bundler-audit icon indicating copy to clipboard operation
bundler-audit copied to clipboard
verified publisher icon rubysec

Include other system critical advisory data

Open suung opened this issue 9 years ago • 1 comments

Would it be possible, to include advisory data based on used systems?

For example CentOS and the delivered packages?

suung avatar May 06 '16 14:05 suung

Conversely, would it be possible to ignore advisories for certain platforms? E.g., Windows. I don't deploy on Windows, and nobody on my team is using Windows. Or maybe allow people to opt-in to fail only on advisories pertaining to the current platform? I prefer the former since the chance of missing a relevant CVE is much less likely while not being annoyed with CVEs that are irrelevant.

kaikuchn avatar Sep 11 '18 07:09 kaikuchn