<p>This pull request adds Brakeman as Static Analysis Security Tool, as well as bundle-audit to check for vulnerable gems.</p>
<p>Documentation:</p>
<ul>
<li>Brakeman: <a href="https://brakemanscanner.org/docs/" rel="nofollow">https://brakemanscanner.org/docs/</a></li>
<li>bundle-audit: <a href="https://www.rubydoc.info/gems/bundler-audit/frames" rel="nofollow">https://www.rubydoc.info/gems/bundler-audit/frames</a></li>
</ul>
<p>Some ideas taken from: <a rel="nofollow" href="https://rietta.com/blog/2017/10/03/automate-security-scans-with-continuous-integration/">https://rietta.com/blog/2017/10/03/automate-security-scans-with-continuous-integration/</a></p>

<hr>

<h4>You can view, comment on, or merge this pull request online at:</h4>
<p>  <a href='https://github.com/openstreetmap/openstreetmap-website/pull/2229'>https://github.com/openstreetmap/openstreetmap-website/pull/2229</a></p>

<h4>Commit Summary</h4>
<ul>
  <li>Add static code checks in Travis CI</li>
</ul>

<h4>File Changes</h4>
<ul>
  <li>
    <strong>M</strong>
    <a href="https://github.com/openstreetmap/openstreetmap-website/pull/2229/files#diff-0">.travis.yml</a>
    (4)
  </li>
  <li>
    <strong>M</strong>
    <a href="https://github.com/openstreetmap/openstreetmap-website/pull/2229/files#diff-1">Gemfile</a>
    (1)
  </li>
  <li>
    <strong>M</strong>
    <a href="https://github.com/openstreetmap/openstreetmap-website/pull/2229/files#diff-2">Gemfile.lock</a>
    (2)
  </li>
</ul>

<h4>Patch Links:</h4>
<ul>
  <li><a href='https://github.com/openstreetmap/openstreetmap-website/pull/2229.patch'>https://github.com/openstreetmap/openstreetmap-website/pull/2229.patch</a></li>
  <li><a href='https://github.com/openstreetmap/openstreetmap-website/pull/2229.diff'>https://github.com/openstreetmap/openstreetmap-website/pull/2229.diff</a></li>
</ul>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/openstreetmap/openstreetmap-website/pull/2229?email_source=notifications&email_token=AAK2OLN3CRA4MXO7RYAL6P3PWGPETA5CNFSM4HN5ECS2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4GUTFEEA">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AAK2OLPUQBT2CKDI6OGFIDTPWGPETANCNFSM4HN5ECSQ">mute the thread</a>.<img src="https://github.com/notifications/beacon/AAK2OLJNNBWMHPZ2PDGSAS3PWGPETA5CNFSM4HN5ECS2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4GUTFEEA.gif" height="1" width="1" alt="" /></p>
<script type="application/ld+json">[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/openstreetmap/openstreetmap-website/pull/2229?email_source=notifications\u0026email_token=AAK2OLN3CRA4MXO7RYAL6P3PWGPETA5CNFSM4HN5ECS2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4GUTFEEA",
"url": "https://github.com/openstreetmap/openstreetmap-website/pull/2229?email_source=notifications\u0026email_token=AAK2OLN3CRA4MXO7RYAL6P3PWGPETA5CNFSM4HN5ECS2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4GUTFEEA",
"name": "View Pull Request"
},
"description": "View this Pull Request on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]</script>