Bundler-Audit
Language / Framework: Ruby
Checks: 235
Categories: Security
Bundler-Audit helps you find security vulnerabilities in your Ruby dependencies. Bundler-audit also offers patch-level verification for Bundler.
Enable the Plugin
To enable Bundler Audit analysis, add the following to your .codeclimate.yml configuration file:
plugins:
bundler-audit:
enabled: true
More information about the CLI is available in the README here: https://github.com/codeclimate/codeclimate
Bundler-Audit Versions
To enable a newer version of Bundler-Audit, specify the bundler-audit-0-9-1
channel within your .codeclimate.yml
as seen below.
plugins:
bundler-audit:
channel: bundler-audit-0-9-1
enabled: true
Configure the Plugin
Specify path to Gemfile.lock
plugins:
bundler-audit:
enabled: true
config:
path: optional/path/to/Gemfile.lock
https://github.com/codeclimate/codeclimate-bundler-audit
Understand the Plugin
Bundler-Audit cross references entries in your Gemfile.lock
with the Ruby Advisory DB.
Updated 12 months ago