jfrog-cli icon indicating copy to clipboard operation
jfrog-cli copied to clipboard

Published 20 hours ago verified publisher icon jfrog

jf audit support for rubygems

Open naveen2097 opened this issue 1 year ago • 1 comments

As part of the shift left security, one of our customers wants to utilize the jf audit command to scan Xray-supported packages. Among this, they are keenly interested in scanning rubygems packages.

From this documentation, I see that support for RubyGems is missing.

Internal JFrog Support Ticket # 256930

naveen2097 avatar Jun 30 '23 12:06 naveen2097

Please promote this up. We 100% need this. The alternative scan does not offer any help:

jf scan --fixable-only --watches 'watch-default' vendor/bundle/ruby/3.1.0/cache/*.gem

it responds with no vulnerabilities and i have heavy doubts this to be true based on how old the projects our company works on.

alexanderjohn avatar Mar 07 '24 22:03 alexanderjohn