Governance, Security Flaws, and AI Tools

Governance, Security Flaws, and AI Tools

From Remote Ruby by Chris Oliver, Andrew Mason, David Hill

April 10, 2026 · 38 min · Episode 346

About this episode

The episode discusses trust and governance in open source alongside software security and AI-assisted development.

This episode of Remote Ruby opens with stories of exhaustion from a sleepless week. Then, Chris, Andrew, and David spend most of the episode unpacking two big themes: trust and governance in open source, and the growing mess of software security and AI-assisted development. They dig into the new Ruby Central write-up on the RubyGems/Bundler fracture and question whether it actually clarifies the path forward, then pivot into the Axios npm compromise, supply-chain risk, and how fragile modern ...

People in this episode

Hosts: Chris Oliver, Andrew Mason, David Hill

Topics covered

  • trust in open source
  • governance
  • software security
  • AI-assisted development
  • supply-chain risk

Keywords

  • open source
  • software security
  • AI tools
  • supply-chain risk
  • RubyGems
  • Bundler
  • Axios
  • npm

Mentioned in this episode

Organizations: Ruby Central, RubyGems, Bundler, Axios, npm

More episodes of Remote Ruby

Explore listener stats, chart rankings, contacts and more on the Remote Ruby podcast page.