[DRE-maint] Bug#1034147: ruby-regexp-parser: please make the build reproducible
Source: ruby-regexp-parser Version: 2.6.1-1 Severity: wishlist Tags: patch User: reproducible-bui...@lists.alioth.debian.org Usertags: buildpath X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org Hi, Whilst working on the Reproducible Builds effort [0] we noticed that ruby-regexp-parser could not be built reproducibly. This is because it uses the ragel compiler that, by default, will add line annotations that include the absolute build path: /usr/share/rubygems-integration/all/gems/regexp_parser-2.6.1/lib/regexp_parser/scanner.rb @@ -1,12 +1,12 @@ # -*- warn-indent:false; -*- -# line 1 "/build/1st/ruby-regexp-parser-2.6.1/tasks/../lib/regexp_parser/scanner/scanner.rl" +# line 1 "/build/2/ruby-regexp-parser-2.6.1/2nd/tasks/../lib/regexp_parser/scanner/scanner.rl" (etc.) A patch is attached that adjusts the call to ragel to include the -L argument that suppresses these additions. [0] https://reproducible-builds.org/ Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- --- a/debian/patches/reproducible-build.patch 1970-01-01 01:00:00.0 +0100 --- b/debian/patches/reproducible-build.patch 2023-04-10 12:33:48.022769023 +0100 @@ -0,0 +1,15 @@ +Description: Make the build reproducible +Author: Chris Lamb +Last-Update: 2023-04-10 + +--- ruby-regexp-parser-2.6.1.orig/tasks/ragel.rake ruby-regexp-parser-2.6.1/tasks/ragel.rake +@@ -8,7 +8,7 @@ namespace :ragel do + RAGEL_SOURCE_FILES.each do |source_file| + output_file = "#{RAGEL_OUTPUT_DIR}/#{source_file}.rb" + # using faster flat table driven FSM, about 25% larger code, but about 30% faster +- sh "ragel -F1 -R #{RAGEL_SOURCE_DIR}/#{source_file}.rl -o #{output_file}" ++ sh "ragel -L -F1 -R #{RAGEL_SOURCE_DIR}/#{source_file}.rl -o #{output_file}" + + contents = File.read(output_file) + --- a/debian/patches/series 1970-01-01 01:00:00.0 +0100 --- b/debian/patches/series 2023-04-10 12:33:46.366759334 +0100 @@ -0,0 +1 @@ +reproducible-build.patch ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#1037178: puppet does not sync files anymore after recent ruby2.5 security upload
Utkarsh, > I had missed your comment in the bug but super, many thanks for > testing this out! I'll wait a bit more before I roll this out. I see your 2.5.5-3+deb10u6 update on the debian/buster branch which fixes the broken +deb10u5 upload, but I don't see it in the archive yet. Although you mentioned you were going to wait a bit more, I'm just 100%-checking you aren't waiting on anything from me to upload that? Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#1037178: puppet does not sync files anymore after recent ruby2.5 security upload
No, please go ahead and do both: my availability is spotty for the next 18 hours. :) (on mobile) Utkarsh Gupta wrote: > Hi Chris, > > On Wed, Jun 7, 2023 at 9:01 PM Chris Lamb wrote: >> I see your 2.5.5-3+deb10u6 update on the debian/buster branch which >> fixes the broken +deb10u5 upload, but I don't see it in the archive >> yet. >> >> Although you mentioned you were going to wait a bit more, I'm just >> 100%-checking you aren't waiting on anything from me to upload that? > > Oh yeah, I wanted to sneak in some fixes and enable the tests and fix > the failing ones with the last upload. So I'll take care of the upload > and the announcement unless you prefer doing that since you did the > original upload? > > > -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#1041840: ruby-babosa: please make the build reproducible
Source: ruby-babosa Version: 2.0.0-1 Severity: wishlist Tags: patch User: reproducible-bui...