RubyGems disclosed on HackerOne: Bundler's RCE with response using...
In `GET /api/v1/dependencies`, which Bundler uses to check dependencies, the response is `Marshal.dump` instead of `JSON`.
https://github.com/rubygems/rubygems.org/blob/a6f78a01598592083850f15e262bbc09a85b0a70/app/controllers/api/v1/dependencies_controller.rb#L12
```ruby
respond_to do |format…
hackerone.com