Giter Site home page Giter Site logo

ruby-mem-advisory-db's Introduction

Ruby Leaky Gems Database

The RubyMem Database is a community effort to compile all known memory leaks that are relevant to Ruby gems.

You can check your own Gemfile.locks against this database by using bundler-leak.

Support Our RubyMem Initiative!

This project has been a community effort since the beginning. The more reports we track, the more value we can provide to your future projects!

How You Can Help

Do you know about a known memory leak that isn't listed in this database? Open an issue, submit a PR, or use this form which will email the maintainers.

Directory Structure

The database is a list of directories that match the names of Ruby libraries on rubygems.org. Within each directory are one or more files for the Ruby library. These files can be named however you want, in this example it is named after the PR number in github.

gems/:
  celluloid/:
    612.yml

Format

Each file contains the information in YAML format:

---
gem: celluloid
url: https://github.com/celluloid/celluloid/issues/670
title: Memory Leak using Celluloid::Future
date: 2015-08-31
description: |
  The Celluloid::Group::Spawner appears to never clean up the completed Threads
  that it creates.
leaky_versions:
  - "> 0.16.0, < 0.17.2"
patched_versions:
  - ">= 0.17.3"

Schema

  • gem [String]: Name of the affected gem.
  • framework [String] (optional): Name of the framework which the affected gem belongs to.
  • platform [String] (optional): If this vulnerability is platform-specific, name of platform this vulnerability affects (e.g. jruby)
  • url [String]: The URL to the full advisory.
  • title [String]: The title of the advisory or individual vulnerability.
  • date [Date]: The public disclosure date of the advisory.
  • description [String]: One or more paragraphs describing the vulnerability.
  • leaky_versions [String]: The version requirement of the gem with a known memory leak.
  • unaffected_versions [Array<String>] (optional): The version requirements for the unaffected versions of the Ruby library.
  • patched_versions [Array<String>]: The version requirements for the patched versions of the Ruby library.

Tests

Prior to submitting a pull request, run the tests:

bundle install
bundle exec rspec

Credits

Please see CONTRIBUTORS.md.

ruby-mem-advisory-db's People

Contributors

bronzdoc avatar etagwerker avatar dependabot[bot] avatar zealot128 avatar buonomo avatar

Watchers

James Cloos avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.