zlacker

[return to "A board member's perspective of the RubyGems controversy"]
1. hyperp+ih3[view] [source] 2025-09-22 19:35:18
>>Qwuke+(OP)
A lot of people are arguing about whether locking down access was justified to resolve the security issues. I guess it's debatable.

But I don't see any excuse for not putting out a statement when you do it. You have to know there will be a fight, and you will look like the bad guy. Perhaps I could see directly communicating to the maintainers that you expect that they'll be reinstated. But to say nothing? To let the post by duckinator float around for days without having a "we did this because of security concerns, we want to work together and find a resolution..." It's incomprehensible that they thought this would go well.

◧◩
2. nenene+zs3[view] [source] 2025-09-22 20:34:43
>>hyperp+ih3
I mean imagine you are at work and you need to so this for SOC2 or something but dont tell your colleagues.
◧◩◪
3. daniel+jO3[view] [source] 2025-09-22 22:33:59
>>nenene+zs3
Firstly, you can tell them you’re working on SOC2 compliance, and secondly, those colleagues are getting paid in dollars, not doing it for the love of the work.
[go to top]