[jzwinck]

Ironic to see this suggestion when this post is immediately below one on the front page saying rubygems are not safe to install. It would be too bad if the security savvy BSD folks pushed their users into a worse situation by using gem.

[byroot]

It's not the role of OpenBSD or any other distribution to provide those gems.

I don't know anyone that rely on system packaging to get gems or eggs or CPAN module. And it would be silly because you can't run an arbitrary ruby/python app with and arbitrary version of gems.

And IHMO Debian should take the same decision and stop packaging gems and eggs.

[protomyth]

Well, I would expect the OpenBSD folks to think that the Rails folks will eventually get it together or die off. I would also imagine, given it takes no special code to run Rails on OpenBSD, that they feel the Rails folks have more resources to push out releases and OpenBSD folks shouldn't wait on a port.

[jonknee]

The situation currently is an unmaintained and guaranteed insecure package, so I don't think having users rely on something else will make it worse.

> These ports haven't been maintained and have been subject to numerous security issues over the past couple years (including a very critical one that made the news this week)

[PommeDeTerre]

Removing some insecure and/or untrustworthy code in no way forces any OpenBSD user to use other insecure and/or untrustworthy code.

I suspect that most responsible OpenBSD users with Ruby or Ruby on Rails code would likely already be looking at non-Ruby alternatives.