Mailinglist Archive: opensuse-ruby (10 mails)

< Previous Next >
Re: [opensuse-ruby] The case against using in production
  • From: Lukas Ocilka <lukas.ocilka@xxxxxxxx>
  • Date: Tue, 02 Jul 2013 12:39:23 +0200
  • Message-id: <>
On 07/01/2013 02:12 PM, Stephan Kulow wrote:
On 01.07.2013 13:45, Lukas Ocilka wrote:
Webyast uses brakeman for periodical checking for possible
vulnerabilities and there are other tools out there. We could
incorporate brakeman into the build process of rubygem-* RPMs and forbid
using gems directly. Or we could monitor upstream projects in use. Still
not a bullet-proof way but might be better than nothing.

I doubt brakeman would highlight anything described in the blog

Well, you might be right. We haven't tried that yet. Neither with breakman nor with any other (security) scanner.



Lukas Ocilka, Cloud & Systems Management Department
SUSE LINUX s.r.o., Praha
To unsubscribe, e-mail: opensuse-ruby+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-ruby+owner@xxxxxxxxxxxx

< Previous Next >
List Navigation