RubyGems - railties - Versions diffs - 8.0.3 → 8.1.0 - Mend

railties 8.0.3 → 8.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (105) hide show

data/lib/rails/command/base.rb CHANGED Viewed

@@ -3,8 +3,6 @@
 require "thor"
 require "erb"
-require "active_support/core_ext/class/attribute"
-require "active_support/core_ext/module/delegation"
 require "active_support/core_ext/string/inflections"
 require "rails/command/actions"

data/lib/rails/command/environment_argument.rb CHANGED Viewed

@@ -1,7 +1,6 @@
 # frozen_string_literal: true
 require "active_support"
-require "active_support/core_ext/class/attribute"
 module Rails
   module Command

data/lib/rails/command.rb CHANGED Viewed

@@ -1,8 +1,8 @@
 # frozen_string_literal: true
 require "active_support"
+require "active_support/rails"
 require "active_support/core_ext/enumerable"
-require "active_support/core_ext/object/blank"
 require "rails/deprecator"
 require "thor"

data/lib/rails/commands/app/update_command.rb CHANGED Viewed

@@ -73,6 +73,7 @@ module Rails
               skip_action_text:    !defined?(ActionText::Engine),
               skip_action_cable:   !defined?(ActionCable::Engine),
               skip_brakeman:       skip_gem?("brakeman"),
+              skip_bundler_audit:  skip_gem?("bundler-audit"),
               skip_rubocop:        skip_gem?("rubocop"),
               skip_thruster:       skip_gem?("thruster"),
               skip_test:           !defined?(Rails::TestUnitRailtie),

data/lib/rails/commands/console/irb_console.rb CHANGED Viewed

@@ -91,9 +91,9 @@ module Rails
         IRB.conf[:IRB_NAME] = @app.name if IRB.conf[:IRB_NAME] == "irb"
         IRB.conf[:PROMPT][:RAILS_PROMPT] = {
-          PROMPT_I: "#{prompt_prefix}> ",
-          PROMPT_S: "#{prompt_prefix}%l ",
-          PROMPT_C: "#{prompt_prefix}* ",
+          PROMPT_I: "#{prompt_prefix}:%03n> ",
+          PROMPT_S: "#{prompt_prefix}:%03n%l ",
+          PROMPT_C: "#{prompt_prefix}:%03n* ",
           RETURN: "=> %s\n"
         }
@@ -122,7 +122,7 @@ module Rails
         when "production"
           IRB::Color.colorize("prod", [:RED])
         else
-          Rails.env
+          IRB::Color.colorize(Rails.env, [:MAGENTA])
         end
       end
     end

data/lib/rails/commands/credentials/credentials_command.rb CHANGED Viewed

@@ -35,7 +35,7 @@ module Rails
       def show
         load_environment_config!
-        say credentials.read.presence || missing_credentials_message
+        say credentials.read.presence || missing_credentials!
       end
       desc "diff", "Enroll/disenroll in decrypted diffs of credentials using git"
@@ -57,6 +57,26 @@ module Rails
         say credentials.content_path.read
       end
+      desc "fetch PATH", "Fetch a value in the decrypted credentials"
+      def fetch(path)
+        load_environment_config!
+        if (yaml = credentials.read)
+          begin
+            value = YAML.load(yaml)
+            value = path.split(".").inject(value) do |doc, key|
+              doc.fetch(key)
+            end
+            say value.to_s
+          rescue KeyError, NoMethodError
+            say_error "Invalid or missing credential path: #{path}"
+            exit 1
+          end
+        else
+          missing_credentials!
+        end
+      end
       private
         def config
           Rails.application.config.credentials
@@ -81,7 +101,6 @@ module Rails
           encryption_key_file_generator = Rails::Generators::EncryptionKeyFileGenerator.new
           encryption_key_file_generator.add_key_file(key_path)
-          encryption_key_file_generator.ignore_key_file(key_path)
         end
         def ensure_credentials_have_been_added
@@ -115,12 +134,13 @@ module Rails
           say "Your application will not be able to load '#{content_path}' until the error has been fixed.", :red
         end
-        def missing_credentials_message
+        def missing_credentials!
           if !credentials.key?
-            "Missing '#{key_path}' to decrypt credentials. See `#{executable(:help)}`."
+            say_error "Missing '#{key_path}' to decrypt credentials. See `#{executable(:help)}`."
           else
-            "File '#{content_path}' does not exist. Use `#{executable(:edit)}` to change that."
+            say_error "File '#{content_path}' does not exist. Use `#{executable(:edit)}` to change that."
           end
+          exit 1
         end
         def relative_path(path)

