@bascule yes that was on purpose to for his talk
-
-
-
@merbist yeah, saw his talk ;) Point being gems can do some pretty crazy stuff -
@bascule agh ok I thought you thought you had found an "Evil" gem :p -
@merbist was part of a larger point that RubyGems sure could use some kind of security -
@bascule and bundler too, you can set an evil gem as a dependency of your gem and most people won't even notice they are using it. Hard prob -
@merbist yeah, people might scour gems like rails for compromises, but are people looking as closely at, say, "hike", a Rails dependency?
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.