Ruby support in FOSSA CLI depends on the following tools existing in your environment:
- Ruby (defaults to
ruby, configure with$FOSSA_RUBY_BINARY) - Gem (defaults to
gem, configure with$GEM_BINARY) - Bundler (defaults to
bundle, configure with$FOSSA_BUNDLER_CMD)
Run fossa init to walk the file tree and detect all directories which contain a valid Gemfile to create corresponding modules.
Add a module with type: gem, and target and path set to the root of the Ruby project.
analyze:
modules:
- name: your-ruby-project
type: gem
target: .
path: .| Option | Type | Name | Common Use Case |
|---|---|---|---|
strategy |
string | Strategy | Specify a Ruby analysis strategy. |
gemfile-lock-path |
string | Lockfile Path | Specify a custom Gemfile.lock file. |
Manually specify the python analysis strategy to be used. Supported options:
list: Runbundler listand create a dependency graph based from the output.lockfile: Analyze theGemfile.lockfile to create a dependency graph.list-lockfile: CompareGemfile.lockwith the output frombundler listand use dependencies found in both to create a dependency graph. Note, if this strategy is specified, bothGemfile.lockandbundler listare required to create a dependency graph.
Default: list-lockfile
Specify the location of a Gemfile.lock file located outside of the project's root directory or a custom named file.
Example:
gemfile-lock-path: config/Gemfile.lockFossa analysis for ruby by default attempts to compare the Gemfile.Lock file to the output of bundler list and takes the intersection of dependencies found. If fossa fails to access either of these it will fallback to using the one which succeeds and using all dependencies to create a dependency graph.