Explore the potential risks and security implications of installing gems in Ruby and Rails applications in this 29-minute conference talk from RailsConf 2022. Delve into the open source gem ecosystem, a major strength of Ruby, and understand the vulnerabilities that can arise when depending on hundreds of gems in production Rails applications. Learn about the various "bad things" that can occur when installing a gem and adding it to your Gemfile. Discover effective strategies and best practices for preventing attacks and securing your application dependencies, ensuring peace of mind for developers. Gain valuable insights from speakers Ashley Ellis Pierce and Betty Li on maintaining a robust and secure Ruby on Rails development environment.
Overview
Syllabus
RailsConf 2022 - Gem install: What could go wrong? by Ashley Ellis Pierce & Betty Li
Taught by
Confreaks