Skip to content
This repository has been archived by the owner on Nov 1, 2018. It is now read-only.

Wraps bundler-audit gem to check specific repos for gem vulnerabilities

License

Notifications You must be signed in to change notification settings

alphagov/govuk_security_audit

Repository files navigation

GOV.UK Gem Security Checker

This wraps the bundler-audit gem to allow checking specific Bundler lockfiles.

Usage

Install the gem:

gem install govuk_security_audit

Update the Ruby Advisory Database:

govuk_security_audit update

Check the current directory:

govuk_security_audit check

Check another directory:

govuk_security_audit check ~/govuk/whitehall

Check a specific Gemfile.lock:

govuk_security_audit check /tmp/whitehall-gemfile.lock

Check a repo on Github:

govuk_security_audit github alphagov whitehall

Check a specific branch on Github:

govuk_security_audit github alphagov whitehall upgrade-rails

Checks but ignores specific vulnerabilities

govuk_security_audit check ~/govuk/whitehall --ignore OSVDB-131677 advisory

About

Wraps bundler-audit gem to check specific repos for gem vulnerabilities

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •