A board member's perspective of the RubyGems controversy

The only reason why Ruby and other open source projects survive is because large companies can trust them to do the right thing. Given the critical nature of the supply chain attacks, what the board did was 100% right. Like he said, some people's egos got hurt but if no one can trust the maintainers, then Ruby has no future in the industry and it will die quickly.

This is basically like fixing technical debt. It's painful and it's political but sometimes you have to do the right thing for the community as opposed to trying to assuage individuals' egos.

I think you got things mixed up, open source projects survive because volunteers believe in them and want to contribute to them. Large companies rarely get involved, occasionally with some funding.

It sounds like they sold something to their donors they couldn't really guarantee – supply chain safety – and they decided to alienate their contributors to try to appease them.

Only time will tell if this was really damaging to the ruby community or just a temporary hurdle

Look at the core maintainers of Rails for example. Many are paid by Shopify and Basecamp, so it’s much more commercial than your regular open source project.

Which isn’t a bad thing that people get to contribute on company time.