Remember, 'signing gems' is a panacea.
-
-
@bascule@steveklabnik@seancribbs and I do love the ease of publishing gems since the shift to gemcutter. Not a fan of dropping that. -
@pat@steveklabnik@seancribbs yeah I'm trying to come up with a system that preserves the nice UX of gems today. That's my main argument
End of conversation
New conversation -
-
-
@bascule@steveklabnik@seancribbs interesting, though could release a legit gem, then a malicious update. Review code, or just identity? -
@pat@steveklabnik@seancribbs my proposal is just for reviewing publisher identities. Re: malicious gems, see #4 under Attack Surface
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.