September 2020 Monthly Update
ruby together news
In September, Ruby Together was supported by 42 different companies, including Sapphire member Stripe. One company joined as a new member, and Loic Nageleisen signed up as a developer member. In total, we were supported by 102 developer members. Thanks to all of our members for making everything that we do possible. <3
This month, we did a lot of work triaging issues and so far we’re “winning the pulse” with over 80 issues closed vs only 14 opened, and 44 PRs merged vs 8 opened. We’ve also fixed a couple of new and outstanding issues some of which include:
- fixes for the resolver, which until recently was generating duplicate spec groups, making debug output much more verbose than it should.
- improving install for a local
gemspecto prevent dependencies unnecessarily hitting the network.
- fixing bundler showing some unnecessary warnings from git when using submodules.
- fixing the
--build-rootoption to gem install which was broken on Windows and broken when gems with rubygems plugins were present on the system.
ruby setup.rbunnecessarily rewriting the bundler gemspec.
- fixing situations where bundler would crash if running on a path including brackets.
- responding to HackerOne reports for RubyGems.
- adding a note about credentials in the rubygems.org repo being fake, in response to a HackerOne report.
- merging a PR adding docs about Gemstash.
- Updating docs to recommend Gemstash instead of gem server.
- catching up with changes in
ruby-coreregarding versioning default gems. (#3937 and #3938)
- fixing an issue with configuration priority.
- deprecating bundle cache –all.
- creating a unified release & changelog management workflow.
- working on breaking #3317 into multiple more actionable issues. (#3317 and #3957)
- fixing some issues with CI to adapt to
- Shipping the
bundle fundcommand that lists out all the URLs for
gemswhose maintainers are actively looking for funding (!).
We also worked on enabling
disable_multisource and figuring out the different new behaviours it enables, several other
test/dev issues and reviewing PRs from external contributors.
This month, Rubygems gained 150 new commits, contributed by 12 authors. There were 1263 additions and 4300 deletions across 176 files.
In September we released the work done during Google Summer of Code (GSoC) 2020 related to adding support of managing owners using UI and confirmation of ownership addition. Many thanks to rubygems.org GSoC student @vachhanihpavan for doing an excellent job.
We also made the following updates and improvements:
- profiled the
#performmethod of Fastly log processor job and updated it to fetch versions from DB in bulk.
- updated a client side PR to identify scope as per the command, and update scope in case of forbidden response. (#1962 and #3840)
- updated the IPv4 fallback PR to add configuration, and flag and tests for the configuration, and began work on adding tests for the fallback.
- verified ownership and deploy namespace release of
- updated API scopes client PR to fix OTP fallback and with tests.
- set up a new Zendesk slack integration and explored using their web widget as stand alone web form.
- deprecated help.rubygems.org in favor of email@example.com to resolve the issue of genuine help tickets being marked as spam.
- responded to support tickets and google group threads.
This month, Rubygems.org gained 31 new commits, contributed by 5 authors. There were 2,467 additions and 292 deletions across 85 files.
ruby toolbox news
I hope you’re well! I added displaying of repo README files to the Ruby Toolbox recently, which will hopefully be useful for quickly evaluating projects more in depth on top of the usual metrics directly on the site. Apart from that and the usual maintenance some topics I have looked into recently are:
Bringing lines-of-code stats to the site so you can have an indication of the size and complexity of the library at a glance. This is the one I hope to ship next
An official command line client that gives you quick access to data served by the recently launched API, including a report on the health status of your dependencies
Looking into options for improving the search, especially the response times
Providing an alternate database dump that excludes historical gem download stats, since they make up the majority of the dump size and make imports very slow, so if you just want some real data to work with it’s become a bit cumbersome at this point
Be safe and stay healthy!
budget & expenses
In September, we saw $19,818.70 in total income, and spent a total of $10,506.19.
- Stripe Payment Processing Fees $339.61
- Employee Related $221.22
- General & Administrative $242.18
- IT & Software $756.46
- Professional Fees $319.00
- 59.8 Hours of development work at $8,967.33
Until next time,
Irene, André and the Ruby Together team
October 19, 2020