Hacker News new | ask | show | jobs
by dcu 3731 days ago
I just wrote a simple script to check the gems:

https://gist.github.com/dcu/3c06e4ab0e98158c5742c4fd2b31523d
4 comments
brightshiny 3729 days ago
Thanks for this. I did some extra work on it (via someone else's fork) so it can run across multiple directories. I've too many projects lurking around to cd into all of them! I added some pretty colours too :)

https://gist.github.com/yb66/44b97baecbeec6900e039ffb9461d31...

link
elcapitan 3731 days ago
Thanks!

Probably depending on version, it seems to be missing a

    require 'time'
    require 'json'
in my environment.
link
revorad 3731 days ago
Thanks for this. So I ran this and found a bunch of unsafe gems. Do I report them to each gem author or to RubyGems security?
link
dcu 3731 days ago
I think we should ask the gem owner to verify that everything is ok unless there's a new version. I updated the script to report if there is a new safe version available.
link
davidradcliffe 3731 days ago
In this context "unsafe" only means not 100% verified.
link
seanhandley 3731 days ago
This is really helpful - thanks!
link