From nobody Wed Mar 11 05:45:56 2026
X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4fW0961B8kz6Vnjy
	for <dev-commits-ports-all@mlmmj.nyi.freebsd.org>; Wed, 11 Mar 2026 05:46:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (not verified))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4fW0960Vsnz3PL4
	for <dev-commits-ports-all@FreeBSD.org>; Wed, 11 Mar 2026 05:46:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1773207962;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=e+MLSvJlIFPt96oqhpglBT1C1d472AWrWBlRHnnj0H0=;
	b=fvpfZafiXPivFgG4jGuLp0UwzGPyReexuVNZkH21AWUayk85D64us5sG3iQhSVUm8251H+
	ludRZbgTjqCrza/tZnk/ylVWZugV1IBZSIAHJPWU8VgUs5ewmmhr1Jq8zuDQU0ClTRi4EM
	nSxeW8ylW6shWqU0SwrgnTOrTQyBD818QeyRL0dAee/6GLLQUi78auamXanm5l3GlFRXcm
	qhZ2OB6qRgsnuFx2wrPpaOABuwkz+cVggQ2s9LHu2ZQBUQw0IKgiZLLKAaHnT3IVoCq2+S
	p9VfS+AUuFTOldtZANcbtPwMLtGrMo5CdYMjrU2rTPegpH4ovDK0B5wNcEfQmQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1773207962; a=rsa-sha256; cv=none;
	b=pLaopa5CftwJkkM1wfLFnroE+h17AvCWcdbnK/3zlQh8cLdIT9G0UabYgTpqvP4nBYGZ0k
	GUo8TIxiSdpTjETtBJbF8P+S/uVDptc9jrx4q3SG2qERMxre4zhpynauPEZcaMQh7gtx7N
	Xvtwb4xpwhbHZnQiAcu0p/XE0IrhQkJwMO1/D+r1O5pjPug4awtx/AHToSbY5r687xbzxT
	1Nhs1abOO5I1g4vGLuUwx623vFOlAiwBXn9V49CaGNkhjo4vw3N4pCp+hXUEXiKpaQP1JQ
	SUZ8SjFK3ADCLaA2x8iU+sofTvBDea1ucGFuSlSI7UTf7zalgvBujmfnmBKNrA==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1773207962;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=e+MLSvJlIFPt96oqhpglBT1C1d472AWrWBlRHnnj0H0=;
	b=FJ3wK6QNAbfiS1oiilm6FSC9qn7D/Z8/pjjcCZyTLda5ogJWzIYaNukspSDyuwBaxjyPyz
	h5ANvq/y1AGX/W5vJ5qs2oD/rTPFb+lOJaLM6yaDPQfCD/HgIleNKOfY9djXV4xNIct3iM
	rwxp3of2EOtAKWmCSwsuerQKydm+GMg/SGFYYpw7wnituXMiYoOLMwoOkggqR+/LXN25rO
	nv3RH4a6FzSq9tIsIEYw3noi9w+L6qiUroQmq7QSwsVpi4L3MEvKkSbdjbyI2EqUZpyTZ+
	dXew8Qh12OlTfx3GLz6wra0BSE0f1gy2oUDHBbCjv7uFjcFyxHzkmoGYYW0OFQ==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4fW09600QCzmCH
	for <dev-commits-ports-all@FreeBSD.org>; Wed, 11 Mar 2026 05:46:02 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from git (uid 1279)
	(envelope-from git@FreeBSD.org)
	id 1f4b3
	by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org);
	Wed, 11 Mar 2026 05:45:56 +0000
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org
From: Xin LI <delphij@FreeBSD.org>
Subject: git: 82d92b51c51d - main - sysutils/rubygem-bundler-audit: Add new port
List-Id: Commit messages for all branches of the ports repository <dev-commits-ports-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all
List-Help: <mailto:dev-commits-ports-all+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-ports-all@freebsd.org
Sender: owner-dev-commits-ports-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: delphij
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 82d92b51c51dd8800a0259d1c24050bfced052bd
Auto-Submitted: auto-generated
Date: Wed, 11 Mar 2026 05:45:56 +0000
Message-Id: <69b10194.1f4b3.df5bbf3@gitrepo.freebsd.org>

The branch main has been updated by delphij:

URL: https://cgit.FreeBSD.org/ports/commit/?id=82d92b51c51dd8800a0259d1c24050bfced052bd

commit 82d92b51c51dd8800a0259d1c24050bfced052bd
Author:     Xin LI <delphij@FreeBSD.org>
AuthorDate: 2026-03-11 05:44:28 +0000
Commit:     Xin LI <delphij@FreeBSD.org>
CommitDate: 2026-03-11 05:44:28 +0000

    sysutils/rubygem-bundler-audit: Add new port
    
    bundler-audit provides patch-level verification for Bundled Ruby
    applications by auditing Gemfile.lock against a database of known
    vulnerabilities.
    
    Also add rubygem-bundle-audit as a wrapper gem that depends on
    rubygem-bundler-audit, for developers who reference "bundle-audit"
    instead of "bundler-audit".
---
 sysutils/Makefile                        |  2 ++
 sysutils/rubygem-bundle-audit/Makefile   | 19 +++++++++++++++++++
 sysutils/rubygem-bundle-audit/distinfo   |  3 +++
 sysutils/rubygem-bundle-audit/pkg-descr  | 12 ++++++++++++
 sysutils/rubygem-bundler-audit/Makefile  | 23 +++++++++++++++++++++++
 sysutils/rubygem-bundler-audit/distinfo  |  3 +++
 sysutils/rubygem-bundler-audit/pkg-descr | 18 ++++++++++++++++++
 7 files changed, 80 insertions(+)

