Remove bundler-audit ignore config (#30672)

pull/30687/head
Matt Jankowski 2024-06-13 09:15:32 -04:00 committed by GitHub
parent 474dda7027
commit 3b7c50abca
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 0 additions and 8 deletions

View File

@ -1,6 +0,0 @@
---
ignore:
# devise-two-factor advisory about brute-forcing TOTP
# We have rate-limits on authentication endpoints in place (including second
# factor verification) since Mastodon v3.2.0
- CVE-2024-0227

View File

@ -6,14 +6,12 @@ on:
paths: paths:
- 'Gemfile*' - 'Gemfile*'
- '.ruby-version' - '.ruby-version'
- '.bundler-audit.yml'
- '.github/workflows/bundler-audit.yml' - '.github/workflows/bundler-audit.yml'
pull_request: pull_request:
paths: paths:
- 'Gemfile*' - 'Gemfile*'
- '.ruby-version' - '.ruby-version'
- '.bundler-audit.yml'
- '.github/workflows/bundler-audit.yml' - '.github/workflows/bundler-audit.yml'
schedule: schedule: