Adds @bundle audit check --update@ to lints (#30069).

git-svn-id: https://svn.redmine.org/redmine/trunk@23291 e93f8b46-1217-0410-a6f0-8f06a7374b81

diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml
index 730a6e7f155ad3000270af4a6847b1cbc027f9ae..54ffd08df7e73e1128621b5c588f8b45a2d64599 100644 (file)
--- a/.github/workflows/linters.yml
+++ b/.github/workflows/linters.yml
@@ -36,4 +36,20 @@ jobs:
         run: yarn install
 
       - name: Lint CSS and SCSS files
-        run: npx stylelint "app/assets/stylesheets/**/*.css"
\ No newline at end of file
+        run: npx stylelint "app/assets/stylesheets/**/*.css"
+
+  bundle-audit:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: '3.2'
+          bundler-cache: true
+
+      - name: Run bundle-audit
+        run: bundle exec bundle audit check --update

diff --git a/Gemfile b/Gemfile
index 200d91ce1b13742ce744ea7906d1e76aa3c443dd..71412a11bb3e2681f349d11c3ffcab554d518bef 100644 (file)
--- a/Gemfile
+++ b/Gemfile
@@ -113,6 +113,7 @@ group :test do
   gem 'rubocop', '~> 1.68.0', require: false
   gem 'rubocop-performance', '~> 1.23.0', require: false
   gem 'rubocop-rails', '~> 2.27.0', require: false
+  gem 'bundle-audit', require: false
 end
 
 local_gemfile = File.join(File.dirname(__FILE__), "Gemfile.local")