Blog

PyPI monthly: IPython, pytest, cryptography and NumPy

Hey folks, JP from Gemnasium here for our monthly PyPI digest! If you want to get this in your inbox monthly, you can subscribe with the little popup at the bottom left or just here. Also, if you’re interested, we have similar blog series/newsletters for Ruby, Javascript and PHP. So, what’s new and worth your time this month? IPython 6.1 In case you missed it, 6.0+ is only compatible with Python 3.

npm monthly #2: Chai 4, ESLint 4, webpack 2.6 and 3, gulp-uglify 3 and jsdom 11!

Hey folks, JP from Gemnasium here for our monthly npm digest! If you want to get this in your inbox monthly, you can subscriber with the little popup at the bottom left or just here. Also, if you’re interested, we have similar blog posts for Ruby, Python and PHP. So, what’s new and worth your time this month? Chai 4 HUGE release for Chai. It’s faster, thanks to the rewritten deep equality code.

Rubygems Monthly: Sinatra 2, Bundler 1.15, Rubocop, CanCanCan 2, Devise, Puma and ActsAsTaggableOn 5

Hey folks, JP from Gemnasium with you here today. We started to do Rubygems Monthly and other similar ones for npm, PyPI, and PHP a month ago. Reception is great, so here’s the second edition! Before we dive right in, in case you missed it, we published a blog post yesterday called “How to deal with major Ruby on Rails upgrades (like moving from 4.1 to 5.1)” which is going through the framework we use for big app upgrades with the customers of our professional services (yes, we do some consulting!

How to deal with major Ruby on Rails upgrades (like moving from 4.1 to 5.1)

Who doesn’t like to build new apps? As much as it’s fun building new things, we also need to maintain and upgrade apps over time. Most people prefer to build new apps, and we can understand that. But we also like to maintain older apps. Make them fresh again. Part of the lifecycle of an app is upgrading dependencies to newer ones, especially when they get vulnerable to some security issues, or when you use versions that are not maintained anymore.

PHP packages monthly: PHPUnit 6, PHP_CodeSniffer 3, Silex 2.1, Swiftmailer 6, Symfony 3.3.0 RC1 and more!

Welcome to our first PHP package monthly! What’s this all about? Being a company that monitors people’s dependencies to help them keep their project safe and up to date, we have a lot of data about packages. We asked ourselves how we can use that data to be even more useful to our customers and the whole community. The answer? PHP package monthly. A monthly newsletter that will tell you about a handful of the most notable package updates of the last month.

PyPI monthly #1: Requests, Django, pytest, Coverage.py and more!

Welcome to the first edition of PyPI monthly! What’s this all about? Being a company that monitors people’s dependencies to help them keep their project safe and up to date, we have a lot of data about packages. We asked ourselves how we can use that to be even more useful to our customers and the whole community. The answer? PyPI monthly. A monthly newsletter that will tell you about a handful of the most notable package updates of the last month.

npm monthly, first edition: webpack, Sinon, async, Babel Loader and more!

Hey folks, JP from Gemnasium here. Welcome to our new npm monthly! The goal of npm monthly is to tell you about notable package releases of the last month. It’s far from exhaustive, but we select well-known packages that had releases worth talking about. Tell us what you think about it via the little chat widget at the bottom right or by sending me an email! Enough talking, let’s dive right in!

Notable Ruby gems releases: first edition!

Hey folks, JP from Gemnasium here. We decided to try something new, and we would love to know if you find that useful. Tell us via the little chat widget at the bottom right or by sending me an email! So, what is it? The idea is to send you regular emails (possibly a few times per month) with some notable gem updates. We only send those to people who have Ruby projects set up in Gemnasium.

Gemnasium supports Yarn (and what it is)

You might have heard of Yarn before. It’s a new package manager for JavaScript. Gemnasium now supports Yarn, and we have support for it coming in the next few days for Gemnasium Enterprise! You can get your dependencies monitored for all your JavaScript projects using Yarn now. We’ll notify you if you use an outdated npm package or one that has security vulnerabilities, with details on how to fix it.

Product update: what have we done recently and what are we planning?

Gemnasium has been helping a lot of people to keep their applications stay safe through dependency managements for 6 years now. In the last year, we worked hard but didn’t communicate remotely as well. We intend to change that with more frequent updates about what we do and what we plan. Let’s go through what’s been happening in the last year or so, and then talk about what’s coming.