13 Aug 2020
July 2020 RubyGems Updates
Welcome to the RubyGems monthly update! As part of our efforts at Ruby Together, we publish a recap of the work that we’ve done the previous month. Read on to find out what updates were made to RubyGems and RubyGems.org in July.
In July, we improved Bundler’s Issue Template for our maintainers and contributors. Along with that, we worked on improving performance optimizations and we simplified our CI Workflow to make all Bundler testing combinations easier to maintain.
We made improvements and cleaned up PRs related to JRuby (#3770, #3771, #3774) and merged a follow up PR to have a clean rubocop on new gems.
gem update --system --silent and configured RubyGems branch protection. We’ve also fixed
rake release abortion in the following instances:
- when the credentials file is missing
- when a deprecation warning is triggered in the Github API
- when all local tags are pushed instead of only the release tag.
In addition, we proposed a new workflow for managing our changelog and merged more PRs integrating this workflow. #3808, #3798, #3807.
As always, we continue to fix bugs, review PRs, follow up with issues and continue ongoing maintenance.
This month, RubyGems gained 227 new commits, contributed by 15 authors. There were 146 additions and 170 deletions across 1,070 files.
RubyGems.org saw a lot of activity this month with 30 merged pull requests, including a fix for
rack_attack test failing on Travis with 429.
We updated our sendgrid account subscription to allocate dedicated IP, and setup rDNS and gmail postmaster. We filed a support ticket on Fastly for an IPv6 connection issue, searched honeycomb’s RubyGems.org dataset for API keys and disabled their fastly integration, and sent an email notification about it to our users.
We’ve migrated to sidecar nginx proxy running on EKS cluster from legacy SPOF nginx running on a dedicated host. We also updated our EKS cluster to v1.16.
Over on help.rubygems.org we resolved tickets, fixed a TypeError on the signup page, and removed unused daemons gems from the Gemfile.
In addition to those improvements, we completed the following:
searched 22 months of logs from s3 and created a new email to remediate a possible API key leak.
debugged Outlook marking RubyGems.org mails as spam and filed a support ticket for shared IP update.
worked on a PR for client side support of API key scopes and updated the server-side PR.
cleaned up failed jobs with
rake taskto delete dangling dependency reports and set
NoMethodErroron transitive dependency page.
removed unused dependencies from dockerfile #2449
In total, RubyGems.org gained 72 new commits, contributed by 8 authors. There were 335 additions and 111 deletions across 53 files.
Learn more about contributing to RubyGems by visiting the RubyGems Contributing Guide. We welcome all kinds of contributions, including bug fixes, feature implementation, writing and/or updating documentation, and bug triage.