Hi Benedict, Unfortunately there is not much in the way of documentation for writing custom rules. All I can recommend is to look at the existing checks, for example https://github.com/presidentbeef/brakeman/blob/master/lib/brakeman/checks/check_evaluation.rb
Yes, there is a way to scan only the new code, but it is not well-supported. Brakeman must maintain a lot of state in order to do this, which requires actually keeping a Brakeman process running. https://github.com/guard/guard-brakeman uses this functionality. However, if you only need to see which warnings change between scans, use JSON output and brakeman --compare which will show new/fixed warnings. For example: brakeman -o report.json brakeman --compare report.json Hope that helps! -Justin On 2014-04-22 12:36, Kwok, Benedict wrote: > Hi Brakeman, > > I am new to Brakeman but I have been using other commercial scanners > for a while. > > Can anyone show me the documentation or way to write custom rules and > how Brakeman supports delta scan? > > What I mean by delta scan is that once we scanned the code for the > first time, we have new codes coming in and I want to see scan result > introduced by new codes only. Is that a way to do this? > > Thanks! > > Regards, > > Benedict Kwok > > P&I ACES, Code Analysis
