
Governance, Security Flaws, and AI Tools
From Remote Ruby by Chris Oliver, Andrew Mason, David Hill
April 10, 2026 · 38 min · Episode 346
About this episode
The episode discusses trust and governance in open source alongside software security and AI-assisted development.
This episode of Remote Ruby opens with stories of exhaustion from a sleepless week. Then, Chris, Andrew, and David spend most of the episode unpacking two big themes: trust and governance in open source, and the growing mess of software security and AI-assisted development. They dig into the new Ruby Central write-up on the RubyGems/Bundler fracture and question whether it actually clarifies the path forward, then pivot into the Axios npm compromise, supply-chain risk, and how fragile modern ...
People in this episode
Hosts: Chris Oliver, Andrew Mason, David Hill
Topics covered
- trust in open source
- governance
- software security
- AI-assisted development
- supply-chain risk
Keywords
- open source
- software security
- AI tools
- supply-chain risk
- RubyGems
- Bundler
- Axios
- npm
Mentioned in this episode
Organizations: Ruby Central, RubyGems, Bundler, Axios, npm
More episodes of Remote Ruby
- [The lost episode 259] All Right, Rant Time - Debugging · June 12, 2026 · 55 min
- Revise Auth and Podcasting Plans · June 5, 2026 · 1h 10m
- Rails World Tickets, New JavaScript Package Managers, and Security Worries · May 29, 2026 · 42 min
- Blue Ridge Ruby Insights & Experiences · May 22, 2026 · 54 min
- Stripe Changes, File Upload Quirks, Scaling Sidekiq · May 15, 2026 · 50 min
- Direct Routes and Data Queries · May 8, 2026 · 40 min
Explore listener stats, chart rankings, contacts and more on the Remote Ruby podcast page.