-
**Issue Description**
Flagging here that `resque`'s dependency on `sinatra` has a known vulnerability (CVE-2024-21510). An active issue is being worked on. Found as a result of `sentry-ruby` depend…
-
### Issue Description
Flagging here that the dependency on `resque` which depends on `sinatra` has a known vulnerability (CVE-2024-21510). An active issue is being worked on.
See here: https://githu…
-
bundler-advise can be configured, but bundler-patch does not surface a way to redirect where bundler-advise's checkout path is located.
-
## Description
There seems to be a problem with updating ruby-advisory-db.
## Steps To Reproduce
Run `bundle exec bundle-audit check --update`
## Expected Behavior
It should do what it …
-
https://github.com/rubymem/ruby-mem-advisory-db seems interesting, would adding it (maybe with an opt-in flag) be a good idea ?
-
If you visit:
http://www.ruby-doc.org/
You will see:
"There was 1 Ruby vulnerability reports in the last 14 days. 1 undetermined. Most recent: CVE-2013-1656. [See details](http://web.nvd.nist.gov/v…
-
Please check https://github.com/rubysec/ruby-advisory-db/blob/master/LICENSE.txt .
Determine and enable the detection of correct license expression for the above LICENSE.
-
Add an API for interacting with the database.
- Searching for advisories by CVE or gem.
- Testing if a `Gem::Version` is vulnerable.
- Downloading and updating a copy of the database.
-
**Describe the bug**
Failure for container dawarich_app to start ends with '**dependency failed to start: container dawarich_app is unhealthy'**
**Version**
Latest - first time install today
*…
-
@knutsenm @jbirdjavi @dbenton9 @twinge @Omicron7
This morning, working on OneApp, I got:
```
$ bundle exec bundle audit check --update --ignore CVE-2015-9284
Updating ruby-advisory-db ...
Fr…