Initial TUF integration with RubyGems

Tony Arcieri bascule at gmail.com
Fri Nov 22 22:05:36 UTC 2013


On Fri, Nov 22, 2013 at 9:15 AM, Benjamin Fleischer <bfleischer at gmail.com>wrote:

> Please keep help me et al keep it up to date and correct as Gem::TUF rolls
> out.
>  (e.g. https://github.com/rubygems/guides/pull/70#issuecomment-29015903 )
>

There's still a lot of work to be done on Gem::TUF. What we'll be releasing
(hopefully today in PR form) is more of a proof-of-concept than something
that's ready to use, but we hope it's enough to get the ball rolling.


> There's also an open issue in the guide with, I think, a good question:
>  How
> to report gem security issues to an author/rubygems.org and how a gem
> author should publicize the gem release.
> <https://github.com/rubygems/guides/issues/62> (very few seem to [ANN] on
> ruby-lang)


I'd suggest announcing through Rubysec:

http://rubysec.github.io/

-- 
Tony Arcieri


More information about the RubyGems-Developers mailing list