How a routine gem update ended up creating $73k worth of subscriptions

On November 5, 2021 (a Friday of course), we've deployed innocent-looking gem updates. Minor versions of Ruby on Rails, Ruby Sentry client, Ruby Slack client, http libraries, Puma, Devise, OmniAuth Ruby client, Mongoid, and a few test gems.However, something went very wrong.We saw odd Stripe errors on Airbrake. Then, on our Stripe account, we saw this:.
How a routine gem update ended up creating $73k worth of subscriptions #ruby #rails #rubyonrails #bosnia #programming #tutorials #rubydeveloper #railsdeveloper

Nezir Zahirovic

Freelance software developer Ruby On Rails (6 years) / MCPD .Net / C# / Asp.Net / CSS / SQL / (11 years)

related articles