Web Security

On this week's video, Chris is joined by Derek to discuss web security. Tune in to learn about the available resources and tools, and some specific issues to watch out for in Rails apps. OWASP Top 10 One of the best starting points for learning ...
This is a companion discussion topic for the original entry at https://thoughtbot.com/upcase/videos/web-security

I installed the bundler-audit gem and created the rake file with the code as instructed in the show notes. But when I run rake I get this error message:

LoadError: cannot load such file -- bundler/audit/cli

Am I missing something?

thanks for your help,


Did you add bundler-audit to your Gemfile?

1 Like

Very interesting.

Instant fan of the bundle-audit gem and how you add it to the rake spec task :smile:

1 Like

@andyw8 no, the documentation only mentioned to run

gem install bundler-audiit

via the command line

I added the bundler-audit gem in my config file but when I run


all my rspec tests are running but I don’t see any bundler-audit output though.

though running


in the command line works

thanks for the advice,


The rake task will run in the context of your application bundle, so you’ll need to have bundler-audit in your Gemfile.

Overall we recommend this as adding the rake task makes bundler-audit a dev dependency, so you’ll want to have it in your Gemfile.

this is probably one of my favorite episodes this year, very good stuff