about summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.bundler-audit.yml3
-rw-r--r--.codeclimate.yml2
-rw-r--r--.github/workflows/lint-ruby.yml5
3 files changed, 9 insertions, 1 deletions
diff --git a/.bundler-audit.yml b/.bundler-audit.yml
new file mode 100644
index 000000000..f84ec8087
--- /dev/null
+++ b/.bundler-audit.yml
@@ -0,0 +1,3 @@
+---
+ignore:
+  - CVE-2015-9284 # Mitigation following https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284#mitigating-in-rails-applications
diff --git a/.codeclimate.yml b/.codeclimate.yml
index 59051aae7..00469df00 100644
--- a/.codeclimate.yml
+++ b/.codeclimate.yml
@@ -24,7 +24,7 @@ plugins:
   brakeman:
     enabled: true
   bundler-audit:
-    enabled: true
+    enabled: false
   eslint:
     enabled: false
   rubocop:
diff --git a/.github/workflows/lint-ruby.yml b/.github/workflows/lint-ruby.yml
index 54f45796c..de54fe9ae 100644
--- a/.github/workflows/lint-ruby.yml
+++ b/.github/workflows/lint-ruby.yml
@@ -7,6 +7,7 @@ on:
       - 'Gemfile*'
       - '.rubocop*.yml'
       - '.ruby-version'
+      - '.bundler-audit.yml'
       - '**/*.rb'
       - '**/*.rake'
       - '.github/workflows/lint-ruby.yml'
@@ -16,6 +17,7 @@ on:
       - 'Gemfile*'
       - '.rubocop*.yml'
       - '.ruby-version'
+      - '.bundler-audit.yml'
       - '**/*.rb'
       - '**/*.rake'
       - '.github/workflows/lint-ruby.yml'
@@ -42,3 +44,6 @@ jobs:
 
       - name: Run rubocop
         run: bundle exec rubocop
+
+      - name: Run bundler-audit
+        run: bundle exec bundler-audit
generated by cgit-pink (git 2.37.1) at 2024-11-22 22:07:04 +0000