Brakeman vs Codegrip: What are the differences?
What is Brakeman? A static analysis security vulnerability scanner for Ruby on Rails applications. Free static analysis security tool for Ruby on Rails. Zero-setup security scans for Rails applications based on source code analysis.
What is Codegrip? Automated Code Review Tool. It is an automated SaaS platform that helps developers to save time in code reviews and to tackle technical debt efficiently. It makes code review easier, instant, secure and cost friendly.
Brakeman and Codegrip can be categorized as "Code Review" tools.
Brakeman is an open source tool with 5.65K GitHub stars and 590 GitHub forks. Here's a link to Brakeman's open source repository on GitHub.
What is Brakeman?
What is Codegrip?
Need advice about which tool to choose?Ask the StackShare community!
Why do developers choose Brakeman?
Why do developers choose Codegrip?
What are the cons of using Brakeman?
What are the cons of using Codegrip?
What companies use Codegrip?
Sign up to get full access to all the companiesMake informed product decisions
Sign up to get full access to all the tool integrationsMake informed product decisions
The continuous integration process for our Rails backend app starts by opening a GitHub pull request. This triggers a CircleCI build and some Code Climate checks.
The CircleCI build is a workflow that runs the following jobs:
- check for security vulnerabilities with Brakeman
- check code quality with RuboCop
- run RSpec tests in parallel with the knapsack gem, and output test coverage reports with the simplecov gem
- upload test coverage to Code Climate
Code Climate checks the following:
- code quality metrics like code complexity
- test coverage minimum thresholds
The CircleCI jobs and Code Climate checks above have corresponding GitHub status checks.
Once all the mandatory GitHub checks pass and the code+functionality have been reviewed, developers can merge their pull request into our Git
master branch. Code is then ready to deploy!