RubyGems

RubyGems is a package manager for the Ruby programming language that provides a standard format for distributing Ruby programs and libraries (in a self-contained format called a "gem"), a tool designed to easily manage the installation of gems, and a server for distributing them. It was created by Chad Fowler, Jim Weirich, David Alan Black, Paul Brannan and Richard Kilmer during RubyConf 2004.[1]

RubyGems
Stable release
3.0.6 / August 16, 2019 (2019-08-16)
Repository
Written inRuby
Operating systemCross-platform
TypePackage manager
LicenseRuby License
Websiterubygems.org
Total gems133,000+
Total downloads14+ billion

The interface for RubyGems is a command-line tool called gem which can install and manage libraries (the gems).[2] RubyGems integrates with Ruby run-time loader to help find and load installed gems from standardized library folders. Though it is possible to use a private RubyGems repository, the public repository is most commonly used for gem management.

The public repository helps users find gems, resolve dependencies and install them. RubyGems is bundled with the standard Ruby package as of Ruby 1.9.[3]

History

Development on RubyGems started in November 2003 and was released to the public on March 14, 2004, or Pi Day 2004.[4] In 2010, the default public repository for gems moved from http://gems.rubyforge.org to http://rubygems.org, which is still in use. Also, RubyGems development was moved to GitHub in 2010. Though RubyGems has existed since Ruby 1.8, it was not a part of the standard Ruby distribution until Ruby 1.9.

Previously, compatibility with RubyGems and Ruby varied. Many versions of RubyGems are almost fully incompatible with many versions of Ruby and some versions had key features unusable. For example, Ruby 1.9 came with RubyGems 1.3.7 in its standard distribution, but RubyGems 1.4.x was not compatible with Ruby 1.9. This meant that updating RubyGems on Ruby 1.9 was not possible until RubyGems 1.5.0 was released in 2011, two years after the first stable release of Ruby 1.9.[5] These compatibility issues led to a rapid development of RubyGems, switching to a 4–6 week release schedule. This is reflected in there being 38 releases from 2004 to 2010 and 117 releases from 2011 to 2016. 45 versions were released in 2013, which is the highest number of releases in a year for RubyGems.[4]

Structure of a gem

Every gem contains a name, version and platform. Gems work only on ruby designed for a particular platform based on CPU architecture and operating-system type and version.[6]

Each gem consists of:

  1. Code
  2. Documentation
  3. Gem specification (Gemspec)

The code organization follows the following structure for a gem called gem_name:

gem_name/
├── bin/
│   └── gem_name
├── lib/
│   └── gem_name.rb
├── test/
│   └── test_gem_name.rb
├── README
├── Rakefile
└── gem_name.gemspec
  • The lib directory contains the code for the gem.
  • The test (or spec) directory is used for testing.
  • Rakefile is used by Rake to automate tests and to generate code.
  • README includes the documentation, RDOC, for most gems.
  • Gem specification (gemspec) contains information about the author of the gem, the time of creation and the purpose the gem serves.

Working with gems

Gems are packages similar to Ebuilds. They contain package information along with files to install.

Gems are usually built from ".gemspec" files, which are YAML files containing information on gems. However, Ruby code may also build gems directly. Such a practice is usually used with Rake.

gem command

The gem command is used to build, upload, download, and install gem packages.

gem usage

RubyGems is very similar to apt-get, portage, yum and npm in functionality.

Installation:

gem install mygem

Uninstallation:

gem uninstall mygem

Listing installed gems:

gem list

Listing available gems, e.g.:

gem list --r

Create RDoc documentation for all gems:

gem rdoc --all

Adding a trusted certificate:[7]

gem cert -a

Download but do not install a gem:

gem fetch mygem

Search available gems, e.g.:

gem search STRING --remote

gem package building

The gem command may also be used to build and maintain .gemspec and .gem files.

Build .gem from a .gemspec file:

gem build mygem.gemspec

Security concerns

Since ruby gems run their own code in an application it may lead to various security issues due to installation of malicious gems. The creator of malicious gems may be able to compromise the user system or server.[8]

A number of methods have been developed to counter the security threat:

  • Cryptographic signing of gems since RubyGems version 0.8.11. The gem cert and gem install commands are used for this purpose.
  • New signing models such as X509 and OpenPGP have been proposed and are actively being discussed among Ruby experts.
gollark: It has been contained.
gollark: https://i.redd.it/kp7y2d9s85671.jpg
gollark: <@!747067747569106974>
gollark: It allows you to play RPS over an instant messaging system without possible cheating.
gollark: Perhaps we could play ZKP-RPS (Zero Knowledge Proof Rock Paper Scissors).

See also

References

  1. "174 Rubygems with Eric Hodel".
  2. "RubyGems Command Reference". guides.rubygems.org. Retrieved 2016-09-18.
  3. "Ruby 1.9.1 changelog".
  4. "Version history of RubyGems". GitHub. Retrieved 2016-09-18.
  5. "Ruby 1.9.1 released". www.ruby-lang.org. Retrieved 2016-09-18.
  6. "What is a gem? - RubyGems.org". guides.rubygems.org. Retrieved 2016-09-18.
  7. "gem cert". guides.rubygems.org. Retrieved 2016-09-23.
  8. "Security - RubyGems Guides". guides.rubygems.org. Retrieved 2016-09-23.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.