A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
Another day, another reminder to be careful about installing software downloaded from the Internet: This time, the warning is for the Ruby community. The team behind RubyGems.org closed two security ...
Frustration spread among the maintainers, especially as they themselves were working on improvements to governance, which were abruptly interrupted by the incident. Shortly before the takeover, Martin ...
The RubyGems package repository has fixed a critical vulnerability that would allow anyone to unpublish ("yank") certain Ruby packages from the repository and republish their tainted or malicious ...
Ruby Central, a non-profit organization that manages a package management system for Ruby, has expelled the maintainer of a related system called RubyGems, sparking controversy over a 'takeover.' A ...
Below is a copy and paste of a PDF written by a maintainer named Ellen Dash about the RubyGems controversy, written by a Hacker News user. Ellen, who has been a member of the Ruby community since she ...
Volunteers at RubyGems.org are scrambling to recover the software repository after it was compromised yesterday. An unknown user uploaded a malicious code package to RubyGems that executed on its ...
RubyGems patched an unsafe object deserialization vulnerability this week that could have allowed attackers to remotely execute code on vulnerable systems. RubyGems, a package of software tools that ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results