Mime type detection in ruby via file extension or file content [Moved to: https://github.com/mimemagicrb/mimemagic] (by minad)
Now I'm not a lawyer and the above is just a silly example. Most notably in the real case here it seems both the copyright holder and the Gem author are reasonable people, with their communication being reasonable and respectful (see here).
Mime type detection in ruby via file extension or file content
Short term, mimemagic 0.3.8 has been released, and should work for any Rails application running on Ruby 2.3+. You'll need to separately install the mime types info as a dependency before installing, as outlined in the readme at https://github.com/mimemagicrb/mimemagic/blob/master/README.md.
Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.
Powerful and versatile MIME sniffing package using pre-compiled glob patterns, magic number signatures, XML document namespaces, and tree magic for mounted volumes, generated from the XDG shared-mime-info database. (by zRedShift)
As such I think some sort of agreement along the lines of "please give me some time" could've worked. To further illustrate that, there's a similar issue for a different project, created on February 22nd. It wasn't until 2 days ago, one month after creating said issues, that a DMCA notice was filed. And based on the discussion, the only reason for this was the authors of zRedShift not cooperating.
A RubyGems.org cache and private gem server
Sorry to hear. I'd say, never "bundle install" in the init script. If using docker, make "bundle install" an intermediate container. If you have your own servers, try network FS sharing your deps (and see if you're ok with the "require" latencies). Alternatively, use a gem cache proxy. You can use "geminabox" with a rubygems mirror, if you can tolerate the space and long mirroring times, or use a purposed "middleman" proxy, like gemstash, or nexus if your company is multilang.
Malware downloaded from PyPI 41,000 times was surprisingly stealthy
2 projects | reddit.com/r/programming | 20 Nov 2021
RubyGems has the most legal problems. Explanation?
1 project | reddit.com/r/ruby | 16 Jul 2021
Where did these mysterious PrismJS npm versions come from?
4 projects | dev.to | 15 Apr 2021
Getting started with Go
6 projects | dev.to | 3 Apr 2021
The current state of package invalidation support across package managers
3 projects | dev.to | 1 Apr 2021