`Bundler::Audit::Task` does not fail when vulnerabilities are found

Question

postmodern opened this issue 2 years ago · comments

Description

The Bundler::Audit::Task does not fail if vulnerabilities are found. Add exit $?.exitstatus || 1 to mimic how the rspec rake task works.

Steps to reproduce the bug:

Exits with 1 when vulnerabilities are found.

Always exits with 0.

Postmodern · Answer 1 · Fri May 20 2022 03:30:43 GMT+0800 (China Standard Time)

Fixed build in 0b2a28c.

Postmodern · Answer 2 · Fri May 20 2022 03:35:19 GMT+0800 (China Standard Time)

Also tested locally with a known vulnerable bundle. Now exits with status code 1.

Postmodern · Answer 3 · Fri May 20 2022 11:03:42 GMT+0800 (China Standard Time)

bundler-audit 0.9.1 has been released. See the ChangeLog for a short summary of the bug.