Better Security Through Package Fingerprints

added by DotNetKicks
5/14/2019 1:54:01 PM

2 Kicks, 196 Views

It seemed like an innocuous enough update. Someone yanked bootstrap-sass ruby gem version 3.2.0.2 and published 3.2.0.3. Ruby gems more or less follows the SemVer versioning scheme (albeit with an extra version number). An increment of the patch number communicates that this release should be a safe bug fix update.


0 comments