tarrien/Mastodon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Remove bundler-audit ignore config (#30672)

Browse Source
This commit is contained in:
Matt Jankowski 2024-06-13 09:15:32 -04:00 committed by GitHub
parent 474dda7027
commit 3b7c50abca
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 0 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.bundler-audit.yml
View File

@ -1,6 +0,0 @@
---
ignore:
# devise-two-factor advisory about brute-forcing TOTP
# We have rate-limits on authentication endpoints in place (including second
# factor verification) since Mastodon v3.2.0
- CVE-2024-0227

2
.github/workflows/bundler-audit.yml vendored
View File

@ -6,14 +6,12 @@ on:
paths: paths:
- 'Gemfile*' - 'Gemfile*'
- '.ruby-version' - '.ruby-version'
- '.bundler-audit.yml'
- '.github/workflows/bundler-audit.yml' - '.github/workflows/bundler-audit.yml'
pull_request: pull_request:
paths: paths:
- 'Gemfile*' - 'Gemfile*'
- '.ruby-version' - '.ruby-version'
- '.bundler-audit.yml'
- '.github/workflows/bundler-audit.yml' - '.github/workflows/bundler-audit.yml'
schedule: schedule: