This repo contains a Ruby on Rails Application that is being tested with Travis CI. Travis CI is running security tests and attacks against the application. This is meant to be an example of how to setup security testing inside your CI environment.
The app, Triage, was written by Matt Konda and he awesomely donated it to be used for the secure pipeline project as the demo rails application. Thanks Matt! Please see Triage's README.md for more infomation on the application.
Note that Triage intentionally has two branches:
- security_errors : contains many security holes
- security_fixes : attempts to illustrate how to fix the holes
Once cloned, you should only have to:
$ bundle install
$ rake db:migrate
$ ./set_token.sh
$ bundle exec start_servicesThe app should be responding on http://localhost:3000
This repo and the entire secure-pipeline organization is licensed under the MIT license. Triage is licensed under the MIT license. Please see Triage's main repo for more information: https://github.com/Jemurai/triage