Project

rails_code_auditor

0.0
The project is in a healthy, maintained state
rails_code_auditorrailsfactory-sivamanikandan/rails_code_auditorHomepageDocumentationSource CodeBug Tracker
rails_code_auditor is a developer-friendly Ruby gem that automates the process of auditing your Rails codebase. It runs a suite of essential toolsβ€”including Brakeman, Bundler Audit, RuboCop, Rails Best Practices, Flay, Flog, and License Finderβ€”and consolidates all outputs into a single readable report.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
 Popularity
Downloads
540
Stars
1
Forks
0
Watchers
0
 Releases
Current version
0.1.2
Total releases
3
First release
2025-07-24
Latest release
2025-08-08
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2025-07-23
Reverse Dependencies
0

 Dependencies

Runtime

brakeman
~> 6.0
bundler-audit
~> 0.9
combine_pdf
>= 0
fasterer
~> 0.7
flay
~> 2.13.3
flog
~> 4.8
grover
>= 0
gruff
~> 0.21
license_finder
~> 7.0
prawn
~> 2.4
prawn-table
~> 0.2.2
rails_best_practices
~> 1.22
rubocop
~> 1.60
rubycritic
~> 4.9.2
simplecov
~> 0.22
 Project Readme

πŸš€ RailsCodeAuditor

Rails Code Auditor is a Ruby gem that automatically audits your Ruby on Rails applications for security, performance, code quality, and licensing issues.

It integrates popular auditing tools and wraps the results in visually rich HTML and PDF reports. It also leverages LLMs (Ollama with LLaMA 3) to provide intelligent improvement suggestions.

✨ Features (Automated)

βœ… Automatically runs code quality tools:

πŸ“„ Report Generation

  • Automatically generates HTML and PDF reports for each tool
  • Graphical charts using Gruff.
  • Beautiful PDF report generation using Prawn and Prawn::Table.
  • PDF reports use Puppeteer via the grover gem (if available).
  • Automated Report Merging into a single PDF file
  • Organizes all output under the report/ directory

🧠 AI-Powered Code Review

  • Integrates with Ollama using the LLaMA 3 model
  • Summarizes audit findings using LLMs
  • Provides human-like suggestions for improving code structure and test coverage
  • Analyzes both source code and generated reports

πŸ’‘ Fully Automatic

  • One command to run all audits, generate reports, and get AI recommendations β€” no manual steps required

πŸ“¦ Installation

Add this to your application's Gemfile:

gem 'rails_code_auditor'

Then run:

bundle install

πŸš€ Usage

Run the full audit and generate reports:

bundle exec rails_code_auditor

Enable AI code review with Ollama:

bundle exec rails_code_auditor --use-llm

Run with custom endpoint & model

rails_code_auditor --use-llm --llm-endpoint http://localhost:11434/api/generate --llm-model deepseek-coder

Added JSON response

rails_code_auditor --format json --output rails_code_auditor_report.json

Note: By default endpoint: http://localhost:11434/api/generate, model: 'llama3'

🧠 LLM Integration with Ollama

Install Ollama (https://ollama.com/)

Start the LLaMA 3 model locally:

ollama run llama3

Run the gem with --use-llm to get AI-generated insights.

πŸ§ͺ SimpleCov Setup

Ensure simplecov is added to your Gemfile:

gem 'simplecov', require: false

🧰 Puppeteer Setup (Optional)

Install Puppeteer using Yarn or npm:

yarn add puppeteer

PDF report generation will be skipped if Puppeteer isn't installed β€” a warning will be shown, but HTML reports will still be generated.

πŸ“ Output Structure

report/
β”œβ”€β”€ pdf/
β”‚   β”œβ”€β”€ rubycritic.pdf
β”‚   β”œβ”€β”€ rails_best_practices.pdf
β”‚   └── rubocop.pdf (if available)
β”œβ”€β”€ rubycritic/
β”‚   └── index.html
β”œβ”€β”€ rails_best_practices.html
β”œβ”€β”€ rubocop.html
└── coverage/
    └── index.html

πŸ”§ Configuration

You can customize what tools to enable, file paths, and output formats using an initializer or environment flags (coming soon)

πŸ™Œ Contributing

Pull requests are welcome! Please fork the repo and open a PR. For major changes, open an issue first to discuss your proposal.

πŸ“„ License

MIT License Β© 2025 sivamanikandan

πŸ“Œ Coming Soon

  • Report dashboard view in browser
  • GitHub Actions integration
  • Custom LLM model support
---

Let me know if you want:
- Badge support (`Gem`, `License`, `CI`, etc.)
- Project logo or screenshot inclusion
- Interactive web-based report viewing via browser
- A `bin/rails_code_auditor` launcher script

I can generate all of these if needed.