capistrano-bundle_audit 0.0.3 → 0.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/capistrano/bundle_audit/version.rb +1 -1
  3. data/lib/capistrano/tasks/bundle_audit.rake +4 -1
  4. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 8d3a3a901717f79d9080dee97f2c95c1a7f7caea
4
- data.tar.gz: ecaa49ed99b0543bee2ae57c9dcdafc921c00412
3
+ metadata.gz: 23384e1c5777c2351cf90b0fc1b83d85dc88dc15
4
+ data.tar.gz: 906873a8fb48257d58635502b714f61d7add24d4
5
5
  SHA512:
6
- metadata.gz: 56b899afe426b298c4b150d75214e5df47b2b5cbe771d9a713a7ee0993a6ac8300e26a54d801bb2cfba06a26f94a87c13f53f99a90febcb6e851b6ca6c305121
7
- data.tar.gz: 2ebfb880fe8a8182f95a8a0c22e045db5d1d2cfcee7cd840c636d1b2cf7bff4671b4b7ac7ab9cc91da0671f0aae0fe91fe74707421be83c16146028a608fda33
6
+ metadata.gz: 4630ced90db7ce3a5cc2faeb9208ffefa50c436cde41f39d8cc6d646d157d8032284755574dfed612028206b4d679d281963107edbdf854e039ad998cbafecc9
7
+ data.tar.gz: 6d4e76a4448f7d605f1777c73bc817500e90e39abe8ab0f7973a023bab3afeb95c4dd2b69db0c4dbaa66dfb640720f9fb691202664024cf3e5c13bfec7176e8a
data/lib/capistrano/bundle_audit/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Capistrano
2
2
  module BundleAudit
3
- VERSION = "0.0.3"
3
+ VERSION = "0.0.4"
4
4
  end
5
5
  end
data/lib/capistrano/tasks/bundle_audit.rake CHANGED
@@ -22,7 +22,10 @@ namespace :deploy do
22
22
  # bundle-audit includes failures for both gem vulnerabilities
23
23
  # and insecure gem sources, and offers no way to distinguish those cases.
24
24
  # unfortunately, we only want to fail when vulnerable gems are required.
25
- if bundle_audit_output =~ /Name:/
25
+ # This should only fail if there is a bundle-audit output AND it has
26
+ # a solution available to upgrade. If no solution is available deploy
27
+ # will still be allowed.
28
+ if bundle_audit_output =~ /Solution: upgrade to/
26
29
  fail "Bundle audit failed; update your vulnerable dependencies before deploying"
27
30
  end
28
31
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: capistrano-bundle_audit
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3
4
+ version: 0.0.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Chris Beer
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-09-25 00:00:00.000000000 Z
11
+ date: 2015-01-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: capistrano
@@ -102,7 +102,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
102
102
  version: '0'
103
103
  requirements: []
104
104
  rubyforge_project:
105
- rubygems_version: 2.2.2
105
+ rubygems_version: 2.4.5
106
106
  signing_key:
107
107
  specification_version: 4
108
108
  summary: Audit a project's gem dependencies before deployment