[Ruby] Major Security Hole Found In Rails
Scott Laird
scott at sigkill.org
Fri Aug 11 10:42:12 PDT 2006
On 8/10/06, Joe Van Dyk <joevandyk at gmail.com> wrote:
> On 8/10/06, Ryan Davis <ryand-ruby at zenspider.com> wrote:
> >
> > On Aug 10, 2006, at 3:30 PM, Raymond Forbes wrote:
> >
> > > When you upgrade rails how does that affect your currently built
> > > apps? Is there an upgrade process for them?
> >
> > All of my deployed sites have a "frozen" checkout of rails under
> > vendor/rails. I run a rake task to update that checkout to the new
> > version I want (see my blog for the specific rake task) and run
> > tests. I never run on edge, so nothing ever breaks (yet).
>
> You'd think that would be the preferred way of doing Rails sites,
> instead of dealing with gems.
It *is* the preferred way of dealing with Rails sites.
Scott
More information about the Ruby
mailing list