Hey folks, JP from Gemnasium here. We decided to try something new, and we would love to know if you find that useful. Tell us via the little chat widget at the bottom right or by sending me an email! So, what is it? The idea is to send you regular emails (possibly a few times per month) with some notable gem updates. We only send those to people who have Ruby projects set up in Gemnasium.
Gemnasium has been helping a lot of people to keep their applications stay safe through dependency managements for 6 years now. In the last year, we worked hard but didn’t communicate remotely as well. We intend to change that with more frequent updates about what we do and what we plan. Let’s go through what’s been happening in the last year or so, and then talk about what’s coming.
Gemnasium has been around for a few years now, and we’re thankful to have such a huge impact on your projects, private or open source, and the community as a whole. Over the years, we have helped over 500 000 projects ensure that their dependencies are up to date and are not affected by known security issues on their dependencies. You read that right: 500 000. This gave us an incredible chance to talk with a lot of you and understand better your needs.
We’ve covered a lot of ground in this series of articles, and are now on the final chapter. We’ve looked at the reasons we decided to make the move from a monolithic app to a micro-services approach, the criteria we used to select our toolset, and how we implemented the transition. Finally, we want to share with you how we use our new architecture, and share some of the code we have been writing.
Genesis: Making the Transition For those who have been following this blog series, you’ll know of Gemnasium founder Philippe Lafoucrière’s visit to the WAQ conference in Quebec city, and his stint as guest speaker with Jean-Philippe Boily of Metrics Watch. This conversation provided the impetus for this blog series, which covers Gemnasium’s shift from a monolithic app to a micro-services approach. For those unfamiliar with the topics at hand, I recommend a review of the previous two entries.
Criteria for Architecture In this segment of our larger piece, we will cover the criteria we used to create and plan our architecture. Moving from a monolithic app to microservices isn’t just a matter of code, it is also and above all a question of architecture. Without a cohesive plan, and a strong understanding of the potential pitfalls and gains of a large transition such as this one, it is bound to falter.
Gemnasium’s founder, Philippe Lafoucrière, recently had the opportunity to attend and speak at the Web à Québec 2016 conference in Quebec City a month past. The WAQ conference, as it is known, is the largest gathering of francophone entrepreneurs in America, with guests arriving from not only Québec, but also France, Belgium, Africa, and the Caribbean. Because not everyone could attend the event, and the topic shared by Philippe is essentially part of Gemnasium’s life story, we thought our readers might find it of interest.
Gemnasium is proud to announce our new partnership with Node Security Project. Node Security Project(NSP) is an integral part of the Node.js community, dedicated to ensuring that security is a core priority for Node. The Node Security Project offers tools to ensure the security of Node projects, as well as a place to report new security threats, as well as the solutions to them. This partnership offers Gemnasium projects using npm (node package manager) the added protection of NSP security advisories.
Gemnasium has always been committed to providing value and ensuring our customers see return for their investment. This has led to some tinkering with our pricing model in the past, in order to ensure that our customers could get the features they wished, without paying more than necessary. Originally, our pricing model was based simply on private projects hosted on Github. In order to provide those with public projects access to premium features, we added an option to ‘buy’ features, labeled as ‘slots’.