Contextually it might be relevant that Ruby Central said they wanted to have a Zoom call today to explain everything,
then cancelled it. This was their message.
"Hello Ruby Community, We recognize that our originally scheduled Q&A session overlaps with the observance of Rosh Hashanah and may not have been the best timing for many in our community. We sincerely apologize for the short notice of this change, especially since the session was set to take place tomorrow. In response to the feedback we’ve received, we’ve made the decision to postpone the session. A new date and time will be shared with you in the coming days. In the meantime, we invite you to watch this statement from our Executive Director. This update is intended to ensure everyone receives the same information and can view it at a time that works best for them."
Wow. I've seen less corpowashed decision making out of Microsoft. They set their house on fire, its burning down, but spraying water on it would get the curtains wet so we can't do that.
Ruby central was short for cash, Shopify used that to pressure them into a takeover of several core community repos like bundler so that Shopify can control those indirectly? Is that it?
What I don’t get is, what does Shopify get from this?
I’m assuming there’s a ton of reputational risk in this move, and my understanding as an outsider is that Shopify already has a ton of weight in the Ruby ecosystem - they seem to be the one case quoted by everyone as the “proof that Ruby scales”.
It’s easy to point at politics or people and some sinister motive. Maybe that’s what it is.
But don’t underestimate what can be accomplished through incompetence.
Shopify is a multi-billion dollar company that has processed over a trillion dollars. They are a high value target for sophisticated attackers. It’s entirely possible they are trying to accomplish some security and supply chain goals to protect their Ruby pipeline, but completely messed up the execution and did not predict the community interpretation and backlash.
We know very little about what happened between Shopify and Ruby Central. They said that they made no progress towards satisfying Shopify’s demands until they were 24 hours from the deadline, but not what those demands specifically were or why they failed to do anything. It’s possible that what they panickedly did at the last second wasn’t actually what Shopify had intended.
They are a multi-billion company that is highly dependent of RubyGems and a breach could ruin their business. So they have intrinsic reasons to support anything that keeps Ruby and Rails floating.
That makes sense but, to put it mildly, I am not whatsoever a fan of corporate controlled and directed OSS. I'm even less of a fan of it when it's effectively controlled by only one corporation. The temptation to play high-handed with the community, and with the future, is overwhelming and not one that corporations seem able to resist. One example: Chromium, which is now effectively worthless as a serious web browser with support for MV2 removed, thus meaning that uBlock Origin (and the like) no longer work, due to Google forcing the issue with MV3.
I don't see the controlling aspect materializing, except forcing Ruby Central to build a reliable organizational structure. There are companies that are way more involved in controlling projects. Cloud providers or CDNs that start to sponsor, but after a while lose interest unless specific adjustments are being made.
I doubt there will ever be a run-time dependency of rubygems with Shopify. I would be more alarmed if, say, Microsoft GitHub™, Google, Cloudflare would "step up to safe the project".
I suspect they underestimated the lashback. They wanted to make their changes whenever they wanted, to fit their specific needs. They didn't think twice about the community, so much so that they didn't consider the community might not stand for it.
And history ain't written. Who knows how this will hurt them.
From all I can observe, it does seem to have a sinister political undertone. In that, Ruby Central's collapse started because Sidekiq disagreed with them platforming dhh, and then Shopify (who has dhh as a board member, and whose CEO races with dhh) used the funding weakness to demand a purge of anyone they disagreed with.
As an aside, I imagine the discussion of this will be end up being... difficult, because people are tending not react to these sorts of things well.
>Ruby Central's collapse started because Sidekiq disagreed with them platforming dhh
I remember Ruby Central denied they ever tried to deplatform DHH. But now when they are platforming DHH Sidekiq wants out.
I honestly think it is may be way simpler. Shopify is willing to sponsor and put money into it but they also want it done ASAP, preferably now. They give a deadline and Ruby Central didn't think, plan or act until too late.
And the moment it was badly done, politics creeps in.
> who has dhh as a board member, and whose CEO races with dhh
Oh, so this is just dhh doing a hostile takeover of core ruby infrastructure where previously he had to try to work with people, now he can just tell people what he wants to be done, because they work for him.
There are arguably larger reputational risk issues in a company with significant financial/payment activities not having adequate control of their technology. I'm not saying that justifies anything here as I don't know nearly enough about, but I'd wager that even a minor incident arising from them not adequately controlling their stack would create infinitely more issues than this move.
If supply chain integrity is the issue specifically for Shopify, couldn’t they run their own private, internally facing gem repository and whitelist everything that goes there? It’s not a requirement to use the public rubygems.
They probably thought it would be easier to takeover rubygems than ensure every dev and every machine for every possible ruby tool could be and is pointed at the internal gem repository.
Let's be paranoid for a moment. What if there's a supply side attack on a gem used by Homebrew. That's basically installed on every dev machine, auto-updates automatically/silently, could have sudo, that no one would care or even know how to point at a private gem repository.
I too am scratching my head at this. If the problem is the outside community could be a risk, just do not drink from the firehose. Have processes in place to slowly vet and bring the outside world indoors.
Then again, that is not a very web scale suggestion.
That's not what I said. I was responding to the parent comment's statement that "I’m assuming there’s a ton of reputational risk in this move" by noting that, in relative terms, this likely isn't something people are paying attention to outside a very, very narrow universe.
> Ruby central was short for cash, Shopify used that to pressure them into a takeover of several core community repos like bundler so that Shopify can control those indirectly
Sounds like a variant of the xz takeover, but using money this time and in public.
I’ve always acted as a community-oriented person, so I feel it’s my duty to share what really happened, what the current state is, and why Ruby Central has failed in the eyes of the community. This is my perspective — and why I’m leaving Ruby Central by choice, but am being forced out of Bundler, RubyGems, and RubyGems.org.
fwiw... rubygems.org was one of the only open source projects I contributed to on a regular basis (albeit once every year or two) and it was always a positive experience. Sorry its gone this way for you and others.
This all reminds me of the feelings after Merb was put down after pressure from Engine Yard so they could guard against their Ruby on Rails hosting business.
> But not everyone felt so good about it. I worked for Engine Yard, and we had made our mark selling Ruby on Rails deployment to large customers like Groupon, Kongregate and Github. I got hired at Engine Yard in part because the company's founders were worried that Rails wouldn't make it long-term. They wanted to hedge against this possibility.
> Unfortunately for me, waging an all-out war against Ruby on Rails from inside of a company that makes its money selling Ruby on Rails deployment is a pretty bad life strategy.
> I don't know everything that went on behind the scenes, but Engine Yard's management eventually asked me to consider merging with Rails. If I'm being honest, they pushed me to consider merging with Rails.
I'm sure there were other reasons for the merge as well, and I don't want to take anything away from Yehuda and the decision he made at the time, but I was a volunteer at the first MerbConf just a couple months before the "merge" and it all felt very sudden and at odds with the direction the project was headed. I had my cynical take that EY was behind the move, but those were just my personal feelings. Honestly it was refreshing to read Yehuda's story 12 years later as it helped put some of the pieces together as to why.
This post jumps into the center of some controversy in a very unclear place. Is there a short (preferably neutral) summary of what this is all about somewhere?
DHH created Rails, but he didn't write Rails - a large community did. This is an attempt to be factual. Linus created Linux, but he didn't write Linux. Etc.
Criticizing an *individual* for stopping to *donate* is pointless.
Supporting Canadian truckers was a straw? And that somehow broke the camels back because of misogyny in slides and booth ads (showing a pretty girl?).
Because of this they lost a 250,000 sponsorship from sideiq which then gave leverage to shopify to takeover the community because of a fear of this rv tool.
In the end their communities purity tests lost them everything.
The solution is to design package managers around the uniform resource identifier: a way to locate online assets that is mostly (ignoring DNS) decentralised and better than having one org own all the packages.
Are there any reliable decentralized package distribution systems operating at within 2 orders of magnitude of that scale? How do they handle administrative issues such as malicious packages or name squatting? Standards updates? Enforcement of correct metadata? And all the other common things package indexes need to handle.
I'm clearly skeptical, but would be very interested in any real world success stories.
You can absolutely use bundler and gem without touching the rubygems servers. You can point to an alternate rubygems host (including one you run yourself), point to a git repo, or a local gem file source
This resembles the "monolith" vs "micro-services" discussion. If you spread the packages over thousands of domains, hosts, providers, reliability will be horrible. And it's uncontrollable. In theory, RubyGems could run code analyzers on all uploads to detected malware. Good look if you just haven an index of repositories/packages hosted elsewhere.
# From a specific branch
gem 'my_gem', git: 'https://github.com/user/my_gem.git', branch: 'development'
# From a specific tag
gem 'my_gem', git: 'https://github.com/user/my_gem.git', tag: 'v1.2.3'
# From a specific commit (ref)
gem 'my_gem', git: 'https://github.com/user/my_gem.git', ref: 'a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0'
Tangent: IMO this is why you keep your repos under your account, and don't give them over to a group acct. Unless you no longer want/care about control, or things like this happening. If that's the case and you've moved on or are OK with moving on, then do the group account.
As a complete outsider I mostly find myself wondering if there's legal recourse for those who were forced out (noting the clear distinction that one person was commenting on between the service owned by Ruby Central and the code that Ruby Central likely has no legal claim to).
How does this fit the EEE pattern? For reference, here is Wikipedia's description of EEE:
> "Embrace, extend, and extinguish" ... is a phrase that the U.S. Department of Justice found was used internally by Microsoft to describe its strategy for entering product categories involving widely used open standards, extending those standards with proprietary capabilities, and using the differences to strongly disadvantage its competitors.
Not every instance of corporate bad behavior in open source is EEE. Shopify isn't in competition with open source or potentially threatened by open source. They are not extending open standards or technology.
Maybe I'm being pedantic, but I'd rather not muddy the water with unhelpful, sloppy metaphors.
For some reason I always had a feeling about him. Perhaps I couldn’t understand why a guy that did so well in life like him found so much time to pick fights on Twitter. With the kind of money he had, I’d pay to be anonymous.
I've seen a lot of "formerly nice guys" falling. It's very hard to let people go and to deal with them if necessary (like using their project). To this date I can't understand why he went this route. He's successful, family guy, very rich. Why going after immigrants, poor, diverse people? Same with Musk. He's a prototype awkward guy yet he started a holy war against all DEI. WTF. Don't get it.
> There was the post where he described an ad featuring a plus-sized Black women as “grotesque” and celebrated the ads being replaced with ones featuring “blond babies”
It's very clearly written with ChatGPT's authorial voice. The very prominent sprinkling of bold intensifiers, the frequent organization of things into lists to make arguments, the use of emojis in the full context pages, the overwhelming use of em dash to structure sentences, overuse of "it's <whatever> — not <whatever>" type cliches, etc.
It's likely because he's not a native English speaker, hence the perfect grammar and spelling in the contents of the gist, but the obvious grammatical error in the title ("Why I leave Ruby Central") that he likely typed himself.
Given his reason for doing it (non-native speaker), I don't think it's fair to really criticize him for it, but if you can't spot this as AI writing, then you might want to do some research on how to do so.
> indirectly say that the person who wrote the piece is a bad writer
or a good writer. A lot of the so-called tells are things that are more likely to be done by professional writers under the care of a professional editor. For example, many people assume the presence of an em dash means text was written by an LLM, when obviously LLMs did not invent punctuation marks.
Good writers who used em dashes before AI tend to use them the traditional way—with no space around them and to emphasize a parenthetical. AI uses it with spaces around it — as an all-purpose conjunction.
I used to think people here didn't really use them before AI, but I actually downloaded a dataset of all comments over like a decade or so and counted the number of comments with an em dash, and it didn't actually change much around 2022-2023 like I had expected.
It's the spacing that's usually the giveaway to me, as well as the fact that it's not as common for people to use them like semicolons. They use them for parenthetical clauses more often. Any time I see them used with spaces as a general purpose conjunction, THAT'S when I think AI.
I have a very conversational way of writing partially because I do voice to text a lot, so the em dash just “feels” better to me than a semicolon typically.
Not sure why you think this is relevant. The issue is about Ruby Central's failure to make a coherent statement or mea culpa, which the Github post does. AI influence is incidental.
It’s not relevant but that’s the only way wannabe writers can make themselves feel good about not contributing.
Imagine discovering the accounting fraud at Exxon back in 2000s and using calculator to prove it, only for people to discount you because you used calculator and didn’t calculate it yourself.
I got off the Ruby and Rails trains ages ago (around the time that Rails changed the package management solution it used; that convinced me the whole project was not in its "adults in the room" phase yet and I couldn't be bothered to keep up with a project that would require me to pay attention to it every quarter instead of putting a project down for a year and having it mostly work when I picked it up again). Sad to say this kerfluffle hasn't exactly shifted my opinion of the ecosystem.
