techhub/mastodon
2
0
Fork 0
Code Activity

Run bundler-audit on PRs (#23514)

Browse Source
This commit is contained in:
Nick Schonning
2023-02-18 06:49:09 -05:00
committed by GitHub
parent b4cbfff3eb
commit de4b8224c0
3 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.bundler-audit.yml Normal file
View File

@@ -0,0 +1,3 @@
---
ignore:
- CVE-2015-9284 # Mitigation following https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284#mitigating-in-rails-applications

2
.codeclimate.yml
View File

@@ -24,7 +24,7 @@ plugins:
brakeman: brakeman:
enabled: true enabled: true
bundler-audit: bundler-audit:
enabled: true enabled: false
eslint: eslint:
enabled: false enabled: false
rubocop: rubocop:

5
.github/workflows/lint-ruby.yml vendored
View File

@@ -7,6 +7,7 @@ on:
- 'Gemfile*' - 'Gemfile*'
- '.rubocop*.yml' - '.rubocop*.yml'
- '.ruby-version' - '.ruby-version'
- '.bundler-audit.yml'
- '**/*.rb' - '**/*.rb'
- '**/*.rake' - '**/*.rake'
- '.github/workflows/lint-ruby.yml' - '.github/workflows/lint-ruby.yml'
@@ -16,6 +17,7 @@ on:
- 'Gemfile*' - 'Gemfile*'
- '.rubocop*.yml' - '.rubocop*.yml'
- '.ruby-version' - '.ruby-version'
- '.bundler-audit.yml'
- '**/*.rb' - '**/*.rb'
- '**/*.rake' - '**/*.rake'
- '.github/workflows/lint-ruby.yml' - '.github/workflows/lint-ruby.yml'
@@ -42,3 +44,6 @@ jobs:
- name: Run rubocop - name: Run rubocop
run: bundle exec rubocop run: bundle exec rubocop
- name: Run bundler-audit
run: bundle exec bundler-audit