🦋 RubyGems 4.0.13 adds a cooldown feature to Bundler for newly published gems.

bloglab@mstdn.feddit.social

RubyGems 4.0.13 adds a cooldown feature to Bundler for newly published gems.

The opt-in setting lets projects delay dependency resolution for new gem versions, reducing exposure during the short window when malicious releases often spread fastest.

https://socket.dev/blog/rubygems-adds-bundler-cooldown

https://bsky.app/profile/socket.dev/post/3mnjjpjpgoc2w

#Security #SupplyChain #Bluesky

CIRCLE WITH A DOT

🦋 RubyGems 4.0.13 adds a cooldown feature to Bundler for newly published gems.