RubygemsResearch

Sha256: 272b5c0318b52d41ed6f327cc8d9fb5ed1bbc6351ad7d3b343fbb992ce036076

Contents?: true

Size: 1.32 KB

Versions: 20

Compression:

Stored size: 1.32 KB

# This workflow integrates Brakeman with GitHub's Code Scanning feature
# Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications

name: Brakeman Scan

# This section configures the trigger for the workflow. Feel free to customize depending on your convention
on:
  push:
    branches: [ "master", "main" ]
  pull_request:
    branches: [ "master", "main" ]

jobs:
  brakeman-scan:
    name: Brakeman Scan
    runs-on: ubuntu-latest
    steps:
    # Checkout the repository to the GitHub Actions runner
    - name: Checkout
      uses: actions/checkout@v2

    # Customize the ruby version depending on your needs
    - name: Setup Ruby
      uses: actions/setup-ruby@v1
      with:
        ruby-version: '2.7'

    - name: Setup Brakeman
      env:
        BRAKEMAN_VERSION: '4.10' # SARIF support is provided in Brakeman version 4.10+
      run: |
        gem install brakeman --version $BRAKEMAN_VERSION

    # Execute Brakeman CLI and generate a SARIF output with the security issues identified during the analysis
    - name: Scan
      continue-on-error: true
      run: |
        brakeman -f sarif -o output.sarif.json .

    # Upload the SARIF file generated in the previous step
    - name: Upload SARIF
      uses: github/codeql-action/upload-sarif@v1
      with:
        sarif_file: output.sarif.json

Version data entries

20 entries across 20 versions & 1 rubygems

Version	Path
devise_masquerade-2.1.3	.github/workflows/brakeman-analysis.yml
devise_masquerade-2.1.2	.github/workflows/brakeman-analysis.yml
devise_masquerade-2.1.0	.github/workflows/brakeman-analysis.yml
devise_masquerade-2.0.3	.github/workflows/brakeman-analysis.yml
devise_masquerade-2.0.2	.github/workflows/brakeman-analysis.yml
devise_masquerade-2.0.1	.github/workflows/brakeman-analysis.yml
devise_masquerade-2.0.0	.github/workflows/brakeman-analysis.yml
devise_masquerade-1.3.12	.github/workflows/brakeman-analysis.yml
devise_masquerade-1.3.11	.github/workflows/brakeman-analysis.yml
devise_masquerade-1.3.10	.github/workflows/brakeman-analysis.yml
devise_masquerade-1.3.9	.github/workflows/brakeman-analysis.yml
devise_masquerade-1.3.8	.github/workflows/brakeman-analysis.yml
devise_masquerade-1.3.7	.github/workflows/brakeman-analysis.yml
devise_masquerade-1.3.6	.github/workflows/brakeman-analysis.yml
devise_masquerade-1.3.5	.github/workflows/brakeman-analysis.yml
devise_masquerade-1.3.4	.github/workflows/brakeman-analysis.yml
devise_masquerade-1.3.3	.github/workflows/brakeman-analysis.yml
devise_masquerade-1.3.2	.github/workflows/brakeman-analysis.yml
devise_masquerade-1.3.1	.github/workflows/brakeman-analysis.yml
devise_masquerade-1.3.0	.github/workflows/brakeman-analysis.yml