Background

Brakeman version: 6.2.2
Rails version: 6.1.7.10 and 7.0.8.7
Ruby version: 3.0.7

Link to Rails application code: N/A

Issue

What problem are you seeing?
Currently, I use next_rails to dual boot a client application in Rails 6.1 and Rails 7.0. The gem allows us to use an alias (next) to set the BUNDLE_GEMFILE environment variable to Gemfile.next and prepend that to any command so we can run different executables in both Rails versions we're working with. Thus, for example, I can say rspec to run specs in Rails 6.1 and next rspec to run them in Rails 7.0.

What's happening is that brakeman doesn't seem to be catching on to this and always detects the application as belonging to whatever version is the current version. I did try

I've made an example repo here.

To reproduce simply:

1. Run bundle install and next bundle install
2. Run bundle exec brakeman to see that it correctly detects a Rails 6 app
3. Run next bundle exec brakeman or BUNDLE_GEMFILE=Gemfile.next bundle exec brakeman and it should still report a Rails 6.1 application

Other Error

No other errors