capistrano-bundle_audit 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +6 -4
  3. data/lib/capistrano/bundle_audit/version.rb +1 -1
  4. data/lib/capistrano/tasks/bundle_audit.rake +3 -3
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 4f6157938e40feb73815c43c9bbbf5bdddc58492
4
- data.tar.gz: a76db4d182893e2ff65e4aa815909ad4471443c2
3
+ metadata.gz: 8d3a3a901717f79d9080dee97f2c95c1a7f7caea
4
+ data.tar.gz: ecaa49ed99b0543bee2ae57c9dcdafc921c00412
5
5
  SHA512:
6
- metadata.gz: d32b94727ce50a46fdc4da9c97abd02f7bcb7d63c59f1cfa9e88859dc468c78739e18a2b7c39d9cfb39dd3fe7ee28db2524d5c97e3ec866a9093a07af89587d3
7
- data.tar.gz: fc8cf08160e752b76523b1d03c4a316b0a9fb1fc771cfd0a22ab24d1b476ad45a9842990fab196984c9c5f222c24cf9f7fb4f42915cb67483e6e37a700843902
6
+ metadata.gz: 56b899afe426b298c4b150d75214e5df47b2b5cbe771d9a713a7ee0993a6ac8300e26a54d801bb2cfba06a26f94a87c13f53f99a90febcb6e851b6ca6c305121
7
+ data.tar.gz: 2ebfb880fe8a8182f95a8a0c22e045db5d1d2cfcee7cd840c636d1b2cf7bff4671b4b7ac7ab9cc91da0671f0aae0fe91fe74707421be83c16146028a608fda33
data/README.md CHANGED
@@ -1,6 +1,6 @@
1
1
  # Capistrano::BundleAudit
2
2
 
3
- TODO: Write a gem description
3
+ Audit your Gemfile for known vulnerabilies before releasing.
4
4
 
5
5
  ## Installation
6
6
 
@@ -14,13 +14,15 @@ And then execute:
14
14
 
15
15
  $ bundle
16
16
 
17
- Or install it yourself as:
17
+ Add this line to your `Capfile`:
18
18
 
19
- $ gem install capistrano-bundle_audit
19
+ ```ruby
20
+ require 'capistrano/bundle_audit'
21
+ ```
20
22
 
21
23
  ## Usage
22
24
 
23
- TODO: Write usage instructions here
25
+ After `deploy:updating` (and before the deployed code is released as the current version), `bundle-audit` will be run against the pushed code. If any vulnerabilities are discovered, the release will be aborted.
24
26
 
25
27
  ## Contributing
26
28
 
data/lib/capistrano/bundle_audit/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Capistrano
2
2
  module BundleAudit
3
- VERSION = "0.0.2"
3
+ VERSION = "0.0.3"
4
4
  end
5
5
  end
data/lib/capistrano/tasks/bundle_audit.rake CHANGED
@@ -4,10 +4,10 @@ namespace :deploy do
4
4
  namespace :check do
5
5
  desc "Audit the Gemfile/Gemfile.lock for known vulnerabilities"
6
6
  task :bundle_audit do
7
- on roles(:app) do |host|
7
+ on roles(:app), in: :sequence do |host|
8
8
 
9
9
  # Download the relevant files and run bundle-audit on them locally
10
- Dir.mktmpdir do |dir|
10
+ Dir.mktmpdir do |dir|
11
11
  Dir.chdir dir do
12
12
  download! "#{release_path}/Gemfile.lock", "Gemfile.lock"
13
13
  download! "#{release_path}/Gemfile", "Gemfile"
@@ -31,6 +31,6 @@ namespace :deploy do
31
31
  end
32
32
  end
33
33
  end
34
-
34
+
35
35
  after 'deploy:updating', 'deploy:check:bundle_audit' unless ENV['SKIP_BUNDLE_AUDIT']
36
36
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: capistrano-bundle_audit
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.2
4
+ version: 0.0.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chris Beer
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-08-20 00:00:00.000000000 Z
11
+ date: 2014-09-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: capistrano