Only call bundle-audit update in the Dockerfile, not from the CLI

hawkeyesec · Jun 21, 2019 · 4475998 · 4475998
1 parent c5724eb
commit 4475998
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/lib/modules/ruby-bundler-scan/__tests__/bundler-unit.js b/lib/modules/ruby-bundler-scan/__tests__/bundler-unit.js
@@ -32,7 +32,8 @@ describe('Ruby Bundler Module', () => {
 
   it('should execute command', async () => {
     await run(fm)
-    expect(exec.command).to.have.been.calledTwice
+    expect(exec.command).to.have.been.calledWith('bundle-audit')
+    expect(exec.command).to.have.been.calledOnce
   })
 
   it('should log high severity issues', async () => {

diff --git a/lib/modules/ruby-bundler-scan/index.js b/lib/modules/ruby-bundler-scan/index.js
@@ -25,7 +25,6 @@ module.exports = {
   },
   run: async fm => {
     logger.log('Updating bundler-audit database...')
-    await exec.command('bundle-audit update', { cwd: fm.target, shell: '/bin/bash' })
     const { stdout } = await exec.command('bundle-audit', { cwd: fm.target, shell: '/bin/bash' })
     const regex = {
       name: /Name: /,