How the Supreme Court’s Affirmative Action Decision Legitimized Stephen Miller
Miller’s role, The Guardian notes, helps account for the shaky legal justification the administration has provided for the attacks: The Trump administration claims the president was using his authority under Article II of the Constitution, based on the notion that the Venezuelan gang Tren de Aragua is a foreign terrorist organization. This recalls Miller’s repeated assertions that TdA is “running Venezuela” in his argument for deporting Venezuelan immigrants under the Alien Enemies Act.
The revelation about Miller’s role also recalls reports that he mused about bombing unarmed immigrants in boats as an adviser in the first Trump administration.
Miles Taylor, a former Department of Homeland Security official who resigned in Trump’s first term and became a vocal critic of the president, recounted an exchange between Miller and the then-commandant of the Coast Guard—which Miller vehemently denies—in his book Blowback.
How the Supreme Court Gave Cover to Stephen Miller’s Racist Agenda
The high court basically provided conservatives the template for the war on DEI.Dahlia Lithwick (Slate)
adhocfungus likes this.
50 years on, has China left Europe behind in the race for a hi-tech future?
50 years on, has China left Europe behind in the race for a hi-tech future?
Chinese firms have caught up with and in some cases overtaken their European rivals, putting the EU on the defensive.Meredith Chen (South China Morning Post)
Brazilians’ negative views of US double, China sees sharp rise in positives: poll
Brazilians’ negative views of US double, China sees sharp rise in positives: poll
Shift follows US President Donald Trump raising tariffs on Brazilian exports and tightening visa rules.Igor Patrick (South China Morning Post)
Germany’s Pistorius pours cold water on drone wall concept
Germany’s Pistorius pours cold water on drone wall concept
Repeated Russian incursions are increasing pressure on the EU and NATO to respond.Laura Kayali (POLITICO)
JB Pritzker Accuses ICE of ‘Harassing People for Not Being White’ Amid Chicago Immigration Crackdown
JB Pritzker Accuses ICE of ‘Harassing People for Not Being White’ Amid Chicago Immigration Cra ...
Illinois Gov. JB Pritzker slammed the Trump administration and U.S. Immigrations and Customs Enforcement for the agency's presence in Chicago.Ahmad Austin Jr. (Mediaite)
like this
Netanyahu accepts Trump proposal to end war in Gaza
cross-posted from: lemmy.ml/post/36860074
By Sean Mathews.
Published date: 29 September 2025 19:41 BST | Last update 430pm EDT
Netanyahu accepts Trump proposal to end war in Gaza
By Sean Mathews.
Published date: 29 September 2025 19:41 BST | Last update 430pm EDTNetanyahu accepts Trump proposal to end war in Gaza
US President Donald Trump said Prime Minister Benjamin Netanyahu has agreed to end the war in Gaza, in a move he said would be the Israeli leader's "crowning achievement".Sean Mathews (Middle East Eye)
like this
Non starter, never give-up arms. It just gives the oppressor complete control and will only mean that Israel will fully take all the land and murder the people much much easier. Settlers will be able to swarm in and murder even more Palestinians. If your murder is going to happen anyway, then take as many of them as you possibly can.
OpenAI takes on Google, Amazon with new agentic shopping system | TechCrunch
OpenAI takes on Google, Amazon with new agentic shopping system | TechCrunch
This type of frictionless experience has the potential to spark a new movement in how people shop online – one that moves away from search engines like Google and e-commerce platforms like Amazon toward conversational agents with curated recommendati…Rebecca Bellan (TechCrunch)
Are you using a time machibe to access Amazon in the past? Because for me the experience looks more like this:
- I type in "amazon.com" in my browser
- I use the search bar and get a bunch of sponsored results that are not what I was searching for at all and all use the same garbage photoshopped photos
- I scroll through pages upon pages of irrelevant dropshipped garbage offered by companies like JHUVOY, BRILGOVA and other random letters.
- I finally find something that looks like it's not a cheap knockoff
- I add it to my shopping cart and click through offers for Amazon prime and offers for dropshipped garbage that I might want to add to my cart.
- I proceed to payment
Sigh, I really miss the old internet, I truly do...
giantpaper likes this.
Netanyahu accepts Trump proposal to end war in Gaza
cross-posted from: lemmy.ml/post/36860074
By Sean Mathews.
Published date: 29 September 2025 19:41 BST | Last update 430pm EDT
Netanyahu accepts Trump proposal to end war in Gaza
By Sean Mathews.
Published date: 29 September 2025 19:41 BST | Last update 430pm EDTNetanyahu accepts Trump proposal to end war in Gaza
US President Donald Trump said Prime Minister Benjamin Netanyahu has agreed to end the war in Gaza, in a move he said would be the Israeli leader's "crowning achievement".Sean Mathews (Middle East Eye)
like this
Fallout without the bomb: Ukraine’s nuclear rhetoric is the real radioactive waste
Fallout without the bomb: Ukraine’s nuclear rhetoric is the real radioactive waste
Three decades after giving up the world’s third-largest arsenal, Kiev once again dangles the nuclear option – a move Russia will never allowRT
Netanyahu accepts Trump proposal to end war in Gaza
Published date: 29 September 2025 19:41 BST | Last update 430pm EDT
Netanyahu accepts Trump proposal to end war in Gaza
US President Donald Trump said Prime Minister Benjamin Netanyahu has agreed to end the war in Gaza, in a move he said would be the Israeli leader's "crowning achievement".Sean Mathews (Middle East Eye)
like this
Media and Medics Boat to Gaza to Launch Oct 1
NOTE 🚨: this is in addition to the current Global Sumud Flotilla coalition making its way to Gaza
The Freedom Flotilla Coalition (FFC) will launch a dedicated boat carrying international journalists and medical professionals to Gaza on October 1, 2025
The boat is scheduled to sail by October 1 and plans to join the other FFC and Thousand Madleens to Gaza boats on their journey.
For nearly two years, Israel has denied foreign journalists entry into Gaza, creating one of the most severe press blackouts in recent history… At the same time, Gaza’s health system has been systematically dismantled under Israel’s siege and bombardment.
In response, the FFC is assembling a boat of journalists and healthcare professionals to:
- Provide the international press an opportunity to report directly from Gaza
- Deliver urgently needed medical expertise and solidarity alongside Gaza’s decimated health workforce.
DNSNet: an open-source system wide ad and tracker blocker for Android (no root)
cross-posted from: lemmy.world/post/36657058
I'm just sharing here this app I use always on my phone, and I don't see many people talking about it.It's similar to DuckDuckGo app feature that block trackers across all the device, but this one is focused only on that, it also allows you to add your custom tracker URLs to block and monitor every request being made.
It's open source and available on F-Droid: f-droid.org/packages/dev.clomb…
GitHub: github.com/t895/DNSNetIt enables a VPN to intercept requests, so it can block URLs of trackers across all your apps. The app provides a list of URLs as you open it for the first time, you can choose a few options between less or more aggressive.
Obs.: The app don't tell, but when you add a custom URL you need to disable and enable it again.
DNSNet | F-Droid - Free and Open Source Android App Repository
Lightweight ad and content blockerf-droid.org
like this
Right-Wingers Melt Down Over Bad Bunny Headlining the Super Bowl Halftime Show
Right-Wingers Melt Down Over Bad Bunny Headlining Super Bowl
Bad Bunny is playing the Super Bowl Halftime Show, and right-wingers are not happy, railing against how the Latin artist has criticized Donald Trump.Nikki McCann Ramirez (Rolling Stone)
like this
The Man Behind Trump’s Push for an All-Powerful Presidency
Russell T. Vought spent years drawing up plans to expand presidential power and shrink federal bureaucracy. Now he is moving closer to making that vision a reality, threatening to erode checks and balances.
Buon Compleanno LibreOffice
LibreOffice compie 15 anni
LibreOffice celebra il suo quindicesimo anniversario come simbolo di libertà digitale, collaborazione globale e progresso tecnologico.Ferramosca Roberto (Linux Easy)
Auster likes this.
reshared this
Buon Compleanno LibreOffice
LibreOffice compie 15 anni
LibreOffice celebra il suo quindicesimo anniversario come simbolo di libertà digitale, collaborazione globale e progresso tecnologico.Ferramosca Roberto (Linux Easy)
like this
Thoughts on stremio? And more generally, when should I worry about trackers?
Hi,
I've seen stremio pop up a few times in my feed recently and decided to give a look. It's seems like I could use it with torrentio, but my concern is that the apps comes with a few trackers, amongst which 3 facebook trackers (share, login & analytics).
I don't know much about trackers, how they work, and what I should worry about, so I mostly try to avoid them, but could someone here tell me if I should worry about these facebook trackers (I don't use fb, but since it's pretty much the Devil itself...), and maybe suggest resources on how to get informed on trackers, what they do, and when to worry about it?
Thank you for your help.
Cheers,
like this
what debian compatible IRC client should I use now that hexchat is dead?
for debian 13.1 xfce
I liked hexchat due to its ample customization possibilities.
What do you use that's maintained and why?
like this
piracy is a service issue -- vinyl digital download codes
since setting up a navidrome server, i've been working through our record collection trying to find online download codes to get digital copies of our music that we own (should have been done previously, but now is better than never)--and i've run into issues where the downloadable copies are no longer available 
i hope more people start moving to mp3 players or maaaybe selfhosting and that purchasing high quality music is a bit more normal in the coming years. but as i am still quite happy with bandcamp after being bought out, i don't have a lot of hope that it will be around forever as it had seen layoffs. fingers crossed though.
anyways, go to shows, support your local band, cancel your subscriptions, and if you can't buy (due to lack of funds, or availability) download and seed.
like this
true.
but in my experience, most code redemption downloads don't require info though... besides the usual collection of your data via fingerprinting and cookies.
where do you source most of your music? for music i really only pirate large artists/bands, so torrenting is pretty easy.
i haven't bothered with soulseek--a centralized network doesn't appeal that much, and i'm not desperate.
if i really need something, and can't find it, i just use yt-dlp.
New home server, NixOS vs Proxmox vs Arch
Hey everyone!
I’ve been rocking Proxmox for a little over a year on an old Mac Mini with a failing NIC (I probably damaged it when I installed the SSD). So I decided it was time to get some new used cheap hardware and I have just received a HP Elitedesk 800 G3 SFF, going to throw 32GB of RAM, a 1TB M2 NVMe boot drive and a 4TB SATA drive for media in it (this will replace my external 4TB drive).
Right now in Proxmox I’m running a Docker VM with Debian (Transmission-VPN container, ByteStash, FreshRSS, KaraKeep), another Debian VM for Visual Studio Code so I can remote into VS Code on my Mac and iPad and couple of LXC containers (Plex, Open WebUI and Pi Hole).
Honestly Proxmox feels like overkill for what I’m doing, half of what I’m doing is either individual LXC containers or I find myself SSH’ing into the Docker VM. The Proxmox helper scripts are great, but I feel like I’m not learning much and I don’t know how much I can trust random GitHub URLs.
I’d like to start learning and becoming more self-sufficient with Linux. I was pretty excited by the idea of learning NixOS, get comfortable learning the code and then creating distinct configurations for different systems, including my Mac devices with Darwin… then I was reminded of all the recent bullshit happening in the community… I don’t want to get deep into the discussion in this thread, but I don’t really want to use/support a distro that Palmer Luckey and Anduril are trying to influence and control.
So I’m trying to decide if I should stick with Proxmox, try something like Arch or keep an eye on what’s going down with Nix and have a good backup strategy if the situation worsens.
I’d probably switch from Docker to Podman, use Wayland with Niri and learn NeoVIM and use SSH instead of VS Code remote tunnels.
Based on my current setup and my goals, what would you suggest I do?
like this
Debian and then maybe Guix on top of that. Rootless Podman for services.
There is no good reason to choose Arch in 2025. If you want to feel special, NixOS or Guix System is the way to go.
I think Guix is way more coherent than Nix. It also has better documentation and a more friendly community. And you use Scheme instead of Nix lang.
I use NixOS, but it is not for learning how Linux works; realistically it's for when you already know how Linux typically works, so you can understand when it breaks some of those norms.
If you want to learn how containers etc work, use straight-up Debian.
I really don't recommend arch for a server. On a desktop absolutely but what I want for a server is to be able to let it sit for 6 months, then update it and not have everything break; arch works best with frequent update hygiene.
Upgrading video quality for non-English content?
I find myself downloading a lot of movies that are dubbed in latino Spanish. I've checked fmhy torrents, but unfortunately, there just isn't a lot of latino Spanish content available on torrents.
(Yes, there is a lot of Spanish Spanish content... but... meehhh...)
However, I have had better luck with fmhy streaming. It's not the best quality, 720p or 1080p if I'm lucky. But it's better than nothing.
I was recently wondering, how does dubbing actually work? Is there a video difference between English and Spanish movies? Or is there just literally an audio track being swapped out?
Could I take an audio track from a 720p stream and add it to a 4K torrented movie file and expect the audio and video to line up?
like this
For content from streaming platforms like Netflix, the audio and video lines up most of the time. The dub might be a bit longer at the end, but that doesn't matter; it's only the credits.
For Blu-ray and DVDs, it's a bigger problem. The audio and video lines don't usually line up: different production company logos of different lengths and maybe minor regional differences. You could probably adjust the audio delay in the video player to get a decent experience.
mpv is good video player where it is easily possible to play the video from one file and the audio from another.
You already had some good advices but something I haven't seen mentioned. If you use Kodi (and probably a couple others media player), you could use some sub plugin like open subtitle (forgot other names) to fetch subtitles on the fly when you will play video. It can be hit or miss at first, but subtitles name are like release name (title, quality, release group). So if you often encounter a release group that do your sub language. Try to download video from same release group, so you will have better chance that audio/sub sync properly.
This apart, +1 for private tracker as already mentioned, you may need some searching to find one but worth it.
