rspec-rails VS Brakeman

When starting a Rails project, you have a lot of decisions to make. Whether or not to write tests should not be one of them. The big decision is to use Minitest or Rspec. Both of those testing frameworks are great and provide everything you need to test a Rails application thoroughly.

RSpec

rspec-rails factory_bot_rails faker

Ruby testing with RSpec

After all requests have been added, we need to cover them using request specs to ensure that everything will work as expected in the future as well. To add specs, we will use the rspec-rails gem. Our plan is to cover the 4 HTTP request methods that have been added above:

as a beginner you can skip it, just focus on understanding Rails' philosophy and getting comfortable with it. However, make sure you remember to come back to unit testing later bc it's a mandatory skill for a Rails developer. Unit test can help you understand your project's specs thoroughly (assume its test coverage is more than 90%). I recommend learning RSpec instead of Rails' built-in testing tool (the one being used in the Rails tutorial iirc)

RSpec is a testing framework for Ruby that is widely used in the Ruby on Rails community. It allows developers to write and execute automated tests. RSpec promotes behavior-driven development (BDD) by providing a readable syntax for describing the expected behavior of the application.

This is where rswag comes in. It is an extension to rspec-rails for "describing and testing API operations".

Brakeman - “Brakeman detects security vulnerabilities in Ruby on Rails applications via static analysis”

My team and I released Bearer a couple of weeks ago, a newer open and free alternative to Brakeman to check your code for security and privacy risks. In addition to Ruby/Rails, we also cover your JS/TS code, which allows you to use a single solution for your whole Rails application.

Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications. It finds potential security issues in Rails applications by examining the Ruby code. Brakeman helps find and fix security holes before deploying your Rails app.

brakeman is another useful Ruby gem that is a static analysis security vulnerability scanner for Ruby on Rails applications.

You might find brakeman interesting: https://brakemanscanner.org

It’s assumed that you already have a Rails app and use Brakeman to keep your app secure and Rspec to run your test cases.

Another great lib for this is Brakeman, which can be installed in a very similar process and gives you even more detailed reports:

This is pretty easy to handle. In the case where a splatted array is the only argument to a method, we'll simply use the elements of the array as the argument list. (Check out the pull request here)