rails_app_generator 0.2.30 → 0.2.31

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 72f1f3e53325e37778539aaed03998f681b4e181362bbcf445c497337cfae663
-  data.tar.gz: 2ee7326e78b08012f18d660d94327a1b564ea9e4a94683d05c3845f4bea4ebaa
+  metadata.gz: 15c23f59cc83f0c3dd3ff9cabeef80af80d2a14bd18d8d890dbb100640bab22a
+  data.tar.gz: 8acba70cf8a79185c8395f96762caa575968fb3521967ca4d1e80f282014d816
 SHA512:
-  metadata.gz: 3b879b3359b768aa7572df16f9c3cca82546e2045c33fe7b3c5f9ee7f0db83ee1c19f3ebdf1a1546d090f66a7af4ab178e0ce5a4bbe5c48889605f0a97bd063e
-  data.tar.gz: '09e9bf15c218592f1f1e8a134aaade78f55b02e7ba048cb0bc87ae25ca163fc28ac623d3b130d7455a8dd5e723326807d9eb6ea91593cd3d6f3687e9779e7eec'
+  metadata.gz: 137bc8d24086e7914baf7f332c7a1ff6bf7db9845771b007e545e9882895c886a1379da9f97fd5156a07902bf849ca2bac720cc981843cabba032107e8588714
+  data.tar.gz: 8856d3e93f801687e6c9f3ec5a7581387c1109cfa224b3db479587527ec209ca09c2220b54a960ab29108c5fc6372aaad0c7eda71eed6761eaf876e51150f47d

data/CHANGELOG.md

@@ -1,3 +1,10 @@
+## [0.2.30](https://github.com/klueless-io/rails_app_generator/compare/v0.2.29...v0.2.30) (2022-08-19)
+
+
+### Bug Fixes
+
+* add brakeman addon ([1dcc1c2](https://github.com/klueless-io/rails_app_generator/commit/1dcc1c2b904d35f557daa688111baeaa0fa71495))
+
 ## [0.2.29](https://github.com/klueless-io/rails_app_generator/compare/v0.2.28...v0.2.29) (2022-08-19)
 
 

data/after_templates/addons/brakeman/_.rb

@@ -0,0 +1,70 @@
+# frozen_string_literal: true
+
+# Description goes here
+#
+# exe/rag addons/brakeman
+
+self.local_template_path = File.dirname(__FILE__)
+
+gac 'base rails 7 image created'
+
+prepare_environment
+
+after_bundle do
+  scaffolds
+  setup_customizations
+  setup_db
+end
+
+def scaffolds
+  add_scaffold('post', 'title', 'body:text')
+  # add_scaffold('people', 'first_name', 'last_name', 'age:integer', 'address:text')
+  # add_scaffold('product', 'name', 'price:integer')
+end
+
+def setup_customizations
+  route("root 'home#index'")
+
+  force_copy
+  
+  add_controller('home', 'index', 'examples', 'output')
+  
+  directory "app/controllers"
+  directory "app/models"
+  directory "app/views"
+  template  'app/views/layouts/application.html.erb'        , 'app/views/layouts/application.html.erb'
+end
+
+def setup_db
+  template  'db/seeds.rb'                                   , 'db/seeds.rb'
+
+  db_migrate
+  db_seed
+end
+
+# Other template command examples
+# prepare_environment
+# bundle_install
+# css_install('tailwind')
+# rails_command('db:migrate')
+# rails_command('db:migrate')
+# bundle_add('hotwire-rails')
+# rails_command('hotwire:install')
+# run('bin/importmap pin sortablejs')
+# run('npm install daisyui')
+# rubocop
+#
+# directory         'app/assets/images'
+# create_file       'app/assets/stylesheets/custom-bootstrap-import.scss' , read_template('custom-bootstrap-import.scss')
+# append_to_file    'app/assets/config/manifest.js'                       , read_template('manifest.js')
+# insert_into_file  'app/views/layouts/application.html.erb', read_template('application.html.erb'),
+#     before: %(    <%= javascript_include_tag "application", "data-turbo-track": "reload", defer: true %>)
+# gsub_file         'app/views/layouts/application.html.erb', %(container mx-auto mt-28 px-5 flex), 'container mx-auto px-5'
+# template 'home.css', 'app/assets/stylesheets/home.css'
+#
+# add_controller('page', 'benefits', 'faq', 'terms', 'privacy', '--skip-routes')
+# route(<<-'RUBY')
+# PageController.action_methods.each do |action|
+#   get "/#{action}", to: "page##{action}", as: "page_#{action}"
+# end
+# RUBY

