LightNews
martinemde.com
Martin Emde
@martinemde.com
150 followers 52 following 130 posts
Modularity @ Gusto, Rubyist
Posts Media Videos Starter Packs
Reposted by Martin Emde
joel.drapper.me
Joel Drapper 🇬🇧🇺🇦 @joel.drapper.me · 9h
This is very well written and fair. I have updated my post to link to this under a new “Responses” heading.

Thank you @byroot.bsky.social.
byroot.bsky.social
Jean Boussier @byroot.bsky.social · 16h
I tried to explain why I don't believe the recent accusations toward my former teammates, as well as how the Ruby and Rails Infra team at Shopify operates and why it can be trusted.

byroot.github.io/opensource/r...
Dear Rubyists: Shopify Isn’t Your Enemy
I’ve been meaning to write a post about my perspective on Open Source and corporate entities. I already got the rough outline of it; however, I’m suffering from writer’s block, but more importantly, t...
byroot.github.io
1 10
martinemde.com
Martin Emde @martinemde.com · 9h
Honestly, I think this is the only privacy policy I've ever read top to bottom. It's hard to read and decide what's actually true from this. Maximum humility here given my inexperience with this.
1
martinemde.com
Martin Emde @martinemde.com · 9h
I may have misspoken here about rubygems.org privacy policy. Just trying to clear that up since I can't edit posts.
martinemde.com
Martin Emde @martinemde.com · 9h
I'm not a lawyer and may have made this claim incorrectly. Sorry. I would edit my post if I could.
1
martinemde.com
Martin Emde @martinemde.com · 9h
I wish I could edit posts. I'm not a lawyer and shouldn't make a claim like that. I may be misreading.
1 1
martinemde.com
Martin Emde @martinemde.com · 9h
@fxn.bsky.social Yeah, this is what I was referring to.
1 2
martinemde.com
Martin Emde @martinemde.com · 9h
To that point, I'm announcing publicly my intention to run for the Project Lead of the gem.coop project. I've spoken to many of you about this, but I truly believe there's a chance to innovate, to make a better, transparent, open system run by maintainers that benefits us all and steps above this.
1 11
martinemde.com
Martin Emde @martinemde.com · 9h
Hey folks. I'm still trying to reconcile the news today.
1. We are not selling any private info. RubyGems.org policies permit that, but gem.coop doesn't collect anything.
2. We need to have good leadership, elected transparently, with transparent finances. We're publishing our governance for that.
4 5 16
martinemde.com
Martin Emde @martinemde.com · 10h
Shibata-san was not an employee. 3 of the people removed were actively paid by RC and required access to sensitive systems to do their jobs, and for 1 it was their only source of income. It's not clear cut "employee/not"
1 1
martinemde.com
Martin Emde @martinemde.com · 10h
From the bottom of my heart, thank you Mike. I appreciate all you've done for the community, for governance, and for open source.
2
martinemde.com
Martin Emde @martinemde.com · 12h
Point is, you don’t say “ok, Hsbt moved too quick to remove everyone, he shouldn’t have done that, miscommunication sorry, we restored ownership, please don’t retaliate” and then remove everyone again, fully, a few days later without any discussion, again.
1
martinemde.com
Martin Emde @martinemde.com · 12h
“Us” was all owners on the org besides Marty, Hsbt and Colby.
2 1
martinemde.com
Martin Emde @martinemde.com · 12h
The agreements don’t exist. They didn’t exist and I was never asked. I got hard removed while engaging in good faith discussion about “how should we decide who owns the repos”. I was enterprise owner and I could have removed Marty and Hsbt and we’d be having a different discussion right now.
1 6
martinemde.com
Martin Emde @martinemde.com · 13h
I personally don’t think Shopify is the enemy here, but somehow it seems like the board thought funding was contingent on these actions. See Freedom’s post about a no vote on removing us being a vote to shutdown RC. You covered the way that influence happens, and certainly it did happen for RC. :(
2 3
martinemde.com
Martin Emde @martinemde.com · 13h
“What we need is more companies doing their part.”

It’s often said that other languages and projects like Linux are successful because they have big backers from Google, etc. Shopify is that for Ruby, and others, like Gusto (my company), also do their part. I’m proud to be a part of this help.
2
martinemde.com
Martin Emde @martinemde.com · 13h
“But the response shouldn’t be to try to cast Shopify and its employees aside. It would be silly to punish them for helping too much.”

Yes! Thank you to every Shopify person that helped. We traded work on rails and ruby and RG constantly, as it should be.
1 1
martinemde.com
Martin Emde @martinemde.com · 13h
Paraphrase: Why should we need rv? let’s make bundler faster.

Totally! Bundler 4 work was going ahead full steam. Let rv be rv. Even if it became great, it still needed rubygems.org! Use tools you love. Better to keep the collation at least close. RC dropped the ball majorly here.
1
martinemde.com
Martin Emde @martinemde.com · 13h
That’s not the whole of it, but they really drug us through the mud. We were handling security and maintenance impeccably. It was functioning like good open source. I even think patching up with @tenderlove.dev was likely. Leadership of the project was much more in non-André hands.
1 1
martinemde.com
Martin Emde @martinemde.com · 13h
I agree: “most of them will stick around regardless. Most will even remain contributors if they quit or are laid off.”

I was contributing to rubygems in my off time as an employee of another company. Most contributors were. There was no reason to take that away and lie about us not having MFA :(
1
martinemde.com
Martin Emde @martinemde.com · 13h
I think you covered the biases at play well. I directly interfaced with Shopify about funding. They were giving general funds that allowed us to finish projects like bundler lockfile checksums and more. I think RC financing failed the OSS program in 2024 and that impacted what we could accomplish.
1 1
martinemde.com
Martin Emde @martinemde.com · 13h
I’m glad people discussed this in the open. Be sure to also read the linked material and make your own decision about whether you think the replies were hostile. Don’t take my or Justin’s word for anything you can verify yourself.
1 3
martinemde.com
Martin Emde @martinemde.com · 13h
Thank you for an excellent post @byroot.bsky.social. I’ll corroborate what I can.

I don’t feel any distrust about @tenderlove.dev’s PRs. I approved (I think) 2 of them myself. They touched code I was deeply familiar with, the tar entry/copy_stream/gem unpack logic. Great work and thank you!
byroot.bsky.social
Jean Boussier @byroot.bsky.social · 16h
I tried to explain why I don't believe the recent accusations toward my former teammates, as well as how the Ruby and Rails Infra team at Shopify operates and why it can be trusted.

byroot.github.io/opensource/r...
Dear Rubyists: Shopify Isn’t Your Enemy
I’ve been meaning to write a post about my perspective on Open Source and corporate entities. I already got the rough outline of it; however, I’m suffering from writer’s block, but more importantly, t...
byroot.github.io
1 7
Reposted by Martin Emde
duckinator.bsky.social
puppy @duckinator.bsky.social · 1d
On RubyGems & Governance: pup-e.com/blog/on-ruby...

Many programmers have no interest in formal governance processes, but letting people act and speak on our behalf without our input is what got us here.

The path forward is for the community to speak up and take direct ownership of what we make.
On RubyGems & Governance
pup-e.com
4 8 19
martinemde.com
Martin Emde @martinemde.com · 1d
Join the bundler slack and message me, that’s probably best? Or dm me here.
2
martinemde.com
Martin Emde @martinemde.com · 1d
Trust chains are interesting. Time for key signing parties at conferences? (only half joking) a purist would probably object, but if everyone can put their trust in the certificate authority for everything else, we probably can too. Eggs, meet your basket.
1