When jumping back and forth between various Rails applications and projects it’s nice to have some tools to check on the state of the application.
Of course you have your test suite that you can run but what about outdated gems and security vulnerabilities? Here’s a few gems to make that process a bit easier.
bundler-audit - provides patch-level verification for gems by looking at your Gemfile.lock and providing recommended versions to upgrade to if there’s an issue. The gem utilizes OSVDB, an open source vulnerability database to look for vulnerabilities and then provides links to the specific vulnerability.
brakeman - a pretty popular static analysis tool to point out various known vulnerabilities.
rubocop - useful tool to point out Rails deprecation changes and helpful modifications to your code. It’s based off of the community Ruby style guide.
bundle_outdated - simple way to figure out which gems are out of date. It purely just checks if there’s a new version available, you’d then need to dig through CHANGELOGs and HISTORY files to see if you can safely upgrade from there.