Skip to content

Commit

Permalink
Adding bundle audit and updating gems
Browse files Browse the repository at this point in the history
  • Loading branch information
@kigster
kigster committed Dec 5, 2024
1 parent 51447be commit ffa4945
Show file tree
Hide file tree
Showing 3 changed files with 76 additions and 34 deletions.
28 changes: 28 additions & 0 deletions .github/workflows/audit.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
# .github/workflows/main.yaml
name: "TicketBooth CI: Audit"

on:
push:
branches: [ main ]
pull_request:
branches: [ main ]

jobs:
main:
name: Bundle Audit
runs-on: ubuntu-latest
steps:
- run: sudo apt-get update -yqq
- run: sudo apt-get install -yqq netcat libpq-dev

- uses: actions/checkout@v4

- uses: ruby/setup-ruby@v1
with:
ruby-version: '3.3.5'
bundler-cache: true

- name: Bundle Audit
run: |
gem install bundle-audit -N
bundle audit
3 changes: 2 additions & 1 deletion Gemfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ ruby File.read('.ruby-version')
# Use main development branch of Rails
gem 'data_migrate'
gem 'rails', '=8.0.0.beta1'
gem 'rails-html-sanitizer'

# Unclear if we need to require it explicitly
# gem 'activesupport', '=7.1.3.2'
Expand Down Expand Up @@ -77,7 +78,7 @@ gem 'haml-rails'
gem 'annotate'
gem 'attribute_normalizer'
gem 'awesome_print'
gem 'carrierwave'
gem 'carrierwave', '~> 2'
gem 'dalli'
gem 'devise'
gem 'mini_magick'
Expand Down
79 changes: 46 additions & 33 deletions Gemfile.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,11 +125,14 @@ GEM
capistrano-slackify (2.10.3)
capistrano (>= 3.2.0)
multi_json
carrierwave (1.3.4)
activemodel (>= 4.0.0)
activesupport (>= 4.0.0)
mime-types (>= 1.16)
ssrf_filter (~> 1.0, < 1.1.0)
carrierwave (2.2.6)
activemodel (>= 5.0.0)
activesupport (>= 5.0.0)
addressable (~> 2.6)
image_processing (~> 1.1)
marcel (~> 1.0.0)
mini_mime (>= 0.1.3)
ssrf_filter (~> 1.0)
codecov (0.2.12)
json
simplecov
Expand All @@ -151,7 +154,7 @@ GEM
data_migrate (11.2.0)
activerecord (>= 6.1)
railties (>= 6.1)
date (3.4.0)
date (3.4.1)
debug (1.9.2)
irb (~> 1.10)
reline (>= 0.3.8)
Expand All @@ -174,6 +177,12 @@ GEM
railties (>= 5.0.0)
faker (3.5.1)
i18n (>= 1.8.11, < 2)
ffi (1.17.0-aarch64-linux-gnu)
ffi (1.17.0-arm-linux-gnu)
ffi (1.17.0-arm64-darwin)
ffi (1.17.0-x86-linux-gnu)
ffi (1.17.0-x86_64-darwin)
ffi (1.17.0-x86_64-linux-gnu)
flatpickr (4.6.13.1)
foreman (0.88.1)
globalid (1.2.1)
Expand All @@ -191,7 +200,10 @@ GEM
hashie (5.0.0)
i18n (1.14.6)
concurrent-ruby (~> 1.0)
io-console (0.7.2)
image_processing (1.13.0)
mini_magick (>= 4.9.5, < 5)
ruby-vips (>= 2.0.17, < 3)
io-console (0.8.0)
irb (1.14.1)
rdoc (>= 4.0.0)
reline (>= 0.4.2)
Expand All @@ -200,9 +212,9 @@ GEM
activesupport (>= 5.0.0)
jsbundling-rails (1.3.1)
railties (>= 6.0.0)
json (2.8.2)
json (2.9.0)
language_server-protocol (3.17.0.3)
logger (1.6.1)
logger (1.6.2)
lograge (0.14.0)
actionpack (>= 4)
activesupport (>= 4)
Expand All @@ -218,13 +230,9 @@ GEM
net-pop
net-smtp
marcel (1.0.4)
mime-types (3.6.0)
logger
mime-types-data (~> 3.2015)
mime-types-data (3.2024.1105)
mini_magick (5.0.1)
mini_magick (4.13.2)
mini_mime (1.1.5)
minitest (5.25.2)
minitest (5.25.4)
msgpack (1.7.5)
multi_json (1.15.0)
net-imap (0.5.1)
Expand All @@ -242,19 +250,19 @@ GEM
net-protocol
net-ssh (7.3.0)
net_http_unix (0.2.2)
newrelic_rpm (9.16.0)
newrelic_rpm (9.16.1)
nio4r (2.7.4)
nokogiri (1.16.7-aarch64-linux)
nokogiri (1.16.8-aarch64-linux)
racc (~> 1.4)
nokogiri (1.16.7-arm-linux)
nokogiri (1.16.8-arm-linux)
racc (~> 1.4)
nokogiri (1.16.7-arm64-darwin)
nokogiri (1.16.8-arm64-darwin)
racc (~> 1.4)
nokogiri (1.16.7-x86-linux)
nokogiri (1.16.8-x86-linux)
racc (~> 1.4)
nokogiri (1.16.7-x86_64-darwin)
nokogiri (1.16.8-x86_64-darwin)
racc (~> 1.4)
nokogiri (1.16.7-x86_64-linux)
nokogiri (1.16.8-x86_64-linux)
racc (~> 1.4)
orm_adapter (0.5.0)
ostruct (0.6.1)
Expand All @@ -272,7 +280,8 @@ GEM
railties (>= 7.0.0)
protected_attributes_continued (1.9.0)
activemodel (>= 5.0)
psych (5.2.0)
psych (5.2.1)
date
stringio
public_suffix (6.0.1)
puma (6.5.0)
Expand Down Expand Up @@ -306,9 +315,9 @@ GEM
activesupport (>= 5.0.0)
minitest
nokogiri (>= 1.6)
rails-html-sanitizer (1.6.0)
rails-html-sanitizer (1.6.1)
loofah (~> 2.21)
nokogiri (~> 1.14)
nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
railties (8.0.0.beta1)
actionpack (= 8.0.0.beta1)
activesupport (= 8.0.0.beta1)
Expand Down Expand Up @@ -359,15 +368,15 @@ GEM
rspec-expectations (~> 3.13)
rspec-mocks (~> 3.13)
rspec-support (~> 3.13)
rspec-support (3.13.1)
rubocop (1.69.0)
rspec-support (3.13.2)
rubocop (1.69.1)
json (~> 2.3)
language_server-protocol (>= 3.17.0)
parallel (~> 1.10)
parser (>= 3.3.0.2)
rainbow (>= 2.2.2, < 4.0)
regexp_parser (>= 2.4, < 3.0)
rubocop-ast (>= 1.36.1, < 2.0)
regexp_parser (>= 2.9.3, < 3.0)
rubocop-ast (>= 1.36.2, < 2.0)
ruby-progressbar (~> 1.7)
unicode-display_width (>= 2.4.0, < 4.0)
rubocop-ast (1.36.2)
Expand All @@ -393,7 +402,10 @@ GEM
rubocop-rspec (3.2.0)
rubocop (~> 1.61)
ruby-progressbar (1.13.0)
securerandom (0.3.2)
ruby-vips (2.2.2)
ffi (~> 1.12)
logger
securerandom (0.4.0)
simplecov (0.22.0)
docile (~> 1.1)
simplecov-html (~> 0.11)
Expand All @@ -406,7 +418,7 @@ GEM
net-sftp (>= 2.1.2)
net-ssh (>= 2.8.0)
ostruct
ssrf_filter (1.0.8)
ssrf_filter (1.2.0)
stimulus-rails (1.3.4)
railties (>= 6.0.0)
stringio (3.1.2)
Expand All @@ -426,7 +438,7 @@ GEM
unicode-emoji (~> 4.0, >= 4.0.4)
unicode-emoji (4.0.4)
uri (1.0.2)
useragent (0.16.10)
useragent (0.16.11)
vcr (6.3.1)
base64
ventable (1.3.1)
Expand Down Expand Up @@ -474,7 +486,7 @@ DEPENDENCIES
capistrano-rake
capistrano-rbenv
capistrano-slackify (~> 2.10)
carrierwave
carrierwave (~> 2)
codecov
colorize
country_select
Expand Down Expand Up @@ -507,6 +519,7 @@ DEPENDENCIES
puma (>= 6)
puma-status
rails (= 8.0.0.beta1)
rails-html-sanitizer
rake
redis
relaxed-rubocop
Expand Down

0 comments on commit ffa4945

Please sign in to comment.