From de4b8224c09a5d868c02a550022485e14245cb0a Mon Sep 17 00:00:00 2001 From: Nick Schonning Date: Sat, 18 Feb 2023 06:49:09 -0500 Subject: [PATCH] Run bundler-audit on PRs (#23514) --- .bundler-audit.yml | 3 +++ .codeclimate.yml | 2 +- .github/workflows/lint-ruby.yml | 5 +++++ 3 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 .bundler-audit.yml diff --git a/.bundler-audit.yml b/.bundler-audit.yml new file mode 100644 index 00000000000..f84ec808726 --- /dev/null +++ b/.bundler-audit.yml @@ -0,0 +1,3 @@ +--- +ignore: + - CVE-2015-9284 # Mitigation following https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284#mitigating-in-rails-applications diff --git a/.codeclimate.yml b/.codeclimate.yml index 59051aae7a1..00469df005e 100644 --- a/.codeclimate.yml +++ b/.codeclimate.yml @@ -24,7 +24,7 @@ plugins: brakeman: enabled: true bundler-audit: - enabled: true + enabled: false eslint: enabled: false rubocop: diff --git a/.github/workflows/lint-ruby.yml b/.github/workflows/lint-ruby.yml index 54f45796c16..de54fe9ae5a 100644 --- a/.github/workflows/lint-ruby.yml +++ b/.github/workflows/lint-ruby.yml @@ -7,6 +7,7 @@ on: - 'Gemfile*' - '.rubocop*.yml' - '.ruby-version' + - '.bundler-audit.yml' - '**/*.rb' - '**/*.rake' - '.github/workflows/lint-ruby.yml' @@ -16,6 +17,7 @@ on: - 'Gemfile*' - '.rubocop*.yml' - '.ruby-version' + - '.bundler-audit.yml' - '**/*.rb' - '**/*.rake' - '.github/workflows/lint-ruby.yml' @@ -42,3 +44,6 @@ jobs: - name: Run rubocop run: bundle exec rubocop + + - name: Run bundler-audit + run: bundle exec bundler-audit