On 07/01/2013 02:05 PM, Jordi Massaguer Pla wrote:
On 07/01/2013 01:45 PM, Lukas Ocilka wrote:
Webyast uses brakeman for periodical checking for possible vulnerabilities and there are other tools out there. We could incorporate brakeman into the build process of rubygem-* RPMs and forbid using gems directly. Or we could monitor upstream projects in use. Still not a bullet-proof way but might be better than nothing.
what you mean by "forbid using gems directly"?
By creating an internal policy, let's call it strict recommendation.
what you mean by "monitor upstream projects"? Running brakeman on github projects?
Yes, that's what I meant. Lukas -- Lukas Ocilka, Cloud & Systems Management Department SUSE LINUX s.r.o., Praha -- To unsubscribe, e-mail: opensuse-ruby+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-ruby+owner@opensuse.org