Use bundler-audit as part of an rspec test to allow unit tests to be written to check for vulnerabilities of dependencies, based on data from https://github.com/rubysec/ruby-advisory-db

audit-rspec.rb

require 'bundler/audit/scanner'
 
describe "my application dependencies" do
 
  before(:all) do
    @issues = []
    scanner = Bundler::Audit::Scanner.new
    scanner.scan do |result|
      case result
      when Bundler::Audit::Scanner::UnpatchedGem
        @issues << result.gem
      end
    end
  end
 
  it "should have no vulnerable gems" do
    @issues.should have(0).items
  end
 
  it "should have a safe version of ruby on rails" do
    @issues.each do |issue|
      issue.to_s.should_not match("^rails")
    end
  end
 
end

Gemfile

# A Gemfile with a vulnerable version of rails in it
source "https://rubygems.org"
 
gem "rails", "3.2.13"
gem "bundler-audit"
gem "rspec"

gistfile1.txt

⚡ rspec audit-rspec.rb -f d
 
my application dependencies
  should have no vulnerable gems (FAILED - 1)
  should have a safe version of ruby on rails
 
Failures:
 
  1) my application dependencies should have no vulnerable gems
     Failure/Error: @issues.should be_empty
       expected empty? to return true, got false
     # ./audit-rspec.rb:23:in `block (2 levels) in <top (required)>'
 
Finished in 0.03949 seconds
2 examples, 1 failure
 
Failed examples:
 
rspec ./audit-rspec.rb:22 # my application dependencies should have no vulnerable gems