@lists.alioth.debian.org Usertags: buildpath X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org Hi, Whilst working on the Reproducible Builds effort [0], we noticed that ruby-babosa could not be built reproducibly. This is because the rendered .gemspec file expands the unreproducible __dir__ variable to be included in a "cert_chain" attribute. However, this is not needed in the package, and is probably only needed if you are making releases of the package (like the 'signing_key') attribute. A patch is attached that moves the assignment of cert_chain to match the conditional of signing_key, thereby excluding it from the binary package and thus making the package reproducible. [0] https://reproducible-builds.org/ Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- --- a/debian/patches/reproducible-build.patch 1970-01-01 01:00:00.0 +0100 --- b/debian/patches/reproducible-build.patch 2023-07-24 09:03:51.786257737 +0100 @@ -0,0 +1,16 @@ +Description: Make the build reproducible +Author: Chris Lamb +Last-Update: 2023-07-24 + +--- ruby-babosa-2.0.0.orig/babosa.gemspec ruby-babosa-2.0.0/babosa.gemspec +@@ -26,8 +26,8 @@ Gem::Specification.new do |s| + s.add_development_dependency "rubocop", ">= 0.93.0" + s.add_development_dependency "simplecov" + +- s.cert_chain = [File.expand_path("certs/parndt.pem", __dir__)] + if $PROGRAM_NAME.end_with?("gem") && ARGV.include?("build") && ARGV.include?(__FILE__) ++s.cert_chain = [File.expand_path("certs/parndt.pem", __dir__)] + s.signing_key = File.expand_path("~/.ssh/gem-private_key.pem") + end + end --- a/debian/patches/series 2023-07-24 08:59:47.532270584 +0100 --- b/debian/patches/series 2023-07-24 09:03:50.114246613 +0100 @@ -1 +1,2 @@ remove-bundler.patch +reproducible-build.patch ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#1041840: ruby-babosa: please make the build reproducible
forwarded 1041840 https://github.com/norman/babosa/pull/74 thanks I've forwarded this upstream here: https://github.com/norman/babosa/pull/74 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Upload of src:ruby-websocket-extensions to stable-proposed-updates.
Hi ruby-websocket-extensions maintainers & uploaders, The version of ruby-websocket-extensions in the stretch-security LTS distribution is currently higher than the version in buster. This is due to the upload of 0.1.2-1+deb9u1 to address CVE-2020-7663: https://security-tracker.debian.org/tracker/CVE-2020-7663 As this breaks clean upgrades, I'm willing to prepare a release of ruby-websocket-extensions for the next point release. Would this be okay with you? If so, is there anything in particular I should know (eg. you wish this to be done in Git, etc.). Or, perhaps you would like to handle this yourself? Either way, please let me know. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
Re: [DRE-maint] Upload of src:ruby-websocket-extensions to stable-proposed-updates.
Hi Pirate et al., > >As this breaks clean upgrades, I'm willing to prepare a release of > >ruby-websocket-extensions for the next point release. Would this be > >okay with you? > > This should be fine. Please go ahead. Thanks for your quick reply. I've filed this as #988454 and my fork is available at: https://salsa.debian.org/lamby/ruby-websocket-extensions Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#874146: FTBFS with Java 9: all tests fail
tags 874146 + patch thanks Patch attached. :) Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- commit 5a0e6250739773efbc176dbc93397c4fc2ebdae5 Author: Chris Lamb Date: Sun Apr 15 20:17:41 2018 +0100 Look for libjvm.so in /usr/lib/jvm/default-java/lib/server, not /usr/lib/jvm/default-java/jre/lib/{i386,amd86}/client. diff --git a/debian/patches/0005-Always-JVM_TYPE-to-server.patch b/debian/patches/0005-Always-JVM_TYPE-to-server.patch deleted file mode 100644 index 9cd9613..000 --- a/debian/patches/0005-Always-JVM_TYPE-to-server.patch +++ /dev/null @@ -1,26 +0,0 @@ -From: =?utf-8?q?J=C3=A9r=C3=A9my_Bobbio?= -Date: Wed, 24 Feb 2016 13:28:26 +0100 -Subject: Always JVM_TYPE to 'server' - -On Debian, libjvm.so is provided by the headless JRE which puts file -in the 'server' directory and not 'client'. It used to work for amd64 -because there a curious special case. - -Closes: #814411 - ext/load.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ext/load.c b/ext/load.c -index 44b13aa..eb48f48 100644 a/ext/load.c -+++ b/ext/load.c -@@ -32,7 +32,7 @@ - #include "jp_co_infoseek_hp_arton_rjb_RBridge.h" - #include "rjb.h" - --#define JVM_TYPE "client" -+#define JVM_TYPE "server" - #define ALT_JVM_TYPE "classic" - - #if defined(_WIN32) || defined(__CYGWIN__) diff --git a/debian/patches/0006-Look-for-libjvm.so-in-usr-lib-jvm-default-java-lib-s.patch b/debian/patches/0006-Look-for-libjvm.so-in-usr-lib-jvm-default-java-lib-s.patch new file mode 100644 index 000..a934916 --- /dev/null +++ b/debian/patches/0006-Look-for-libjvm.so-in-usr-lib-jvm-default-java-lib-s.patch @@ -0,0 +1,40 @@ +From: Chris Lamb +Date: Sun, 15 Apr 2018 20:17:05 +0100 +Subject: Look for libjvm.so in /usr/lib/jvm/default-java/lib/server, + not /usr/lib/jvm/default-java/jre/lib/{i386,amd86}/client + +--- + ext/load.