09 Jul 2021
June 2021 RubyGems Updates
by Gift Egwuenu
Welcome to the RubyGems monthly update! As part of our efforts at Ruby Together, we publish a recap of the work that we’ve done the previous month. Read on to find out what updates were made to RubyGems and RubyGems.org in June.
This month in RubyGems, we released new versions for Bundler
2.2.21 and RubyGems
3.2.21. The release for RubyGems included a security fix contributed by Aditya, and Bundler release ships with several fixes and improvements.
We also worked on improving the seamless migration of insecure lock files by automatically dealing with them when possible instead of printing a warning and still installing them - #4647 and #4683.
We also kept discussing how to improve the experience when bundler needs
sudo access, making the behaviour less upsetting for our users -#4031.
In June, Rubygems gained 98 new commits, contributed by 10 authors. There were 993 additions and 480 deletions across 231 files.
In June, RubyGems.org saw several bug fixes and updates, some of which include the following:
- updated ElasticSearch to version 7.
- refactored and deployed autocomplete search feature - #2047.
- resolved reports with pending bounties on HackerOne.
- implemented platform verification in
gemspecto avoid potential RCE - #4667
This month, Rubygems.org gained 25 new commits, contributed by 7 authors. There were 490 additions and 169 deletions across 30 files.
As always, we continue to fix bugs, review and merge PR’s and reply to support tickets.
Learn more about contributing to RubyGems by visiting the RubyGems Contributing Guide. We welcome all kinds of contributions, including bug fixes, feature implementation, writing and updating documentation, and bug triage.