Chad Woolley wrote:
On Tue, Mar 31, 2009 at 8:10 PM, Eric Hodel <drbr...@segment7.net> wrote:
It seems that there was a bogus github gem floating around, mojombo-grit.
It was adding directories to the file list... I'm investigating it.
Hmm:
http://github.com/mojombo/grit/commit/4ac4acab7fd9c7fd4c0e0f4ff5794b0347baecde
What I'm wondering is - how easy would it be to do this maliciously
and with greater effect, if this minor snafu caused problems.
How's that circle of trust thing coming?
If it comes to it we'll start requiring gem signatures. :)
Dan
_______________________________________________
Rubygems-developers mailing list
Rubygems-developers@rubyforge.org
http://rubyforge.org/mailman/listinfo/rubygems-developers