data/lib/rails/commands/encrypted/encrypted_command.rb CHANGED Viewed

@@ -45,7 +45,6 @@ module Rails
         def ensure_encryption_key_has_been_added
           return if encrypted_configuration.key?
           encryption_key_file_generator.add_key_file(key_path)
-          encryption_key_file_generator.ignore_key_file(key_path)
         end
         def ensure_encrypted_configuration_has_been_added

data/lib/rails/engine.rb CHANGED Viewed

@@ -3,7 +3,6 @@
 require "rails/railtie"
 require "rails/engine/railties"
 require "active_support/callbacks"
-require "active_support/core_ext/module/delegation"
 require "active_support/core_ext/object/try"
 require "pathname"

data/lib/rails/gem_version.rb CHANGED Viewed

@@ -8,8 +8,8 @@ module Rails
   module VERSION
     MAJOR = 8
-    MINOR = 0
-    TINY  = 3
+    MINOR = 1
+    TINY  = 0
     PRE   = nil
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join(".")

data/lib/rails/generators/actions.rb CHANGED Viewed

@@ -445,11 +445,10 @@ module Rails
       private
         # Define log for backwards compatibility. If just one argument is sent,
-        # invoke +say+, otherwise invoke +say_status+. Differently from +say+ and
-        # similarly to +say_status+, this method respects the +quiet?+ option given.
+        # invoke +say+, otherwise invoke +say_status+.
         def log(*args) # :doc:
           if args.size == 1
-            say args.first.to_s unless options.quiet?
+            say args.first.to_s
           else
             args << (behavior == :invoke ? :green : :red)
             say_status(*args)

