How a routine gem update ended up creating $73k worth of subscriptions

On November 5, 2021 (a Friday of course), we've deployed innocent-looking gem updates. Minor versions of Ruby on Rails, Ruby Sentry client, Ruby Slack client, http libraries, Puma, Devise, OmniAuth Ruby client, Mongoid, and a few test gems.However, something went very wrong.We saw odd Stripe errors on Airbrake. Then, on our Stripe account, we saw this:.
How a routine gem update ended up creating $73k worth of subscriptions #ruby #rubydeveloper #rubyonrails #gem https://rubyonrails.ba/single/how-a-routine-gem-update-ended-up-creating-73k-worth-of-subscriptions

Nezir Zahirovic

Contractor Ruby On Rails (8+ years) / MCPD .Net / C# / Asp.Net / CSS / SQL / (11 years)

related articles