Squashing Security Bugs with Rubocop
Offered By: Ruby Central via YouTube
Course Description
Overview
Explore how to leverage Rubocop for detecting and preventing security vulnerabilities in Ruby code in this 27-minute conference talk from RubyConf 2021. Discover the process of using Abstract Syntax Trees and Node Patterns to identify security antipatterns, with a focus on Rails applications. Learn to create custom Rubocop cops for automated security checks, prioritize developer experience, and effectively manage offenses. Gain insights into Betterment's approach to integrating security practices into their development workflow, and understand how to implement similar strategies to enhance code quality and security in your own Ruby projects.
Syllabus
Introduction
What is State Analysis? ?
Abstract Syntax Trees
Node Pattern and def_node_matcher
Breaking it Down
What are security antipatterns?
A Rails Antipattern
Let's Build a Cop
Developer Experience?
Prioritizing Developer Experience
Dealing with Offenses
Keeping it Simple
Taught by
Ruby Central
Related Courses
Pattern-Oriented Software Architectures: Programming Mobile Services for Android Handheld SystemsVanderbilt University via Coursera Engineering Maintainable Android Apps
Vanderbilt University via Coursera Software Design as an Element of the Software Development Lifecycle
University of Colorado System via Coursera Secure Software Development
Pluralsight Secure Software Concepts for CSSLPĀ®
Pluralsight