How a routine gem update ended up creating $73k worth of subscriptions
On November 5, 2021 (a Friday of course), we've deployed innocent-looking gem updates. Minor versions of Ruby on Rails, Ruby Sentry client, Ruby Slack client, http libraries, Puma, Devise, OmniAuth Ruby client, Mongoid, and a few test gems.However, something went very wrong.We saw odd Stripe errors on Airbrake. Then, on our Stripe account, we saw this:.
How a routine gem update ended up creating $73k worth of subscriptions #ruby #rubydeveloper #rubyonrails #gem