --application-path /path/to/rails/root
...
...
---
- :service: brakeman
  :line: 8
  :path: config/routes.rb
  :message: All public methods in controllers are available as actions in routes.rb
    near line 8
  :sha1: 81887a2fb6efaa9dae59425ce7537c7905516ed0
  :author: Ryo Nakamura
  :email: r7kamura@gmail.com
  :modified_at: 1357783853
- :service: rails_best_practices
  :line: 9
  :path: config/routes.rb
  :message: ! 'restrict auto-generated routes examples (only: [])'
  :sha1: 81887a2fb6efaa9dae59425ce7537c7905516ed0
  :author: Ryo Nakamura
  :email: r7kamura@gmail.com
  :modified_at: 1357783853

$ code_hunter --application-path /path/to/rails/root --format json
...
...
[{"service":"brakeman","line":8,"path":"config/routes.rb","message":"All public methods in controllers are available as actions in routes.rb near line 8","sha1":"81887a2fb6efaa9dae59425ce7537c7905516ed0","author":"Ryo Nakamura","email":"r7kamura@gmail.com","modified_at":1357783853},{"service":"rails_best_practices","line":9,"path":"config/routes.rb","message":"restrict auto-generated routes examples (only: [])","sha1":"81887a2fb6efaa9dae59425ce7537c7905516ed0","author":"Ryo Nakamura","email":"r7kamura@gmail.com","modified_at":1357783853}]

Ignore

If you want to ignore some warnings, write # ignore annotation as code comment.
If the detected line hits /#\s*ignore/i, it is ignored.

dangerous_but_necessary_code # ignore
dangerous_but_necessary_code # IGNORE
dangerous_but_necessary_code # Ignore for some reason

Requirements

  • Ruby >= 1.9