-
Notifications
You must be signed in to change notification settings - Fork 726
Desired Features
a.k.a. "TODO List"
Document How to Create Checks
Put up a guide for how to add checks to Brakeman.
Check for Symbol Creation
Look for parameters being turned into symbols (potential memory DOS kind of vulnerability).
Test Suite
Brakeman needs tests. It is scary to make changes without them.
PDF Support
Should not be too difficult.
Document How to Create Custom Reports
Maybe there needs to be a better architecture for this, too.
Add Support For Ignoring Specified Model Methods
Currently, the methods average, count, maximum, minimum, and sum are not considered model attributes when checking for cross site scripting. Allow the user to add methods to that list.
Support Comparing Reports
For example, if Brakeman is run as a commit hook or a nightly cron job, have it be able to know if there have been any changes in the report.