Last active
March 4, 2016 03:22
-
-
Save frenchi/ba68b761ed460bcfbbbd to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'bundler/audit/scanner' | |
| describe 'my application dependencies' do | |
| before(:all) do | |
| @issues = [] | |
| scanner = Bundler::Audit::Scanner.new | |
| scanner.scan do |result| | |
| case result | |
| when Bundler::Audit::Scanner::UnpatchedGem | |
| @issues << result.gem | |
| end | |
| end | |
| end | |
| # Recommended Default: warn on any vulnerable gems | |
| it 'should have no vulnerable gems' do | |
| expect(@issues.size).to eq(0) | |
| end | |
| # Option: Broadly match vulnerability types | |
| it "should have a safe version of ruby on rails" do | |
| @issues.each do |issue| | |
| issue.to_s.should_not match("^rails") | |
| end | |
| end | |
| # Whitelist specific vulnerabilities | |
| # bundle-audit check --ignore OSVDB-108664 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment