From eb7e5b8f2b58a84ea403ddec7230746ecbdf87b1 Mon Sep 17 00:00:00 2001 From: alex Date: Wed, 28 May 2025 16:02:17 -0400 Subject: [PATCH 1/2] adding new tools --- docs/tools/brakeman.md | 40 +++++++++++++++++++++++++++++++++ docs/tools/clippy.md | 50 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 90 insertions(+) create mode 100644 docs/tools/brakeman.md create mode 100644 docs/tools/clippy.md diff --git a/docs/tools/brakeman.md b/docs/tools/brakeman.md new file mode 100644 index 00000000..d9fac002 --- /dev/null +++ b/docs/tools/brakeman.md @@ -0,0 +1,40 @@ +--- +title: Brakeman +sidebar_label: Brakeman +description: CodeRabbit's guide to Brakeman. +--- + +```mdx-code-block +import ProPlanNotice from '@site/src/components/ProPlanNotice.mdx'; + + +``` + +[Brakeman](https://brakemanscanner.org/) is a static analysis tool which checks Ruby on Rails applications for security vulnerabilities. It scans your application's code for potential security issues and provides detailed reports about any vulnerabilities it finds. + +## Supported Files + +Brakeman will run on files with the following extensions: + +- `Gemfile` +- `*.rb` +- `*.erb` + +## Features + +Brakeman can detect many critical vulnerabilities such as: + +- SQL injection +- Cross-site scripting (XSS) +- Mass assignment +- Remote code execution +- And many more security vulnerabilities +- Out of date package versions +- Etc + +## Links + +- [Brakeman Official Website](https://brakemanscanner.org/) +- [Brakeman GitHub Repository](https://github.com/presidentbeef/brakeman) +- [Brakeman Documentation](https://brakemanscanner.org/docs/) +- [Warning Types](https://brakemanscanner.org/docs/warning_types/) diff --git a/docs/tools/clippy.md b/docs/tools/clippy.md new file mode 100644 index 00000000..257af0e3 --- /dev/null +++ b/docs/tools/clippy.md @@ -0,0 +1,50 @@ +--- +title: Clippy +sidebar_label: Clippy +description: CodeRabbit's guide to Clippy. +--- + +```mdx-code-block +import ProPlanNotice from '@site/src/components/ProPlanNotice.mdx'; + + +``` + +[Clippy](https://github.com/rust-lang/rust-clippy) is a collection of lints to catch common mistakes and improve your Rust code. It is the official linter for the Rust programming language. + +## Supported Files + +Clippy will run on files with the following extensions: + +- `*.rs` + +## Configuration + +Clippy supports the following configuration files: + +- `clippy.toml` +- `.clippy.toml` + +:::note + +Clippy does not require configuration to run. If no configuration file is found, it will use default settings. + +A Cargo.toml is required. + +::: + +## Features + +Clippy can detect many code quality issues such as: + +- Style violations +- Common mistakes +- Performance issues +- Deprecated code patterns +- And many more Rust-specific issues + +## Links + +- [Clippy GitHub Repository](https://github.com/rust-lang/rust-clippy) +- [Clippy Documentation](https://rust-lang.github.io/rust-clippy/master/) +- [Available Lints](https://rust-lang.github.io/rust-clippy/master/index.html) From 31d708763f52190a43ceb788a9144b6102db72e7 Mon Sep 17 00:00:00 2001 From: alex Date: Wed, 28 May 2025 16:04:59 -0400 Subject: [PATCH 2/2] add to list and changelog --- docs/changelog.md | 12 ++++++++++++ docs/tools/list.md | 5 ++++- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/docs/changelog.md b/docs/changelog.md index 6a21a8ab..70fdf7db 100644 --- a/docs/changelog.md +++ b/docs/changelog.md @@ -5,6 +5,18 @@ description: The latest updates and changes to CodeRabbit. sidebar_position: 13 --- +## May 25, 2025 + +### New Security and Code Quality Tools + +We're excited to announce the addition of two powerful tools to our static analysis arsenal: + +- **Brakeman**: A static analysis security vulnerability scanner for Ruby on Rails applications. It helps identify security issues in your Ruby codebase by analyzing Gemfile, Ruby files (_.rb), and ERB templates (_.erb). + +- **Clippy**: The official linter for Rust code, helping catch common mistakes and improve your Rust code quality. It analyzes \*.rs files and supports configuration through clippy.toml files. + +Both tools can be configured through their respective config files or through CodeRabbit's settings page. See our [tools documentation](https://docs.coderabbit.ai/tools/) for more details. + ## May 19, 2025 ### Lua Support with Luacheck diff --git a/docs/tools/list.md b/docs/tools/list.md index d85b4c78..b3220568 100644 --- a/docs/tools/list.md +++ b/docs/tools/list.md @@ -35,7 +35,8 @@ For an overview of how CodeRabbit uses these tools when generating code reviews, | Protobuf | [Buf][Buf] | Code Quality | | Python | [Ruff][Ruff] | Code Quality | | Regal | [Regal][Regal] | Code Quality | -| Ruby | [RuboCop][RuboCop] | Code Quality | +| Ruby | [RuboCop][RuboCop], [Brakeman][Brakeman] | Code Quality, Code Security | +| Rust | [Clippy][Clippy] | Code Quality | | Semgrep | [Semgrep][Semgrep] | Code Security | | Shell (sh, bash, ksh, dash) | [ShellCheck][ShellCheck] | Code Quality | | Shopify | [Shopify CLI][ShopifyCLI] | Code Quality | @@ -74,3 +75,5 @@ For an overview of how CodeRabbit uses these tools when generating code reviews, [oxlint]: /tools/oxlint.md [ShopifyCLI]: /tools/shopify-cli.md [Luacheck]: /tools/luacheck.md +[Brakeman]: /tools/brakeman.md +[Clippy]: /tools/clippy.md pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy