frenchi/bundle_audit_spec.rb

## bundle_audit_spec.rb
require 'bundler/audit/scanner'

describe 'my application dependencies' do
  before(:all) do
    @issues = []
    scanner = Bundler::Audit::Scanner.new
    scanner.scan do |result|
      case result
      when Bundler::Audit::Scanner::UnpatchedGem
        @issues << result.gem
      end
    end
  end

  # Recommended Default: warn on any vulnerable gems
  it 'should have no vulnerable gems' do
    expect(@issues.size).to eq(0)
  end

  # Option: Broadly match vulnerability types
  it "should have a safe version of ruby on rails" do
  @issues.each do |issue|
    issue.to_s.should_not match("^rails")
  end
end

# Whitelist specific vulnerabilities
# bundle-audit check --ignore OSVDB-108664
	require 'bundler/audit/scanner'

	describe 'my application dependencies' do
	before(:all) do
	@issues = []
	scanner = Bundler::Audit::Scanner.new
	scanner.scan do \|result\|
	case result
	when Bundler::Audit::Scanner::UnpatchedGem
	@issues << result.gem
	end
	end
	end

	# Recommended Default: warn on any vulnerable gems
	it 'should have no vulnerable gems' do
	expect(@issues.size).to eq(0)
	end

	# Option: Broadly match vulnerability types
	it "should have a safe version of ruby on rails" do
	@issues.each do \|issue\|
	issue.to_s.should_not match("^rails")
	end
	end

	# Whitelist specific vulnerabilities
	# bundle-audit check --ignore OSVDB-108664