github.com/joey-fossa/fossa-cli@v0.7.34-0.20190708193710-569f1e8679f0/docs/integrations/ruby.md

github.com/joey-fossa/fossa-cli@v0.7.34-0.20190708193710-569f1e8679f0/docs/integrations/ruby.md (about)

     1  # Ruby
     2  
     3  ## Support
     4  
     5  Ruby support in FOSSA CLI depends on the following tools existing in your environment:
     6  
     7  - Ruby (defaults to `ruby`, configure with `$FOSSA_RUBY_BINARY`)
     8  - Gem (defaults to `gem`, configure with `$GEM_BINARY`)
     9  - Bundler (defaults to `bundle`, configure with `$FOSSA_BUNDLER_CMD`)
    10  
    11  ## Configuration
    12  
    13  ### Automatic
    14  
    15  Run `fossa init` to walk the file tree and detect all directories which contain a valid `Gemfile` to create corresponding modules.
    16  
    17  ### Manual
    18  
    19  Add a module with `type: gem`, and `target` and `path` set to the root of the Python project.
    20  
    21  ```yaml
    22  analyze:
    23    modules:
    24      - name: your-ruby-project
    25        type: gem
    26        target: .
    27        path: .
    28  ```
    29  
    30  ## Options
    31  
    32  | Option              |  Type  | Name                                     | Common Use Case                       |
    33  | ------------------- | :----: | ---------------------------------------- | ------------------------------------- |
    34  | `strategy`          | string | [Strategy](#strategy-string)          | Specify a Ruby analysis strategy.     |
    35  | `gemfile-lock-path` | string | [Lockfile Path](#requirements-string) | Specify a custom `Gemfile.lock` file. |
    36  
    37  #### `strategy: <string>`
    38  
    39  Manually specify the python analysis strategy to be used. Supported options:
    40  - `list`: Run `bundler list` and create a dependency graph based from the output.
    41  - `lockfile`: Analyze the `Gemfile.lock` file to create a dependency graph.
    42  - `list-lockfile`: Compare `Gemfile.lock` with the output from `bundler list` and use dependencies found in both to create a dependency graph. Note, if this strategy is specified, both `Gemfile.lock` and `bundler list` are required to create a dependency graph.
    43  
    44  Default: `list-lockfile`
    45  
    46  #### `gemfile-lock-path: <string>`
    47  
    48  Specify the location of a `Gemfile.lock` file located outside of the project's root directory or a custom named file.
    49  
    50  Example:
    51  ```yaml
    52      gemfile-lock-path: config/Gemfile.lock
    53  ```
    54  
    55  ## Analysis
    56  
    57  Fossa analysis for ruby by default attempts to compare the `Gemfile.Lock` file to the output of `bundler list` and takes the intersection of dependencies found. If fossa fails to access either of these it will fallback to using the one which succeeds and using all dependencies to create a dependency graph.