Ruby 1.9.3-p385 is released

Y	Hacker News new \| ask \| show \| jobs

	Ruby 1.9.3-p385 is released (ruby-lang.org)
	53 points by cbetta 4879 days ago

1 comments

aaronblohowiak 4878 days ago

    echo "--no-ri --no-rdoc" >> ~/.gemrc

install every gem much faster, avoid rdoc vulnerabilities. Since gem installation can run arbitrary code, I am suspicious of rdoc xss vulnerabilities being a cause for concern (if you are not running a publicly-accessible gem documentation site...)

link

why-el 4878 days ago

This will run these options for every gem command though. Better restrict it to install and update.

link

scraplab 4878 days ago

Like so:

    install: --no-rdoc --no-ri 
    update:  --no-rdoc --no-ri

link

regularfry 4878 days ago

Also add --env-shebang so that you don't get stupid shebang lines which lock you to a specific interpreter.

link

kawsper 4878 days ago

Is it a problem that this gets passed to every gem command?

link

why-el 4878 days ago

Yes because it does not make sense to pass it to some commands. For instance, what would `gem list --no-rdoc --local` mean? You will get a lot of invalid option errors.

link

lobster_johnson 4878 days ago

The .gemrc file is YAML [1], does that even work without "gem:" in front? Mine looks like this:

    gem: --no-rdoc --no-ri --both
    verbose: true
    update_sources: true
    sources:
    - http://rubygems.org/
    backtrace: false
    bulk_threshold: 1000
    benchmark: false

[1] http://docs.rubygems.org/read/chapter/11

link