diff --git a/sysutils/Makefile b/sysutils/Makefile
index 3df7c6b545ca..cd890d38c456 100644
--- a/sysutils/Makefile
+++ b/sysutils/Makefile
@@ -1184,7 +1184,9 @@
     SUBDIR += rubygem-backup
     SUBDIR += rubygem-bolt
     SUBDIR += rubygem-bosh-gen
+    SUBDIR += rubygem-bundle-audit
     SUBDIR += rubygem-bundler
+    SUBDIR += rubygem-bundler-audit
     SUBDIR += rubygem-bundler_ext
     SUBDIR += rubygem-capistrano
     SUBDIR += rubygem-capistrano-ext
diff --git a/sysutils/rubygem-bundle-audit/Makefile b/sysutils/rubygem-bundle-audit/Makefile
new file mode 100644
index 000000000000..04222f6525cb
--- /dev/null
+++ b/sysutils/rubygem-bundle-audit/Makefile
@@ -0,0 +1,19 @@
+PORTNAME=	bundle-audit
+PORTVERSION=	0.1.0
+CATEGORIES=	sysutils rubygems
+MASTER_SITES=	RG
+
+MAINTAINER=	ruby@FreeBSD.org
+COMMENT=	Wrapper for bundler-audit security scanning tool
+WWW=		https://github.com/stewartmckee/bundle-audit
+
+LICENSE=	MIT
+LICENSE_FILE=	${WRKSRC}/LICENSE.txt
+
+RUN_DEPENDS=	rubygem-bundler-audit>=0:sysutils/rubygem-bundler-audit
+
+USES=		gem
+
+NO_ARCH=	yes
+
+.include <bsd.port.mk>
diff --git a/sysutils/rubygem-bundle-audit/distinfo b/sysutils/rubygem-bundle-audit/distinfo
new file mode 100644
index 000000000000..cac90b945a05
--- /dev/null
+++ b/sysutils/rubygem-bundle-audit/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1761959388
+SHA256 (rubygem/bundle-audit-0.1.0.gem) = c8f085920cde681ba837be69c87b08598c1a7f46f70877f1b3a1711be91a7a43
+SIZE (rubygem/bundle-audit-0.1.0.gem) = 8704
diff --git a/sysutils/rubygem-bundle-audit/pkg-descr b/sysutils/rubygem-bundle-audit/pkg-descr
new file mode 100644
index 000000000000..27e31f93dd7f
--- /dev/null
+++ b/sysutils/rubygem-bundle-audit/pkg-descr
@@ -0,0 +1,12 @@
+bundle-audit is a simple wrapper gem for bundler-audit. It was created to
+provide an easy way to include bundler-audit functionality for developers
+who might mistakenly require "bundle-audit" instead of "bundler-audit".
+
+This gem essentially just requires bundler-audit, which is the actual
+security auditing tool for Ruby applications. It provides patch-level
+verification for bundled Ruby applications by checking for known
+vulnerabilities in gem dependencies.
+
+The wrapper serves as a convenience for developers and ensures that
+both "bundle-audit" and "bundler-audit" references work correctly
+in Ruby applications that need security auditing capabilities.
diff --git a/sysutils/rubygem-bundler-audit/Makefile b/sysutils/rubygem-bundler-audit/Makefile
new file mode 100644
index 000000000000..81517ff4de4f
--- /dev/null
+++ b/sysutils/rubygem-bundler-audit/Makefile
@@ -0,0 +1,23 @@
+PORTNAME=	bundler-audit
+PORTVERSION=	0.9.3
+CATEGORIES=	sysutils rubygems
+MASTER_SITES=	RG
+
+MAINTAINER=	ruby@FreeBSD.org
+COMMENT=	Patch-level verification for Bundled apps
+WWW=		https://github.com/rubysec/bundler-audit
+
+LICENSE=	GPLv3+
+LICENSE_FILE=	${WRKSRC}/COPYING.txt
+
+RUN_DEPENDS=	rubygem-bundler>=1.15.0:sysutils/rubygem-bundler \
+		rubygem-thor>=1.0<2:devel/rubygem-thor
+
+USES=		gem
+
+NO_ARCH=	yes
+
+PLIST_FILES=	bin/bundle-audit \
+		bin/bundler-audit
+
+.include <bsd.port.mk>
diff --git a/sysutils/rubygem-bundler-audit/distinfo b/sysutils/rubygem-bundler-audit/distinfo
new file mode 100644
index 000000000000..088bd899a531
--- /dev/null
+++ b/sysutils/rubygem-bundler-audit/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1773207355
+SHA256 (rubygem/bundler-audit-0.9.3.gem) = 81c8766c71e47d0d28a0f98c7eed028539f21a6ea3cd8f685eb6f42333c9b4e9
+SIZE (rubygem/bundler-audit-0.9.3.gem) = 50176
diff --git a/sysutils/rubygem-bundler-audit/pkg-descr b/sysutils/rubygem-bundler-audit/pkg-descr
new file mode 100644
index 000000000000..a46565e74b3d
--- /dev/null
+++ b/sysutils/rubygem-bundler-audit/pkg-descr
@@ -0,0 +1,18 @@
+bundler-audit provides patch-level verification for Bundled Ruby applications.
+It audits Ruby applications for known security vulnerabilities by checking
+the application's Gemfile.lock against a database of known vulnerabilities.
+
+The tool can identify:
+- Gems with known security vulnerabilities
+- Insecure gem sources (non-HTTPS)
+- Outdated gem versions
+
+bundler-audit is an essential security tool for Ruby developers and should
+be run regularly as part of a security audit process to ensure applications
+are not vulnerable to known security issues.
+
+Key features:
+- Checks Gemfile.lock for vulnerable gems
+- Updates vulnerability database automatically
+- Integration with CI/CD pipelines
+- Command-line interface for easy automation