From 7e96d576e8fb008f4a6b35680f6879ae8d2ead70 Mon Sep 17 00:00:00 2001 From: Thomas Leese Date: Tue, 15 Oct 2019 10:48:58 +0100 Subject: [PATCH] Add Brakeman as a dependency This will allow us to use the version of Brakeman specified in the `Gemfile.lock` for the project rather than the version manually installed onto the CI or our local machines. Currently we can't do this because most of our apps don't have Brakeman listed as a dependency. This will make it easier to run Brakeman locally when debugging security issues that get flagged by the tool, but should also make the CI run more reliable as all we need to do is run `bundle exec brakeman` which is easier to understand and less complex than the current method (of manually installing Brakeman first into a directory and running it from there). I'm also hoping this will fix an intermittent problem we have where sometimes Brakeman will fail to run correctly in CI as it hasn't been installed properly. --- govuk_test.gemspec | 1 + 1 file changed, 1 insertion(+) diff --git a/govuk_test.gemspec b/govuk_test.gemspec index b681d50..fa368e9 100644 --- a/govuk_test.gemspec +++ b/govuk_test.gemspec @@ -26,6 +26,7 @@ Gem::Specification.new do |spec| spec.add_dependency "webdrivers", ">= 4" spec.add_dependency "puma" spec.add_dependency "selenium-webdriver", ">= 3.142" + spec.add_dependency "brakeman", "~> 4.6" spec.add_development_dependency "bundler", "~> 1.16" spec.add_development_dependency "rake", "~> 10.0"