1
0
mirror of https://github.com/mastodon/mastodon synced 2024-11-27 14:28:24 +09:00

Remove bundler-audit ignore config (#30672)

This commit is contained in:
Matt Jankowski 2024-06-13 09:15:32 -04:00 committed by GitHub
parent 474dda7027
commit 3b7c50abca
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 0 additions and 8 deletions

View File

@ -1,6 +0,0 @@
---
ignore:
# devise-two-factor advisory about brute-forcing TOTP
# We have rate-limits on authentication endpoints in place (including second
# factor verification) since Mastodon v3.2.0
- CVE-2024-0227

View File

@ -6,14 +6,12 @@ on:
paths: paths:
- 'Gemfile*' - 'Gemfile*'
- '.ruby-version' - '.ruby-version'
- '.bundler-audit.yml'
- '.github/workflows/bundler-audit.yml' - '.github/workflows/bundler-audit.yml'
pull_request: pull_request:
paths: paths:
- 'Gemfile*' - 'Gemfile*'
- '.ruby-version' - '.ruby-version'
- '.bundler-audit.yml'
- '.github/workflows/bundler-audit.yml' - '.github/workflows/bundler-audit.yml'
schedule: schedule: