|
|
|
|
|
|
by WA9ACE
2186 days ago
|
|
|
I normally read a good chunk, if not all of the code of a dependency before I add it to my projects except in the case of community standard things (in Ruby) such as ActiveSupport or Sequel. Going over a prospective dependency a few months ago bore fruit in proving why you should always do this. NewsAPI is a neat little API for fetching news whose docs just so happen to show a ruby gem. Being the lazy developer I am I’d like to use the gem than build another API client, but before I did that I read the source as one should. Low and behold what do I find but the evil eval in the code for a dirt simple API client. No thanks. https://github.com/olegmikhnovich/News-API-ruby/blob/master/... |
|
|