James Blanding

@[email protected]
35 Followers
35 Following
248 Posts
#ruby on #rails developer, #postgresql DBA, and #linux sysadmin.
James BlandingOct 10

Now that there is confirmation that lawyers are involved, the chances there will be any of sort of open and transparent reconciliation process have plummeted.

https://andre.arko.net/2025/10/09/the-rubygems-security-incident/

The RubyGems “security incident”

Ruby Central posted an extremely concerning “Incident Response Timeline” today, in which they make a number of exaggerated or purely misleading claims. Here’s my effort to set the record straight. First, and most importantly: I was a primary operator of RubyGems.org, securely and successfully, for over ten years. Ruby Central does not accuse me of any harms or damages in their post, in fact stating “we have no evidence to indicate that any RubyGems.org data was copied or retained by unauthorized parties, including Mr. Arko.”

André.Arko.net
James BlandingMay 26, 2024
It would be nice if there was a platform for creating non-security bug bounties for FOSS projects. I found one called IssueHunt (https://oss.issuehunt.io) but it seems to be unmaintained. The only details of their fund management process are in the Terms and Conditions, and the FAQ link is 404. Maybe the original creators should have created a bounty for the site itself.
IssueHunt - A bounty platform for open source projects

IssueHunt 🦉 = OSS Development ⚒ + Bounty Program 💰. IssueHunt is an issue-based bounty platform for open source projects. Anyone can put a bounty on not only a bug but also on OSS feature requests listed on IssueHunt. Collected funds will be distributed to project owners and contributors.

James BlandingFeb 18, 2024
@james How has ruby.social been doing with the recent spam account attack? Has it caused any sort of increase in the amount of hosting resources required to operate the instance?
Show threadJames BlandingMay 11, 2023
This revelation brought to you by a couple hours of trial-and-error, debugging, and spelunking through source code.
James BlandingMay 11, 2023
When using Capybara to test the String output of a method, Capybara wraps the output into a minimal HTML document so that all of its built-in finders, matchers, etc will work without needing special handling. As it happens, the String is embedded into a <p> tag in that HTML. So if your method returns a String like 'Hello', and you write a test like `expect(helper.my_method).to have_css 'p'`, that test will pass even though the String 'Hello' does not contain an explicit <p> tag.
James BlandingMar 28, 2023

@postmodern Side note: the fact that SQLite allows you to define objects that reference other non-existent objects is rather jarring. It allows your migrations to be ordered without concern for dependencies. I'm sure that is convenient, but it becomes an issue when trying to run them on another platform... 😵‍💫

Also you have one migration (`create_ronin_advisories_table`) that defines an index on a non-existent column (`publisher`).

James BlandingJan 20, 2023
Completely unrelated to any particular recent event, Audio-Technica ATH-AD700's are pretty impact resistant.
James BlandingNov 8, 2022
JonobieNov 8, 2022

Recent mastodon influx be like: This party is amazing! Much better than that prior party!

5 minutes later: The party food should be served differently. 🤣

I implore other newbies to recall we’re coming into a home that’s been around since 2016, not an empty room. Part of why we love it is all the work people before us did setting up the party in a nice way. Maybe let’s defer to them a bit on norms?

Also, please use CW for political discussions, especially in the US this week. It’s better.

James BlandingNov 6, 2022
MarilyneNov 5, 2022

Edit: Please refer to the updated version at https://mastodon.social/@Geekymary/109360258731293583

#Mastodon #feditips

Flowchart describing the visibility of a public toot per use case.

James BlandingNov 1, 2022

Quick #introduction...

I have been a #ruby on #rails developer with a tiny consultancy team since 2009, generally leaning towards back-end work. In prior positions, I have been a DBA, sysadmin, and network engineer, so I occasionally wear one or more of those hats in my current job as well.

I am hoping to convert some of my social media usage from doomscrolling to something more productive. 😁