Announcing Snyk CLI for Ruby, and more ways to fix Ruby vulnerabilities
Johanna Kollmann
2016年12月19日
0 分で読めますSince we launched Ruby last month, we’ve been working away on improvements. Today we’re excited to let you know about our extended support for Ruby:
Snyk’s CLI now supports both Node.js and Ruby
Fix vulnerabilities with upgrades that require modifying your Gemfile
Improved commit messages for our Node.js and Ruby pull requests
Ruby CLI
Use our Ruby CLI to test Ruby projects continuously, and monitor your dependencies for new vulnerabilities. Install the latest version of Snyk using npm install -g snyk
to try it.
Note that snyk test
and snyk monitor
are currently supported, and you can add these commands to your build system. Fixing vulnerabilities with snyk wizard
is only available for Node.js; for fixing Ruby vulnerabilities, use our GitHub integration.
Extended functionality for fixing Ruby vulnerabilities
Snyk fixes your Ruby projects by updating vulnerable dependencies in your Gemfile.lock file. We now also take your Gemfile into account, so more vulnerabilities can be detected and fixed easily!
When a fix requires a change to your Gemfile, our fix pull requests will propose these changes.
When you open a PR via Snyk.io, we will give you a heads-up when this is the case.
Improved commit messages
Alongside the Ruby work, we updated the commit messages for our fix PRs for Node.js and Ruby. All the detail you see in the PR is now included in the commit messages, and lives on in git itself. We referred to and can highly recommend the Government Digital Service’s Git style guide.