From 3b7c50abca213353f6e210837fda0f21baf1be20 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Thu, 13 Jun 2024 09:15:32 -0400 Subject: [PATCH] Remove bundler-audit ignore config (#30672) --- .bundler-audit.yml | 6 ------ .github/workflows/bundler-audit.yml | 2 -- 2 files changed, 8 deletions(-) delete mode 100644 .bundler-audit.yml diff --git a/.bundler-audit.yml b/.bundler-audit.yml deleted file mode 100644 index 0671df390f..0000000000 --- a/.bundler-audit.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -ignore: - # devise-two-factor advisory about brute-forcing TOTP - # We have rate-limits on authentication endpoints in place (including second - # factor verification) since Mastodon v3.2.0 - - CVE-2024-0227 diff --git a/.github/workflows/bundler-audit.yml b/.github/workflows/bundler-audit.yml index 923abcd91c..48f9d82933 100644 --- a/.github/workflows/bundler-audit.yml +++ b/.github/workflows/bundler-audit.yml @@ -6,14 +6,12 @@ on: paths: - 'Gemfile*' - '.ruby-version' - - '.bundler-audit.yml' - '.github/workflows/bundler-audit.yml' pull_request: paths: - 'Gemfile*' - '.ruby-version' - - '.bundler-audit.yml' - '.github/workflows/bundler-audit.yml' schedule: