ruby_audit 2.0.0 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/test.yml +29 -0
- data/.ruby-version +1 -1
- data/CHANGELOG.md +7 -0
- data/README.md +6 -1
- data/lib/ruby_audit/version.rb +1 -1
- data/ruby_audit.gemspec +3 -3
- metadata +12 -10
- data/.travis.yml +0 -10
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4485faac81d30e19ca663681964837fdd30273e3c4703be5ef18895628387515
|
|
4
|
+
data.tar.gz: f4e16c5c8a380c4ae5b5633c51a69e3a87528478fb0092d0cef21f7e211a1d27
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2f5fdde3dde211c594e3f379f1e9cec574483132973cfe9988e3152d66619af116f556238d14301c730c5282b55448049e6968b4ccb072c81d75b1ce7bf13d05
|
|
7
|
+
data.tar.gz: a17daec359fe5bc5998ff5f7102bff63749ca0735373a6036c2659127570efa28eedb41f0e436cec1a762b5c636aa0596ec11ee875da970ae98a6d9cf2cc3db8
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
name: Test
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches:
|
|
6
|
+
- main
|
|
7
|
+
pull_request:
|
|
8
|
+
branches:
|
|
9
|
+
- main
|
|
10
|
+
|
|
11
|
+
jobs:
|
|
12
|
+
test:
|
|
13
|
+
strategy:
|
|
14
|
+
matrix:
|
|
15
|
+
ruby_version: [2.5, 2.6, 2.7, '3.0', 3.1]
|
|
16
|
+
runs-on: ubuntu-latest
|
|
17
|
+
steps:
|
|
18
|
+
- uses: actions/checkout@v2
|
|
19
|
+
- name: Set up Ruby
|
|
20
|
+
uses: ruby/setup-ruby@v1
|
|
21
|
+
with:
|
|
22
|
+
ruby-version: ${{ matrix.ruby_version }}
|
|
23
|
+
bundler-cache: true
|
|
24
|
+
- name: Install dependencies
|
|
25
|
+
run: bundle install --jobs=3 --retry=3
|
|
26
|
+
- name: Initialize submodule
|
|
27
|
+
run: git submodule update --init
|
|
28
|
+
- name: Run tests
|
|
29
|
+
run: bundle exec rake
|
data/.ruby-version
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
3.
|
|
1
|
+
3.1.0
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
# RubyAudit
|
|
2
2
|
|
|
3
|
-
|
|
3
|
+
|
|
4
4
|
[](http://badge.fury.io/rb/ruby_audit)
|
|
5
5
|
|
|
6
6
|
RubyAudit checks your current version of Ruby and RubyGems against known security vulnerabilities (CVEs), alerting you if you are using an insecure version.
|
|
@@ -27,6 +27,11 @@ Or install it yourself as:
|
|
|
27
27
|
|
|
28
28
|
$ gem install ruby_audit
|
|
29
29
|
|
|
30
|
+
Because bundler-audit requires bundler, RubyAudit requires bundler as a transitive
|
|
31
|
+
dependency. If you don't intend to run RubyAudit in the production environment, you
|
|
32
|
+
may selectively install it in your development and test environments by using
|
|
33
|
+
[Bundler groups](https://bundler.io/guides/groups.html).
|
|
34
|
+
|
|
30
35
|
## Usage
|
|
31
36
|
|
|
32
37
|
To check your current version of Ruby and RubyGems:
|
data/lib/ruby_audit/version.rb
CHANGED
data/ruby_audit.gemspec
CHANGED
|
@@ -5,7 +5,7 @@ require 'ruby_audit/version'
|
|
|
5
5
|
Gem::Specification.new do |spec|
|
|
6
6
|
spec.name = 'ruby_audit'
|
|
7
7
|
spec.version = RubyAudit::VERSION
|
|
8
|
-
spec.authors = ['Jeff Cousens, Mike Saelim']
|
|
8
|
+
spec.authors = ['Jeff Cousens, Mike Saelim', 'John Zhang', 'Cristina Muñoz']
|
|
9
9
|
spec.email = ['opensource@civisanalytics.com']
|
|
10
10
|
|
|
11
11
|
spec.summary = 'Checks Ruby and RubyGems against known vulnerabilities.'
