:recycle: Added Flag for Ignoring Moderate Dependencies

ministryofjustice / github-collaborators

Manage outside collaborators on our Github repositories • This repository is defined and managed in Terraform

MIT License

15 stars 12 forks source link

:recycle: Added Flag for Ignoring Moderate Dependencies #2180

Open PepperMoJ opened 1 month ago

PepperMoJ commented 1 month ago

👀 Purpose

Medium dependency vulnerabilities are being picked up by the Rspec workflow. This tag should prevent the workflow from reporting on these, as we only want to know about vulnerabilities that are HIGH or above.

♻️ What's Changed

check --ignore-moderate tag added to bundler-audit command.

📝 Notes

No notes to speak of.

sonarcloud[bot] commented 1 month ago

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud