Help gem authors mitigate unauthorized gem uploads

[Eliot Sykes]

Hi,

Relating to the malicious version of the bootstrap-sass gem that was uploaded to rubygems, what can gem authors do to mitigate and detect this kind of attack in the future?

https://snyk.io/blog/malicious-remote-code-execution-backdoor-discovered-in-the-popular-bootstrap-sass-ruby-gem/

Many thanks,

Eliot