Bundler audit #7

	name: Bundler audit

	on:
	push:
	branches:
	- main
	- 0-10-stable
	pull_request:
	branches:
	- main
	- 0-10-stable
	workflow_dispatch: {}
	schedule:
	- cron: "0 21 * * 6"

	permissions:
	contents: read

	jobs:
	bundler-audit:
	runs-on: ubuntu-24.04

	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
	with:
	disable-sudo-and-containers: true
	egress-policy: audit

	- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
	- name: Set up Ruby
	uses: ruby/setup-ruby@ab177d40ee5483edb974554986f56b33477e21d0 # v1.265.0
	with:
	rubygems: latest
	bundler: latest
	bundler-cache: true
	- run: bin/bundle-audit update
	- run: bin/bundle-audit

Provide feedback