April 2023 Monthly Update

Hello! Welcome to the monthly update. During April, our work was supported by Shopify, Zendesk and many others.

Ruby Central News

In April, Ruby Central's open source work was supported by 35 different companies, including Ruby member Zendesk and Ruby Shield sponsor Shopify.

In total, we were supported by 162 developer members. Thanks to all of our members for making everything that we do possible. <3

RubyGems News

This month in RubyGems, we released RubyGems 3.4.11, 3.4.12 and Bundler 2.4.11, 2.4.12.

The following improvements and fixes are included in these releases (see the changelog for more information):

• reduced chances of Bundler reverting to old APIs by removing a fallback to full indexes on big gemfiles in RubyGems - #6578.
• made RubyGems less dependent on default gems by using a vendored pure-ruby YAML parser to load its own configuration - #6615.
• added some development improvements like RuboCop enhancements - #6599, #6608, #6586, #6590, #6582, and unified our tasks to vendor gems - #6628.

In April, RubyGems gained 128 new commits contributed by 12 authors. There were 2,125 additions and 1,244 deletions across 175 files.

RubyGems.org News

Dependency API Updates:

Based on additional feedback from community members, we have pushed back the removal by two weeks and added an exception until August 8 for Java users. New brownout dates are May 12, 15, 17, 19, 22, and the removal date is moved from May 10 to May 24.

This month, RubyGems.org saw several bug fixes and updates, some of which include:

• refactored WebAuthn Verification logic - #3720.
• added logging around pushing gems - #3745.
• added an admin Tool: Yank user - #3684.
• fixed password hint text - #3730.
• added a mailer for WebAuthn credential updates - #3695.
• added a pop-up when a WebAuthn credential is deleted -#3708.
• added an admin Tool: Change User Email - #3709.
• allowed avo to search when index is allowed - #3725.
• enabled Datadog HTTP request queuing - #3754.
• removed outdated bin/update_vendor_cache - #3752.
• fixed lifecycle location in k8s yaml config - #3747.
• added the preStop lifecycle hook to Nginx - #3746.
• removed nginx version caching - #3714.
• advertised that compact index actions accept range requests - #3713.
• updated the default response to render plain text in WebauthnVerification#authenticate - #3712.
• added caching to dependency API - #3703.
• updated Ingress apiVersion to networking.k8s.io/v1 - #3687.
• replaced the dependency API route with search in encoding test - #3682.
• added a displayed message to user when safari is detected - #3674.

In addition to features and bugfixes, the entire RubyGems.org team was hard at work behind the scenes, maintaining and improving the infrastructure that the Rails app runs within:

• Upgrades for EKS, ALB, APIService, and metrics server
• Migrate remaining hand-created infrastructure into terraform
• Set up a dedicated review environment for webauthn testing
• Add logging of headers and trace IDs to DataDog and Honeycomb

Finally, on top of all of that work, the on-call team also handled several incidents of elevated error rates and instability during and after the Dependency API brownout dates. While some users saw transient or occasional errors at various times, we were able to successfully resolve the issues each time without any outages.

In April, RubyGems.org gained 162 new commits, contributed by 15 authors. There were 4,754 additions and 1,317 deletions across 164 files.

Total Spent

In April we completed 323 hours of development work @$150/hour, and spent $48,404.

Thank you

Thank you to all the contributors of RubyGems and RubyGems.org for this month! Your contributions are greatly appreciated, and we are grateful for your support.

Contributors to RubyGems:

• @hsbt Hiroshi SHIBATA
• @luke-gru Luke Gruber
• @aellispierce Ashley Ellis Pierce
• @jenshenny Jenny Shen
• @jchestershopify Jacques Chester
• @bettymakes Betty Li
• @ericherscovich Eric Herscovich
• @deivid-rodriguez David Rodríguez
• @simi Josef Šimánek
• @nobu Nobuyoshi Nakada
• @MRozmus Marcin Rozmus

Contributors to RubyGems.org:

• @segiddins Samuel Giddins
• @jenshenny Jenny Shen
• @simi Josef Šimánek
• @jchestershopify Jacques Chester
• @aellispierce Ashley Ellis Pierce
• @bettymakes Betty Li
• @ericherscovich Eric Herscovich
• @hsbt Hiroshi SHIBATA
• @indirect André Arko
• @adrianthedev Adrian Marin
• @arunagw Arun Agrawal
• @javier-menendez Javier Menéndez Rizo

May 25, 2023