Security News
Follow-up and Clarification on Recent Malicious Ruby Gems Campaign
A clarification on our recent research investigating 60 malicious Ruby gems.
By Sarah Gooding - Aug 22, 2025
example_file
Example File
Class helper for example files. Usually it's the alternative
to environment variables (and .env files).
You can have git-controlled example files and git-ignored real files. For example, configuration, especially with sensitive data.
Installation
Add this line to your application's Gemfile:
gem 'example_file'
And then execute:
bundle install
Or install it yourself as:
gem install example_file
Usage
require 'example_file'
ExampleFile.new('some_file.example.conf').actualize_regular_file
For some_file.example.conf example file there is some_file.conf
regular file.
Editor below is $EDITOR environment variable.
You should set it to your preferred editor, console or GUI
(console is more comfortable usually for such scenarios).
Otherwise the whole program will be aborted with a message about this.
It'll act in these ways:
- If there is no regular file:
- create it with content from example and open the editor.
- If there is example file with file modified time after regular file:
- If there is no difference between their contents:
- touch regular file for updating its modified time.
- If there is a difference between their contents:
- ask for a further action:
- open the editor;
- just update regular without changes;
- replace regular file with a content from new example file;
- or replace and then open the editor.
- ask for a further action:
- If there is no difference between their contents:
- If there is regular file with file modified time after example file:
- do nothing.
You should add example files to git control:
git add some_file.example.conf
And ignore regular ones in .gitignore:
some_file.conf
Recursively it'd be like:
config/**/*
!config/**/*.example*
Development
After checking out the repo, run bundle install to install dependencies.
Then, run toys rspec to run the tests.
To install this gem onto your local machine, run toys gem install.
To release a new version, run toys gem release %version%.
See how it works here.
Contributing
Bug reports and pull requests are welcome on GitHub.
License
The gem is available as open source under the terms of the MIT License.
FAQs
Unknown package
We found that example_file demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 14 Jan 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
ESLint Adds Support for Parallel Linting, Closing 10-Year-Old Feature Request
ESLint now supports parallel linting with a new --concurrency flag, delivering major speed gains and closing a 10-year-old feature request.
By Sarah Gooding - Aug 22, 2025
Research
/Security News
Malicious Go Module Disguised as SSH Brute Forcer Exfiltrates Credentials via Telegram
A malicious Go module posing as an SSH brute forcer exfiltrates stolen credentials to a Telegram bot controlled by a Russian-speaking threat actor.
By Kirill Boychenko - Aug 21, 2025