Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Update README

  • Loading branch information...
commit c542fa3ad200b4c9e4d331fd2190f04397bb25ab 1 parent 186834d
@presidentbeef presidentbeef authored
Showing with 4 additions and 4 deletions.
  1. +4 −4 README.md
View
8 README.md
@@ -2,7 +2,7 @@
Brakeman is a static analysis tool which checks Ruby on Rails applications for security vulnerabilities.
-It targets Rails versions > 2.0 and < 3.0.
+It targets Rails versions > 2.0 with experimental support for Rails 3.x
# Installation
@@ -25,7 +25,7 @@ To specify an output file for the results:
brakeman -o output_file app_path
-The output format is determined by the file extension or by using the `-f` option. Current options are: `text`, `html`, and `csv`.
+The output format is determined by the file extension or by using the `-f` option. Current options are: `text`, `html`, `csv`, and `tabs`.
To suppress informational warnings and just output the report:
@@ -51,7 +51,7 @@ To indicate certain methods are "safe":
brakeman -s benign_method,totally_safe app_path
-By default, brakeman will assume that unknown methods involving untrusted data are dangerous. For example, this would a warning:
+By default, brakeman will assume that unknown methods involving untrusted data are dangerous. For example, this would cause a warning (Rails 2):
<%= some_method(:option => params[:input]) %>
@@ -81,7 +81,7 @@ To only get warnings above a given confidence level:
brakeman -w3 app_path
-The `-w` switch takes a number from 1 to 3, with 1 being low (all warnings) and 3 being high (only high confidence warnings).
+The `-w` switch takes a number from 1 to 3, with 1 being low (all warnings) and 3 being high (only highest confidence warnings).
# Configuration files
Please sign in to comment.
Something went wrong with that request. Please try again.