Running Brakeman

Brakeman is a Rails Security Scanner. To be exact, it is a “static analysis security scanner for Ruby on Rails”. Amongst others, it covers the OWASP Ruby on Rails Cheatsheet

my unix commands to run brakeman:

sudo gem install brakeman
brakeman

cd ~/github/arvados/apps/workbench
brakeman -o /tmp/workbench-report.html
cd ../../services/api
brakeman -o /tmp/api-report.html

The scanner found a couple of interesting issues:

• see Arvados API report
• see Arvados Workbench report