Добрый день уважаемые слушатели. Представляем новый выпуск подкаста RWpod. В этом выпуске:
Ruby
- Ruby gem strong_password found to contain remote code execution code in a malicious version, further strengthening worries of growth in supply-chain attacks, Rails 6 adds support for Multi Environment credentials и 6 changes you might have missed coming in Ruby 2.7
- I just made Ruby++, Brewing our own Template Lexer in Ruby, Scallop - ergonomic shell wrapper и TimeCalc - next generation of Time arithmetic library
Web
- Snyk research team discovers severe prototype pollution security vulnerabilities affecting all versions of lodash, How do JavaScript’s global variables really work? и Where Do You Learn HTML & CSS in 2019?
- React Apollo vs Redux + REST: Implementing the same feature twice, What Is the Native Payment Request API?, Bounds.js - asynchronous boundary detection, without dependencies и Zip - Robust ZIP decoder with defenses against dangerous compression ratios, spec deviations, malicious archive signatures, etc