[Update: it was a hostile takeover: https://narrativ.es/@janl/115258495596221725]
What the fuck is going on with Ruby? For the moment we have to consider all gems compromised: https://pup-e.com/goodbye-rubygems.pdf
Ah, oof: https://indieweb.social/@sstephenson/115231391147943333
And even more context (bad): https://bsky.app/profile/mikemcquaid.com/post/3lz7klsyue22f
@janl ok so yes this looks really really bad but:
""we were offered millions of dollars from a hostile donor in exchange for control of the RubyGems infrastructureā€¯ <-- that's a HELL of an accusation to make, and I can't see any evidence of that whatsoever. Is there something I'm missing?
Because otherwise until we learn more this really seems like a "never attribute to malice what you can attribute to incompetence" sort of situation - right?
The unstated reason for this change was that many of the existing Rubygems maintainers have recently quit (including their only full-time engineer) due to RC's continued relationship with DHH. Since most of the team has walked away, RC has decided to accept a sponsorship guarantee from DHH so they can hire a new team and this is the PR spin of that decision. I don't see how Ruby Central can be trusted anymore until its Board is publicly elected. https://ruby.social/@rubycentral/115231365858771329
Jan Lehnardt 
jacobian
Sam Stephenson