Add pre-push hook for brakeman

[morizyun]

This hook is to run brakeman to check static analysis security vulnerability.
As @ZeroS said in #406, I would like to run the hook to scan all project before git-push.

I am not good at English, but I will always do my best.
If you have any question or advice, please don't hesitate to tell me. 🍻

[sds]

This should be lib/overcommit/hook/pre_push/brakeman.rb as it is a pre-push hook.

[morizyun]

Thanks!!

[sds]

Brakeman operates on more than just Ruby files. It also cares about ERB templates and other code.

It might be worth auditing their codebase to find all the file types and include an exhaustive list here, or we can omit the include option entirely and always run Brakeman on every push.

[morizyun]

That's right. I will omit include option.

[sds]

Thanks for the pull request, @morizyun!

Too small comments which need addressing and this is good to go!

[morizyun]

@sds Thank you very much for your kind comments. I am going to fix them.

[sds]

Merged in b504142. Thanks!

[lfv89]

Hey @sds!

I'm really looking forward to use this, but I don't want to point the gem directly to github. When will this be released to rubygems? Thank you.

[sds]

0.36.0 has been released.

[lfv89]

I'm not able to make it work :-(

I updated overcommit to 0.36.0, added the brakeman gem, configured the .overcommit.yml file, run overcommit --install again but brakeman doesn't run before a git push. Any ideas? Thanks.

[sds]

Hey @lfv89,

Perhaps @morizyun can share his configuration with you to help out. Make sure your configuration is under the PrePush section, and not the PreCommit (which was where Brakeman used to be located).

Otherwise you'll need to include your .overcommit.yml in order for anyone to help.