Audits / Decidim

Decidim

Participatory democracy platform. 2k+ stars. · github.com/decidim/decidim · Audited 2026-05-25
85
/ 100
Rails version gap
18
Outdated gems
1
Security-critical outdated
1
Known CVEs
Versions
Rails
8.1.3
✓ Up to date (latest: 8.1.3)
Ruby
3.4.7
Good — Ruby 3.3+
Gem Health
Up to date
192
Outdated (cosmetic)
17
Outdated (security)
1
Total gems in lockfile: 210
Known CVEs in Lockfile
CVE ID Severity Gem Description
CVE-2024-32464 medium actiontext Possible XSS via content-type bypass in attachments
Recommended Next Step
🔧 Action Required

Patch actiontext CVE immediately. Run bundler-audit in CI. 17 cosmetic updates can batch.

Want this for your Rails app?

Keepalive runs this scanner continuously against your private codebase and alerts you when something needs attention.

✓ You're in. We'll reach out when Keepalive opens up.

How this was generated: Keepalive fetched the public Gemfile.lock from github.com/decidim/decidim and ran its Rails health scanner — checking versions against latest stable releases, counting outdated gems, and cross-referencing CVEs. Audited 2026-05-25. ← View all audits