From 8800127d80fb1063a186ced65af445e79a518924 Mon Sep 17 00:00:00 2001 From: KJ Tsanaktsidis Date: Thu, 8 Aug 2024 21:24:13 +1000 Subject: [PATCH 01/12] Skip some tests which don't work under permissionless containers When running as UID 0 but without CAP_DAC_OVERRIDE (for example, in a docker container running with --uid 0 but --cap-drop=all), these tests won't work because of hard-coded assumptions about what uid 0 can and can't do. --- test/fileutils/test_fileutils.rb | 16 ++++++++++++++-- test/ruby/test_file_exhaustive.rb | 19 +++++++++++++++++-- 2 files changed, 31 insertions(+), 4 deletions(-) diff --git a/test/fileutils/test_fileutils.rb b/test/fileutils/test_fileutils.rb index 481f913d0c4e04..d2096a04cc1e23 100644 --- a/test/fileutils/test_fileutils.rb +++ b/test/fileutils/test_fileutils.rb @@ -93,12 +93,24 @@ def no_broken_symlink? @@no_broken_symlink end + def has_capsh? + !!system('capsh', '--print', out: File::NULL, err: File::NULL) + end + + def has_root_file_capabilities? + !!system( + 'capsh', '--has-p=CAP_DAC_OVERRIDE', '--has-p=CAP_CHOWN', '--has-p=CAP_FOWNER', + out: File::NULL, err: File::NULL + ) + end + def root_in_posix? if /cygwin/ =~ RUBY_PLATFORM # FIXME: privilege if groups include root user? return Process.groups.include?(0) - end - if Process.respond_to?('uid') + elsif has_capsh? + return has_root_file_capabilities? + elsif Process.respond_to?('uid') return Process.uid == 0 else return false diff --git a/test/ruby/test_file_exhaustive.rb b/test/ruby/test_file_exhaustive.rb index de098119467116..f3068cb1891bb2 100644 --- a/test/ruby/test_file_exhaustive.rb +++ b/test/ruby/test_file_exhaustive.rb @@ -186,6 +186,12 @@ def blockdev @blockdev end + def root_without_capabilities? + return false unless Process.uid == 0 + return false unless system('command', '-v', 'capsh', out: File::NULL) + !system('capsh', '--has-p=CAP_DAC_OVERRIDE', out: File::NULL, err: File::NULL) + end + def test_path [regular_file, utf8_file].each do |file| assert_equal(file, File.open(file) {|f| f.path}) @@ -1538,8 +1544,17 @@ def test_test assert_equal(stat.size?, File.size?(f), f) assert_bool_equal(stat.socket?, File.socket?(f), f) assert_bool_equal(stat.setuid?, File.setuid?(f), f) - assert_bool_equal(stat.writable?, File.writable?(f), f) - assert_bool_equal(stat.writable_real?, File.writable_real?(f), f) + # It's possible in Linux to be uid 0, but not to have the CAP_DAC_OVERRIDE + # capability that allows skipping file permissions checks (e.g. some kinds + # of "rootless" container setups). In these cases, stat.writable? will be + # true (because it always returns true if Process.uid == 0), but + # File.writeable? will be false (because it actually asks the kernel to do + # an access check). + # Skip these two assertions in that case. + unless root_without_capabilities? + assert_bool_equal(stat.writable?, File.writable?(f), f) + assert_bool_equal(stat.writable_real?, File.writable_real?(f), f) + end assert_bool_equal(stat.executable?, File.executable?(f), f) assert_bool_equal(stat.executable_real?, File.executable_real?(f), f) assert_bool_equal(stat.zero?, File.zero?(f), f) From fdba458e85bc66f35194f15a55aa8c27a4b5ce4a Mon Sep 17 00:00:00 2001 From: Peter Zhu Date: Thu, 22 Aug 2024 19:47:40 -0400 Subject: [PATCH 02/12] Uncomment test accidentally commented in 1656350 --- test/ruby/test_array.