Run bundler-audit on PRs (#23514)

2 years ago · de4b8224c0
parent b4cbfff3eb
commit de4b8224c0
3 changed files with 9 additions and 1 deletions
--- a/.bundler-audit.yml
+++ b/.bundler-audit.yml
@ -0,0 +1,3 @@
+---
+ignore:
+  - CVE-2015-9284 # Mitigation following https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284#mitigating-in-rails-applications
--- a/.codeclimate.yml
+++ b/.codeclimate.yml
@ -24,7 +24,7 @@ plugins:
  brakeman:
    enabled: true
  bundler-audit:
-    enabled: true
+    enabled: false
  eslint:
    enabled: false
  rubocop:
--- a/.github/workflows/lint-ruby.yml
+++ b/.github/workflows/lint-ruby.yml
@ -7,6 +7,7 @@ on:
      - 'Gemfile*'
      - '.rubocop*.yml'
      - '.ruby-version'
+      - '.bundler-audit.yml'
      - '**/*.rb'
      - '**/*.rake'
      - '.github/workflows/lint-ruby.yml'
@ -16,6 +17,7 @@ on:
      - 'Gemfile*'
      - '.rubocop*.yml'
      - '.ruby-version'
+      - '.bundler-audit.yml'
      - '**/*.rb'
      - '**/*.rake'
      - '.github/workflows/lint-ruby.yml'
@ -42,3 +44,6 @@ jobs:

      - name: Run rubocop
        run: bundle exec rubocop
+
+      - name: Run bundler-audit
+        run: bundle exec bundler-audit