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/ext/load.c b/ext/load.c +index 44b13aad69c2..ebd2c84c75e6 100644 +--- a/ext/load.c b/ext/load.c +@@ -32,7 +32,7 @@ + #include "jp_co_infoseek_hp_arton_rjb_RBridge.h" + #include "rjb.h" + +-#define JVM_TYPE "client" ++#define JVM_TYPE "server" + #define ALT_JVM_TYPE "classic" + + #if defined(_WIN32) || defined(__CYGWIN__) +@@ -83,7 +83,7 @@ + #ifndef ARCH + #include + #endif +- #define JVMDLL "%s/jre/lib/%s/%s/libjvm.so" ++ #define JVMDLL "%s/lib/%s/libjvm.so" + #define DIRSEPARATOR '/' + #define CLASSPATH_SEP ':' + #endif +@@ -249,7 +249,7 @@ static int load_jvm(const char* jvmtype) + #else /* not Windows / MAC OS-X */ + libpath = ALLOCA_N(char, sizeof(JVMDLL) + strlen(java_home) + + strlen(ARCH) + strlen(jvmtype) + 1); +-sprintf(libpath, JVMDLL, java_home, ARCH, jvmtype); ++sprintf(libpath, JVMDLL, java_home, jvmtype); + #endif + return open_jvm(libpath); + } diff --git a/debian/patches/series b/debian/patches/series index bb0bf98..9616aea 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,5 +1,5 @@ 0001-Allow-bridge-file-to-be-specified-using-the-RJB_BRID.patch 0002-Fix-paths-to-jars-in-test-suite.patch 0005-Fill-JAVA_HOME-with-a-sensible-value-if-not-set-when.patch -0005-Always-JVM_TYPE-to-server.patch 0005-Remove-support-for-obsolete-rake-gempackagetask.patch +0006-Look-for-libjvm.so-in-usr-lib-jvm-default-java-lib-s.patch ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#874146: FTBFS with Java 9: all tests fail
Chris Lamb wrote: > Patch attached. I intend to NMU this package. May I be granted access to ruby-team on salsa.debian.org so I can push my changes and, if you wish, "Team upload" instead? I have requested access on salsa.debian.org itself. I will update/refresh the packaging at the same time. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#897664: ruby-rjb: FTBFS: make[2]: javah: Command not found
Source: ruby-rjb Version: 1.5.5-2 Severity: serious Justification: fails to build from source User: reproducible-bui...@lists.alioth.debian.org Usertags: ftbfs X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org Dear Maintainer, ruby-rjb fails to build from source in unstable/amd64: […] dpkg-buildpackage -rfakeroot -us -uc -ui -b dpkg-buildpackage: info: source package ruby-rjb dpkg-buildpackage: info: source version 1.5.5-2 dpkg-buildpackage: info: source distribution unstable dpkg-buildpackage: info: source changed by Chris Lamb dpkg-source --before-build ruby-rjb-1.5.5 dpkg-buildpackage: info: host architecture amd64 fakeroot debian/rules clean dh clean --buildsystem=ruby --with ruby dh_auto_clean -O--buildsystem=ruby dh_ruby --clean dh_ruby --clean debian/rules override_dh_clean make[1]: Entering directory '«BUILDDIR»' dh_clean -O--buildsystem=ruby rm -rf test/jp test/jartest test/jartest2 rm -f rjb-global.rake rjb.gemspec make[1]: Leaving directory '«BUILDDIR»' debian/rules build dh build --buildsystem=ruby --with ruby dh_update_autotools_config -O--buildsystem=ruby dh_autoreconf -O--buildsystem=ruby dh_auto_configure -O--buildsystem=ruby dh_ruby --configure debian/rules override_dh_auto_build make[1]: Entering directory '«BUILDDIR»' mkdir -p $(dirname test/jp/co/infoseek/hp/arton/rjb/Test.class) LC_ALL=C.UTF-8 javac -classpath test -d test test/Test.java Note: test/Test.java uses or overrides a deprecated API. Note: Recompile with -Xlint:deprecation for details. mkdir -p $(dirname test/jp/co/infoseek/hp/arton/rjb/IBase.class) LC_ALL=C.UTF-8 javac -classpath test -d test test/IBase.java mkdir -p $(dirname test/jp/co/infoseek/hp/arton/rjb/Base.class) LC_ALL=C.UTF-8 javac -classpath test -d test test/Base.java mkdir -p $(dirname test/jp/co/infoseek/hp/arton/rjb/ExtBase.class) LC_ALL=C.UTF-8 javac -classpath test -d test test/ExtBase.java