You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Right now to audit the gems, you have to run a command manually or by using git hooks.
It really would be a nice touch to have an option to install bundler-audit as a bundler plugin (or maybe release it as a separate gem?), which would execute bundle-audit check -u -q on every bundle or bundle install command (maybe check if Gemfile.lock have actually changed, too?..), then either print a message and exit(1) on failure, or silently move on if everything is good.
Human memory is very unreliable, not everyone can remember to manually run the audit every time the Gemfile changes. This feature could really help improve the security.
The text was updated successfully, but these errors were encountered:
Right now to audit the gems, you have to run a command manually or by using git hooks.
It really would be a nice touch to have an option to install
bundler-audit
as a bundler plugin (or maybe release it as a separate gem?), which would executebundle-audit check -u -q
on everybundle
orbundle install
command (maybe check if Gemfile.lock have actually changed, too?..), then either print a message and exit(1) on failure, or silently move on if everything is good.Human memory is very unreliable, not everyone can remember to manually run the audit every time the Gemfile changes. This feature could really help improve the security.
The text was updated successfully, but these errors were encountered: