Documentation (Quality)Contact SupportCode Climate API
Documentation (Quality)

Bundler-Audit

Suggest Edits

147

Language / Framework: Ruby
Checks: 235
Categories: Security

Bundler-Audit helps you find security vulnerabilities in your Ruby dependencies. Bundler-audit also offers patch-level verification for Bundler.

Enable the Plugin

To enable Bundler Audit analysis, add the following to your .codeclimate.yml configuration file:

plugins:
  bundler-audit:
    enabled: true

More information about the CLI is available in the README here: https://github.com/codeclimate/codeclimate

Bundler-Audit Versions

To enable a newer version of Bundler-Audit, specify the bundler-audit-0-9-1 channel within your .codeclimate.yml as seen below. 

plugins:
  bundler-audit:
    channel: bundler-audit-0-9-1
    enabled: true

Configure the Plugin

Specify path to Gemfile.lock

plugins:
  bundler-audit:
    enabled: true
    config:
      path: optional/path/to/Gemfile.lock

https://github.com/codeclimate/codeclimate-bundler-audit

Understand the Plugin

Bundler-Audit cross references entries in your Gemfile.lock with the Ruby Advisory DB.

Updated 11 months ago