RubyConf 2023 - State of the RubyGems by Samuel Giddins

Discover the latest updates and improvements to the RubyGems packaging ecosystem, learn about the team's efforts to enhance security and convenience, and explore ways to support this vital project for Ruby developers.

Key takeaways
  • RubyGems and Bundler have been constantly working on improving the management of gems, making it faster, easier, and more reliable.
  • The packaging ecosystem is run by a team of volunteers, with many individuals belonging to multiple teams.
  • There are numerous ways to support the RubyGems project, including contributing code, reporting bugs, and giving feedback.
  • The RubyGems team is working on improving the security of RubyGems.org and its services.
  • The organization has received funding from Ruby Together to hire a dedicated full-time role focused on improving security.
  • The dependencies of RubyGems are highly complex, with millions of gem versions and over 180,000 users.
  • The RubyGems team is working on making the service more secure and convenient, including adding support for pass keys and implementing a new, more secure authentication system.
  • The organization relies on donations and membership fees from individuals and companies to support the RubyGems project.
  • The open source portion of Ruby Central’s overhead typically costs between $5,000 and $10,000 per month.
  • The organization is working on expanding its tools and services to make it easier for developers to use RubyGems, including automated dependency resolution and a new code editor.
  • The team is also working on improving the RubyGems.org site, including adding features like a gem browser and allowing users to reuse Ruby version files.
  • The organization is working on improving the community around RubyGems, including hosting conferences and supporting regional and local conference organizers.
  • The RubyGems team is doing a lot of work to keep the service running smoothly and safely, including implementing automated dependency resolution and a new, more secure authentication system.