bundler-audit
bundle audit, на сайте с December 09, 2022 02:51
Patch-level verification for bundler. Checks for vulnerable versions of gems in Gemfile.lock. Checks for insecure gem sources (http:// and git://). Allows ignoring certain advisories that have been manually worked around. Prints advisory information. Does not require a network connection.