Labour conference votes to sanction Israel and recognise Gaza genocide
Labour party delegates have voted that Israel is committing genocide in Gaza and should be sanctioned, in a shock development at the annual party conference.
The unprecedented move means that the Labour conference has officially accepted the findings of a recent UN Commission of Inquiry report, which found that Israel is committing genocide in Gaza, and has backed comprehensive sanctions on Israel and a full arms embargo.
It signals significant discontent among the Labour rank and file with government policy. Britain recognised a Palestinian state last week but has rejected calls to denounce Israel's actions in Gaza as genocide.
Labour conference votes to sanction Israel and recognise Gaza genocide
Labour party delegates have voted that Israel is committing genocide in Gaza and should be sanctioned, in a shock development at the annual party conference.Imran Mulla (Middle East Eye)
Labour conference votes to sanction Israel and recognise Gaza genocide
Labour party delegates have voted that Israel is committing genocide in Gaza and should be sanctioned, in a shock development at the annual party conference.
The unprecedented move means that the Labour conference has officially accepted the findings of a recent UN Commission of Inquiry report, which found that Israel is committing genocide in Gaza, and has backed comprehensive sanctions on Israel and a full arms embargo.
It signals significant discontent among the Labour rank and file with government policy. Britain recognised a Palestinian state last week but has rejected calls to denounce Israel's actions in Gaza as genocide.
Labour conference votes to sanction Israel and recognise Gaza genocide
Labour party delegates have voted that Israel is committing genocide in Gaza and should be sanctioned, in a shock development at the annual party conference.Imran Mulla (Middle East Eye)
copymyjalopy likes this.
EA, maker of ‘Madden NFL,’ set to go private
So Jared Kushner and the Saudis now own EA.
So much MAGA with this right?
https://www.cnn.com/2025/09/29/investing/electronics-arts-private-deal
[SOLVED] how do I remove flatpak end-of-life runtimes without being prompted to install them again when updating?
[SOLUTION] all hail hexchat, hexchat is dead, remove unmaintained hexchat
this happens on debian 13.1 xfce
after installing io.github.Hexchat I get this message on the terminal:
Info: runtime org.freedesktop.Platform branch 23.08 is end-of-life, with reason: org.freedesktop.Platform 23.08 is no longer receiving fixes and security updates. Please update to a supported runtime version. Info: applications using this runtime: io.github.Hexchat
the message applies to the following runtimes as well:
org.freedesktop.Platform.VAAPI.Intel branch 23.08org.freedesktop.Platform.GL.default branch 23.08-extra
org.freedesktop.Platform.GL.default
if I remove them manually and I update flatpak, it asks me to install them again
My computer uses both system and user remotes.
Because my .var directory is almost full, I installed hexchat as user, but the drivers are systemwide. I don't know if this is relevant.
like this
github.com/hexchat/hexchat
GitHub - hexchat/hexchat: GTK+ IRC client
GTK+ IRC client. Contribute to hexchat/hexchat development by creating an account on GitHub.GitHub
Trump says U.S. to impose 100% tariff on all foreign-made movies
Trump says U.S. to impose 100% tariff on all foreign-made movies
U.S. President Donald Trump said on Monday he would impose a 100 per cent tariff on all foreign-made movies, an unprecedented move that threatens to upend Hollywood’s global business model.Reuters Staff (CTVNews)
Denver’s Food Forests Provide Free Fruit While Greening the Environment
Denver’s Food Forests Bear Fruit, for the City and Environment | Civil Eats
Despite federal roadblocks, an ambitious agroforestry program is feeding people, cleaning the air, and helping offset climate change.Riley Ramirez (Civil Eats)
West uses liberal-opposition groups to divide Russian society — Security Council
West uses liberal-opposition groups to divide Russian society — Security Council
"Particular attention was paid to instances of deliberate dissemination of false information discrediting Russia’s domestic and foreign policies," the statement emphasizedTASS
You can find the answer to your question on this graph in dynamics over 15 years, which reflects survey by the same Levada Center with question "Which political system do you prefer?"
Red stands for Soviet one, orange is "current one", blue is Western democracy, black is no responce and gray is hard to say.
Snapdragon X2 Elite Extreme crushes Apple M4, Intel, and AMD in new benchmarks
...In Geekbench 6.5 single-core, the X2 Elite Extreme posts a score of 4,080, edging out Apple’s M4 (3,872) and leaving AMD’s Ryzen AI 9 HX 370 (2,881) and Intel’s Core Ultra 9 288V (2,919) far behind......The multi-core story is even more dramatic. With a Geekbench 6.5 multi-core score of 23,491, the X2 Elite Extreme nearly doubles the Intel Core Ultra 9 185H (11,386) and comfortably outpaces Apple’s M4 (15,146) and AMD’s Ryzen AI 9 370 (15,443)...
...This isn’t just a speed play — Qualcomm is betting that its ARM-based design can deliver desktop-class performance at mobile-class power draw, enabling thin, fanless designs or ultra-light laptops with battery life measured in days, not hours.
One of the more intriguing aspects of the Snapdragon X2 Elite Extreme is its memory‑in‑package design, a departure from the off‑package RAM used in other X2 Elite variants. Qualcomm is using a System‑in‑Package (SiP) approach here, integrating the RAM directly alongside the CPU, GPU, and NPU on the same substrate.
This proximity slashes latency and boosts bandwidth — up to 228 GB/s compared to 152 GB/s on the off‑package models — while also enabling a unified memory architecture similar in concept to Apple’s M‑series chips, where CPU and GPU share the same pool for faster, more efficient data access...
... the company notes the "first half" of 2026 for the new Snapdragon X2 Elite and Snapdragon X2 Elite Extreme...
Snapdragon X2 Elite Extreme crushes Apple M4, Intel, and AMD in new benchmarks
Qualcomm’s latest ARM chip doubles multi-core performance, leads in GPU and AI, and could redefine battery life for premium Windows laptops.Daniel Rubino (Windows Central)
like this
The question was about GPU drivers, and GPU drivers for ARM-based SoCs aren't even mature on Android. They are going to suck on Linux.
Compared to the drivers for Mali, Adreno and consorts, Nvidia is a bunch of saints, and we know how much Nvidia drivers suck under Linux.
There are quite a few more. For example Debian, Ubuntu, Manjaro, Arch, Fedora, Alpine and Kali also have ARM ports (and probably many others too). Raspberry OS is purpose-built for ARM Desktop. There's others too.
Asahi isn't specifically an ARM Linux, but an Apple Silicon Linux.
Apple Silicon is ARM, but it's also its own semi-custom thing that's not directly compatible with other ARM stuff.
That's the main issue with supporting ARM: You don't have one platform like x86/x64.
On x86/x64 there's an abstraction between the machine code language and the microcode that's actually executed in the CPU. There's a microcode translation layer in the CPU that translates one to the other, so x86/x64 chip designers have a lot of freedom when designing their actual CPU. The downside being that the translation layer consumes a little bit of performance.
There's also the UEFI system and a ton of other things that keep the platform stable and standardized, so that you can run essentially the same software on a 15yo Intel CPU and a modern AMD.
ARM is much more diverse. Some run Devicetree, some don't. There are also multiple different ARM architectures, and since they are customizable, there's just so much variety.
I don't have personal experience with that, but according to google (linaro.org/blog/linux-on-snapd…) it is at least a thing.
Wouldn't expect it to be great though.
Linux on Snapdragon X Elite: Linaro and Tuxedo Pave the Way for ARM64 Laptops | Blog | Linaro
Linaro Connect 2025 showcases progress in bringing Linux on Snapdragon-Powered Deviceswww.linaro.org
Snapdragon X2 Elite Extreme
That doesn't sound very high end, I think I'll wait for the Pro version, preferably Pro Plus.
Tesla Bros Attempt Coast-to-Coast Trip in Self-Driving Mode, Crash Right Away
Tesla Bros Attempt Coast-to-Coast Trip in Self-Driving Mode, Crash Right Away
There’s an aura of failure lingering around Elon Musk and the Tesla brand right now. A stink of mediocrity. Maybe even the funk of impotence.Luis Prada (VICE)
Hubble Surveys Cloudy Cluster
Hubble Surveys Cloudy Cluster - NASA
This NASA/ESA Hubble Space Telescope image released on Sept. 12, 2025, features a cloudy starscape from an impressive star cluster. This scene is inNASA
How Ruby Went Off the Rails
How Ruby Went Off the Rails
For the past couple of weeks, a community of developers who use the programming language Ruby have been closely following a dramatic change in ownership of some of the most essential tools in its ecosystem with far reaching impacts for the worldwide web.If you’re not familiar with Ruby or the open source development community, you probably haven’t heard about any of this, but the tools in question serve as critical infrastructure for gigantic internet services like GitHub, Shopify, and others, so any disruption to them would be catastrophic to those companies, their users, and vast swaths of the internet.
On September 19, Ruby Central, a nonprofit organization that manages RubyGems.org, a platform for sharing Ruby code and libraries, asserted control over several GitHub repositories for Ruby Gems as well as other critical Ruby open source projects that the rest of the Ruby development community relies on. A group of open source developers who had contributed to those projects and maintained them for years had their permissions suddenly revoked. When these developers announced on social media that their access was taken away, many Ruby developers saw the decision as a betrayal of their years-long contributions to the Ruby ecosystem and open source principles more generally. Others accused Ruby Central of succumbing to corporate pressure from companies like Shopify, which they claimed wanted more control over the project.
In some ways, this whole affair is an example of why this stuff gets really messy when people start getting paid
I’ve spent the last week talking to people who had direct involvement with Ruby Central’s decision, the contributors who were ousted, and developers in the Ruby community. I’ve heard accusations of greed, toxic personalities, and stories about years-long feuds between people, at times in open disagreement, who ultimately govern some of these important open source tools.RubyGems.org and other critical Ruby tools have so far not been interrupted during this transition, but the incident sheds light on a basic truth about the internet and open source development: Much of the technology we use every day and take for granted is being maintained by a small number of developers who are not compensated for that work or get paid very little when compared to salaries at big tech companies. Open source development continues to make much of the internet possible, but as some of these tools become more important and financially valuable, they’re subject to more scrutiny and pressure from the community, organizations, and companies that rely on them.
“In some ways, this whole affair is an example of why this stuff gets really messy when people start getting paid, and once you start introducing formal organizations and employees and nonprofits and lawyers and all this kind of complexity,” Mike McQuaid, developer of the popular package manager Homebrew, which is built with Ruby, told me. McQuaid has talked to and offered to mediate between Ruby Central and the ousted maintainers. “This is a textbook case of what happens when there's this conflict between what companies want, what nonprofit individuals want, how much responsibility people have when they take money, who gets control and when. How much democracy versus just ‘I have the power to do something, therefore I'm going to do it.’”
With Ruby developers can download and use self-contained packages of code that add different functionalities to a Ruby project. These packages are called gems, and are distributed primarily via RubyGems.org, where developers can upload gems they’ve developed or download gems from other developers.
The ability to download gems and plug them into different projects is very useful and convenient for Ruby developers, but can create complications. Different gems are developed by different teams and are updated at different times with bug fixes and new features, and might not necessarily be compatible or play well with one another as they evolve.
This is where Bundler comes in. As its website explains, “Bundler provides a consistent environment for Ruby projects by tracking and installing the exact gems and versions that are needed.” So, for example, if a developer is building a Ruby project and wants to use gems X, Y, and Z, Bundler will pull the versions of those gems that are compatible with one another, providing developers an easy solution for what Bundler describes as “dependency hell.”
Bundler is an open source project that was initially developed by Yehuda Katz, but the GitHub repository for the project was created and was administrated by André Arko. In 2015, Arko also founded a nonprofit trade organization named Ruby Together, which raised funds from developers and companies that use Ruby in order to maintain Bundler and other open source tools.
I will not mince words here: This was a hostile takeover
RubyGems.org, the site and service, is governed by Ruby Central, a nonprofit founded in 2001, which also organizes several Ruby conferences like RubyConf and RailsConf. In 2022, Arko’s Ruby Together and Ruby Central merged, “uniting the Ruby community’s leading events and infrastructure under one roof,” according to Ruby Central’s site. Bundler’s and RubyGems.org’s work often overlapped both in their goals and the developers who worked on them, but operated across two different GitHub organizations, each with its own repositories. To streamline development of these open source projects, Bundler also joined the Ruby Gems GitHub organization in 2022.In 2023, Ruby Central established the Open Source Software Committee, which according to its site oversees RubyGems, Bundler, and RubyGems.org, focusing on infrastructure stability, security, and sustainability.
A confusing and central point of disagreement between Ruby Central and the maintainers it ousted on September 19 is rooted in the merging of Ruby Together and Ruby Central and the difference between Rubygems.org the service, essentially an implementation of the Ruby Gems codebase on an AWS instance, which both parties agree Ruby Central owns and operates, and the Ruby Gems the codebase that lives in the same GitHub organization as Bundler.
According to a recording of a mid-September Zoom meeting which I obtained between Marty Haught, Ruby Central’s Director of Open Source, Arko, and the other ousted contributors, Ruby Central maintains that the codebase and GitHub organization became its responsibility when Ruby Central merged with Ruby Together in 2022. The ousted contributors’ position is that members of Ruby Central, like Haught, can be owners of the GitHub organization, but that ownership of the RubyGems codebase and other projects in the GitHub organization belong to the contributors, who don’t have a detailed governance model but historically have governed by consensus.
Arko made this argument to me in a recent interview, but also outlined that argument in a blog post, where he also shared the merger agreement between Ruby Central and Ruby Together. It shows that Ruby Together would dissolve and that Ruby Central would be in charge of raising and allocating funds for development, but does not explicitly say Ruby Central takes ownership of the RubyGems and Bundler projects or the GitHub organization.
