ECS BUNDLER - TrustSource integration for Ruby
ECS BUNDLER automates scanning of dependencies of your software. The result will be transferred to the TrustSource platform using a TrustSource API-key. There you may analyze the legal impacts, let them be assessed for known vulnerabilities or manage the components. See https://app.trustsource.io for more details.
WHAT DOES ECS BUNDLER DO?
This command line utility can be used to scan the build description for all components used in your module. The information gathered will be transferred to TrustSource platform where you may assess the legal suitability based on harvested information about tools, licenses and vulnerabilities.
The scanner transfers the BOM only. No Code.
The scanner can be intergrated with our Jenkins Plugin (see https://github.com/eacg-gmbh/ecs-jenkins) and further CI solutions. See here for the most recent list of integrations available.
HOW TO INSTALL?
Add this line to your application's Gemfile:
And then execute:
Or install it yourself as:
$ gem install ecs_bundler
This is the initial version.