{"id":624,"name":null,"description":"Patch-level verification for Bundler","url":"https://github.com/rubysec/bundler-audit","last_synced_at":"2026-04-30T04:03:23.123Z","repository":{"id":6883861,"uuid":"8133216","full_name":"rubysec/bundler-audit","owner":"rubysec","description":"Patch-level verification for Bundler","archived":false,"fork":false,"pushed_at":"2025-12-03T21:49:46.000Z","size":573,"stargazers_count":2748,"open_issues_count":60,"forks_count":245,"subscribers_count":39,"default_branch":"master","last_synced_at":"2026-04-25T18:39:29.742Z","etag":null,"topics":["bundler-audit","dependency-checker","patch-management","ruby","ruby-advisory-db","security","security-audit","security-tools"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rubysec.png","metadata":{"files":{"readme":"README.md","changelog":"ChangeLog.md","contributing":null,"funding":".github/FUNDING.yml","license":"COPYING.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":["postmodern","reedloden"]}},"created_at":"2013-02-11T05:41:07.000Z","updated_at":"2026-04-23T11:39:43.000Z","dependencies_parsed_at":"2024-05-01T13:19:57.100Z","dependency_job_id":"6e4f3370-68d2-44a2-bb43-2e13035ac57d","html_url":"https://github.com/rubysec/bundler-audit","commit_stats":{"total_commits":599,"total_committers":65,"mean_commits":9.215384615384615,"dds":"0.23706176961602676","last_synced_commit":"da0eff072a9521dc2995483a8978d5a7dd4e328a"},"previous_names":["postmodern/bundler-audit"],"tags_count":20,"template":false,"template_full_name":null,"purl":"pkg:github/rubysec/bundler-audit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rubysec","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/sbom","scorecard":{"id":741937,"data":{"date":"2025-08-11","repo":{"name":"github.com/rubysec/bundler-audit","commit":"b7a85cd9139b6b7b33b8f62e619b03526563d440"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.4,"checks":[{"name":"Code-Review","score":1,"reason":"Found 3/23 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/ruby.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ruby.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/rubysec/bundler-audit/ruby.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ruby.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/rubysec/bundler-audit/ruby.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ruby.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/rubysec/bundler-audit/ruby.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ruby.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/rubysec/bundler-audit/ruby.yml/master?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: COPYING.txt:0","Info: FSF or OSI recognized license: GNU General Public License v3.0: COPYING.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v0.9.2 not signed: https://api.github.com/repos/rubysec/bundler-audit/releases/171576784","Warn: release artifact v0.9.2 does not have provenance: https://api.github.com/repos/rubysec/bundler-audit/releases/171576784"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 10 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"51 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-h47h-mwp9-c6q6","Warn: Project is vulnerable to: GHSA-2rqw-v265-jf8c","Warn: Project is vulnerable to: GHSA-4g8v-vg43-wpgf","Warn: Project is vulnerable to: GHSA-8xww-x3g3-6jcv","Warn: Project is vulnerable to: GHSA-fwhr-88qx-h9g7","Warn: Project is vulnerable to: GHSA-mm33-5vfq-3mm3","Warn: Project is vulnerable to: GHSA-p84v-45xj-wwqj","Warn: Project is vulnerable to: GHSA-qphc-hf5q-v8fc","Warn: Project is vulnerable to: GHSA-vfg9-r3fq-jvx4","Warn: Project is vulnerable to: GHSA-vfm5-rmrh-j26v","Warn: Project is vulnerable to: GHSA-wh98-p28r-vrc9","Warn: Project is vulnerable to: GHSA-x76w-6vjr-8xgj","Warn: Project is vulnerable to: GHSA-wwhv-wxv9-rpgw","Warn: Project is vulnerable to: GHSA-ch3h-j2vf-95pv","Warn: Project is vulnerable to: GHSA-xp5h-f8jf-rc8q","Warn: Project is vulnerable to: GHSA-3hhc-qp5v-9p2j","Warn: Project is vulnerable to: GHSA-579w-22j4-4749","Warn: Project is vulnerable to: GHSA-76r7-hhxj-r776","Warn: Project is vulnerable to: GHSA-hq7p-j377-6v63","Warn: Project is vulnerable to: GHSA-8h22-8cf7-hq6g","Warn: Project is vulnerable to: GHSA-r4mg-4433-c7g3","Warn: Project is vulnerable to: GHSA-w749-p3v6-hccq","Warn: Project is vulnerable to: GHSA-cr5q-6q9f-rq6q","Warn: Project is vulnerable to: GHSA-j6gc-792m-qgm2","Warn: Project is vulnerable to: GHSA-pj73-v5mw-pm9j","Warn: Project is vulnerable to: GHSA-23c2-gwp5-pxw9","Warn: Project is vulnerable to: GHSA-353f-x4gh-cqq8","Warn: Project is vulnerable to: GHSA-5w6v-399v-w3cc","Warn: Project is vulnerable to: GHSA-mrxw-mxhj-p664","Warn: Project is vulnerable to: GHSA-pxvg-2qj5-37jq","Warn: Project is vulnerable to: GHSA-r95h-9x8f-r3f7","Warn: Project is vulnerable to: GHSA-vvfq-8hwr-qm4m","Warn: Project is vulnerable to: GHSA-xc9x-jj77-9p9j","Warn: Project is vulnerable to: GHSA-22f2-v57c-j9cx","Warn: Project is vulnerable to: GHSA-54rr-7fvw-6x8f","Warn: Project is vulnerable to: GHSA-7g2v-jj9q-g3rg","Warn: Project is vulnerable to: GHSA-7wqh-767x-r66v","Warn: Project is vulnerable to: GHSA-8cgq-6mh2-7j6v","Warn: Project is vulnerable to: GHSA-c6qg-cjj8-47qp","Warn: Project is vulnerable to: GHSA-gjh7-p2fx-99vx","Warn: Project is vulnerable to: GHSA-vpfw-47h7-xj4g","Warn: Project is vulnerable to: GHSA-xj5v-6v4g-jfw6","Warn: Project is vulnerable to: GHSA-3crr-9vmg-864v","Warn: Project is vulnerable to: GHSA-gppp-5xc5-wfpx","Warn: Project is vulnerable to: GHSA-gr44-7grc-37vq","Warn: Project is vulnerable to: GHSA-mhwp-qhpc-h3jm","Warn: Project is vulnerable to: GHSA-xrr6-3pc4-m447","Warn: Project is vulnerable to: GHSA-9c2j-593q-3g82","Warn: Project is vulnerable to: GHSA-j96r-xvjq-r9pg","Warn: Project is vulnerable to: GHSA-vxvp-4xwc-jpp6","Warn: Project is vulnerable to: GHSA-5cm2-9h8c-rvfx"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-22T17:39:50.532Z","repository_id":6883861,"created_at":"2025-08-22T17:39:50.532Z","updated_at":"2025-08-22T17:39:50.532Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32283294,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-25T18:29:39.964Z","status":"online","status_checked_at":"2026-04-26T02:00:05.962Z","response_time":129,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"owner":{"login":"rubysec","name":"RubySec","uuid":"3538974","kind":"organization","description":null,"email":null,"website":"https://rubysec.com","location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/3538974?v=4","repositories_count":6,"last_synced_at":"2024-03-27T00:56:41.082Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/rubysec","funding_links":[],"total_stars":3666,"followers":18,"following":0,"created_at":"2022-11-04T21:39:33.058Z","updated_at":"2024-03-27T00:56:41.148Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rubysec","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rubysec/repositories"},"packages":[{"id":13019965,"name":"bundler-audit","ecosystem":"nixpkgs","description":"Patch-level verification for Bundler","homepage":"https://github.com/rubysec/bundler-audit","licenses":"GPL-3.0-or-later","normalized_licenses":["GPL-3.0-or-later"],"repository_url":"https://github.com/rubysec/bundler-audit","keywords_array":[],"namespace":null,"versions_count":1,"first_release_published_at":"2026-02-01T14:24:39.610Z","latest_release_published_at":"2026-02-01T14:24:39.610Z","latest_release_number":"0.9.1","last_synced_at":"2026-03-07T18:15:55.645Z","created_at":"2026-02-01T14:24:38.403Z","updated_at":"2026-03-11T02:30:33.131Z","registry_url":"https://search.nixos.org/packages?channel=24.11\u0026query=bundler-audit","install_command":"nix-env -iA nixpkgs.bundler-audit","documentation_url":"https://github.com/NixOS/nixpkgs/blob/nixos-24.11/pkgs/tools/security/bundler-audit/default.nix#L19","metadata":{"nix_attribute":"bundler-audit-0.9.1","position":"pkgs/tools/security/bundler-audit/default.nix:19","platforms":["i686-cygwin","x86_64-cygwin","x86_64-darwin","i686-darwin","aarch64-darwin","armv7a-darwin","i686-freebsd","x86_64-freebsd","x86_64-solaris","aarch64-linux","armv5tel-linux","armv6l-linux","armv7a-linux","armv7l-linux","i686-linux","loongarch64-linux","m68k-linux","microblaze-linux","microblazeel-linux","mips-linux","mips64-linux","mips64el-linux","mipsel-linux","powerpc64-linux","powerpc64le-linux","riscv32-linux","riscv64-linux","s390-linux","s390x-linux","x86_64-linux","aarch64-netbsd","armv6l-netbsd","armv7a-netbsd","armv7l-netbsd","i686-netbsd","m68k-netbsd","mipsel-netbsd","powerpc-netbsd","riscv32-netbsd","riscv64-netbsd","x86_64-netbsd","i686-openbsd","x86_64-openbsd","x86_64-redox"],"broken":false,"insecure":false,"unfree":false,"outputs":["out"]},"repo_metadata":{},"repo_metadata_updated_at":null,"dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":100},"purl":"pkg:nix/bundler-audit?channel=24.11\u0026repository_url=https://channels.nixos.org/nixos-24.11","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/nixpkgs/bundler-audit","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/nixpkgs/bundler-audit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/nixpkgs/bundler-audit/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.11/packages/bundler-audit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.11/packages/bundler-audit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.11/packages/bundler-audit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.11/packages/bundler-audit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.11/packages/bundler-audit/codemeta","maintainers":[{"uuid":"nicknovitski","login":null,"name":"Nick Novitski","email":"nixpkgs@nicknovitski.com","url":"https://github.com/nicknovitski","packages_count":72,"html_url":null,"role":null,"created_at":"2026-03-07T18:15:56.016Z","updated_at":"2026-03-07T18:15:56.016Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.11/maintainers/nicknovitski/packages"},{"uuid":"primeos","login":null,"name":"Michael Weiss","email":"dev.primeos@gmail.com","url":"https://github.com/primeos","packages_count":73,"html_url":null,"role":null,"created_at":"2026-03-07T18:15:55.898Z","updated_at":"2026-03-07T18:15:55.898Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.11/maintainers/primeos/packages"}],"registry":{"name":"nixpkgs-24.11","url":"https://channels.nixos.org/nixos-24.11","ecosystem":"nixpkgs","default":false,"packages_count":121983,"maintainers_count":3777,"namespaces_count":0,"keywords_count":0,"github":"NixOS","metadata":{"funded_packages_count":228},"icon_url":"https://github.com/NixOS.png","created_at":"2026-01-25T22:30:53.059Z","updated_at":"2026-04-03T06:22:14.703Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.11/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.11/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.11/namespaces"}},{"id":13141455,"name":"bundler-audit","ecosystem":"nixpkgs","description":"Patch-level verification for Bundler","homepage":"https://github.com/rubysec/bundler-audit","licenses":"GPL-3.0-or-later","normalized_licenses":["GPL-3.0-or-later"],"repository_url":"https://github.com/rubysec/bundler-audit","keywords_array":[],"namespace":null,"versions_count":1,"first_release_published_at":"2026-02-01T21:20:47.261Z","latest_release_published_at":"2026-02-01T21:20:47.261Z","latest_release_number":"0.9.1","last_synced_at":"2026-03-05T10:41:27.590Z","created_at":"2026-02-01T21:20:43.859Z","updated_at":"2026-03-05T10:41:27.941Z","registry_url":"https://search.nixos.org/packages?channel=24.05\u0026query=bundler-audit","install_command":"nix-env -iA nixpkgs.bundler-audit","documentation_url":"https://github.com/NixOS/nixpkgs/blob/nixos-24.05/pkgs/tools/security/bundler-audit/default.nix#L19","metadata":{"nix_attribute":"bundler-audit-0.9.1","position":"pkgs/tools/security/bundler-audit/default.nix:19","platforms":["i686-cygwin","x86_64-cygwin","x86_64-darwin","i686-darwin","aarch64-darwin","armv7a-darwin","i686-freebsd","x86_64-freebsd","x86_64-solaris","aarch64-linux","armv5tel-linux","armv6l-linux","armv7a-linux","armv7l-linux","i686-linux","loongarch64-linux","m68k-linux","microblaze-linux","microblazeel-linux","mips-linux","mips64-linux","mips64el-linux","mipsel-linux","powerpc64-linux","powerpc64le-linux","riscv32-linux","riscv64-linux","s390-linux","s390x-linux","x86_64-linux","aarch64-netbsd","armv6l-netbsd","armv7a-netbsd","armv7l-netbsd","i686-netbsd","m68k-netbsd","mipsel-netbsd","powerpc-netbsd","riscv32-netbsd","riscv64-netbsd","x86_64-netbsd","i686-openbsd","x86_64-openbsd","x86_64-redox"],"broken":false,"insecure":false,"unfree":false,"outputs":["out"]},"repo_metadata":{},"repo_metadata_updated_at":null,"dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{},"purl":"pkg:nix/bundler-audit?channel=24.05\u0026repository_url=https://channels.nixos.org/nixos-24.05","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/nixpkgs/bundler-audit","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/nixpkgs/bundler-audit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/nixpkgs/bundler-audit/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.05/packages/bundler-audit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.05/packages/bundler-audit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.05/packages/bundler-audit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.05/packages/bundler-audit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.05/packages/bundler-audit/codemeta","maintainers":[{"uuid":"nicknovitski","login":null,"name":"Nick Novitski","email":"nixpkgs@nicknovitski.com","url":"https://github.com/nicknovitski","packages_count":73,"html_url":null,"role":null,"created_at":"2026-03-05T10:41:27.855Z","updated_at":"2026-03-05T10:41:27.855Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.05/maintainers/nicknovitski/packages"},{"uuid":"primeos","login":null,"name":"Michael Weiss","email":"dev.primeos@gmail.com","url":"https://github.com/primeos","packages_count":78,"html_url":null,"role":null,"created_at":"2026-03-05T10:41:27.810Z","updated_at":"2026-03-05T10:41:27.810Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.05/maintainers/primeos/packages"}],"registry":{"name":"nixpkgs-24.05","url":"https://channels.nixos.org/nixos-24.05","ecosystem":"nixpkgs","default":false,"packages_count":116156,"maintainers_count":3383,"namespaces_count":0,"keywords_count":654,"github":"NixOS","metadata":{"funded_packages_count":230},"icon_url":"https://github.com/NixOS.png","created_at":"2026-01-25T22:30:53.309Z","updated_at":"2026-04-20T05:04:40.145Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.05/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.05/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-24.05/namespaces"}},{"id":8614807,"name":"github.com/rubysec/bundler-audit","ecosystem":"go","description":null,"homepage":null,"licenses":"gpl-3.0","normalized_licenses":["GPL-3.0"],"repository_url":"https://github.com/rubysec/bundler-audit","keywords_array":[],"namespace":null,"versions_count":16,"first_release_published_at":"2023-12-02T02:15:07.967Z","latest_release_published_at":"2025-11-28T23:36:58.000Z","latest_release_number":"v0.9.3","last_synced_at":"2026-04-21T04:21:05.213Z","created_at":"2023-12-02T02:15:03.819Z","updated_at":"2026-04-21T04:21:05.213Z","registry_url":"https://pkg.go.dev/github.com/rubysec/bundler-audit","install_command":"go get github.com/rubysec/bundler-audit","documentation_url":"https://pkg.go.dev/github.com/rubysec/bundler-audit#section-documentation","metadata":{},"repo_metadata":{"id":6883861,"uuid":"8133216","full_name":"rubysec/bundler-audit","owner":"rubysec","description":"Patch-level verification for Bundler","archived":false,"fork":false,"pushed_at":"2025-10-22T23:37:21.000Z","size":563,"stargazers_count":2716,"open_issues_count":53,"forks_count":236,"subscribers_count":41,"default_branch":"master","last_synced_at":"2025-10-26T18:02:34.814Z","etag":null,"topics":["bundler-audit","dependency-checker","patch-management","ruby","ruby-advisory-db","security","security-audit","security-tools"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rubysec.png","metadata":{"files":{"readme":"README.md","changelog":"ChangeLog.md","contributing":null,"funding":".github/FUNDING.yml","license":"COPYING.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["postmodern","reedloden"]}},"created_at":"2013-02-11T05:41:07.000Z","updated_at":"2025-10-24T03:32:26.000Z","dependencies_parsed_at":"2024-05-01T13:19:57.100Z","dependency_job_id":"b4669799-28cf-485d-8b5a-916bb9a87555","html_url":"https://github.com/rubysec/bundler-audit","commit_stats":{"total_commits":599,"total_committers":65,"mean_commits":9.215384615384615,"dds":"0.23706176961602676","last_synced_commit":"da0eff072a9521dc2995483a8978d5a7dd4e328a"},"previous_names":["postmodern/bundler-audit"],"tags_count":19,"template":false,"template_full_name":null,"purl":"pkg:github/rubysec/bundler-audit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rubysec","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/sbom","scorecard":{"id":741937,"data":{"date":"2025-08-11","repo":{"name":"github.com/rubysec/bundler-audit","commit":"b7a85cd9139b6b7b33b8f62e619b03526563d440"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.4,"checks":[{"name":"Code-Review","score":1,"reason":"Found 3/23 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/ruby.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ruby.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/rubysec/bundler-audit/ruby.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ruby.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/rubysec/bundler-audit/ruby.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ruby.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/rubysec/bundler-audit/ruby.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ruby.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/rubysec/bundler-audit/ruby.yml/master?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: COPYING.txt:0","Info: FSF or OSI recognized license: GNU General Public License v3.0: COPYING.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v0.9.2 not signed: https://api.github.com/repos/rubysec/bundler-audit/releases/171576784","Warn: release artifact v0.9.2 does not have provenance: https://api.github.com/repos/rubysec/bundler-audit/releases/171576784"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 10 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"51 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-h47h-mwp9-c6q6","Warn: Project is vulnerable to: GHSA-2rqw-v265-jf8c","Warn: Project is vulnerable to: GHSA-4g8v-vg43-wpgf","Warn: Project is vulnerable to: GHSA-8xww-x3g3-6jcv","Warn: Project is vulnerable to: GHSA-fwhr-88qx-h9g7","Warn: Project is vulnerable to: GHSA-mm33-5vfq-3mm3","Warn: Project is vulnerable to: GHSA-p84v-45xj-wwqj","Warn: Project is vulnerable to: GHSA-qphc-hf5q-v8fc","Warn: Project is vulnerable to: GHSA-vfg9-r3fq-jvx4","Warn: Project is vulnerable to: GHSA-vfm5-rmrh-j26v","Warn: Project is vulnerable to: GHSA-wh98-p28r-vrc9","Warn: Project is vulnerable to: GHSA-x76w-6vjr-8xgj","Warn: Project is vulnerable to: GHSA-wwhv-wxv9-rpgw","Warn: Project is vulnerable to: GHSA-ch3h-j2vf-95pv","Warn: Project is vulnerable to: GHSA-xp5h-f8jf-rc8q","Warn: Project is vulnerable to: GHSA-3hhc-qp5v-9p2j","Warn: Project is vulnerable to: GHSA-579w-22j4-4749","Warn: Project is vulnerable to: GHSA-76r7-hhxj-r776","Warn: Project is vulnerable to: GHSA-hq7p-j377-6v63","Warn: Project is vulnerable to: GHSA-8h22-8cf7-hq6g","Warn: Project is vulnerable to: GHSA-r4mg-4433-c7g3","Warn: Project is vulnerable to: GHSA-w749-p3v6-hccq","Warn: Project is vulnerable to: GHSA-cr5q-6q9f-rq6q","Warn: Project is vulnerable to: GHSA-j6gc-792m-qgm2","Warn: Project is vulnerable to: GHSA-pj73-v5mw-pm9j","Warn: Project is vulnerable to: GHSA-23c2-gwp5-pxw9","Warn: Project is vulnerable to: GHSA-353f-x4gh-cqq8","Warn: Project is vulnerable to: GHSA-5w6v-399v-w3cc","Warn: Project is vulnerable to: GHSA-mrxw-mxhj-p664","Warn: Project is vulnerable to: GHSA-pxvg-2qj5-37jq","Warn: Project is vulnerable to: GHSA-r95h-9x8f-r3f7","Warn: Project is vulnerable to: GHSA-vvfq-8hwr-qm4m","Warn: Project is vulnerable to: GHSA-xc9x-jj77-9p9j","Warn: Project is vulnerable to: GHSA-22f2-v57c-j9cx","Warn: Project is vulnerable to: GHSA-54rr-7fvw-6x8f","Warn: Project is vulnerable to: GHSA-7g2v-jj9q-g3rg","Warn: Project is vulnerable to: GHSA-7wqh-767x-r66v","Warn: Project is vulnerable to: GHSA-8cgq-6mh2-7j6v","Warn: Project is vulnerable to: GHSA-c6qg-cjj8-47qp","Warn: Project is vulnerable to: GHSA-gjh7-p2fx-99vx","Warn: Project is vulnerable to: GHSA-vpfw-47h7-xj4g","Warn: Project is vulnerable to: GHSA-xj5v-6v4g-jfw6","Warn: Project is vulnerable to: GHSA-3crr-9vmg-864v","Warn: Project is vulnerable to: GHSA-gppp-5xc5-wfpx","Warn: Project is vulnerable to: GHSA-gr44-7grc-37vq","Warn: Project is vulnerable to: GHSA-mhwp-qhpc-h3jm","Warn: Project is vulnerable to: GHSA-xrr6-3pc4-m447","Warn: Project is vulnerable to: GHSA-9c2j-593q-3g82","Warn: Project is vulnerable to: GHSA-j96r-xvjq-r9pg","Warn: Project is vulnerable to: GHSA-vxvp-4xwc-jpp6","Warn: Project is vulnerable to: GHSA-5cm2-9h8c-rvfx"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-22T17:39:50.532Z","repository_id":6883861,"created_at":"2025-08-22T17:39:50.532Z","updated_at":"2025-08-22T17:39:50.532Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":281437568,"owners_count":26501284,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-28T02:00:06.022Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"rubysec","name":"RubySec","uuid":"3538974","kind":"organization","description":null,"email":null,"website":"https://rubysec.com","location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/3538974?v=4","repositories_count":6,"last_synced_at":"2024-03-27T00:56:41.082Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/rubysec","funding_links":[],"total_stars":3666,"followers":18,"following":0,"created_at":"2022-11-04T21:39:33.058Z","updated_at":"2024-03-27T00:56:41.148Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rubysec","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rubysec/repositories"},"tags":[{"name":"v0.9.2","sha":"766e968099db047e3cbabab3f4e8908f585ecfb5","kind":"tag","published_at":"2024-08-22T23:56:01.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.9.2","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.9.2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.9.2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.2/manifests"},{"name":"v0.9.1","sha":"0b44c75d2284e12ba7eed21397912b5d9e950a55","kind":"tag","published_at":"2022-05-20T02:20:51.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.9.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.9.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.9.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.1/manifests"},{"name":"v0.9.0.1","sha":"4ca934688c0f38edd0d8018450b1c4c54571ebb1","kind":"tag","published_at":"2021-08-31T19:52:11.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.9.0.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.9.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.9.0.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.0.1/manifests"},{"name":"v0.9.0","sha":"28f9495b04f109ea92c8e7dfb238fd830164e0ed","kind":"tag","published_at":"2021-08-31T15:50:07.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.9.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.9.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.0/manifests"},{"name":"v0.8.0","sha":"9def635f9db5c7d9ecde7aa85cabdf316bbf8371","kind":"tag","published_at":"2021-03-10T09:51:03.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.8.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.8.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0/manifests"},{"name":"v0.8.0.rc2","sha":"316205b02898134c3f59b7fd05e5a7bbaa7c5d38","kind":"tag","published_at":"2021-02-27T19:29:18.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.8.0.rc2","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.8.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.8.0.rc2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0.rc2/manifests"},{"name":"v0.8.0.rc1","sha":"598d3c7280d3b38f8b5ff073023a50d0b32ae976","kind":"tag","published_at":"2020-12-23T01:52:15.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.8.0.rc1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.8.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.8.0.rc1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0.rc1/manifests"},{"name":"v0.7.0.1","sha":"a627af4ab1ab9615e4c97f3fb49c9a0ac29d1f13","kind":"tag","published_at":"2020-06-13T07:40:28.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.7.0.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.7.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.7.0.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.7.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.7.0.1/manifests"},{"name":"v0.7.0","sha":"cb3d60d108214c7f12d6c1b0933d21f791564a17","kind":"tag","published_at":"2020-06-12T21:52:35.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.7.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.7.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.7.0/manifests"},{"name":"v0.6.1","sha":"c3fe695f38d98138d306ef31df1decd2adc819b3","kind":"tag","published_at":"2019-01-18T04:19:35.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.6.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.6.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.6.1/manifests"},{"name":"v0.6.0","sha":"6e2e298aebb0707a1b62c08c005335ecd130aa66","kind":"tag","published_at":"2017-07-18T23:29:10.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.6.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.6.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.6.0/manifests"},{"name":"v0.5.0","sha":"fe7d417d7279806a7407b07b81ebfb939bc8d762","kind":"tag","published_at":"2016-02-29T04:03:41.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.5.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.5.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.5.0/manifests"},{"name":"v0.4.0","sha":"ae0f76f7ff7664d44c32c5cb5018ed47fee809e5","kind":"tag","published_at":"2015-06-30T21:38:47.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.4.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.4.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.4.0/manifests"},{"name":"v0.3.1","sha":"386add8c0ee85260d22a854dc26c6ed809f79d10","kind":"tag","published_at":"2014-04-20T22:53:56.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.3.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.3.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.3.1/manifests"},{"name":"v0.3.0","sha":"5bcfcf37d4559ea1438aca165a93f8ef9af1079f","kind":"tag","published_at":"2013-11-01T02:18:50.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.3.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.3.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.3.0/manifests"},{"name":"v0.2.0","sha":"8136de775c033729652ccb7deb6667fed8e58bff","kind":"tag","published_at":"2013-08-27T01:19:45.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.2.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.2.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.2.0/manifests"},{"name":"v0.1.2","sha":"47daa39600b3f17f2c113de99fb131b2d773a267","kind":"tag","published_at":"2013-02-18T04:08:46.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.1.2","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.1.2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.2/manifests"},{"name":"v0.1.1","sha":"f6e2e4a79e1fcd2d22e0cb5803ab5e2804e99d0c","kind":"tag","published_at":"2013-02-12T09:27:38.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.1.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.1.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.1/manifests"},{"name":"v0.1.0","sha":"f3c207d048131be273ea0be88d89c67bbd9761d1","kind":"tag","published_at":"2013-02-12T04:24:08.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.1.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.1.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.0/manifests"}]},"repo_metadata_updated_at":"2025-11-04T14:05:46.658Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":10.801592556016239,"dependent_packages_count":9.575730298247606,"stargazers_count":1.3115779220388784,"forks_count":1.8206561497251177,"docker_downloads_count":null,"average":5.87738923150696},"purl":"pkg:golang/github.com/rubysec/bundler-audit","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/go/github.com/rubysec/bundler-audit","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/go/github.com/rubysec/bundler-audit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/go/github.com/rubysec/bundler-audit/dependencies","status":null,"funding_links":["https://github.com/sponsors/postmodern","https://github.com/sponsors/reedloden"],"critical":null,"issue_metadata":{"last_synced_at":"2025-10-29T20:02:54.955Z","issues_count":40,"pull_requests_count":86,"avg_time_to_close_issue":26756971.56,"avg_time_to_close_pull_request":19939403.234375,"issues_closed_count":25,"pull_requests_closed_count":64,"pull_request_authors_count":37,"issue_authors_count":31,"avg_comments_per_issue":3.025,"avg_comments_per_pull_request":1.1511627906976745,"merged_pull_requests_count":36,"bot_issues_count":0,"bot_pull_requests_count":40,"past_year_issues_count":3,"past_year_pull_requests_count":11,"past_year_avg_time_to_close_issue":9300.0,"past_year_avg_time_to_close_pull_request":32297.0,"past_year_issues_closed_count":1,"past_year_pull_requests_closed_count":7,"past_year_pull_request_authors_count":7,"past_year_issue_authors_count":3,"past_year_avg_comments_per_issue":0.6666666666666666,"past_year_avg_comments_per_pull_request":1.1818181818181819,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":1,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/issues","maintainers":[{"login":"postmodern","count":9,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/postmodern"}],"active_maintainers":[]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Frubysec%2Fbundler-audit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Frubysec%2Fbundler-audit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Frubysec%2Fbundler-audit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Frubysec%2Fbundler-audit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Frubysec%2Fbundler-audit/codemeta","maintainers":[],"registry":{"name":"proxy.golang.org","url":"https://proxy.golang.org","ecosystem":"go","default":true,"packages_count":2108863,"maintainers_count":0,"namespaces_count":782439,"keywords_count":112823,"github":"golang","metadata":{"funded_packages_count":53495},"icon_url":"https://github.com/golang.png","created_at":"2022-04-04T15:19:22.939Z","updated_at":"2026-04-19T05:14:45.920Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/namespaces"}},{"id":12195159,"name":"bundler-audit","ecosystem":"rubygems","description":"bundler-audit provides patch-level verification for Bundled apps.","homepage":"https://github.com/rubysec/bundler-audit#readme","licenses":"GPL-3.0-or-later","normalized_licenses":["GPL-3.0-or-later"],"repository_url":"https://github.com/rubysec/bundler-audit","keywords_array":[],"namespace":null,"versions_count":20,"first_release_published_at":"2013-02-12T04:22:39.267Z","latest_release_published_at":"2025-11-28T23:57:52.375Z","latest_release_number":"0.9.3","last_synced_at":"2026-04-27T13:31:36.480Z","created_at":"2025-10-07T01:53:15.757Z","updated_at":"2026-04-27T14:19:22.187Z","registry_url":"https://gem.coop/gems/bundler-audit","install_command":"gem install bundler-audit -s https://gem.coop","documentation_url":"http://www.rubydoc.info/gems/bundler-audit/","metadata":{"funding":null},"repo_metadata":{"id":6883861,"uuid":"8133216","full_name":"rubysec/bundler-audit","owner":"rubysec","description":"Patch-level verification for Bundler","archived":false,"fork":false,"pushed_at":"2025-12-03T21:49:46.000Z","size":573,"stargazers_count":2746,"open_issues_count":59,"forks_count":245,"subscribers_count":39,"default_branch":"master","last_synced_at":"2026-04-15T21:04:09.052Z","etag":null,"topics":["bundler-audit","dependency-checker","patch-management","ruby","ruby-advisory-db","security","security-audit","security-tools"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rubysec.png","metadata":{"files":{"readme":"README.md","changelog":"ChangeLog.md","contributing":null,"funding":".github/FUNDING.yml","license":"COPYING.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":["postmodern","reedloden"]}},"created_at":"2013-02-11T05:41:07.000Z","updated_at":"2026-04-15T09:10:52.000Z","dependencies_parsed_at":"2024-05-01T13:19:57.100Z","dependency_job_id":"6e4f3370-68d2-44a2-bb43-2e13035ac57d","html_url":"https://github.com/rubysec/bundler-audit","commit_stats":{"total_commits":599,"total_committers":65,"mean_commits":9.215384615384615,"dds":"0.23706176961602676","last_synced_commit":"da0eff072a9521dc2995483a8978d5a7dd4e328a"},"previous_names":["postmodern/bundler-audit"],"tags_count":20,"template":false,"template_full_name":null,"purl":"pkg:github/rubysec/bundler-audit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rubysec","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/sbom","scorecard":{"id":741937,"data":{"date":"2025-08-11","repo":{"name":"github.com/rubysec/bundler-audit","commit":"b7a85cd9139b6b7b33b8f62e619b03526563d440"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.4,"checks":[{"name":"Code-Review","score":1,"reason":"Found 3/23 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/ruby.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ruby.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/rubysec/bundler-audit/ruby.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ruby.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/rubysec/bundler-audit/ruby.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ruby.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/rubysec/bundler-audit/ruby.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ruby.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/rubysec/bundler-audit/ruby.yml/master?enable=pin","Info:   0 out of   2 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: COPYING.txt:0","Info: FSF or OSI recognized license: GNU General Public License v3.0: COPYING.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v0.9.2 not signed: https://api.github.com/repos/rubysec/bundler-audit/releases/171576784","Warn: release artifact v0.9.2 does not have provenance: https://api.github.com/repos/rubysec/bundler-audit/releases/171576784"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 10 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"51 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-h47h-mwp9-c6q6","Warn: Project is vulnerable to: GHSA-2rqw-v265-jf8c","Warn: Project is vulnerable to: GHSA-4g8v-vg43-wpgf","Warn: Project is vulnerable to: GHSA-8xww-x3g3-6jcv","Warn: Project is vulnerable to: GHSA-fwhr-88qx-h9g7","Warn: Project is vulnerable to: GHSA-mm33-5vfq-3mm3","Warn: Project is vulnerable to: GHSA-p84v-45xj-wwqj","Warn: Project is vulnerable to: GHSA-qphc-hf5q-v8fc","Warn: Project is vulnerable to: GHSA-vfg9-r3fq-jvx4","Warn: Project is vulnerable to: GHSA-vfm5-rmrh-j26v","Warn: Project is vulnerable to: GHSA-wh98-p28r-vrc9","Warn: Project is vulnerable to: GHSA-x76w-6vjr-8xgj","Warn: Project is vulnerable to: GHSA-wwhv-wxv9-rpgw","Warn: Project is vulnerable to: GHSA-ch3h-j2vf-95pv","Warn: Project is vulnerable to: GHSA-xp5h-f8jf-rc8q","Warn: Project is vulnerable to: GHSA-3hhc-qp5v-9p2j","Warn: Project is vulnerable to: GHSA-579w-22j4-4749","Warn: Project is vulnerable to: GHSA-76r7-hhxj-r776","Warn: Project is vulnerable to: GHSA-hq7p-j377-6v63","Warn: Project is vulnerable to: GHSA-8h22-8cf7-hq6g","Warn: Project is vulnerable to: GHSA-r4mg-4433-c7g3","Warn: Project is vulnerable to: GHSA-w749-p3v6-hccq","Warn: Project is vulnerable to: GHSA-cr5q-6q9f-rq6q","Warn: Project is vulnerable to: GHSA-j6gc-792m-qgm2","Warn: Project is vulnerable to: GHSA-pj73-v5mw-pm9j","Warn: Project is vulnerable to: GHSA-23c2-gwp5-pxw9","Warn: Project is vulnerable to: GHSA-353f-x4gh-cqq8","Warn: Project is vulnerable to: GHSA-5w6v-399v-w3cc","Warn: Project is vulnerable to: GHSA-mrxw-mxhj-p664","Warn: Project is vulnerable to: GHSA-pxvg-2qj5-37jq","Warn: Project is vulnerable to: GHSA-r95h-9x8f-r3f7","Warn: Project is vulnerable to: GHSA-vvfq-8hwr-qm4m","Warn: Project is vulnerable to: GHSA-xc9x-jj77-9p9j","Warn: Project is vulnerable to: GHSA-22f2-v57c-j9cx","Warn: Project is vulnerable to: GHSA-54rr-7fvw-6x8f","Warn: Project is vulnerable to: GHSA-7g2v-jj9q-g3rg","Warn: Project is vulnerable to: GHSA-7wqh-767x-r66v","Warn: Project is vulnerable to: GHSA-8cgq-6mh2-7j6v","Warn: Project is vulnerable to: GHSA-c6qg-cjj8-47qp","Warn: Project is vulnerable to: GHSA-gjh7-p2fx-99vx","Warn: Project is vulnerable to: GHSA-vpfw-47h7-xj4g","Warn: Project is vulnerable to: GHSA-xj5v-6v4g-jfw6","Warn: Project is vulnerable to: GHSA-3crr-9vmg-864v","Warn: Project is vulnerable to: GHSA-gppp-5xc5-wfpx","Warn: Project is vulnerable to: GHSA-gr44-7grc-37vq","Warn: Project is vulnerable to: GHSA-mhwp-qhpc-h3jm","Warn: Project is vulnerable to: GHSA-xrr6-3pc4-m447","Warn: Project is vulnerable to: GHSA-9c2j-593q-3g82","Warn: Project is vulnerable to: GHSA-j96r-xvjq-r9pg","Warn: Project is vulnerable to: GHSA-vxvp-4xwc-jpp6","Warn: Project is vulnerable to: GHSA-5cm2-9h8c-rvfx"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-22T17:39:50.532Z","repository_id":6883861,"created_at":"2025-08-22T17:39:50.532Z","updated_at":"2025-08-22T17:39:50.532Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31947760,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-17T17:29:20.459Z","status":"ssl_error","status_checked_at":"2026-04-17T17:28:47.801Z","response_time":62,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"rubysec","name":"RubySec","uuid":"3538974","kind":"organization","description":null,"email":null,"website":"https://rubysec.com","location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/3538974?v=4","repositories_count":6,"last_synced_at":"2024-03-27T00:56:41.082Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/rubysec","funding_links":[],"total_stars":3666,"followers":18,"following":0,"created_at":"2022-11-04T21:39:33.058Z","updated_at":"2024-03-27T00:56:41.148Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rubysec","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rubysec/repositories"},"tags":[{"name":"v0.9.3","sha":"f8b06ebbefdd223e6eb21b9b258d75e6cfa9442a","kind":"tag","published_at":"2025-11-28T23:57:26.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.9.3","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.9.3","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.9.3","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.3/manifests"},{"name":"v0.9.2","sha":"766e968099db047e3cbabab3f4e8908f585ecfb5","kind":"tag","published_at":"2024-08-22T23:56:01.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.9.2","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.9.2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.9.2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.2/manifests"},{"name":"v0.9.1","sha":"0b44c75d2284e12ba7eed21397912b5d9e950a55","kind":"tag","published_at":"2022-05-20T02:20:51.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.9.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.9.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.9.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.1/manifests"},{"name":"v0.9.0.1","sha":"4ca934688c0f38edd0d8018450b1c4c54571ebb1","kind":"tag","published_at":"2021-08-31T19:52:11.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.9.0.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.9.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.9.0.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.0.1/manifests"},{"name":"v0.9.0","sha":"28f9495b04f109ea92c8e7dfb238fd830164e0ed","kind":"tag","published_at":"2021-08-31T15:50:07.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.9.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.9.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.0/manifests"},{"name":"v0.8.0","sha":"9def635f9db5c7d9ecde7aa85cabdf316bbf8371","kind":"tag","published_at":"2021-03-10T09:51:03.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.8.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.8.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0/manifests"},{"name":"v0.8.0.rc2","sha":"316205b02898134c3f59b7fd05e5a7bbaa7c5d38","kind":"tag","published_at":"2021-02-27T19:29:18.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.8.0.rc2","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.8.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.8.0.rc2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0.rc2/manifests"},{"name":"v0.8.0.rc1","sha":"598d3c7280d3b38f8b5ff073023a50d0b32ae976","kind":"tag","published_at":"2020-12-23T01:52:15.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.8.0.rc1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.8.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.8.0.rc1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0.rc1/manifests"},{"name":"v0.7.0.1","sha":"a627af4ab1ab9615e4c97f3fb49c9a0ac29d1f13","kind":"tag","published_at":"2020-06-13T07:40:28.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.7.0.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.7.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.7.0.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.7.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.7.0.1/manifests"},{"name":"v0.7.0","sha":"cb3d60d108214c7f12d6c1b0933d21f791564a17","kind":"tag","published_at":"2020-06-12T21:52:35.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.7.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.7.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.7.0/manifests"},{"name":"v0.6.1","sha":"c3fe695f38d98138d306ef31df1decd2adc819b3","kind":"tag","published_at":"2019-01-18T04:19:35.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.6.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.6.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.6.1/manifests"},{"name":"v0.6.0","sha":"6e2e298aebb0707a1b62c08c005335ecd130aa66","kind":"tag","published_at":"2017-07-18T23:29:10.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.6.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.6.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.6.0/manifests"},{"name":"v0.5.0","sha":"fe7d417d7279806a7407b07b81ebfb939bc8d762","kind":"tag","published_at":"2016-02-29T04:03:41.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.5.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.5.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.5.0/manifests"},{"name":"v0.4.0","sha":"ae0f76f7ff7664d44c32c5cb5018ed47fee809e5","kind":"tag","published_at":"2015-06-30T21:38:47.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.4.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.4.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.4.0/manifests"},{"name":"v0.3.1","sha":"386add8c0ee85260d22a854dc26c6ed809f79d10","kind":"tag","published_at":"2014-04-20T22:53:56.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.3.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.3.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.3.1/manifests"},{"name":"v0.3.0","sha":"5bcfcf37d4559ea1438aca165a93f8ef9af1079f","kind":"tag","published_at":"2013-11-01T02:18:50.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.3.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.3.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.3.0/manifests"},{"name":"v0.2.0","sha":"8136de775c033729652ccb7deb6667fed8e58bff","kind":"tag","published_at":"2013-08-27T01:19:45.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.2.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.2.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.2.0/manifests"},{"name":"v0.1.2","sha":"47daa39600b3f17f2c113de99fb131b2d773a267","kind":"tag","published_at":"2013-02-18T04:08:46.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.1.2","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.1.2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.2/manifests"},{"name":"v0.1.1","sha":"f6e2e4a79e1fcd2d22e0cb5803ab5e2804e99d0c","kind":"tag","published_at":"2013-02-12T09:27:38.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.1.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.1.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.1/manifests"},{"name":"v0.1.0","sha":"f3c207d048131be273ea0be88d89c67bbd9761d1","kind":"tag","published_at":"2013-02-12T04:24:08.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.1.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.1.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.0/manifests"}]},"repo_metadata_updated_at":"2026-04-27T14:19:22.166Z","dependent_packages_count":0,"downloads":128440603,"downloads_period":"total","dependent_repos_count":0,"rankings":{"downloads":0.20924800484460496,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":0.22168393278110604,"average":0.10773298440642776},"purl":"pkg:gem/bundler-audit?repository_url=https://gem.coop","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/rubygems/bundler-audit","docker_dependents_count":297,"docker_downloads_count":466004988,"usage_url":"https://repos.ecosyste.ms/usage/rubygems/bundler-audit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/rubygems/bundler-audit/dependencies","status":null,"funding_links":["https://github.com/sponsors/postmodern","https://github.com/sponsors/reedloden"],"critical":null,"issue_metadata":{"last_synced_at":"2026-04-18T15:34:41.569Z","issues_count":44,"pull_requests_count":97,"avg_time_to_close_issue":25834051.423076924,"avg_time_to_close_pull_request":19024664.529411763,"issues_closed_count":26,"pull_requests_closed_count":68,"pull_request_authors_count":44,"issue_authors_count":35,"avg_comments_per_issue":3.0,"avg_comments_per_pull_request":1.1443298969072164,"merged_pull_requests_count":37,"bot_issues_count":0,"bot_pull_requests_count":40,"past_year_issues_count":6,"past_year_pull_requests_count":17,"past_year_avg_time_to_close_issue":1385174.0,"past_year_avg_time_to_close_pull_request":2206704.375,"past_year_issues_closed_count":2,"past_year_pull_requests_closed_count":8,"past_year_pull_request_authors_count":11,"past_year_issue_authors_count":6,"past_year_avg_comments_per_issue":1.3333333333333333,"past_year_avg_comments_per_pull_request":1.1764705882352942,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":2,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/issues","maintainers":[{"login":"postmodern","count":9,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/postmodern"}],"active_maintainers":[]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/packages/bundler-audit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/packages/bundler-audit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/packages/bundler-audit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/packages/bundler-audit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/packages/bundler-audit/codemeta","maintainers":[{"uuid":"212","login":"postmodern","name":null,"email":null,"url":null,"packages_count":134,"html_url":"https://gem.coop/profiles/postmodern","role":null,"created_at":"2025-10-07T13:15:29.947Z","updated_at":"2025-10-07T13:15:29.947Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/maintainers/postmodern/packages"}],"registry":{"name":"gem.coop","url":"https://gem.coop","ecosystem":"rubygems","default":false,"packages_count":190343,"maintainers_count":67464,"namespaces_count":0,"keywords_count":0,"github":"gem-coop","metadata":{"funded_packages_count":6507},"icon_url":"https://github.com/gem-coop.png","created_at":"2025-10-06T17:24:20.932Z","updated_at":"2026-04-03T06:45:05.763Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/gem.coop/namespaces"}},{"id":13243322,"name":"bundler-audit","ecosystem":"nixpkgs","description":"Patch-level verification for Bundler","homepage":"https://github.com/rubysec/bundler-audit","licenses":"GPL-3.0-or-later","normalized_licenses":["GPL-3.0-or-later"],"repository_url":"https://github.com/rubysec/bundler-audit","keywords_array":[],"namespace":null,"versions_count":1,"first_release_published_at":"2026-02-02T03:23:41.170Z","latest_release_published_at":"2026-02-02T03:23:41.170Z","latest_release_number":"0.9.1","last_synced_at":"2026-03-05T22:45:38.565Z","created_at":"2026-02-02T03:23:31.521Z","updated_at":"2026-03-05T22:45:40.419Z","registry_url":"https://search.nixos.org/packages?channel=23.11\u0026query=bundler-audit","install_command":"nix-env -iA nixpkgs.bundler-audit","documentation_url":"https://github.com/NixOS/nixpkgs/blob/nixos-23.11/pkgs/tools/security/bundler-audit/default.nix#L14","metadata":{"nix_attribute":"bundler-audit-0.9.1","position":"pkgs/tools/security/bundler-audit/default.nix:14","platforms":["i686-cygwin","x86_64-cygwin","x86_64-darwin","i686-darwin","aarch64-darwin","armv7a-darwin","i686-freebsd13","x86_64-freebsd13","x86_64-solaris","aarch64-linux","armv5tel-linux","armv6l-linux","armv7a-linux","armv7l-linux","i686-linux","loongarch64-linux","m68k-linux","microblaze-linux","microblazeel-linux","mips-linux","mips64-linux","mips64el-linux","mipsel-linux","powerpc64-linux","powerpc64le-linux","riscv32-linux","riscv64-linux","s390-linux","s390x-linux","x86_64-linux","aarch64-netbsd","armv6l-netbsd","armv7a-netbsd","armv7l-netbsd","i686-netbsd","m68k-netbsd","mipsel-netbsd","powerpc-netbsd","riscv32-netbsd","riscv64-netbsd","x86_64-netbsd","i686-openbsd","x86_64-openbsd","x86_64-redox"],"broken":false,"insecure":false,"unfree":false,"outputs":["out"]},"repo_metadata":{},"repo_metadata_updated_at":null,"dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{},"purl":"pkg:nix/bundler-audit?channel=23.11\u0026repository_url=https://channels.nixos.org/nixos-23.11","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/nixpkgs/bundler-audit","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/nixpkgs/bundler-audit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/nixpkgs/bundler-audit/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.11/packages/bundler-audit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.11/packages/bundler-audit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.11/packages/bundler-audit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.11/packages/bundler-audit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.11/packages/bundler-audit/codemeta","maintainers":[{"uuid":"nicknovitski","login":null,"name":"Nick Novitski","email":"nixpkgs@nicknovitski.com","url":"https://github.com/nicknovitski","packages_count":73,"html_url":null,"role":null,"created_at":"2026-03-05T22:45:40.005Z","updated_at":"2026-03-05T22:45:40.005Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.11/maintainers/nicknovitski/packages"},{"uuid":"primeos","login":null,"name":"Michael Weiss","email":"dev.primeos@gmail.com","url":"https://github.com/primeos","packages_count":316,"html_url":null,"role":null,"created_at":"2026-03-05T22:45:39.659Z","updated_at":"2026-03-05T22:45:39.659Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.11/maintainers/primeos/packages"}],"registry":{"name":"nixpkgs-23.11","url":"https://channels.nixos.org/nixos-23.11","ecosystem":"nixpkgs","default":false,"packages_count":108178,"maintainers_count":2997,"namespaces_count":0,"keywords_count":0,"github":"NixOS","metadata":{"funded_packages_count":189},"icon_url":"https://github.com/NixOS.png","created_at":"2026-01-25T22:30:53.577Z","updated_at":"2026-04-03T06:23:37.723Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.11/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.11/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.11/namespaces"}},{"id":169705,"name":"bundler-audit","ecosystem":"rubygems","description":"bundler-audit provides patch-level verification for Bundled apps.","homepage":"https://github.com/rubysec/bundler-audit#readme","licenses":"GPL-3.0-or-later","normalized_licenses":["GPL-3.0-or-later"],"repository_url":"https://github.com/rubysec/bundler-audit","keywords_array":[],"namespace":null,"versions_count":20,"first_release_published_at":"2013-02-12T04:22:39.267Z","latest_release_published_at":"2025-11-28T23:57:52.375Z","latest_release_number":"0.9.3","last_synced_at":"2026-04-27T14:01:10.154Z","created_at":"2022-04-05T18:36:54.140Z","updated_at":"2026-04-27T14:01:10.154Z","registry_url":"https://rubygems.org/gems/bundler-audit","install_command":"gem install bundler-audit -s https://rubygems.org","documentation_url":"http://www.rubydoc.info/gems/bundler-audit/","metadata":{"funding":null},"repo_metadata":{"id":6883861,"uuid":"8133216","full_name":"rubysec/bundler-audit","owner":"rubysec","description":"Patch-level verification for Bundler","archived":false,"fork":false,"pushed_at":"2025-05-02T04:32:06.000Z","size":556,"stargazers_count":2708,"open_issues_count":51,"forks_count":237,"subscribers_count":45,"default_branch":"master","last_synced_at":"2025-08-15T22:50:11.159Z","etag":null,"topics":["bundler-audit","dependency-checker","patch-management","ruby","ruby-advisory-db","security","security-audit","security-tools"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rubysec.png","metadata":{"files":{"readme":"README.md","changelog":"ChangeLog.md","contributing":null,"funding":".github/FUNDING.yml","license":"COPYING.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":["postmodern","reedloden"]}},"created_at":"2013-02-11T05:41:07.000Z","updated_at":"2025-07-30T12:03:28.000Z","dependencies_parsed_at":"2024-05-01T13:19:57.100Z","dependency_job_id":"b4669799-28cf-485d-8b5a-916bb9a87555","html_url":"https://github.com/rubysec/bundler-audit","commit_stats":{"total_commits":599,"total_committers":65,"mean_commits":9.215384615384615,"dds":"0.23706176961602676","last_synced_commit":"da0eff072a9521dc2995483a8978d5a7dd4e328a"},"previous_names":["postmodern/bundler-audit"],"tags_count":19,"template":false,"template_full_name":null,"purl":"pkg:github/rubysec/bundler-audit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rubysec","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":271482593,"owners_count":24767505,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-21T02:00:08.990Z","response_time":74,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"rubysec","name":"RubySec","uuid":"3538974","kind":"organization","description":null,"email":null,"website":"https://rubysec.com","location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/3538974?v=4","repositories_count":6,"last_synced_at":"2024-03-27T00:56:41.082Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/rubysec","funding_links":[],"total_stars":3666,"followers":18,"following":0,"created_at":"2022-11-04T21:39:33.058Z","updated_at":"2024-03-27T00:56:41.148Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rubysec","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rubysec/repositories"},"tags":[{"name":"v0.9.2","sha":"766e968099db047e3cbabab3f4e8908f585ecfb5","kind":"tag","published_at":"2024-08-22T23:56:01.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.9.2","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.9.2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.9.2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.2/manifests"},{"name":"v0.9.1","sha":"0b44c75d2284e12ba7eed21397912b5d9e950a55","kind":"tag","published_at":"2022-05-20T02:20:51.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.9.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.9.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.9.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.1/manifests"},{"name":"v0.9.0.1","sha":"4ca934688c0f38edd0d8018450b1c4c54571ebb1","kind":"tag","published_at":"2021-08-31T19:52:11.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.9.0.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.9.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.9.0.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.0.1/manifests"},{"name":"v0.9.0","sha":"28f9495b04f109ea92c8e7dfb238fd830164e0ed","kind":"tag","published_at":"2021-08-31T15:50:07.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.9.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.9.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.9.0/manifests"},{"name":"v0.8.0","sha":"9def635f9db5c7d9ecde7aa85cabdf316bbf8371","kind":"tag","published_at":"2021-03-10T09:51:03.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.8.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.8.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0/manifests"},{"name":"v0.8.0.rc2","sha":"316205b02898134c3f59b7fd05e5a7bbaa7c5d38","kind":"tag","published_at":"2021-02-27T19:29:18.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.8.0.rc2","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.8.0.rc2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.8.0.rc2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0.rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0.rc2/manifests"},{"name":"v0.8.0.rc1","sha":"598d3c7280d3b38f8b5ff073023a50d0b32ae976","kind":"tag","published_at":"2020-12-23T01:52:15.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.8.0.rc1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.8.0.rc1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.8.0.rc1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0.rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.8.0.rc1/manifests"},{"name":"v0.7.0.1","sha":"a627af4ab1ab9615e4c97f3fb49c9a0ac29d1f13","kind":"tag","published_at":"2020-06-13T07:40:28.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.7.0.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.7.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.7.0.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.7.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.7.0.1/manifests"},{"name":"v0.7.0","sha":"cb3d60d108214c7f12d6c1b0933d21f791564a17","kind":"tag","published_at":"2020-06-12T21:52:35.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.7.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.7.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.7.0/manifests"},{"name":"v0.6.1","sha":"c3fe695f38d98138d306ef31df1decd2adc819b3","kind":"tag","published_at":"2019-01-18T04:19:35.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.6.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.6.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.6.1/manifests"},{"name":"v0.6.0","sha":"6e2e298aebb0707a1b62c08c005335ecd130aa66","kind":"tag","published_at":"2017-07-18T23:29:10.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.6.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.6.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.6.0/manifests"},{"name":"v0.5.0","sha":"fe7d417d7279806a7407b07b81ebfb939bc8d762","kind":"tag","published_at":"2016-02-29T04:03:41.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.5.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.5.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.5.0/manifests"},{"name":"v0.4.0","sha":"ae0f76f7ff7664d44c32c5cb5018ed47fee809e5","kind":"tag","published_at":"2015-06-30T21:38:47.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.4.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.4.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.4.0/manifests"},{"name":"v0.3.1","sha":"386add8c0ee85260d22a854dc26c6ed809f79d10","kind":"tag","published_at":"2014-04-20T22:53:56.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.3.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.3.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.3.1/manifests"},{"name":"v0.3.0","sha":"5bcfcf37d4559ea1438aca165a93f8ef9af1079f","kind":"tag","published_at":"2013-11-01T02:18:50.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.3.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.3.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.3.0/manifests"},{"name":"v0.2.0","sha":"8136de775c033729652ccb7deb6667fed8e58bff","kind":"tag","published_at":"2013-08-27T01:19:45.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.2.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.2.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.2.0/manifests"},{"name":"v0.1.2","sha":"47daa39600b3f17f2c113de99fb131b2d773a267","kind":"tag","published_at":"2013-02-18T04:08:46.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.1.2","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.1.2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.2/manifests"},{"name":"v0.1.1","sha":"f6e2e4a79e1fcd2d22e0cb5803ab5e2804e99d0c","kind":"tag","published_at":"2013-02-12T09:27:38.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.1.1","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.1.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.1/manifests"},{"name":"v0.1.0","sha":"f3c207d048131be273ea0be88d89c67bbd9761d1","kind":"tag","published_at":"2013-02-12T04:24:08.000Z","download_url":"https://codeload.github.com/rubysec/bundler-audit/tar.gz/v0.1.0","html_url":"https://github.com/rubysec/bundler-audit/releases/tag/v0.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/rubysec/bundler-audit@v0.1.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/tags/v0.1.0/manifests"}]},"repo_metadata_updated_at":"2025-08-21T12:36:24.145Z","dependent_packages_count":368,"downloads":128440603,"downloads_period":"total","dependent_repos_count":5894,"rankings":{"downloads":0.20517166400909892,"dependent_repos_count":0.41703370836632064,"dependent_packages_count":0.12432956813594853,"stargazers_count":0.9885036964351424,"forks_count":1.7551097779908789,"docker_downloads_count":0.2993945205784949,"average":0.6315904892526474},"purl":"pkg:gem/bundler-audit","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/rubygems/bundler-audit","docker_dependents_count":297,"docker_downloads_count":466004988,"usage_url":"https://repos.ecosyste.ms/usage/rubygems/bundler-audit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/rubygems/bundler-audit/dependencies","status":null,"funding_links":["https://github.com/sponsors/postmodern","https://github.com/sponsors/reedloden"],"critical":true,"issue_metadata":{"last_synced_at":"2025-08-21T01:05:43.442Z","issues_count":37,"pull_requests_count":77,"avg_time_to_close_issue":27871457.875,"avg_time_to_close_pull_request":21625905.508474577,"issues_closed_count":24,"pull_requests_closed_count":59,"pull_request_authors_count":35,"issue_authors_count":28,"avg_comments_per_issue":3.243243243243243,"avg_comments_per_pull_request":1.1948051948051948,"merged_pull_requests_count":34,"bot_issues_count":0,"bot_pull_requests_count":40,"past_year_issues_count":2,"past_year_pull_requests_count":8,"past_year_avg_time_to_close_issue":371528.0,"past_year_avg_time_to_close_pull_request":45696.25,"past_year_issues_closed_count":2,"past_year_pull_requests_closed_count":4,"past_year_pull_request_authors_count":7,"past_year_issue_authors_count":2,"past_year_avg_comments_per_issue":2.0,"past_year_avg_comments_per_pull_request":1.0,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":1,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/issues","maintainers":[{"login":"postmodern","count":9,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/postmodern"}],"active_maintainers":[]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/bundler-audit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/bundler-audit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/bundler-audit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/bundler-audit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages/bundler-audit/codemeta","maintainers":[{"uuid":"212","login":"postmodern","name":null,"email":null,"url":null,"packages_count":134,"html_url":"https://rubygems.org/profiles/postmodern","role":null,"created_at":"2022-11-07T13:49:46.047Z","updated_at":"2022-11-07T13:49:46.047Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers/postmodern/packages"}],"registry":{"name":"rubygems.org","url":"https://rubygems.org","ecosystem":"rubygems","default":true,"packages_count":205490,"maintainers_count":68456,"namespaces_count":0,"keywords_count":0,"github":"rubygems","metadata":{"funded_packages_count":7260},"icon_url":"https://github.com/rubygems.png","created_at":"2022-04-04T15:19:23.446Z","updated_at":"2026-04-03T06:42:17.024Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/rubygems.org/namespaces"}},{"id":12726855,"name":"bundler-audit","ecosystem":"nixpkgs","description":"Patch-level verification for Bundler","homepage":"https://github.com/rubysec/bundler-audit","licenses":"GPL-3.0-or-later","normalized_licenses":["GPL-3.0-or-later"],"repository_url":"https://github.com/rubysec/bundler-audit","keywords_array":[],"namespace":null,"versions_count":2,"first_release_published_at":"2026-01-26T01:06:02.978Z","latest_release_published_at":"2026-02-26T04:19:20.516Z","latest_release_number":"0.9.2","last_synced_at":"2026-03-26T05:08:09.028Z","created_at":"2026-01-26T01:06:02.786Z","updated_at":"2026-03-26T05:08:09.029Z","registry_url":"https://search.nixos.org/packages?channel=unstable\u0026query=bundler-audit","install_command":"nix-env -iA nixpkgs.bundler-audit","documentation_url":"https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/tools/security/bundler-audit/default.nix#L19","metadata":{"nix_attribute":"bundler-audit-0.9.2","position":"pkgs/tools/security/bundler-audit/default.nix:19","platforms":["i686-cygwin","x86_64-cygwin","x86_64-darwin","aarch64-darwin","i686-freebsd","x86_64-freebsd","aarch64-freebsd","x86_64-solaris","aarch64-linux","armv5tel-linux","armv6l-linux","armv7a-linux","armv7l-linux","i686-linux","loongarch64-linux","m68k-linux","microblaze-linux","microblazeel-linux","mips-linux","mips64-linux","mips64el-linux","mipsel-linux","powerpc-linux","powerpc64-linux","powerpc64le-linux","riscv32-linux","riscv64-linux","s390-linux","s390x-linux","x86_64-linux","aarch64-netbsd","armv6l-netbsd","armv7a-netbsd","armv7l-netbsd","i686-netbsd","m68k-netbsd","mipsel-netbsd","powerpc-netbsd","riscv32-netbsd","riscv64-netbsd","x86_64-netbsd","i686-openbsd","x86_64-openbsd","x86_64-redox"],"broken":false,"insecure":false,"unfree":false,"outputs":["out"]},"repo_metadata":{},"repo_metadata_updated_at":null,"dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":100},"purl":"pkg:nix/bundler-audit?channel=unstable","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/nixpkgs/bundler-audit","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/nixpkgs/bundler-audit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/nixpkgs/bundler-audit/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-unstable/packages/bundler-audit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-unstable/packages/bundler-audit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-unstable/packages/bundler-audit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-unstable/packages/bundler-audit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-unstable/packages/bundler-audit/codemeta","maintainers":[{"uuid":"nicknovitski","login":null,"name":"Nick Novitski","email":"nixpkgs@nicknovitski.com","url":"https://github.com/nicknovitski","packages_count":67,"html_url":null,"role":null,"created_at":"2026-02-26T04:19:21.133Z","updated_at":"2026-02-26T04:19:21.133Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-unstable/maintainers/nicknovitski/packages"}],"registry":{"name":"nixpkgs-unstable","url":"https://channels.nixos.org/nixos-unstable","ecosystem":"nixpkgs","default":true,"packages_count":145703,"maintainers_count":4625,"namespaces_count":0,"keywords_count":2867,"github":"NixOS","metadata":{"funded_packages_count":1543},"icon_url":"https://github.com/NixOS.png","created_at":"2026-01-25T22:30:52.762Z","updated_at":"2026-04-16T05:08:04.612Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-unstable/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-unstable/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-unstable/namespaces"}},{"id":12722119,"name":"bundler-audit","ecosystem":"nixpkgs","description":"Patch-level verification for Bundler","homepage":"https://github.com/rubysec/bundler-audit","licenses":"GPL-3.0-or-later","normalized_licenses":["GPL-3.0-or-later"],"repository_url":"https://github.com/rubysec/bundler-audit","keywords_array":[],"namespace":null,"versions_count":1,"first_release_published_at":"2026-01-26T00:15:11.305Z","latest_release_published_at":"2026-01-26T00:15:11.305Z","latest_release_number":"0.9.1","last_synced_at":"2026-03-26T16:19:29.667Z","created_at":"2026-01-26T00:15:11.148Z","updated_at":"2026-03-26T16:19:29.667Z","registry_url":"https://search.nixos.org/packages?channel=23.05\u0026query=bundler-audit","install_command":"nix-env -iA nixpkgs.bundler-audit","documentation_url":"https://github.com/NixOS/nixpkgs/blob/nixos-23.05/pkgs/tools/security/bundler-audit/default.nix#L14","metadata":{"nix_attribute":"bundler-audit-0.9.1","position":"pkgs/tools/security/bundler-audit/default.nix:14","platforms":["i686-cygwin","x86_64-cygwin","x86_64-darwin","i686-darwin","aarch64-darwin","armv7a-darwin","i686-freebsd13","x86_64-freebsd13","x86_64-solaris","aarch64-linux","armv5tel-linux","armv6l-linux","armv7a-linux","armv7l-linux","i686-linux","loongarch64-linux","m68k-linux","microblaze-linux","microblazeel-linux","mipsel-linux","mips64el-linux","powerpc64-linux","powerpc64le-linux","riscv32-linux","riscv64-linux","s390-linux","s390x-linux","x86_64-linux","aarch64-netbsd","armv6l-netbsd","armv7a-netbsd","armv7l-netbsd","i686-netbsd","m68k-netbsd","mipsel-netbsd","powerpc-netbsd","riscv32-netbsd","riscv64-netbsd","x86_64-netbsd","i686-openbsd","x86_64-openbsd","x86_64-redox"],"broken":false,"insecure":false,"unfree":false,"outputs":["out"]},"repo_metadata":{},"repo_metadata_updated_at":null,"dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":100},"purl":"pkg:nix/bundler-audit?channel=23.05\u0026repository_url=https://channels.nixos.org/nixos-23.05","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/nixpkgs/bundler-audit","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/nixpkgs/bundler-audit","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/nixpkgs/bundler-audit/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.05/packages/bundler-audit/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.05/packages/bundler-audit/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.05/packages/bundler-audit/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.05/packages/bundler-audit/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.05/packages/bundler-audit/codemeta","maintainers":[{"uuid":"primeos","login":null,"name":"Michael Weiss","email":"dev.primeos@gmail.com","url":"https://github.com/primeos","packages_count":321,"html_url":null,"role":null,"created_at":"2026-02-26T14:09:38.012Z","updated_at":"2026-02-26T14:09:38.012Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.05/maintainers/primeos/packages"},{"uuid":"nicknovitski","login":null,"name":"Nick Novitski","email":"nixpkgs@nicknovitski.com","url":"https://github.com/nicknovitski","packages_count":73,"html_url":null,"role":null,"created_at":"2026-02-26T14:09:38.052Z","updated_at":"2026-02-26T14:09:38.052Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.05/maintainers/nicknovitski/packages"}],"registry":{"name":"nixpkgs-23.05","url":"https://channels.nixos.org/nixos-23.05","ecosystem":"nixpkgs","default":false,"packages_count":101092,"maintainers_count":2622,"namespaces_count":0,"keywords_count":0,"github":"NixOS","metadata":{"funded_packages_count":151},"icon_url":"https://github.com/NixOS.png","created_at":"2026-01-25T22:30:53.882Z","updated_at":"2026-04-03T06:21:54.798Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.05/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.05/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/nixpkgs-23.05/namespaces"}}],"commits":{"id":3105,"full_name":"rubysec/bundler-audit","default_branch":"master","total_commits":613,"total_committers":64,"total_bot_commits":30,"total_bot_committers":1,"mean_commits":9.578125,"dds":0.234910277324633,"past_year_total_commits":14,"past_year_total_committers":3,"past_year_total_bot_commits":0,"past_year_total_bot_committers":0,"past_year_mean_commits":4.666666666666667,"past_year_dds":0.1428571428571429,"last_synced_at":"2026-04-25T15:14:48.117Z","last_synced_commit":"f8b06ebbefdd223e6eb21b9b258d75e6cfa9442a","created_at":"2023-03-07T09:16:38.002Z","updated_at":"2026-04-25T15:13:54.252Z","committers":[{"name":"Postmodern","email":"postmodern.mod3@gmail.com","login":"postmodern","count":469},{"name":"dependabot[bot]","email":"49699333+dependabot[bot]","login":"dependabot[bot]","count":30},{"name":"Jon Frisby","email":"jfrisby@mrjoy.com","login":"MrJoy","count":11},{"name":"Reed Loden","email":"reed@hackerone.com","login":"reedloden","count":10},{"name":"grosser","email":"grosser.michael@gmail.com","login":"grosser","count":7},{"name":"Robert Schultheis","email":"robert.schultheis@gmail.com","login":"rschultheis","count":7},{"name":"woodbusy","email":"woodbusy@gmail.com","login":"woodbusy","count":3},{"name":"retornam","email":"retornam","login":"retornam","count":3},{"name":"Peter Goldstein","email":"peter.m.goldstein@gmail.com","login":"petergoldstein","count":3},{"name":"JuanitoFatas","email":"katehuang0320@gmail.com","login":"JuanitoFatas","count":3},{"name":"Eliot Sykes","email":"eliotsykes@gmail.com","login":"eliotsykes","count":3},{"name":"Martin Baum","email":"martin.baum@direktzu.de","login":null,"count":3},{"name":"Muhammad Rizal Muthi","email":"rizalmuthi@gmail.com","login":"rizalmuthi","count":2},{"name":"Popa Marius Adrian","email":"mapopa@gmail.com","login":"mariuz","count":2},{"name":"Mikhail Doronin","email":"mikhail.doronin@thetrainline.com","login":"misdoro","count":2},{"name":"Mark Borcherding","email":"markborcherding@gmail.com","login":"MarkBorcherding","count":2},{"name":"Jared Beck","email":"jared@jaredbeck.com","login":"jaredbeck","count":2},{"name":"Jacob Evans","email":"jacob@dekz.net","login":"dekz","count":2},{"name":"Andrius Miasnikovas","email":"andrejus@vinted.com","login":"andriusm","count":2},{"name":"Paul B","email":"paul+gh@bonaud.fr","login":"paulRbr","count":2},{"name":"Ryan Bigg","email":"git@ryanbigg.com","login":"radar","count":2},{"name":"Adrian Macneil","email":"adrian@coinbase.com","login":null,"count":1},{"name":"Alex Hamlin","email":"ahamlin@newrelic.com","login":null,"count":1},{"name":"Andrey Korobkov","email":"korobkov@fryxell.info","login":null,"count":1},{"name":"Christos Zisopoulos","email":"christos@me.com","login":null,"count":1},{"name":"Jan Rusnacko","email":"rusnackoj@gmail.com","login":null,"count":1},{"name":"Garllon","email":"palluthe.bennet@gmail.com","login":null,"count":1},{"name":"Alex Gaynor","email":"alex.gaynor@gmail.com","login":"alex","count":1},{"name":"Alexander Popov","email":"alex.wayfer@gmail.com","login":"AlexWayfer","count":1},{"name":"Brady","email":"37232811+BClark88","login":"BClark88","count":1},{"name":"Brendon Murphy","email":"xternal1+github@gmail.com","login":"bemurphy","count":1},{"name":"Bryan Helmkamp","email":"bryan@brynary.com","login":"brynary","count":1},{"name":"Cédric Félizard","email":"cedric@felizard.fr","login":"infertux","count":1},{"name":"fatkodima","email":"fatkodima123@gmail.com","login":"fatkodima","count":1},{"name":"bobofraggins","email":"peter.fry@mac.com","login":"BoboFraggins","count":1},{"name":"alxwr","email":"alxwr","login":"alxwr","count":1},{"name":"Yasuo Honda","email":"yasuo.honda@gmail.com","login":"yahonda","count":1},{"name":"Viktor Schmidt","email":"viktorianer4life@gmail.com","login":"viktorianer","count":1},{"name":"Takafumi ONAKA","email":"takafumi.onaka@gmail.com","login":"onk","count":1},{"name":"Stephen Touset","email":"stephen@touset.org","login":"stouset","count":1},{"name":"Shane da Silva","email":"shane.dasilva@brigade.com","login":"sds","count":1},{"name":"Roland Moriz","email":"roland@moriz.de","login":"rmoriz","count":1},{"name":"Rodrigo Andrés Contreras Vilina","email":"4110256+vaporyhumo","login":"vaporyhumo","count":1},{"name":"Risal Hidayat","email":"risalhidayat88@gmail.com","login":"rslhdyt","count":1},{"name":"Radek","email":"radziu92@gmail.com","login":"rwojnarowski","count":1},{"name":"Pere Joan Martorell","email":"pj.martorell@gmail.com","login":"pjmartorell","count":1},{"name":"ooooooo-q","email":"ooooooo-q","login":"ooooooo-q","count":1},{"name":"Patrick Hereford","email":"phereford","login":"phereford","count":1},{"name":"Olivier Gonzalez","email":"gonzoyumo@gmail.com","login":"gonzoyumo","count":1},{"name":"Oliver Klee","email":"o.klee@braingourmets.com","login":"oliverklee","count":1},{"name":"Nick Novitski","email":"github@nicknovitski.com","login":"nicknovitski","count":1},{"name":"Mauro Otonelli","email":"mauro.otonelli@gmail.com","login":"mauro-oto","count":1},{"name":"Marcus Ilgner","email":"marcus.ilgner@i22.de","login":"milgner","count":1},{"name":"Keegan Roth","email":"keegan.roth@lookout.com","login":"keegangroth","count":1},{"name":"Jordi Massaguer Pla","email":"jmassaguerpla@suse.de","login":"jordimassaguerpla","count":1},{"name":"Jean Boussier","email":"jean.boussier@gmail.com","login":"byroot","count":1},{"name":"James Ebentier","email":"jebentier@gmail.com","login":"jebentier","count":1},{"name":"Jaime Iniesta","email":"jaimeiniesta@gmail.com","login":"jaimeiniesta","count":1},{"name":"Jacob Kjeldahl","email":"jacob@kjeldahl.it","login":"kjeldahl","count":1},{"name":"Ilya Vassilevsky","email":"vassilevsky@gmail.com","login":"vassilevsky","count":1},{"name":"Igor Victor","email":"gogainda@yandex.ru","login":"gogainda","count":1},{"name":"Gareth Jones","email":"Jones258@Gmail.com","login":"G-Rath","count":1},{"name":"Eric Pigeon","email":"epigeon@weblinc.com","login":"eric-pigeon","count":1},{"name":"Dmytro Shteflyuk","email":"kpumuk@kpumuk.info","login":"kpumuk","count":1}],"past_year_committers":[{"name":"Postmodern","email":"postmodern.mod3@gmail.com","login":"postmodern","count":12},{"name":"Yasuo Honda","email":"yasuo.honda@gmail.com","login":"yahonda","count":1},{"name":"Jean Boussier","email":"jean.boussier@gmail.com","login":"byroot","count":1}],"commits_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/commits","host":{"name":"GitHub","url":"https://github.com","kind":"github","last_synced_at":"2026-04-26T00:00:10.019Z","repositories_count":6218656,"commits_count":899421109,"contributors_count":34886385,"owners_count":1145542,"icon_url":"https://github.com/github.png","host_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub/repositories"}},"issues_stats":{"full_name":"rubysec/bundler-audit","html_url":"https://github.com/rubysec/bundler-audit","last_synced_at":"2026-04-18T15:34:41.569Z","status":"active","issues_count":44,"pull_requests_count":97,"avg_time_to_close_issue":25834051.423076924,"avg_time_to_close_pull_request":19024664.529411763,"issues_closed_count":26,"pull_requests_closed_count":68,"pull_request_authors_count":44,"issue_authors_count":35,"avg_comments_per_issue":3.0,"avg_comments_per_pull_request":1.1443298969072164,"merged_pull_requests_count":37,"bot_issues_count":0,"bot_pull_requests_count":40,"past_year_issues_count":6,"past_year_pull_requests_count":17,"past_year_avg_time_to_close_issue":1385174.0,"past_year_avg_time_to_close_pull_request":2206704.375,"past_year_issues_closed_count":2,"past_year_pull_requests_closed_count":8,"past_year_pull_request_authors_count":11,"past_year_issue_authors_count":6,"past_year_avg_comments_per_issue":1.3333333333333333,"past_year_avg_comments_per_pull_request":1.1764705882352942,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":2,"created_at":"2023-05-12T08:34:29.425Z","updated_at":"2026-04-18T15:34:41.569Z","repository_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit","issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubysec%2Fbundler-audit/issues","issue_labels_count":{"feature":12,"bug":11,"needs-info":5,"chore":4,"enhancement":4,"specs":2,"upstream":2,"discussion":1,"json":1,"rubygems":1,"cannot-repro":1,"help-wanted":1,"documentation":1},"pull_request_labels_count":{"dependencies":40,"feature":2,"discussion":1,"github_actions":1,"enhancement":1},"issue_author_associations_count":{"NONE":27,"MEMBER":9,"CONTRIBUTOR":8},"pull_request_author_associations_count":{"CONTRIBUTOR":56,"NONE":41},"issue_authors":{"postmodern":9,"G-Rath":2,"nello":1,"TomNaessens":1,"GolovkoStepan":1,"chabgood":1,"eliotsykes":1,"byroot":1,"peter-mtso":1,"so87":1,"fatkodima":1,"rslhdyt":1,"dssjoblom":1,"lopopolo":1,"ksenia-sudarikova":1,"ericpetroelje":1,"svoop":1,"natebird":1,"tsnr":1,"jasonkarns":1,"udaykadaboina":1,"Nowaker":1,"nareshcool97":1,"vassilevsky":1,"yahonda":1,"aep-sunlife":1,"sandstrom":1,"berney":1,"tilo":1,"HarlemSquirrel":1,"gadimbaylisahil":1,"poloka":1,"Urist-McUristurister":1,"Cr1sPet":1,"olleicua":1},"pull_request_authors":{"dependabot[bot]":40,"kallal79":4,"kpumuk":3,"andriusm":2,"Earlopain":2,"onshi":2,"lovro-bikic":2,"GoutamSingired":2,"paulRbr":2,"oz-tal":2,"rrothenberger":2,"viktorianer":2,"jasonkarns":1,"tapajos":1,"heartpunk":1,"misdoro":1,"zofrex":1,"gbmoretti":1,"G-Rath":1,"bschmeck":1,"kaskas":1,"BClark88":1,"ghost":1,"skorth":1,"byroot":1,"gonzoyumo":1,"NickLaMuro":1,"joshmfrankel":1,"picatz":1,"petergoldstein":1,"neumayr":1,"nschonni":1,"biow0lf":1,"ylecuyer":1,"yahonda":1,"kjeldahl":1,"bkarstaedt":1,"RohanM":1,"rslhdyt":1,"MC-Squared":1,"0llirocks":1,"mlarraz":1,"olleolleolle":1,"gurix":1},"host":{"name":"GitHub","url":"https://github.com","kind":"github","last_synced_at":"2026-04-26T00:00:11.126Z","repositories_count":14411923,"issues_count":34457546,"pull_requests_count":112757265,"authors_count":11245931,"icon_url":"https://github.com/github.png","host_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories","owners_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/owners","authors_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors"},"past_year_issue_labels_count":{"bug":3,"feature":2,"needs-info":1,"upstream":1},"past_year_pull_request_labels_count":{},"past_year_issue_author_associations_count":{"CONTRIBUTOR":3,"NONE":3},"past_year_pull_request_author_associations_count":{"NONE":15,"CONTRIBUTOR":2},"past_year_issue_authors":{"aep-sunlife":1,"byroot":1,"eliotsykes":1,"jasonkarns":1,"tsnr":1,"yahonda":1},"past_year_pull_request_authors":{"kallal79":4,"Earlopain":2,"GoutamSingired":2,"oz-tal":2,"biow0lf":1,"byroot":1,"jasonkarns":1,"mlarraz":1,"neumayr":1,"olleolleolle":1,"yahonda":1},"maintainers":[{"login":"postmodern","count":9,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/postmodern"}],"active_maintainers":[]},"events":{"total":{"DeleteEvent":1,"PullRequestEvent":14,"ForkEvent":11,"IssuesEvent":5,"WatchEvent":61,"IssueCommentEvent":13,"PushEvent":6,"PullRequestReviewCommentEvent":2,"PullRequestReviewEvent":3},"last_year":{"DeleteEvent":1,"PullRequestEvent":8,"ForkEvent":2,"IssuesEvent":5,"WatchEvent":27,"IssueCommentEvent":12,"PushEvent":6,"PullRequestReviewCommentEvent":2,"PullRequestReviewEvent":3}},"keywords":["bundler-audit","dependency-checker","patch-management","ruby","ruby-advisory-db","security","security-audit","security-tools"],"dependencies":[{"ecosystem":"actions","filepath":".github/workflows/ruby.yml","sha":null,"kind":"manifest","created_at":"2023-01-13T14:09:03.314Z","updated_at":"2023-01-13T14:09:03.314Z","repository_link":"https://github.com/rubysec/bundler-audit/blob/master/.github/workflows/ruby.yml","dependencies":[{"id":6876191498,"package_name":"actions/checkout","ecosystem":"actions","requirements":"v2","direct":true,"kind":"composite","optional":false},{"id":6876191499,"package_name":"ruby/setup-ruby","ecosystem":"actions","requirements":"v1","direct":true,"kind":"composite","optional":false}]},{"ecosystem":"rubygems","filepath":"Gemfile","sha":null,"kind":"manifest","created_at":"2023-01-13T14:09:03.328Z","updated_at":"2023-01-13T14:09:03.328Z","repository_link":"https://github.com/rubysec/bundler-audit/blob/master/Gemfile","dependencies":[{"id":6876191500,"package_name":"rake","ecosystem":"rubygems","requirements":"\u003e= 0","direct":true,"kind":"development","optional":false},{"id":6876191501,"package_name":"rubygems-tasks","ecosystem":"rubygems","requirements":"~\u003e 0.2","direct":true,"kind":"development","optional":false},{"id":6876191502,"package_name":"rubocop","ecosystem":"rubygems","requirements":"~\u003e 1.18","direct":true,"kind":"development","optional":false},{"id":6876191503,"package_name":"rspec","ecosystem":"rubygems","requirements":"~\u003e 3.0","direct":true,"kind":"development","optional":false},{"id":6876191504,"package_name":"simplecov","ecosystem":"rubygems","requirements":"~\u003e 0.7","direct":true,"kind":"development","optional":false},{"id":6876191505,"package_name":"kramdown","ecosystem":"rubygems","requirements":"~\u003e 2.0","direct":true,"kind":"development","optional":false},{"id":6876191506,"package_name":"redcarpet","ecosystem":"rubygems","requirements":"\u003e= 0","direct":true,"kind":"development","optional":false},{"id":6876191507,"package_name":"yard","ecosystem":"rubygems","requirements":"~\u003e 0.9","direct":true,"kind":"development","optional":false},{"id":6876191508,"package_name":"yard-spellcheck","ecosystem":"rubygems","requirements":"\u003e= 0","direct":true,"kind":"development","optional":false}]},{"ecosystem":"rubygems","filepath":"spec/bundle/insecure_sources/Gemfile","sha":null,"kind":"manifest","created_at":"2023-01-13T14:09:03.345Z","updated_at":"2023-01-13T14:09:03.345Z","repository_link":"https://github.com/rubysec/bundler-audit/blob/master/spec/bundle/insecure_sources/Gemfile","dependencies":[{"id":6876191509,"package_name":"rails","ecosystem":"rubygems","requirements":"\u003e= 0","direct":true,"kind":"runtime","optional":false},{"id":6876191510,"package_name":"jquery-rails","ecosystem":"rubygems","requirements":"\u003e= 0","direct":true,"kind":"runtime","optional":false}]},{"ecosystem":"rubygems","filepath":"spec/bundle/insecure_sources/Gemfile.lock","sha":null,"kind":"lockfile","created_at":"2023-01-13T14:09:03.367Z","updated_at":"2023-01-13T14:09:03.367Z","repository_link":"https://github.com/rubysec/bundler-audit/blob/master/spec/bundle/insecure_sources/Gemfile.lock","dependencies":[{"id":6876191511,"package_name":"jquery-rails","ecosystem":"rubygems","requirements":"4.4.0","direct":false,"kind":"runtime","optional":false},{"id":6876191512,"package_name":"actioncable","ecosystem":"rubygems","requirements":"6.1.3.2","direct":false,"kind":"runtime","optional":false},{"id":6876191513,"package_name":"actionmailbox","ecosystem":"rubygems","requirements":"6.1.3.2","direct":false,"kind":"runtime","optional":false},{"id":6876191514,"package_name":"actionmailer","ecosystem":"rubygems","requirements":"6.1.3.2","direct":false,"kind":"runtime","optional":false},{"id":6876191515,"package_name":"actionpack","ecosystem":"rubygems","requirements":"6.1.3.2","direct":false,"kind":"runtime","optional":false},{"id":6876191516,"package_name":"actiontext","ecosystem":"rubygems","requirements":"6.1.3.2","direct":false,"kind":"runtime","optional":false},{"id":6876191517,"package_name":"actionview","ecosystem":"rubygems","requirements":"6.1.3.2","direct":false,"kind":"runtime","optional":false},{"id":6876191518,"package_name":"activejob","ecosystem":"rubygems","requirements":"6.1.3.2","direct":false,"kind":"runtime","optional":false},{"id":6876191519,"package_name":"activemodel","ecosystem":"rubygems","requirements":"6.1.3.2","direct":false,"kind":"runtime","optional":false},{"id":6876191520,"package_name":"activerecord","ecosystem":"rubygems","requirements":"6.1.3.2","direct":false,"kind":"runtime","optional":false},{"id":6876191521,"package_name":"activestorage","ecosystem":"rubygems","requirements":"6.1.3.2","direct":false,"kind":"runtime","optional":false},{"id":6876191522,"package_name":"activesupport","ecosystem":"rubygems","requirements":"6.1.3.2","direct":false,"kind":"runtime","optional":false},{"id":6876191523,"package_name":"builder","ecosystem":"rubygems","requirements":"3.2.4","direct":false,"kind":"runtime","optional":false},{"id":6876191524,"package_name":"concurrent-ruby","ecosystem":"rubygems","requirements":"1.1.8","direct":false,"kind":"runtime","optional":false},{"id":6876191525,"package_name":"crass","ecosystem":"rubygems","requirements":"1.0.6","direct":false,"kind":"runtime","optional":false},{"id":6876191526,"package_name":"erubi","ecosystem":"rubygems","requirements":"1.10.0","direct":false,"kind":"runtime","optional":false},{"id":6876191527,"package_name":"globalid","ecosystem":"rubygems","requirements":"0.4.2","direct":false,"kind":"runtime","optional":false},{"id":6876191528,"package_name":"i18n","ecosystem":"rubygems","requirements":"1.8.10","direct":false,"kind":"runtime","optional":false},{"id":6876191529,"package_name":"loofah","ecosystem":"rubygems","requirements":"2.19.1","direct":false,"kind":"runtime","optional":false},{"id":6876191530,"package_name":"mail","ecosystem":"rubygems","requirements":"2.7.1","direct":false,"kind":"runtime","optional":false},{"id":6876191531,"package_name":"marcel","ecosystem":"rubygems","requirements":"1.0.1","direct":false,"kind":"runtime","optional":false},{"id":6876191532,"package_name":"method_source","ecosystem":"rubygems","requirements":"1.0.0","direct":false,"kind":"runtime","optional":false},{"id":6876191533,"package_name":"mini_mime","ecosystem":"rubygems","requirements":"1.0.3","direct":false,"kind":"runtime","optional":false},{"id":6876191534,"package_name":"mini_portile2","ecosystem":"rubygems","requirements":"2.8.0","direct":false,"kind":"runtime","optional":false},{"id":6876191535,"package_name":"minitest","ecosystem":"rubygems","requirements":"5.14.4","direct":false,"kind":"runtime","optional":false},{"id":6876191536,"package_name":"nio4r","ecosystem":"rubygems","requirements":"2.5.7","direct":false,"kind":"runtime","optional":false},{"id":6876191537,"package_name":"nokogiri","ecosystem":"rubygems","requirements":"1.13.10","direct":false,"kind":"runtime","optional":false},{"id":6876191538,"package_name":"racc","ecosystem":"rubygems","requirements":"1.6.1","direct":false,"kind":"runtime","optional":false},{"id":6876191539,"package_name":"rack","ecosystem":"rubygems","requirements":"2.2.3","direct":false,"kind":"runtime","optional":false},{"id":6876191540,"package_name":"rack-test","ecosystem":"rubygems","requirements":"1.1.0","direct":false,"kind":"runtime","optional":false},{"id":6876191541,"package_name":"rails","ecosystem":"rubygems","requirements":"6.1.3.2","direct":false,"kind":"runtime","optional":false},{"id":6876191542,"package_name":"rails-dom-testing","ecosystem":"rubygems","requirements":"2.0.3","direct":false,"kind":"runtime","optional":false},{"id":6876191543,"package_name":"rails-html-sanitizer","ecosystem":"rubygems","requirements":"1.4.4","direct":false,"kind":"runtime","optional":false},{"id":6876191544,"package_name":"railties","ecosystem":"rubygems","requirements":"6.1.3.2","direct":false,"kind":"runtime","optional":false},{"id":6876191545,"package_name":"rake","ecosystem":"rubygems","requirements":"13.0.3","direct":false,"kind":"runtime","optional":false},{"id":6876191546,"package_name":"sprockets","ecosystem":"rubygems","requirements":"4.0.2","direct":false,"kind":"runtime","optional":false},{"id":6876191547,"package_name":"sprockets-rails","ecosystem":"rubygems","requirements":"3.2.2","direct":false,"kind":"runtime","optional":false},{"id":6876191548,"package_name":"thor","ecosystem":"rubygems","requirements":"1.1.0","direct":false,"kind":"runtime","optional":false},{"id":6876191549,"package_name":"tzinfo","ecosystem":"rubygems","requirements":"2.0.4","direct":false,"kind":"runtime","optional":false},{"id":6876191550,"package_name":"websocket-driver","ecosystem":"rubygems","requirements":"0.7.4","direct":false,"kind":"runtime","optional":false},{"id":6876191551,"package_name":"websocket-extensions","ecosystem":"rubygems","requirements":"0.1.5","direct":false,"kind":"runtime","optional":false},{"id":6876191552,"package_name":"zeitwerk","ecosystem":"rubygems","requirements":"2.4.2","direct":false,"kind":"runtime","optional":false}]},{"ecosystem":"rubygems","filepath":"spec/bundle/secure/Gemfile","sha":null,"kind":"manifest","created_at":"2023-01-13T14:09:03.388Z","updated_at":"2023-01-13T14:09:03.388Z","repository_link":"https://github.com/rubysec/bundler-audit/blob/master/spec/bundle/secure/Gemfile","dependencies":[{"id":6876191553,"package_name":"rails","ecosystem":"rubygems","requirements":"~\u003e 5.2","direct":true,"kind":"runtime","optional":false},{"id":6876191554,"package_name":"rails-html-sanitizer","ecosystem":"rubygems","requirements":"~\u003e 1.4.4","direct":true,"kind":"runtime","optional":false}]},{"ecosystem":"rubygems","filepath":"spec/bundle/secure/Gemfile.lock","sha":null,"kind":"lockfile","created_at":"2023-01-13T14:09:03.402Z","updated_at":"2023-01-13T14:09:03.402Z","repository_link":"https://github.com/rubysec/bundler-audit/blob/master/spec/bundle/secure/Gemfile.lock","dependencies":[{"id":6876191555,"package_name":"actioncable","ecosystem":"rubygems","requirements":"5.2.8","direct":false,"kind":"runtime","optional":false},{"id":6876191556,"package_name":"actionmailer","ecosystem":"rubygems","requirements":"5.2.8","direct":false,"kind":"runtime","optional":false},{"id":6876191557,"package_name":"actionpack","ecosystem":"rubygems","requirements":"5.2.8","direct":false,"kind":"runtime","optional":false},{"id":6876191558,"package_name":"actionview","ecosystem":"rubygems","requirements":"5.2.8","direct":false,"kind":"runtime","optional":false},{"id":6876191559,"package_name":"activejob","ecosystem":"rubygems","requirements":"5.2.8","direct":false,"kind":"runtime","optional":false},{"id":6876191560,"package_name":"activemodel","ecosystem":"rubygems","requirements":"5.2.8","direct":false,"kind":"runtime","optional":false},{"id":6876191561,"package_name":"activerecord","ecosystem":"rubygems","requirements":"5.2.8","direct":false,"kind":"runtime","optional":false},{"id":6876191562,"package_name":"activestorage","ecosystem":"rubygems","requirements":"5.2.8","direct":false,"kind":"runtime","optional":false},{"id":6876191563,"package_name":"activesupport","ecosystem":"rubygems","requirements":"5.2.8","direct":false,"kind":"runtime","optional":false},{"id":6876191564,"package_name":"arel","ecosystem":"rubygems","requirements":"9.0.0","direct":false,"kind":"runtime","optional":false},{"id":6876191565,"package_name":"builder","ecosystem":"rubygems","requirements":"3.2.4","direct":false,"kind":"runtime","optional":false},{"id":6876191566,"package_name":"concurrent-ruby","ecosystem":"rubygems","requirements":"1.1.10","direct":false,"kind":"runtime","optional":false},{"id":6876191567,"package_name":"crass","ecosystem":"rubygems","requirements":"1.0.6","direct":false,"kind":"runtime","optional":false},{"id":6876191568,"package_name":"erubi","ecosystem":"rubygems","requirements":"1.10.0","direct":false,"kind":"runtime","optional":false},{"id":6876191569,"package_name":"globalid","ecosystem":"rubygems","requirements":"1.0.0","direct":false,"kind":"runtime","optional":false},{"id":6876191570,"package_name":"i18n","ecosystem":"rubygems","requirements":"1.10.0","direct":false,"kind":"runtime","optional":false},{"id":6876191571,"package_name":"loofah","ecosystem":"rubygems","requirements":"2.19.1","direct":false,"kind":"runtime","optional":false},{"id":6876191572,"package_name":"mail","ecosystem":"rubygems","requirements":"2.7.1","direct":false,"kind":"runtime","optional":false},{"id":6876191573,"package_name":"marcel","ecosystem":"rubygems","requirements":"1.0.2","direct":false,"kind":"runtime","optional":false},{"id":6876191574,"package_name":"method_source","ecosystem":"rubygems","requirements":"1.0.0","direct":false,"kind":"runtime","optional":false},{"id":6876191575,"package_name":"mini_mime","ecosystem":"rubygems","requirements":"1.1.2","direct":false,"kind":"runtime","optional":false},{"id":6876191576,"package_name":"mini_portile2","ecosystem":"rubygems","requirements":"2.8.0","direct":false,"kind":"runtime","optional":false},{"id":6876191577,"package_name":"minitest","ecosystem":"rubygems","requirements":"5.15.0","direct":false,"kind":"runtime","optional":false},{"id":6876191578,"package_name":"nio4r","ecosystem":"rubygems","requirements":"2.5.8","direct":false,"kind":"runtime","optional":false},{"id":6876191579,"package_name":"nokogiri","ecosystem":"rubygems","requirements":"1.13.10","direct":false,"kind":"runtime","optional":false},{"id":6876191580,"package_name":"racc","ecosystem":"rubygems","requirements":"1.6.1","direct":false,"kind":"runtime","optional":false},{"id":6876191581,"package_name":"rack","ecosystem":"rubygems","requirements":"2.2.4","direct":false,"kind":"runtime","optional":false},{"id":6876191582,"package_name":"rack-test","ecosystem":"rubygems","