reddit hackernews mail facebook facebook linkedin
bundler-audit

bundler-audit

Patch-level verification for Bundler.

Features:
- Checks for vulnerable versions of gems in Gemfile.lock.
- Checks for insecure gem sources (http:// and git://).
- Allows ignoring certain advisories that have been manually worked around.
- Prints advisory information.
- Does not require a network connection.