Skip to content

July 23, 2019 - Bundle Audit Ignore CVE
Compare
Choose a tag to compare
@wenga86 wenga86 released this 23 Jul 15:34
v0.6.0
6b403dc
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

We need to be able to ignore certain CVE's at times where a fix in the gem is not quick enough and we have a way to mitigate the issue or the issue simply does not apply to us.

Add a BUNDLE_AUDIT_INGORE ENVAR that takes a comma-delimited string of CVE's for the repo to ignore.

Assets 2
Loading