bundler-audit icon indicating copy to clipboard operation
bundler-audit copied to clipboard

Published 20 hours ago verified publisher icon rubysec

Refactor Bundler::Audit::Scanner#initialize

Open postmodern opened this issue 7 years ago • 4 comments

Looking at #initialize now, it seems that it should accept the scanner options (:ignore) and store those as instance variables. The #scan method would then accept the path to the Gemfile.lock. This would allow the Scanner object to be configured once and ran across multiple Gemfile.lock files.

postmodern avatar Oct 12 '17 01:10 postmodern

Would this be relevant to @mveytsman and @phillmv's interests?

postmodern avatar Oct 12 '17 01:10 postmodern

This may be partially related to https://github.com/rubysec/bundler-audit/pull/182

picatz avatar Oct 22 '17 03:10 picatz

Interested in this. Working through the process of upgrading a production app, and currently have the app booting 2 versions of Rails. Each version is run off different bundler lockfiles, Gemfile.lock, and GemfileNext.lock. Would love for a way to supply a list of lockfiles to check or just basic cli support for custom lockfile path. If you're interested in the latter (even though it will most likely clash with this issue), please let me know and I'll submit a PR.

daveallie avatar Feb 28 '18 05:02 daveallie

@daveallie Linking my comment on scanning multiple Gemfile.lock in one go vs. multiple CI runs: https://github.com/rubysec/bundler-audit/pull/224#issuecomment-747171065

postmodern avatar Dec 17 '20 02:12 postmodern