mkdir -p $(dirname test/jp/co/infoseek/hp/arton/rjb/Two.class) LC_ALL=C.UTF-8 javac -classpath test -d test test/Two.java mkdir -p $(dirname test/jp/co/infoseek/hp/arton/rjb/TwoCaller.class) LC_ALL=C.UTF-8 javac -classpath test -d test test/TwoCaller.java mkdir -p $(dirname test/jp/co/infoseek/hp/arton/rjb/CallbackTest.class) LC_ALL=C.UTF-8 javac -classpath test -d test test/CallbackTest.java mkdir -p test/jartest LC_ALL=C.UTF-8 javac -d test/jartest test/JarTest.java jar -cvf test/jartest.jar -C test/jartest jp/co/infoseek/hp/arton/rjb/JarTest.class added manifest adding: jp/co/infoseek/hp/arton/rjb/JarTest.class(in = 734) (out= 414)(deflated 43%) mkdir -p test/jartest2 LC_ALL=C.UTF-8 javac -classpath test/jartest -d test/jartest2 test/JarTest2.java jar -cvf test/jartest2.jar -C test/jartest2 jp/co/infoseek/hp/arton/rjb/JarTest2.class added manifest adding: jp/co/infoseek/hp/arton/rjb/JarTest2.class(in = 818) (out= 439)(deflated 46%) dh_auto_build -O--buildsystem=ruby dh_ruby --build dh_ruby --build make[1]: Leaving directory '«BUILDDIR»' dh_auto_test -O--buildsystem=ruby dh_ruby --test create-stamp debian/debhelper-build-stamp fakeroot debian/rules binary dh binary --buildsystem=ruby --with ruby dh_testroot -O--buildsystem=ruby dh_prep -O--buildsystem=ruby debian/rules override_dh_auto_install make[1]: Entering directory '«BUILDDIR»' sed -e '$i $spec = spec' rjb.rake > rjb-global.rake ruby -e 'load "rjb-global.rake"; File.open("rjb.gemspec", "w") { |f| f.write $spec.to_ruby };' LC_ALL=C.UTF-8 dh_auto_install -O--buildsystem=ruby dh_ruby --install «BUILDDIR»/debian/ruby-rjb dh_ruby --install ┌──┐ │ Install files │ └──┘ install -d «BUILDDIR»/debian/ruby-rjb/usr/lib/ruby/vendor_ruby install -D -m644 «BUILDDIR»/lib/rjbextension.rb /home/lamby/temp/cdt.20180503160321.dQzXzHsOjv.db.ruby-rjb/ruby-rjb-1.5.5/debian/ruby-rjb/usr/lib/ruby/vendor_ruby/rjbextension.rb install -D -m644 «BUILDDIR»/lib/rjb.rb /home/lamby/temp/cdt.20180503160321.dQzXzHsOjv.db.ruby-rjb/ruby-rjb-1.5.5/debian/ruby-rjb/usr/lib/ruby/vendor_ruby/rjb.rb install -D -m644 «BUILDDIR»/lib/rjb/extension.rb /home/lamby/temp/cdt.20180503160321.dQzXzHsOjv.db.ruby-rjb/ruby-rjb-1.5.5/debian/ruby-rjb/usr/lib/ruby/vendor_ruby/rjb/extension.rb install -D -m644 «BUILDDIR»/lib/rjb/version.rb /home/lamby/temp/cdt.20180503160321.dQzXzHsOjv.db.ruby-rjb/ruby-rjb-1.5.5/debian/ruby-rjb/usr/lib/ruby/vendor_ruby/rjb/version.rb install -D -m644 «BUILDDIR»/lib/rjb/list.rb /home/lamby/temp/cdt.20
[DRE-maint] Bug#897664: ruby-rjb: FTBFS: make[2]: javah: Command not found
forwarded 897664 https://github.com/arton/rjb/pull/63 thanks I've forwarded this upstream here: https://github.com/arton/rjb/pull/63 Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Comments regarding ruby-em-websocket_0.5.1-1_amd64.changes
Just wondering if the conditional for: 3 ifeq ($(filter nocheck,$(DEB_BUILD_PROFILES)),) 4 export GEM2DEB_TEST_RUNNER = --check-dependencies 5 endif .. is necessary given that you do the real nocheck check later. /lamby ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
Re: [DRE-maint] gitlab_10.7.7+dfsg-1_amd64.changes is NEW
Pirate, > > Your package has been put into the NEW queue, which requires manual action > > from the ftpteam to process. The upload was otherwise valid (it had a good > > OpenPGP signature and file hashes are valid), so please be patient. > > Please review this to fix many security bugs against gitlab. Done. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] ruby-graphiql-rails_1.4.10-1_amd64.changes REJECTED
app/assets/javascripts/graphiql/rails/graphiql-0.11.11.js contains more copyright holders than you list; indeed, it looks like a concatentation of different libraries. -- Chris Lamb Wed, 07 Nov 2018 08:50:33 + === Please feel free to respond to this email if you don't understand why your files were rejected, or if you upload new files which address our concerns. ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] ruby-graphiql-rails_1.4.10-2_amd64.changes REJECTED
