Merge pull request #14 from ahasunos/add-bundler-audit

ci: add bundler audit to scan vulnerabilities
ahasunos · Sep 5, 2024 · 17c130a · 17c130a
2 parents b289025 + 78209c6
commit 17c130a
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 0 deletions.
diff --git a/.github/workflows/bundler-audit.yml b/.github/workflows/bundler-audit.yml
@@ -0,0 +1,30 @@
+name: Bundler Audit / Vulnerability Scan
+
+on:
+  schedule:
+    - cron: '0 0 * * 0' # Weekly on Sundays at midnight
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  audit:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v3
+
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: 3.2
+
+    - name: Install dependencies
+      run: bundle install
+
+    - name: Run Bundler Audit
+      run: bundle exec bundler-audit check --update
diff --git a/Gemfile b/Gemfile
@@ -9,6 +9,7 @@ gemspec
 gemspec
 
 group :development do
+  gem 'bundler-audit', require: false
   gem 'byebug'
   gem 'rake', '~> 13.0'
   gem 'rspec', '~> 3.0'