Uploaded image for project: 'Ruby Driver'
  1. Ruby Driver
  2. RUBY-3247

Remove rspec-mocks-diag gem

    • Type: Icon: Task Task
    • Resolution: Fixed
    • Priority: Icon: Unknown Unknown
    • 2.19.0
    • Affects Version/s: None
    • Component/s: None
    • None

      Mongoid, MongoDB Ruby Driver, and BSON Ruby are loading a gem called "rspec-mocks-diag".

      This is an out-of-date hack of the rspec-mocks gem which adds additional logging. It was done my a former MongoDB employee. The gem appears to still be under the former employee's control, i.e. not released officially by MongoDB. Fortunately the gem is not loaded in production, but certainly this goes against security best practices and should be cleaned up on all projects where it's used.

            Assignee:
            dmitry.rybakov@mongodb.com Dmitry Rybakov
            Reporter:
            shields@tablecheck.com Johnny Shields
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: