jefferies_tube 1.1.1 → 1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -1
- data/README.md +9 -0
- data/lib/jefferies_tube/capistrano/deploy.rb +2 -1
- data/lib/jefferies_tube/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: fda803efe78403794dec76b4f9dfce17a1a5ba31f0241b74e953f816429e6882
|
4
|
+
data.tar.gz: f7a9867ac76ba5b12d4f8eeaa94e99eec2ea8394b8df6ef02620213923d178b6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9efcf56c25bfd2cd54e81dc149e1099ca040d5187baefe79f4ca76df7ad8481b48f590ae8117adbcaaca9a00ab4a5985a405255573ca65aceb654c0567907de1
|
7
|
+
data.tar.gz: 9bd77d4484ccfe9686af94dbe3338b17f4996df3016c5c1c6cc1bc901fbf6f255e4346cd943a9a4b71630c18ccaf569bd95f748e49bf5ef8b1b25372a4bd5506
|
data/CHANGELOG.md
CHANGED
@@ -4,7 +4,12 @@ This is a [changelog](https://keepachangelog.com/en/0.3.0/).
|
|
4
4
|
|
5
5
|
This project attempts to follow [semantic versioning](https://semver.org/)
|
6
6
|
|
7
|
-
##
|
7
|
+
## 1.2
|
8
|
+
|
9
|
+
* enhancements
|
10
|
+
* Allow passing through bundler-audit ignore with `set :bundler_audit_ignore, ["CVE-1234-5678"]`
|
11
|
+
|
12
|
+
## 1.1.1
|
8
13
|
|
9
14
|
* enhancements
|
10
15
|
* Add colorful IRB prompts based on Rails environment
|
data/README.md
CHANGED
@@ -99,6 +99,15 @@ To automatically tag the code that is about to be released (lazy programmer solu
|
|
99
99
|
before 'deploy', 'deploy:create_tag'
|
100
100
|
```
|
101
101
|
|
102
|
+
#### Bundler Audit
|
103
|
+
|
104
|
+
By default jefferies_tube will raise an error and stop if it detects any vulnerabilities is your installed gems. If you need to deploy anyway even with vulnerabilities you can do `I_KNOW_GEMS_ARE_INSECURE=true cap <environment> deploy`.
|
105
|
+
|
106
|
+
To ignore specific CVE's when running bundler-audit, inside `config/deploy.rb`:
|
107
|
+
```ruby
|
108
|
+
set :bundler_audit_ignore, ["CVE-1234-5678"]
|
109
|
+
```
|
110
|
+
|
102
111
|
### Enable/Disable Maintence Mode
|
103
112
|
|
104
113
|
```
|
@@ -30,7 +30,8 @@ namespace :deploy do
|
|
30
30
|
Bundler::Audit::Database.update!
|
31
31
|
scanner = Bundler::Audit::Scanner.new
|
32
32
|
vulnerable = false
|
33
|
-
|
33
|
+
ignore = fetch(:bundler_audit_ignore, [])
|
34
|
+
scanner.scan(ignore: ignore) do |result|
|
34
35
|
vulnerable = true
|
35
36
|
case result
|
36
37
|
when Bundler::Audit::Scanner::InsecureSource
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: jefferies_tube
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: '1.2'
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Brian Samson
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-
|
11
|
+
date: 2019-10-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: awesome_print
|