diff --git a/railties/lib/rails/generators/app_base.rb b/railties/lib/rails/generators/app_base.rb index e4e14406d6fe1..ef2ca10aacbed 100644 --- a/railties/lib/rails/generators/app_base.rb +++ b/railties/lib/rails/generators/app_base.rb @@ -103,6 +103,9 @@ def self.add_shared_options_for(name) class_option :skip_rubocop, type: :boolean, default: nil, desc: "Skip RuboCop setup" + class_option :skip_brakeman, type: :boolean, default: nil, + desc: "Skip brakeman setup" + class_option :dev, type: :boolean, default: nil, desc: "Set up the #{name} with Gemfile pointing to your Rails checkout" @@ -386,6 +389,9 @@ def skip_rubocop? options[:skip_rubocop] end + def skip_brakeman? + options[:skip_brakeman] + end class GemfileEntry < Struct.new(:name, :version, :comment, :options, :commented_out) def initialize(name, version, comment, options = {}, commented_out = false) diff --git a/railties/lib/rails/generators/rails/app/templates/Gemfile.tt b/railties/lib/rails/generators/rails/app/templates/Gemfile.tt index fe5bc553c5519..4b1a5f744146e 100644 --- a/railties/lib/rails/generators/rails/app/templates/Gemfile.tt +++ b/railties/lib/rails/generators/rails/app/templates/Gemfile.tt @@ -40,6 +40,11 @@ end <% end -%> group :development do +<%- unless options.skip_brakeman? -%> + # Analyze code for Security Vulnerabilities [https://brakemanscanner.org/] + gem "brakeman", require: false + +<%- end -%> <%- unless options.skip_rubocop? -%> # Omakase Ruby styling [https://github.com/rails/rubocop-rails-omakase/] gem "rubocop-rails-omakase", require: false diff --git a/railties/lib/rails/generators/rails/app/templates/bin/brakeman.tt b/railties/lib/rails/generators/rails/app/templates/bin/brakeman.tt new file mode 100644 index 0000000000000..a993625e04e15 --- /dev/null +++ b/railties/lib/rails/generators/rails/app/templates/bin/brakeman.tt @@ -0,0 +1,4 @@ +require "rubygems" +require "bundler/setup" + +load Gem.bin_path("brakeman", "brakeman")