data/after_templates/addons/brakeman/app/controllers/home_controller.rb

@@ -0,0 +1,16 @@
+class HomeController < ApplicationController
+  def index
+    xmen_or_avengers = params[:xmen_or_avengers] || 'xmen'
+    puts send(xmen_or_avengers.to_sym)
+  end
+
+  private
+
+  def xmen
+    'Wolverine'
+  end
+
+  def avengers
+    'Captain America'
+  end
+end

data/after_templates/addons/brakeman/app/controllers/posts_controller.rb

@@ -0,0 +1,65 @@
+class PostsController < ApplicationController
+  before_action :set_post, only: %i[ show edit update destroy ]
+
+  def index
+    @posts = Post.all
+  end
+
+  # Dangerous Evaluation - User input in an eval statement is VERY dangerous
+  def show
+    message = params[:message] || 'hello world'
+
+    eval("echo '#{message}'")
+  end
+
+  def new
+    @post = Post.new
+  end
+
+  def edit
+  end
+
+  def create
+    @post = Post.new(post_params)
+
+    respond_to do |format|
+      if @post.save
+        format.html { redirect_to post_url(@post), notice: "Post was successfully created." }
+        format.json { render :show, status: :created, location: @post }
+      else
+        format.html { render :new, status: :unprocessable_entity }
+        format.json { render json: @post.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  def update
+    respond_to do |format|
+      if @post.update(post_params)
+        format.html { redirect_to post_url(@post), notice: "Post was successfully updated." }
+        format.json { render :show, status: :ok, location: @post }
+      else
+        format.html { render :edit, status: :unprocessable_entity }
+        format.json { render json: @post.errors, status: :unprocessable_entity }
+      end
+    end
+  end
+
+  def destroy
+    @post.destroy
+
+    respond_to do |format|
+      format.html { redirect_to posts_url, notice: "Post was successfully destroyed." }
+      format.json { head :no_content }
+    end
+  end
+
+  private
+    def set_post
+      @post = Post.find(params[:id])
+    end
+
+    def post_params
+      params.require(:post).permit(:title, :body)
+    end
+end

data/after_templates/addons/brakeman/app/views/home/examples.html.erb

@@ -0,0 +1,43 @@
+<h1>Brakeman</h1>
+
+<h2>Examples</h2>
+
+<p>Run the brakeman command from the root of your rails application</p>
+
+<pre><code>brakeman</code></pre>
+
+<h2>Example code that fails analysis</h2>
+
+<h3>Dangerous Evaluation - User input in an eval statement is VERY dangerous</h3>
+
+<code>app/controllers/posts_controller.rb</code>
+
+<pre><code>  def show
+    message = params[:message] || 'hello world'
+
+    eval("echo '#{message}'")
+  end
+</code></pre>
+
+
+<h3>Dangerous Send - Using unfiltered user data to select a Class or Method to be dynamically sent is dangerous.</h3>
+
+<code>app/controllers/home_controller.rb</code>
+
+<pre><code>class HomeController < ApplicationController
+  def index
+    xmen_or_avengers = params[:xmen_or_avengers] || 'xmen'
+    puts send(xmen_or_avengers.to_sym)
+  end
+
+  private
+
+  def xmen
+    'Wolverine'
+  end
+
+  def avengers
+    'Captain America'
+  end
+end
+</code></pre>

