Blog
15 Jul 2020
June 2020 RubyGems Updates
Welcome to the RubyGems monthly update! As part of our efforts at Ruby Together, we publish a recap of the work that we’ve done the previous month. Read on to find out what updates were made to RubyGems and RubyGems.org in June.
RubyGems News
In June, RubyGems saw significant improvements on Bundler and RubyGems development. We released Bundler 2.2.0.rc.1 and RubyGems 3.2.0.rc.1! 🎉
We also worked on synchronizing the latest versions of both libraries with ruby-core, and fixed issues that came up. We also enforced our ruby-core workflow to try to prevent further tedious integrations with ruby-core in the future by catching issues early and minimizing the back and forth of patches between upstream and downstream.
We changed bundler specs to raise by default when any subcommand fails. This action helped reveal two bugs (which we of course, fixed!). We’ve adapted bundler release tasks to a new repository layout and now have the changelog draft up-to-date.
We’ve also implemented a fix to stop soft-validating gemspecs (e.g. giving validations that only warn) except for in gem-authoring contexts. We also added a slack notification to the maintainers channel that triggers whenever the ruby-head builds starts failing. We simplified our CI Workflows and did some final cleanup PRs related to CI failures on jruby.
Outside of these major highlights, we continue to fix bugs, review PRs, improve our documentation, cleanup test suites, and continue our usual ongoing maintenance.
In total, RubyGems gained 243 new commits, contributed by 15 authors. There were 3003 additions and 2432 deletions across 313 files.
RubyGems.org News
This month, we added terraform module for RDS monitors and added alerts on rubgems-production, rubygems-staging and shipit instances. We followed up with fixes on RubyGems.org that have now been deployed and verified! We also debugged failed delayed jobs in production and created a fix for issues we found with regex validation with user email. rubygems/rubygems.org/pull/2406 rubygems/rubygems.org/pull/2388
In addition to that, We made a PR to send mail update confirmation when a user changes their email address, added a RubyGems.org guide for rate limits, and made the following improvements:
- increased Strict-Transport-Security max-time to ensure HTTPS-only access
- updated rake task to remove duplicate runtime dependencies
-
updated
versions.listsource location from bundler-api to s3. and added cronjob to update the file monthly. -
ran rake tasks related to
compact_indexwhich enabled bundler to make fewer requests to our server when installing some gems and fixed install of gems with multiple Ruby or Rubygems requirements -
updated correct checksum task to use non-caching info_checksum calc, rerun the task, and expire info cache of gems changed from production
- updated and deployed rate limit changes to fix merge conflict and use test helpers. rubygems.org#2330
- reset a few leaked API keys and send mail to affected users
As always, we continued to fix bugs, and provide help on help.rubygems.org and ongoing support work.
In June, RubyGems.org gained 119 new commits, contributed by 10 authors. There were 1256 additions and 489 deletions across 86 files.
Learn more about contributing to RubyGems by visiting the RubyGems Contributing Guide. We welcome all kinds of contributions, including bug fixes, feature implementation, writing and/or updating documentation, and bug triage.