Rails Conf 2022 Gem install: What could go wrong by Ashley Ellis Pierce Betty Li

The open source gem ecosystem is a major strength of Ruby and its not uncommon for a production Rails application to depend upon hundreds of gems. But what are the risks of installing a gem and having it in your Gemfile In this talk, well cover what bad things can actually happen when you install a gem. Well also talk about the ways of preventing these attacks from occurring in your application dependencies (so you can sleep well at night).