data/lib/rails/generators/app_base.rb CHANGED Viewed

@@ -73,7 +73,8 @@ module Rails
         class_option :skip_action_cable,   type: :boolean, aliases: "-C", default: nil,
                                            desc: "Skip Action Cable files"
-        class_option :skip_asset_pipeline, type: :boolean, aliases: "-A", default: nil
+        class_option :skip_asset_pipeline, type: :boolean, aliases: "-A", default: nil,
+                                           desc: "Skip the asset pipeline setup"
         class_option :skip_javascript,     type: :boolean, aliases: ["-J", "--skip-js"], default: (true if name == "plugin"),
                                            desc: "Skip JavaScript files"
@@ -105,6 +106,9 @@ module Rails
         class_option :skip_brakeman,       type: :boolean, default: nil,
                                            desc: "Skip brakeman setup"
+        class_option :skip_bundler_audit,  type: :boolean, default: nil,
+                                           desc: "Skip bundler-audit setup"
         class_option :skip_ci,             type: :boolean, default: nil,
                                            desc: "Skip GitHub CI files"
@@ -399,6 +403,10 @@ module Rails
         options[:skip_brakeman]
       end
+      def skip_bundler_audit?
+        options[:skip_bundler_audit]
+      end
       def skip_ci?
         options[:skip_ci]
       end
@@ -493,7 +501,7 @@ module Rails
       def javascript_gemfile_entry
         return if options[:skip_javascript]
-        if options[:javascript] == "importmap"
+        if using_importmap?
           GemfileEntry.floats "importmap-rails", "Use JavaScript with ESM import maps [https://github.com/rails/importmap-rails]"
         else
           GemfileEntry.floats "jsbundling-rails", "Bundle and transpile JavaScript [https://github.com/rails/jsbundling-rails]"
@@ -512,9 +520,12 @@ module Rails
         [ turbo_rails_entry, stimulus_rails_entry ]
       end
+      def using_importmap?
+        !options.skip_javascript? && options[:javascript] == "importmap"
+      end
       def using_js_runtime?
-        (options[:javascript] && !%w[importmap].include?(options[:javascript])) ||
-          (options[:css] && !%w[tailwind sass].include?(options[:css]))
+        !options.skip_javascript? && (!using_importmap? || (options[:css] && !%w[tailwind sass].include?(options[:css])))
       end
       def using_node?
@@ -525,31 +536,35 @@ module Rails
         using_js_runtime? && %w[bun].include?(options[:javascript])
       end
+      def capture_command(command, pattern = nil)
+        output = `#{command}`
+        if pattern
+          output[pattern]
+        else
+          output
+        end
+      rescue SystemCallError
+        nil
+      end
       def node_version
         if using_node?
           ENV.fetch("NODE_VERSION") do
-            `node --version`[/\d+\.\d+\.\d+/]
-          rescue
-            NODE_LTS_VERSION
+            capture_command("node --version", /\d+\.\d+\.\d+/) || NODE_LTS_VERSION
           end
         end
       end
       def dockerfile_yarn_version
-        using_node? and `yarn --version`[/\d+\.\d+\.\d+/]
-      rescue
-        "latest"
+        capture_command("yarn --version", /\d+\.\d+\.\d+/) || "latest"
       end
       def yarn_through_corepack?
-        true if dockerfile_yarn_version == "latest"
-        dockerfile_yarn_version >= "2"
+        using_node? and "#{dockerfile_yarn_version}" >= "2"
       end
       def dockerfile_bun_version
-        using_bun? and `bun --version`[/\d+\.\d+\.\d+/]
-      rescue
-        BUN_VERSION
+        capture_command("bun --version", /\d+\.\d+\.\d+/) || BUN_VERSION
       end
       def dockerfile_binfile_fixups
@@ -617,11 +632,16 @@ module Rails
       end
       def ci_packages
-        if depends_on_system_test?
-          dockerfile_build_packages << "google-chrome-stable"
-        else
-          dockerfile_build_packages
-        end
+        dockerfile_build_packages - [
+          # GitHub Actions doesn't have build-essential,
+          # but it's a meta-packages and all its dependencies are already installed.
+          "build-essential",
+          "git",
+          "pkg-config",
+          "libyaml-dev",
+          "unzip",
+          "python-is-python3",
+        ]
       end
       def css_gemfile_entry
@@ -644,6 +664,11 @@ module Rails
         end
       end
+      def rails_command(command, command_options = {})
+        command_options[:capture] = true if options[:quiet]
+        super
+      end
       def bundle_install?
         !(options[:skip_bundle] || options[:pretend])
       end
@@ -738,12 +763,6 @@ module Rails
         end
       end
-      def generate_bundler_binstub
-        if bundle_install?
-          bundle_command("binstubs bundler")
-        end
-      end
       def jruby?
         defined?(JRUBY_VERSION)
       end
@@ -758,11 +777,13 @@ module Rails
       end
       def user_default_branch
-        @user_default_branch ||= `git config init.defaultbranch`
+        @user_default_branch ||= capture_command("git config init.defaultbranch").strip.presence || "main"
       end
       def git_init_command
-        return "git init" if user_default_branch.strip.present?
+        if capture_command("git config init.defaultbranch").present?
+          return "git init"
+        end
         git_version = `git --version`[/\d+\.\d+\.\d+/]

data/lib/rails/generators/database.rb CHANGED Viewed

@@ -218,7 +218,7 @@ module Rails
         end
         def base_package
-          nil
+          "default-mysql-client"
         end
         def build_package

data/lib/rails/generators/erb/authentication/authentication_generator.rb CHANGED Viewed

@@ -5,6 +5,8 @@ require "rails/generators/erb"
 module Erb # :nodoc:
   module Generators # :nodoc:
     class AuthenticationGenerator < Rails::Generators::Base # :nodoc:
+      hide!
       def create_files
         template "app/views/passwords/new.html.erb"
         template "app/views/passwords/edit.html.erb"

data/lib/rails/generators/erb/scaffold/templates/partial.html.erb.tt CHANGED Viewed

@@ -1,6 +1,6 @@
 <div id="<%%= dom_id <%= singular_name %> %>">
 <% attributes.reject(&:password_digest?).each do |attribute| -%>
-  <p>
+  <div>
     <strong><%= attribute.human_name %>:</strong>
 <% if attribute.attachment? -%>
     <%%= link_to <%= singular_name %>.<%= attribute.column_name %>.filename, <%= singular_name %>.<%= attribute.column_name %> if <%= singular_name %>.<%= attribute.column_name %>.attached? %>
@@ -11,7 +11,7 @@
 <% else -%>
     <%%= <%= singular_name %>.<%= attribute.column_name %> %>
 <% end -%>
-  </p>
+  </div>
 <% end -%>
 </div>

data/lib/rails/generators/generated_attribute.rb CHANGED Viewed

@@ -73,7 +73,7 @@ module Rails
         def valid_type?(type)
           DEFAULT_TYPES.include?(type.to_s) ||
             !defined?(ActiveRecord::Base) ||
-            ActiveRecord::Base.lease_connection.valid_type?(type)
+            ActiveRecord::Base.connection_db_config.adapter_class.valid_type?(type)
         end
         def valid_index_type?(index_type)

data/lib/rails/generators/migration.rb CHANGED Viewed

@@ -1,6 +1,5 @@
 # frozen_string_literal: true
-require "active_support/concern"
 require "rails/generators/actions/create_migration"
 module Rails

data/lib/rails/generators/rails/app/app_generator.rb CHANGED Viewed

@@ -109,7 +109,7 @@ module Rails
     end
     def bin
-      exclude_pattern = Regexp.union([(/thrust/ if skip_thruster?), (/rubocop/ if skip_rubocop?), (/brakeman/ if skip_brakeman?)].compact)
+      exclude_pattern = Regexp.union([(/thrust/ if skip_thruster?), (/rubocop/ if skip_rubocop?), (/brakeman/ if skip_brakeman?), (/bundler-audit/ if skip_bundler_audit?)].compact)
       directory "bin", { exclude_pattern: exclude_pattern } do |content|
         "#{shebang}\n" + content
       end
@@ -127,7 +127,9 @@ module Rails
         template "routes.rb" unless options[:update]
         template "application.rb"
         template "environment.rb"
-        template "cable.yml" unless options[:update] || options[:skip_action_cable]
+        template "bundler-audit.yml" unless skip_bundler_audit?
+        template "cable.yml" unless options[:update] || skip_action_cable?
+        template "ci.rb"
         template "puma.rb"
         template "storage.yml" unless options[:update] || skip_active_storage?
@@ -140,6 +142,8 @@ module Rails
     def config_when_updating
       action_cable_config_exist       = File.exist?("config/cable.yml")
       active_storage_config_exist     = File.exist?("config/storage.yml")
+      ci_config_exist                 = File.exist?("config/ci.rb")
+      bundle_audit_config_exist       = File.exist?("config/bundler-audit.yml")
       rack_cors_config_exist          = File.exist?("config/initializers/cors.rb")
       assets_config_exist             = File.exist?("config/initializers/assets.rb")
       asset_app_stylesheet_exist      = File.exist?("app/assets/stylesheets/application.css")
@@ -149,7 +153,7 @@ module Rails
       config
-      if !options[:skip_action_cable] && !action_cable_config_exist
+      if !skip_action_cable? && !action_cable_config_exist
         template "config/cable.yml"
       end
@@ -157,6 +161,10 @@ module Rails
         template "config/storage.yml"
       end
+      if !ci_config_exist
+        template "config/ci.rb"
+      end
       if skip_asset_pipeline? && !assets_config_exist
         remove_file "config/initializers/assets.rb"
       end
@@ -169,6 +177,10 @@ module Rails
         remove_file "config/initializers/cors.rb"
       end
+      if !skip_bundler_audit? && !bundle_audit_config_exist
+        template "config/bundler-audit.yml"
+      end
       if options[:api]
         unless csp_config_exist
           remove_file "config/initializers/content_security_policy.rb"
@@ -182,7 +194,6 @@ module Rails
       require "rails/generators/rails/master_key/master_key_generator"
       master_key_generator = Rails::Generators::MasterKeyGenerator.new([], quiet: options[:quiet], force: options[:force])
       master_key_generator.add_master_key_file_silently
-      master_key_generator.ignore_master_key_file_silently
     end
     def credentials
@@ -306,6 +317,7 @@ module Rails
             :skip_active_storage,
             :skip_bootsnap,
             :skip_brakeman,
+            :skip_bundler_audit,
             :skip_ci,
             :skip_dev_gems,
             :skip_docker,
@@ -570,7 +582,6 @@ module Rails
       public_task :apply_rails_template
       public_task :run_bundle
       public_task :add_bundler_platforms
-      public_task :generate_bundler_binstub
       public_task :run_javascript
       public_task :run_hotwire
       public_task :run_css

