I am super excited to announce new changes in Hakiri that make Rails security monitoring even smoother than before.
Hakiri already had some basic GitHub integration in the previous versions that allowed developers to hook up repos and monitor their code. Now integration became even more tight.
First of all, we’ve added GitHub authentication that makes it really easy to login to Hakiri with a GitHub account. It also provides a much simpler initial integration: just choose repos and branches you’d like to monitor in a couple of clicks.
Secondly, Hakiri does a lot more on each GitHub push. Not only do we scan your code for vulnerabilities, but also parse
Gemfile.lock for all of your gem and Rails versions. After the scan is done, all of these versions are added to the latest build and vulnerability notifications are sent out. And remember, all of this requires just a few clicks! No more complicated setups, unless you want to monitor your server technologies (and even then it’s not that complicated ;) ).
We got rid of all complicated layers that Hakiri used to have. No more feeds or a confusing stacks notion. Now Hakiri follows a standard repository structure: every Hakiri project represents your GitHub project, stacks are repo branches, and builds are git pushes.
We also added breadcrumbs at the top of each page to make it easier for you to navigate through the project. Breadcrumbs are part of a larger effort to simplify the general design and structure of Hakiri. I bet you are going to like it!
The last thing worth mentioning is about our back-end. In the past couple of months we really put a lot of effort into improving vulnerability scanner algorithms and the vulnerability database. I am proud of the fact that now we don’t have a list of supported gems anymore because…we support all gems! Whenever there is a new CVE vulnerability in any gem, Hakiri picks it up from public sources.
It’s time to wrap up! Expect to see more updates in the coming weeks because we got a lot on our roadmap. As always, shoot me an email if you have any questions or feedback: firstname.lastname@example.org.