rubysec / bundler-audit

Patch-level verification for Bundler

rubysec/bundler-audit Issues

Make the `spec/fixtures/*/Gemfile.lock` files programmaticaly generated
Updated 2 months ago1
Add internal subnets configuration
Closed 7 months ago3
Filter on dependencies - exclude dev and test
Updated 7 months ago3
Combine ignored CVEs from both `--config` with `--ignore` flag
Updated 8 months ago
git not installed
Closed 8 months ago11
Can't update ruby-advisory-db
Updated a year ago8
Run audit automatically on `bundle` or `bundle install` command
Updated a year ago1
bundle-audit check --print-criticality=[level] AND --error-on-criticality=[level]
Closed a year ago6
This is not an issue with bundle-audit, but the Ruby enviroment itself:
Closed 2 years ago
No longer set `test_files` in the gemspec
Updated 2 years ago
No longer compatible with Ruby 2.0.0 after v0.6.1
Closed 2 years ago3
Release 1.0
Updated 2 years ago
Can no longer be called programatically
Closed 2 years ago5
`Bundler::Audit::Task` does not fail when vulnerabilities are found
Closed 2 years ago3
Error running bundler-audit
Closed 2 years ago2
Add an ISSUES template for new features
Closed 2 years ago
Add different exit codes for different errors
Updated 2 years ago
Status codes for different status messages
Closed 2 years ago10
Incorrectly flagged vulnerabilities with 4-digit version numbers
Updated 2 years ago1
gems.rb and gems.locked
Updated 2 years ago7
Add missing specs for `Scanner#initialize`
Updated 2 years ago
Unknown format: json
Closed 2 years ago1
0.9.0 fails on Ruby 2.5
Closed 3 years ago6
Release 0.9.0
Closed 3 years ago1
Release of psych-4.0.0 breaks library with Date DisallowedClass
Closed 3 years ago8
Deprecation warning emitted from Thor
Closed 3 years ago1
Ignoring insecure dependecy without an Advisory
Closed 3 years ago2
bundler audit confuse loofah gem version 2.10.0 with 2.1
Closed 3 years ago5
Support specifying path to config file
Closed 3 years ago4
Error when an ignored CVE is missing
Updated 3 years ago2
Criticality information on json output
Closed 3 years ago2
Add a Security Policy
Updated 3 years ago1
Support scanning .gemspec files
Updated 3 years ago2
Error "Unknown format" with version 0.8.0
Closed 3 years ago8
Add support for Thor 1.1.0.
Closed 3 years ago2
Installing bundler-audit is not possible on Windows throught symlink.
Closed 3 years ago4
Fix specs due to new thor 1.1.0
Closed 3 years ago2
Is it possible to scan against a local ruby advisory db?
Closed 3 years ago1
v0.8.0.rc1 does not print GHSA IDs for vulnerabilities with no other identifiers
Closed 3 years ago2
Passing parameters to bundler-audit isn't working
Closed 3 years ago1
Errors when running with an empty config yml file
Closed 3 years ago
Load configuration from .bundle/audit.yml instead of .bundler-audit.yml
Closed 3 years ago1
Add missing specs for Database#last_updated_at
Closed 3 years ago1
Add missing specs for Database#git?
Closed 3 years ago1
Add missing specs for Database#update!
Closed 3 years ago1
Add missing specs for Database.download
Closed 3 years ago1
Add missing specs for Database.exists?
Closed 3 years ago1
Add missing specs for Database#advisories_for
Closed 3 years ago1
How to get severity of a vulnerability in the report with cvss of `null`?
Closed 3 years ago1
Git is not installed!
Closed 3 years ago7