|
|
|
|
|
|
by pdntspa
252 days ago
|
|
|
Yeah and now we have a fragmented ecosystem. If the projects were placed under RubyCentral's management and active contributors' access is restored I don't see a big deal. Yes the manner in which it was handled was really bad but given the supply-chain attacks we're seeing against the Python and JS worlds, I think auditing contributor access and consolidating certain privileges is prudent. Again, handled poorly. But a lot of money rides on stuff like Bundler. We need a strict security posture. edit- I am an artist; I get the concern and distaste. But at a certain point your art grows bigger than you. If you as a private individual build a bridge used from a public roadway and you don't do the necessary maintenance or management your shit gets shut down. Not sure how this is much different. |
|
|