SPECIAL TOPICS
  1. You are here:Home
  2. Articles
  3. strong_password-v0-0-7-rubygem-hijacked

strong_password v0.0.7 rubygem hijacked

  • 11/07/2019
  • 1.346

I recently updated minor and patch versions of the gems our Rails app uses. We want to keep dependencies fresh, bugs fixed, security vulnerabilities addressed while maintaining a high chance of backward compatibility with our codebase. In all, it was 25 gems we’d upgrade.I went line by line linking to each library’s changeset. This due diligence never reported significant surprises to me, until this time. Most gems have a CHANGELOG.md file that describes the changes in each version. Some do not, and I had to compare by git tags or commits list (like cocoon or bcrypt gems). The jquery-rails upgrade contains a jQuery.js upgrade, so the related log was in another project.
strong_password v0.0.7 rubygem hijacked #ruby #rubydeveloper #rubyonrails https://rubyonrails.ba/single/strong_password-v0-0-7-rubygem-hijacked

RubyOnRails.BA

If you think that this shoudn't be here on the site, please contact us and we will remove it.

Read more
previous article

Making Rails run just a few tests faster

share this post
  • linkedin rubyonrails.ba
  • twitter rubyonrails.ba
  • facebook rubyonrails.ba
next article

Speeding up Initial Rendering of Rails Pages with render_async.

quiz.rubyonrails.ba
blog.rubyonrails.ba
Nezir Zahirovic

Contractor Ruby On Rails (8+ years) / MCPD .Net / C# / Asp.Net / CSS / SQL / (11 years)

related articles

Popular Post