bundlerUpdateScript: don't run bundler-audit

Blocking updates on security warnings doesn't make sense; if an updated gem has dependencies with security warnings, then it's likely for the un-updated gem to have even more of them.
2023-05-31 12:38:46 -07:00 · 2023-05-31 12:38:46 -07:00 · e62118a3f9
commit e62118a3f9
parent f74369f71b
1 changed files with 2 additions and 3 deletions
--- a/pkgs/development/ruby-modules/bundler-update-script/default.nix
+++ b/pkgs/development/ruby-modules/bundler-update-script/default.nix
@ -1,11 +1,11 @@
-{ runtimeShell, lib, writeScript, bundix, bundler, bundler-audit, coreutils, git, nix }:
+{ runtimeShell, lib, writeScript, bundix, bundler, coreutils, git, nix }:

 attrPath:

 let
  updateScript = writeScript "bundler-update-script" ''
    #!${runtimeShell}
-    PATH=${lib.makeBinPath [ bundler bundler-audit bundix coreutils git nix ]}
+    PATH=${lib.makeBinPath [ bundler bundix coreutils git nix ]}
    set -o errexit
    set -o nounset
    set -o pipefail
@ -19,7 +19,6 @@ let
    cd "$gemdir"

    bundler lock --update
-    bundler-audit check --update
    bundix
  '';
 in [ updateScript attrPath ]