| ▲ | Shopify, pulling strings at Ruby Central, forces Bundler and RubyGems takeover(joel.drapper.me) |
| 354 points by bradgessler 6 hours ago | 173 comments |
| |
|
| ▲ | mtlynch 2 hours ago | parent | next [-] |
| >Sidekiq withdrew its $250,000/year sponsorship for Ruby Central Whoa! I'm blown away that Sidekiq has enough money in the bank that one of their sponsorships is $250k/yr! Sidekiq the company (actually ContribSys) is just one guy: Mike Perham.[0] I listened to an interview with Mike a few years ago, and he seemed like he had an amazing setup. He was making about $1M/yr with no employees, just him selling code and contributing to open-source. I don't think he even has servers to keep online. According to this podcast from 2023, he's now making close to $10M/yr in revenue and is still just running the whole thing by himself.[0] Great life for a solo dev founder! [0] https://ruby.social/@getajobmike [1] https://www.startupsfortherestofus.com/episodes/episode-661-... |
|
| ▲ | JohnBooty 3 hours ago | parent | prev | next [-] |
| This is a great account of "what." I'm still struggling to understand the "why." (That's not an implicit criticism of the article, which is extremely appreciated because it's neutral and factual) I've been away from Ruby for a few years but Shopify always seemed like a huge net positive, sponsoring lots of valuable work on both Ruby and Rails. I never followed Ruby community happenings very closely but I'm not aware of negative feelings towards their community role in the past. |
| |
| ▲ | tyre 3 hours ago | parent | next [-] | | Plus one. Reading through this, I’m not sure what the fear is of Shopify taking a larger role. They’ve been strong contributors to Ruby for a really long time. Not that I agree with the actions, but I can’t parse what nefarious motives they might have from this article. | | |
| ▲ | Etheryte 3 minutes ago | parent | next [-] | | Replace Shopfiy with Microsoft, Oracle or etc and surely you can see what worries people might have around a move like this. Just because a company has a positive imago does not mean that their motives align with that of the community. | |
| ▲ | LightBug1 an hour ago | parent | prev [-] | | Aren't they a profit motivated company? I'm not necessarily saying that's a bad thing. But it inevitably means they will not always be aligned. | | |
| ▲ | hibikir an hour ago | parent [-] | | Anon profit, or even a random person, has their own motivations too that will not be aligned. Linus was herding cats in the kernel back when few contributors were paid by corporations to do it. Anyone that has spent any time on a large-ish OSS project has seen bad maintainers with poor incentives, as seen from the outside |
|
| |
| ▲ | rancor 3 hours ago | parent | prev | next [-] | | It took a fair amount of reading between the lines, but here's what appears to have happened:
1) People and entities with partial control over RubyGems attempted to cancel DHH.
2) In response, elements aligned with DHH kicked the former out of RubyGems.
3) Everyone involved is now attempting to legitimize their motives as "good engineering." In other words, "When you play the game of thrones, you win or you die." | | |
| ▲ | johntdaly an hour ago | parent [-] | | Thank you, this explains it for me. The situation is still stupid tough... | | |
| ▲ | rancor an hour ago | parent [-] | | Yeah, it's a bad scene, the Ruby community isn't nearly big enough to sustain major fractures. |
|
| |
| ▲ | mvdtnz 3 hours ago | parent | prev | next [-] | | It sounds to me like some organizations pulled funding because they think DHH is a big meany. On top of the get serious concerns around supply chain safety. Shopify, being the adult in the room and having a hard dependency on these components, decided to step up and take control because their business depends on it. | | |
| ▲ | sanderjd 2 hours ago | parent | next [-] | | The confusing thing to me about Shopify's role in this - assuming this reporting is accurate - is that if they think having a dependency on open source infrastructure like this is an existential threat, then you would think the solution is to do their own work to break that dependency, not to throw their weight around in this public and dramatic way. | | |
| ▲ | shadowgovt 11 minutes ago | parent [-] | | If they can just consolidate control of the supply chain, they don't have to spend the eng-hours replacing their open source dependencies and/or forking them for internal maintenance. It's the kind of thing that can be the net cheapest option in the long run (see also: Facebook creating and open-sourcing one of the most popular JavaScript interactive-UI frameworks, resulting in them having control of that ecosystem). | | |
| ▲ | sanderjd a few seconds ago | parent [-] | | Seems like a much riskier move to me. Maybe this will just blow over and it will all work out for them, but I wouldn't feel certain of that outcome if I were them. Agreed that if they had created and fully controlled the whole thing from the start, like your Facebook example, that would make more sense. But this aggressive addition of a new owner and removal of existing owners and maintainers seems very hostile and risky to me. |
|
| |
| ▲ | watwut an hour ago | parent | prev [-] | | It does not sound like Shopify were adults in the room. Sounds like they were the assholes essentially stealing in the room. Pulling funding is legitimate step on the other hand. | | |
| ▲ | shadowgovt 10 minutes ago | parent [-] | | They saw an opportunity and they took it. Companies don't have morals. Too many people in the room, generally, for such a concept to make sense. They have goals, means, and constraints. |
|
| |
| ▲ | X0nic 2 hours ago | parent | prev [-] | | The "what" seems to be purely a reaction to this article DHH posted: https://world.hey.com/dhh/as-i-remember-london-e7d38e64 Apparently, the reason is having an incorrect opinion. | | |
| ▲ | rockyj an hour ago | parent | next [-] | | This article is just so politically charged and opinionated that it is hard to believe that it is coming on a "tech blog". Not to mention, a while back the very same company wanted its employees to have no political discussions at workplace in a widely published article. | | |
| ▲ | petralithic 9 minutes ago | parent [-] | | It's not a tech blog, it's his personal blog, and it's quite in line with that company post previously; advocate for whatever policies you want on your own time and platform but not on the company's, and since this is his personal blog, he is doing exactly that. |
| |