|
|
@@ -17,13 +17,13 @@ Gem::Specification.new do |spec|
|
|
|
17
17
|
spec.homepage = 'https://github.com/civisanalytics/ruby_audit'
|
|
18
18
|
spec.license = 'GPL-3.0-or-later'
|
|
19
19
|
|
|
20
|
-
spec.required_ruby_version = ['>= 2.5', '< 3.
|
|
20
|
+
spec.required_ruby_version = ['>= 2.5', '< 3.2']
|
|
21
21
|
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
|
22
22
|
spec.bindir = 'exe'
|
|
23
23
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
24
24
|
spec.require_paths = ['lib']
|
|
25
25
|
|
|
26
|
-
spec.add_dependency 'bundler-audit', '~> 0.
|
|
26
|
+
spec.add_dependency 'bundler-audit', '~> 0.9.0'
|
|
27
27
|
spec.add_development_dependency 'pry', '~> 0.13.0'
|
|
28
28
|
spec.add_development_dependency 'rake', '~> 13.0'
|
|
29
29
|
spec.add_development_dependency 'rspec', '~> 3.9'
|
metadata
CHANGED
|
@@ -1,14 +1,16 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ruby_audit
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.
|
|
4
|
+
version: 2.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jeff Cousens, Mike Saelim
|
|
8
|
-
|
|
8
|
+
- John Zhang
|
|
9
|
+
- Cristina Muñoz
|
|
10
|
+
autorequire:
|
|
9
11
|
bindir: exe
|
|
10
12
|
cert_chain: []
|
|
11
|
-
date:
|
|
13
|
+
date: 2022-02-24 00:00:00.000000000 Z
|
|
12
14
|
dependencies:
|
|
13
15
|
- !ruby/object:Gem::Dependency
|
|
14
16
|
name: bundler-audit
|
|
@@ -16,14 +18,14 @@ dependencies:
|
|
|
16
18
|
requirements:
|
|
17
19
|
- - "~>"
|
|
18
20
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
21
|
+
version: 0.9.0
|
|
20
22
|
type: :runtime
|
|
21
23
|
prerelease: false
|
|
22
24
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
25
|
requirements:
|
|
24
26
|
- - "~>"
|
|
25
27
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
28
|
+
version: 0.9.0
|
|
27
29
|
- !ruby/object:Gem::Dependency
|
|
28
30
|
name: pry
|
|
29
31
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -104,12 +106,12 @@ executables:
|
|
|
104
106
|
extensions: []
|
|
105
107
|
extra_rdoc_files: []
|
|
106
108
|
files:
|
|
109
|
+
- ".github/workflows/test.yml"
|
|
107
110
|
- ".gitignore"
|
|
108
111
|
- ".gitmodules"
|
|
109
112
|
- ".rspec"
|
|
110
113
|
- ".rubocop.yml"
|
|
111
114
|
- ".ruby-version"
|
|
112
|
-
- ".travis.yml"
|
|
113
115
|
- CHANGELOG.md
|
|
114
116
|
- CODE_OF_CONDUCT.md
|
|
115
117
|
- CONTRIBUTING.md
|
|
@@ -130,7 +132,7 @@ homepage: https://github.com/civisanalytics/ruby_audit
|
|
|
130
132
|
licenses:
|
|
131
133
|
- GPL-3.0-or-later
|
|
132
134
|
metadata: {}
|
|
133
|
-
post_install_message:
|
|
135
|
+
post_install_message:
|
|
134
136
|
rdoc_options: []
|
|
135
137
|
require_paths:
|
|
136
138
|
- lib
|
|
@@ -141,15 +143,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
141
143
|
version: '2.5'
|
|
142
144
|
- - "<"
|
|
143
145
|
- !ruby/object:Gem::Version
|
|
144
|
-
version: '3.
|
|
146
|
+
version: '3.2'
|
|
145
147
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
146
148
|
requirements:
|
|
147
149
|
- - ">="
|
|
148
150
|
- !ruby/object:Gem::Version
|
|
149
151
|
version: '0'
|
|
150
152
|
requirements: []
|
|
151
|
-
rubygems_version: 3.2.
|
|
152
|
-
signing_key:
|
|
153
|
+
rubygems_version: 3.2.5
|
|
154
|
+
signing_key:
|
|
153
155
|
specification_version: 4
|
|
154
156
|
summary: Checks Ruby and RubyGems against known vulnerabilities.
|
|
155
157
|
test_files: []
|