zlacker

[return to "Ruby Central's Attack on RubyGems [pdf]"]
1. thomas+pH[view] [source] 2025-09-19 14:09:26
>>jolux+(OP)
An update from Ruby Central: Strengthening the Stewardship of RubyGems and Bundler

https://rubycentral.org/news/strengthening-the-stewardship-o...

◧◩
2. TehCor+xH1[view] [source] 2025-09-19 19:48:50
>>thomas+pH
> Moving forward, only engineers employed or contracted by Ruby Central will hold administrative permissions to the RubyGems.org service.

Several of the people removed are employees or contractors of Ruby Central. This doesn't pass the smell test. Not to mention it's post-facto in that they did all of this before notifying anyone.

◧◩◪
3. byroot+5K1[view] [source] 2025-09-19 20:01:54
>>TehCor+xH1
> Several of the people removed are employees or contractors of Ruby Central.

Who?

> Not to mention it's post-facto in that they did all of this before notifying anyone.

Isn't that pretty much the number one rule when restricting accesses? First remove accesses, then communicate?

◧◩◪◨
4. TehCor+nW1[view] [source] 2025-09-19 21:08:43
>>byroot+5K1
At least Ellen Dash. The author of the pdf the post links to.
[go to top]