requirements":"1.1.0","direct":false,"kind":"runtime","optional":false},{"id":6876191583,"package_name":"rails","ecosystem":"rubygems","requirements":"5.2.8","direct":false,"kind":"runtime","optional":false},{"id":6876191584,"package_name":"rails-dom-testing","ecosystem":"rubygems","requirements":"2.0.3","direct":false,"kind":"runtime","optional":false},{"id":6876191585,"package_name":"rails-html-sanitizer","ecosystem":"rubygems","requirements":"1.4.4","direct":false,"kind":"runtime","optional":false},{"id":6876191586,"package_name":"railties","ecosystem":"rubygems","requirements":"5.2.8","direct":false,"kind":"runtime","optional":false},{"id":6876191587,"package_name":"rake","ecosystem":"rubygems","requirements":"13.0.6","direct":false,"kind":"runtime","optional":false},{"id":6876191588,"package_name":"sprockets","ecosystem":"rubygems","requirements":"4.0.3","direct":false,"kind":"runtime","optional":false},{"id":6876191589,"package_name":"sprockets-rails","ecosystem":"rubygems","requirements":"3.4.2","direct":false,"kind":"runtime","optional":false},{"id":6876191590,"package_name":"thor","ecosystem":"rubygems","requirements":"1.2.1","direct":false,"kind":"runtime","optional":false},{"id":6876191591,"package_name":"thread_safe","ecosystem":"rubygems","requirements":"0.3.6","direct":false,"kind":"runtime","optional":false},{"id":6876191592,"package_name":"tzinfo","ecosystem":"rubygems","requirements":"1.2.9","direct":false,"kind":"runtime","optional":false},{"id":6876191593,"package_name":"websocket-driver","ecosystem":"rubygems","requirements":"0.7.5","direct":false,"kind":"runtime","optional":false},{"id":6876191594,"package_name":"websocket-extensions","ecosystem":"rubygems","requirements":"0.1.5","direct":false,"kind":"runtime","optional":false}]},{"ecosystem":"rubygems","filepath":"spec/bundle/unpatched_gems/Gemfile","sha":null,"kind":"manifest","created_at":"2023-01-13T14:09:03.423Z","updated_at":"2023-01-13T14:09:03.423Z","repository_link":"https://github.com/rubysec/bundler-audit/blob/master/spec/bundle/unpatched_gems/Gemfile","dependencies":[{"id":6876191595,"package_name":"activerecord","ecosystem":"rubygems","requirements":"= 3.2.10","direct":true,"kind":"runtime","optional":false}]},{"ecosystem":"rubygems","filepath":"spec/bundle/unpatched_gems/Gemfile.lock","sha":null,"kind":"lockfile","created_at":"2023-01-13T14:09:03.434Z","updated_at":"2023-01-13T14:09:03.434Z","repository_link":"https://github.com/rubysec/bundler-audit/blob/master/spec/bundle/unpatched_gems/Gemfile.lock","dependencies":[{"id":6876191596,"package_name":"activemodel","ecosystem":"rubygems","requirements":"3.2.10","direct":false,"kind":"runtime","optional":false},{"id":6876191597,"package_name":"activerecord","ecosystem":"rubygems","requirements":"3.2.10","direct":false,"kind":"runtime","optional":false},{"id":6876191598,"package_name":"activesupport","ecosystem":"rubygems","requirements":"3.2.10","direct":false,"kind":"runtime","optional":false},{"id":6876191599,"package_name":"arel","ecosystem":"rubygems","requirements":"3.0.3","direct":false,"kind":"runtime","optional":false},{"id":6876191600,"package_name":"builder","ecosystem":"rubygems","requirements":"3.0.4","direct":false,"kind":"runtime","optional":false},{"id":6876191601,"package_name":"concurrent-ruby","ecosystem":"rubygems","requirements":"1.1.7","direct":false,"kind":"runtime","optional":false},{"id":6876191602,"package_name":"i18n","ecosystem":"rubygems","requirements":"0.9.5","direct":false,"kind":"runtime","optional":false},{"id":6876191603,"package_name":"multi_json","ecosystem":"rubygems","requirements":"1.15.0","direct":false,"kind":"runtime","optional":false},{"id":6876191604,"package_name":"tzinfo","ecosystem":"rubygems","requirements":"0.3.58","direct":false,"kind":"runtime","optional":false}]},{"ecosystem":"rubygems","filepath":"spec/bundle/unpatched_gems_with_dot_configuration/Gemfile","sha":null,"kind":"manifest","created_at":"2023-01-13T14:09:03.444Z","updated_at":"2023-01-13T14:09:03.444Z","repository_link":"https://github.com/rubysec/bundler-audit/blob/master/spec/bundle/unpatched_gems_with_dot_configuration/Gemfile","dependencies":[{"id":6876191605,"package_name":"activerecord","ecosystem":"rubygems","requirements":"= 3.2.10","direct":true,"kind":"runtime","optional":false}]},{"ecosystem":"rubygems","filepath":"spec/bundle/unpatched_gems_with_dot_configuration/Gemfile.lock","sha":null,"kind":"lockfile","created_at":"2023-01-13T14:09:03.488Z","updated_at":"2023-01-13T14:09:03.488Z","repository_link":"https://github.com/rubysec/bundler-audit/blob/master/spec/bundle/unpatched_gems_with_dot_configuration/Gemfile.lock","dependencies":[{"id":6876191606,"package_name":"activemodel","ecosystem":"rubygems","requirements":"3.2.10","direct":false,"kind":"runtime","optional":false},{"id":6876191607,"package_name":"activerecord","ecosystem":"rubygems","requirements":"3.2.10","direct":false,"kind":"runtime","optional":false},{"id":6876191608,"package_name":"activesupport","ecosystem":"rubygems","requirements":"3.2.10","direct":false,"kind":"runtime","optional":false},{"id":6876191609,"package_name":"arel","ecosystem":"rubygems","requirements":"3.0.3","direct":false,"kind":"runtime","optional":false},{"id":6876191610,"package_name":"builder","ecosystem":"rubygems","requirements":"3.0.4","direct":false,"kind":"runtime","optional":false},{"id":6876191611,"package_name":"concurrent-ruby","ecosystem":"rubygems","requirements":"1.1.7","direct":false,"kind":"runtime","optional":false},{"id":6876191612,"package_name":"i18n","ecosystem":"rubygems","requirements":"0.9.5","direct":false,"kind":"runtime","optional":false},{"id":6876191613,"package_name":"multi_json","ecosystem":"rubygems","requirements":"1.15.0","direct":false,"kind":"runtime","optional":false},{"id":6876191614,"package_name":"tzinfo","ecosystem":"rubygems","requirements":"0.3.58","direct":false,"kind":"runtime","optional":false}]},{"ecosystem":"rubygems","filepath":"bundler-audit.gemspec","sha":null,"kind":"manifest","created_at":"2024-05-01T13:19:57.033Z","updated_at":"2024-05-01T13:19:57.033Z","repository_link":"https://github.com/rubysec/bundler-audit/blob/master/bundler-audit.gemspec","dependencies":[]}],"score":32.99540354759118,"created_at":"2024-12-15T21:38:08.553Z","updated_at":"2026-04-30T04:03:23.126Z","avatar_url":"https://github.com/rubysec.png","language":"Ruby","monthly_downloads":0,"readme":"# bundler-audit\n\n[![CI](https://github.com/rubysec/bundler-audit/actions/workflows/ruby.yml/badge.svg)](https://github.com/rubysec/bundler-audit/actions/workflows/ruby.yml)\n[![Code Climate](https://codeclimate.com/github/rubysec/bundler-audit.svg)](https://codeclimate.com/github/rubysec/bundler-audit)\n[![Gem Version](https://badge.fury.io/rb/bundler-audit.svg)](https://badge.fury.io/rb/bundler-audit)\n\n* [Homepage](https://github.com/rubysec/bundler-audit#readme)\n* [Issues](https://github.com/rubysec/bundler-audit/issues)\n* [Documentation](http://rubydoc.info/gems/bundler-audit/frames)\n\n## Description\n\nPatch-level verification for [bundler].\n\n## Features\n\n* Checks for vulnerable versions of gems in `Gemfile.lock`.\n* Checks for insecure gem sources (`http://` and `git://`).\n* Allows ignoring certain advisories that have been manually worked around.\n* Prints advisory information.\n* Does not require a network connection.\n\n## Synopsis\n\nAudit a project's `Gemfile.lock`:\n\n```\n$ bundle-audit\nName: actionpack\nVersion: 3.2.10\nAdvisory: OSVDB-91452\nCriticality: Medium\nURL: http://www.osvdb.org/show/osvdb/91452\nTitle: XSS vulnerability in sanitize_css in Action Pack\nSolution: update to ~\u003e 2.3.18, ~\u003e 3.1.12, \u003e= 3.2.13\n\nName: actionpack\nVersion: 3.2.10\nAdvisory: OSVDB-91454\nCriticality: Medium\nURL: http://osvdb.org/show/osvdb/91454\nTitle: XSS Vulnerability in the `sanitize` helper of Ruby on Rails\nSolution: update to ~\u003e 2.3.18, ~\u003e 3.1.12, \u003e= 3.2.13\n\nName: actionpack\nVersion: 3.2.10\nAdvisory: OSVDB-89026\nCriticality: High\nURL: http://osvdb.org/show/osvdb/89026\nTitle: Ruby on Rails params_parser.rb Action Pack Type Casting Parameter Parsing Remote Code Execution\nSolution: update to ~\u003e 2.3.15, ~\u003e 3.0.19, ~\u003e 3.1.10, \u003e= 3.2.11\n\nName: activerecord\nVersion: 3.2.10\nAdvisory: OSVDB-91453\nCriticality: High\nURL: http://osvdb.org/show/osvdb/91453\nTitle: Symbol DoS vulnerability in Active Record\nSolution: update to ~\u003e 2.3.18, ~\u003e 3.1.12, \u003e= 3.2.13\n\nName: activerecord\nVersion: 3.2.10\nAdvisory: OSVDB-90072\nCriticality: Medium\nURL: http://direct.osvdb.org/show/osvdb/90072\nTitle: Ruby on Rails Active Record attr_protected Method Bypass\nSolution: update to ~\u003e 2.3.17, ~\u003e 3.1.11, \u003e= 3.2.12\n\nName: activerecord\nVersion: 3.2.10\nAdvisory: OSVDB-89025\nCriticality: High\nURL: http://osvdb.org/show/osvdb/89025\nTitle: Ruby on Rails Active Record JSON Parameter Parsing Query Bypass\nSolution: update to ~\u003e 2.3.16, ~\u003e 3.0.19, ~\u003e 3.1.10, \u003e= 3.2.11\n\nName: activesupport\nVersion: 3.2.10\nAdvisory: OSVDB-91451\nCriticality: High\nURL: http://www.osvdb.org/show/osvdb/91451\nTitle: XML Parsing Vulnerability affecting JRuby users\nSolution: update to ~\u003e 3.1.12, \u003e= 3.2.13\n\nUnpatched versions found!\n```\n\nUpdate the [ruby-advisory-db] that `bundle audit` uses:\n\n```\n$ bundle-audit update\nUpdating ruby-advisory-db ...\nremote: Counting objects: 44, done.\nremote: Compressing objects: 100% (24/24), done.\nremote: Total 39 (delta 19), reused 29 (delta 10)\nUnpacking objects: 100% (39/39), done.\nFrom https://github.com/rubysec/ruby-advisory-db\n * branch            master     -\u003e FETCH_HEAD\nUpdating 5f8225e..328ca86\nFast-forward\n CONTRIBUTORS.md                    |  1 +\n gems/actionmailer/OSVDB-98629.yml  | 17 +++++++++++++++++\n gems/cocaine/OSVDB-98835.yml       | 15 +++++++++++++++\n gems/fog-dragonfly/OSVDB-96798.yml | 13 +++++++++++++\n gems/sounder/OSVDB-96278.yml       | 13 +++++++++++++\n gems/wicked/OSVDB-98270.yml        | 14 ++++++++++++++\n 6 files changed, 73 insertions(+)\n create mode 100644 gems/actionmailer/OSVDB-98629.yml\n create mode 100644 gems/cocaine/OSVDB-98835.yml\n create mode 100644 gems/fog-dragonfly/OSVDB-96798.yml\n create mode 100644 gems/sounder/OSVDB-96278.yml\n create mode 100644 gems/wicked/OSVDB-98270.yml\nruby-advisory-db: 64 advisories\n```\n\nUpdate the [ruby-advisory-db] and check `Gemfile.lock` (useful for CI runs):\n\n```shell\n$ bundle-audit check --update\n```\n\nChecking the `Gemfile.lock` without updating the [ruby-advisory-db]:\n\n```shell\n$ bundle-audit check --no-update\n```\n\nIgnore specific advisories:\n\n```shell\n$ bundle-audit check --ignore OSVDB-108664\n```\n\nChecking a custom `Gemfile.lock` file:\n\n```shell\n$ bundle-audit check --gemfile-lock Gemfile.custom.lock\n```\n\nOutput the audit's results in JSON:\n\n```shell\n$ bundle-audit check --format json\n```\n\nOutput the audit's results in JSON, to a file:\n\n```shell\n$ bundle-audit check --format json --output bundle-audit.json\n```\n\n## Rake Tasks\n\nBundler-audit provides `rake` tasks for checking the code and for updating\nits vulnerability database.\n\nSimply add the following code to the `Rakefile`:\n\n```ruby\nrequire 'bundler/audit/task'\nBundler::Audit::Task.new\n```\n\nThe following `rake` tasks will then become available:\n\n```\n$ rake -T\nrake bundle:audit\nrake bundle:audit:update\n```\n\n## Configuration File\n\nbundler-audit also supports a per-project configuration file:\n\n`.bundler-audit.yml`:\n\n```yaml\n---\nignore:\n  - CVE-YYYY-XXXX\n  - ...\n```\n\n* `ignore:` \\[Array\\\u003cString\\\u003e\\] - A list of advisory IDs to ignore.\n\nYou can provide a path to a config file using the `--config` flag:\n\n```shell\n$ bundle-audit check --config bundler-audit.custom.yaml\n```\n\n## Requirements\n\n* [git]\n* [ruby] \u003e= 2.0.0\n* [rubygems] \u003e= 1.8\n* [thor] ~\u003e 1.0\n* [bundler] \u003e= 1.2.0, \u003c 3\n\n## Install\n\n```shell\n$ [sudo] gem install bundler-audit\n```\n\n### Git\n\n* Debian / Ubuntu:\n\n```shell\n$ sudo apt install git\n```\n\n* RedHat / Fedora:\n\n```shell\n$ sudo dnf install git\n```\n\n* Alpine Linux:\n\n```shell\n$ apk add git\n```\n\n* macOS:\n\n```shell\n$ brew install git\n```\n\n## Contributing\n\n1. https://github.com/rubysec/bundler-audit/fork\n2. `git clone YOUR_FORK_URI`\n3. `cd bundler-audit/`\n4. `bundle install`\n5. `bundle exec rake spec`\n6. `git checkout -b YOUR_FEATURE`\n7. Make your changes\n8. `bundle exec rake spec`\n9. `git commit -a`\n10. `git push origin YOUR_FEATURE`\n\n## License\n\nCopyright (c) 2013-2024 Hal Brodigan (postmodern.mod3 at gmail.com)\n\nbundler-audit is free software: you can redistribute it and/or modify\nit under the terms of the GNU General Public License as published by\nthe Free Software Foundation, either version 3 of the License, or\n(at your option) any later version.\n\nbundler-audit is distributed in the hope that it will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\nGNU General Public License for more details.\n\nYou should have received a copy of the GNU General Public License\nalong with bundler-audit.  If not, see \u003chttps://www.gnu.org/licenses/\u003e.\n\n[git]: https://git-scm.com\n[ruby]: https://ruby-lang.org\n[rubygems]: https://rubygems.org\n[thor]: http://whatisthor.com/\n[bundler]: https://bundler.io\n\n[OSVDB]: http://osvdb.org/\n[ruby-advisory-db]: https://github.com/rubysec/ruby-advisory-db\n","funding_links":["https://github.com/sponsors/postmodern","https://github.com/sponsors/reedloden"],"readme_doi_urls":[],"works":{},"citation_counts":{},"total_citations":0,"keywords_from_contributors":["activerecord","activejob","mvc","rubygems","rspec","rack","crash-reporting","sinatra","rubocop","background-jobs"],"project_url":"https://ruby.ecosyste.ms/api/v1/projects/624","html_url":"https://ruby.ecosyste.ms/projects/624"}