add brakeman security scanner to guard

Gemfile

@@ -34,8 +34,10 @@ end
 group :development, :test do
   gem 'awesome_print'
   gem 'binding_of_caller'
+  gem 'brakeman'
   gem 'byebug', platform: :mri
   gem 'guard'
+  gem 'guard-brakeman'
   gem 'guard-livereload'
   gem 'guard-minitest'
   gem 'guard-rubocop'

Gemfile.lock

@@ -53,6 +53,7 @@ GEM
     bourbon (4.2.7)
       sass (~> 3.4)
       thor (~> 0.19)
+    brakeman (3.4.0)
     builder (3.2.2)
     byebug (9.0.5)
     choice (0.2.0)
@@ -86,6 +87,9 @@ GEM
       pry (>= 0.9.12)
       shellany (~> 0.0)
       thor (>= 0.18.1)
+    guard-brakeman (0.8.3)
+      brakeman (>= 2.1.1)
+      guard (>= 2.0.0)
     guard-compat (1.2.1)
     guard-livereload (2.5.2)
       em-websocket (~> 0.5)
@@ -287,9 +291,11 @@ DEPENDENCIES
   better_errors
   binding_of_caller
   bourbon
+  brakeman
   byebug
   figaro (~> 1.1.1)
   guard
+  guard-brakeman
   guard-livereload
   guard-minitest
   guard-rubocop

Guardfile

@@ -78,8 +78,16 @@ guard :shell, all_on_start: true do
   end
 end
 
-guard :rubocop do
+guard :rubocop, cli: %w(-D -S) do
+  watch(/.rubocop.yml/)
   watch(/.+\.rb$/)
   watch(/Rakefile/)
   watch(%r{(?:.+/)?\.rubocop\.yml$}) { |m| File.dirname(m[0]) }
 end
+
+guard 'brakeman', run_on_start: true, quiet: true do
+  watch(%r{^app/.+\.(erb|haml|rhtml|rb)$})
+  watch(%r{^config/.+\.rb$})
+  watch(%r{^lib/.+\.rb$})
+  watch('Gemfile')
+end

config/brakeman.ignore

@@ -0,0 +1,10 @@
+{
+  "ignored_warnings": [
+    {
+      "fingerprint": "da17225c940987e6239cc4ecfe27bcb1e5da2db1134435dc3e1025d97927e0ba",
+      "note": "false positive"
+    }
+  ],
+  "updated": "2016-09-19 09:06:25 -0500",
+  "brakeman_version": "3.4.0"
+}