AISlashdotabout 8 hours ago

Ruby Adds Cooldown Filter to Fight Supply-Chain Attacks

2 min read

Ruby's Bundler tool now offers an opt-in filter that blocks new package versions until they have been public for at least N days. The feature targets supply-chain attacks that exploit a narrow window after release. It complements existing defenses like mandatory 2FA and trusted publishing.

Level

Hype check

Tap to vote and see what everyone thinks.

#ruby #bundler #supply-chain

Read full story

More to chew on!

Techabout 13 hours ago

VS Code Delays Extension Updates by 2 Hours

Techabout 3 hours ago

'Hades' Campaign Against PyPI Puts New Spin on Shai-Hulud