[Rubygems-developers] gem problem

Ryan Davis ryand-ruby at zenspider.com
Wed Apr 1 04:03:12 EDT 2009

On Mar 31, 2009, at 22:13 , Chad Woolley wrote:

> On Tue, Mar 31, 2009 at 8:10 PM, Eric Hodel <drbrain at segment7.net>  
> wrote:
>> It seems that there was a bogus github gem floating around, mojombo- 
>> grit.
>>  It was adding directories to the file list...  I'm investigating it.
> Hmm:  http://github.com/mojombo/grit/commit/4ac4acab7fd9c7fd4c0e0f4ff5794b0347baecde
> What I'm wondering is - how easy would it be to do this maliciously
> and with greater effect, if this minor snafu caused problems.

possibly pretty easily, I can't really comment on that... but not  
really with greater effect. There are benefits to having centralized  
services, and one of them is the ability to quickly deal with issues  
and limit their effect.

More information about the Rubygems-developers mailing list