Anyone attending RailsConf in Portland this year? @jaredwhite will be in attendance, so if you'd like to chat about Bridgetown or anything Ruby or webdev-related in general, look him up! 👋
We were still learning about the security issue for rubygems when yet another vulnerability was discovered: CVE-2022-29218
https://github.com/rubygems/rubygems.org/security/advisories/GHSA-2jmx-8mh8-pm8w
This time Maciel also got another excellent piece of Impact Analysis:
But big Mensfeld didn't stop there, he actually created a tool (a gem in the whole extent of the word) to help you figure out if your bundle was compromised:
https://rubygems.org/gems/bundler-integrity
Please boost this toot for visibility.
A next-generation, progressive site generator & fullstack framework, powered by Ruby.