Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment Supply Chain Issue on Rails (Score 1) 36

We definitely have an open source supply chain issue to address. Code signing is no panacea in an environment of community contributors. My co-worker Chris Choi just wrote on The Case for 2FA, Post Rest-client Gem CVE at https://rietta.com/blog/rest-c.... It includes an interview with Matt Manning, whose Rubygems account was compromised and used to push the malicious code to rest-client. At this point, the best we can hope is to get the word out to other popular Gem maintainers.

Slashdot Top Deals

Genius is ten percent inspiration and fifty percent capital gains.

Working...