(pup-e.com)

659 points jolux | 1 comments | 19 Sep 25 08:09 UTC | HN request time: 0.202s | source

Show context

thomascountz ◴[19 Sep 25 14:09 UTC] No.45301861[source]▶

An update from Ruby Central: Strengthening the Stewardship of RubyGems and Bundler

https://rubycentral.org/news/strengthening-the-stewardship-o...

replies(13): >>45301914 #>>45301919 #>>45301946 #>>45302039 #>>45302069 #>>45302082 #>>45302089 #>>45302099 #>>45302120 #>>45302227 #>>45302468 #>>45305713 #>>45308969 #

jmuguy ◴[19 Sep 25 14:28 UTC] No.45302069[source]▶

>>45301861 #

So essentially they randomly cut off a bunch of long time maintainers for some vague legal and/or security reasons. If there was real reason to do that in a hurry, that's what we need to see, not a corporate PR message.

replies(2): >>45305218 #>>45305953 #

1. awilson5454 ◴[19 Sep 25 19:06 UTC] No.45305218[source]▶

>>45302069 #

100%. I assumed this was inspired by the supply chain attack, but what a horrible way to address this. Reverting it back before revoking it a second time is even more bizarre. Severely mixed messages from leadership, perhaps?

↑

Ruby Central's Attack on RubyGems [pdf]