If you're interested in security, please consider checking us out. Most of rubysec is composed of security professionals, and we're all interested in improving the ecosystem-at-large. Submit issues against the advisory or simply fork it https://github.com/rubysec/ruby-advisory-db/
Regards and apologies for slightly hijacking the thread.
Hi, I'm with http://rubysec.github.com/
We maintain a freely available advisory database https://github.com/rubysec/ruby-advisory-db/ designed to be easily machine readable.
We also maintain a free ruby-wide security announcement mailing list: https://groups.google.com/forum/?fromgroups#!forum/rubysec-a...
The rubysec-advisory-db is meant to power discovery tools such as https://github.com/postmodern/bundler-audit (from which it was originally extracted) or https://gemcanary.com (it bears mentioning that my company made it). I'm pretty sure it will be used in codeclimate's upcoming security monitor https://codeclimate.com/security-monitor given that Bryan is a regular contributor.
If you're interested in security, please consider checking us out. Most of rubysec is composed of security professionals, and we're all interested in improving the ecosystem-at-large. Submit issues against the advisory or simply fork it https://github.com/rubysec/ruby-advisory-db/
Regards and apologies for slightly hijacking the thread.