15 Jul 2020
June 2020 RubyGems Updates
Welcome to the RubyGems monthly update! As part of our efforts at Ruby Together, we publish a recap of the work that we’ve done the previous month. Read on to find out what updates were made to RubyGems and RubyGems.org in June.
We also worked on synchronizing the latest versions of both libraries with ruby-core, and fixed issues that came up. We also enforced our ruby-core workflow to try to prevent further tedious integrations with ruby-core in the future by catching issues early and minimizing the back and forth of patches between upstream and downstream.
We changed bundler specs to raise by default when any subcommand fails. This action helped reveal two bugs (which we of course, fixed!). We’ve adapted bundler release tasks to a new repository layout and now have the changelog draft up-to-date.
We’ve also implemented a fix to stop soft-validating gemspecs (e.g. giving validations that only warn) except for in gem-authoring contexts. We also added a slack notification to the maintainers channel that triggers whenever the
ruby-head builds starts failing. We simplified our CI Workflows and did some final cleanup PRs related to CI failures on
Outside of these major highlights, we continue to fix bugs, review PRs, improve our documentation, cleanup test suites, and continue our usual ongoing maintenance.
This month, we added terraform module for RDS monitors and added alerts on
shipit instances. We followed up with fixes on RubyGems.org that have now been deployed and verified! We also debugged failed delayed jobs in production and created a fix for issues we found with regex validation with user email. rubygems/rubygems.org/pull/2406 rubygems/rubygems.org/pull/2388
In addition to that, We made a PR to send mail update confirmation when a user changes their email address, added a RubyGems.org guide for rate limits, and made the following improvements:
- increased Strict-Transport-Security max-time to ensure HTTPS-only access
- updated rake task to remove duplicate runtime dependencies
ran rake tasks related to
compact_indexwhich enabled bundler to make fewer requests to our server when installing some gems and fixed install of gems with multiple Ruby or Rubygems requirements
updated correct checksum task to use non-caching info_checksum calc, rerun the task, and expire info cache of gems changed from production
- updated and deployed rate limit changes to fix merge conflict and use test helpers. rubygems.org#2330
- reset a few leaked API keys and send mail to affected users
As always, we continued to fix bugs, and provide help on help.rubygems.org and ongoing support work.
Learn more about contributing to RubyGems by visiting the RubyGems Contributing Guide. We welcome all kinds of contributions, including bug fixes, feature implementation, writing and/or updating documentation, and bug triage.