Ubuntu Feed

How to Check IP Address on Ubuntu 20.04 (Desktop) 1

How to Check IP Address on Ubuntu 20.04 (Desktop)

Question – How to find local IP Address of my Ubuntu desktop system? 2 Ways to find IP Address on Ubuntu 20.04 Desktop operating system? Ubuntu 20.04 LTS (Focal Fossa) desktop provides an attractive GUI interface to work with it. You can either use the command prompt to check the current IP address on your …

How to Check IP Address on Ubuntu 20.04 (Desktop) Read More »

RubyGems dependency confusion attack side of things

Note: This article is not to deprecate any of the findings and achievements of Alex Birsan. He did great work exploiting specific vulnerabilities and patterns. It is to present the RubyGems side of the story and to reassure you. We actively work to provide a healthy and safe ecosystem for our users. After reading the …

RubyGems dependency confusion attack side of things Read More »

How requiring a gem can mess up your already running application

Introduction Ruby’s dynamic nature is both its advantage and disadvantage. Being able to reopen system classes during runtime, while useful, can also lead to unexpected behaviors. This article presents one such case: how just requiring a gem can mess things up in a completely different area of the application. The bizzare error Recently, after connecting …

How requiring a gem can mess up your already running application Read More »

RubyGems Bitcoin Stealing Malware postmortem 2

RubyGems Bitcoin Stealing Malware postmortem

Introduction On the 7th and 13th of December, there were two malicious packages uploaded to RubyGems. Here’s the postmortem and analysis of the packages’ content. Diffend.io platform that I run closely cooperates with the RubyGems team, providing immediate insights into any gems that have “weird” characteristics. Thanks to that, the gems were yanked relatively fast. …

RubyGems Bitcoin Stealing Malware postmortem Read More »

The hidden cost of a Ruby threads leakage 4

The hidden cost of a Ruby threads leakage

Bug hunting Recently I’ve been working with one small application that would gradually become slower and slower. While there were many reasons for it to happen, I found one of them interesting. To give you a bit of context: the application was a simple single topic legacy Kafka consumer. I rewrote it to Karafka, and …

The hidden cost of a Ruby threads leakage Read More »

Diffend – OSS supply chain security and management platform for Ruby 7

Diffend – OSS supply chain security and management platform for Ruby

I’m incredibly excited to announce a security platform for managing Ruby gems dependencies: diffend.io. This platform is a result of my involvement in Ruby security matters for years. It all started in early 2018 with a tool to review gems versions diffs. While working on it, I’ve noticed that there’s much more that needs to …

Diffend – OSS supply chain security and management platform for Ruby Read More »

Building a Ractor based logger that will work with non-Ractor compatible code

Recently Mike Perham shared a tweet with this comment and a code sample on the Ruby 3.0 Ractors. If this code doesn’t work, how could Rails ever work? Ractor seems fundamentally incompatible with many heavily-used Rails APIs. require ‘logger’ class Rails def self.logger @logger ||= Logger.new(STDOUT) end end Ractor.new do Rails.logger.info “Hello” end.take During the …

Building a Ractor based logger that will work with non-Ractor compatible code Read More »

How to install PostGIS 2.3 on Ubuntu 16.04 LTS

Hey guys, today about the installation of PostGIS, an open source and OGC compliant spatial database extender for the PostgreSQL database management system. It is similar in functionality to ESRI ArcSDE, Oracle Spatial, DB2 spatial extender and something (SQL Server spatial…?)from Microsoft. It provides outstanding performance and functionality – for free! At this time the […]

The post How to install PostGIS 2.3 on Ubuntu 16.04 LTS first appeared on GIS-Blog.com.

Karafka framework 1.4.0 Release Notes (Ruby + Kafka)

This release mostly solves problems related to message deserialization and normalizes some of the naming conventions to ease during the upgrade to the upcoming 2.0 version. Note: This release is the last release with ruby-kafka under the hood. We’ve already started the process of moving to rdkafka-ruby. Note: If you are using Sidekiq-Backend plugin, please …

Karafka framework 1.4.0 Release Notes (Ruby + Kafka) Read More »

The hidden cost of the Ruby 2.7 dot-colon method reference usage 12

The hidden cost of the Ruby 2.7 dot-colon method reference usage

Note: This case is valid also for the “old” #method method usage. The reason why I mention that in the “dot-colon” context, is the fact that due to the syntax sugar addition, this style of coding will surely be used more intensely. Note: This feature has been reverted. See details here: bugs.ruby-lang.org/issues/16275. Note: Benchmarks and …

The hidden cost of the Ruby 2.7 dot-colon method reference usage Read More »