data/after_templates/addons/brakeman/app/views/home/index.html.erb

@@ -0,0 +1,93 @@
+<h1>Brakeman</h1>
+
+<h2>Usage</h2>
+
+<p>Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications</p>
+
+<pre>
+<code>
+Usage: brakeman [options] rails/root/path
+    -n, --no-threads                  Run checks and file parsing sequentially
+        --[no-]progress               Show progress reports
+    -p, --path PATH                   Specify path to Rails application
+    -q, --[no-]quiet                  Suppress informational messages
+    -z, --[no-]exit-on-warn           Exit code is non-zero if warnings found (Default)
+        --[no-]exit-on-error          Exit code is non-zero if errors raised (Default)
+        --ensure-latest               Fail when Brakeman is outdated
+        --ensure-ignore-notes         Fail when an ignored warnings does not include a note
+    -3, --rails3                      Force Rails 3 mode
+    -4, --rails4                      Force Rails 4 mode
+    -5, --rails5                      Force Rails 5 mode
+    -6, --rails6                      Force Rails 6 mode
+    -7, --rails7                      Force Rails 7 mode
+
+Scanning options:
+    -A, --run-all-checks              Run all default and optional checks
+    -a, --[no-]assume-routes          Assume all controller methods are actions (Default)
+    -e, --escape-html                 Escape HTML by default
+        --faster                      Faster, but less accurate scan
+        --ignore-model-output         Consider model attributes XSS-safe
+        --ignore-protected            Consider models with attr_protected safe
+        --[no-]index-libs             Add libraries to call index (Default)
+        --interprocedural             Process method calls to known methods
+        --no-branching                Disable flow sensitivity on conditionals
+        --branch-limit LIMIT          Limit depth of values in branches (-1 for no limit)
+        --parser-timeout SECONDS      Set parse timeout (Default: 10)
+    -r, --report-direct               Only report direct use of untrusted data
+    -s meth1,meth2,etc,               Set methods as safe for unescaped output in views
+        --safe-methods
+        --sql-safe-methods meth1,meth2,etc
+                                      Do not warn of SQL if the input is wrapped in a safe method
+        --url-safe-methods method1,method2,etc
+                                      Do not warn of XSS if the link_to href parameter is wrapped in a safe method
+        --skip-files file1,path2,etc  Skip processing of these files/directories. Directories are application relative and must end in "/"
+        --only-files file1,path2,etc  Process only these files/directories. Directories are application relative and must end in "/"
+        --[no-]skip-vendor            Skip processing vendor directory (Default)
+        --skip-libs                   Skip processing lib directory
+        --add-libs-path path1,path2,etc
+                                      An application relative lib directory (ex. app/mailers) to process
+        --add-engines-path path1,path2,etc
+                                      Include these engines in the scan
+    -E, --enable Check1,Check2,etc    Enable the specified checks
+    -t, --test Check1,Check2,etc      Only run the specified checks
+    -x, --except Check1,Check2,etc    Skip the specified checks
+        --add-checks-path path1,path2,etc
+                                      A directory containing additional out-of-tree checks to run
+
+Output options:
+    -d, --debug                       Lots of output
+    -f, --format TYPE                 Specify output formats. Default is text
+        --css-file CSSFile            Specify CSS to use for HTML output
+    -i, --ignore-config IGNOREFILE    Use configuration to ignore warnings
+    -I, --interactive-ignore          Interactively ignore warnings
+    -l, --[no-]combine-locations      Combine warning locations (Default)
+        --[no-]highlights             Highlight user input in report
+        --[no-]color                  Use ANSI colors in report (Default)
+    -m, --routes                      Report controller information
+        --message-limit LENGTH        Limit message length in HTML report
+        --[no-]pager                  Use pager for output to terminal (Default)
+        --table-width WIDTH           Limit table width in text report
+    -o, --output FILE                 Specify files for output. Defaults to stdout. Multiple '-o's allowed
+        --[no-]separate-models        Warn on each model without attr_accessible (Default)
+        --[no-]summary                Only output summary of warnings
+        --absolute-paths              Output absolute file paths in reports
+        --github-repo USER/REPO[/PATH][@REF]
+                                      Output links to GitHub in markdown and HTML reports using specified repo
+        --text-fields field1,field2,etc.
+                                      Specify fields for text report format
+    -w, --confidence-level LEVEL      Set minimal confidence level (1 - 3)
+        --compare FILE                Compare the results of a previous Brakeman scan (only JSON is supported)
+
+Configuration files:
+    -c, --config-file FILE            Use specified configuration file
+    -C, --create-config [FILE]        Output configuration file based on options
+        --allow-check-paths-in-config
+                                      Allow loading checks from configuration file (Unsafe)
+
+    -k, --checks                      List all available vulnerability checks
+        --optional-checks             List optional checks
+    -v, --version                     Show Brakeman version
+        --force-scan                  Scan application even if rails is not detected
+    -h, --help                        Display this message
+</code>
+</pre>

