Techly NewsGet the app

Get the latest tech news

Ruby Fights Supply-Chain Attacks With Filter Offering 'Cooldown' Before Installing New Packages


Most supply-chain attacks using Ruby's package hosting site "exploit a narrow window," according to a new blog post form Ruby core maintainer Hiroshi Shibata. So its packaging-managing Bundler tool now offers a filter that blocks new version until it's been public "for at least N days. Releases t...

None

Get the Android app

Or read this on Slashdot

Read more on:

Photo of ruby

ruby

Photo of new packages

new packages

Photo of chain attacks

chain attacks

Related news:

News photo

NixOS 26.05 Released With 20,442 New Packages, Stage 1 Now Based On systemd By Default

News photo

Ruby vs. Java vs. TypeScript: my experience on building a Cowork DOCX plugin

News photo

From Rust to Ruby

« Apple Investors Look for AI Overhaul to Power Next Leg of Gains
Broken speaker? Finicky zipper? Anticonsumerist Repair Cafes urge you to fix it instead of pitch it »