Run bundler-audit on PRs (#23514)

This commit is contained in:
Nick Schonning 2023-02-18 06:49:09 -05:00 committed by GitHub
parent a2129d336a
commit 2f54d6f33c
3 changed files with 9 additions and 1 deletions

3
.bundler-audit.yml Normal file
View file

@ -0,0 +1,3 @@
---
ignore:
- CVE-2015-9284 # Mitigation following https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284#mitigating-in-rails-applications

View file

@ -24,7 +24,7 @@ plugins:
brakeman:
enabled: true
bundler-audit:
enabled: true
enabled: false
eslint:
enabled: false
rubocop:

View file

@ -7,6 +7,7 @@ on:
- 'Gemfile*'
- '.rubocop*.yml'
- '.ruby-version'
- '.bundler-audit.yml'
- '**/*.rb'
- '**/*.rake'
- '.github/workflows/lint-ruby.yml'
@ -16,6 +17,7 @@ on:
- 'Gemfile*'
- '.rubocop*.yml'
- '.ruby-version'
- '.bundler-audit.yml'
- '**/*.rb'
- '**/*.rake'
- '.github/workflows/lint-ruby.yml'
@ -42,3 +44,6 @@ jobs:
- name: Run rubocop
run: bundle exec rubocop
- name: Run bundler-audit
run: bundle exec bundler-audit