ruby
Safeguard articles tagged "ruby" — guides, analysis, and best practices for software supply chain and application security.
24 articles
Secure Random Number Generation in Ruby with SecureRandom
Ruby's built-in rand() uses a predictable Mersenne Twister and should never generate tokens, passwords, or session IDs. Here's how SecureRandom fixes that.
Enterprise Rails Security Audit: 2025 Field Notes
After 14 Rails audits in the last 12 months, the same eight issues kept surfacing. Here's the 2025 field checklist for Rails 7.2 and 8.0 enterprise apps.
JRuby Supply Chain Considerations
JRuby sits at the intersection of the Ruby and Java supply chains, and the security story reflects both. A look at how JRuby's dual nature affects gem security and what defenders should know.
Ruby Native Extensions Supply Chain
Native C extensions are the most under-audited part of the Ruby supply chain: how they get built, what can go wrong, and how to monitor them as seriously as you monitor pure-Ruby code.
bundler-audit Production Setup
A practical guide to running bundler-audit in production CI pipelines, including advisory database updates, exception handling, and integration with remediation workflows.
Bundler Lockfile Security Practices
How to use Gemfile.lock as a real security artifact: checksums, frozen mode, reproducible resolves, and what changed in Bundler 2.5's expanded lockfile format.
RubyGems 2FA Enforcement Analysis
A look at how RubyGems.org rolled out mandatory 2FA for high-traffic gem maintainers, what it has caught, and what gaps still remain in the account-compromise defense story.
Shopify's Supply Chain Security Program
How Shopify built a supply chain security program that protects millions of merchants while maintaining the development velocity that e-commerce demands.
RubyGems Yanked Gems: Security Risks of Removed Ruby Packages
When a Ruby gem is yanked from RubyGems.org, it creates security risks for projects that depended on it. Understanding the yanking mechanism is critical for Ruby supply chain security.
Stripe's Dependency Security Practices
How Stripe secures its software dependencies while processing billions of dollars in payments, with a focus on Ruby ecosystem hardening and dependency isolation.
Ruby Brakeman Security Scanner: Rails-Aware Vulnerability Detection
Brakeman understands Rails conventions and catches security issues that generic scanners miss. Here is how to use it effectively.
Ruby Gems Supply Chain Security
Protecting your Ruby applications from gem-based supply chain attacks with Bundler security features, gem signing, and auditing.