Berkshelf v2 Outage and Intermittent Supermarket Unresponsiveness – Public Postmortem Meeting

Earlier today, we made Supermarket the official community site and the source of http://api.berkshelf.com. About 30 minutes after the transition to the new site was complete we started to get a few reports of issues with Berkshelf v2.x reporting errors. Additionally, about two hours after the transition was complete, we started to see an increase […]

Read More

COOK project moving to GitHub Issues

Ohai Chefs! Due to popular demand, Chef Software is moving its COOK project issue management away from JIRA and onto GitHub issues. This will help us streamline our contribution process, making it easier for the community to submit contributions to Chef maintained cookbooks. Chef maintained cookbooks have always been hosted on GitHub. However, unlike most […]

Read More

Chef & Rails CVE-2014-3482

At 17:11 UTC, the Rails security team publicized CVE-2014-3482 and CVE-2014-3483. In short, this vulnerability is related to the PostgreSQL adapater in ActiveRecord. A bug in the SQL quoting code could allow an attacker to carefully craft a request and execute a SQL injection. Only applications which query against bitstring or range type columns were […]

Read More

Changes to the Contributor License Agreement Process

With the soft-opening of Supermarket, we updated the process for signing a Contributor License Agreement, CLA. Supermarket has already started tracking CLAs. Unfortunately, because of the way this data has been stored in the past, we were not able to migrate the data. As a result, if you are a contributor, you will need to […]

Read More