0.2.0 / 2013-03-05
- Require RubyGems >= 1.8.0. Prior versions of RubyGems could not correctly
parse approximate version requirements (
~> 1.2.3
).
- Updated the ruby-advisory-db.
- Added Bundle::Audit::Advisory#unaffected_versions.
- Added Bundle::Audit::Advisory#unaffected?.
- Added Bundle::Audit::Advisory#patched?.
- Renamed
Advisory#cve
to Bundle::Audit::Advisory#id.
0.1.2 / 2013-02-17
CLI
- Simply parse the
Gemfile.lock
instead of loading the bundle (@grosser).
- Exit with non-zero status on failure (@grosser).
0.1.1 / 2013-02-12
- Fixed a Ruby 1.8 syntax error.
Advisories
CLI
- If the advisory has no
patched_versions
, recommend removing or disabling
the gem until a patch is made available.
0.1.0 / 2013-02-11
- Initial release:
- Checks for vulnerable versions of gems in
Gemfile.lock
.
- Prints advisory information.
- Does not require a network connection.
Advisories