FreeBSD Mail Archives

Date:      Wed, 11 Mar 2026 05:45:56 +0000
From:      Xin LI <delphij@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org
Subject:   git: 82d92b51c51d - main - sysutils/rubygem-bundler-audit: Add new port
Message-ID:  <69b10194.1f4b3.df5bbf3@gitrepo.freebsd.org>

index | next in thread | raw e-mail


The branch main has been updated by delphij:

URL: https://cgit.FreeBSD.org/ports/commit/?id=82d92b51c51dd8800a0259d1c24050bfced052bd

commit 82d92b51c51dd8800a0259d1c24050bfced052bd
Author:     Xin LI <delphij@FreeBSD.org>
AuthorDate: 2026-03-11 05:44:28 +0000
Commit:     Xin LI <delphij@FreeBSD.org>
CommitDate: 2026-03-11 05:44:28 +0000

    sysutils/rubygem-bundler-audit: Add new port
    
    bundler-audit provides patch-level verification for Bundled Ruby
    applications by auditing Gemfile.lock against a database of known
    vulnerabilities.
    
    Also add rubygem-bundle-audit as a wrapper gem that depends on
    rubygem-bundler-audit, for developers who reference "bundle-audit"
    instead of "bundler-audit".
---
 sysutils/Makefile                        |  2 ++
 sysutils/rubygem-bundle-audit/Makefile   | 19 +++++++++++++++++++
 sysutils/rubygem-bundle-audit/distinfo   |  3 +++
 sysutils/rubygem-bundle-audit/pkg-descr  | 12 ++++++++++++
 sysutils/rubygem-bundler-audit/Makefile  | 23 +++++++++++++++++++++++
 sysutils/rubygem-bundler-audit/distinfo  |  3 +++
 sysutils/rubygem-bundler-audit/pkg-descr | 18 ++++++++++++++++++
 7 files changed, 80 insertions(+)

