Place for ruby-advisory-db discussions

Question

Place for ruby-advisory-db discussions

jasnow opened this issue a year ago · comments

Al Snow commented a year ago

Can we have a place to have discussions on ruby-advisory-db related topics?

I do not see any Discord/Slack channels or GitHub Discussions link related to this project.
Thanks.

Al Snow · Answer 1 · Wed Mar 15 2023 07:46:18 GMT+0800 (China Standard Time)

Discussion 1:
I ran this command and got zero (great): Unreviewed Rubygem Advisories

How do I query for a string, such as "ruby" or "rails" or whatever, in the description field?
How do I query for empty/nil values should as empty package or ecosystem or affect fields?
Any other tricks to find Ruby-related Advisories needing TLC?
Thanks

Postmodern · Answer 2 · Wed Mar 15 2023 09:38:57 GMT+0800 (China Standard Time)

Note that the GitHub Advisory Database is separate from the ruby-advisory-db (which pulls from GitHub Advisory Database, and which bundler-audit uses). You can however git grep the ruby-advisory-db.

Al Snow · Answer 3 · Wed Mar 15 2023 20:25:15 GMT+0800 (China Standard Time)

I will use emails and GitHub issue for future discussions so I'm closing this issue.