frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

RubyGems Fracture Incident Report

https://rubycentral.org/news/rubygems-fracture-incident-report/
45•schneems•3h ago

Comments

riffraff•1h ago
this is a good write up, I hope this really helps put the whole mess to rest.
thramp•52m ago
This is a disappointing look for Ruby Central. I have to get back to work, but their retroactive framing that Andre and Samuel's work on RV justified Ruby Central's subsequent actions is contradicted by their own admissions.

By their own admission, André is a contractor to Ruby Central. Contractors, especially under California law, have no contractual obligation of confidentiality to the other party unless there's a pre-existing agreement in place. They later admit in this "incident report" that they didn't have any legal agreements with André in place, so there's no basis for claiming André couldn't work on rv.

Samuel was an employee, not a contractor, but [California Bus. & Prof. Code § 16600](https://leginfo.legislature.ca.gov/faces/codes_displaySectio....) voids non-compete agreements—so even as an employee, he had every right to work on a competing project. There's no indication that he used Ruby Central's proprietary information to do so, and the report doesn't allege that. I have little doubt that if Samuel or André used proprietary information to develop rv, they would have already presented evidence of that.

Independent of the legalese, a "uv but for ruby" is a blindingly obvious thing to do, and Ruby Central doesn't get to lick the cookie and get upset when an independent contractor—Ruby Central's own characterization—does a thing they didn't fund.

My sourcing on this is that I run a 10-person business with employees in California. I'm not a lawyer, but I looked over enough of this paperwork that I feel confident opining on an internet forum.

busterarm•41m ago
uv is Astral's onramp to paying customers. Without uv's tight integration with Astral's other tooling that they want to charge for, they wouldn't be able to sell anything. Building a business around doing the same for Ruby may be within their rights, but it's absolutely a conflict of interest working or contracted by Ruby Central. Removing them was an obvious move.
tuckerman•33m ago
That wasn't my read of what the postmortem is claiming. I didn't see a claim that anyone did anything illegal with proprietary information and the only legal question anyone raised was around a tangentially related proposal with user data[1]. I think the question about working on competing work is unfortunately more grey than most on HN would like, but even then nobody was fired/terminated for that. It sounds like people voluntarily left.

My biggest takeaway from this is the intermingling of opensource work/foundations/companies and employees/contractors/volunteers needs to be incredibly explicit. It sounds like everyone had very different expectations about what this group of people was (ranging from an exclusive club of influential ruby developers to a very formal, business-like foundation) and, as a result, each other's actions seemed hostile/strange/confusing.

[1] I actually think the comments about the proposal of selling the user data does a disservice to the postmortem. I think it invokes a much more emotional reaction from the reader than anything else and, while potentially interesting, seems like dirty laundry that doesn't change the lesson the postmortem teaches.

Claude Code's source code has been leaked via a map file in their NPM registry

https://twitter.com/Fried_rice/status/2038894956459290963
1253•treexs•8h ago•667 comments

Cohere Transcribe: Speech Recognition

https://cohere.com/blog/transcribe
59•gmays•1h ago•14 comments

Axios compromised on NPM – Malicious versions drop remote access trojan

https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-t...
1619•mtud•14h ago•634 comments

Open source CAD in the browser (Solvespace)

https://solvespace.com/webver.pl
174•phkahler•5h ago•53 comments

Show HN: Forkrun – NUMA-aware shell parallelizer (50×–400× faster than parallel)

https://github.com/jkool702/forkrun
24•jkool702•4d ago•6 comments

GitHub Monaspace Case Study

https://lettermatic.com/custom/monaspace-case-study
60•homebrewer•2h ago•20 comments

Ollama is now powered by MLX on Apple Silicon in preview

https://ollama.com/blog/mlx
557•redundantly•14h ago•279 comments

Artemis II is not safe to fly

https://idlewords.com/2026/03/artemis_ii_is_not_safe_to_fly.htm
743•idlewords•15h ago•471 comments

Oracle slashes 30k jobs

https://rollingout.com/2026/03/31/oracle-slashes-30000-jobs-with-a-cold-6/
606•pje•3h ago•510 comments

From 300KB to 69KB per Token: How LLM Architectures Solve the KV Cache Problem

https://news.future-shock.ai/the-weight-of-remembering/
11•future-shock-ai•2d ago•0 comments

Good code will still win

https://www.greptile.com/blog/ai-slopware-future
19•dakshgupta•3h ago•23 comments

A Love Letter to 'Girl Games'

https://aftermath.site/a-love-letter-to-girl-games/
88•zdw•5d ago•65 comments

Combinators

https://tinyapl.rubenverg.com/docs/info/combinators
95•tosh•6h ago•26 comments

Audio tapes reveal mass rule-breaking in Milgram's obedience experiments

https://www.psypost.org/audio-tapes-reveal-mass-rule-breaking-in-milgram-s-obedience-experiments-...
144•lentoutcry•3d ago•89 comments

RubyGems Fracture Incident Report

https://rubycentral.org/news/rubygems-fracture-incident-report/
45•schneems•3h ago•4 comments

Accidentally created my first fork bomb with Claude Code

https://www.droppedasbaby.com/posts/2602-01/
6•offbyone42•10h ago•0 comments

Securing Elliptic Curve Cryptocurrencies Against Quantum Vulnerabilities [pdf]

https://quantumai.google/static/site-assets/downloads/cryptocurrency-whitepaper.pdf
12•jandrewrogers•1h ago•3 comments

Microsoft: Copilot is for entertainment purposes only

https://www.microsoft.com/en-us/microsoft-copilot/for-individuals/termsofuse
208•lpcvoid•3h ago•71 comments

Tell HN: Chrome says "suspicious download" when trying to download yt-dlp

195•joering2•2h ago•60 comments

What major works of literature were written after age of 85? 75? 65?

https://statmodeling.stat.columbia.edu/2026/03/25/what-major-works-of-literature-were-written-aft...
85•paulpauper•3d ago•54 comments

Claude Code users hitting usage limits 'way faster than expected'

https://www.theregister.com/2026/03/31/anthropic_claude_code_limits/
149•samizdis•5h ago•119 comments

Show HN: Loreline, narrative language transpiled via Haxe: C++/C#/JS/Java/Py/Lua

https://loreline.app/en/docs/technical-overview/
26•jeremyfa•3d ago•8 comments

Multiple Sclerosis

https://subfictional.com/multiple-sclerosis/
47•luu•4d ago•20 comments

Universal Claude.md – cut Claude output tokens

https://github.com/drona23/claude-token-efficient
420•killme2008•16h ago•151 comments

Ask HN: Academic study on AI's impact on software development – want to join?

12•research2026•55m ago•5 comments

The Claude Code Source Leak: fake tools, frustration regexes, undercover mode

https://alex000kim.com/posts/2026-03-31-claude-code-source-leak/
4•alex000kim•4h ago•0 comments

Google's 200M-parameter time-series foundation model with 16k context

https://github.com/google-research/timesfm
264•codepawl•12h ago•97 comments

RamAIn (YC W26) Is Hiring

https://www.ycombinator.com/companies/ramain/jobs/jezgwo5-ai-ml-research-engineer
1•svee•10h ago

Scotty: A beautiful SSH task runner

https://freek.dev/3064-scotty-a-beautiful-ssh-task-runner
11•speckx•1h ago•1 comments

South Polar Times

https://www.laphamsquarterly.org/roundtable/south-polar-times
4•Thevet•19h ago•0 comments