diff --git a/sysutils/Makefile b/sysutils/Makefile
index 3df7c6b545ca..cd890d38c456 100644
--- a/sysutils/Makefile
+++ b/sysutils/Makefile
@@ -1184,7 +1184,9 @@
     SUBDIR += rubygem-backup
     SUBDIR += rubygem-bolt
     SUBDIR += rubygem-bosh-gen
+    SUBDIR += rubygem-bundle-audit
     SUBDIR += rubygem-bundler
+    SUBDIR += rubygem-bundler-audit
     SUBDIR += rubygem-bundler_ext
     SUBDIR += rubygem-capistrano
     SUBDIR += rubygem-capistrano-ext
diff --git a/sysutils/rubygem-bundle-audit/Makefile b/sysutils/rubygem-bundle-audit/Makefile
new file mode 100644
index 000000000000..04222f6525cb
--- /dev/null
+++ b/sysutils/rubygem-bundle-audit/Makefile
@@ -0,0 +1,19 @@
+PORTNAME=	bundle-audit
+PORTVERSION=	0.1.0
+CATEGORIES=	sysutils rubygems
+MASTER_SITES=	RG
+
+MAINTAINER=	ruby@FreeBSD.org
+COMMENT=	Wrapper for bundler-audit security scanning tool
+WWW=		https://github.com/stewartmckee/bundle-audit
+
+LICENSE=	MIT
+LICENSE_FILE=	${WRKSRC}/LICENSE.txt
+
+RUN_DEPENDS=	rubygem-bundler-audit>=0:sysutils/rubygem-bundler-audit
+
+USES=		gem
+
+NO_ARCH=	yes
+
+.include <bsd.port.mk>
diff --git a/sysutils/rubygem-bundle-audit/distinfo b/sysutils/rubygem-bundle-audit/distinfo
new file mode 100644
index 000000000000..cac90b945a05
--- /dev/null
+++ b/sysutils/rubygem-bundle-audit/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1761959388
+SHA256 (rubygem/bundle-audit-0.1.0.gem) = c8f085920cde681ba837be69c87b08598c1a7f46f70877f1b3a1711be91a7a43
+SIZE (rubygem/bundle-audit-0.1.0.gem) = 8704
diff --git a/sysutils/rubygem-bundle-audit/pkg-descr b/sysutils/rubygem-bundle-audit/pkg-descr
new file mode 100644
index 000000000000..27e31f93dd7f
--- /dev/null
+++ b/sysutils/rubygem-bundle-audit/pkg-descr
@@ -0,0 +1,12 @@
+bundle-audit is a simple wrapper gem for bundler-audit. It was created to
+provide an easy way to include bundler-audit functionality for developers
+who might mistakenly require "bundle-audit" instead of "bundler-audit".
+
+This gem essentially just requires bundler-audit, which is the actual
+security auditing tool for Ruby applications. It provides patch-level
+verification for bundled Ruby applications by checking for known
+vulnerabilities in gem dependencies.
+
+The wrapper serves as a convenience for developers and ensures that
+both "bundle-audit" and "bundler-audit" references work correctly
+in Ruby applications that need security auditing capabilities.
diff --git a/sysutils/rubygem-bundler-audit/Makefile b/sysutils/rubygem-bundler-audit/Makefile
new file mode 100644
index 000000000000..81517ff4de4f
--- /dev/null
+++ b/sysutils/rubygem-bundler-audit/Makefile
@@ -0,0 +1,23 @@
+PORTNAME=	bundler-audit
+PORTVERSION=	0.9.3
+CATEGORIES=	sysutils rubygems
+MASTER_SITES=	RG
+
+MAINTAINER=	ruby@FreeBSD.org
+COMMENT=	Patch-level verification for Bundled apps
+WWW=		https://github.com/rubysec/bundler-audit
+
+LICENSE=	GPLv3+
+LICENSE_FILE=	${WRKSRC}/COPYING.txt
+
+RUN_DEPENDS=	rubygem-bundler>=1.15.0:sysutils/rubygem-bundler \
+		rubygem-thor>=1.0<2:devel/rubygem-thor
+
+USES=		gem
+
+NO_ARCH=	yes
+
+PLIST_FILES=	bin/bundle-audit \
+		bin/bundler-audit
+
+.include <bsd.port.mk>
diff --git a/sysutils/rubygem-bundler-audit/distinfo b/sysutils/rubygem-bundler-audit/distinfo
new file mode 100644
index 000000000000..088bd899a531
--- /dev/null
+++ b/sysutils/rubygem-bundler-audit/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1773207355
+SHA256 (rubygem/bundler-audit-0.9.3.gem) = 81c8766c71e47d0d28a0f98c7eed028539f21a6ea3cd8f685eb6f42333c9b4e9
+SIZE (rubygem/bundler-audit-0.9.3.gem) = 50176
diff --git a/sysutils/rubygem-bundler-audit/pkg-descr b/sysutils/rubygem-bundler-audit/pkg-descr
new file mode 100644
index 000000000000..a46565e74b3d
--- /dev/null
+++ b/sysutils/rubygem-bundler-audit/pkg-descr
@@ -0,0 +1,18 @@
+bundler-audit provides patch-level verification for Bundled Ruby applications.
+It audits Ruby applications for known security vulnerabilities by checking
+the application's Gemfile.lock against a database of known vulnerabilities.
+
+The tool can identify:
+- Gems with known security vulnerabilities
+- Insecure gem sources (non-HTTPS)
+- Outdated gem versions
+
+bundler-audit is an essential security tool for Ruby developers and should
+be run regularly as part of a security audit process to ensure applications
+are not vulnerable to known security issues.
+
+Key features:
+- Checks Gemfile.lock for vulnerable gems
+- Updates vulnerability database automatically
+- Integration with CI/CD pipelines
+- Command-line interface for easy automation

home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69b10194.1f4b3.df5bbf3>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation