Very reasonable other side to this story, which doesn’t come as much of a surprise. Too bad it didn’t hit the front page.
People went WAY too far WAY too fast on this. There HAS to be urgency to this, the software supply chain is presently, undeniably, under attack.
Frankly, everyone blasting RubyCentral the last few days should feel shame and embarrassment. These aren’t evil suits at Microsoft, they’re normal people invested in maintaining a critical piece of infrastructure for the good of all who love and profit from Ruby.
nightpool•32m ago
So Ruby Central, by their own admission, agreed to take $$$$$ of funding on the premise that they would "secure RubyGems against supply chain attacks", and then sat on their hands not doing anything about it until a few days before the deadline, when it was too late to seek community consensus or figure out a good transition plan. So they ended up screwing over everybody who was actually doing work on the project in favor of their own funding. And also they apparently used this as an opportunity to consolidate their power in other ways (renaming the github org) for reasons that were unrelated to the self-imposed deadline. How does this make them look better?
corytheboyd•49m ago
People went WAY too far WAY too fast on this. There HAS to be urgency to this, the software supply chain is presently, undeniably, under attack.
Frankly, everyone blasting RubyCentral the last few days should feel shame and embarrassment. These aren’t evil suits at Microsoft, they’re normal people invested in maintaining a critical piece of infrastructure for the good of all who love and profit from Ruby.