Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Comment Supply Chain Issue on Rails (Score 1) 36

We definitely have an open source supply chain issue to address. Code signing is no panacea in an environment of community contributors. My co-worker Chris Choi just wrote on The Case for 2FA, Post Rest-client Gem CVE at https://rietta.com/blog/rest-c.... It includes an interview with Matt Manning, whose Rubygems account was compromised and used to push the malicious code to rest-client. At this point, the best we can hope is to get the word out to other popular Gem maintainers.

Slashdot Top Deals

As far as we know, our computer has never had an undetected error. -- Weisert

Working...