ROR Mandatory Upgrades Discussion List

I think you need something like this: http://www.svn2rss.com

But it would be nice, to build a simple site, something like
http://www.pogdesign.co.uk/cat/, but instead for svn commits instead
of tv series.

mmm ... that sounds to me like a debian package :stuck_out_tongue:

but ... i dont think a mailing list or feeds are good solutions for
this. Both aproaches need an extra effort from developers and for
users.

gem is good enough for this task, using version numbers to indicate
security fixes is what we should do, but for now gem is not smart
enough to do something like this:

$ gem --update --security [gem list / all by default ]

and gem should update all installed gems with only an increment in the
patch number. I mean, if there is a gem call mygem 2.0.0 and my gem
1.2.4, and you have installed mygem 1.2.3, using the security flag gem
should install 1.2.4 instead of 2.0.0 as gem actually do.