Open net1957 opened 1 year ago
cfis
commented
1 year ago Ah - the 14.0.6 changes didn't get pushed to github (was on airplane when I did it). They are now pushed.
Both gems are fine, neither is yanked. 14.0.6 has a couple of bug fixes taken from the 13.0.* branch.
Not sure why RubyGems would say its yanked, not seeing that?
net1957
commented
1 year ago At this time, GitHub seems OK, but rubygems is already on the yanked page
cfis
commented
1 year ago Weird - it is definitely not yanked. See rubygems.org:
https://rubygems.org/gems/composite_primary_keys/versions/14.0.6
Not sure why diffend.io thinks it is.
Anyway, going to close this ticket since I'm not seeing anything to do. Reopen if you'd like.
net1957
commented
1 year ago perhaps resubmitting the gem to rubygems should trigger the rubygems vulnerability analysis and clear the mess?
cfis
commented
1 year ago Unfortunately, I don't think its possible to resubmit gems. You can only sumbit new gems (or yank old ones). Maybe contact diffend.io?
see https://my.diffend.io/gems/composite_primary_keys/14.0.5/14.0.6 or from https://rubygems.org/gems/composite_primary_keys/versions/14.0.6 and click on Review changes.
could you investigate about this issue. The git repository is at version 14.0.5
So i did install the 14.0.5 version, but I did that after I see the the version was going from 14.04 to 14.0.6. But not all users would do that.
Hope it's only a mistake with rubygems.