app/assets/javascripts/graphiql/rails/graphiql-0.11.11.js has more copyright holders than you list. Indeed, it looks like a concatentation of a bunch of libraries. -- Chris Lamb Wed, 07 Nov 2018 08:49:55 + === Please feel free to respond to this email if you don't understand why your files were rejected, or if you upload new files which address our concerns. ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#913093: ruby-i18n: CVE-2014-10077
Hi Salvatore et al., > Source: ruby-i18n […] > CVE-2014-10077[0]: > | Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 > | for Ruby allows remote attackers to cause a denial of service > | (application crash) via a call in a situation where :some_key is > | present in keep_keys but not present in the hash. Security team, I would be more than happy to prepare and upload a stable security upload of this package when addressing it in jessie LTS. Please let me know and I will come back with a debdiff. Ruby team, I could easily upload to sid at the same time. Let me know too. (I believe I have the requisite powers in Salsa already.) Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#913005: ruby-rack: CVE-2018-16471: Possible XSS vulnerability in Rack
Hi Salvatore et al., > Source: ruby-rack […] > CVE-2018-16471[0]: > Possible XSS vulnerability in Rack Security team, like ruby-i18n, I would be more than happy to prepare and upload a stable security upload of this package when addressing it in jessie LTS. Please let me know and I will come back with a debdiff. Ruby team, again, I could easily upload to sid at the same time. Let me know here too. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#913093: ruby-i18n: CVE-2014-10077
Chris Lamb wrote: > Security team, I would be more than happy to prepare and upload a > stable security upload of this package when addressing it in jessie > LTS. Please let me know and I will come back with a debdiff. > > Ruby team, I could easily upload to sid at the same time. Let me > know too. (I believe I have the requisite powers in Salsa already.) Gentle ping on the above two queries? :) Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#913005: ruby-rack: CVE-2018-16471: Possible XSS vulnerability in Rack
Chris Lamb wrote: > Security team, like ruby-i18n, I would be more than happy to prepare > and upload a stable security upload of this package when addressing > it in jessie LTS. […] > Ruby team, again, I could easily upload to sid at the same time. Let > me know here too. Gentle ping on the above two queries? :) Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#913005: ruby-rack: CVE-2018-16471: Possible XSS vulnerability in Rack
block 913005 by 914184 thanks Hi Salvatore, > I think those will be no-dsa and can be adressed via a point release Thanks, filed as: #914184. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#913093: ruby-i18n: CVE-2014-10077
block 913093 by 914187 thanks Hi Moritz, > This doesn't warrant a DSA, feel free to fix it via a point > update, though! Thanks, filed as #914187. Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Comments regarding ruby-blade-sauce-labs-plugin_0.7.3+dfsg-1_amd64.changes
Please try and make your short description more ... descriptive: 28 Description: Blade Runner plugin for Sauce Labs (saucelabs.com) ^ This makes no sense for the "average" developer, even with a passing usage of Ruby, alas. :) -- Chris Lamb Wed, 06 Feb 2019 10:14:06 + ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#848660: ruby: might need to strip -fdebug-prefix-map
Hi Christian, > dpkg-buildflags has started injecting -fdebug-prefix-map with a > variable path into C(..)FLAGS. We need to figure out if we need to > strip that. Strip it? As in, the output of CFLAGS ends up in the build...? Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#848660: ruby: might need to strip -fdebug-prefix-map
Hi Chris, > > Strip it? As in, the output of CFLAGS ends up in the build...? > > Indeed: > > $ irb > irb(main):001:0> RbConfig::CONFIG['CFLAGS'] > => "-g -O2 -fdebug-prefix-map=/build/ruby2.3-TqM27i/ruby2.3-2.3.3=. - > fstack-protector-strong -Wformat -Werror=format-security -fPIC" > > AFAIK the popular extension building mechanisms (mkmf et al) use this > to discover the required build flags when compiling native extensions. Getcha. They won't need that *particular* -fdebug-prefix-map value though so you can probably strip it immediately prior to it landing in the binary artifact(s) via: $ sed -e 's@ [^ ]*-f\(file\|debug\)-prefix-map=[^ ]*@@g' Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#890075: ruby-http ftbfs (test failures with 2.5)
notfound 890075 3.3.0-2 thanks Emanuele Rocca wrote: > Note that the bug is not reproducible with ruby-http 3.3.0-2 as tests > have been disabled Therefore marking in the BTS to match. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#882473: ruby-httpclient FTBFS and Debci failure: test_verification_without_httpclient fails
Hi, > ruby-httpclient FTBFS and Debci failure: test_verification_without_httpclient > fails This is likely another OpenSSL 1.1 incompatibility wrt. SHA1 signatures. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#923986: ruby-pygments.rb: FTBFS randomly (failing tests)
Santiago Vila wrote: > I tried to build this package in buster but it failed: Hm, I've just built this package 20 times in sid and the tests pass every time. > My recommendation is that the failing tests are simply disabled for buster. If it's a specific test, then I recommend just disabling that one or (better) explicitly marking it as XFAIL. Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#923986: ruby-pygments.rb: FTBFS randomly (failing tests)
Santiago Vila wrote: > Well, but I can't build packages in your machine, I have to do it in > my machine, and it fails 50% of the time for me. Try building on a > START1-XS instance from Scaleway (still available on Amsterdam), or > ask me for an account in such a machine. Thank you again for your kind offer of access to such a machine but I think it may be better long-term to work out why this is not failing for me locally. Learning the underlying reason why and how our environments differ will tell us the way of solving this issue properly. By contrast, simply reproducing on yours is, I fear, simply confirming what we already know - ie. that it does not build for you. Unfortuantely, this is "just a random package" from my point of view so I am unlikely to find the bandwidth to set myself up with a new machine/ environment very soon, hence why I posted my brief status update earlier. Best wishes, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#964772: gem2deb: should not install mkmf.log files
Source: gem2deb Version: 1.1 Severity: wishlist Tags: patch User: reproducible-bui...@lists.alioth.debian.org Usertags: toolchain buildpath X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org Hi, Whilst working on the Reproducible Builds effort [0] we noticed that gem2deb was generating Debian packages that were not reproducible. For example, ruby-enumerable-statistics was installing a mkmf.log file that contained various absolute build paths, which will make the package not reproducible. I note that there is code already in gem2deb that attempts to not install these (?), but it does not appear to be working. Patch attached, although this is just a proof of concept and/or to demonstrate the problem a little more. [0] https://reproducible-builds.org/ Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `-diff --git a/lib/gem2deb/gem_installer.rb b/lib/gem2deb/gem_installer.rb index 3ceed90..a89a680 100644 --- a/lib/gem2deb/gem_installer.rb +++ b/lib/gem2deb/gem_installer.rb @@ -143,6 +143,7 @@ module Gem2Deb end if metadata.has_native_extensions? +run 'find', 'extensions', '-name', 'mkmf.log', '-delete' run 'find', 'extensions', '-name', 'gem_make.out', '-delete' else FileUtils::Verbose.rm_rf('extensions') ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#964772: gem2deb: should not install mkmf.log files
Hi Antonio, > > I note that there is code already in gem2deb that attempts to not > > install these (?), but it does not appear to be working. > > That's a different code path that this package and others that use > --gem-install don't hit. Okay. Anyway, thanks for applying my patch. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#882580: ruby-mmap2: please make the build reproducible
