Skip to main content
CodeRabbit home page
Search...
⌘K
Sign up
Sign up
Search...
Navigation
Supported tools
Brakeman
Documentation
Blog
Changelog
Discord
Get started
Introduction
Quickstart
Add CodeRabbit to your repository
Overview
Supported Git platforms
Add organizations
Set permissions
Review pull requests
Overview
Manage code reviews
Agentic Pre-merge checks
Finishing touches
Issues
Reports
IDE extensions
Review local changes
Install the VSCode extension
Use the VSCode extension
Use with self-hosted CodeRabbit
Configure the VSCode extension
Uninstall the VSCode extension
CLI
Overview
Claude Code integration
Cursor integration
Codex integration
Gemini integration
WSL on Windows
Configure
Overview
Organization preferences
Repository preferences
Configuration via YAML File
Central configuration
Knowledge base
Integrate MCP servers
Review instructions
Username-based PR review control
Linters & security analysis tools
Manage your account
Manage your subscription
Role-based access
Resources
Configuration reference
Code review commands
Tools Reference
YAML validator
API reference
Supported tools
List of supported tools
actionlint
ast-grep
Biome
Brakeman
Buf
Checkmake
Checkov
CircleCI
Clippy
Clang-Tidy
Cppcheck
detekt
Dotenv Linter
ESLint
Flake8
Gitleaks
golangci-lint
Hadolint
HTMLHint
LanguageTool
Luacheck
markdownlint
OSV-Scanner
Oxlint
PHPCS
PHPMD
PHPStan
Pipeline Failure Remediation
PMD
Prisma Lint
Pylint
Regal
RuboCop
Ruff
Semgrep
ShellCheck
Shopify CLI
SQLFluff
SwiftLint
Caching
FAQs
Early Access Program
On this page
Supported Files
When we skip Brakeman
Features
Links
Supported tools
Brakeman
Copy page
CodeRabbit’s guide to Brakeman.
Copy page
Brakeman
is a static analysis tool which checks Ruby on Rails applications for security vulnerabilities. It scans your application’s code for potential security issues and provides detailed reports about any vulnerabilities it finds.
Supported Files
Brakeman will run on files with the following extensions:
Gemfile
*.rb
*.erb
When we skip Brakeman
CodeRabbit will skip running Brakeman when:
No Rails files are found in the pull request.
Brakeman is already running in GitHub workflows.
Features
Brakeman can detect many critical vulnerabilities such as:
SQL injection
Cross-site scripting (XSS)
Mass assignment
Remote code execution
And many more security vulnerabilities
Out of date package versions
Etc
Links
Brakeman Official Website
Brakeman GitHub Repository
Brakeman Documentation
Warning Types
Was this page helpful?
Yes
No
Biome
Buf
⌘I