data/after_templates/addons/brakeman/app/views/home/output.html.erb

@@ -0,0 +1,145 @@
+<h1>Brakeman</h1>
+
+<h2>Output</h2>
+
+<p>Run <code>brakeman</code> against this sample Rails 7 application</p>
+
+<pre>
+<code>brakeman
+Loading scanner...
+Processing application in /Users/davidcruwys/dev/kgems/rails_app_generator/a/addons/r7_brakeman
+Processing gems...
+[Notice] Detected Rails 7 application
+Processing configuration...
+[Notice] Escaping HTML by default
+Parsing files...
+Detecting file types...
+Processing initializers...
+Processing libs...
+Processing routes...
+Processing templates...
+Processing data flow in templates...
+Processing models...
+Processing controllers...
+Processing data flow in controllers...
+Indexing call sites...
+Running checks in parallel...
+ - CheckBasicAuth
+ - CheckBasicAuthTimingAttack
+ - CheckCrossSiteScripting
+ - CheckContentTag
+ - CheckCookieSerialization
+ - CheckCreateWith
+ - CheckCSRFTokenForgeryCVE
+ - CheckDefaultRoutes
+ - CheckDeserialize
+ - CheckDetailedExceptions
+ - CheckDigestDoS
+ - CheckDynamicFinders
+ - CheckEOLRails
+ - CheckEOLRuby
+ - CheckEscapeFunction
+ - CheckEvaluation
+ - CheckExecute
+ - CheckFileAccess
+ - CheckFileDisclosure
+ - CheckFilterSkipping
+ - CheckForgerySetting
+ - CheckHeaderDoS
+ - CheckI18nXSS
+ - CheckJRubyXML
+ - CheckJSONEncoding
+ - CheckJSONEntityEscape
+ - CheckJSONParsing
+ - CheckLinkTo
+ - CheckLinkToHref
+ - CheckMailTo
+ - CheckMassAssignment
+ - CheckMimeTypeDoS
+ - CheckModelAttrAccessible
+ - CheckModelAttributes
+ - CheckModelSerialize
+ - CheckNestedAttributes
+ - CheckNestedAttributesBypass
+ - CheckNumberToCurrency
+ - CheckPageCachingCVE
+ - CheckPermitAttributes
+ - CheckQuoteTableName
+ - CheckRedirect
+ - CheckRegexDoS
+ - CheckRender
+ - CheckRenderDoS
+ - CheckRenderInline
+ - CheckResponseSplitting
+ - CheckRouteDoS
+ - CheckSafeBufferManipulation
+ - CheckSanitizeConfigCve
+ - CheckSanitizeMethods
+ - CheckSelectTag
+ - CheckSelectVulnerability
+ - CheckSend
+ - CheckSendFile
+ - CheckSessionManipulation
+ - CheckSessionSettings
+ - CheckSimpleFormat
+ - CheckSingleQuotes
+ - CheckSkipBeforeFilter
+ - CheckSprocketsPathTraversal
+ - CheckSQL
+ - CheckSQLCVEs
+ - CheckSSLVerify
+ - CheckStripTags
+ - CheckSymbolDoSCVE
+ - CheckTemplateInjection
+ - CheckTranslateBug
+ - CheckUnsafeReflection
+ - CheckUnsafeReflectionMethods
+ - CheckValidationRegex
+ - CheckVerbConfusion
+ - CheckWithoutProtection
+ - CheckXMLDoS
+ - CheckYAMLParsing
+Checks finished, collecting results...
+Generating report...
+
+== Brakeman Report ==
+
+Application Path: /Users/davidcruwys/dev/kgems/rails_app_generator/a/addons/r7_brakeman
+Rails Version: 7.0.3.1
+Brakeman Version: 5.3.1
+Scan Date: 2022-08-19 14:19:28 +1000
+Duration: 0.228864 seconds
+Checks Run: BasicAuth, BasicAuthTimingAttack, CSRFTokenForgeryCVE, ContentTag, CookieSerialization, CreateWith, CrossSiteScripting, DefaultRoutes, Deserialize, DetailedExceptions, DigestDoS, DynamicFinders, EOLRails, EOLRuby, EscapeFunction, Evaluation, Execute, FileAccess, FileDisclosure, FilterSkipping, ForgerySetting, HeaderDoS, I18nXSS, JRubyXML, JSONEncoding, JSONEntityEscape, JSONParsing, LinkTo, LinkToHref, MailTo, MassAssignment, MimeTypeDoS, ModelAttrAccessible, ModelAttributes, ModelSerialize, NestedAttributes, NestedAttributesBypass, NumberToCurrency, PageCachingCVE, PermitAttributes, QuoteTableName, Redirect, RegexDoS, Render, RenderDoS, RenderInline, ResponseSplitting, RouteDoS, SQL, SQLCVEs, SSLVerify, SafeBufferManipulation, SanitizeConfigCve, SanitizeMethods, SelectTag, SelectVulnerability, Send, SendFile, SessionManipulation, SessionSettings, SimpleFormat, SingleQuotes, SkipBeforeFilter, SprocketsPathTraversal, StripTags, SymbolDoSCVE, TemplateInjection, TranslateBug, UnsafeReflection, UnsafeReflectionMethods, ValidationRegex, VerbConfusion, WithoutProtection, XMLDoS, YAMLParsing
+
+== Overview ==
+
+Controllers: 3
+Models: 2
+Templates: 13
+Errors: 0
+Security Warnings: 2
+
+== Warning Types ==
+
+Dangerous Eval: 1
+Dangerous Send: 1
+
+== Warnings ==
+
+Confidence: High
+Category: Dangerous Eval
+Check: Evaluation
+Message: User input in eval
+Code: eval("echo '#{(params[:message] or "hello world")}'")
+File: app/controllers/posts_controller.rb
+Line: 12
+
+Confidence: High
+Category: Dangerous Send
+Check: Send
+Message: User controlled method execution
+Code: send((params[:xmen_or_avengers] or "xmen").to_sym)
+File: app/controllers/home_controller.rb
+Line: 4
+</code>
+</pre>

