1

我正在使用带有 Rails 5 的 MiniTest。当我运行以下命令时,我希望Brakeman在测试运行之前扫描我的应用程序:

bundle exec rake test
4

1 回答 1

1

按照此处的 Rubocop 示例,我将以下任务添加到lib/tasks/test.rake

# Add additional test suite definitions to the default test task here
namespace :test do
  desc 'Runs Brakeman'
  # based on https://brakemanscanner.org/docs/rake/
  task :brakeman, :output_files do |_task, args|
    # To abort on failures, set to true.
    EXIT_ON_FAIL = false

    require 'brakeman'

    files = args[:output_files].split(' ') if args[:output_files]

    # For more options, see source here:
    # https://github.com/presidentbeef/brakeman/blob/master/lib/brakeman.rb#L30
    options = {
      app_path: ".",
      exit_on_error: EXIT_ON_FAIL,
      exit_on_warn: EXIT_ON_FAIL,
      output_files: files,
      print_report: true,
      pager: false,
      summary_only: true
    }

    tracker = Brakeman.run options
    failures = tracker.filtered_warnings + tracker.errors

    # Based on code here:
    # https://github.com/presidentbeef/brakeman/blob/f2376c/lib/brakeman/commandline.rb#L120
    if EXIT_ON_FAIL && failures.any?
      puts 'Brakeman violations found. Aborting now...'
      exit Brakeman::Warnings_Found_Exit_Code unless tracker.filtered_warnings.empty?
      exit Brakeman::Errors_Found_Exit_Code if tracker.errors.any?
    end
  end
end

Rake::Task[:test].enhance ['test:brakeman']

它也可以作为 rake 任务运行:

bundle exec rake test:brakeman
于 2018-05-03T00:39:38.877 回答