Hi Benedict,
Unfortunately there is not much in the way of documentation for writing
custom rules. All I can recommend is to look at the existing checks, for
example
https://github.com/presidentbeef/brakeman/blob/master/lib/brakeman/checks/check_evaluation.rb
Yes, there is a way to scan only the new code, but it is not
well-supported. Brakeman must maintain a lot of state in order to do
this, which requires actually keeping a Brakeman process running.
https://github.com/guard/guard-brakeman uses this functionality.
However, if you only need to see which warnings change between scans,
use JSON output and brakeman --compare which will show new/fixed
warnings.
For example:
brakeman -o report.json
brakeman --compare report.json
Hope that helps!
-Justin
On 2014-04-22 12:36, Kwok, Benedict wrote:
> Hi Brakeman,
>
> I am new to Brakeman but I have been using other commercial scanners
> for a while.
>
> Can anyone show me the documentation or way to write custom rules and
> how Brakeman supports delta scan?
>
> What I mean by delta scan is that once we scanned the code for the
> first time, we have new codes coming in and I want to see scan result
> introduced by new codes only. Is that a way to do this?
>
> Thanks!
>
> Regards,
>
> Benedict Kwok
>
> P&I ACES, Code Analysis
