Code Climate bundler-audit Engine
codeclimate-bundler-audit is a Code Climate engine that wraps bundler-audit. You can run it on your command line using the Code Climate CLI, or on our hosted analysis platform.
bundler-audit offers patch-level verification for Bundler.
- If you haven't already, install the Code Climate CLI.
codeclimate engines:enable bundler-audit. This command both installs the engine and enables it in your
- You're ready to analyze! Browse into your project's folder and run
By default, bundler-audit will look for a
Gemfile.lock file in the root of
your project. Optionally configure Code Climate to look at a different path:
plugins: bundler-audit: enabled: true config: path: optional/path/to/Gemfile.lock
Updating the vulnerability database
If you want to update the vulnerability database, run
For help with bundler-audit, check out their documentation.