RubyGems
Stable release | 3.5.18[1]
/ 26 August 2024 |
---|---|
Repository | |
Written in | Cross-platform |
Type | Package manager |
License | Ruby License |
Website | rubygems |
Total gems | 173,000+ |
---|---|
Total downloads | 109+ billion |
RubyGems is a
The interface for RubyGems is a
The public repository helps users find gems, resolve
History
Development on RubyGems started in November 2003 and was released to the public on March 14, 2004, or Pi Day 2004.[5] In 2010, the default public repository for gems moved from gems.rubyforge.org to rubygems.org, which is still in use. Also, RubyGems development was moved to GitHub in 2010. Though RubyGems has existed since Ruby 1.8, it was not a part of the standard Ruby distribution until Ruby 1.9.
Previously,
Structure of a gem
Every gem contains a name, version and platform. Gems work only on ruby designed for a particular platform based on CPU architecture and operating-system type and version.[7]
Each gem consists of:
- Code
- Documentation
- Gem specification (Gemspec)
The code organization follows the following structure for a gem called gem_name:
gem_name/ ├── bin/ │ └── gem_name ├── lib/ │ └── gem_name.rb ├── test/ │ └── test_gem_name.rb ├── README ├── Rakefile └── gem_name.gemspec
- The lib directory contains the code for the gem.
- The test (or spec) directory is used for testing.
- Rakefile is used by Rake to automate tests and to generate code.
- README includes the documentation, RDOC, for most gems.
- Gem specification (gemspec) contains information about the author of the gem, the time of creation and the purpose the gem serves.
Security concerns
Since gems run their own code in an application it may lead to various security issues due to installation of malicious gems. The creator of a malicious gem may be able to compromise the user's system or server.[8]
A number of methods have been developed to counter the security threat:
- Cryptographic signingof gems since RubyGems version 0.8.11. The gem cert and gem install commands are used for this purpose.
- New signing models such as OpenPGPhave been proposed and are actively being discussed among Ruby experts.
See also
References
- ^ "Release 3.5.18". 26 August 2024. Retrieved 27 August 2024.
- ^ "174 Rubygems with Eric Hodel". Archived from the original on 2021-07-31. Retrieved 2018-05-09.
- ^ "RubyGems Command Reference". guides.rubygems.org. Retrieved 2016-09-18.
- ^ "Ruby 1.9.1 changelog". Archived from the original on 2022-01-17.
- ^ a b "Version history of RubyGems". GitHub. Retrieved 2016-09-18.
- ^ "Ruby 1.9.1 released". www.ruby-lang.org. Retrieved 2016-09-18.
- ^ "What is a gem? - RubyGems.org". guides.rubygems.org. Retrieved 2016-09-18.
- ^ "Security - RubyGems Guides". guides.rubygems.org. Retrieved 2016-09-23.