The use of ruby is marginal to non-existent in embedded space. In core it's only used in its native variant to build webkitgtk (they have some ruby scripts that run during build), and in meta-oe, there's openwsman that needs target ruby, and a couple other recipes that need native ruby. I think no one's going to notice if this is reverted. No one's going to notice the major version update being kept in scarthgap, either.
Was this update prompted by some CVE needing to be fixed, and nothing else? Alex On Wed, 4 Dec 2024 at 22:23, Randy MacLeod via lists.openembedded.org <[email protected]> wrote: > > On 2024-12-04 3:49 p.m., Steve Sakoman wrote: > > Sigh, I'm sorry I didn't catch this :-( > > I think my eyes saw ruby "upgrade 3.3.2 -> 3.3.5", I checked the link > in the commit message to verify that the changes were all bug/security > fixes and I merged it. > > We've already done a release with this update in it. Perhaps we can > discuss it in the bug meeting tomorrow? > > Steve > > Yogita, > > Please note, that only PATCH level updates are allowed (almost all the time) > on stable releases. > See: https://semver.org/ > > > All, > > Yikes! > > Yes, we should discuss what to do in the bug meeting tomorrow and reply here > to fill people in on the plans. If anyone has a strong opinion please let us > know. > > > I didn't even notice that the change was from 3.2.x to 3.3.y when reviewing > it. > It seems that I assumed that no one would do that! > We're all so used to the rule of not changing MAJOR.MINOR that several people > overlooked > that MINOR was bumped by one. > > For the 3.2.2..3.2.5 update, we have: > ❯ git log v3_2_2..v3_2_5 --oneline | wc -l > 242 > > > We could even take 3.2.6: > > ❯ git log v3_2_5..v3_2_6 --oneline | rg -v "merge revision" | wc -l > 20 > > https://github.com/ruby/ruby/commits/ruby_3_2/ > > It might be worth having a version comparison check tool to run before > release. > > Thanks, > > ../Randy > > On Wed, Dec 4, 2024 at 11:51 AM Randy MacLeod via > lists.openembedded.org > <[email protected]> wrote: > > Add Robert and Hongxu who working with Yogita on this, iirc. > > On 2024-12-03 5:14 a.m., Urade, Yogita via lists.openembedded.org wrote: > > From: Yogita Urade <[email protected]> > > This reverts commit 0402f54b66438ec6e9f06f02652e148dce6480b3. > > This isn't a minor version upgrade. > $git log v3_2_2..v3_3_5 --oneline | wc -l > 6924 > > Do we have any ruby experts to comment on the stability of the 4.2 branch > and the update to 3.2.5? > > They claim to be following a semantic versioning scheme: > > https://www.ruby-lang.org/en/news/2013/12/21/ruby-version-policy-changes-with-2-1-0/ > > > Ruby is a fairly large code base: > -------------------------------------------------------------------------------- > Language Files Lines Blank Comment > Code > -------------------------------------------------------------------------------- > Ruby 7914 1480730 202190 82299 > 1196241 > ... > -------------------------------------------------------------------------------- > Total 9409 2188531 271762 197233 > 1719536 > -------------------------------------------------------------------------------- > > The git repo does have a branch for each release which would indicate > that they are at least familiar with the idea of stable releases. > > Other than the number of commits being large, do we have > any data to support the idea that this is not a stable release update? > > Yogita, > What are the before, after and diff ptest results? > > ../Randy > > > > > Signed-off-by: Yogita Urade <[email protected]> > --- > ...Alignof-to-define-ALIGN_OF-when-poss.patch | 51 ++++++++++ > ...e.in-do-not-write-host-cross-cc-item.patch | 32 +++++++ > ...Obey-LDFLAGS-for-the-link-of-libruby.patch | 25 +++++ > ...-Makefile.in-filter-out-f-prefix-map.patch | 42 ++++++++ > ...eproducible-change-fixing-784225-too.patch | 26 ++--- > .../0006-Make-gemspecs-reproducible.patch | 18 ++-- > .../ruby/ruby/CVE-2023-36617_1.patch | 55 +++++++++++ > .../ruby/ruby/CVE-2023-36617_2.patch | 51 ++++++++++ > .../ruby/ruby/CVE-2024-27281.patch | 96 +++++++++++++++++++ > .../ruby/ruby/CVE-2024-27282.patch | 27 ++++++ > .../ruby/ruby/remove_has_include_macros.patch | 35 +++++++ > .../ruby/{ruby_3.3.5.bb => ruby_3.2.2.bb} | 13 ++- > 12 files changed, 446 insertions(+), 25 deletions(-) > create mode 100644 > meta/recipes-devtools/ruby/ruby/0001-fiddle-Use-C11-_Alignof-to-define-ALIGN_OF-when-poss.patch > create mode 100644 > meta/recipes-devtools/ruby/ruby/0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch > create mode 100644 > meta/recipes-devtools/ruby/ruby/0002-Obey-LDFLAGS-for-the-link-of-libruby.patch > create mode 100644 > meta/recipes-devtools/ruby/ruby/0002-template-Makefile.in-filter-out-f-prefix-map.patch > create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2023-36617_1.patch > create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2023-36617_2.patch > create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-27281.patch > create mode 100644 meta/recipes-devtools/ruby/ruby/CVE-2024-27282.patch > create mode 100644 > meta/recipes-devtools/ruby/ruby/remove_has_include_macros.patch > rename meta/recipes-devtools/ruby/{ruby_3.3.5.bb => ruby_3.2.2.bb} (88%) > > >< snip >< snip >< > > > -- > # Randy MacLeod > # Wind River Linux > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#208365): https://lists.openembedded.org/g/openembedded-core/message/208365 Mute This Topic: https://lists.openembedded.org/mt/109897713/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
