Ruby Community Crisis: Ruby Central's Hostile Takeover of RubyGems
Introduction
Conflict in the Ruby Ecosystem
Unprecedented crisis in managing critical open source infrastructure
Critical Situation in Ruby Ecosystem
In September 2025, the Ruby community faced an unprecedented crisis when the non-profit organization Ruby Central forcibly took control of key infrastructure — the RubyGems and Bundler projects, which serve billions of package downloads monthly.
Events that maintainers call a "hostile takeover" have threatened the stability of one of the most important package management systems in the open source world and caused a mass exodus of experienced developers.
Timeline of Events
Crisis Begins
A RubyGems maintainer without warning renamed the GitHub enterprise from "RubyGems" to "Ruby Central" and removed all other maintainers
Partial Rollback
The maintainer claimed to restore access rights after talking with Marty Haught
Conflict Escalation
Marty Haught without explanation revoked access for all administrators of RubyGems, Bundler and RubyGems.org teams
Public Exposure
Ellen Dash published an accusatory document, Andre Arko announced the dissolution of the RubyGems team
Key Figures in the Conflict
Ellen Dash (@duckinator)
RubyGems Maintainer
10+ years
Community involvement since age 13, key developer
Left Ruby Central
Andre Arko
Bundler Creator
10+ years
Created and maintained Bundler, ecosystem foundation
Left the project
Marty Haught
Director of Open Source at Ruby Central
Management
Last code ~2010-2013 (Rails 4), focus on management
Controls RubyGems
Positions of the Parties
Ruby Central
Justification:
- Protecting supply chain security
- Fiduciary duty to the community
- Response to increased cyber threats
- Need for governance formalization
"We are strengthening governance processes to protect critical infrastructure"
Maintainers
Accusations:
- Hostile takeover without consultation
- Removal of experienced developers
- Appointment of incompetent managers
- Violation of open source principles
"This is a hostile takeover. Ruby Central has violated community trust"
Consequences and Forecasts
Short-term Risks
Technical Stability:
- Loss of expertise
- Update problems
- Security risks
Community Trust:
- Developer exodus
- Reputational damage
- Reduced activity
Long-term Threats
Ecosystem Split: possibility of creating alternative package management systems
Precedent: model could be reproduced in other OSS projects
Competitiveness: weakening of Ruby's position among programming languages
Expert Opinion
Systemic OSS Governance Problems
The crisis reveals fundamental vulnerabilities in managing critical open source infrastructure:
- Informal power structures are easily usurped
- Lack of protective mechanisms for technical communities
- Conflict of interest between administrators and developers
"This case could become a precedent for reconsidering principles of critical OSS infrastructure governance"
Sources and Additional Information
Conclusion
The crisis in the Ruby community represents a clash between administrative power and technical competence. The outcome of this conflict may determine the future not only of the Ruby ecosystem, but also the principles of critical OSS infrastructure governance in general.
The developer community must closely monitor the development of the situation and be ready for active actions to protect their interests. How this crisis is resolved depends not only on the technical future of Ruby, but also on trust in the open source model as such.
💡 Stay tuned for updates on the situation — this could be a turning point for the entire open source industry.