data/lib/rails/generators/rails/app/templates/Dockerfile.tt CHANGED Viewed

@@ -17,18 +17,20 @@ WORKDIR /rails
 # Install base packages
 RUN apt-get update -qq && \
     apt-get install --no-install-recommends -y <%= dockerfile_base_packages.join(" ") %> && \
+    ln -s /usr/lib/$(uname -m)-linux-gnu/libjemalloc.so.2 /usr/local/lib/libjemalloc.so && \
     rm -rf /var/lib/apt/lists /var/cache/apt/archives
-# Set production environment
+# Set production environment variables and enable jemalloc for reduced memory usage and latency.
 ENV RAILS_ENV="production" \
     BUNDLE_DEPLOYMENT="1" \
     BUNDLE_PATH="/usr/local/bundle" \
-    BUNDLE_WITHOUT="development"
+    BUNDLE_WITHOUT="development" \
+    LD_PRELOAD="/usr/local/lib/libjemalloc.so"
 # Throw-away build stage to reduce size of final image
 FROM base AS build
-# Install packages needed to build gems<%= using_node? ? " and node modules" : "" %>
+# Install packages needed to build gems<%= (using_node? || using_bun?) ? " and node modules" : "" %>
 RUN apt-get update -qq && \
     apt-get install --no-install-recommends -y <%= dockerfile_build_packages.join(" ") %> && \
     rm -rf /var/lib/apt/lists /var/cache/apt/archives
@@ -59,10 +61,12 @@ RUN curl -fsSL https://bun.sh/install | bash -s -- "bun-v${BUN_VERSION}"
 <% end -%>
 # Install application gems
-COPY Gemfile Gemfile.lock ./
+COPY Gemfile Gemfile.lock vendor ./
 RUN bundle install && \
     rm -rf ~/.bundle/ "${BUNDLE_PATH}"/ruby/*/cache "${BUNDLE_PATH}"/ruby/*/bundler/gems/*/.git<% if depend_on_bootsnap? -%> && \
-    bundle exec bootsnap precompile --gemfile<% end %>
+    # -j 1 disable parallel compilation to avoid a QEMU bug: https://github.com/rails/bootsnap/issues/495
+    bundle exec bootsnap precompile -j 1 --gemfile<% end %>
 <% if using_node? -%>
 # Install node modules
@@ -80,8 +84,9 @@ RUN bun install --frozen-lockfile
 COPY . .
 <% if depend_on_bootsnap? -%>
-# Precompile bootsnap code for faster boot times
-RUN bundle exec bootsnap precompile app/ lib/
+# Precompile bootsnap code for faster boot times.
+# -j 1 disable parallel compilation to avoid a QEMU bug: https://github.com/rails/bootsnap/issues/495
+RUN bundle exec bootsnap precompile -j 1 app/ lib/
 <% end -%>
 <% unless dockerfile_binfile_fixups.empty? -%>
@@ -95,23 +100,22 @@ RUN SECRET_KEY_BASE_DUMMY=1 ./bin/rails assets:precompile
 <% end -%>
-<% if using_node? -%>
+<% if using_node? || using_bun? -%>
 RUN rm -rf node_modules
 <% end %>
 # Final stage for app image
 FROM base
-# Copy built artifacts: gems, application
-COPY --from=build "${BUNDLE_PATH}" "${BUNDLE_PATH}"
-COPY --from=build /rails /rails
 # Run and own only the runtime files as a non-root user for security
 RUN groupadd --system --gid 1000 rails && \
-    useradd rails --uid 1000 --gid 1000 --create-home --shell /bin/bash && \
-    chown -R rails:rails <%= dockerfile_chown_directories.join(" ") %>
+    useradd rails --uid 1000 --gid 1000 --create-home --shell /bin/bash
 USER 1000:1000
+# Copy built artifacts: gems, application
+COPY --chown=rails:rails --from=build "${BUNDLE_PATH}" "${BUNDLE_PATH}"
+COPY --chown=rails:rails --from=build /rails /rails
 # Entrypoint prepares the database.
 ENTRYPOINT ["/rails/bin/docker-entrypoint"]
@@ -123,4 +127,4 @@ CMD ["./bin/rails", "server"]
 # Start server via Thruster by default, this can be overwritten at runtime
 EXPOSE 80
 CMD ["./bin/thrust", "./bin/rails", "server"]
-<% end -%>
+<% end -%>

