Project

General

Profile

Actions

Feature #5548

closed

We have no way of knowing if our gems are outdated or have security vulnerabilities

Added by David Davis almost 10 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Difficulty:
Triaged:
Yes
Fixed in Releases:
Found in Releases:

Description

Gemnasium (www.gemnasium.com) will tell us if we have outdated gems. It also notifies us if those gems have security patches.


Related issues 1 (1 open0 closed)

Related to Foreman - Feature #5551: Build out gemnasium (rake task, package.json, etc)NewDavid Davis05/02/2014Actions
Actions #1

Updated by David Davis almost 10 years ago

  • Subject changed from Add gemnasium to We have no way of knowing if our gems are outdated or have security vulnerabilities
Actions #2

Updated by David Davis almost 10 years ago

My proposal would be:

1. Lock down non-foreman gem requirements to match RPMs
2. If gemnasium says our gems are out-of-date, update the gem requirement AND the gem rpm

At the very least, gemnasium should tell us if our gems are out of date or have security vunerabilities.

Actions #3

Updated by David Davis almost 10 years ago

  • Related to Feature #5551: Build out gemnasium (rake task, package.json, etc) added
Actions #4

Updated by David Davis almost 10 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

Applied in changeset katello|commit:20da003e2cf01daffd7f01bb3a3918514b7985a1.

Actions #5

Updated by Eric Helms almost 10 years ago

  • Target version set to 44
Actions #6

Updated by Eric Helms over 9 years ago

  • translation missing: en.field_release set to 13
Actions

Also available in: Atom PDF