I'm leaving Ruby Central

Original Article ↗ Hacker News Discussion ↗

Context & immediate reactions

  • The gist is read as a first-person account of being pushed out of RubyGems/Bundler/RubyGems.org amid a Ruby Central–Shopify funding crisis and governance fight.
  • Some readers ask for neutral summaries and link to other recent HN discussions on the same controversy.
  • Several express sadness and say their own contributions to RubyGems were positive; others say this reinforces their decision to leave the Ruby/Rails ecosystem years ago.

Corporate influence, funding leverage & motives

  • A common interpretation: Ruby Central ran short of cash, lost a large Sidekiq sponsorship after a conference‑speaker dispute, then became dependent on Shopify, which used that leverage to reshape control of Bundler/RubyGems.
  • Some argue this resembles a “public xz‑style” takeover using money rather than infiltration; others reject “embrace, extend, extinguish” analogies as technically inaccurate.
  • Motive is debated:
    • Security/supply‑chain control and reputational risk for a payments-heavy company.
    • Political/ideological purge linked to a prominent Rails figure now on Shopify’s board.
    • Simple incompetence and panic under a hard deadline.
  • Several note key details of Shopify’s “demands” and the exact agreement remain unclear.

Ruby Central’s governance & communication

  • Many criticize unilateral decision-making around GitHub org ownership and removals, arguing it violates the spirit (if not the license-level definition) of open source.
  • Others respond that open source licenses don’t guarantee democratic governance; many projects are effectively dictatorships.
  • Ruby Central is faulted for years of under-engagement with RubyGems development, lack of clear governance, and a last‑minute scramble.
  • The postponed Zoom Q&A (citing Rosh Hashanah) is seen by some as “corporate spin” or a stalling tactic; others defend rescheduling for a major religious holiday.

Sidekiq, DHH, rv & politics

  • One narrative: conflict began over whether to platform or deplatform a controversial Rails figure; Sidekiq withdrew funding in protest, weakening Ruby Central.
  • Another view: the trigger was the new rv tool (a proposed RubyGems alternative), whose README alarmed Shopify and sharpened their security concerns.
  • Some speculate Shopify fears rv as a competing ecosystem; others say sabotaging RubyGems would be the worst way to build trust in rv.
  • Several commenters strongly criticize the Rails figure’s past posts as racist/xenophobic; a minority agrees with or downplays those views.
  • There’s disagreement over whether pulling sponsorship in protest was a justified moral choice or harmful “friendly fire” against infrastructure.

Infrastructure ownership & alternatives

  • Some argue this proves you should retain repos under personal accounts; others counter that critical infrastructure needs org ownership for resilience and continuity.
  • A few compare to what might happen if a single company gained similar control in other ecosystems (e.g., Rust), worrying about “corporate OSS.”
  • There’s brief speculation about possible legal recourse for maintainers whose access was revoked, but no clear answers.

Package distribution models & decentralization

  • The incident reignites debate over centralized registries vs. URL/URI-based or federated models.
  • Suggestions:
    • Use URIs/URLs directly (git repos, custom hosts); Bundler already supports this.
    • Decentralize to reduce single‑org control, even vendoring dependencies into application repos.
  • Counterpoints:
    • Central registries enable malware scanning, metadata standards, and name-policy enforcement.
    • Bandwidth and reliability at PyPI/RubyGems scale are hard to match with a purely decentralized model.
    • Examples like Go’s module proxy and Deno’s URL-based approach are mentioned, but their generalizability is debated.

Broader Ruby ecosystem reflections

  • Some claim Ruby’s niche was never clearly defined beyond “nice scripting for web startups,” and that other languages caught up.
  • Others defend Ruby and Rails as historically influential (convention over configuration, Rack, DSLs) and still a favorite language, even if innovation has slowed.
  • Historical tangents include Merb’s merger into Rails and earlier MVC/ORM systems; these are used as context for long-standing tensions between companies and open-source communities.