- title: "bundler-audit Dependency Scanning tool" announcement_milestone: "14.8" announcement_date: "2022-02-22" removal_milestone: "15.0" removal_date: "2022-05-22" breaking_change: true reporter: sam.white body: | # Do not modify this line, instead modify the lines below. We are removing bundler-audit from Dependency Scanning on May 22, 2022 in 15.0. After this removal, Ruby scanning functionality will not be affected as it is still being covered by Gemnasium. If you have explicitly excluded bundler-audit using the `DS_EXCLUDED_ANALYZERS` variable, then you will be able to remove the reference to bundler-audit. If you have customized your pipeline’s Dependency Scanning configuration related to the `bundler-audit-dependency_scanning` job, then you will want to switch to `gemnasium-dependency_scanning`. If you have not used the `DS_EXCLUDED_ANALYZERS` to reference bundler-audit or customized your template specifically for bundler-audit, you will not need to take any action. stage: secure issue_url: "https://gitlab.com/gitlab-org/gitlab/-/issues/347491"