RubyGems
mimemagic
Our great sponsors
RubyGems | mimemagic | |
---|---|---|
25 | 18 | |
2,295 | 416 | |
0.1% | 0.5% | |
9.8 | 0.0 | |
5 days ago | 5 months ago | |
Ruby | Ruby | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
RubyGems
-
Phlex is the ruby way to build your views
However, let's examine a typical partial, such as the one from the . rubygems.org search show page
- Chrome considers gems to be dangerous?
- Rubygems.org Hacked?
- Rubygems.org marked by Chrome as an “unsafe site”
-
OOP vs. services for organizing business logic: is there a third way?
github.com/rubygems/rubygems.org (26k lines): Where Ruby gems are hosted.
-
RubyGems now requires MFA for owners of top gems
If anyone is looking to do some open source contributions on a mature, production Ruby on Rails site, I highly recommend contributing to the rubygems.org project. The code is extremely clean and the repo is very, very well run.
https://github.com/rubygems/rubygems.org
- Rubygems packages found carrying out dependency confusion research
-
Making popular Ruby packages more secure
RubyGems does have gem signing, but it's not widely used.
There's a proposal for a new "one button" approach using sigstore[0].
Other ecosystems are also looking at sigstore too, and a lot of us are cooperating in the OpenSSF Securing Software Repos WG [1]. Package signing is a regular topic of discussion and there are various efforts underway.
Disclosure: I am involved with both of these.
[0] https://github.com/rubygems/rubygems.org/pull/2944
[1] https://github.com/ossf/wg-securing-software-repos
- Due to a bug in the yank action, it was possible for any RubyGems.org user to remove and replace certain gems even if that user was not authorized to do so.
mimemagic
-
Magika: AI powered fast and efficient file type identification
If you're curious, here's how I solved it for ruby back in the day. Still used magic bytes, but added an overlay on top of the freedesktop.org DB: https://github.com/mimemagicrb/mimemagic/pull/20
-
mimemagic 0.3.0
Get it directly from github commit.
-
Releases 0.9.299 - 0.9.305: Change Log
[AO3-6152] - Due to a licensing incident with a Rails dependency known as mimemagic, we had to update Rails to 5.2.5 and mimemagic to 0.3.6.
-
Can You Not use Applications Built with Older Versions of Ruby?
I don't think mimemagic works on Windows after the drama. I opened a PR for that a month ago but no one seems to care: https://github.com/mimemagicrb/mimemagic/pull/141
-
Perfect Motherf****** Website
"License, motherfucker"
I know the vulgarity of the statements is tongue in cheek, but this one has been reinforced lately by the "MIME Magic" debacle[1], mama mia.
[1] https://github.com/mimemagicrb/mimemagic/issues/98
-
The current state of package invalidation support across package managers
it has a licensing issue
-
Ruby off the Rails: Code library yanked over license blunder, sparks chaos for half a million projects
https://github.com/mimemagicrb/mimemagic/commit/749a7e59de480b7c0373acc4f8ceb4444352ba46#diff-2ea7e2364883967953ab518a8316b639e612b8a6f20eadb7b97939d91c8e2612
-
Rails 5.2.5, 6.0.3.6 and 6.1.3.1 have been released [removed dependency on mimemagic]
On the other hand mimemagic provides by_magic https://github.com/mimemagicrb/mimemagic#usage which does detection by heuristic. It's a radically different method for a radically different use case.
-
All versions of mimemagic on Rubygems.org are now MIT-licensed
Anyway, I created a PR addressing new Mimemagic not working on Windows https://github.com/mimemagicrb/mimemagic/pull/141
-
When someone yanks all prior versions of a gem that is a dependency of rails.
Someone broke the internet for rails https://github.com/mimemagicrb/mimemagic/issues/98
What are some alternatives?
Bundler
marcel - Find the mime type of files, examining file, filename and declared type
gemdiff - Find source repositories for ruby gems. Open, compare, and update outdated gem versions
gemstash - A RubyGems.org cache and private gem server
Gem in a Box - Really simple rubygem hosting
mini_mime - minimal mime type library
mimemagic - Mime type detection in ruby via file extension or file content [Moved to: https://github.com/mimemagicrb/mimemagic]
passwordless - 🗝 Authentication for your Rails app without the icky-ness of passwords
Bazel - a fast, scalable, multi-language and extensible build system
SharpZipLib - #ziplib is a Zip, GZip, Tar and BZip2 library written entirely in C# for the .NET platform.
otwarchive - The Organization for Transformative Works (OTW) - Archive Of Our Own (AO3) Project