data/after_templates/addons/brakeman/app/views/layouts/_footer.html.erb

@@ -0,0 +1 @@
+<hr />

data/after_templates/addons/brakeman/app/views/layouts/_navbar.html.erb

@@ -0,0 +1,4 @@
+<%= link_to 'Home', root_path %>
+| <%= link_to 'Examples', home_examples_path %>
+| <%= link_to 'Output', home_output_path %>
+<hr />

data/after_templates/addons/brakeman/app/views/layouts/application.html.erb

@@ -0,0 +1,29 @@
+<!DOCTYPE html>
+<html>
+  <head>
+    <title><%= camelized %></title>
+    <meta name="viewport" content="width=device-width,initial-scale=1">
+    <%%= csrf_meta_tags %>
+    <%%= csp_meta_tag %>
+
+    <%- if options[:skip_hotwire] || options[:skip_javascript] -%>
+    <%%= stylesheet_link_tag "application" %>
+    <%- else -%>
+    <%%= stylesheet_link_tag "application", "data-turbo-track": "reload" %>
+    <%- end -%>
+  </head>
+
+  <body>
+    <header>
+      <%%= render 'layouts/navbar' %>
+      <hr />
+    </header>
+    <main>
+      <%%= yield %>
+    </main>
+    <footer>
+      <%%= render 'layouts/footer' %>
+    </footer>
+  </body>
+</html>
+

data/after_templates/addons/brakeman/db/seeds.rb

@@ -0,0 +1,7 @@
+# david = User.create(email: 'david@site.com', name: 'david', password: 'password')
+# james = User.create(email: 'james@site.com', name: 'james', password: 'password')
+# sally = User.create(email: 'sally@site.com', name: 'sally', password: 'password')
+
+# 10.times do |i|
+#   Post.create(title: "Post #{i}", body: "This is the body of post #{i}", user: User.all.sample)
+# end

