From a952cd67c5fca1476d244c3675a0344f5e5a2d9f Mon Sep 17 00:00:00 2001
From: Alessandro Rodi <alessandro.rodi@renuo.ch>
Date: Mon, 10 Mar 2025 08:34:52 +0100
Subject: [PATCH] Add skip_bundle_audit option

---
 railties/lib/rails/generators/app_base.rb                    | 4 ++++
 railties/lib/rails/generators/rails/app/app_generator.rb     | 2 +-
 railties/lib/rails/generators/rails/app/templates/Gemfile.tt | 2 ++
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/railties/lib/rails/generators/app_base.rb b/railties/lib/rails/generators/app_base.rb
index 2dac1700926d8..3121328fd6136 100644
--- a/railties/lib/rails/generators/app_base.rb
+++ b/railties/lib/rails/generators/app_base.rb
@@ -388,6 +388,10 @@ def skip_asset_pipeline? # :doc:
         options[:skip_asset_pipeline]
       end
 
+      def skip_bundle_audit?
+        options[:skip_bundle_audit]
+      end
+
       def skip_thruster?
         options[:skip_thruster]
       end
diff --git a/railties/lib/rails/generators/rails/app/app_generator.rb b/railties/lib/rails/generators/rails/app/app_generator.rb
index 12f4c77355847..b1a193fe29c3f 100644
--- a/railties/lib/rails/generators/rails/app/app_generator.rb
+++ b/railties/lib/rails/generators/rails/app/app_generator.rb
@@ -177,7 +177,7 @@ def config_when_updating
         remove_file "config/initializers/cors.rb"
       end
 
-      if !bundle_audit_config_exist
+      if !skip_bundle_audit? && !bundle_audit_config_exist
         template "config/bundler-audit.yml"
       end
 
diff --git a/railties/lib/rails/generators/rails/app/templates/Gemfile.tt b/railties/lib/rails/generators/rails/app/templates/Gemfile.tt
index a93a298a3f838..8a4074605576f 100644
--- a/railties/lib/rails/generators/rails/app/templates/Gemfile.tt
+++ b/railties/lib/rails/generators/rails/app/templates/Gemfile.tt
@@ -55,8 +55,10 @@ group :development, :test do
   # See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem
   gem "debug", platforms: %i[ mri windows ], require: "debug/prelude"
 
+  <%- unless skip_bundle_audit? -%>
   # Audits gems for known security defects (use config/bundler-audit.yml to ignore issues)
   gem "bundler-audit", require: false
+  <%- end -%>
 <%- unless options.skip_brakeman? -%>
 
   # Static analysis for security vulnerabilities [https://brakemanscanner.org/]