-
Notifications
You must be signed in to change notification settings - Fork 31
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #186 from rubygems/march-2024-updates
Publish March 2024 RubyGems Monthly Update
- Loading branch information
Showing
1 changed file
with
83 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,83 @@ | ||
| --- | ||
| title: March 2024 RubyGems Updates | ||
| layout: post | ||
| author: Gift Egwuenu | ||
| author_email: [email protected] | ||
| --- | ||
|
|
||
| Welcome to the RubyGems monthly update! As part of our efforts at Ruby Central, we publish a recap of the work that we’ve done the previous month. Read on to find out what updates were made to RubyGems and RubyGems.org in March. | ||
|
|
||
| ## RubyGems News | ||
|
|
||
| This month, RubyGems released RubyGems [3.5.7](https://github.com/rubygems/rubygems/blob/master/CHANGELOG.md#357--2024-03-22) and Bundler [2.5.7](https://github.com/rubygems/rubygems/blob/master/bundler/CHANGELOG.md#257-march-22-2024). These updates introduce a range of enhancements and bug fixes, all aimed at enhancing the developer experience. They include: [the introduction of an attribute](https://github.com/rubygems/rubygems/pull/7464) in `Gem::SafeYAML.safe_load` to control whether YAML aliases is enabled, [a warning mechanism](https://github.com/rubygems/rubygems/pull/5010) for when the `required_ruby_version` specification attribute is empty, and [the removal of unnecessary configurations](https://github.com/rubygems/rubygems/pull/7478) in the RuboCop setup generated by `bundle gem`. | ||
|
|
||
| Some other important accomplishments from the team this month include: | ||
|
|
||
|
|
||
| **[Making `gem install` respect the umask of the target system](https://github.com/rubygems/rubygems/pull/7518):** | ||
|
|
||
| - The goal of this change is to address the issue where RubyGems may install files with permissions that are broader than desired, giving write permissions to users other than the current user. This issue arises when the original packaging of files includes these broad permissions, likely due to an unsafe umask set by the gem's author. | ||
| - The solution implemented by [@deivid-rodriguez](https://github.com/deivid-rodriguez) was to adopt a more straightforward approach than the previous attempt (which was reverted due to test failures in `ruby core`) by applying the target system’s umask to regular files (excluding directories) before setting their permissions. | ||
|
|
||
| **[Fixed Bundler’s application cache misuse](https://github.com/rubygems/rubygems/pull/7516):** | ||
|
|
||
| - This update resolves an issue in how Bundler was using its cache, leading to odd behavior. Users were seeing unusual updates, like Bundler claiming it was updating to versions that didn’t actually exist (for example, "Updating to 3.0.9"). | ||
| - The problem was rooted in how Bundler managed cached gems. These gems were mistakenly being considered in situations they shouldn’t have been, which caused not only strange messages but also errors in the lockfile, such as gems appearing under incorrect sources. | ||
| - The solution implemented ensures that cached gems are kept separate from those available online, preventing the confusion that was causing these issues. This approach helps maintain clarity and accuracy in Bundler’s operations. | ||
|
|
||
| In March, RubyGems gained [67 new commits](https://github.com/rubygems/rubygems/compare/master@%7B2024-3-01%7D...master@%7B2024-3-31%7D) contributed by 13 authors. There were 934 additions and 194 deletions across 92 files. | ||
|
|
||
| ## RubyGems.org News | ||
|
|
||
| March's updates to RubyGems.org reflect a strong commitment to improving user experience, enhancing security, and modernizing the platform. | ||
|
|
||
| The following are highlights of what the team worked on this month: | ||
|
|
||
| **[Major PostgreSQL zero downtime upgrade](https://github.com/rubygems/pg-major-update)**: | ||
|
|
||
| - This significant update was carried out to ensure that application dependencies remain up-to-date. Notably, this is the second upgrade effort, moving from PostgreSQL version 12 to 13, following the original upgrade to version 12 in response to the end of life (EOL) for PostgreSQL 11 on Amazon RDS. | ||
| - The upgrade process utilized `pgbouncer` and a manually managed blue/green environment to achieve zero downtime. For detailed scripts and an explanation of the procedure, visit the [project’s GitHub page](https://github.com/rubygems/pg-major-update). | ||
| - A detailed blog post with additional details will be released soon. | ||
|
|
||
| In March, RubyGems.org gained [69 new commits](https://github.com/rubygems/rubygems.org/compare/master@%7B2024-3-01%7D...master@%7B2024-3-31%7D) contributed by 12 authors. There were 466 additions and 1,263 deletions across 75 files. | ||
|
|
||
|
|
||
| ## Thank you | ||
|
|
||
| Thank you to all the contributors of RubyGems and RubyGems.org for this month! Your contributions are greatly appreciated, and we are grateful for your support. | ||
|
|
||
| ### Contributors to RubyGems: | ||
|
|
||
| - [@nobu](https://github.com/nobu) Nobuyoshi Nakada | ||
| - [@martinemde](https://github.com/martinemde) Martin Emde | ||
| - [@deivid-rodriguez](https://github.com/deivid-rodriguez) David Rodríguez | ||
| - [@kateinoigakukun](https://github.com/kateinoigakukun) Yuta Saito | ||
| - [@hsbt](https://github.com/hsbt) Hiroshi Shibata | ||
| - [@simi](https://github.com/simi) Josef Šimánek | ||
| - [@cuishuang](https://github.com/cuishuang) Cui Fliter | ||
| - [@jez](https://github.com/jez) Jake Zimmerman | ||
| - [@duckinator](https://github.com/duckinator) Ellen Marie Dash | ||
| - [@agrobbin](https://github.com/agrobbin) Alex Robbin | ||
| - [@ccutrer](https://github.com/ccutrer) Cody Cutrer | ||
| - [@JaneScarlet](https://github.com/JaneScarlet) Amanda JC | ||
| - [@doodzik](https://github.com/doodzik) Frederik Dudzik | ||
| - [@marcandre](https://github.com/marcandre) Marc-André Lafortune | ||
| - [@dduugg](https://github.com/dduugg) Douglas Eichelberger | ||
|
|
||
|
|
||
| ### Contributors to RubyGems.org: | ||
|
|
||
| - [@segiddins](https://github.com/segiddins) Samuel Giddins | ||
| - [@jgarber623](https://github.com/jgarber623) Jason Garber | ||
| - [@hsbt](https://github.com/hsbt) Hiroshi Shibata | ||
| - [@simi](https://github.com/simi) Josef Šimánek | ||
| - [@martinemde](https://github.com/martinemde) Martin Emde | ||
| - [@deivid-rodriguez](https://github.com/deivid-rodriguez) David Rodríguez | ||
| - [@indirect](https://github.com/indirect) André Arko | ||
| - [@spk](https://github.com/spk) Laurent Arnoud | ||
| - [@bradly](https://github.com/bradly) Bradly Feeley | ||
| - [@joeldrapper](https://github.com/joeldrapper) Joel Drapper | ||
| - [@ytjmt](https://github.com/ytjmt) Yuki Tsujimoto | ||
|
|
||
| --- | ||
| Learn more about contributing to RubyGems by visiting the RubyGems Contributing Guide. We welcome all kinds of contributions, including bug fixes, feature implementation, writing and updating documentation, and bug triage. |