Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vendor data present #1

Open
mensfeld opened this issue Apr 27, 2022 · 1 comment
Open

Vendor data present #1

mensfeld opened this issue Apr 27, 2022 · 1 comment

Comments

@mensfeld
Copy link

Hey there,

My name is Maciej Mensfeld and I run security & quality assessment for Ruby libraries using Diffend.io.

While reviewing the changes for this lib, I noticed, that the vendor directory is being included.

Is this needed? Usually, it's added by mistake and causes:

a) confusion
b) problems when tracking changes
c) extensive library size

ref: LINK - see the vendor dir

Withouot vendor this package instead of 12MB would be around 35KB

If the presence of vendor data is valid I would love the reasoning. Thanks!
@mensfeld
Copy link
Author

This applies to all packages released to RubyGems yesterday

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mensfeld