We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Getting old issues since the vuln list isn't updating
Output:
... Updating ruby-advisory-db ... Skipping update ruby-advisory-db: 287 advisories Name: rails-html-sanitizer Version: 1.3.0 Advisory: CVE-2015-7580 Criticality: Unknown URL: https://groups.google.com/forum/#!topic/rubyonrails-security/uh--W4TDwmI Title: Possible XSS vulnerability in rails-html-sanitizer Solution: upgrade to ~> 1.0.3 ...
There should be 436 advisories but instead only 287 are listed and it specifically says Skipping update.
436 advisories
287
Skipping update
n/a
v0.0.1
name: Linters on: [pull_request] jobs: # other jobs... bundler-audit: runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v2 - name: 'bundler-audit' uses: andrewmcodes/bundler-audit-action@master env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
The text was updated successfully, but these errors were encountered:
Well, not sure if its a bug - that template just sorta labeled it as such.
Curious if you've seen any issues with advisories not updating...
Sorry, something went wrong.
@databyte Here's a PR, but my fork is public too:
#2
Here's what I'm now using in my workflow:
bundler-audit: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: 'Bundler Audit' uses: jfi/bundler-audit-action@master env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Hopefully @andrewmcodes can accept this if it fixes the issue for both of us!
andrewmcodes
No branches or pull requests
Bug Report
Describe the bug
Getting old issues since the vuln list isn't updating
Reproduction Steps
Output:
Expected behavior
There should be
436 advisories
but instead only287
are listed and it specifically saysSkipping update
.Stacktrace
n/a
Action Version & Workflow File
v0.0.1
Workflow File
The text was updated successfully, but these errors were encountered: