Project

govuk_security_audit

0.0
Repository is archived
No commit activity in last 3 years
No release in over 3 years
govuk_security_auditalphagov/govuk_security_auditHomepageDocumentationSource CodeBug TrackerWiki
Wraps bundler-audit gem to check specific repos for gem vulnerabilities
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
9,660
Stars
0
Forks
2
Watchers
54
 Releases
Current version
0.2.0
Total releases
4
First release
2015-07-21
Latest release
2016-02-08
 Pull Requests
Open Pull Requests
0
Closed Pull Requests
1
Merged Pull Requests
11
Pull Request Acceptance Rate
91%
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2015-09-08
Reverse Dependencies
0

 Dependencies

Development

bundler
~> 1.9
gem_publisher
= 1.5.0
rake
~> 10.0

Runtime

bundler-audit
~> 0.4.0
thor
~> 0.19
 Project Readme

GOV.UK Gem Security Checker

This wraps the bundler-audit gem to allow checking specific Bundler lockfiles.

Usage

Install the gem:

gem install govuk_security_audit

Update the Ruby Advisory Database:

govuk_security_audit update

Check the current directory:

govuk_security_audit check

Check another directory:

govuk_security_audit check ~/govuk/whitehall

Check a specific Gemfile.lock:

govuk_security_audit check /tmp/whitehall-gemfile.lock

Check a repo on Github:

govuk_security_audit github alphagov whitehall

Check a specific branch on Github:

govuk_security_audit github alphagov whitehall upgrade-rails

Checks but ignores specific vulnerabilities

govuk_security_audit check ~/govuk/whitehall --ignore OSVDB-131677 advisory