| ▲ | phaedryx 7 hours ago | |
This is my understanding: 1. Ruby Central hosts, maintains, and sponsors Rubygems and Bundler 2. Based on recent events, it was possible that credentials were stolen (https://www.bleepingcomputer.com/news/security/60-malicious-...) 3. They decided to lock everyone out until security issues could be resolved It makes sense to me from a security standpoint, but their communication has been terrible which has led to a lot of speculation. | ||
| ▲ | shkkmo 6 hours ago | parent [-] | |
Incorrect. Ruby Central hosts the RubyGems service, not the RubyGems repository. Ruby Central employs some RubyGems maintainers but does not own the repository. Ruby Central decided to make their employees who are maintainers take over the repository against the wishes of the other maintainers so they could remove some of the maintainers from the project. | ||