data/lib/rails/generators/rails/app/templates/Gemfile.tt CHANGED Viewed

@@ -42,7 +42,7 @@ gem "thruster", require: false
 <% unless skip_active_storage? -%>
 # Use Active Storage variants [https://guides.rubyonrails.org/active_storage_overview.html#transforming-images]
-# gem "image_processing", "~> 1.2"
+gem "image_processing", "~> 1.2"
 <% end -%>
 <%- if options.api? -%>
@@ -54,6 +54,11 @@ gem "thruster", require: false
 group :development, :test do
   # See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem
   gem "debug", platforms: %i[ mri windows ], require: "debug/prelude"
+<%- unless options.skip_bundler_audit? -%>
+  # Audits gems for known security defects (use config/bundler-audit.yml to ignore issues)
+  gem "bundler-audit", require: false
+<%- end -%>
 <%- unless options.skip_brakeman? -%>
   # Static analysis for security vulnerabilities [https://brakemanscanner.org/]

data/lib/rails/generators/rails/app/templates/app/controllers/application_controller.rb.tt CHANGED Viewed

@@ -2,5 +2,10 @@ class ApplicationController < ActionController::<%= options.api? ? "API" : "Base
 <%- unless options.api? -%>
   # Only allow modern browsers supporting webp images, web push, badges, import maps, CSS nesting, and CSS :has.
   allow_browser versions: :modern
+<%- if using_importmap? -%>
+  # Changes to the importmap will invalidate the etag for HTML responses
+  stale_when_importmap_changes
+<% end -%>
 <% end -%>
 end

data/lib/rails/generators/rails/app/templates/app/views/layouts/application.html.erb.tt CHANGED Viewed

@@ -4,6 +4,7 @@
     <title><%%= content_for(:title) || "<%= app_name.titleize %>" %></title>
     <meta name="viewport" content="width=device-width,initial-scale=1">
     <meta name="apple-mobile-web-app-capable" content="yes">
+    <meta name="application-name" content="<%= app_name.titleize %>">
     <meta name="mobile-web-app-capable" content="yes">
     <%%= csrf_meta_tags %>
     <%%= csp_meta_tag %>

data/lib/rails/generators/rails/app/templates/bin/bundler-audit.tt ADDED Viewed

@@ -0,0 +1,5 @@
+require_relative "../config/boot"
+require "bundler/audit/cli"
+ARGV.concat %w[ --config config/bundler-audit.yml ] if ARGV.empty? || ARGV.include?("check")
+Bundler::Audit::CLI.start

data/lib/rails/generators/rails/app/templates/bin/ci.tt ADDED Viewed

@@ -0,0 +1,5 @@
+require_relative "../config/boot"
+require "active_support/continuous_integration"
+CI = ActiveSupport::ContinuousIntegration
+require_relative "../config/ci.rb"

data/lib/rails/generators/rails/app/templates/bin/rubocop.tt CHANGED Viewed

@@ -1,7 +1,7 @@
 require "rubygems"
 require "bundler/setup"
-# explicit rubocop config increases performance slightly while avoiding config confusion.
+# Explicit RuboCop config increases performance slightly while avoiding config confusion.
 ARGV.unshift("--config", File.expand_path("../.rubocop.yml", __dir__))
 load Gem.bin_path("rubocop", "rubocop")

data/lib/rails/generators/rails/app/templates/bin/setup.tt CHANGED Viewed

@@ -31,6 +31,7 @@ FileUtils.chdir APP_ROOT do
   puts "\n== Preparing database =="
   system! "bin/rails db:prepare"
+  system! "bin/rails db:reset" if ARGV.include?("--reset")
 <% end -%>
   puts "\n== Removing old logs and tempfiles =="

data/lib/rails/generators/rails/app/templates/config/bundler-audit.yml.tt ADDED Viewed

@@ -0,0 +1,5 @@
+# Audit all gems listed in the Gemfile for known security problems by running bin/bundler-audit.
+# CVEs that are not relevant to the application can be enumerated on the ignore list below.
+ignore:
+  - CVE-THAT-DOES-NOT-APPLY