Secure, optimize, and understand your Ruby project
Ruby development is elegant—until your Gemfile.lock turns into a tangled mess of outdated, insecure, or bloated gems. Developers are often left wondering:
- Is any gem introducing security vulnerabilities?
- Are we relying on abandoned or deprecated gems?
- How bloated or inefficient is our dependency tree?
- Is there a better alternative that boosts performance or reliability?
Tools like bundler-audit and dependabot offer partial insights. Orion goes further. It gives you a complete, actionable picture of your project—so you can build safer, faster Ruby applications.
| Feature | Description |
|---|---|
| 🔐 Security Scanning | Detect CVEs using trusted vulnerability databases (e.g. rubysec). |
| 🧠 Gem Health Check | Identify outdated or unmaintained gems and recommend better-maintained alternatives. |
| 🌐 Dependency Graphing | Visualize your entire dependency tree (CLI ASCII or exportable formats). |
| ⚡ Performance Insights | Analyze memory/load-time performance and flag bottleneck gems. |
| 🧹 Automated Fixes | Automatically upgrade vulnerable gems and clean up unused dependencies. |
| 📊 Customizable Reports | Quick overviews or deep-dive audits tailored to your needs. |
| 🔎 Code Quality Scanner | Lint your codebase, catch potential security flaws, and track metrics via a single CLI. |
📦 Analyze gem dependencies for health, vulnerabilities, and bloat
Options:
-lockfile=PATH(default:./Gemfile.lock)-format=json|table(default:table)-include-dev
What It Does:
- Scans gems for:
- CVEs (via RubySec)
- Staleness / abandonware
- Popularity / health
- Bloat / unused
- Outputs actionable suggestions
🧹 Run code quality checks and detect security/linting issues
Options:
-path=PATH(default:./)-format=json|table-profile-fix
What It Does:
- Lints your code
- Optionally profiles performance
- Highlights risky or inefficient patterns
🌐 Visualize your full gem dependency graph
Options:
-export=graph.png|graph.dot-highlight-vulnerable-depth=NUM
What It Does:
- ASCII or visual dependency tree
- Highlights vulnerabilities, stale gems, unused gems
🛠 Apply safe fixes for known issues
Options:
-update-vulnerable-remove-unused-dry-run-commit
What It Does:
- Auto-upgrades vulnerable gems
- Removes unused ones
- Creates a branch and commits changes
🧾 Output a consolidated audit report from previous analyses
Options:
-type=gems|code|full-output=report.md|report.json-open
What It Does:
- Aggregates analysis results
- Saves markdown/JSON reports
- CI/CD friendly