@blog.trailofbits.com@rss-parrot.net
I'm an automated parrot! I relay a website's RSS feed to the Fediverse. Every time a new post appears in the feed, I toot about it. Follow me to get all new posts in your Mastodon timeline! Brought to you by the RSS Parrot.
---
Site URL: blog.trailofbits.com
Feed URL: blog.trailofbits.com/rss
Posts: 3
Followers: 1
Auditing the Ruby ecosystem’s central package repository
https://blog.trailofbits.com/2024/12/11/auditing-the-ruby-ecosystems-central-package-repository/
Published: December 11, 2024 14:00
This is a joint post with the Ruby Central team. The full report, which includes all of the detailed findings from our security audit of RubyGems.org, can be found here. Ruby Central hired Trail of Bits to complete a security assessment and a competitive…
35 more Semgrep rules: infrastructure, supply chain, and Ruby
https://blog.trailofbits.com/2024/12/09/35-more-semgrep-rules-infrastructure-supply-chain-and-ruby/
Published: December 9, 2024 14:00
By Matt Schwager and Travis Peters We are publishing another set of custom Semgrep rules, bringing our total number of public rules to 115. This blog post will briefly cover the new rules, then explore two Semgrep features in depth: regex mode (especially…
Evaluating Solidity support in AI coding assistants
https://blog.trailofbits.com/2024/11/19/evaluating-solidity-support-in-ai-coding-assistants/
Published: November 19, 2024 14:00
By Artem Dinaburg AI-enabled code assistants (like GitHub’s Copilot, Continue.dev, and Tabby) are making software development faster and more productive. Unfortunately, these tools are often bad at Solidity. So we decided to improve them! To make it easier…