mirror of
https://github.com/aquasecurity/trivy.git
synced 2025-12-22 15:16:33 -08:00
a4e981b4ec
* docs: add coverage * add more pages * add dart, dotnet, elixir languages. * add C, ruby, cocoapods. Update links * rename headers for dart and elixir * docs: add Google Distroless and Photon OS * docs: add IaC * docs: put vulnerability into a single page * fixed broken links * docs: add coverage overview * update some links * add note about arch for Rocky linux * docs: fix typo * fix typo * docs: add footnotes * docs: add a link to coverage in the license section * docs: add a conversion table * docs: get aligned --------- Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
1.3 KiB
1.3 KiB
Ruby
Trivy supports Bundler and RubyGems. The following scanners are supported for Cargo.
| Package manager | SBOM | Vulnerability | License |
|---|---|---|---|
| Bundler | ✓ | ✓ | - |
| RubyGems | ✓ | ✓ | ✓ |
The following table provides an outline of the features Trivy offers.
| Package manager | File | Transitive dependencies | Dev dependencies | Dependency graph | Position |
|---|---|---|---|---|---|
| Bundler | Gemfile.lock | ✓ | Included | ✓ | ✓ |
| RubyGems | .gemspec | - | Included | - | - |
Bundler
Trivy searches for Gemfile.lock to detect dependencies.
RubyGems
.gemspec files doesn't contains transitive dependencies. You need to scan each .gemspec file separately.