Run bundler-audit on PRs (#23514)
parent
b4cbfff3eb
commit
de4b8224c0
|
@ -0,0 +1,3 @@
|
||||||
|
---
|
||||||
|
ignore:
|
||||||
|
- CVE-2015-9284 # Mitigation following https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284#mitigating-in-rails-applications
|
|
@ -24,7 +24,7 @@ plugins:
|
||||||
brakeman:
|
brakeman:
|
||||||
enabled: true
|
enabled: true
|
||||||
bundler-audit:
|
bundler-audit:
|
||||||
enabled: true
|
enabled: false
|
||||||
eslint:
|
eslint:
|
||||||
enabled: false
|
enabled: false
|
||||||
rubocop:
|
rubocop:
|
||||||
|
|
|
@ -7,6 +7,7 @@ on:
|
||||||
- 'Gemfile*'
|
- 'Gemfile*'
|
||||||
- '.rubocop*.yml'
|
- '.rubocop*.yml'
|
||||||
- '.ruby-version'
|
- '.ruby-version'
|
||||||
|
- '.bundler-audit.yml'
|
||||||
- '**/*.rb'
|
- '**/*.rb'
|
||||||
- '**/*.rake'
|
- '**/*.rake'
|
||||||
- '.github/workflows/lint-ruby.yml'
|
- '.github/workflows/lint-ruby.yml'
|
||||||
|
@ -16,6 +17,7 @@ on:
|
||||||
- 'Gemfile*'
|
- 'Gemfile*'
|
||||||
- '.rubocop*.yml'
|
- '.rubocop*.yml'
|
||||||
- '.ruby-version'
|
- '.ruby-version'
|
||||||
|
- '.bundler-audit.yml'
|
||||||
- '**/*.rb'
|
- '**/*.rb'
|
||||||
- '**/*.rake'
|
- '**/*.rake'
|
||||||
- '.github/workflows/lint-ruby.yml'
|
- '.github/workflows/lint-ruby.yml'
|
||||||
|
@ -42,3 +44,6 @@ jobs:
|
||||||
|
|
||||||
- name: Run rubocop
|
- name: Run rubocop
|
||||||
run: bundle exec rubocop
|
run: bundle exec rubocop
|
||||||
|
|
||||||
|
- name: Run bundler-audit
|
||||||
|
run: bundle exec bundler-audit
|
||||||
|
|
Reference in New Issue