I'm trying to configure Brakeman for my Rails projects and I want it to ignore certain directories and files. I can't find an option to specify paths to exclude. Does anyone know if this is possible?
You can use the flag (also known as 'option') --skip-files to ignore specific files; however, there is no support for skipping entire directories.
Furthermore, there is the inverse flag --only-files which does accept directories, and there is the option to use --skip-libs to only skip the lib directory.
I recommend that you check the output of brakeman --help for more options.
If you really want to skip an entire directory, you could do something like the following command line.
ls app/some/dir/ | paste -s -d , - | xargs brakeman --skip-files
If you are using Brakeman as a library, then you can pass the files by running :skip_files as follows.
Brakeman.run(:app_path => "my_app", :skip_files => Dir["my_app/bad/path/*"])