0
0
instrumental/.github/workflows/bundler-audit.yml
2024-06-13 13:23:32 +00:00

38 lines
686 B
YAML

name: Bundler Audit
on:
push:
branches-ignore:
- 'dependabot/**'
paths:
- 'Gemfile*'
- '.ruby-version'
- '.github/workflows/bundler-audit.yml'
pull_request:
paths:
- 'Gemfile*'
- '.ruby-version'
- '.github/workflows/bundler-audit.yml'
schedule:
- cron: '0 5 * * 1'
jobs:
security:
runs-on: ubuntu-latest
env:
BUNDLE_ONLY: development
steps:
- name: Clone repository
uses: actions/checkout@v4
- name: Set up Ruby
uses: ruby/setup-ruby@v1
with:
bundler-cache: true
- name: Run bundler-audit
run: bundle exec bundler-audit check --update