User:Pratyushgupta1994/sandbox

RubyGems is a package manager for the Ruby programming language that provides a standard format for distributing Ruby programs and libraries (in a self-contained format called a "gem"), a tool designed to easily manage the installation of gems, and a server for distributing them.

The interface for RubyGems is a command-line tool called gem which can install libraries and manage RubyGems. RubyGems integrates with Ruby run-time loader to help find and load installed gems from standardized library folders.Though it is possible to use a private RubyGems repository, the public repository is most commonly used for gem management. There are about 123,000 gems in the public repository with over 9.8 billion downloads.

The public repository helps users find gems, resolve dependencies and install them. RubyGems is bundled with the standard Ruby package as of Ruby 1.9.

History
Development on RubyGems started in November 2003 and was released to the public on March 14, 2004, or Pi Day 2004. In 2010, the default public repository for gems moved from http://gems.rubyforge.org to http://rubygems.org, which is still in use. RubyGems development was moved to GitHub. Though RubyGems has existed since Ruby 1.8, it was not part of the standard Ruby distribution until Ruby 1.9.

Previously, compatibility with RubyGems and Ruby varied. Many versions of RubyGems are almost fully incompatible with many versions of Ruby and some versions had key features unusable. For example, Ruby 1.9 came with RubyGems 1.3.7 in its standard distribution, but RubyGems 1.4.x was not compatible with Ruby 1.9. This meant that updating RubyGems on Ruby 1.9 was not possible until RubyGems 1.5.0 was released in 2011, two years after the first stable release of Ruby 1.9. These compatibility issues led to a rapid development of RubyGems, switching to a 4-6 week release schedule. This is reflected in there being 38 releases from 2004-2010 and 117 releases from 2011-2016. 45 versions were released in 2013, which is the highest number of releases in a year for RubyGems.

Gems
Gems are packages similar to Ebuilds. They contain package information along with files to install.

Gems are usually built from ".gemspec" files, which are YAML files containing information on Gems. However, Ruby code may also build Gems directly. Such a practice is usually used with Rake.

command
The  command is used to build, upload, download, and install Gem packages.

usage
RubyGems is very similar to apt-get, portage, yum and npm in functionality.

Installation: gem install mygem

A specific version of a gem can be installed using the  flag.

Uninstallation: gem uninstall mygem

Listing installed gems: gem list --local

Listing available gems, e.g.: gem list --remote

Create RDoc documentation for all gems: gem rdoc --all

Download but do not install a gem: gem fetch mygem

Search available gems, e.g.: gem search STRING --remote

package building
The gem command may also be used to build and maintain .gemspec and .gem files.

Build .gem from a .gemspec file: gem build mygem.gemspec

Structure of a gem
Every gem contains a name, version and platform. Gems work only on ruby designed for a particular platform based on CPU architecture and operating system type and version.

Each gem consists of: The code organization follows the following structure for a gem called gem_name:
 * 1) Code
 * 2) Documentation
 * 3) Gem specification (Gemspec)

gem_name/

├── bin/

│  └── gem_name

├── lib/

│  └── gem_name.rb

├── test/

│  └── test_gem_name.rb

├── README

├── Rakefile

└── gem_name.gemspec
 * The lib directory contains the code for the gem, and the test or spec directory is used for testing.
 * Rakefile is used by Rake to automate tests and generate code.
 * README includes the documentation, RDOC, for most gems.
 * Gem specification (gemspec) contains information about the author of the gem, time of creation and the purpose the gem serves.

Security Concerns
Since ruby gems run their own code in an application it may lead to various security issues due to installation of malicious gems. The creator of malicious gems may be able to compromise the user system or server.

A number of methods have been developed to counter the security threat:
 * Cryptographic signing of gems since RubyGems version 0.8.11. The gem cert and gem install commands are used for this purpose.
 * New signing models such as X509 and OpenPGP have been proposed and are actively being discussed among Ruby experts.