Yeah, it will abort if there's no app directory. Adding an empty app dir will
get you past this, but it won't find anything as it expects a rails-like
structure.
> abort("Please supply the path to a Rails application.") unless app_path and
> File.exist? app_path + "/app"
If you move (or symlink) the structure, you should be able to scan.
On Friday, May 11, 2012 at 11:05 AM, Michael McCabe wrote:
> Yes, it's giving me that message.
>
> On Fri, May 11, 2012 at 2:01 PM, Neil Matatall <[email protected]
> (mailto:[email protected])> wrote:
> > YMMV but I've run brakeman against a sinatra app and it was able to find
> > some SQL/command injection, but the results are likely far from complete.
> > You can always specify which tests to run via the -t (or conversely -x)
> > with a list of test names to include or exclude. If it's just a straight
> > API application, brakeman doesn't need to trace any paths, so the
> > controller level tests may suffice (assuming you still follow the
> > app/controllers convention).
> >
> > Are you getting the "please supply a path to a rails app" message?
> >
> > Neil Matatall
> > @nilematotle
> > 714-488-8893 (tel:714-488-8893)
> >
> >
> >
> > On Friday, May 11, 2012 at 10:55 AM, Michael McCabe wrote:
> >
> > >
> > > We have an app that we would like to test with Brakeman but it's not a
> > > full Rails app only an API written in Ruby. Is there a way to force
> > > Brakeman to scan the app and maybe only run certain tests?
> > >
> > > Thanks.
> >
>