| ▲ | JohnBooty 2 hours ago | parent | prev | next [-] | | As far as I can tell, the direct chain of events preceding this coup-like event was: Ruby Central hosts DHH at RailsConf in July --> Sidekiq withdraws funding from Ruby Central --> Ruby Central is essentially entirely dependent on Shopify. The "what" seems to be purely a reaction to this article DHH posted:
Strictly speaking, DHH's September blog post could not have driven this unless there was a time machine involved. However, DHH has made some contentious political statements in the past so perhaps what you're saying is true in a larger sense.It's certainly possible that Shopify's actions had nothing to do with either side's politics in particular, and they decided it was simply safer for them to control Ruby Cental and RubyGems rather than rely on an independent organization with unstable funding (that they were basically solely funding anyway according to the article) I don't love that outcome. As a Ruby fan, I don't want Ruby or bits of its infrastructure controlled by a particular organization. | |
| ▲ | testdelacc1 an hour ago | parent | prev [-] | | It’s pretty galling to see someone who’s never lived in London talk mad shit about it. London is my home, not DHH’s. He knows fuck all, which is why he repeats tired, overcooked falsehoods. What he’s saying is that he only considers white British to be legitimately British. He would look at former Prime Minister Rishi Sunak and current Mayor Sadiq Khan and dismiss them as insufficiently British. Too much melanin I guess. He’s even excluded white people from elsewhere who were born in Britain if they have a non-British ancestor. So according to DHH and his ilk Nigel Farage’s children wouldn’t be counted as white British despite having white mothers (Irish and German), being born to a British father in Britain and living all their lives in Britain. What the fuck is the point of dividing people like this? “Just an opinion” my ass. DHH and people like him are dehumanising my fellow Londoners. | | |
| ▲ | shadowgovt 3 minutes ago | parent | next [-] | | [delayed] | |
| ▲ | izacus 20 minutes ago | parent | prev | next [-] | | I actually accidentally walked into that protest while doing touristy stuff in London that weekend (yeah, great weekend to choose) and first it looked weird having all those people waving British and English flags walking around.... and then I noticed many wore shirts with "Make Britain White Again" (sic) slogans and unironically wearing "Make Britain Great Again" hats. Whatever that thing was, it was about as peaceful as "Truth Rallies" Milošević organized before the whole 1990s war in Balkans went down. DHH seems outright delusional in that post. | |
| ▲ | NelsonMinar an hour ago | parent | prev | next [-] | | It sure sounds like simple white supremacy | |
| ▲ | typpilol an hour ago | parent | prev [-] | | Feel free to respond to any point he made rather than picking out random nonsense | | |
| ▲ | testdelacc1 an hour ago | parent [-] | | I did respond to one of his falsehoods, you must have missed it in your hurry to post this pithy putdown. DHH and his gang of “White Replacement” reptiles overstate the facts by saying 40% of London is white British. Nigel Farage is a leader of a British far right party who exclusively has children with foreign women. His children are as white as he is, British citizens who’ve lived all their lives in Britain. To any reasonable person, even someone who struggles to mingle with non-white people like DHH, Farage’s children would be white British. But the stats would count them as “white - Other”, which is another 20% of London. They twist the stats to suit their narrative. | | |
|
|
|
|
|
| ▲ | 827a 4 hours ago | parent | prev | next [-] |
| > To strengthen supply chain security, we are taking important steps to ensure that administrative access to the RubyGems.org, RubyGems, and Bundler is securely managed. Ridiculously bold to say when what happened here was literally a malicious supply chain attack. |
| |
| ▲ | jonny_eh 3 hours ago | parent [-] | | Malicious how? Was malicious code inserted? Serious question. | | |
| ▲ | 827a 3 hours ago | parent [-] | | Status quo administrators had their access revoked without their consent and without cause. That's malice. | | |
| ▲ | rurban 2 hours ago | parent | next [-] | | It's more like a hostile takeover | |
| ▲ | jonny_eh 2 hours ago | parent | prev [-] | | That sounds more like "unfair" or "theft", not malice. Malice implies some kind of intent to harm or injure. | | |
| ▲ | whizzter 2 hours ago | parent [-] | | If money makes them do things like this, what's stopping them from bundling Bonzi Buddy if Shopify is bought out by PE and starts cutting funding to "useless" stuff? (Yes, it's a hyperbolic example) |
|
|
|
|
|
| ▲ | leakycap 6 hours ago | parent | prev | next [-] |
| I wasn't expecting such a nice writeup. Worth a read. The Ruby community has been eating itself alive since almost the beginning, but it is sad to see the short-sighted destruction of trust and connection that this has had. |
| |
| ▲ | bradgessler 5 hours ago | parent | next [-] | | How has it been “eating itself alive”? | | |
| ▲ | leakycap 4 hours ago | parent [-] | | Ruby promised programmer happiness and delivered programmer warfare. Predating the current hostile takeover: •••the vitriol directed at early critics like Zed Shaw •••mysterious departure of _why the lucky stiff •••the contentious Code of Conduct •••DHH •••uneasy truce after the toxic tribalism of the Rails vs. Merb There's more, but the linked article can send you down more interesting rabbit holes than more bullets on my list | | |
| ▲ | foysavas 2 hours ago | parent | next [-] | | I wrote a book on Merb and was an active contributor. Before that I had developed several apps with Rails. That said, the Rails vs Merb era was mostly good natured competition and I don't view the Rails vs Merb period as itself having been problematic. Merb devs believed we could make app development both simple to start (as a single file like Sinatra) and easy to evolve (into a modular codebase with Rails-like conventions). Existing outside of the Rails ecosystem allowed Merb to pursue that distinct vision. The Merge between Rails and Merb, accreted many of Merb's modular architectural enhancements to Rails, but sadly deprecated the overall Merb vision. To me that was a shame, but I still wouldn't describe any of it as toxic. | | |
| ▲ | leakycap 2 hours ago | parent [-] | | > I wrote a book on Merb and was an active contributor. It might be a situation where you see it differently because you were involved or benefiting from the way things unfolded > That said, the Rails vs Merb era was mostly good natured competition [...] wouldn't describe any of it as toxic Competition can be healthy, Rails vs Merb was anything but. Quotes from Yehuda himself: ••• "I was just so blinded by tribalism that I never even bothered to check how fundamental the disagreements really were." ••• "waging an all-out war against Ruby on Rails from inside of a company that makes its money selling Ruby on Rails deployment is a pretty bad life strategy" ••• "It's so easy for our brains to turn disagreements about priorities into value conflicts. It takes a lot of effort to see past that mistake." https://yehudakatz.com/2020/02/19/together-the-merb-story/ | | |
| ▲ | foysavas 42 minutes ago | parent [-] | | Engine Yard's management took several strategic missteps over the years. One of them was stifling Merb. The quotes from Yehuda describe his difficulty in making the best of a forced merger. Ezra's vision for Merb and DHH's vision for Rails were distinct. Both warranted development. Over time, I assume they would have collectively strengthened the Ruby community. It was a mistake for Engine Yard's management to have instead framed it as zero sum and forced a merger. |
|
| |
| ▲ | bradgessler 4 hours ago | parent | prev | next [-] | | There’s been a ton of that, yes, but for most people who are building applications and websites with Ruby, it’s been stable, productive, and prosperous. | | |
| ▲ | leakycap 4 hours ago | parent | next [-] | | > How has it been “eating itself alive”? > There's been a ton of that, yes... What are you saying - because some people got rich off Ruby, it's OK that those things happened? Clearly not - Ruby will be lucky to have a shadow of the community left after this. | | |
| ▲ | bradgessler 4 hours ago | parent | next [-] | | No, I'm saying there's a lot of people who won't even know this happened. Fewer will know that it happened, but they'll view it as a scenario where the ends justify the means. I'm on the record saying RC did a poor job rolling out these changes and treated the maintainers poorly. There will be a lot of amazing Rubyists that leave, which is terrible, but it won't be "the shadow of a community left" because there's way too many people who depend on it to feed their families. | | |
| ▲ | leakycap 4 hours ago | parent [-] | | > No, I'm saying there's a lot of people who won't even know this happened. In the world of "I'm sorry to that man" this seems like a given about literally everything. Not knowing something happened is called being uninformed, and it doesn't change things or make the person right just because they don't know about something that occurred. > There will be a lot of amazing Rubyists that leave We agree. Listen, WebObjects still has a somewhat active community. Ruby's community won't be helped by recent events, but recent events happened because the Ruby community has been backstabby for a long time and no one has stopped it because there's too much money to be made in the meantime to care about things like people. |
| |
| ▲ | chao- 2 hours ago | parent | prev [-] | | >Ruby will be lucky to have a shadow of the community left after this. Maybe? This feels like an extreme statement with too much certainty at this point. |
| |
| ▲ | 827a 4 hours ago | parent | prev [-] | | Ruby's status of having, like, two companies that are big and known to use Ruby (Shopify and 37Signals) is the reason why this was allowed to happen (three if you include Github, but my understanding is that its used less-and-less there). I have doubts that anyone could name another company or group most people have heard of using Ruby in any significant capacity. Its a dying language that does not have the legs to survive this drama. | | |
| ▲ | WA9ACE 3 hours ago | parent [-] | | Stripe, AirBnB, Instacart, Zendesk, Kickstarter, Mastodon, and if I remember right Coinbase was originally Rails as well. | | |
| ▲ | marksomnian 11 minutes ago | parent | next [-] | | GitLab too: https://gitlab.com/gitlab-org/gitlab | |
| ▲ | 827a 2 hours ago | parent | prev | next [-] | | Many if not all of these companies are, to my knowledge, companies like Github which might still have some legacy parts of their system running Ruby, but aren't building significant new code in Ruby; and if they do have Ruby, are trying to reduce its prevalence in their system. | | |
| ▲ | 3by7 2 hours ago | parent [-] | | You're badly misinformed (or are intentionally spreading misinformation). | | |
| ▲ | treis an hour ago | parent | next [-] | | I can vouch for at least one of those companies especially if we go by the "trying" bit of the GP. | |
| ▲ | leakycap 2 hours ago | parent | prev | next [-] | | Your claim would have more standing if 1) it made sense vs. the news and recent yearslong turn away from Ruby development, and 2) if you included any sources or information other than "nuh uh" | |
| ▲ | echelon an hour ago | parent | prev [-] | | Square was originally a single RoR monolith. We spent a decade burning it to the ground with a Java and Go microservice architecture. Some product surface area remains Ruby, but Ruby was chased away by most teams. Square brought in a lot of Xooglers over the years to lead the transition, so you see a lot of Google tech: protobufs, gRPCs, at one point a pre-Kubernetes Borg clone, etc. |
|
| |
| ▲ | gleenn 3 hours ago | parent | prev [-] | | Twitter also | | |
| ▲ | mvdtnz 3 hours ago | parent [-] | | Twitter famously eliminated as much ruby as practical from their codebase. | | |
|
|
|
| |
| ▲ | Trasmatta an hour ago | parent | prev | next [-] | | > the vitriol directed at early critics like Zed Shaw Zed was also a source of vitriol and toxicity, not just a target | |
| ▲ | jamesgeck0 4 hours ago | parent | prev | next [-] | | DHH aside, most of this drama was over a decade ago. | | |
| ▲ | leakycap 4 hours ago | parent | next [-] | | "Actually, the Ruby community ripped itself apart a decade ago and has never changed and still suffering from the consequences except with the recent thing with the founder" is not a strong argument | | |
| ▲ | tyre 3 hours ago | parent [-] | | No, but listing things that happened over the course of over a decade, some of which are well resolved and others (like why’s leaving) are questionable how they’re an indication of drama. He left public programming, including Scratch, entirely. | | |
| ▲ | leakycap 3 hours ago | parent [-] | | > things that happened over the course of over a decade Bad things happening to contributors year after year for a decade shows a toxic community that doesn't change even over a long period of time The latest harm is just the continuation of what has been happening since the beginning > some of which are well resolved Resolved? Decisions were made, but the tensions were never resolved and people were hurt. > He left public programming [...] entirely. Yeah. That's what happens when someone is destroyed after years of their hard work is treated like nothing. |
|
| |
| ▲ | sanderjd 2 hours ago | parent | prev [-] | | Ha yep. I remember a lot of this drama from my early days working with rails. But my impression is that none of this mattered and has long been water under the bridge. (I didn't know until reading about this current episode that there is new DHH drama.) |
| |
| ▲ | insane_dreamer 4 hours ago | parent | prev [-] | | _why's departure had nothing to do with the Ruby community, as far as we know (unless some new info has come to light recently) Zed Shaw, sure, but that's a single person (though a very vocal one; I always liked his work, but he was pretty outspoken and that got under people's skin) DHH - yes, opinionated to a fault and outspoken like ZS, prone to create division, but that was always more about Rails than Ruby (this is not a comment on DHH recently, which I know nothing about; I stopped being active in Ruby/Rails community over a dozen years ago). Rails vs Merb - again I think you're conflating the Rails community with the Ruby community | | |
| ▲ | leakycap 4 hours ago | parent [-] | | If you don't realize the overlap in the Rails and Ruby on Rails community, I'm not sure what corner of the Ruby world you've been hiding in. Someone can shush away any behavior if they want, like you have done. Feel free to provide an alternate history or context for the current Ruby community upheaval if you want, but just dismissing the problems of the past doesn't help anyone. | | |
| ▲ | insane_dreamer 3 hours ago | parent [-] | | I'm not dismissing the problems of the past. I just don't think they were as big problems as you make them out to be. It's not like I wasn't around or unaware, I just didn't let it bother me - and was happy with how things were developing despite some arguments around the fringes as in any community. > I'm not sure what corner of the Ruby world you've been hiding in. I did say that I haven't been involved for the past dozen years. Before that I was definitely there when Rails burst onto the Ruby scene and its early years. I realize the overlap but they were still pretty distinct -- though maybe that's changed in the past decade. | | |
| ▲ | leakycap 3 hours ago | parent [-] | | "it didn't affect me so I didn't care" is a common and valid feeling up until you are aware of what is happening I developed with Ruby from the beginning and loved Ruby on Rails for many reasons. The community's backstabbing nature and callousness toward people who put a lot of work in was not something I ever admired and it's led us here. |
|
|
|
|
| |
| ▲ | bdcravens 4 hours ago | parent | prev | next [-] | | If the current state of Ruby is "eating itself alive" then I hope it stays hungry. | | |
| ▲ | tyre 3 hours ago | parent | next [-] | | How is this good for anyone? Ruby is an excellent language and the community is largely the best I’ve experienced of any language. Yes there is drama, recently especially, but there have been some fantastic people involved for decades | |
| ▲ | JeremyNT an hour ago | parent | prev | next [-] | | There's ruby the tech and there's ruby the community. The former is mature, robust, fit for purpose. The latter is... messy. DHH's prominent role in the ecosystem and full throated endorsement of reactionary politics has alienated a lot of people who might otherwise have been invested in that community, and this latest maneuvering seems downstream of all that. At this point the tension between corporate interests (and by extension DHH, who is a central player in that group) and open source / community interests has become frustratingly high, and it all seems like it could have been avoided. It doesn't mean ruby is dead or even dying, but you can't blame anybody for looking at this and just noping right out over to a community without such drama. | |
| ▲ | remix2000 4 hours ago | parent | prev [-] | | What'd Ruby do to you? |
| |
| ▲ | insane_dreamer 4 hours ago | parent | prev | next [-] | | > The Ruby community has been eating itself alive since almost the beginning, that's an unfair take; the Ruby community was excellent at the beginning | | |
| ▲ | leakycap 4 hours ago | parent [-] | | Having been there, I don't know what you missed but it sounds like a lot. The project promised a lot in the beginning and some folks new to a language like Ruby were so enthused by what they could do that they didn't pay much attention to the admin drama at the beginning. |
| |
| ▲ | hitekker 4 hours ago | parent | prev [-] | | Eh, it's a messy write-up. The article's stream of consciousness is hard to follow. Too much detail in some areas, not enough in others. It's true Ruby Central was a fiasco and the maintainers should have been treated better. But the author's investigation misses important elements like the "culture war" on both sides. That seems to be prime motivation for everyone involved, given the flames raging in the comments below. | | |
| ▲ | dmix 4 hours ago | parent | next [-] | | It also skipped over the elephant in the room which is NPM's security issues. This was likely a reaction to a mix of NPM + culture war/deplatforming, where power player got nervous and decided to clamp down on rubygems security to insulate it from hypothetical bad actors. | |
| ▲ | leakycap 4 hours ago | parent | prev [-] | | Your critique of the author's writing style doesn't seem like your strongest argument. > It's true Ruby Central was a fiasco and the maintainers should have been treated better. Treated better as in ... not removed from their own projects? Treated better as in... not kicked out of things they built by someone else who has something to gain? Treated better is not the phrase to describe what should have happened here. |
|
|
|
| ▲ | bhouston 5 hours ago | parent | prev | next [-] |
| Why were Samuel Giddins and André Arko singled out to be removed? What was their transgressions and to whom? From the write-up it sounds like Shopify wanted them out, but why? |
| |
| ▲ | janpio 5 hours ago | parent [-] | | The article has a section about something that might be related: https://joel.drapper.me/p/rubygems-takeover/#rv | | |
| ▲ | bhouston 5 hours ago | parent [-] | | Quote: > In his blog post, André says, “For the last ten years or so of working on Bundler, I’ve had a wish rattling around: I want a better dependency manager. It doesn’t just manage your gems, it manages your ruby versions, too. It doesn’t just manage your ruby versions, it installs pre-compiled rubies so you don’t have to wait for ruby to compile from source every time. And more than all of that, it makes it completely trivial to run any script or tool written in ruby, even if that script or tool needs a different ruby than your application does.” > Bluesky threads reveal that Rafael França (Shopify / Rails Core) saw this tool as a threat, saying “some of the “admins” even announced publicly many days ago they were launching a competitor tool [rv] and were funding raising for it. I’d not trust the system to such “admin”.” So a dev was innovating to make better tool to meet their needs (which is what most open source maintainers are generally doing all day), and then some guys immediately jumped to the possibility that they would then actively sabotage RubyGems? Whoa, that is insane. Trying to kill innovation and a start-up out of fear doesn't sound like Shopify's branding in the media. | | |
| ▲ | NelsonMinar 3 hours ago | parent | next [-] | | You left out the really gross quote from Rafael França: "I’m not so sure I trust them to not sabotage rubygems or bundler." I'm not eager to work with a community with leaders who say things like that in it. Imagine spending years volunteering work that helps a company like Shopify only to have someone malign your work like that. | |
| ▲ | ZhadruOmjar 5 hours ago | parent | prev | next [-] | | At some point the majority will learn that no matter the public messaging most large companies will do what benefits their incumbency over what is best for the industry or customers. | |
| ▲ | knzai 3 hours ago | parent | prev [-] | | It’s worth noting the weren’t the only ones signaled out. At least one maintainer who had worked closely with them, but not been involved in RV also got tarred with the “too involved with André or too politically similar” It’s also worth nothing that DHH has moved against André before, via organizing a letter to his Board. In addition to any personal dispute and radically different politics (André is about as left as DHH is right in labor issues) there is how that’s played out in funding open source. André founded RubyTogether as a trade guild and DHH seemed to disapprove of rubygems/bundler maintainers getting paid directly by community support like that. I do not know if a black trans woman getting paid was part of what DHH was against or if she was collateral damage in his move. André annd another maintainer worked (and a designer), together through my company on rubygems stuff for RC, at a great discount. Mostly we tried to structure it so they kept getting paid enough for to cover health insurance for their families, etc, while mostly rolling our company down. It’s hard not to read it as “people who worked closely with André, whether or not they were going to work on RV, were targeted”. I think the fact that I am also a trans woman is bores coincidental, even given DHH’s politics. I don’t think he even remembers who I am and I don’t we mostly a tangential factor in any of this. |
|
|
|
|
| ▲ | softwaredoug 6 hours ago | parent | prev | next [-] |
| > they had a problem with Ruby Central taking control of the RubyGems open source code repositories and gems, which Ruby Central never owned. I don’t quite get how this happened? Ruby Central can’t just reach into my GitHub and declare they own something. Was it under the Ruby central account? Or an org account that decided they “own” the repo? |
| |
| ▲ | joeldrapper 5 hours ago | parent | next [-] | | I said in the post that HSBT who was a maintainer invited Marty as an owner of the GitHub account. This was against the wishes of the other maintainers who had established practices for adding new maintainers. | | |
| ▲ | didibus 5 hours ago | parent [-] | | So HSBT was the owner? And transfered ownership? | | |
| ▲ | joeldrapper 5 hours ago | parent [-] | | HSBT was a maintainer who had "owner" permissions on GitHub. | | |
| ▲ | evolve2k 2 hours ago | parent [-] | | It would seem that HSBT being a maintainer owner AND shopify employee faced a significant conflict of interest. Also I don’t think it’s a stretch given the context and clear direction coming from shopify for the actions of others to assume that HSBT themselves were directed by their employer to add Marty as an owner. I sense there’s legal grounds here but can’t fully articulate what the legal case would be. | | |
| ▲ | byroot an hour ago | parent [-] | | hsbt (no caps) isn’t a Shopify employee. He’s one of the most active Japanese Ruby core committer, employed by ANPAD, and also part time contractor for Ruby Central, and one of the most active committers to rubygems/bundler. |
|
|
|
| |
| ▲ | janpio 5 hours ago | parent | prev | next [-] | | That is explained in the "On 9 September, HSBT ..." paragraph, which describes how an existing RubyGems maintainer did - and then undid (most) - changes. A new user remained as an owner of the RubyGems GitHub organization - which allowed Ruby Central to do things later. | |
| ▲ | doctorpangloss 6 hours ago | parent | prev [-] | | It sounds like RubyGems was renamed to Ruby Central. | | |
|
|
| ▲ | didibus 5 hours ago | parent | prev | next [-] |
| I understand Ruby Central doesn't own the source code, it's open source, and that they own the service, but who owned the GitHub account/repo ? Who created it originally? |
| |
| ▲ | riffraff 2 hours ago | parent [-] | | The same people who created ruby central write the first versions of rubygems iirc (David Black , Chad Fowlernetc). But that was a long time ago and I'm not sure it matters to the current kerfuffle. |
|
|
| ▲ | dang 5 hours ago | parent | prev | next [-] |
| Related. Others? (most recent first:) An Update from Ruby Central - https://news.ycombinator.com/item?id=45344448 - Sept 2025 (1 comment) A board member's perspective of the RubyGems controversy - https://news.ycombinator.com/item?id=45325792 - Sept 2025 (148 comments) Goodbye, RubyGems - https://news.ycombinator.com/item?id=45306135 - Sept 2025 (1 comment) Ruby Central's response to the RubyGems situation - https://news.ycombinator.com/item?id=45301949 - Sept 2025 (1 comment) Ruby Central's Attack on RubyGems [pdf] - https://news.ycombinator.com/item?id=45299170 - Sept 2025 (244 comments) |
|
| ▲ | richardlblair 5 hours ago | parent | prev | next [-] |
| I get that when drama unfolds like this there is going to be a shake out. It's always valuable, to some degree, to know what happened and why. I just wish we could get to the part where the community can know and trust that our supply chain is safe and can be trusted. |
| |
| ▲ | evolve2k 2 hours ago | parent [-] | | Part of the long term supply chain question is that you trust who’s in charge. This corporate takeover of Ruby central and now Ruby gems is deeply concerning for the state of the Ruby ecosystem. Meanwhile the Ruby core team is in Japan, would you like them to report in for work orders to shopify too? |
|
|
| ▲ | _fat_santa 5 hours ago | parent | prev | next [-] |
| > Sidekiq withdrew its $250,000/year sponsorship for Ruby Central because they platformed DHH at RailsConf 2025. Honest question: What's the issue with DHH here? What did he do that caused them to pull support because he was platformed at RailsConf? |
| |
| ▲ | lavela 5 hours ago | parent | next [-] | | "The Ruby community has a DHH problem": https://tekin.co.uk/2025/09/the-ruby-community-has-a-dhh-pro... | |
| ▲ | jmcgough 5 hours ago | parent | prev | next [-] | | Tom Stuart gave a really good lightning talk about this a decade ago, which is very respectful and has aged well https://tomstu.art/the-dhh-problem It's not just about his politics. DHH is reactionary, mean, dismissive of others' opinions. He acts more like a high school bully than a leader. Since then, DHH has gone off the deep end with xenophobic, racist, and transphobic comments. I was drawn to the Ruby community because of its kindness and creativity, with people like why the lucky stiff and Jim Weirich. It is a lot less welcoming when DHH repeatedly uses his platform to say that I shouldn't exist or have equal rights. | | |
| ▲ | leosanchez 4 hours ago | parent [-] | | > It is a lot less welcoming when DHH repeatedly uses his platform to say that I shouldn't exist or have equal rights. Can you point to any of his blog posts that says this ? | | |
| |
| ▲ | theptip 2 hours ago | parent | prev | next [-] | | Huh, apparently he is a “white supremacist” for posts like this? https://world.hey.com/dhh/the-waning-days-of-dei-s-dominance... I missed all this drama, it does seem like there is an echo chamber forming over on Bluesky… | | |
| ▲ | riffraff 2 hours ago | parent [-] | | He's voicedly MAGA-adjacent, has often written against the evils of multiculturalism and how happy he was about Trump winning the elections. I don't think he's a white supremacist, but it is understandable that some people don't like his ideas. |
| |
| ▲ | insane_dreamer 4 hours ago | parent | prev | next [-] | | Sure, they don't like DHH. I never much liked him either (too opinionated for my taste), though Rails is a really good thing and honestly put Ruby on the map, and DHH deserves credit for that. But seriously, pull all their funding because of being platformed at RailsConf (_Rails_Conf, not _Ruby_Conf). Seems over-reactionary, and ultimately hurtful to the Ruby community (making them more dependent on Shopify). Update: To be fair, I haven't followed DHH/Rails/Ruby community for the past decade (was very involved ~15 yrs ago), so my views may be outdated. Still I think pulling the funding doesn't help Ruby. | | |
| ▲ | madeofpalk 2 hours ago | parent | next [-] | | I don't like DHH (for whatever reason), and I would never want to spend my own money on 'platforming' him. It seems pretty reasonable that someone/company applies discretion to which community events they sponsor. | | |
| ▲ | baobabKoodaa an hour ago | parent [-] | | Sure it feels good to pull money as a kneejerk reaction and virtue signalling, but it's still generally a good idea to think through the consequences of your actions. |
| |
| ▲ | 827a 2 hours ago | parent | prev [-] | | Its especially wild given how their action in pulling funding seems to have been a prime motivator for this power grab: in their attempt to boycott DHH, they quite literally handed him the keys to the kingdom. | | |
| ▲ | evolve2k an hour ago | parent [-] | | It does imply an option here. For the affected ruby gems core team to strike up a sponsorship agreement and launch a forked ruby gems service. For developers who agree that the original team was treated terribly, it’s a one line code change at the top of our Gemfiles to get behind a new gem repository. |
|
| |
| ▲ | dismalaf 5 hours ago | parent | prev | next [-] | | Probably the fact that DHH introduced Solid Queue to Rails which can replace Sidekiq. Of course they're not going to say that, it'll be some excuse about his lukewarm European politics... | | |
| ▲ | jamesgeck0 4 hours ago | parent | next [-] | | I've formed a positive opinion of Parham's character by the way he's conducted himself over the years. And Solid Queue isn't a serious Sidekiq replacement for the types of high volume applications where you'd want a Sidekiq license; I doubt he even sees it as a threat. | | |
| ▲ | dismalaf 2 hours ago | parent [-] | | Do a Google search for Sidekiq DHH. First link is about migrating from Sidekiq to Solid Queue. Third result (for me anyway) is a Reddit thread where Perham talks about trying to make Basecamp a customer and that he wasn't able to... | | |
| |
| ▲ | danudey 4 hours ago | parent | prev [-] | | Also the fact that DHH complained about not wanting to live in London because of how many non-whites there are, praising violent far-right agitators, and repeating debunked racist claims. |
| |
| ▲ | vinceguidry 5 hours ago | parent | prev [-] | | The Ruby community has long had a rift between two types of members, the really nice folks that take after Matz, and techbro assholes like DHH. The former have mostly tolerated the latter creating an ugly toxicity that the community has become known for, and is why I use Ruby, but have not involved myself with it. Zed Shaw, a well-known asshole himself, described it in this piece: https://harmful.cat-v.org/software/ruby/rails/is-a-ghetto DHH has been going off the deep end with his rhetoric for years, the current political environment has made it so that he can't be ignored anymore. | | |
| ▲ | bhouston 5 hours ago | parent | next [-] | | > HH has been going off the deep end with his rhetoric for years, the current political environment has made it so that he can't be ignored anymore. But Shopify is also right wing in its executive team, and via these move they appear to be support DHH: https://pressprogress.ca/shopify-executives-right-wing-media... https://disconnect.blog/the-conservative-tech-alliance-is-co... And yeah, Shopify is going to protect DHH because DHH is on Shopify's board: https://www.shopify.com/news/david-heinemeier-hansson-board | | |
| ▲ | bradly 5 hours ago | parent [-] | | Just to add a bit of context here... DHH was added to the Shopify board last year. Shopify also brought in a CTO with very questionable actions and statements during multiple company townhalls and all-hands. He would be making wild statements on stream while VPs would be in the Slack channel trying to defuse and reframe. This was a big reason why I left Shopify last spring. |
| |
| ▲ | dismalaf 5 hours ago | parent | prev [-] | | Except Matz is aligned with DHH, Tobi and others. I think lots of people confuse "nice" with "supporting every weird American left-wing cause pushed by certain corporations". Keep in mind most of the people who actually run the Ruby ecosystem and drive it forward aren't American, and it's mostly Americans whining about it. Also, people opposing it (Sidekiq, the guys starting "rv", etc...) have a vested financial interest in opposing Rails and rubygems... |
|
|
|
| ▲ | watwut 4 hours ago | parent | prev | next [-] |
| I dont understand why did Shopify wanted to take control and kick maintenners out? |
|
| ▲ | OptionOfT 5 hours ago | parent | prev | next [-] |
| https://archive.ph/tg8pQ |
|
| ▲ | bryanlarsen 5 hours ago | parent | prev | next [-] |
| Given the recent pwnage of part of the npm ecosystem, a panicked overreaction from Shopify & RubyCentral almost seems inevitable. |
|
| ▲ | ChrisArchitect 5 hours ago | parent | prev | next [-] |
| Related: Ruby Central's Attack on RubyGems https://news.ycombinator.com/item?id=45299170 A board member's perspective of the RubyGems controversy https://news.ycombinator.com/item?id=45325792 |
|
| ▲ | xaxaxa123 2 hours ago | parent | prev | next [-] |
| shut down Ruby Central, if not, they will make gems and bundler a payed servive. |
|
| ▲ | LightBug1 44 minutes ago | parent | prev | next [-] |
| Just read DHH's Sept 15th Heyworld post ... what an absolute sh1t spiral ... it reads like someone who's bubble of information has defeated them. Is that what getting old looks like? .... terrifying .... he sounds like the wanker corner of our local pub .. the only difference is he has the platform and money to amplify his semi-drunk sounding, ignorant views ... how the mighty have fallen. RIP. |
|
| ▲ | NoNameProvided 5 hours ago | parent | prev | next [-] |
| Can somebody provide an archive link? Trying to access the site, I get a Cloudflare security page that says my access has been blocked by some security rules. |
| |
|
| ▲ | thrownaway561 3 hours ago | parent | prev | next [-] |
| if it wasn't for DHH, Ruby would be a hobby programming language at best. The community can say what it wants, but it and frankly, most of the web programmers in the world, owe DHH some thanks. If it weren't for him, Yehuda Katz and John Resig, 90% of the web would still be written with Perl, CGI and VBScript. |
| |
| ▲ | int_19h 3 hours ago | parent [-] | | 90% of the web is written in PHP, and Rails didn't change that. |
|
|
| ▲ | kkaske 6 hours ago | parent | prev | next [-] |
| I don't follow this kind of thing so forgive my ignorance. Why was "platforming" DHH bad? Honest question. |
| |
| ▲ | alphager 5 hours ago | parent | next [-] | | He posted a personal blog post a few days ago decrying that London is not white enough. He has a history of very right-leaning positions. | | |
| ▲ | thevillagechief 4 hours ago | parent [-] | | These kind of statements frustrate me. They are kind of manufactured consent statements. I likely don't agree with DHH positions as shared here, but when did we decide platforming very left-leaning positions is good, and platforming very right-leaning ones is bad? I wouldn't even mind if the position was that platforming either is good/bad. The framing here begs the question. | | |
| ▲ | amanaplanacanal 4 hours ago | parent | next [-] | | Well yes, thinking people should be treated equally regardless of their sexuality or color of their skin is good, and the opposite is bad. Is that the kind of "very left leaning position" you had in mind? Or something else? | | |
| ▲ | poszlem 2 hours ago | parent [-] | | What you described is, of course, a perfectly honest account of the issue, and definitely not a strawman set up just to be knocked down. | | |
| ▲ | amanaplanacanal 2 hours ago | parent [-] | | Do you have some idea what they meant by extreme left leaning issues? I'd like to hear your take. | | |
| ▲ | hombre_fatal 2 hours ago | parent [-] | | Sure: importing migrants with no end in sight while shutting down any convo over what the limit should be; there is no limit and you're racist if you disagree. And it's not a principled position on open borders nor open migration but instead part of a double standard. These same people probably cheer on the protests in Mexico City against white gringos in Condesa. That's how I'd summarize the far left position. The far right one is probably that migrants are bad. And I suppose the middle position is that there's a problem when immigration rate outpaces cultural assimilation. | | |
| ▲ | amanaplanacanal 12 minutes ago | parent | next [-] | | Is unlimited immigration really popular among the far left? Sounds more like a libertarian position to me. After some quick googling I can't find any groups that support that. I did find a poll that shows 64% of Americans support creating some path for undocumented immigrants to get legal status. I'm not sure you could call 64% a far left position though. | |
| ▲ | RhythmFox 35 minutes ago | parent | prev [-] | | You just happen to hold this 'middle position' I imagine? |
|
|
|
| |
| ▲ | pebble 3 hours ago | parent | prev | next [-] | | The left-leaning ones usually don't call for the eradication of certain peoples. | | |
| ▲ | tremon 4 minutes ago | parent [-] | | Neither do the right-leaning ones. The ones that do have fallen over completely on their side. |
| |
| ▲ | madeofpalk 3 hours ago | parent | prev | next [-] | | I disagree with this framing as well. There's nothing wrong with "right-leaning" statements or opinions. DHH can talk all he wants about a desire for smaller governments, opinions on gun control, or conservative fiscal policy. However, people that espouse intolerance of others based on the colour of their skin is just objectively bad. Sometimes there is a right and a wrong side to things. The problem is that some on the political-right seem to have aligned themselves with policy or viewpoints that stand for hatred. | |
| ▲ | basisword 2 hours ago | parent | prev | next [-] | | I think the real issue is framing blatant racism as a 'very right-leaning' opinion. It does a disservice to people who have normal conservative opinions on economic or social issues. We've moved past race as a social issue long ago. It's not a debate that should be had anymore. Racists aren't conservative or right wing - they're just bigots. And to be clear, you can discuss immigration policy without being racist. In the blog post in question DHH gives his support to a convicted criminal, who is also a former member of an explicitly fascist political party and founder of an islamophobic hate group. That's not 'right-leaning'. It's support for a racist criminal. I'm unsure whether DHH is actually a bigot or just completely engulfed in the rhetoric common on Twitter these days. Either way he's a fucking moron pontificating on something which he has no actual experience of. Maybe when the US invades Greenland and starts deporting the Danes from the US he'll discover empathy. | | |
| ▲ | type0 an hour ago | parent [-] | | > Maybe when the US invades Greenland and starts deporting the Danes from the US he'll discover empathy. is he actually US citizen or dual or just Danish? |
| |
| ▲ | octernion 3 hours ago | parent | prev | next [-] | | you think we should platform racism? | |
| ▲ | bhouston 4 hours ago | parent | prev [-] | | I read the DHH post in question: https://world.hey.com/dhh/as-i-remember-london-e7d38e64. It is pretty standard anti-immigrant. It feels like it is acknowledging the fact that the populations of Western countries are in a demographic crisis, they are sub-replacement in terms of fertility but instead of fixing that he just wants to ban immigrants. It feels like fixing the fertility issue would solve the root issue. | | |
| ▲ | fwip an hour ago | parent | next [-] | | You don't need to carry water for racists and invent more palatable explanations for what they said. There's nothing in there about not enough British people - only about too many foreigners (whom he can tell by looking at them). | |
| ▲ | lbrito 3 hours ago | parent | prev [-] | | That is always the case with this kind of rant. People want to have the cake and eat it too. |
|
|
| |
| ▲ | jjgreen 5 hours ago | parent | prev | next [-] | | Judge for yourself: https://world.hey.com/dhh/as-i-remember-london-e7d38e64 (a web search on "Tommy Robinson" would help with context). | | |
| ▲ | lbrito 5 hours ago | parent | next [-] | | Having read stuff from DHH for a long time, this does not surprise me in the least. It just feels like he picked the right time, zeitgeist-wise, to fully come out of the closet. I distinctly remember a specific Twitter comment, maybe 7ish years ago, that solidified my view on DHH as a person. It was a thread about remote work. Someone from South America commented trying to be nice to David, saying something like "you should work remotely from Chile, it has a great Ruby community" etc, to which his response was "I've no interest in living in a 3rd world country". Notch-esque politics aside, that was mean-spirited, inconsiderate behavior which should not be applauded. From that day I strongly sensed that was who he truly was. | |
| ▲ | bhouston 5 hours ago | parent | prev | next [-] | | DHH is on Shopify's board now: https://www.shopify.com/news/david-heinemeier-hansson-board Shopify's support for DHH's world view makes sense. Shopify's executive team has been right-wing for a while now: https://pressprogress.ca/shopify-executives-right-wing-media... https://disconnect.blog/the-conservative-tech-alliance-is-co... | |
| ▲ | basisword 5 hours ago | parent | prev | next [-] | | He's really gone off the deep end and evidently knows fuck all about London or the patriotic march he's discussing. | | |
| ▲ | msie 4 hours ago | parent [-] | | He's made comments supporting the Trucker protest in Canada and he knew fuck all about it too. | | |
| ▲ | LightBug1 34 minutes ago | parent [-] | | There's seems to be a trend of knowing fuck all ... except about Ruby on Rails. Sounds like DHH has finally realised he has enough fuck you money. And that is the truest test of character you can ever have. Elon Musk failed.
DHH failed.
... failed.
Etc. |
|
| |
| ▲ | rs_rs_rs_rs_rs 5 hours ago | parent | prev | next [-] | | Are you sure you posted the right article? There's nothing about Ruby or RubyGems in it. | | |
| ▲ | madeofpalk 5 hours ago | parent | next [-] | | The question was "Why was "platforming" DHH bad?". Some people disagree with the views represented in that linked blog post, and do not wish to sponsor events that showcase him. Personally, I think DHH is a troll and would never be interested in sponsoring, or attending, an event that involved him. | |
| ▲ | vidarh 5 hours ago | parent | prev | next [-] | | There is, however, a whole lot that says a lot about the character of DHH in it, such as by repeating rhetoric of the UK's racist far-right. | |
| ▲ | notwhereyouare 5 hours ago | parent | prev [-] | | David Heinemeier Hansson, also known by his initials DHH, is a Danish programmer, writer, entrepreneur, and racing driver. He is the creator of Ruby on Rails, a web framework written in Ruby.[1] |
| |
| ▲ | ecshafer 5 hours ago | parent | prev [-] | | What is the issue? He liked the nationalistic display of a march in England? | | |
| ▲ | fwip an hour ago | parent | next [-] | | Please try to argue in good faith. | |
| ▲ | aduty 5 hours ago | parent | prev | next [-] | | That is the gist of it. | |
| ▲ | doublerabbit 5 hours ago | parent | prev [-] | | > He liked the nationalistic display of a march in England? Replace "nationalistic" with "fascist". That's the issue. | | |
| ▲ | AlexandrB 4 hours ago | parent [-] | | Please describe what's "fascist" about this march? I've spent so much time in left spaces and listening to left voices that accusations of fascism carry very little weight anymore. Everyone from Donald Trump to J.K. Rowling to JRR Tolkien[1] has been called fascist at this point. It's like calling someone a "fuckhead" - tells me nothing about their beliefs or politics. [1] https://www.newstatesman.com/culture/2015/07/michael-moorcoc... | | |
|
|
| |
| ▲ | sussmannbaka 6 hours ago | parent | prev | next [-] | | He’s been posting increasingly inflammatory articles, for the most recent round refer to https://tekin.co.uk/2025/09/the-ruby-community-has-a-dhh-pro... | |
| ▲ | hamandcheese 5 hours ago | parent | prev | next [-] | | I too am wondering this. | |
| ▲ | bakugo 6 hours ago | parent | prev [-] | | He held the wrong political opinions. | | |
|
|
| ▲ | charcircuit 5 hours ago | parent | prev | next [-] |
| Owning a source code project doesn't entitle you to admin in the github organization it belongs to, so I don't get why this article keeps hammering that point. Ownership of rubygems doesn't matter as all that's changing is members of a github organization. |
|
| ▲ | phaedryx 4 hours ago | parent | prev [-] |
| This is my understanding: 1. Ruby Central hosts, maintains, and sponsors Rubygems and Bundler 2. Based on recent events, it was possible that credentials were stolen (https://www.bleepingcomputer.com/news/security/60-malicious-...) 3. They decided to lock everyone out until security issues could be resolved It makes sense to me from a security standpoint, but their communication has been terrible which has led to a lot of speculation. |
| |
| ▲ | shkkmo 4 hours ago | parent [-] | | Incorrect. Ruby Central hosts the RubyGems service, not the RubyGems repository. Ruby Central employs some RubyGems maintainers but does not own the repository. Ruby Central decided to make their employees who are maintainers take over the repository against the wishes of the other maintainers so they could remove some of the maintainers from the project. |
|
