From: mame@... Date: 2020-11-27T01:39:05+00:00 Subject: [ruby-core:101111] [Ruby master Feature#17303] Move webrick to bundled gems or remove it from stdlib Issue #17303 has been updated by mame (Yusuke Endoh). Thank you for your reply. I'm sorry but I cannot afford to hire you and have no bugdet. If I were a billionaire.. Anyway, you are not against the removal of WEBrick from Ruby package. If you are, let me know. This is my opinion. If you are willing to continue to maintain WEBrick, GitHub is not mandatory. We will keep WEBrick on GitHub, but I think we can transfer the source code to you everytime. You can maintain it in your own Git server and mailing list, like the unicorn project, if you want. And I hope so if possible. @matz, do you decide the removal of WEBrick? ---------------------------------------- Feature #17303: Move webrick to bundled gems or remove it from stdlib https://bugs.ruby-lang.org/issues/17303#change-88786 * Author: hsbt (Hiroshi SHIBATA) * Status: Open * Priority: Normal * Assignee: hsbt (Hiroshi SHIBATA) ---------------------------------------- I propose to move webrick to bundled gems or remove it from stdlib of ruby. We have several vulnerability issues in webrick gem. https://www.ruby-lang.org/en/news/2020/09/29/http-request-smuggling-cve-2020-25613/ The ruby core team don't have enough time to handle them. We should remove webrick from default gems at least. Patch for this feature: https://github.com/ruby/ruby/pull/3729 -- https://bugs.ruby-lang.org/ Unsubscribe: