Product
Announcing Precomputed Reachability Analysis in Socket
Socket’s precomputed reachability slashes false positives by flagging up to 80% of vulnerabilities as irrelevant, with no setup and instant results.
By Martin Torp - Jul 30, 2025
You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
owasp-esapi-ruby
= The Owasp ESAPI Ruby project
== Introduction
The Owasp ESAPI Ruby is a port for outstanding release quality Owasp ESAPI project to the Ruby programming language.
Ruby is now a famous programming language due to its Rails framework developed by David Heinemeier Hansson (http://twitter.com/dhh) that simplify the creation of a web application using a convention over configuration approach to simplify programmers' life.
Despite Rails diffusion, there are a lot of Web framework out there that allow people to write web apps in Ruby (merb, sinatra, vintage) [http://accidentaltechnologist.com/ruby/10-alternative-ruby-web-frameworks/]. Owasp Esapi Ruby wants to bring all Ruby deevelopers a gem full of Secure APIs they can use whatever the framework they choose.
== Why supporting only Ruby 1.9.2 and beyond?
The OWASP Esapi Ruby gem will require at least version 1.9.2 of Ruby interpreter to make sure to have full advantages of the newer language APIs.
In particular version 1.9.2 introduces radical changes in the following areas:
=== Regular expression engine (to be written)
=== UTF-8 support Unicode support in 1.9.2 is much better and provides better support for character set encoding/decoding
- All strings have an additional chunk of info attached: Encoding
- String#size takes encoding into account – returns the encoded character count
- You can get the raw datasize
- Indexed access is by encoded data – characters, not bytes
- You can change encoding by force but it doesn’t convert the data
=== Dates and Time From "Programming Ruby 1.9"
"As of Ruby 1.9.2, the range of dates that can be represented is no longer limited by the under- lying operating system’s time representation (so there’s no year 2038 problem). As a result, the year passed to the methods gm, local, new, mktime, and utc must now include the century—a year of 90 now represents 90 and not 1990."
== Roadmap
Please see ChangeLog file.
== Note on Patches/Pull Requests
- Fork the project.
- Create documentation with rake yard task
- Make your feature addition or bug fix.
- Add tests for it. This is important so I don't break it in a future version unintentionally.
- Commit, do not mess with rakefile, version, or history. (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull)
- Send me a pull request. Bonus points for topic branches.
== Copyright
Copyright (c) 2011 the OWASP Foundation. See LICENSE for details.
FAQs
Unknown package
We found that owasp-esapi-ruby demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 09 Mar 2011
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket Now Protects the Chrome Extension Ecosystem
Socket is launching experimental protection for Chrome extensions, scanning for malware and risky permissions to prevent silent supply chain attacks.
By Mix Irving, Alexandros Kapravelos, Eli Insua - Jul 30, 2025
Product
Introducing Socket MCP for Claude Desktop
Add secure dependency scanning to Claude Desktop with Socket MCP, a one-click extension that keeps your coding conversations safe from malicious packages.
By Alexandros Kapravelos - Jul 29, 2025