RubyGems has grown significantly in recent years, with a greater focus on stability and security to ensure you have the tools you need to build with confidence.

As we continue to mature, we’re putting stronger foundations in place to support that growth over the long term. This includes creating clear standards and processes for how RubyGems.org is managed.

Within my first two months in this role overseeing RubyGems, we received a takedown request for a gem that potentially violated a trademark. As we looked into it, we realized we didn’t have a formal policy to guide our response. The team had a general sense of how such cases were handled in the past, but nothing was documented. That incident led us to discover a broader gap: we lacked foundational policies that are important from a legal and compliance standpoint.

This might not be as exciting as solving tough engineering problems, but it matters. Without clear policies, we carry unnecessary risk, and we make it harder to act fairly and consistently across the board.

With this in mind, we partnered with a law firm that specializes in working with open source organizations to help us formalize a set of policies. These include a Terms of Service, Privacy Notice, Acceptable Use Policy, and Copyright Policy. They essentially reflect how we’ve already been operating, but make those practices official and transparent. These updates will help us respond to issues more consistently and ensure the platform remains safe, reliable, and well-governed.

You can read more about these policies here.

We announced these policies on the RubyGems blog last week and are now opening a 60-day community review and comment period. If you’d like to weigh in, we encourage you to send feedback to legal@rubycentral.org or join the conversation in the #oss-program-ruby-central channel on the Ruby Central Community Slack.

Thank you for being part of this journey with us.

Best,
Marty Haught
Director of Open Source, Ruby Central