To make matters even more complicated, Arko was at once a contributor to these open source projects, a contributor to RubyGems.org the service, an owner of the GitHub organization, and an advisor to Ruby Central’s Open Source Software Committee.
In May, Arko resigned his position as an advisor to Ruby Central’s Open Source Software Committee, but continued his work as a contributor. Arko told me he resigned his advisory role because of Ruby Central’s last minute invitation of David Heinemeier Hansson, better known online as DHH, as a keynote speaker at RailsConf.
Arko told me he objected to that decision because of DHH’s “horrifying, racist, misogynist, politics” and DHH’s “personal vendetta” against him. In 2021, back at Motherboard, we reported that many employees at DHH’s company, Basecamp, quit after his decision to ban any discussion of politics at work, which many employees saw as squashing discussion about race, bias, and diversity. Arko told me that DHH’s “personal vendetta” against him stemmed from Arko not wanting to support a certain feature DHH wanted added to Bundler, after which DHH demanded Arko be removed from the Ruby Together board.
The current controversy erupted on social media on September 19, when one contributor to the open source projects in the RubyGems and Bundler GitHub organization, Ellen Dash, announced that Haught, Ruby Central’s Director of Open Source, revoked GitHub organization membership for all admins on the RubyGems, Bundler, and RubyGems.org maintainer teams. At that moment, their permissions and access to the GitHub organization were revoked, meaning they could no longer make any changes or contributions to the code, and Haught, representing Ruby Central, took control.
“I will not mince words here: This was a hostile takeover,” Dash said in a public “goodbye” letter they shared online. “I consider Ruby Central’s behavior a threat to the Ruby community as a whole. The forceful removal of those who maintained RubyGems and Bundler for over a decade is inherently a hostile action. Ruby Central crossed a line by doing this.”
The news was seen by many developers in the Ruby and open source community as betraying the dedication and labor that Dash, Arko, and other maintainers put into these tools for years.
Ruby Central, meanwhile, describes the move as one centered around security.
“With the recent increase of software supply chain attacks, we are taking proactive steps to safeguard the Ruby gem ecosystem end-to-end,” Ruby Central said in an explanation of its decision. “To strengthen supply chain security, we are taking important steps to ensure that administrative access to the RubyGems.org, RubyGems, and Bundler is securely managed. This includes both our production systems and GitHub repositories. In the near term we will temporarily hold administrative access to these projects while we finalize new policies that limit commit and organization access rights. This decision was made and approved by the Ruby Central Board as part of our fiduciary responsibility. In the interim, we have a strong on-call rotation in place to ensure continuity and reliability while we advance this work. These changes are designed to protect critical infrastructure that power the Ruby ecosystem, whether you are a developer downloading gems to your local machine [or] a small or large team who rely on the safety and availability of these tools.”
404 Media has covered the kind of recent supply chain attacks targeting open source projects that Ruby Central is referring to. Earlier this month, a critical JavaScript development tool Node Package Manager (NPM), was targeted by a similar supply chain attack. But not everyone in the Ruby development community bought the explanation that security was at the heart of the recent moves. One reason for that is a public statement from a Ruby Central board member and treasurer Freedom Dumlao.
On Substack, Dumlao apologized for the sudden change and how it was communicated.
“If Ruby Central made a critical mistake, it's here,” he wrote. “Could these conversations have been happening in public? Could the concerns we were hearing from companies, users and sponsors have been made more apparent? Probably. But I remind you we don't have a ‘communications team’, no real PR mechanism, we are all just engineers who (like many of you I'm sure) go heads down on a problem until it's solved.”
Dumlao reiterated that RubyGems and Bundler are critical infrastructure that are now increasingly under the threat of supply chain attacks, and said that the companies that rely on them “count” on Ruby Central do everything it can to keep them and their users safe.
However, Dumlao also said that Ruby Central was under “deadline” to make this change.
“Either Ruby Central puts controls in place to ensure the safety and stability of the infrastructure we are responsible for, or lose the funding that we use to keep those things online and going,” Dumlao wrote.
In a September 22 video message in response to criticism about its decision to remove maintainers, Ruby Central’s executive director Shan Cureton described a similar dynamic. She said “sponsors and companies who depend on Ruby tooling came to us with supply chain concerns” and that “Our funding and sponsorships are directly tied to our ability to demonstrate strong operational standards. Without those standards in place, it becomes harder to secure the support needed to keep maintainers paid, organize events, and provide resources for developers at every stage of their journey.”
Since Shopify is one of the primary sponsors and funders of Ruby Central, this led some in the Ruby community to believe that Shopify was exerting pressure on Ruby Central to make this change.
“That is not how it happened, and I wish I had been more careful with my wording in that blog post,” Dumlao told me in a Linkedin message when I asked him if Ruby Central was under pressure from Shopify to make these changes.
I just don't think that there's any other plausible explanation than Shopify demanded this.
After I gave Dumlao my number so we could do a phone interview, I got an email from Cindi Sutera, who was recently brought on as a spokesperson for Ruby Central."Ruby Central’s mission is to keep the infrastructure that Rubyists rely on stable, safe, and trustworthy,” she told me. “As part of a routine review following organizational changes, we identified a small number of accounts whose privileges no longer matched current role requirements. The Board voted that it was imperative to align access with our privilege policy to keep the infrastructure that the Ruby community depends on stable. This is our mission.”
Sutera said that the board approved “a temporary administrative hold on certain elevated permissions” while it finalized operator agreements and governance roles.
“To move quickly and transparently, we imposed a clear deadline to complete operator agreements and close gaps,” she said. “We could have communicated earlier that we felt it necessary to move quickly and wish we could have given the community more time to prepare for this action. And now, here we are committed to completing this transition for the stability and security of the Ruby Gems supply chain. More updates are coming as we work through security protocols and stabilization efforts.”
“There’s literally only one company providing the money that is keeping Ruby Central open, and it is Shopify,” Arko told me. “And so I just don't think that there's any other plausible explanation than Shopify demanded this.”
When I asked Arko why he thought Ruby Central removed him, if it wasn’t for security reasons, Arko said: “totally unprovable speculation is Shopify’s CEO is best friends with DHH, who hates me.” DHH is also a Shopify board member.
“Thanks for the invitation, but not my place to weigh in a lot on this while they're working through these changes,” DHH told me in an email when reached for comment. “But I support them taking steps to secure and professionalize the supply chain work they're doing.”
Shopify did not reply to a request for comment.
As this episode spread on social media, I talked to several people associated with Ruby Central who told me the board was acting in the interest of the RubyGems and the Ruby community. Two sources who asked for anonymity for fear of retaliation said that Arko was difficult to work with, questioned how he used funds raised by Ruby Together, and claimed that a new Ruby version manager he’s working on, rv, means he has a conflict of interest with his work on RubyGems and Bundler.
Arko acknowledged to me he heard he’s been difficult to work with in the past. He said that sometimes he’s been able to reach out to people directly and resolve any issues, and that sometimes he hasn’t. He rejected the other allegations, and said that Ruby Together’s financials have always been public.
