Instantly share code, notes, and snippets.

Embed
What would you like to do?
Run Bundle Audit Against A GitHub Org
#!/bin/bash
org=$1
token="Get From Here: https://github.com/settings/tokens"
gh_repos_url="https://api.github.com/orgs/$org/repos?type=sources&per_page=1000"
bundle audit update &>/dev/null
for repo in $(curl -s -H "Authorization: token $token" "$gh_repos_url" | jsawk -n 'out(this.name)' 2>/dev/null ); do
status=$(curl -s -H "Authorization: token $token" --write-out "%{http_code}" -O "https://raw.githubusercontent.com/$org/$repo/master/{Gemfile,Gemfile.lock}" )
if [ "$status" = 200200 ]; then
output=$(bundle audit check -q | grep -v "Vulnerabilities found!")
if [[ $output ]]; then
printf "Vulnerablities Found In %s: \n\n" "$repo"
printf "%s" "$output"
printf "\n\n\n"
else
:
fi
else
:
fi
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment