Remote Ruby
Rubyists having conversations and interviewing others about Ruby and web development.
Remote Ruby
Governance, Security Flaws, and AI Tools
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
This episode of Remote Ruby opens with stories of exhaustion from a sleepless week. Then, Chris, Andrew, and David spend most of the episode unpacking two big themes: trust and governance in open source, and the growing mess of software security and AI-assisted development. They dig into the new Ruby Central write-up on the RubyGems/Bundler fracture and question whether it actually clarifies the path forward, then pivot into the Axios npm compromise, supply-chain risk, and how fragile modern package ecosystems can feel. Then, they go into a wide-ranging discussion on AI coding, bloated production apps, image-performance headaches, CSS/rendering quirks, and why teams may need to rethink APIs, CLIs, MCPs, and markdown-first docs as agent traffic keeps growing. Hit download now to hear more!
Links
- Judoscale- Remote Ruby listener gift
- RubyGems Fracture Incident Report
- Bundler has moved to the RubyGems organization (GitHub)
- Mitigating the Axios npm supply chain compromise (Microsoft Security blog)
- Garry Tan X
- The Missing GitHub Status Page
Honeybadger is an application health monitoring tool built by developers for developers.
Judoscale
Make your deployments bulletproof with autoscaling that just works.
Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.
