I joined RubyCentral to release a postmortem, and today I'm delivering my report on what happened.
-
I joined RubyCentral to release a postmortem, and today I'm delivering my report on what happened. The hope is to provide more transparency and closure, 194 days since the incident on September 18, 2025.
I've named the incident "RubyGems Fracture." For full details, read my report. #ruby
RubyGems Fracture Incident Report
By: Richard Schneeman This document attempts to give closure to the Ruby community about the events that led to the incident, September 10-18, 2025, which I’ve named “RubyGems Fracture.” Preamble I joined Ruby Central’s Open Source Committee on October 22nd, 2025, after the GitHub access changes. I was
Ruby Central (rubycentral.org)
-
I joined RubyCentral to release a postmortem, and today I'm delivering my report on what happened. The hope is to provide more transparency and closure, 194 days since the incident on September 18, 2025.
I've named the incident "RubyGems Fracture." For full details, read my report. #ruby
RubyGems Fracture Incident Report
By: Richard Schneeman This document attempts to give closure to the Ruby community about the events that led to the incident, September 10-18, 2025, which I’ve named “RubyGems Fracture.” Preamble I joined Ruby Central’s Open Source Committee on October 22nd, 2025, after the GitHub access changes. I was
Ruby Central (rubycentral.org)
I previously wrote this on how you can hold me accountable in this work https://ruby.social/@Schneems/116216591665738708.
Though I'll probably be slow to respond today.
-
R relay@relay.mycrowd.ca shared this topic
-
I joined RubyCentral to release a postmortem, and today I'm delivering my report on what happened. The hope is to provide more transparency and closure, 194 days since the incident on September 18, 2025.
I've named the incident "RubyGems Fracture." For full details, read my report. #ruby
RubyGems Fracture Incident Report
By: Richard Schneeman This document attempts to give closure to the Ruby community about the events that led to the incident, September 10-18, 2025, which I’ve named “RubyGems Fracture.” Preamble I joined Ruby Central’s Open Source Committee on October 22nd, 2025, after the GitHub access changes. I was
Ruby Central (rubycentral.org)
@Schneems thanks you for writing this.
I have a couple more questions.
Give the connection between github access and the production system, why wasn’t that addressed directly by taking technical measures to separate that? It seems like that’s where RC feels like they own the org, and from many peoples’ POVs they don’t.
Given that connection, how does it make sense to pass org ownership to Matz / Ruby Core?
If this was a legal thing about Andre/logs, why not send him a legal notice “don’t”?
-
@Schneems thanks you for writing this.
I have a couple more questions.
Give the connection between github access and the production system, why wasn’t that addressed directly by taking technical measures to separate that? It seems like that’s where RC feels like they own the org, and from many peoples’ POVs they don’t.
Given that connection, how does it make sense to pass org ownership to Matz / Ruby Core?
If this was a legal thing about Andre/logs, why not send him a legal notice “don’t”?
@Schneems This doesn’t change my viewpoint much about what happened, but is the most transparency we’ve gotten from RC about the fracture, thank you for that.
-
I joined RubyCentral to release a postmortem, and today I'm delivering my report on what happened. The hope is to provide more transparency and closure, 194 days since the incident on September 18, 2025.
I've named the incident "RubyGems Fracture." For full details, read my report. #ruby
RubyGems Fracture Incident Report
By: Richard Schneeman This document attempts to give closure to the Ruby community about the events that led to the incident, September 10-18, 2025, which I’ve named “RubyGems Fracture.” Preamble I joined Ruby Central’s Open Source Committee on October 22nd, 2025, after the GitHub access changes. I was
Ruby Central (rubycentral.org)
@Schneems thank You very much Richard for creating this post mortem!
-
I joined RubyCentral to release a postmortem, and today I'm delivering my report on what happened. The hope is to provide more transparency and closure, 194 days since the incident on September 18, 2025.
I've named the incident "RubyGems Fracture." For full details, read my report. #ruby
RubyGems Fracture Incident Report
By: Richard Schneeman This document attempts to give closure to the Ruby community about the events that led to the incident, September 10-18, 2025, which I’ve named “RubyGems Fracture.” Preamble I joined Ruby Central’s Open Source Committee on October 22nd, 2025, after the GitHub access changes. I was
Ruby Central (rubycentral.org)
@Schneems First of all, thank you for the report.
It does provide some additional clarity but not much closure.
For one, even though you speak for the organisation, it's only you speaking. People who were directly involved and made the mistakes did not come forward so far. And even then it's only admission of mistakes. There’s not even a symbolic apology. But also apparently no concrete plans to change anything.
Another thing not covered here is how rubygems ended up in ruby org. What’s RC's ivolvement with it now?
