←back to thread

Ruby Central's Attack on RubyGems [pdf]

(pup-e.com)
659 points jolux | 2 comments | 19 Sep 25 08:09 UTC | HN request time: 0.456s | source
Show context
thomascountz ◴[19 Sep 25 14:09 UTC] No.45301861[source]
An update from Ruby Central: Strengthening the Stewardship of RubyGems and Bundler

https://rubycentral.org/news/strengthening-the-stewardship-o...

replies(13): >>45301914 #>>45301919 #>>45301946 #>>45302039 #>>45302069 #>>45302082 #>>45302089 #>>45302099 #>>45302120 #>>45302227 #>>45302468 #>>45305713 #>>45308969 #
corytheboyd ◴[19 Sep 25 14:44 UTC] No.45302227[source]
Aren’t supply chain attacks caused by package maintainer accounts being compromised? I suppose too many people with keys to the package repository itself is also liability, but those accounts being compromised just hasn’t been what is happening.
replies(1): >>45302567 #
krmbzds[dead post] ◴[19 Sep 25 15:14 UTC] No.45302567[source]
[flagged]
woodruffw ◴[19 Sep 25 15:25 UTC] No.45302677[source]
Your last sentence reads like a weird swipe: as best I can tell, there's no cultural war dimension to this whatsoever?
replies(1): >>45302955 #
krmbzds[dead post] ◴[19 Sep 25 15:48 UTC] No.45302955[source]
[flagged]
the_hangman ◴[19 Sep 25 17:40 UTC] No.45304353[source]
It's been a while but if memory serves me correctly the controversy at that time was actually about him unilaterally deciding that people at basecamp shouldn't be talking about politics in off-topic slack channels after people started trying to organize support for something he didn't agree with. IIRC something like 1/3 of the company quit at that time
replies(2): >>45304669 #>>45305644 #
1. zorpner ◴[19 Sep 25 18:11 UTC] No.45304669[source]
Specifically, it was in a meeting called by Jason Fried to address people who were concerned about the ongoing existence of an internal list of "funny customer names" (which by all accounts was extremely racist), in which Ryan Singer (who had reportedly previously posted a fair bit of politically right-wing content on internal forums -- those were all deleted when the "no politics at work" policy was rolled out) repeatedly asserted that white supremacy/privilege did not exist (he then resigned).

In the aftermath, DHH dug through old chat logs to find a time in the past when one of the people complaining about the list participated in a discussion about same without complaint, and posted it in a way that was visible to everyone saying that their prior participation meant that their current complaint was invalid.

Then they rolled out the no-politics-at-work policy in this post dated April 26 2021 -- I would encourage anyone interested in the specifics to read through the various versions and edits of this post made in the week following, all without noting that it was being actively changed: https://world.hey.com/jason/changes-at-basecamp-7f32afc5

replies(1): >>45305297 #
2. schneems ◴[19 Sep 25 19:14 UTC] No.45305297[source]
“No politics at work” except for Dave who spends company time posting political blog entries on his company built platform.

FWIW I captured a timeline of events in this post but a lot of the Twitter links are dead now. https://schneems.com/2021/05/12/the-room-where-it-happens-ho...