Remove bundler-audit ignore config (#30672)

2024-06-13 09:15:32 -04:00 · 2024-06-13 09:15:32 -04:00 · 3b7c50abca
parent 474dda7027
commit 3b7c50abca
2 changed files with 0 additions and 8 deletions
--- a/.bundler-audit.yml
+++ b/.bundler-audit.yml
@ -1,6 +0,0 @@
---
-ignore:
-  # devise-two-factor advisory about brute-forcing TOTP
-  # We have rate-limits on authentication endpoints in place (including second
-  # factor verification) since Mastodon v3.2.0
-  - CVE-2024-0227
--- a/.github/workflows/bundler-audit.yml
+++ b/.github/workflows/bundler-audit.yml
@ -6,14 +6,12 @@ on:
    paths:
      - 'Gemfile*'
      - '.ruby-version'
-      - '.bundler-audit.yml'
      - '.github/workflows/bundler-audit.yml'

  pull_request:
    paths:
      - 'Gemfile*'
      - '.ruby-version'
-      - '.bundler-audit.yml'
      - '.github/workflows/bundler-audit.yml'

  schedule: