Option to include ruby-mem-advisory-db ? #223
Labels
Comments
|
Conflicted on whether bundler-audit should audit all the things, or if we should have separate niche tools similar to bundler-audit. I already see there's bundler-leak. |
|
It's kinda wasteful duplication ... would be nice to have a single tool and
then plug in different sources
default could be cves and with --source 'https://github.com/foo/leak-list'
then there is more :)
…On Fri, Nov 22, 2019 at 7:28 PM Postmodern ***@***.***> wrote:
Conflicted on whether bundler-audit should audit *all the things*, or if
we should have separate niche tools similar to bundler-audit. I already see
there's bundler-leak <https://github.com/rubymem/bundler-leak>.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#223?email_source=notifications&email_token=AAACYZ3FH7IIVNPO5VUMSS3QVCPOFA5CNFSM4ISEWLO2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEE7ML6A#issuecomment-557762040>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAACYZ664PSK5WETOGU22G3QVCPOFANCNFSM4ISEWLOQ>
.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
https://github.com/rubymem/ruby-mem-advisory-db seems interesting, would adding it (maybe with an opt-in flag) be a good idea ?
The text was updated successfully, but these errors were encountered: