Switch to bundler-audit configuration file (#350)

NYULibraries · Aug 5, 2024 · ef0348d · ef0348d
1 parent bc4edda
commit ef0348d
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/.bundler-audit.yml b/.bundler-audit.yml
@@ -0,0 +1,4 @@
+---
+ignore:
+  - CVE-2015-9284 # Temporarily ignore Omniauth vulnerability
+  - CVE-2024-6531 # No fix for this yet
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -29,4 +29,4 @@ jobs:
         bundle exec rake db:schema:load
         bundle exec rake ci
     - name: Audit gems
-      run: bundle exec bundle-audit check --ignore CVE-2015-9284 # tempoarily ignore omniauth vulnerability
+      run: bundle exec bundle-audit check