-
If anyone is looking to do some open source contributions on a mature, production Ruby on Rails site, I highly recommend contributing to the rubygems.org project. The code is extremely clean and the repo is very, very well run.
https://github.com/rubygems/rubygems.org
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
This is fantastic work by the RubyGems maintainers!
One interesting (IMO) aspect of this: there are secondary package ecosystems that piggyback on RubyGems that don't qualify for the 2FA mandate at the moment (since, as user-installed packages, they don't have quite the same volume as an extremely popular library package).
The biggest one I can thing of is CocoaPods[1] -- huge swaths of the iOS and macOS ecosystems rely on it, but it has "only" 57 million RubyGems downloads[2] and therefore doesn't qualify as a top-100 package. This demonstrates (again, IMO) the need for manual curation on top of a uniform policy for the top N packages.
[1]: https://cocoapods.org/
[2]: https://rubygems.org/gems/cocoapods
-
ios-application
A native, lightweight and secure one-time-password (OTP) client built for iOS; Raivo OTP!
I recently migrated all of my 2FA logins to Raivo [0]. It's iOS-only but open source and very nicely built. The key feature that made me switch is that it can export by 2FA tokens as a backup.
I got worried when I started thinking about this scenario, and realized Google Authenticator offers no way to back up the tokens. The only way out is to transfer to a new device using a QR code. They pretty much lock you in to using Google Authenticator.
And, crucially, backing up the phone DOESN'T SAVE THE TOKENS.
I almost learned this the hard way when I got a new phone, restored from backup, and right before I wiped my old phone I decided on a lark to check that Google Authenticator was working on the new one. The app was there, but the tokens were not.
0: https://raivo-otp.com/