Overview
Explore the potential risks and security implications of installing gems in Ruby and Rails applications in this 29-minute conference talk from RailsConf 2022. Delve into the open-source gem ecosystem, a major strength of Ruby, and understand the vulnerabilities that can arise when depending on hundreds of gems in a production Rails application. Learn about the various "bad things" that can occur during gem installation and discover effective strategies to prevent attacks on your application dependencies. Gain valuable insights to enhance the security of your Ruby and Rails projects, allowing you to leverage the power of gems while mitigating potential threats.
Syllabus
RailsConf 2022 - Gem install: What could go wrong? by Ashley Ellis Pierce & Betty Li
Taught by
Ruby Central