lawrencegripper · @lawrencegripper
121 followers · 298 posts · Server fosstodon.orgBlogged: Jitter to the start time of your #resque jobs in #ruby
https://blog.gripdev.xyz/2023/08/21/ruby-resque-jobs-and-jitter-with-resque-scheduler/
Steven Harman · @stevenharman
222 followers · 482 posts · Server ruby.socialIt's been years since I last used #DelayedJob. Like, the early 2010's or so? Back then it was a mix of DJ and #Resque. Then #Sidekiq came on the scene, I moved over pretty quickly.
Anyhow, the point is, I was under the impression that DelayedJob doesn't have a mechanism to recover from jobs that crash/SIGKILL’d (like, think OOM or something). And to be fair, DJ itself doesn't. But the ActiveRecord backend does, though it's not really advertised. https://github.com/collectiveidea/delayed_job_active_record/blob/97f26a3e1b82b338cd8270aad988c75b82ea5c86/lib/delayed/backend/active_record.rb#L57
#delayedjob #resque #sidekiq #ruby #rails #opensource
· @kradtour
58 followers · 258 posts · Server mastodon.social
CVE · @cve
349 followers · 1396 posts · Server infosec.exchangeCVE-2022-44303 Resque Scheduler version 1.27.4 is vulnerable to Cross-site scripting (XSS). A remote attacker could inject javascript code to the "{schedule_job}" or "args" parameter in /resque/delayed/jobs/{schedule_job}?args={args_id} to execute javascript at client side.
https://www.cve.org/CVERecord?id=CVE-2022-44303
http://resque.com
https://trungvm.gitbook.io/cves/resque/resque-1.27.4-multiple-reflected-xss-in-resque-schedule-job
#resque
#CVE_2022_44303
#bot
Lucas · @lucasdotcom
5 followers · 4 posts · Server ruby.socialI also am proud to have fixed some documentation in #resque, a self-hosted Redis-based background worker library.