Good news everyone! On 16th October we are gathering for RubyC Webinar#2 to spend another snug evening discussing the topic “OSS Supply Chain Security for Ruby”.
We thank and welcome our speaker - Maciej Mensfeld (github.com/mensfeld), a software architect and engineer working with Castle.io, with vast experience in a wide variety of business applications built using multiple Ruby frameworks. Particularly interested in code quality and Ruby-based applications' security. Active OSS contributor and maintainer of various projects including Karafka, dry-rb libraries, and Diffend.io project.
Topic description:
Ruby gems aren't fundamentally safe. Several gems were infected last year, and constant attempts are being made to do the same with others. It's not only the execution that is a problem but the installation process as well.
Are there any ways for OSS users to regain control over what is being executed on their machines and their servers? Are there any ways for libraries’ maintainers to provide higher transparency over what they ship?
Come, find out and let's exploit the Ruby gems world together!
Date: 16 October 2020
Time: 19:00 (Kyiv, GMT+3)