Yu-Chieh’s Blog (Y.C. Chang)

Ruby on Rails / Rubygems / FullStack / Git / Mac notes.

RubyGems: Brakeman and Rails_best_practices

brakeman : Ruby on Rails 專案安全性檢測工具

Brakeman is an open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development.

rails_best_practices : Ruby on Rails 專案程式碼品質評測工具

rails_best_practices is a code metric tool to check the quality of rails codes.

installation (add those gems to your Gemfile)

1
2
3
4
5
6

group :development do
  gem "brakeman", require: false
  gem "rails_best_practices", require: false
end

# require: false => means that we don't want to run that gem when start rails server

usage (recommand using those tools before each commit)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

$ brakeman
# report screenshot
+SUMMARY+

+-------------------+-------+
| Scanned/Reported  | Total |
+-------------------+-------+
| Controllers       | 2     |
| Models            | 5     |
| Templates         | 6     |
| Errors            | 0     |
| Security Warnings | 0 (0) |
+-------------------+-------+

$ rails_best_practices
# report screenshot
Source Codes: |======================================================================================================================================|
rails_app/db/schema.rb:34 - always add db index (recipes => [food_type_id])
rails_app/db/schema.rb:34 - always add db index (recipes => [food_preference_id])
rails_app/db/schema.rb:34 - always add db index (recipes => [cuisine_id])
rails_app/app/views/recipes/index.html.erb:24 - law of demeter
rails_app/app/views/recipes/index.html.erb:25 - law of demeter
rails_app/app/views/recipes/index.html.erb:26 - law of demeter
rails_app/app/helpers/recipes_helper.rb:1 - remove empty helpers
rails_app/app/models/recipe.rb:8 - remove unused methods (Recipe#food_type_of)
rails_app/app/models/recipe.rb:9 - remove unused methods (Recipe#food_preference_of)
rails_app/app/models/recipe.rb:10 - remove unused methods (Recipe#cuisine_of)
rails_app/app/views/recipes/_form.html.erb:1 - replace instance variable with local variable
rails_app/app/views/recipes/_form.html.erb:2 - replace instance variable with local variable
rails_app/app/views/recipes/_form.html.erb:4 - replace instance variable with local variable
rails_app/app/views/recipes/_form.html.erb:7 - replace instance variable with local variable
rails_app/app/models/recipe.rb:8 - remove trailing whitespace

[reference]

http://brakemanscanner.org
http://rails101s.logdown.com/posts/247140-20-1-0-create-a-rails-project
https://github.com/railsbp/rails_best_practices

Comments