BundlerAudit return error in format of the vulnerability #919
Assignees
Labels
kind/bug
Something isn't working
Comments
matheusalcantarazup
added a commit
that referenced
this issue
Jan 10, 2022
Previously when a project path does not have a Gemfile.lock file, the Bundler return an error `Could not find "Gemfile.lock"` that was being interpreted as a vulnerability. This was happening because the commit rubysec/bundler-audit@021f85f change the error message from a generic error like "Errno::ENOENT" and "No such file or directory" to a more detailed error `Could not find "Gemfile.lock"`. Fixes #919 Signed-off-by: Matheus Alcantara <matheus.alcantara@zup.com.br>
matheusalcantarazup
added a commit
that referenced
this issue
Jan 10, 2022
Previously when a project path does not have a Gemfile.lock file, the Bundler return an error `Could not find "Gemfile.lock"` that was being interpreted as a vulnerability. This was happening because the commit rubysec/bundler-audit@021f85f change the error message from a generic error like "Errno::ENOENT" and "No such file or directory" to a more detailed error `Could not find "Gemfile.lock"`. Fixes #919 Signed-off-by: Matheus Alcantara <matheus.alcantara@zup.com.br>
matheusalcantarazup
added a commit
that referenced
this issue
Jan 10, 2022
Previously when a project path does not have a Gemfile.lock file, the Bundler return an error `Could not find "Gemfile.lock"` that was being interpreted as a vulnerability. This was happening because the commit rubysec/bundler-audit@021f85f change the error message from a generic error like "Errno::ENOENT" and "No such file or directory" to a more detailed error `Could not find "Gemfile.lock"`. Fixes #919 Signed-off-by: Matheus Alcantara <matheus.alcantara@zup.com.br>
nathanmartinszup
pushed a commit
that referenced
this issue
Jan 10, 2022
Previously when a project path does not have a Gemfile.lock file, the Bundler return an error `Could not find "Gemfile.lock"` that was being interpreted as a vulnerability. This was happening because the commit rubysec/bundler-audit@021f85f change the error message from a generic error like "Errno::ENOENT" and "No such file or directory" to a more detailed error `Could not find "Gemfile.lock"`. Fixes #919 Signed-off-by: Matheus Alcantara <matheus.alcantara@zup.com.br> (cherry picked from commit 9245d7d)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What happened:
in this workflow you can see that only one vulnerability was detected in the project, but in the description it says:
I believe this problem can only be reported as a warning or error log.
What you expected to happen:
Not report problem in the format of vulnerability
How to reproduce it (as minimally and precisely as possible):
Run Ruby project without
Gemfile.lockfileEnvironment:
horusec version):latest-rcv2.7.0-rc.1linux,github-actionsThe text was updated successfully, but these errors were encountered: