-
Why is bundler_audit rake task at the root of the project????
-
split from https://github.com/coala/coala-bears/issues/1410
-
-
Looking at `#initialize` now, it seems that it should accept the scanner options (`:ignore`) and store those as instance variables. The `#scan` method would then accept the path to the `Gemfile.lock`.…
-
Running [bundler-audit](https://github.com/rubysec/bundler-audit) on a Gemfile having
```
source 'http://eu.yarp.io'
```
results in:
```
Vulnerabilities found:
> [#] Insecure source URI found: http…
-
Because of the Dir.chdir in lib/bundler/audit/database.rb, the gem itself is not threadsafe
I believe that this should do the trick:
``` ruby
module Bundler
module Audit
# Represents the direc…
-
### Link to the code that reproduces this issue
https://github.com/GarudaFX/next-init-issue
### To Reproduce
1. Clone repository
2. install dependencies
3. Run "npm run dev"
### Current …
-
Using https://github.com/rubysec/bundler-audit following the generation of a `Gemfile.lock` within the CircleCI build process would provide a more verbose process for undertaking security audits for c…
-
### The problem
Sometimes we are aware that a transitive dependency has a CVE. A `bundle update somegem` will update that gem in the lockfile temporarily, but it may slip back down later. We want t…
-
PR作成時に以下が実行されるようにする
- rubocop
- test
- bundler-audit
- brakeman