issues
search
rubysec
/
bundler-audit
Patch-level verification for Bundler
GNU General Public License v3.0
2.68k
stars
229
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Added gem metadata and corrected links in gemspec.yml
#396
kpumuk
closed
6 days ago
0
Remove tests files and other config-related files from the gem packages
#395
kpumuk
opened
1 week ago
2
use the term `update` instead of `upgrade` to match bundle command
#394
olleicua
closed
1 month ago
1
bundler-audit open source License issue
#393
nareshcool97
closed
4 weeks ago
3
Fix licenses spec
#391
viktorianer
closed
8 months ago
0
Add internal subnets configuration
#390
GolovkoStepan
closed
11 months ago
3
Filter on dependencies - exclude dev and test
#389
so87
opened
11 months ago
3
Combine ignored CVEs from both `--config` with `--ignore` flag
#388
TomNaessens
opened
1 year ago
0
git not installed
#387
chabgood
closed
1 year ago
11
Run audit automatically on `bundle` or `bundle install` command
#386
Urist-McUristurister
opened
1 year ago
1
Bump nokogiri from 1.13.10 to 1.14.3 in /spec/bundle/insecure_sources
#385
dependabot[bot]
opened
1 year ago
0
Bump nokogiri from 1.13.10 to 1.14.3 in /spec/bundle/secure
#384
dependabot[bot]
opened
1 year ago
0
Bump rack from 2.2.6.3 to 2.2.6.4 in /spec/bundle/insecure_sources
#383
dependabot[bot]
opened
1 year ago
0
Bump rack from 2.2.6.3 to 2.2.6.4 in /spec/bundle/secure
#382
dependabot[bot]
opened
1 year ago
0
Make the `spec/fixtures/*/Gemfile.lock` files programmaticaly generated
#381
postmodern
opened
1 year ago
1
Bump activerecord from 3.2.10 to 6.0.6.1 in /spec/bundle/unpatched_gems_with_dot_configuration
#380
dependabot[bot]
closed
1 year ago
1
Bump rack from 2.2.6.2 to 2.2.6.3 in /spec/bundle/secure
#379
dependabot[bot]
closed
1 year ago
0
Bump rack from 2.2.6.2 to 2.2.6.3 in /spec/bundle/insecure_sources
#378
dependabot[bot]
closed
1 year ago
2
bundle-audit check --print-criticality=[level] AND --error-on-criticality=[level]
#377
Nowaker
closed
1 year ago
6
Don't double build Dependabot PRs
#376
nschonni
opened
1 year ago
0
Bump rack from 2.2.4 to 2.2.6.2 in /spec/bundle/secure
#375
dependabot[bot]
closed
1 year ago
0
Bump globalid from 1.0.0 to 1.0.1 in /spec/bundle/secure
#374
dependabot[bot]
closed
1 year ago
0
Bump activerecord from 3.2.10 to 6.1.7.1 in /spec/bundle/unpatched_gems_with_dot_configuration
#373
dependabot[bot]
closed
1 year ago
1
Bump rack from 2.2.3 to 2.2.6.2 in /spec/bundle/insecure_sources
#372
dependabot[bot]
closed
1 year ago
0
Bump activerecord from 3.2.10 to 6.1.7.1 in /spec/bundle/unpatched_gems
#371
dependabot[bot]
closed
1 year ago
1
Add Ruby 3.2 to the test matrix
#370
misdoro
closed
1 year ago
0
Bump rails-html-sanitizer from 1.3.0 to 1.4.4 in /spec/bundle/insecure_sources
#369
dependabot[bot]
closed
1 year ago
0
Bump loofah from 2.9.1 to 2.19.1 in /spec/bundle/insecure_sources
#368
dependabot[bot]
closed
1 year ago
0
Bump rails-html-sanitizer from 1.4.3 to 1.4.4 in /spec/bundle/secure
#367
dependabot[bot]
closed
1 year ago
0
Bump loofah from 2.18.0 to 2.19.1 in /spec/bundle/secure
#366
dependabot[bot]
closed
1 year ago
0
Bump nokogiri from 1.13.9 to 1.13.10 in /spec/bundle/insecure_sources
#364
dependabot[bot]
closed
1 year ago
0
Bump nokogiri from 1.13.9 to 1.13.10 in /spec/bundle/secure
#363
dependabot[bot]
closed
1 year ago
0
This is not an issue with bundle-audit, but the Ruby enviroment itself:
#362
Cr1sPet
closed
1 year ago
0
No longer set `test_files` in the gemspec
#361
postmodern
opened
1 year ago
0
Bump tzinfo from 0.3.58 to 0.3.61 in /spec/bundle/unpatched_gems_with_dot_configuration
#360
dependabot[bot]
closed
1 year ago
0
Bump activerecord from 3.2.10 to 5.2.8.1 in /spec/bundle/unpatched_gems_with_dot_configuration
#359
dependabot[bot]
closed
1 year ago
1
Bump nokogiri from 1.13.6 to 1.13.9 in /spec/bundle/insecure_sources
#358
dependabot[bot]
closed
1 year ago
0
Bump nokogiri from 1.13.6 to 1.13.9 in /spec/bundle/secure
#357
dependabot[bot]
closed
1 year ago
0
Remove platform duplicates
#356
ylecuyer
opened
1 year ago
1
Release 1.0
#355
sandstrom
opened
1 year ago
0
Bump tzinfo from 1.2.9 to 1.2.10 in /spec/bundle/secure
#354
dependabot[bot]
closed
1 year ago
1
Bump tzinfo from 0.3.58 to 0.3.61 in /spec/bundle/unpatched_gems
#353
dependabot[bot]
opened
2 years ago
0
Can no longer be called programatically
#352
nello
closed
2 years ago
5
Bump activerecord from 3.2.10 to 5.2.8.1 in /spec/bundle/unpatched_gems
#351
dependabot[bot]
closed
1 year ago
1
Bump rack from 2.2.3 to 2.2.4 in /spec/bundle/secure
#350
dependabot[bot]
closed
2 years ago
0
Bump rack from 2.2.3 to 2.2.4 in /spec/bundle/insecure_sources
#349
dependabot[bot]
closed
1 year ago
1
Bump rails-html-sanitizer from 1.3.0 to 1.4.3 in /spec/bundle/insecure_sources
#348
dependabot[bot]
closed
1 year ago
1
Bump rails-html-sanitizer from 1.0.4 to 1.4.3 in /spec/bundle/secure
#347
dependabot[bot]
closed
2 years ago
0
Bump actions/checkout from 2 to 3
#346
dependabot[bot]
opened
2 years ago
0
`Bundler::Audit::Task` does not fail when vulnerabilities are found
#345
postmodern
closed
2 years ago
3
Next