I'm not sure how it compares with Octotrack, but we've been using bundler-audit[1] for similar security checks in our dependencies. Here's a sample Dockerfile[2] for running bundler-audit against your Gemfile and Gemfile.lock
Hi Andrew, I was also a bundler-audit user myself. Unfortunately bundler-audit only provides information about security vulnerabilities and does not help you keep your dependencies updated.
With Octotrack you'll receive an email digest every morning informing you of the latest updates of the gems you use as well as possible vulnerabilities recently discovered.
Please let me know if this is valuable information for you.
With Octotrack you'll receive an email digest every morning informing you of the latest updates of the gems you use as well as possible vulnerabilities recently discovered.
Please let me know if this is valuable information for you.
Thank you very much for your feedback.