livingsocial / bundler-patch

Update your gems conservatively to deal with vulnerable gems or just get more current.
MIT License
65 stars 3 forks source link

No option to use `-v` AND a list #29

Open chrismo opened 8 years ago

chrismo commented 8 years ago

which was the intent of the flag - but currently am wanting to feed it -v AND rails since none of the security vulns show up with rails, but always with dependent gems, but dependent gems (in Rails apps) are usually NOT in the Gemfile.

Only workaround is to add a custom vuln .yml for rails itself in a custom advisory dir