Blog
17 Oct 2023
September 2023 RubyGems Updates
Welcome to the RubyGems monthly update! As part of our efforts at Ruby Central, we publish a recap of the work that we’ve done the previous month. Read on to find out what updates were made to RubyGems and RubyGems.org in September.
RubyGems News
This month in RubyGems, we released RubyGems 3.4.20 and Bundler 2.4.20.
One of the goals of this RubyGems release was to work on allowing RubyGems to gracefully fall back to a user install if the default gem home isn’t writable. This will resolve a request users of RubyGems have been wanting for eight years - #5327. Additionally, we sought to update the SPDX license list from 2023-04-28, 2023-06-18, to 2023-01-26, raised Gem::Package::FormatError when gem encounters corrupt EOF #6882, and ensure that loading multiple gemspecs with legacy YAML class references does not warn #6889.
In this month’s Bundler release, our goal was to build on the work of @segiddins and @mercedesb, by adding support for SHA256 checksum verification of Bundled gems during installation, as described in this RFC. We also focused on Bundler’s performance and memory efficiency; supporting, reviewing, and contributing to improvements there.
Some other improvements that landed into our repo this month but that are not included in the above releases are:
- added
universal-java-19to CI test setup Gemfile locks - #6942. - fixed a false positive SymlinkError in the symbolic link directory - #6947.
- added support for the
ruby-3.2.2format in theruby file:Gemfile directive, and added a test to explicitly test the3.2.2@gemsetformat as rejected - #6954. - reduced allocations for stub specifications - #6972.
- allowed standalone mode to work on a Windows edge case - #6989.
- improved release scripts - #6999.
- fixed the SafeMarshal test on jruby - #6984.
In September, RubyGems gained 116 new commits contributed by 14 authors. There were 2,455 additions and 571 deletions across 105 files.
RubyGems.org News
This month in RubyGems.org, we improved how gravatar exposed user email by ensuring they are not publicly exposed - #3731, #4104. We added this change to keep our users’ information private and well secured. We also opened an RFC to enhance user profile in general.
Support for PostgreSQL 11 version will end next February, so we have created a plan, wrote reference scripts and started documenting the upgrade in the following RFCs to get feedback - #52, #53.
Some other improvements that landed into our repo this month but that are not included in the above releases are:
- added a log in Pusher when notify is called - #4072.
- added a versions index on
lower(gem_full_name)- #4095. - added backfill for
spec_sha256on versions - #4083. - handled nil
api_keyin the dashboards controller -#4081. - added a fix to precompile assets on CI before running tests - #4059.
- made all texts in the about page translatable. - #4063.
- made an update to only validate version metadata on create/change - #4100.
- updated RubyGems & Bundler - #4103.
In September, RubyGems.org gained 64 new commits contributed by 5 authors. There were 1,855 additions and 1,070 deletions across 90 files.
Thank you
Thank you to all the contributors of RubyGems and RubyGems.org for this month! Your contributions are greatly appreciated, and we are grateful for your support.
Contributors to RubyGems:
- @hsbt Hiroshi SHIBATA
- @martinemde Martin Emde
- @negi0109 negi
- @pboling Peter Boling
- @indirect André Arko
- @ytkg YOSHIKI
- @segiddins Samuel Giddins
- @krororo kitazawa
- @deivid-rodriguez David Rodríguez
- @yaauie Ry Biesemeyer
- @simi Josef Šimánek
- @byroot Jean Boussier
- @duckinator Ellen Marie Dash
Contributors to RubyGems.org:
- @segiddins Samuel Giddins
- @simi Josef Šimánek
- @hsbt Hiroshi SHIBATA
- @indirect André Arko
Learn more about contributing to RubyGems by visiting the RubyGems Contributing Guide. We welcome all kinds of contributions, including bug fixes, feature implementation, writing and updating documentation, and bug triage.