I ran across a very interesting article. Politics aside it talked about how a developer who provided a key component of Chef didnt like who the company was selling to. The individual decided to pull his code, "Ruby gems" from the Chef repo. This caused issues across the world for anyone using those modules. Those modules have been downloaded over 20 million times.
Chef had to act quickly and take ownership of the module that previously they relied on open source developers to provide. I know we worry about the safety of open source and there are teams and processes to vet the code. I wasn't realy thinking of the control individuals can have if they own the repository where the code reside.
To be able to move entire echo system by holding hostage the access to open source software should be a sobering effect. I still believe in open source but there should be more exposure and transparency on ownership. As always just my 2c.
Last Thursday, DevOps guru Seth Vargo yanked his open-source Ruby Gems that are crucial within the Chef ecosystem – they make the app configuration management system a lot easier to use – citing the revelation of a $95,000 contract between ICE and Chef that was brokered by a reseller.