10 Jun 2020
May 2020 RubyGems Updates
Welcome to the RubyGems monthly update! As part of our efforts at Ruby Together, we publish a recap of the work that we’ve done the previous month. Read on to find out what updates were made to RubyGems and RubyGems.org in May.
This month, we refactored the spec suite to be faster and collated changes that will be shipped in the next bundler release. We fixed an activation issue on old versions of Bundler. We’ve fixed several regressions in RubyGems custom
require and made specific tests work when running from ruby-core (thanks @deivid-rodriguez). We revisited a bunch of old PRs and work from the old repo, and got it ready to merge into the new repo.
In May, we worked on reviewing several fixes on rubygems.org that, once deployed, will unblock the next bundler release. We’ve also done work on refining the upcoming release, handling some deprecation message issues, and a few problems with the integration with ruby-core. We investigated Honeybadger reports and created PRs to fix all of them. RubyGems.org saw several bug fixes and updates this month, some of which include the following:
- ran rake task to delete extraneous dependencies locally and update tasks to update version info_checksum.
- verified feasibility of using updated_at column to order versions for the generation of versions.list file.
- added original_script_name to kaminari params blacklist, which prevents XSS and unintended URL redirect.
- updated rack-attack tests and config to fix dependency update build.
- resolved tickets on help.rubygems.org
- added rake task to update check of version with multi ruby/rubyGems. rubygems/rubygems.org#2370
- verified compact_index update and running rake task don’t introduce new mismatches
- updated compact_index to remove whitespace change and released a new version.
- debug checksum mismatch due to incomplete SQL ordering and unresolved dependencies
- worked on PR to fix SQL ordering of dependencies in info and update correct_info_checksum rake task. rubygems/rubygems.org#2374
- fixed rack attack failing tests due to merge issues. rubygems/rubygems.org#2369
- restarted work on moving RubyGems.org ‘s CI to Github Actions
We continue to attend to tickets, update dependencies, and review patches and PRs on RubyGems.org.
Learn more about contributing to RubyGems by visiting the RubyGems Contributing Guide. We welcome all kinds of contributions, including bug fixes, feature implementation, writing and updating documentation, and bug triage.