Hamburger Cross Icon
Ruby Project Guardrails - Bundler Audit Clean

Bundler Audit Clean

Guardrail Ruby Project Guardrails Beta Devex Build And Ci
ruby.bundler-audit-clean

Ensures bundler-audit reports no known vulnerabilities in the project's gem dependencies. Skips gracefully if bundler-audit has not been run. Requires the bundler-audit-cicd collector to capture audit results from CI.

bundler-audit vulnerabilities security CVE advisory
Get Started View All Ruby Project Guardrails

Compatible Integrations

This guardrail works with the following integrations. Click to see how to use Bundler Audit Clean with each collector.

+
Bundler Audit Clean + Ruby Collector Provides Ruby project metadata

Enable This Guardrail

Add the parent policy to your lunar-config.yml to enable this guardrail.

📄 lunar-config.yml 
policies:
  - uses: github://earthly/lunar-lib/policies/ruby@v1.0.5
    include: [bundler-audit-clean]
    # with: ...

How This Guardrail Works

This guardrail is part of the Ruby Project Guardrails policy. It evaluates data collected by integrations and produces a pass/fail check with actionable feedback.

When enabled, this check runs automatically on every PR and in AI coding workflows, providing real-time enforcement of your engineering standards.

Learn How Lunar Works
1
Integrations Gather Data
Collectors extract metadata from code, CI pipelines, tool outputs, and scans
2
{ } Centralized as JSON
All data merged into each component's unified metadata document
3
This Guardrail Checks Current
Bundler Audit Clean runs and provides pass/fail feedback

Configuration Options

These inputs can be configured in your lunar-config.yml to customize how the parent policy (and this guardrail) behaves.

Input Required Default Description
max_audit_vulnerabilities Optional 0 Maximum allowed known vulnerabilities from bundler-audit (0 = must be clean)
min_ruby_version Optional 3.0 Minimum required Ruby version (e.g., "3.0", "3.2")
min_ruby_version_cicd Optional 3.0 Minimum required Ruby version for CI/CD commands
min_bundler_version_cicd Optional 2.4 Minimum required Bundler version for CI/CD commands
min_rake_version_cicd Optional 13.0 Minimum required Rake version for CI/CD commands

Related Guardrails

Other guardrails in the Ruby Project Guardrails policy.

Guardrail Devex Build And Ci
Gemfile Exists

Ensures the project has a Gemfile for dependency management. Required for all Ruby projects using Bundler.
Guardrail Devex Build And Ci
Lockfile Exists

Ensures the project has a Gemfile.lock for reproducible dependency resolution. Pinned dependencies prevent unexpected...
Guardrail Devex Build And Ci
Ruby Version Set

Ensures the Ruby version is explicitly specified via a .ruby-version file or a ruby directive in the Gemfile. Pinning...
Guardrail Devex Build And Ci
Min Ruby Version

Ensures the project uses at least the minimum required Ruby version. Helps maintain security and compatibility...
Guardrail Devex Build And Ci
Min Ruby Version Cicd

Ensures the Ruby version used in CI/CD commands meets the minimum required version for build environments.
Guardrail Devex Build And Ci
Min Bundler Version Cicd

Ensures the Bundler version used in CI/CD commands meets the minimum required version. Outdated Bundler versions may...
View all 8 guardrails in Ruby Project Guardrails
Ruby Project Guardrails

Ruby Project Guardrails

This guardrail is part of the Ruby Project Guardrails policy, which includes 8 guardrails for devex build and ci.

View Policy

Ready to Automate Your Standards?

See how Lunar can turn your AGENTS.md, engineering wiki, compliance docs, or postmortem action items into automated guardrails with our 100+ built-in guardrails.

Works with any process
check AI agent rules & prompt files
check Post-mortem action items
check Security & compliance policies
check Testing & quality requirements
Automate Now
Paste your AGENTS.md or manual process doc and get guardrails in minutes
Book a Demo