32 lines
1.0 KiB
Ruby
32 lines
1.0 KiB
Ruby
namespace :security do
|
|
desc "Run all security checks (brakeman + bundler-audit)"
|
|
task all: :environment do
|
|
Rake::Task["security:brakeman"].invoke
|
|
Rake::Task["security:bundler_audit"].invoke
|
|
end
|
|
|
|
desc "Run Brakeman static security scanner"
|
|
task brakeman: :environment do
|
|
puts "Running Brakeman security scanner..."
|
|
system("bin/brakeman --no-pager") || abort("Brakeman found security issues!")
|
|
end
|
|
|
|
desc "Run bundler-audit to check for vulnerable dependencies"
|
|
task bundler_audit: :environment do
|
|
puts "Running bundler-audit..."
|
|
system("bin/bundler-audit check --update") || abort("bundler-audit found vulnerable dependencies!")
|
|
end
|
|
|
|
desc "Generate code coverage report (requires tests to be run with COVERAGE=1)"
|
|
task :coverage do
|
|
puts "Running tests with coverage..."
|
|
ENV["COVERAGE"] = "1"
|
|
system("bin/rails test") || abort("Tests failed!")
|
|
puts "\nCoverage report generated at coverage/index.html"
|
|
end
|
|
end
|
|
|
|
# Alias for convenience
|
|
desc "Run all security checks"
|
|
task security: "security:all"
|