Initial TUF integration with RubyGems

Tony Arcieri bascule at
Fri Nov 22 22:05:36 UTC 2013

On Fri, Nov 22, 2013 at 9:15 AM, Benjamin Fleischer <bfleischer at>wrote:

> Please keep help me et al keep it up to date and correct as Gem::TUF rolls
> out.
>  (e.g. )

There's still a lot of work to be done on Gem::TUF. What we'll be releasing
(hopefully today in PR form) is more of a proof-of-concept than something
that's ready to use, but we hope it's enough to get the ball rolling.

> There's also an open issue in the guide with, I think, a good question:
>  How
> to report gem security issues to an author/ and how a gem
> author should publicize the gem release.
> <> (very few seem to [ANN] on
> ruby-lang)

I'd suggest announcing through Rubysec:

Tony Arcieri

More information about the RubyGems-Developers mailing list