Introducing bundler-leak: A simple way to find known memory leaks in your dependencies

In this blog post I will introduce bundler-leak -- A bundler plugin to find known memory leaks in your dependencies.

The bundler-leak plugin is a fork of the famous bundler-audit.

Just like bundler-audit, bundler-leak works thanks to a couple of community-driven, open source projects. The first one is called ruby-mem-advisory-db: a text-based database of gems with known memory leak issues. Bundler Leak will compare gems stored in this database against your Gemfile. For example:

Audit a project's Gemfile.lock:

    $ bundle leak

    Name: therubyracer
    Version: 0.12.1
    Title: Memory leak in WeakValueMap
    Solution: upgrade to ~> 0.12.3

    Unpatched versions found!

Here is a sample project where you can play with bundler leak

The second project is called A web application that will allow you to submit new leaky gems to the ruby-mem-advisory-db


We want to say thanks to all the contributors who contributed to bundler audit, it was a great inspiration for this plugin! If you want to learn more or contribute to bundler leak check the repository and submit an issue or PR.

Also thanks to the project that inspired the ruby-mem-advisory-db and all their contributors

Get the book