Open source is about licensing and not about governance. There are plenty of open source projects where the owner is a dictator. In this case the owner of the github organization has control over who is a part of it and who has permissions within it.
Open Source as a licensing approach, sure, but that’s the narrow definition. The broader definition is inclusive of group culture, decision-making practices, tone of communication, and a lot more.
When someone says “open source,” that’s often shorthand for the broader definition.
it was never clear what the niche of Ruby was other than being a modernish scripting language for non-critical web dev. I remember Ruby on Rails becoming trendy for web startups with inexperienced programmers (I was one of them) to prototype things in because Active Record was a simple ORM for its time, outside of that there wasn't much other justification for the stack and since the proliferation of similar easy-to-use frameworks in other languages it hasn't been necessary
The proliferation of frameworks came about from the ideas and design of Ruby on Rails. MVC and ORM had been around before web apps, but it was not consistently used in a web framework until Rails. Convention-over-configuration, “nested doll pattern”, and Rack protocol were all ideas widely ported and copied into other language platforms and frameworks.
Also, ActiveRecord gained significant capabilities with named scopes, something that isn’t as widely copied.
Finally, Ruby itself lends itself well to writing DSLs, something that Javascript and TypeScript sucks at, but sometimes I still see people try and fail.
To be fair, it is my personal opinion that there has not been anything substantially innovative since Rails 5. The features I have seen since is better done with Elixir/Phoenix, mainly because the BEAM runtime makes better concurrency primitives available.
WebObjects was rewritten from ObjC to Java in the 2000s. EOF, the ORM layer it shared with NeXTSTEP/OPENSTEP, was rewritten as Core Data and released in Mac OS X Tiger.
WebObjects was demo'd in 1995, and Version 1.0 was released in March 1996, by NeXT (Steve Jobs and crew). In 1997 when Apple bought NeXT and made Jobs its CEO again, it became part of Apple who open sourced it in 2006 and maintained it until 2009 (it powered iTunes, among other things).
Ruby Central should have been more involved in the development of rubygems (software) in the past and establish a community and contribution guideline, to secure the project, secure funding, maybe separating concerns (infrastructure, conferences, etc.)
However, taking away funding as retaliation for a conference talk is offensive, too. In the end facts (money) made the decision. I don't think Shopify has bad intentions.
Clearly, it's about the racists tweets and blog posts one prominent member of Rails has made. And the community needs to address this in a clear way. Not with boycotting the wrong parties, especially an infrastructure provider of our community. Thank you Sidekiq for supporting RubyGems in the past, but pulling the plug was not the best move for the community.
The offensive statement from the 'rv' readme is clearly alarming. Shopify, as every other Ruby user, is highly dependent of a working rubygems infrastructure. I can fully understand their motivation, to clarify the situation and to implement rules and separation of concerns. However, it's clear, that the whole process was a disaster in communication, planning, execution by Ruby Central.
Chances are, this will make rv into a bigger success. Assuming the rv developers delivers on their promises. (I tried using their first version on launch only to find that the features I wanted have not been written yet).
They want Andre gone and won't allow him back according to the gist and this started because of the August 26 release where shopify starts worrying about security.
The tool looks to replace gems and it's ecosystem.
An individual decided to stop donating 250k to an organization because he felt strongly about actions taken by the organization. How is this offensive?
To my knowledge: Sidekiq is the lead project of Contributed Systems LLC.
Ruby Central also announced to end the "RailsConf" series after this year.
I fully understand and support to be angry about and cut all ties to the 3-letter-guy, but I think this Ruby Central/Rubygems issue is a case of "friendly fire".
"Hello Ruby Community, We recognize that our originally scheduled Q&A session overlaps with the observance of Rosh Hashanah and may not have been the best timing for many in our community. We sincerely apologize for the short notice of this change, especially since the session was set to take place tomorrow. In response to the feedback we’ve received, we’ve made the decision to postpone the session. A new date and time will be shared with you in the coming days. In the meantime, we invite you to watch this statement from our Executive Director. This update is intended to ensure everyone receives the same information and can view it at a time that works best for them."
Ruby central was short for cash, Shopify used that to pressure them into a takeover of several core community repos like bundler so that Shopify can control those indirectly? Is that it?
I’m assuming there’s a ton of reputational risk in this move, and my understanding as an outsider is that Shopify already has a ton of weight in the Ruby ecosystem - they seem to be the one case quoted by everyone as the “proof that Ruby scales”.
Shopify is a multi-billion dollar company that has processed over a trillion dollars. They are a high value target for sophisticated attackers. It’s entirely possible they are trying to accomplish some security and supply chain goals to protect their Ruby pipeline, but completely messed up the execution and did not predict the community interpretation and backlash.
I doubt there will ever be a run-time dependency of rubygems with Shopify. I would be more alarmed if, say, Microsoft GitHub™, Google, Cloudflare would "step up to safe the project".
And history ain't written. Who knows how this will hurt them.
As an aside, I imagine the discussion of this will be end up being... difficult, because people are tending not react to these sorts of things well.
I remember Ruby Central denied they ever tried to deplatform DHH. But now when they are platforming DHH Sidekiq wants out.
I honestly think it is may be way simpler. Shopify is willing to sponsor and put money into it but they also want it done ASAP, preferably now. They give a deadline and Ruby Central didn't think, plan or act until too late.
And the moment it was badly done, politics creeps in.
Oh, so this is just dhh doing a hostile takeover of core ruby infrastructure where previously he had to try to work with people, now he can just tell people what he wants to be done, because they work for him.
Let's be paranoid for a moment. What if there's a supply side attack on a gem used by Homebrew. That's basically installed on every dev machine, auto-updates automatically/silently, could have sudo, that no one would care or even know how to point at a private gem repository.
Then again, that is not a very web scale suggestion.
Sounds like a variant of the xz takeover, but using money this time and in public.
This all reminds me of the feelings after Merb was put down after pressure from Engine Yard so they could guard against their Ruby on Rails hosting business.
> But not everyone felt so good about it. I worked for Engine Yard, and we had made our mark selling Ruby on Rails deployment to large customers like Groupon, Kongregate and Github. I got hired at Engine Yard in part because the company's founders were worried that Rails wouldn't make it long-term. They wanted to hedge against this possibility.
> Unfortunately for me, waging an all-out war against Ruby on Rails from inside of a company that makes its money selling Ruby on Rails deployment is a pretty bad life strategy.
> I don't know everything that went on behind the scenes, but Engine Yard's management eventually asked me to consider merging with Rails. If I'm being honest, they pushed me to consider merging with Rails.
I'm sure there were other reasons for the merge as well, and I don't want to take anything away from Yehuda and the decision he made at the time, but I was a volunteer at the first MerbConf just a couple months before the "merge" and it all felt very sudden and at odds with the direction the project was headed. I had my cynical take that EY was behind the move, but those were just my personal feelings. Honestly it was refreshing to read Yehuda's story 12 years later as it helped put some of the pieces together as to why.
The funny thing about inventing a language you love, is you spend your career writing C rather than actually writing code in the language you love.
People are not logs floating helplessly in a river. People take decisions and make things happen. They create and run the process, not viceversa.
The critique must be directed at people.
[0] https://press.uchicago.edu/ucp/books/book/chicago/U/bo252799...
DHH created Rails, but he didn't write Rails - a large community did. This is an attempt to be factual. Linus created Linux, but he didn't write Linux. Etc.
Criticizing an *individual* for stopping to *donate* is pointless.
0. https://www.platformer.news/-what-really-happened-at-basecam...
Because of this they lost a 250,000 sponsorship from sideiq which then gave leverage to shopify to takeover the community because of a fear of this rv tool.
In the end their communities purity tests lost them everything.
Beyond that, Mike (author of Sidekiq) is more than welcome to withdrawal his funding as he wishes. That’s how this works.
Are there any reliable decentralized package distribution systems operating at within 2 orders of magnitude of that scale? How do they handle administrative issues such as malicious packages or name squatting? Standards updates? Enforcement of correct metadata? And all the other common things package indexes need to handle.
I'm clearly skeptical, but would be very interested in any real world success stories.
Would it be compatible with specifying urls (such as git repos)?
Shopify, pulling strings at Ruby Central, forces Bundler and RubyGems takeover
https://news.ycombinator.com/item?id=45348390
Ruby Central's Attack on RubyGems
https://news.ycombinator.com/item?id=45299170
A board member's perspective of the RubyGems controversy
https://news.ycombinator.com/item?id=45325792
I guess the only lesson here is trust no one and keep your repos under your account.
> "Embrace, extend, and extinguish" ... is a phrase that the U.S. Department of Justice found was used internally by Microsoft to describe its strategy for entering product categories involving widely used open standards, extending those standards with proprietary capabilities, and using the differences to strongly disadvantage its competitors.
Not every instance of corporate bad behavior in open source is EEE. Shopify isn't in competition with open source or potentially threatened by open source. They are not extending open standards or technology.
Maybe I'm being pedantic, but I'd rather not muddy the water with unhelpful, sloppy metaphors.
Did they do that?
> London is no longer the city I was infatuated with in the late '90s and early 2000s. Chiefly because it's no longer full of native Brits [1]
[1] https://world.hey.com/dhh/as-i-remember-london-e7d38e64
He also has a history of this kind of posting
> There was the post where he described an ad featuring a plus-sized Black women as “grotesque” and celebrated the ads being replaced with ones featuring “blond babies”
It's likely because he's not a native English speaker, hence the perfect grammar and spelling in the contents of the gist, but the obvious grammatical error in the title ("Why I leave Ruby Central") that he likely typed himself.
Given his reason for doing it (non-native speaker), I don't think it's fair to really criticize him for it, but if you can't spot this as AI writing, then you might want to do some research on how to do so.
or a good writer. A lot of the so-called tells are things that are more likely to be done by professional writers under the care of a professional editor. For example, many people assume the presence of an em dash means text was written by an LLM, when obviously LLMs did not invent punctuation marks.
It's the spacing that's usually the giveaway to me, as well as the fact that it's not as common for people to use them like semicolons. They use them for parenthetical clauses more often. Any time I see them used with spaces as a general purpose conjunction, THAT'S when I think AI.
I’ve used them, with spaces, for decades. Minus-minus in plain text, and autocorrect reads that nicely.
I sometimes use an em-dash, but mostly in LaTeX: they’re too awkward in plain text.
I use ellipses too …
I got off the Ruby and Rails trains ages ago (around the time that Rails changed the package management solution it used; that convinced me the whole project was not in its "adults in the room" phase yet and I couldn't be bothered to keep up with a project that would require me to pay attention to it every quarter instead of putting a project down for a year and having it mostly work when I picked it up again). Sad to say this kerfluffle hasn't exactly shifted my opinion of the ecosystem.
Open source is about licensing and not about governance. There are plenty of open source projects where the owner is a dictator. In this case the owner of the github organization has control over who is a part of it and who has permissions within it.
When someone says “open source,” that’s often shorthand for the broader definition.
Also, ActiveRecord gained significant capabilities with named scopes, something that isn’t as widely copied.
Finally, Ruby itself lends itself well to writing DSLs, something that Javascript and TypeScript sucks at, but sometimes I still see people try and fail.
To be fair, it is my personal opinion that there has not been anything substantially innovative since Rails 5. The features I have seen since is better done with Elixir/Phoenix, mainly because the BEAM runtime makes better concurrency primitives available.
WebObjects and EOF were the MVC and ORM frameworks powering Disney (Go.com) almost a decade before Rails existed.
A decade before Rails puts it in 1995. Do you have some resources on this? I like looking into the history of tech.
WebObjects was rewritten from ObjC to Java in the 2000s. EOF, the ORM layer it shared with NeXTSTEP/OPENSTEP, was rewritten as Core Data and released in Mac OS X Tiger.
It really occupies the same niche that Python does, but personally I find ruby more pleasant to work with in every way.
Ruby on Rails
Chef
---
Some of the largest websites in the world run on Ruby: GitHub and Shopify.
However, taking away funding as retaliation for a conference talk is offensive, too. In the end facts (money) made the decision. I don't think Shopify has bad intentions.
Clearly, it's about the racists tweets and blog posts one prominent member of Rails has made. And the community needs to address this in a clear way. Not with boycotting the wrong parties, especially an infrastructure provider of our community. Thank you Sidekiq for supporting RubyGems in the past, but pulling the plug was not the best move for the community.
The losing of sponsorships because of the talk is what gave shopify leverage. And they used it.. out of fear over the rv tool.
Where are you getting that Shopify fears rv?
The tool looks to replace gems and it's ecosystem.
rv builds on André's reputation. The best way to squander it would be to attack the rubygem infrastructure.
I fully understand and support to be angry about and cut all ties to the 3-letter-guy, but I think this Ruby Central/Rubygems issue is a case of "friendly fire".