data/docs/last_run/app_generator_class.json

@@ -45,6 +45,7 @@
     "add_annotate",
     "add_avo",
     "add_bcrypt",
+    "add_brakeman",
     "add_browser",
     "add_chartkick",
     "add_devise",
@@ -385,6 +386,13 @@
       "default": false,
       "required": false
     },
+    {
+      "name": "add_brakeman",
+      "description": "Indicates when to generate add brakeman",
+      "type": "boolean",
+      "default": false,
+      "required": false
+    },
     {
       "name": "add_browser",
       "description": "Indicates when to generate add browser",

data/docs/last_run/app_generator_data.json

@@ -26,21 +26,22 @@
     "main": false,
     "no_rc": false,
     "api": false,
-    "javascript": "esbuild",
+    "javascript": "importmap",
     "skip_bundle": false,
     "note": "",
     "test": "rspec",
     "add_acts_as_list": false,
     "add_administrate": false,
-    "add_annotate": true,
+    "add_annotate": false,
     "add_avo": false,
     "add_bcrypt": false,
+    "add_brakeman": true,
     "add_browser": false,
     "add_chartkick": false,
-    "add_devise": true,
+    "add_devise": false,
     "add_devise_masquerade": false,
     "add_dotenv": false,
-    "add_faker": true,
+    "add_faker": false,
     "add_groupdate": false,
     "add_hexapdf": false,
     "add_httparty": false,
@@ -55,9 +56,9 @@
     "add_public_suffix": false,
     "add_rails_html_sanitizer": false,
     "add_redcarpet": false,
-    "add_rolify": true,
+    "add_rolify": false,
     "add_rubocop": false,
     "add_twilio_ruby": false,
-    "template": "/Users/davidcruwys/dev/kgems/rails_app_generator/after_templates/addons/rolify/_.rb"
+    "template": "/Users/davidcruwys/dev/kgems/rails_app_generator/after_templates/addons/brakeman/_.rb"
   }
 }

data/docs/last_run/rails_options_class.json

@@ -45,6 +45,7 @@
     "add_annotate",
     "add_avo",
     "add_bcrypt",
+    "add_brakeman",
     "add_browser",
     "add_chartkick",
     "add_devise",
@@ -385,6 +386,13 @@
       "default": false,
       "required": false
     },
+    {
+      "name": "add_brakeman",
+      "description": "",
+      "type": "boolean",
+      "default": false,
+      "required": false
+    },
     {
       "name": "add_browser",
       "description": "",

data/docs/last_run/rails_options_data.json

@@ -7,7 +7,7 @@
     "quiet": false,
     "skip": false,
     "ruby": "/Users/davidcruwys/.asdf/installs/ruby/2.7.6/bin/ruby",
-    "template": "/Users/davidcruwys/dev/kgems/rails_app_generator/after_templates/addons/rolify/_.rb",
+    "template": "/Users/davidcruwys/dev/kgems/rails_app_generator/after_templates/addons/brakeman/_.rb",
     "database": "sqlite3",
     "skip_git": true,
     "skip_keeps": false,
@@ -35,22 +35,23 @@
     "version": false,
     "api": false,
     "minimal": false,
-    "javascript": "esbuild",
+    "javascript": "importmap",
     "css": "",
     "skip_bundle": false,
     "note": "",
     "test": "rspec",
     "add_acts_as_list": false,
     "add_administrate": false,
-    "add_annotate": true,
+    "add_annotate": false,
     "add_avo": false,
     "add_bcrypt": false,
+    "add_brakeman": true,
     "add_browser": false,
     "add_chartkick": false,
-    "add_devise": true,
+    "add_devise": false,
     "add_devise_masquerade": false,
     "add_dotenv": false,
-    "add_faker": true,
+    "add_faker": false,
     "add_groupdate": false,
     "add_hexapdf": false,
     "add_httparty": false,
@@ -65,7 +66,7 @@
     "add_public_suffix": false,
     "add_rails_html_sanitizer": false,
     "add_redcarpet": false,
-    "add_rolify": true,
+    "add_rolify": false,
     "add_rubocop": false,
     "add_twilio_ruby": false
   }

