zlacker

[return to "Shopify, pulling strings at Ruby Central, forces Bundler and RubyGems takeover"]
1. 827a+zA[view] [source] 2025-09-23 18:03:26
>>bradge+(OP)
> To strengthen supply chain security, we are taking important steps to ensure that administrative access to the RubyGems.org, RubyGems, and Bundler is securely managed.

Ridiculously bold to say when what happened here was literally a malicious supply chain attack.

◧◩
2. jonny_+WD[view] [source] 2025-09-23 18:21:32
>>827a+zA
Malicious how? Was malicious code inserted? Serious question.
◧◩◪
3. 827a+eF[view] [source] 2025-09-23 18:27:20
>>jonny_+WD
Status quo administrators had their access revoked without their consent and without cause. That's malice.
◧◩◪◨
4. jonny_+vR[view] [source] 2025-09-23 19:36:11
>>827a+eF
That sounds more like "unfair" or "theft", not malice. Malice implies some kind of intent to harm or injure.
◧◩◪◨⬒
5. whizzt+GV[view] [source] 2025-09-23 19:55:35
>>jonny_+vR
If money makes them do things like this, what's stopping them from bundling Bonzi Buddy if Shopify is bought out by PE and starts cutting funding to "useless" stuff? (Yes, it's a hyperbolic example)
[go to top]