the --update isn't actually updating

[databyte]

Bug Report

Describe the bug

Getting old issues since the vuln list isn't updating

Reproduction Steps

Output:

...

Updating ruby-advisory-db ...
Skipping update
ruby-advisory-db: 287 advisories
Name: rails-html-sanitizer
Version: 1.3.0
Advisory: CVE-2015-7580
Criticality: Unknown
URL: https://groups.google.com/forum/#!topic/rubyonrails-security/uh--W4TDwmI
Title: Possible XSS vulnerability in rails-html-sanitizer
Solution: upgrade to ~> 1.0.3

...

Expected behavior

There should be 436 advisories but instead only 287 are listed and it specifically says Skipping update.

Stacktrace

n/a

Action Version & Workflow File

v0.0.1

Workflow File

name: Linters

on: [pull_request]

jobs:

  # other jobs...

  bundler-audit:
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v2

      - name: 'bundler-audit'
        uses: andrewmcodes/bundler-audit-action@master
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

[databyte]

Well, not sure if its a bug - that template just sorta labeled it as such.

Curious if you've seen any issues with advisories not updating...

[jfi]

@databyte Here's a PR, but my fork is public too:

#2

Here's what I'm now using in my workflow:

  bundler-audit:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: 'Bundler Audit'
        uses: jfi/bundler-audit-action@master
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Hopefully @andrewmcodes can accept this if it fixes the issue for both of us!