bundler-audit provides patch-level verification for Bundled apps.

Just requires bundler-audit, if you've mistakenly required bundle-audit

Pronto runner for bundler-audit, patch-level verification for bundler.

Automatic apply security update inspected by bundler-audit.

Schedules daily task using whenever for Gemfile audit using bundler-audit that just raises an exception for your default exception notifier to catch

guard + bundler-audit = security

An improved version of bundler-audit provides patch-level verification for Bundled apps

GitLab parser for bundler-audit gem output

Wraps bundler-audit gem to check specific repos for gem vulnerabilities

bundler-budit is a fork of bundler-audit, which provides patch-level verification for Bundled apps.

Analyses your Gemfile for dependency health: checks if gems are actively maintained (last commit dates via GitHub and GitLab, release dates), outdated versions, archived repos, OpenSSF Scorecard security scores, known vulnerabilities via deps.dev, and libyear drift. Ruby version freshness with EOL detection. Handles rubygems, git, path, and GitHub Packages sources. Outputs coloured terminal tables, markdown, or JSON. CI quality gates with --fail-if-critical, --fail-if-warning, --fail-if-vulnerable, --fail-if-outdated, and --ignore. A comprehensive alternative to running bundle outdated, bundler-audit, and libyear-bundler separately.

RubyAudit checks your current version of Ruby and RubyGems against known security vulnerabilities (CVEs), alerting you if you are using an insecure version. It complements bundler-audit, providing complete coverage for your Ruby stack.

RubyAudit checks your current version of Ruby and RubyGems against known security vulnerabilities (CVEs), alerting you if you are using an insecure version. It complements bundler-audit, providing complete coverage for your Ruby stack. This is a fork of ruby_audit (https://rubygems.org/gems/ruby_audit) with JRuby compatibility fixes. Use the original gem unless you need JRuby support. All development happens upstream at https://github.com/civisanalytics/ruby_audit

bundle-patch is a CLI tool that detects vulnerable gems in your Gemfile and automatically upgrades them to a patchable version based on your configured strategy (patch/minor/all). Uses bundler-audit under the hood.

Runs a bundle upgrade, shows the changelog for each gem that was upgraded, and outputs a summary view of gem changes plus their impact.

Run bundler-audit on multiple repositories