home.social

#gemfile — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #gemfile, aggregated by home.social.

  1. FastRuby.io @[email protected] ·

    Is your #Gemfile putting your application at risk? Learn about the hidden dangers lurking in your dependencies

    #ruby #CISO #DevSecOps

    go.fastruby.io/8mb

    #gemfile #ruby #ciso #devsecops
  2. alexanderadam @[email protected] ·

    Very cool:

    if you're using #VSCode and you program in :ruby: @ruby, :crystal: @CrystalLanguage or 🐍 @Python, then you might want to use @ninoseki's #vscode_extension Mogami, which shows the latest dependencies in #Gemfile, #shards and #requirements_txt.

    Keep in mind that #crystalshard checks are only working on #github repos for now though!

    github.com/ninoseki/vscode-mog

    #ruby #RubyLang #CrystalLang #crystal #CrystalLanguage #python #code #dependencies #RubyProgramming #RubyProgrammers

    #vscode #vscode_extension #gemfile #shards #requirements_txt #crystalshard
  3. alexanderadam @[email protected] ·

    Very cool:

    if you're using #VSCode and you program in :ruby: @ruby, :crystal: @CrystalLanguage or 🐍 @Python, then you might want to use @ninoseki's #vscode_extension Mogami, which shows the latest dependencies in #Gemfile, #shards and #requirements_txt.

    Keep in mind that #crystalshard checks are only working on #github repos for now though!

    github.com/ninoseki/vscode-mog

    #ruby #RubyLang #CrystalLang #crystal #CrystalLanguage #python #code #dependencies #RubyProgramming #RubyProgrammers

    #vscode #vscode_extension #gemfile #shards #requirements_txt #crystalshard
  4. alexanderadam @[email protected] ·

    Very cool:

    if you're using #VSCode and you program in :ruby: @ruby, :crystal: @CrystalLanguage or 🐍 @Python, then you might want to use @ninoseki's #vscode_extension Mogami, which shows the latest dependencies in #Gemfile, #shards and #requirements_txt.

    Keep in mind that #crystalshard checks are only working on #github repos for now though!

    github.com/ninoseki/vscode-mog

    #ruby #RubyLang #CrystalLang #crystal #CrystalLanguage #python #code #dependencies #RubyProgramming #RubyProgrammers

    #vscode #vscode_extension #gemfile #shards #requirements_txt #crystalshard
  5. alexanderadam @[email protected] ·

    Very cool:

    if you're using #VSCode and you program in :ruby: @ruby, :crystal: @CrystalLanguage or 🐍 @Python, then you might want to use @ninoseki's #vscode_extension Mogami, which shows the latest dependencies in #Gemfile, #shards and #requirements_txt.

    Keep in mind that #crystalshard checks are only working on #github repos for now though!

    github.com/ninoseki/vscode-mog

    #ruby #RubyLang #CrystalLang #crystal #CrystalLanguage #python #code #dependencies #RubyProgramming #RubyProgrammers

    #rubyprogrammers #rubyprogramming #dependencies #code #python #crystallanguage
  6. alexanderadam @[email protected] ·

    Very cool:

    if you're using #VSCode and you program in :ruby: @ruby, :crystal: @CrystalLanguage or 🐍 @Python, then you might want to use @ninoseki's #vscode_extension Mogami, which shows the latest dependencies in #Gemfile, #shards and #requirements_txt.

    Keep in mind that #crystalshard checks are only working on #github repos for now though!

    github.com/ninoseki/vscode-mog

    #ruby #RubyLang #CrystalLang #crystal #CrystalLanguage #python #code #dependencies #RubyProgramming #RubyProgrammers

    #vscode #vscode_extension #gemfile #shards #requirements_txt #crystalshard
  7. Todd A. Jacobs | Rubyist @[email protected] ·

    @cam +1 for not enabling the Gemspec/AddRuntimeDependency rule by default. A #Gemspec doesn't have the same rich grammar as a #Bundler #Gemfile, so by definition anything not a development dependency is a runtime dependency. There's no need to be needlessly verbose about it, so kudos on that choice! 👏

    #gemspec #bundler #gemfile
  8. Todd A. Jacobs | Rubyist @[email protected] ·

    @gd You can use #Rails Application Templates to change all sorts of defaults. Even if you don't have a specific flag, you can modify the starting #Gemfile or run a sed command using the `run` or `inside` directives before the initial check-in or `bundle install`.

    guides.rubyonrails.org/rails_a

    #rails #gemfile
  9. Robert @[email protected] ·

    Am I the only one?

    With #bundler #Gemfile, we can have a `:git` option pointing to a git repository. We also have `:path` to point to a local filesystem path. But:
    > Unlike `:git`, bundler does not compile C extensions for gems specified as paths.

    I would love to have a `:gem` option. Wich instead of downloading the gem from a source, uses a local `.gem`-file. But otherwise behaves just like `:git` or `:source` (compiles C extensions).

    This would make vendoring gems so much easier.

    #bundler #gemfile
  10. CSDUMMI✝️🕊️🏛️ @[email protected] ·

    I just learned the #git option in a #Gemfile.

    This feature is very convenient, because it allows me to replace a gem by a fork when I needed to fix a bug in them.

    But I'm now suspicious of this feature. Is this not an opener for #supplychain attacks?

    #git #gemfile #supplychain
  11. Romain Tartière @[email protected] ·

    TIL about bundler-audit, a #Ruby gem to #audit your #Gemfile.lock and report dependencies with security issues.

    #Brakeman does not report such issues and I postponed searching for such a tool for a very long time… GitHub relies on I-dont-know-what to offer this service through dependabot, I tried to run OWASP dependency-check without success, and this project really looks like a KISS solution to this problem. Adopted!

    #brakeman #gemfile #audit #ruby
  12. seasidetesting @[email protected] ·

    This may be … interesting: When using pry/irb *inside* a #Rails project (which has neither sqlite3 nor pry declared anywhere in the #Gemfile), #pry will show the error, and #irb won't.

    #rails #gemfile #pry #irb