“It has always been fully public, and the amount has been fixed at $150 an hour for 10 years,” he said, referring to the amount contributors got paid to work on Bundler. Arko added that nobody has ever been paid for more than 20 hours a week, and that the most he’s been able to raise in a single year is $300,000 to pay eight different contributors. “Nobody has gotten a raise for 10 years.”
"As a matter of policy, we don’t discuss individual personnel,” Sutera, the Ruby Central spokesperson, said when I asked if Arko was removed from the GitHub organization because of his previous behavior. “Our recent actions were organization-wide governance measures aimed at aligning access with policy. Our priority is maintaining a stable and secure Ruby Gems supply chain."
McQuaid, the developer of Homebrew and who followed the controversy, told me that even Arko’s harshest critics wouldn’t deny the contributions he’s made to the Ruby community over the years.
Regarding Arko’s blog post about his removal, McQuaid told me it’s good that Arko is crediting other people for their contribution and that he’s following open source principles of community and transparency, but that “his ‘transparency’ here has been selective to things that benefit him/his narrative, he seems unwilling or unable to admit that he failed as a leader in being unwilling or unable to introduce a formal governance process long before this all went down or appoint a meaningful successor and step down amicably.”
The fundamental disagreement here is about who “owns” the GitHub organization that houses Bundler and RubyGems. Technically, Ruby Central was able to assert control because Hiroshi Shibata, a member of the Ruby core team and one of the contributors who has owner-level permissions on the GitHub, made Haught, who revoked the others’ access, an owner as well. Any owner can add or remove any other owner, but when Ruby Central’s board voted to make this change Haught acted immediately and removed Arko, Dash, and others.
However, Arko fundamentally disagrees with the premise that Ruby Central has the right to govern the GitHub organization in any way, and believes that it has always belonged to the group of contributors who had access up until September 19.
Arko said that even if Ruby Central gave him his permissions back, he would not consider the matter resolved until Ruby Central stopped claiming it owns Bundler “but I am definitely not going to hold my breath for that one.”
“When people really care, they're passionate and they're enthusiastic and they argue, and that often looks like drama,” McQuaid, the developer of Homebrew, said when I asked what he thinks this entire affair says about the state of open source development. “But if I had to pick between having the enthusiasm and the drama or losing both, then I'd probably pick the enthusiasm and the drama, because in some ways, the system is somewhat self correcting. Even the stuff that's going on right now, people are having essentially a very public debate about what role do large companies or nonprofits or individual maintainers have in open source. To what extent does someone's level of contribution matter versus what type of person they are? I think these are valuable discussions to be having, and we're having them in the open, whereas if it was in a company, this would all be in a meeting room or with an HR department or in a leadership offsite or whatever.”
A board member's perspective of the RubyGems controversy
What a week it's been as a Ruby Central Board Member.Freedom Dumlao (Freedom’s Substack)
Deutsche Bank Issues Grim Warning for AI Industry
Deutsche Bank Issues Grim Warning for AI Industry
Deutsche Bank is warning that AI spending won't "remain parabolic," or continue to increase exponentially, a dire warning for the future.Victor Tangermann (Futurism)
Checking your browser before accessing. Just a moment...
But as photos and social media posts surfaced showing Sanford in a camouflage Trump 2020 shirt that read “Make Liberals Cry Again,” and a Trump-Pence sign still visible on his front lawn just months ago, the political implications became harder to ignore.
So far, Republican leaders have said nothing.
GOP Silent as Mormon Church Gunman Identified as ‘Ultra MAGA’ Trump Supporter
As the nation reels from another devastating mass shooting—this time at a Mormon church in suburban Michigan—Republican leaders have remained notably silent following revelations that the gunman was a devoted Trump supporter who once proudly wore the…Staff Writer (The Daily Boulder)
How Ruby Went Off the Rails
How Ruby Went Off the Rails
For the past couple of weeks, a community of developers who use the programming language Ruby have been closely following a dramatic change in ownership of some of the most essential tools in its ecosystem with far reaching impacts for the worldwide web.If you’re not familiar with Ruby or the open source development community, you probably haven’t heard about any of this, but the tools in question serve as critical infrastructure for gigantic internet services like GitHub, Shopify, and others, so any disruption to them would be catastrophic to those companies, their users, and vast swaths of the internet.
On September 19, Ruby Central, a nonprofit organization that manages RubyGems.org, a platform for sharing Ruby code and libraries, asserted control over several GitHub repositories for Ruby Gems as well as other critical Ruby open source projects that the rest of the Ruby development community relies on. A group of open source developers who had contributed to those projects and maintained them for years had their permissions suddenly revoked. When these developers announced on social media that their access was taken away, many Ruby developers saw the decision as a betrayal of their years-long contributions to the Ruby ecosystem and open source principles more generally. Others accused Ruby Central of succumbing to corporate pressure from companies like Shopify, which they claimed wanted more control over the project.
In some ways, this whole affair is an example of why this stuff gets really messy when people start getting paid
I’ve spent the last week talking to people who had direct involvement with Ruby Central’s decision, the contributors who were ousted, and developers in the Ruby community. I’ve heard accusations of greed, toxic personalities, and stories about years-long feuds between people, at times in open disagreement, who ultimately govern some of these important open source tools.RubyGems.org and other critical Ruby tools have so far not been interrupted during this transition, but the incident sheds light on a basic truth about the internet and open source development: Much of the technology we use every day and take for granted is being maintained by a small number of developers who are not compensated for that work or get paid very little when compared to salaries at big tech companies. Open source development continues to make much of the internet possible, but as some of these tools become more important and financially valuable, they’re subject to more scrutiny and pressure from the community, organizations, and companies that rely on them.
“In some ways, this whole affair is an example of why this stuff gets really messy when people start getting paid, and once you start introducing formal organizations and employees and nonprofits and lawyers and all this kind of complexity,” Mike McQuaid, developer of the popular package manager Homebrew, which is built with Ruby, told me. McQuaid has talked to and offered to mediate between Ruby Central and the ousted maintainers. “This is a textbook case of what happens when there's this conflict between what companies want, what nonprofit individuals want, how much responsibility people have when they take money, who gets control and when. How much democracy versus just ‘I have the power to do something, therefore I'm going to do it.’”
With Ruby developers can download and use self-contained packages of code that add different functionalities to a Ruby project. These packages are called gems, and are distributed primarily via RubyGems.org, where developers can upload gems they’ve developed or download gems from other developers.
The ability to download gems and plug them into different projects is very useful and convenient for Ruby developers, but can create complications. Different gems are developed by different teams and are updated at different times with bug fixes and new features, and might not necessarily be compatible or play well with one another as they evolve.
This is where Bundler comes in. As its website explains, “Bundler provides a consistent environment for Ruby projects by tracking and installing the exact gems and versions that are needed.” So, for example, if a developer is building a Ruby project and wants to use gems X, Y, and Z, Bundler will pull the versions of those gems that are compatible with one another, providing developers an easy solution for what Bundler describes as “dependency hell.”
Bundler is an open source project that was initially developed by Yehuda Katz, but the GitHub repository for the project was created and was administrated by André Arko. In 2015, Arko also founded a nonprofit trade organization named Ruby Together, which raised funds from developers and companies that use Ruby in order to maintain Bundler and other open source tools.
I will not mince words here: This was a hostile takeover
RubyGems.org, the site and service, is governed by Ruby Central, a nonprofit founded in 2001, which also organizes several Ruby conferences like RubyConf and RailsConf. In 2022, Arko’s Ruby Together and Ruby Central merged, “uniting the Ruby community’s leading events and infrastructure under one roof,” according to Ruby Central’s site. Bundler’s and RubyGems.org’s work often overlapped both in their goals and the developers who worked on them, but operated across two different GitHub organizations, each with its own repositories. To streamline development of these open source projects, Bundler also joined the Ruby Gems GitHub organization in 2022.In 2023, Ruby Central established the Open Source Software Committee, which according to its site oversees RubyGems, Bundler, and RubyGems.org, focusing on infrastructure stability, security, and sustainability.
A confusing and central point of disagreement between Ruby Central and the maintainers it ousted on September 19 is rooted in the merging of Ruby Together and Ruby Central and the difference between Rubygems.org the service, essentially an implementation of the Ruby Gems codebase on an AWS instance, which both parties agree Ruby Central owns and operates, and the Ruby Gems the codebase that lives in the same GitHub organization as Bundler.
According to a recording of a mid-September Zoom meeting which I obtained between Marty Haught, Ruby Central’s Director of Open Source, Arko, and the other ousted contributors, Ruby Central maintains that the codebase and GitHub organization became its responsibility when Ruby Central merged with Ruby Together in 2022. The ousted contributors’ position is that members of Ruby Central, like Haught, can be owners of the GitHub organization, but that ownership of the RubyGems codebase and other projects in the GitHub organization belong to the contributors, who don’t have a detailed governance model but historically have governed by consensus.
Arko made this argument to me in a recent interview, but also outlined that argument in a blog post, where he also shared the merger agreement between Ruby Central and Ruby Together. It shows that Ruby Together would dissolve and that Ruby Central would be in charge of raising and allocating funds for development, but does not explicitly say Ruby Central takes ownership of the RubyGems and Bundler projects or the GitHub organization.
To make matters even more complicated, Arko was at once a contributor to these open source projects, a contributor to RubyGems.org the service, an owner of the GitHub organization, and an advisor to Ruby Central’s Open Source Software Committee.
In May, Arko resigned his position as an advisor to Ruby Central’s Open Source Software Committee, but continued his work as a contributor. Arko told me he resigned his advisory role because of Ruby Central’s last minute invitation of David Heinemeier Hansson, better known online as DHH, as a keynote speaker at RailsConf.
Arko told me he objected to that decision because of DHH’s “horrifying, racist, misogynist, politics” and DHH’s “personal vendetta” against him. In 2021, back at Motherboard, we reported that many employees at DHH’s company, Basecamp, quit after his decision to ban any discussion of politics at work, which many employees saw as squashing discussion about race, bias, and diversity. Arko told me that DHH’s “personal vendetta” against him stemmed from Arko not wanting to support a certain feature DHH wanted added to Bundler, after which DHH demanded Arko be removed from the Ruby Together board.
The current controversy erupted on social media on September 19, when one contributor to the open source projects in the RubyGems and Bundler GitHub organization, Ellen Dash, announced that Haught, Ruby Central’s Director of Open Source, revoked GitHub organization membership for all admins on the RubyGems, Bundler, and RubyGems.org maintainer teams. At that moment, their permissions and access to the GitHub organization were revoked, meaning they could no longer make any changes or contributions to the code, and Haught, representing Ruby Central, took control.
“I will not mince words here: This was a hostile takeover,” Dash said in a public “goodbye” letter they shared online. “I consider Ruby Central’s behavior a threat to the Ruby community as a whole. The forceful removal of those who maintained RubyGems and Bundler for over a decade is inherently a hostile action. Ruby Central crossed a line by doing this.”
The news was seen by many developers in the Ruby and open source community as betraying the dedication and labor that Dash, Arko, and other maintainers put into these tools for years.
Ruby Central, meanwhile, describes the move as one centered around security.
“With the recent increase of software supply chain attacks, we are taking proactive steps to safeguard the Ruby gem ecosystem end-to-end,” Ruby Central said in an explanation of its decision. “To strengthen supply chain security, we are taking important steps to ensure that administrative access to the RubyGems.org, RubyGems, and Bundler is securely managed. This includes both our production systems and GitHub repositories. In the near term we will temporarily hold administrative access to these projects while we finalize new policies that limit commit and organization access rights. This decision was made and approved by the Ruby Central Board as part of our fiduciary responsibility. In the interim, we have a strong on-call rotation in place to ensure continuity and reliability while we advance this work. These changes are designed to protect critical infrastructure that power the Ruby ecosystem, whether you are a developer downloading gems to your local machine [or] a small or large team who rely on the safety and availability of these tools.”
404 Media has covered the kind of recent supply chain attacks targeting open source projects that Ruby Central is referring to. Earlier this month, a critical JavaScript development tool Node Package Manager (NPM), was targeted by a similar supply chain attack. But not everyone in the Ruby development community bought the explanation that security was at the heart of the recent moves. One reason for that is a public statement from a Ruby Central board member and treasurer Freedom Dumlao.
On Substack, Dumlao apologized for the sudden change and how it was communicated.
“If Ruby Central made a critical mistake, it's here,” he wrote. “Could these conversations have been happening in public? Could the concerns we were hearing from companies, users and sponsors have been made more apparent? Probably. But I remind you we don't have a ‘communications team’, no real PR mechanism, we are all just engineers who (like many of you I'm sure) go heads down on a problem until it's solved.”
Dumlao reiterated that RubyGems and Bundler are critical infrastructure that are now increasingly under the threat of supply chain attacks, and said that the companies that rely on them “count” on Ruby Central do everything it can to keep them and their users safe.
However, Dumlao also said that Ruby Central was under “deadline” to make this change.
“Either Ruby Central puts controls in place to ensure the safety and stability of the infrastructure we are responsible for, or lose the funding that we use to keep those things online and going,” Dumlao wrote.
In a September 22 video message in response to criticism about its decision to remove maintainers, Ruby Central’s executive director Shan Cureton described a similar dynamic. She said “sponsors and companies who depend on Ruby tooling came to us with supply chain concerns” and that “Our funding and sponsorships are directly tied to our ability to demonstrate strong operational standards. Without those standards in place, it becomes harder to secure the support needed to keep maintainers paid, organize events, and provide resources for developers at every stage of their journey.”
Since Shopify is one of the primary sponsors and funders of Ruby Central, this led some in the Ruby community to believe that Shopify was exerting pressure on Ruby Central to make this change.
“That is not how it happened, and I wish I had been more careful with my wording in that blog post,” Dumlao told me in a Linkedin message when I asked him if Ruby Central was under pressure from Shopify to make these changes.
