Ruby Fights Supply-Chain Attacks With Filter Offering ‘Cooldown’ Before Installing New Packages
Most supply-chain attacks using Ruby’s package hosting site “exploit a narrow window,” according to a new blog post form Ruby core maintainer Hiroshi Shibata.

So its packaging-managing Bundler tool now offers a filter that blocks new version until it’s been public “for at least N … ⌘ Read more