data/lib/rails_app_generator/addons/brakeman.rb

@@ -5,7 +5,7 @@ module RailsAppGenerator
   module AddOns
     # Add Brakeman to rails application
     class Brakeman < RailsAppGenerator::Addon
-      required_gem gem.version('brakeman', '5.3.1', 'Brakeman is a  static analysis security vulnerability scanner for Ruby on Rails applications')
+      required_gem gem.version('brakeman', '5.3.1', 'Brakeman is a static analysis security vulnerability scanner for Ruby on Rails applications')
 
       def apply; end
     end

data/lib/rails_app_generator/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module RailsAppGenerator
-  VERSION = '0.2.30'
+  VERSION = '0.2.31'
 end

data/package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "rails_app_generator",
-  "version": "0.2.30",
+  "version": "0.2.31",
   "lockfileVersion": 2,
   "requires": true,
   "packages": {
     "": {
       "name": "rails_app_generator",
-      "version": "0.2.30",
+      "version": "0.2.31",
       "dependencies": {
         "daisyui": "^2.20.0"
       },

data/package.json

@@ -1,6 +1,6 @@
 {
   "name": "rails_app_generator",
-  "version": "0.2.30",
+  "version": "0.2.31",
   "description": "Create new Rails Application with custom opinions",
   "scripts": {
     "release": "semantic-release"

data/profiles/addons/brakeman.json

@@ -0,0 +1,13 @@
+{
+  "args": {
+    "app_path": "r7_brakeman",
+    "destination_root": "/Users/davidcruwys/dev/kgems/rails_app_generator/a/addons"
+  },
+  "opts": {
+    "skip_git": true,
+    "skip_test": true,
+    "add_minimal_css": true,
+    "template": "/Users/davidcruwys/dev/kgems/rails_app_generator/after_templates/addons/brakeman/_.rb",
+    "add_brakeman": true
+  }
+}

data/templates/thor_task/profile/profile.json.tt

@@ -6,6 +6,7 @@
   "opts": {
     "skip_git": true,
     "skip_test": true,
+    "add_minimal_css": true,
     "template": "<%= data.template_file %>",
     "add_<%= data.name_snake %>": true
   }

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rails_app_generator
 version: !ruby/object:Gem::Version
-  version: 0.2.30
+  version: 0.2.31
 platform: ruby
 authors:
 - David Cruwys
@@ -166,7 +166,6 @@ files:
 - ".rspec"
 - ".rubocop.yml"
 - ".vscode/settings.json"
-- '28:'
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - Gemfile
@@ -224,6 +223,16 @@ files:
 - after_templates/addons/bcrypt/app/views/users/_form.html.erb
 - after_templates/addons/bcrypt/app/views/users/_user.html.erb
 - after_templates/addons/bcrypt/db/seeds.rb
+- after_templates/addons/brakeman/_.rb
+- after_templates/addons/brakeman/app/controllers/home_controller.rb
+- after_templates/addons/brakeman/app/controllers/posts_controller.rb
+- after_templates/addons/brakeman/app/views/home/examples.html.erb
+- after_templates/addons/brakeman/app/views/home/index.html.erb
+- after_templates/addons/brakeman/app/views/home/output.html.erb
+- after_templates/addons/brakeman/app/views/layouts/_footer.html.erb
+- after_templates/addons/brakeman/app/views/layouts/_navbar.html.erb
+- after_templates/addons/brakeman/app/views/layouts/application.html.erb
+- after_templates/addons/brakeman/db/seeds.rb
 - after_templates/addons/browser/_.rb
 - after_templates/addons/browser/app/controllers/home_controller.rb
 - after_templates/addons/browser/app/views/home/index.html.erb
@@ -568,7 +577,6 @@ files:
 - after_templates/rag/testy/app/views/layouts/_navbar.html.erb
 - after_templates/rag/testy/app/views/layouts/application.html.erb
 - after_templates/rag/testy/db/seeds.rb
-- app:template
 - bin/console
 - bin/setup
 - docs/images/tailwind.png
@@ -677,6 +685,7 @@ files:
 - profiles/addons/annotate.json
 - profiles/addons/avo.json
 - profiles/addons/bcrypt.json
+- profiles/addons/brakeman.json
 - profiles/addons/browser.json
 - profiles/addons/chartkick.json
 - profiles/addons/devise.json