Run bundler-audit on PRs (#23514)
This commit is contained in:
Nick Schonning
GitHub
3
.bundler-audit.yml
Normal file
3
.bundler-audit.yml
Normal file
@@ -0,0 +1,3 @@
|
||||
---
|
||||
ignore:
|
||||
- CVE-2015-9284 # Mitigation following https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284#mitigating-in-rails-applications
|
||||
@@ -24,7 +24,7 @@ plugins:
|
||||
brakeman:
|
||||
enabled: true
|
||||
bundler-audit:
|
||||
enabled: true
|
||||
enabled: false
|
||||
eslint:
|
||||
enabled: false
|
||||
rubocop:
|
||||
|
||||
5
.github/workflows/lint-ruby.yml
vendored
5
.github/workflows/lint-ruby.yml
vendored
@@ -7,6 +7,7 @@ on:
|
||||
- 'Gemfile*'
|
||||
- '.rubocop*.yml'
|
||||
- '.ruby-version'
|
||||
- '.bundler-audit.yml'
|
||||
- '**/*.rb'
|
||||
- '**/*.rake'
|
||||
- '.github/workflows/lint-ruby.yml'
|
||||
@@ -16,6 +17,7 @@ on:
|
||||
- 'Gemfile*'
|
||||
- '.rubocop*.yml'
|
||||
- '.ruby-version'
|
||||
- '.bundler-audit.yml'
|
||||
- '**/*.rb'
|
||||
- '**/*.rake'
|
||||
- '.github/workflows/lint-ruby.yml'
|
||||
@@ -42,3 +44,6 @@ jobs:
|
||||
|
||||
- name: Run rubocop
|
||||
run: bundle exec rubocop
|
||||
|
||||
- name: Run bundler-audit
|
||||
run: bundle exec bundler-audit
|
||||
|
||||
Reference in New Issue
Block a user