Dear Maintainer, > Source: ruby-mmap2 > Version: 2.2.7-1 > Tags: patch There hasn't seem to be any update on this bug in 1014 days, in which time the Reproducible Builds effort has come on a long way. Would you consider applying this patch and uploading? Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#972561: ruby-appraiser: please make the build reproducible
Source: ruby-appraiser Version: 0.2.0-3 Severity: wishlist Tags: patch User: reproducible-bui...@lists.alioth.debian.org Usertags: buidlpath X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org Hi, Whilst working on the Reproducible Builds effort [0] we noticed that ruby-appraiser could not be built reproducibly. This is because it ships a strange appraiser_plugin.rb file that simply "requires" a single file (which cannot work as this particular path is to the build path, not the installed path). Assuming that this file is not useful in a Debian package context, a patch is attached that removes the file from the binary artefact. [0] https://reproducible-builds.org/ Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- --- a/debian/rules 2020-10-20 10:55:41.195010332 +0100 --- b/debian/rules 2020-10-20 11:01:07.165952612 +0100 @@ -15,3 +15,7 @@ %: dh $@ --buildsystem=ruby --with ruby + +override_dh_auto_install: + dh_auto_install + find debian/ -name appraiser_plugin.rb -delete ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#972668: yard: please make the build reproducible
Source: yard Version: 0.9.24-1 Severity: wishlist Tags: patch User: reproducible-bui...@lists.alioth.debian.org Usertags: buiidlpath X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org Hi, Whilst working on the Reproducible Builds effort [0] we noticed that yard could not be built reproducibly. This is because it ships yard_plugin.rb file that simply "requires" a single file (which cannot work as this particular path is to the build path, not the installed path). This may be related to #972561 or #812809. Patch attached. [0] https://reproducible-builds.org/ Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- --- a/debian/rules 2020-10-22 10:00:45.132192197 +0100 --- b/debian/rules 2020-10-22 10:03:28.029886499 +0100 @@ -18,6 +18,7 @@ override_dh_auto_install: dh_auto_install + find debian/ -name yard_plugin.rb -delete dh_link -p yard /usr/share/javascript/jquery/jquery.js \ /usr/share/rubygems-integration/all/gems/yard-$(DEB_VERSION_UPSTREAM)/templates/default/fulldoc/html/js/jquery.js rm -rf doc/ ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#882580: ruby-mmap2: please make the build reproducible
Chris Lamb wrote: > [..] Friendly ping on this? Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
[DRE-maint] Bug#956405: ruby-enumerable-statistics: FTBFS on amd64/unstable: find: [..] No such file or directory
Source: ruby-enumerable-statistics Version: 2.0.1+dfsg-2 Severity: serious Justification: fails to build from source User: reproducible-bui...@lists.alioth.debian.org Usertags: ftbfs X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org Tags: fbtfs Dear Maintainer, ruby-enumerable-statistics fails to build from source in unstable/amd64: […] dh_compress -X.rb -O--buildsystem=ruby debian/rules override_dh_fixperms make[1]: Entering directory '/home/lamby/temp/cdt.20200410190019.WRLDvzI39v.ags.ruby-enumerable-statistics/ruby-enumerable-statistics-2.0.1+dfsg' dh_fixperms find debian/ruby-enumerable-statistics/usr/lib/*/rubygems-integration/*/gems/enumerable-statistics-*/yard/templates/ -type f |xargs chmod -x find: 'debian/ruby-enumerable-statistics/usr/lib/*/rubygems-integration/*/gems/enumerable-statistics-*/yard/templates/': No such file or directory chmod: missing operand Try 'chmod --help' for more information. make[1]: *** [debian/rules:16: override_dh_fixperms] Error 123 make[1]: Leaving directory '/home/lamby/temp/cdt.20200410190019.WRLDvzI39v.ags.ruby-enumerable-statistics/ruby-enumerable-statistics-2.0.1+dfsg' make: *** [debian/rules:7: binary] Error 2 dpkg-buildpackage: error: debian/rules binary subprocess returned exit status 2 […] The full build log is attached. Regards, -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- ruby-enumerable-statistics.2.0.1+dfsg-2.unstable.amd64.log.txt.gz Description: Binary data ___ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers