Tag
bundler-audit
Safeguard articles tagged "bundler-audit" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Security Guides
Auditing RubyGems Dependencies with bundler-audit
bundler-audit checks your Gemfile.lock against the ruby-advisory-db and flags insecure gem sources. Here is how to run it in Ruby and Rails projects — and beyond.
Jul 6, 20265 min read
Open Source Security
Auditing Ruby dependencies for known CVEs with bundler-audit
A step-by-step bundler-audit tutorial for scanning Ruby gems against known CVEs, patching vulnerable dependencies, and enforcing the check in CI.
Feb 2, 20267 min read
Open Source Security
Auditing Rails applications' Gemfile for vulnerable depen...
A practical guide to auditing your Rails Gemfile and Gemfile.lock for vulnerable dependencies using bundler-audit, from triage through CI automation.
Jan 26, 20268 min read