Ruby’s Bundler adds a cooldown feature
Version\
4.0.13 of Ruby’s Bundler
package-manager has added\
dependency cooldowns in order to help mitigate the effect of
supply-chain attacks:
Most supply-chain attacks against RubyGems exploit a narrow window:
an account is compromised, a malicious version ships, and any
bundle installin the minutes that follow resolves
str … ⌘ Read more