2 Commits

  • fix(rules/ruby): correct brakeman flag and unify bundle-audit invocation
    Two issues from the post-merge review of #1860:
    
    1. **`brakeman --no-pager` is not a real flag.** Brakeman has no
       `--no-pager` option (that's `git` / `gh` style). It appeared in
       three locations:
       - `rules/ruby/hooks.md` L18 (bullet recommendation)
       - `rules/ruby/hooks.md` L32 (CI gate snippet)
       - `rules/ruby/security.md` L38 (dependency check snippet)
    
       Replaced with `--no-progress`, which is the closest valid option
       (suppresses the progress bar while keeping warning output —
       what hook contexts usually want). `-q` / `--no-color` would also
       be valid alternatives but `--no-progress` matches the original
       intent best.
    
    2. **`bundle-audit` invocation was inconsistent across the two
       files.** `rules/ruby/security.md` L37 used the
       `bundle audit check --update` Bundler plugin subcommand form,
       while `rules/ruby/hooks.md` L20 used the direct
       `bundle exec bundle-audit check --update` binary form.
    
       Both invoke the same `bundler-audit` gem but look different
       enough to confuse readers. Standardized on the
       `bundle exec bundle-audit` form (the portable invocation that
       works across bundler-audit gem versions without depending on the
       plugin registering a `bundle audit` subcommand).
    
    Both issues were also flagged in PR #1860 review comments (#1, #2 of
    my comprehensive review; the bundle-audit one was independently
    caught by greptile-apps and coderabbitai bots).
    
    Full test suite (`node tests/run-all.js`): 2382 passed, 0 failed.
    `markdownlint-cli` clean on both files.