|
|
|
|
|
|
by kayodelycaon
1466 days ago
|
|
|
> Dependency confusion attacks Just want to point out that bundler solves this problem (and many others). It pins gem versions in Gemfile.lock and it supports explicit source locations (like git repositories) for downloading gems. |
|
|