Security News
Follow-up and Clarification on Recent Malicious Ruby Gems Campaign
A clarification on our recent research investigating 60 malicious Ruby gems.
By Sarah Gooding - Aug 22, 2025
iop
IOP - the data processing pipeline construction framework for Ruby
Synopsis
IOP is intended for construction of the data processing pipelines in a manner of UNIX shell pipes.
Instead of the standard Ruby way of handling such I/O tasks in form of nested blocks the IOP offers a simpler flat chaining scheme.
Consider the example:
# One-liner example
(FileReader.new('input.dat') | GzipCompressor.new | DigestComputer.new(MD5.new) | FileWriter.new('output.dat.gz')).process!
The above snippet reads input file and compresses it into the Gzip-compatible output file simultaneously computing the MD5 hash of compressed data being written.
The next snippet presents the incremental pipeline construction capability - a feature not easily implementable with the standard Ruby I/O block nesting.
# Incremental pipeline construction example
pipe = FileReader.new('input')
pipe |= GzipCompressor.new if need_compression?
pipe |= FileWriter.new('output')
pipe.process!
Here the Gzip compression is made optional and is thrown in depending on external condition.
Features
The following capabilities are currently implemented:
- String splitting/merging
- IO or local file reading/writing
- FTP file reading/writing
- Digest computing
- Gzip/Zlib (de)compression
- Zstd (de)compression
- Symmetric cipher (de,en)cryption
- Random data generation
Basic usage
- IOP is split into a set of files which should be required separately depending on which components are needed.
require 'iop/file'
require 'iop/zlib'
require 'iop/digest'
require 'iop/string'
- The
IOPmodule can be included into current namespace to conserve some writing.
include IOP
- A chain of processing objects is created either in-line or incrementally.
pipe = StringSplitter.new('Greetings from IOP', 10)
pipe |= GzipCompressor.new | (d = DigestComputer.new(MD5.new))
pipe |= FileWriter.new('output.gz')
It is convenient to set local variables to the created instances which are expected to have some kind of valuable state.
- The actual processing is initiated with the
process!method.
pipe.process!
The IOP instances do normally perform self-cleanup operations, such as closing file handles, network connections etc., even during exception handling.
- The variable-bound instances can be then examined.
puts d.digest.hexdigest
For further information refer to IOP documentation.
The end
Cheers,
Oleg A. Khlybov <fougas@mail.ru>
FAQs
Unknown package
We found that iop demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 22 Apr 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
ESLint Adds Support for Parallel Linting, Closing 10-Year-Old Feature Request
ESLint now supports parallel linting with a new --concurrency flag, delivering major speed gains and closing a 10-year-old feature request.
By Sarah Gooding - Aug 22, 2025
Research
/Security News
Malicious Go Module Disguised as SSH Brute Forcer Exfiltrates Credentials via Telegram
A malicious Go module posing as an SSH brute forcer exfiltrates stolen credentials to a Telegram bot controlled by a Russian-speaking threat actor.
By Kirill Boychenko - Aug 21, 2025