In this episode of C4, Andrew Mason and Rachael Wright-Munn join Drew to unpack recent controversies surrounding Ruby Central and its alleged takeover of Ruby Gems and Bundler. The trio delves into the timeline of events, conflicting narratives, communication failures, and the underlying security concerns. They address theories and facts, scrutinize the governance of Ruby Central, and discuss the implications for the Ruby community. The episode emphasizes the importance of asking questions and seeking clarity, while advocating for a balanced and constructive approach to resolving the community's issues.Sources discussed*:Ellen's first post on the RubyGems controversy  A board member's perspective on the RubyGems controversyAn Update From Ruby Central (Video)Investigation (allegedly) reveals Shopify manipulated Ruby Central to force takeover of Bundler and RubyGemsStrengthening the Stewardship of RubyGems and BundlerMartin Emde's post on Bluesky Reddit post for "An update from Ruby Central"  Bundler Policies on GitHub  Ruby Central "About" page  Advocacy for Reduced Rails Usage  Alpha-Omega ProjectOrganization & Structure of Open Source Software Development Initiatives - Cyberlaw ClinicRuby Central News Post: Alpha-Omega supportStepSecurity: npm supply chain compromiseSocket: npm supply chain attackPalo Alto Networks Unit 42: npm supply chain attack* Some sources include unverified information being presented as fact. Read with caution.Send us some love. HoneybadgerHoneybadger is an application health monitoring tool built by developers for developers.JudoscaleAutoscaling that actually works. Take control of your cloud hosting.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Support the show

Ver todos los episodios