From f3580dece7e515c0e07f0b83f215db3d7975a695 Mon Sep 17 00:00:00 2001
From: Jeremy Long <jeremy.long@gmail.com>
Date: Fri, 21 Jul 2017 06:35:30 -0400
Subject: [PATCH] documentation update

---
 src/site/markdown/analyzers/bundle-audit.md | 3 +++
 src/site/markdown/analyzers/index.md        | 2 +-
 src/site/markdown/analyzers/ruby-gemspec.md | 4 +++-
 3 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/site/markdown/analyzers/bundle-audit.md b/src/site/markdown/analyzers/bundle-audit.md
index a67b8a7d5..ffc899537 100644
--- a/src/site/markdown/analyzers/bundle-audit.md
+++ b/src/site/markdown/analyzers/bundle-audit.md
@@ -5,6 +5,9 @@ OWASP dependency-check includes an analyzer that will execute [bundle-audit](htt
 and include the results in the dependency-check report. This is useful for multi-language
 projects and merging the results of multiple software composition analysis tools.
 
+**NOTE** - it is important to run `bundle-audit update` occasionally to keep the bundle-audit
+database current. ATM - dependency-check does **not** perform the `bundle-audit update` automatically.
+
 ```shell
 $ sudo gem install bundler-audit
 $ bundle-audit update
diff --git a/src/site/markdown/analyzers/index.md b/src/site/markdown/analyzers/index.md
index 3155fa1ec..f7a04e9d9 100644
--- a/src/site/markdown/analyzers/index.md
+++ b/src/site/markdown/analyzers/index.md
@@ -12,7 +12,7 @@ to extract identification information from the files analyzed.
 | [NSP](./nsp-analyzer.html) | [Node Security Project](https://nodesecurity.io) is used to analyze Node.js' `package.json` files for known vulnerable packages.|
 | [Nuspec](./nuspec-analyzer.html) | Nuget package specification file (\*.nuspec) | Uses XPath to parse specification XML. |
 | [OpenSSL](./openssl.html) | OpenSSL Version Source Header File (opensslv.h) | Regex parse of the OPENSSL_VERSION_NUMBER macro definition. |
-| [Ruby bundle-audit](./bundle-audit.html) | Ruby Gemfile.lcok files | Executes bundle-audit and incorporates the results into the dependency-check report. |
+| [Ruby bundler&#8209;audit](./bundle-audit.html) | Ruby `Gemfile.lock` files | Executes bundle-audit and incorporates the results into the dependency-check report. |
 
 Experimental Analyzers
 ----------------------
diff --git a/src/site/markdown/analyzers/ruby-gemspec.md b/src/site/markdown/analyzers/ruby-gemspec.md
index ee3925782..cf6f8b570 100644
--- a/src/site/markdown/analyzers/ruby-gemspec.md
+++ b/src/site/markdown/analyzers/ruby-gemspec.md
@@ -14,6 +14,8 @@ evidence to identify any Common Platform Enumeration (CPE) identifiers that
 apply.
 
 *Note*: It is highly recommended that Ruby projects use
-[bundler-audit](https://github.com/rubysec/bundler-audit#readme).
+[bundler-audit](https://github.com/rubysec/bundler-audit#readme). It is possible
+to incorporate the results of bundle-audit into the dependency-check report(s) by
+using the [bundle-audit analyzer](./bundle-audit.html).
 
 Files Types Scanned: Rakefile, \*.gemspec
\ No newline at end of file