Known-leaky gems verification for bundler: `bundle leak` to check your app and find leaky gems in your Gemfile :gem::droplet:
The best tool to find leaky gems in your dependencies. Make sure memory leaks are not in your gem dependencies.
Audit a project's
$ bundle leak
Name: celluloid Version: 0.17.0 URL: https://github.com/celluloid/celluloid/issues/670 Title: Memory Leak using Celluloid::Future Solution: remove or disable this gem until a patch is available! Name: therubyracer Version: 0.12.1 URL: https://github.com/cowboyd/therubyracer/pull/336 Title: Memory leak in WeakValueMap Solution: upgrade to ~> 0.12.3 Unpatched versions found!
Update the ruby-mem-advisory-db that
$ bundle leak update
cd data/ruby-mem-advisory-db git pull origin main remote: Enumerating objects: 14, done. remote: Counting objects: 100% (14/14), done. remote: Compressing objects: 100% (4/4), done. remote: Total 9 (delta 5), reused 7 (delta 4), pack-reused 0 Unpacking objects: 100% (9/9), done. From github.com:rubymem/ruby-mem-advisory-db * branch main -> FETCH_HEAD 3254525..c4fc78e main -> origin/main Updating 3254525..c4fc78e Fast-forward README.md | 68 ++++++++++++++++++++------------------------------------------------ gems/therubyracer/336.yml | 4 ++++ 2 files changed, 24 insertions(+), 48 deletions(-)
Update the ruby-mem-advisory-db and check
Gemfile.lock(useful for CI runs):
$ bundle leak check --update
require 'bundler/plumber/task' Bundler::Plumber::Task.new
task default: 'bundle:leak'
$ gem install bundler-leak
./bin/setup# To populate data dir.
bundle exec rake
Copyright (c) 2019 OmbuLabs (hello at ombulabs.com)
Copyright (c) 2013-2016 Hal Brodigan (postmodern.mod3 at gmail.com)
bundler-leak is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
bundler-leak is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with bundler-leak. If not, see http://www.gnu.org/licenses/.
Everyone interacting in the bundler-leak project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.
bundler-leakis maintained and funded by FastRuby.io, inc. The names and logos for FastRuby.io are trademarks of FastRuby.io, inc.