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/test/ruby/test_array.rb b/test/ruby/test_array.rb index b16868336879de..66251b9fb0029b 100644 --- a/test/ruby/test_array.rb +++ b/test/ruby/test_array.rb @@ -1716,10 +1716,10 @@ def test_slice_out_of_range def test_slice_gc_compact_stress omit "compaction doesn't work well on s390x" if RUBY_PLATFORM =~ /s390x/ # https://github.com/ruby/ruby/pull/5077 EnvUtil.under_gc_compact_stress { assert_equal([1, 2, 3, 4, 5], (0..10).to_a[1, 5]) } - # EnvUtil.under_gc_compact_stress do - # a = [0, 1, 2, 3, 4, 5] - # assert_equal([2, 1, 0], a.slice((2..).step(-1))) - # end + EnvUtil.under_gc_compact_stress do + a = [0, 1, 2, 3, 4, 5] + assert_equal([2, 1, 0], a.slice((2..).step(-1))) + end end def test_slice! From 784ccd0115b5f34fb1a9120da128dea6821484a8 Mon Sep 17 00:00:00 2001 From: Burdette Lamar Date: Thu, 22 Aug 2024 19:59:59 -0500 Subject: [PATCH 03/12] [DOC] Tweaks for Array#collect! (#11434) --- array.c | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/array.c b/array.c index 8e82def8601860..d9f3609a330fa7 100644 --- a/array.c +++ b/array.c @@ -3700,21 +3700,19 @@ rb_ary_collect(VALUE ary) /* * call-seq: - * array.map! {|element| ... } -> self - * array.map! -> new_enumerator + * collect! {|element| ... } -> new_array + * collect! -> new_enumerator + * map! {|element| ... } -> new_array + * map! -> new_enumerator * - * Calls the block, if given, with each element; - * replaces the element with the block's return value: + * With a block given, calls the block with each element of +self+ + * and replaces the element with the block's return value; + * returns +self+: * * a = [:foo, 'bar', 2] * a.map! { |element| element.class } # => [Symbol, String, Integer] * - * Returns a new Enumerator if no block given: - * - * a = [:foo, 'bar', 2] - * a1 = a.map! - * a1 # => # - * + * With no block given, returns a new Enumerator. */ static VALUE From c48e5959debdd0da966b911c73c57e44bd3178d1 Mon Sep 17 00:00:00 2001 From: Hiroshi SHIBATA Date: Tue, 20 Aug 2024 11:47:06 +0900 Subject: [PATCH 04/12] [ruby/fiddle] Removed libffi patchs for old Ruby (https://github.com/ruby/fiddle/pull/143) Pick https://github.com/ruby/ruby/commit/92865d8760e22dc5035a67e636fab3fbd7a77a26 from `ruby/ruby` repo. --------- https://github.com/ruby/fiddle/commit/aad5a3bc79 Co-authored-by: Nobuyoshi Nakada --- ext/fiddle/fiddle.gemspec | 4 ---- 1 file changed, 4 deletions(-) diff --git a/ext/fiddle/fiddle.gemspec b/ext/fiddle/fiddle.gemspec index 3a1072dd49975e..fc3cbfabc7005a 100644 --- a/ext/fiddle/fiddle.gemspec +++ b/ext/fiddle/fiddle.gemspec @@ -34,10 +34,6 @@ Gem::Specification.new do |spec| "ext/fiddle/memory_view.c", "ext/fiddle/pinned.c", "ext/fiddle/pointer.c", - "ext/fiddle/win32/fficonfig.h", - "ext/fiddle/win32/libffi-3.2.1-mswin.patch", - "ext/fiddle/win32/libffi-config.rb", - "ext/fiddle/win32/libffi.mk.tmpl", "fiddle.gemspec", "lib/fiddle.rb", "lib/fiddle/closure.rb", From fbadcd277f5b68ac619d3c861dfdd3e109aeda81 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Rodr=C3=ADguez?= Date: Thu, 18 Jul 2024 16:14:08 +0200 Subject: [PATCH 05/12] Reuse `load_relative` local --- tool/rbinstall.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tool/rbinstall.rb b/tool/rbinstall.rb index 0253673b65bb12..6cd587ac9c583f 100755 --- a/tool/rbinstall.rb +++ b/tool/rbinstall.rb @@ -399,7 +399,7 @@ def CONFIG.[](name, mandatory = false) prolog_script = < Date: Thu, 18 Jul 2024 16:14:29 +0200 Subject: [PATCH 06/12] `load_relative` is always falsy here --- tool/rbinstall.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tool/rbinstall.rb b/tool/rbinstall.rb index 6cd587ac9c583f..6fa4831fc3591d 100755 --- a/tool/rbinstall.rb +++ b/tool/rbinstall.rb @@ -402,7 +402,7 @@ def CONFIG.[](name, mandatory = false) if !load_relative and libpathenv = CONFIG["LIBPATHENV"] pathsep = File::PATH_SEPARATOR prolog_script << < Date: Fri, 23 Aug 2024 14:58:47 +0900 Subject: [PATCH 07/12] [ruby/tempfile] File.new(fileno, mode: mode, path: path) is provided from Ruby 3.2 https://github.com/ruby/tempfile/commit/67ce897727 --- lib/tempfile.rb | 2 +- test/test_tempfile.rb | 12 ++++++++++-- 2 files changed, 11 insertions(+), 3 deletions(-) diff --git a/lib/tempfile.rb b/lib/tempfile.rb index 40221d4f7cf03a..bb05080cec0269 100644 --- a/lib/tempfile.rb +++ b/lib/tempfile.rb @@ -556,7 +556,7 @@ def open(*args, **kw) # Related: Tempfile.new. # def Tempfile.create(basename="", tmpdir=nil, mode: 0, anonymous: false, **options, &block) - if anonymous + if anonymous && RUBY_VERSION >= '3.2' create_anonymous(basename, tmpdir, mode: mode, **options, &block) else create_with_filename(basename, tmpdir, mode: mode, **options, &block) diff --git a/test/test_tempfile.rb b/test/test_tempfile.rb index 8077cc3603f8b7..931b512ee055b5 100644 --- a/test/test_tempfile.rb +++ b/test/test_tempfile.rb @@ -488,7 +488,11 @@ def test_create_anonymous_removes_file Dir.mktmpdir {|d| t = Tempfile.create("", d, anonymous: true) t.close - assert_equal([], Dir.children(d)) + if RUBY_VERSION >= '3.2' + assert_equal([], Dir.children(d)) + else + refute_equal([], Dir.children(d)) + end } end @@ -496,7 +500,11 @@ def test_create_anonymous_path Dir.mktmpdir {|d| begin t = Tempfile.create("", d, anonymous: true) - assert_equal(File.join(d, ""), t.path) + if RUBY_VERSION >= '3.2' + assert_equal(File.join(d, ""), t.path) + else + refute_equal(File.join(d, ""), t.path) + end ensure t.close if t end From 9f5860407f310b85fa6c425a948563870b0fb8ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Rodr=C3=ADguez?= Date: Wed, 21 Aug 2024 18:26:22 +0200 Subject: [PATCH 08/12] [rubygems/rubygems] Fix error message when Bundler refuses to install due to frozen being set without a lockfile https://github.com/rubygems/rubygems/commit/0857d62ca6 --- lib/bundler/cli/install.rb | 7 ++++--- spec/bundler/install/deploy_spec.rb | 12 ++++++++++++ 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/lib/bundler/cli/install.rb b/lib/bundler/cli/install.rb index fbe6b587d450dd..038ea246fb8aac 100644 --- a/lib/bundler/cli/install.rb +++ b/lib/bundler/cli/install.rb @@ -29,9 +29,10 @@ def run if options[:deployment] || options[:frozen] || Bundler.frozen_bundle? unless Bundler.default_lockfile.exist? - flag = "--deployment flag" if options[:deployment] - flag ||= "--frozen flag" if options[:frozen] - flag ||= "deployment setting" + flag = "--deployment flag" if options[:deployment] + flag ||= "--frozen flag" if options[:frozen] + flag ||= "deployment setting" if Bundler.settings[:deployment] + flag ||= "frozen setting" if Bundler.settings[:frozen] raise ProductionError, "The #{flag} requires a lockfile. Please make " \ "sure you have checked your #{SharedHelpers.relative_lockfile_path} into version control " \ "before deploying." diff --git a/spec/bundler/install/deploy_spec.rb b/spec/bundler/install/deploy_spec.rb index dfb352f1706d02..7b6e775b4cd6b8 100644 --- a/spec/bundler/install/deploy_spec.rb +++ b/spec/bundler/install/deploy_spec.rb @@ -74,6 +74,18 @@ end end + it "fails without a lockfile and says that deployment requires a lock" do + bundle "config deployment true" + bundle "install", raise_on_error: false + expect(err).to include("The deployment setting requires a lockfile") + end + + it "fails without a lockfile and says that frozen requires a lock" do + bundle "config frozen true" + bundle "install", raise_on_error: false + expect(err).to include("The frozen setting requires a lockfile") + end + it "still works if you are not in the app directory and specify --gemfile" do bundle "install" simulate_new_machine From 73a946c61850314264cc47f2414e571921d59fde Mon Sep 17 00:00:00 2001 From: git Date: Fri, 23 Aug 2024 07:00:52 +0000 Subject: [PATCH 09/12] Update bundled gems list as of 2024-08-23 --- NEWS.md | 2 +- gems/bundled_gems | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/NEWS.md b/NEWS.md index 84771ba0142ec5..ee4a870dfa760b 100644 --- a/NEWS.md +++ b/NEWS.md @@ -94,7 +94,7 @@ The following bundled gems are updated. * net-ftp 0.3.7 * net-imap 0.4.14 * net-smtp 0.5.0 -* rbs 3.5.2 +* rbs 3.5.3 * typeprof 0.21.11 * debug 1.9.2 * racc 1.8.1 diff --git a/gems/bundled_gems b/gems/bundled_gems index 29270331689b3a..604118adb18fad 100644 --- a/gems/bundled_gems +++ b/gems/bundled_gems @@ -18,7 +18,7 @@ net-pop 0.1.2 https://github.com/ruby/net-pop net-smtp 0.5.0 https://github.com/ruby/net-smtp matrix 0.4.2 https://github.com/ruby/matrix prime 0.1.2 https://github.com/ruby/prime -rbs 3.5.2 https://github.com/ruby/rbs +rbs 3.5.3 https://github.com/ruby/rbs typeprof 0.21.11 https://github.com/ruby/typeprof b19a6416da3a05d57fadd6ffdadb382b6d236ca5 debug 1.9.2 https://github.com/ruby/debug racc 1.8.1 https://github.com/ruby/racc From 4dae4c6858bb57053ce1e8174e2d52b8288cf7c9 Mon Sep 17 00:00:00 2001 From: KJ Tsanaktsidis Date: Fri, 23 Aug 2024 16:21:26 +1000 Subject: [PATCH 10/12] [rubygems/rubygems] Don't break if extra calls to File.writable? happen In https://bugs.ruby-lang.org/issues/20693, I'd like to have Dir.tmpdir call `File.writable?` instead of `Stat#writable?`. However, that causes this test to break in bundler because it's using RSpec to stub `File.writable?`. We can fix this by allowing the real `File.writable?` to be called for all files except the directory we're trying to stub. https://github.com/rubygems/rubygems/commit/0fa6657293 --- spec/bundler/bundler/bundler_spec.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/spec/bundler/bundler/bundler_spec.rb b/spec/bundler/bundler/bundler_spec.rb index 2c8453da4d0a2a..7cfc12a6f64719 100644 --- a/spec/bundler/bundler/bundler_spec.rb +++ b/spec/bundler/bundler/bundler_spec.rb @@ -267,6 +267,7 @@ it "should issue a warning and return a temporary user home" do allow(Bundler.rubygems).to receive(:user_home).and_return(path) allow(File).to receive(:directory?).with(path).and_return true + allow(File).to receive(:writable?).and_call_original allow(File).to receive(:writable?).with(path).and_return false allow(File).to receive(:directory?).with(dotbundle).and_return false allow(Bundler).to receive(:tmp).and_return(Pathname.new("/tmp/trulyrandom")) From b51e1c07d84af189885f10a947e75497481c958d Mon Sep 17 00:00:00 2001 From: Andy Wong <36797624+topcminwer@users.noreply.github.com> Date: Fri, 23 Aug 2024 19:44:51 +0800 Subject: [PATCH 11/12] [DOC] Fix typos in ObjectSpace::WeakMap docs The value of variable key2 should be "bar". This way, when nil is assigned to val1 and garbage collection occurs, the output of m.keys will then be ["bar"]. --- weakmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/weakmap.c b/weakmap.c index 76e52013566850..ff205ff5f03d3c 100644 --- a/weakmap.c +++ b/weakmap.c @@ -1019,7 +1019,7 @@ wkmap_inspect(VALUE self) * val1 = Object.new * m[key1] = val1 * - * key2 = "foo" + * key2 = "bar" * val2 = Object.new * m[key2] = val2 * From 3f6be01bfc34e13d9fd1f3fa4c4023735d631428 Mon Sep 17 00:00:00 2001 From: Peter Zhu Date: Mon, 19 Aug 2024 10:51:12 -0400 Subject: [PATCH 12/12] Make object ID faster by checking flags We can improve object ID performance by checking the FL_SEEN_OBJ_ID flag instead of looking up in the table. --- gc/default.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/gc/default.c b/gc/default.c index ebf8d0ef261932..e40c27c6cff74d 100644 --- a/gc/default.c +++ b/gc/default.c @@ -1683,13 +1683,17 @@ rb_gc_impl_object_id(void *objspace_ptr, VALUE obj) rb_objspace_t *objspace = objspace_ptr; unsigned int lev = rb_gc_vm_lock(); - st_data_t val; - if (st_lookup(objspace->obj_to_id_tbl, (st_data_t)obj, &val)) { - GC_ASSERT(FL_TEST(obj, FL_SEEN_OBJ_ID)); - id = (VALUE)val; + if (FL_TEST(obj, FL_SEEN_OBJ_ID)) { + st_data_t val; + if (st_lookup(objspace->obj_to_id_tbl, (st_data_t)obj, &val)) { + id = (VALUE)val; + } + else { + rb_bug("rb_gc_impl_object_id: FL_SEEN_OBJ_ID flag set but not found in table"); + } } else { - GC_ASSERT(!FL_TEST(obj, FL_SEEN_OBJ_ID)); + GC_ASSERT(!st_lookup(objspace->obj_to_id_tbl, (st_data_t)obj, NULL)); id = ULL2NUM(objspace->next_object_id); objspace->next_object_id += OBJ_ID_INCREMENT;