Squashing Security Bugs with Rubocop
Offered By: Ruby Central via YouTube
Course Description
Overview
Explore how to leverage Rubocop for detecting and preventing security vulnerabilities in Ruby code in this 27-minute conference talk from RubyConf 2021. Discover the process of using Abstract Syntax Trees and Node Patterns to identify security antipatterns, with a focus on Rails applications. Learn to create custom Rubocop cops for automated security checks, prioritize developer experience, and effectively manage offenses. Gain insights into Betterment's approach to integrating security practices into their development workflow, and understand how to implement similar strategies to enhance code quality and security in your own Ruby projects.
Syllabus
Introduction
What is State Analysis? ?
Abstract Syntax Trees
Node Pattern and def_node_matcher
Breaking it Down
What are security antipatterns?
A Rails Antipattern
Let's Build a Cop
Developer Experience?
Prioritizing Developer Experience
Dealing with Offenses
Keeping it Simple
Taught by
Ruby Central
Related Courses
Performance Does - Not - MatterRuby Central via YouTube Solidarity not Charity and Collective Liberation
Ruby Central via YouTube Eclectics Unite - Leverage Your Diverse Background
Ruby Central via YouTube What Does "High Priority" Mean? The Secret to Happy Queues
Ruby Central via YouTube Splitting - The Crucial Optimization for Ruby Blocks
Ruby Central via YouTube