RubyGems · rubygems.org
bolognese
Rb Install Time Backticks: Backtick subshell or %x() shell-out — runs shell with interpolated input.
Why PkgRadar flagged 2.7.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Rb Install Time Backticks | Backtick subshell or %x() shell-out — runs shell with interpolated input. · bolognese.gemspec |
| medium | Remote Payload | matched "raw.githubusercontent.com" · lib/bolognese/utils.rb |
| medium | Remote Payload | matched "raw.githubusercontent.com" · lib/bolognese/writers/codemeta_writer.rb |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
2.7.0 | Review | 22 | 2026-05-27 |
Block this in CI
pkgradar gate --ecosystem rubygems [email protected]