How to read the information of a given Commit

bundle-audit.json: This file contains audit information in JSON format

report.txt: In a text format it is described which vulnerabilities have been detected

update-info.txt: Contains Information as of which date the vulnerabilities database is that has been used to perform the checks.

What is being checked and how?

The application being checked is Xalimo Teamplay which is a Rails application provided by a docker image. Basis for the check is the set of used packages (called Gems). These are being tested against a constantantly updated database of know vulnerabilities.