2 Installing the Tools
This is the second page of the wiki, and will deal with the installation of tools for running code analysis.
This page has been written at the "highly technical manager" level, with the assumptions that they
- "know what Github is"
- "know what code is"
The assumption is that they additionally have
- "a copy of Github Desktop"
- "an updated version of ruby"
- "know how to open their local Terminal in their MacBook and install / execute command-line software"
- "an understanding of basic Linux functions / how to navigate folders"
If the previous does not sound like you, maybe you should head to the "Getting Started" page
Care will be taken to provide "plain English" documentation, but without using excessive "nerd English". Pictures will only be added for sections that are not showing in the "Getting Started" page.
bundler-audit is a ruby gem designed for "Patch-level verification for Bundler."
- Open the terminal and navigate to the project
- Run the
gem install bundler-auditcommand
Brakeman is an open source static analysis tool which checks Ruby on Rails applications for security vulnerabilities. They have a sexy Pro version that is highly recommended if you do anything relating to Rails that requires high security, but be warned, it costs money.
- Open the terminal and navigate to the project
- Run the
gem install brakemancommand
Rails Best Practices is a code metric tool to check the quality of Rails code.
- Open the terminal and navigate to the project
- Run the
gem install rails_best_practicescommand
Per the installation, you should consider checking out the rails-bestpractices site before running the tool (there is a lot of stuff there that just couldn't be included that may apply to your company's code, and certain sections in this project just aren't picked up by it.)