Blogs
Long term support for Ruby on Rails 2.3, 3.2, and 4.2
After a few years of service, old versions of the Ruby on Rails framework reach end-of-life. At this point the volunteer team that maintains Rails will no longer provide security patches against criticial security incidents.When community support ...
How we found and fixed a rare race condition in our session handling - The GitHub Blog
On March 8, we shared that, out of an abundance of caution, we logged all users out of GitHub.com due to a rare security vulnerability. We believe that transparency is key in earning and keeping the trust of our users and want to share more about ...
Ruby off the Rails: Code library yanked over license blunder, sparks chaos for half a million projects
On Wednesday, Bastien Nocera, the maintainer of a software library called shared-mime-info, informed Daniel Mendler, maintainer of a Ruby library called mimemagic, which incorporates Nocera's code, that he was shipping mimemagic under an incompati...
Rails: How to Reduce Friction at the Authorization Layer
It all started so innocently. I knew that I wanted something to organize authorization for Flipper Cloud. But I wasn't sure what. Pundit? Why not.I started slapping policies in and peeling out. Over time though, I noticed the same things that I no...