Hacker Timesnew | past | comments | ask | show | jobs | submitlogin

Most of these security vulnerabilities are "stop what you're doing right now and fix this" bugs.

Honestly I don't want a Rails 4 until all the rest of this has been shaken free. I'd rather Rails-core and other security minded rubyists keep digging for exploits.



I completely agree. I just heard the release date was imminent back in December. I assume these security bugs are what's postponing it.


There are so many security issues being unveiled that at this point one might wonder if Rails 4 (and a complete redesign) may not be the way to fix the security issues.

Maybe also, if ruby programmers learned to program (instead of doing banana driven lingo development) or committed suicide throwing themselves from a cliff (along with PHP developers) (like lemmings) we could also have a boring yet more secured internet.


Except the internet would still have you to start flamewars about people you didn't like! :P

Make no mistake, there are a pile of ruby programmers who do care about security and take this shit seriously. You probably use their code.

We're paying for the way that Rails was developed in the days prior to the Rails/Merb merge. There's a reason why the community split in those days.

Please don't paint all of us Rubyists with the same brush.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: