SecurityAdvisories
ruby-advisory-db
Our great sponsors
SecurityAdvisories | ruby-advisory-db | |
---|---|---|
6 | 2 | |
2,644 | 989 | |
0.9% | 1.2% | |
9.6 | 9.1 | |
8 days ago | 2 days ago | |
Ruby | ||
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
SecurityAdvisories
-
Preventing Installing Composer Dependencies with Known Security Vulnerabilities
To reduce the chance of introducing vulnerable dependencies into your projects, you can use tools such as "Roave Security Advisories" (roave/security-advisories).
- With the recent scandal over the 'node-ipc' package, is Composer also vulnerable like this? Is there any security measure in the Composer to prevent this type of attack?
- Open source is not a place for politics
-
Composer conflict, how can we use it?
In order to avoid accepting third-party code with well-known security issues you can take advantage of SecurityAdvisories by Roave, a library which uses conflict as shown in this article to block unsafe packages. Give it a look!
-
PHP libraries and tools
roave/security-advisories: Security advisories as a simple composer exclusion list, updated daily
-
Laravel QR Code Generator Infected with Malware
Every composer user should use at least https://github.com/Roave/SecurityAdvisories
ruby-advisory-db
-
4 Essential Security Tools To Level Up Your Rails Security
This Ruby gem is quite useful for detecting versions of gems that are known to be vulnerable to security issues. bundler-audit uses an open database of vulnerable gems called ruby-advisory-db and compares it to the versions that show up in your Gemfile.lock.
- Security checks for Ruby apps?
What are some alternatives?
local-php-security-checker - PHP security vulnerabilities checker
feedparser - feedparser gem - (universal) web feed parser and normalizer (XML w/ Atom or RSS, JSON Feed, HTML w/ Microformats e.g. h-entry/h-feed or Feed.HTML, Feed.TXT w/ YAML, JSON or INI & Markdown, etc.)
enlightn - Your performance & security consultant, an artisan command away.
ruby-cff - A Ruby library for manipulating CITATION.cff files.
PHPStan - PHP Static Analysis Tool - discover bugs in your code without running it!
Shrine - File Attachment toolkit for Ruby applications
Deptrac - Keep your architecture clean.
advisory-db - Security advisory database for Rust crates published through crates.io
Serializer - Library for (de-)serializing data of any complexity (supports JSON, and XML)
awesome-ruby-security - Awesome Ruby Security resources
GrumPHP - A PHP code-quality tool
captainhook - CaptainHook is a very flexible git hook manager for software developers that makes sharing git hooks with your team a breeze.