This help site has been deprecated. Please send your requests to support@rubygems.org
Malicious Libraries Uploaded to RubyGems Repository
Hi,
We just heard that malicious libraries were uploaded to RubyGems. My question here is, how can we find out which libraries are malicious or whether we have installed them? Do you plan on publishing a list?
Thanks,
Tya
Discussions are closed to public comments.
If you need help with RubyGems.org please
start a new discussion.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by sonalkr132 on 25 Apr, 2020 09:10 PM
Hi Tya,
We maintain a wiki for most of them gems we removed for security reasons, you can find it here: https://github.com/rubygems/rubygems.org/wiki/Gems-yanked-and-accou...
Note that your host could have only installed the gem if you or any of the libraries you used made a typo matching the above mentioned list.