Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Easily manage rails migrations with a mini UI that can be invoked in your console or on the command line.
I am sick and tired of having to manually copy and paste version numbers from my migration filenames whenever I have to do anything more complicated than rails db:migrate
! So I made a gem that easily plugs into a rails app and makes it all a little easier.
Although most of this just forwards the commands directly to rails, one feature goes a step beyond. If you have ever pulled the latest changes on master only to find that somebody managed to merge a migration before you merged yours, you may be familiar with the dance of:
down
'ing your migrationThis gem lets you do all that with the press of a button (via the bring to top
option), so you don't need to break a sweat trying to merge your migration before somebody else beats you to the punch.
Add this line to your application's Gemfile:
gem 'lazy_migrate'
And then execute:
$ bundle install
Or install it yourself as:
$ gem install lazy_migrate
From within a rails console, go
LazyMigrate.run
You can also invoke lazy_migrate as a rake task either by adding the following to your Rails app Rakefile:
spec = Gem::Specification.find_by_name('lazy_migrate')
load "#{spec.gem_dir}/lib/tasks/lazy_migrate.rake"
Or by creating a rake task yourself like so:
# in lib/tasks/lazy_migrate.rake
# frozen_string_literal: true
require 'lazy_migrate'
namespace :lazy_migrate do
desc 'runs lazy_migrate'
task run: :environment do
LazyMigrate.run
end
end
After checking out the repo, run bin/setup
to install dependencies.
To install this gem onto your local machine, run bundle exec rake install
. To release a new version, update the version number in version.rb
, and then run bundle exec rake release
, which will create a git tag for the version, push git commits and tags, and push the .gem
file to rubygems.org.
We use Appraisal to test the gem against different rails version like so:
bundle exec appraisal
bundle exec appraisal rails_5_1_5 rspec
bundle exec appraisal rails_5_2_4_3 install
Bug reports and pull requests are welcome on GitHub at https://github.com/jesseduffield/lazy_migrate. If anybody wants this to work with the Data Migrate gem let me know, currently it's only for schema migrations. Hope you like types! Cos this gem uses Sorbet.
The gem is available as open source under the terms of the MIT License.
FAQs
Unknown package
We found that lazy_migrate demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.