Introducing Your New Dashboard

A few months ago, we have arrived at the conclusion that the design and the underlying technology behind our dashboard no longer fits in the future of Gemfury. Since then, we’ve worked with many of you, our customers, to develop a better way to manage your packages. Today, we’re happy to share the product of this collaboration – the new Gemfury Dashboard. Navigate quickly The most significant improvement is the consolidation of all navigation into the left menu – whatever you’re looking for, it is here. 

Version Badge for Python and more

Although Gemfury Package Repo is our main vocation, we believe that it’s part of our mission to give back to the hacker community through code contribution, guides, and value-add services. So while we are putting the final touches on some major updates to Gemfury, today, I’d like to note a couple of recent improvements that we have made to the Version Badge service. PyPI package support A few days ago, we have enabled support for Python, thus reaching parity with Gemfury’s support of Ruby, Node. 

Version Badge for NPM Modules

Since the original announcement two months ago, hundreds of package owners have installed the Version Badge, helping thousands of developers every day to quickly identify and find the installable package associated with a Github repo or a project webpage. Among many others, some notable projects are Devise, CanCan, Celluloid, and Slim. Today, we are happy to introduce Version Badge for NPM modules. Node.js and NPM allow many new and experienced JavaScript developers to package and quickly deploy code to any server. 

Unleash the Fury.io

Over the course of the last few months, we have been carefully extending Gemfury for multi-user and multi-language use. Today, we would like to announce two big changes to the way you download and install your packages. New Repository URL We are taking one more step toward Gemfury being truly language-agnostic by officially switching to a new set of default endpoints for private repositories. Starting today, the proper way to install your packages is by using one of the following Repo-URLs: 

RubyGems.org Vulnerability Explained

After evaluating Gemfury’s processing of RubyGems, we feel it is important to share our understanding and bring awareness to possible security issues when parsing untrusted YAML input. On January 30, 2013, the community package server RubyGems.org was compromised with a rogue code execution vulnerability. The all-volunteer team sprung to action and in the following 53 hours yanked the expoit, patched the vulnerability, verified all the existing gems, and migrated the service to AWS. 

Gemfury Dev Center

If you enjoy using Gemfury, you already know the benefits of DRY, encapsulation, and modularizing your code. However, building a new Gem is still not as easy as sticking a stray file or two into ./lib. Today, we’re opening the Gemfury Dev Center as the best place to learn about packaging code. As we read countless blog posts, emails, and raw code, we will continue to extract some of the most precious tips, tricks, and other gems (haha, get it?