I know the Ruby analyzer is listed as experimental and it is just a wrapper for bundle-audit. But I tried Dependency Check on a Ruby project and it cannot find bundle-audit even though the bin directory were it resides is in my path.
$ /c/dependency-check/bin/dependency-check.bat --project test5 --scan .
[INFO] Checking for updates
[INFO] Skipping NVD check since last check was within 4 hours.
[INFO] Check for updates complete (30 ms)
[INFO] Analysis Started
[INFO] Launching: [bundle-audit, check, --verbose] from C:\Users\username\AppDat
a\Local\Temp\dctemp517a5a91-4e49-498e-9210-fd0b6131d443
[ERROR] Exception occurred initializing Ruby Bundle Audit Analyzer.
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Skipping CPE Analysis for npm
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished Cpe Suppression Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[ERROR] Exception from bundle-audit process: java.io.IOException: Cannot run pro
gram "bundle-audit" (in directory "C:\Users\username\AppData\Local\Temp\dctemp51
7a5a91-4e49-498e-9210-fd0b6131d443"): CreateProcess error=2, The system cannot f
ind the file specified. Disabling Ruby Bundle Audit Analyzer
My PATH has the directory in it but the message above implies that bundle-audit cannot be found.
I get the same result in my GitBash shell on Windows and on the straight Windows command prompt.