From 904d6ec51585b5bd9e7f8c0e43c52dc8c19fcb8e Mon Sep 17 00:00:00 2001
From: MC <mc@beansmile.com>
Date: Thu, 25 Jul 2019 15:40:19 +0800
Subject: [PATCH] feat: add audit options

---
 README.md                   | 7 +++++++
 lib/tasks/code_quality.rake | 4 +++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 8eb9228..328a205 100644
--- a/README.md
+++ b/README.md
@@ -90,6 +90,13 @@ output example:
 
 ![](doc/imgs/code_quality_security_audit_failed_example.png)
 
+#### options for security_audit:
+
+```
+# e.g.: code_quality security_audit bundler_audit_options="--ignore CVE-2015-9284"
+# options:
+#   bundler_audit_options: pass extract options, e.g.: bundler_audit_options="--ignore CVE-2015-9284 --verbose"
+```
 
 #### work with CI
 
diff --git a/lib/tasks/code_quality.rake b/lib/tasks/code_quality.rake
index bb87b35..0c5ba88 100644
--- a/lib/tasks/code_quality.rake
+++ b/lib/tasks/code_quality.rake
@@ -36,9 +36,11 @@ namespace :code_quality do
 
     desc "bundler audit"
     task :bundler_audit => :prepare do |task|
+      options = options_from_env(:bundler_audit_options)
+
       run_audit task, "bundler audit - checks for vulnerable versions of gems in Gemfile.lock" do
         # Update the ruby-advisory-db and check Gemfile.lock
-        report = `bundle audit check --update`
+        report = `bundle audit check --update #{options[:bundler_audit_options]}`
         @report_path = "#{report_dir}/bundler-audit-report.txt"
         File.open(@report_path, 'w') {|f| f.write report }
         puts report