Skip to main content

Code Vulnerability Checks

Published: Dec 15th, 2020

This is part of Joyful Rails, a list of recommendations to make developing your Rails app more productive and joyful.

In this article, we are talking about checking for code vulnerabilities.


You should check for code vulnerabilities before creating a production environment.


As soon as you make your application available on the Internet, if there is a vulnerability in your code, it is possible that that vulnerability could be used to compromise your application.


Use Brakeman for code analysis to catch potential security vulnerabilities.

To install, add gem 'brakeman' to the development section of your Gemfile and run bundle.

To run use the command brakeman.

Fix any issues Brakeman finds.


Brakeman checks for a lot of common errors that create security vulnerabilities. Of course, it cannot catch all security issues. Be careful out there.