I just don't think that there's any other plausible explanation than Shopify demanded this.
After I gave Dumlao my number so we could do a phone interview, I got an email from Cindi Sutera, who was recently brought on as a spokesperson for Ruby Central."Ruby Central’s mission is to keep the infrastructure that Rubyists rely on stable, safe, and trustworthy,” she told me. “As part of a routine review following organizational changes, we identified a small number of accounts whose privileges no longer matched current role requirements. The Board voted that it was imperative to align access with our privilege policy to keep the infrastructure that the Ruby community depends on stable. This is our mission.”
Sutera said that the board approved “a temporary administrative hold on certain elevated permissions” while it finalized operator agreements and governance roles.
“To move quickly and transparently, we imposed a clear deadline to complete operator agreements and close gaps,” she said. “We could have communicated earlier that we felt it necessary to move quickly and wish we could have given the community more time to prepare for this action. And now, here we are committed to completing this transition for the stability and security of the Ruby Gems supply chain. More updates are coming as we work through security protocols and stabilization efforts.”
“There’s literally only one company providing the money that is keeping Ruby Central open, and it is Shopify,” Arko told me. “And so I just don't think that there's any other plausible explanation than Shopify demanded this.”
When I asked Arko why he thought Ruby Central removed him, if it wasn’t for security reasons, Arko said: “totally unprovable speculation is Shopify’s CEO is best friends with DHH, who hates me.” DHH is also a Shopify board member.
“Thanks for the invitation, but not my place to weigh in a lot on this while they're working through these changes,” DHH told me in an email when reached for comment. “But I support them taking steps to secure and professionalize the supply chain work they're doing.”
Shopify did not reply to a request for comment.
As this episode spread on social media, I talked to several people associated with Ruby Central who told me the board was acting in the interest of the RubyGems and the Ruby community. Two sources who asked for anonymity for fear of retaliation said that Arko was difficult to work with, questioned how he used funds raised by Ruby Together, and claimed that a new Ruby version manager he’s working on, rv, means he has a conflict of interest with his work on RubyGems and Bundler.
Arko acknowledged to me he heard he’s been difficult to work with in the past. He said that sometimes he’s been able to reach out to people directly and resolve any issues, and that sometimes he hasn’t. He rejected the other allegations, and said that Ruby Together’s financials have always been public.
“It has always been fully public, and the amount has been fixed at $150 an hour for 10 years,” he said, referring to the amount contributors got paid to work on Bundler. Arko added that nobody has ever been paid for more than 20 hours a week, and that the most he’s been able to raise in a single year is $300,000 to pay eight different contributors. “Nobody has gotten a raise for 10 years.”
"As a matter of policy, we don’t discuss individual personnel,” Sutera, the Ruby Central spokesperson, said when I asked if Arko was removed from the GitHub organization because of his previous behavior. “Our recent actions were organization-wide governance measures aimed at aligning access with policy. Our priority is maintaining a stable and secure Ruby Gems supply chain."
McQuaid, the developer of Homebrew and who followed the controversy, told me that even Arko’s harshest critics wouldn’t deny the contributions he’s made to the Ruby community over the years.
Regarding Arko’s blog post about his removal, McQuaid told me it’s good that Arko is crediting other people for their contribution and that he’s following open source principles of community and transparency, but that “his ‘transparency’ here has been selective to things that benefit him/his narrative, he seems unwilling or unable to admit that he failed as a leader in being unwilling or unable to introduce a formal governance process long before this all went down or appoint a meaningful successor and step down amicably.”
The fundamental disagreement here is about who “owns” the GitHub organization that houses Bundler and RubyGems. Technically, Ruby Central was able to assert control because Hiroshi Shibata, a member of the Ruby core team and one of the contributors who has owner-level permissions on the GitHub, made Haught, who revoked the others’ access, an owner as well. Any owner can add or remove any other owner, but when Ruby Central’s board voted to make this change Haught acted immediately and removed Arko, Dash, and others.
However, Arko fundamentally disagrees with the premise that Ruby Central has the right to govern the GitHub organization in any way, and believes that it has always belonged to the group of contributors who had access up until September 19.
Arko said that even if Ruby Central gave him his permissions back, he would not consider the matter resolved until Ruby Central stopped claiming it owns Bundler “but I am definitely not going to hold my breath for that one.”
“When people really care, they're passionate and they're enthusiastic and they argue, and that often looks like drama,” McQuaid, the developer of Homebrew, said when I asked what he thinks this entire affair says about the state of open source development. “But if I had to pick between having the enthusiasm and the drama or losing both, then I'd probably pick the enthusiasm and the drama, because in some ways, the system is somewhat self correcting. Even the stuff that's going on right now, people are having essentially a very public debate about what role do large companies or nonprofits or individual maintainers have in open source. To what extent does someone's level of contribution matter versus what type of person they are? I think these are valuable discussions to be having, and we're having them in the open, whereas if it was in a company, this would all be in a meeting room or with an HR department or in a leadership offsite or whatever.”
A board member's perspective of the RubyGems controversy
What a week it's been as a Ruby Central Board Member.Freedom Dumlao (Freedom’s Substack)
Technology reshared this.
DeepSeek-V3.2 released
DeepSeek-V3.2 - a deepseek-ai Collection
Unlock the magic of AI with handpicked models, awesome datasets, papers, and mind-blowing Spaces from deepseek-aihuggingface.co
تحريرها كلها ممكن
in reply to ☆ Yσɠƚԋσʂ ☆ • • •HarmonyOS 5 Devices Surpass 20 Million Units - Voila!News
Richard YANG (Voila!News)Liam Proven
in reply to تحريرها كلها ممكن • • •20M units in China is too small to count as a rounding error.
When one Chinese phone company hired an American CEO he talked in interviews about how experimentally selling 50M units of a test prototype suggested it might have potential.
تحريرها كلها ممكن
in reply to Liam Proven • • •In 10 months though and practically limited to the Chinese market? I think it is still an impressive figure.
Compare that with both Android and the iPhone which had global availability and took until 2010 to reach the same milestone.
☆ Yσɠƚԋσʂ ☆
in reply to تحريرها كلها ممكن • • •تحريرها كلها ممكن
in reply to ☆ Yσɠƚԋσʂ ☆ • • •☆ Yσɠƚԋσʂ ☆
in reply to تحريرها كلها ممكن • • •folaht
in reply to تحريرها كلها ممكن • • •China deployed alternatives to everything.
Alternatives to Nvidia AI chips, Volkswagen cars, TSMC chip foundries,
ASML lithography machines, ChatGPT AI software, F22 fighter jets.
And China has superior class solar panels, wind turbines, electric grids and batteries.
The EU has lithography machines that's dependent on the US
and electric cars that are inferior to Tesla and those are their crown jewels.
☆ Yσɠƚԋσʂ ☆
in reply to تحريرها كلها ممكن • • •Catalyst
in reply to ☆ Yσɠƚԋσʂ ☆ • • •like this
☆ Yσɠƚԋσʂ ☆ likes this.