diff options
author | Thomas Perrot <thomas.perrot@bootlin.com> | 2021-09-30 16:04:24 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2021-10-29 11:17:21 +0100 |
commit | 09a260e5d451abc84b15fe832ffa160ceefad1c9 (patch) | |
tree | 35339bf503b56cf778fe2e9558f935c01507ae9e /meta/recipes-devtools | |
parent | da99ce9773b46d643c36b03a2fa8304ebabb5b1e (diff) | |
download | poky-09a260e5d451abc84b15fe832ffa160ceefad1c9.tar.gz |
ruby: fix the reproducibility issue
Apply some changes on the Ruby makefiles in order to fix the reproducibility:
- use a fixed timestamp,
- sort linked objects,
- doesn't use the current date,
- and use UTC date.
[YOCTO #14268]
(From OE-Core rev: eea2f854fdd0f036dae2671ae52ba4695a83df68)
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 59b07ab51ff932a4632a31675445ba4192bae36b)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools')
5 files changed, 162 insertions, 0 deletions
diff --git a/meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch b/meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch new file mode 100644 index 0000000000..f92f0e1ba6 --- /dev/null +++ b/meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch | |||
@@ -0,0 +1,35 @@ | |||
1 | From: Christian Hofstaedtler <zeha@debian.org> | ||
2 | Date: Tue, 10 Oct 2017 15:04:34 -0300 | ||
3 | Subject: rdoc: build reproducible documentation | ||
4 | |||
5 | - provide a fixed timestamp to the gzip compression | ||
6 | |||
7 | Upstream-Status: Backport [debian] | ||
8 | |||
9 | Signed-off-by: Antonio Terceiro <terceiro@debian.org> | ||
10 | Signed-off-by: Christian Hofstaedtler <zeha@debian.org> | ||
11 | --- | ||
12 | lib/rdoc/generator/json_index.rb | 4 ++-- | ||
13 | lib/rdoc/rdoc.rb | 2 +- | ||
14 | 2 files changed, 3 insertions(+), 3 deletions(-) | ||
15 | |||
16 | --- a/lib/rdoc/generator/json_index.rb | ||
17 | +++ b/lib/rdoc/generator/json_index.rb | ||
18 | @@ -178,7 +178,7 @@ | ||
19 | debug_msg "Writing gzipped search index to %s" % outfile | ||
20 | |||
21 | Zlib::GzipWriter.open(outfile) do |gz| | ||
22 | - gz.mtime = File.mtime(search_index_file) | ||
23 | + gz.mtime = -1 | ||
24 | gz.orig_name = search_index_file.basename.to_s | ||
25 | gz.write search_index | ||
26 | gz.close | ||
27 | @@ -196,7 +196,7 @@ | ||
28 | debug_msg "Writing gzipped file to %s" % outfile | ||
29 | |||
30 | Zlib::GzipWriter.open(outfile) do |gz| | ||
31 | - gz.mtime = File.mtime(dest) | ||
32 | + gz.mtime = -1 | ||
33 | gz.orig_name = dest.basename.to_s | ||
34 | gz.write data | ||
35 | gz.close | ||
diff --git a/meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch b/meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch new file mode 100644 index 0000000000..e0aca0dcfc --- /dev/null +++ b/meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch | |||
@@ -0,0 +1,28 @@ | |||
1 | From: Reiner Herrmann <reiner@reiner-h.de> | ||
2 | Date: Tue, 10 Oct 2017 15:06:13 -0300 | ||
3 | Subject: lib/mkmf.rb: sort list of object files in generated Makefile | ||
4 | |||
5 | Without sorting the list explicitly, its order is indeterministic, | ||
6 | because readdir() is also not deterministic. | ||
7 | When the list of object files varies between builds, they are linked | ||
8 | in a different order, which results in an unreproducible build. | ||
9 | |||
10 | Upstream-Status: Backport [debian] | ||
11 | |||
12 | Signed-off-by: Antonio Terceiro <terceiro@debian.org> | ||
13 | Signed-off-by: Reiner Herrmann <reiner@reiner-h.de> | ||
14 | --- | ||
15 | lib/mkmf.rb | 2 +- | ||
16 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
17 | |||
18 | --- a/lib/mkmf.rb | ||
19 | +++ b/lib/mkmf.rb | ||
20 | @@ -2315,7 +2315,7 @@ | ||
21 | LIBS = #{$LIBRUBYARG} #{$libs} #{$LIBS} | ||
22 | ORIG_SRCS = #{orig_srcs.collect(&File.method(:basename)).join(' ')} | ||
23 | SRCS = $(ORIG_SRCS) #{(srcs - orig_srcs).collect(&File.method(:basename)).join(' ')} | ||
24 | -OBJS = #{$objs.join(" ")} | ||
25 | +OBJS = #{$objs.sort.join(" ")} | ||
26 | HDRS = #{hdrs.map{|h| '$(srcdir)/' + File.basename(h)}.join(' ')} | ||
27 | LOCAL_HDRS = #{$headers.join(' ')} | ||
28 | TARGET = #{target} | ||
diff --git a/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch b/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch new file mode 100644 index 0000000000..b7faa58655 --- /dev/null +++ b/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch | |||
@@ -0,0 +1,28 @@ | |||
1 | From: Christian Hofstaedtler <zeha@debian.org> | ||
2 | Date: Tue, 10 Oct 2017 15:07:11 -0300 | ||
3 | Subject: Mark Gemspec-reproducible change fixing #784225, too | ||
4 | |||
5 | I think the UTC date change will fix the Multi-Arch not-same file issue, | ||
6 | too. | ||
7 | |||
8 | Upstream-Status: Backport [debian] | ||
9 | |||
10 | Signed-off-by: Antonio Terceiro <terceiro@debian.org> | ||
11 | Signed-off-by: Christian Hofstaedtler <zeha@debian.org> | ||
12 | --- | ||
13 | lib/rubygems/specification.rb | 4 +++- | ||
14 | 1 file changed, 3 insertions(+), 1 deletion(-) | ||
15 | |||
16 | --- a/lib/rubygems/specification.rb | ||
17 | +++ b/lib/rubygems/specification.rb | ||
18 | @@ -1695,7 +1695,9 @@ | ||
19 | raise(Gem::InvalidSpecificationException, | ||
20 | "invalid date format in specification: #{date.inspect}") | ||
21 | end | ||
22 | - when Time, DateLike then | ||
23 | + when Time then | ||
24 | + Time.utc(date.utc.year, date.utc.month, date.utc.day) | ||
25 | + when DateLike then | ||
26 | Time.utc(date.year, date.month, date.day) | ||
27 | else | ||
28 | TODAY | ||
diff --git a/meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch b/meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch new file mode 100644 index 0000000000..504893b4b4 --- /dev/null +++ b/meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch | |||
@@ -0,0 +1,67 @@ | |||
1 | From: Lucas Kanashiro <kanashiro@debian.org> | ||
2 | Date: Fri, 1 Nov 2019 15:25:17 -0300 | ||
3 | Subject: Make gemspecs reproducible | ||
4 | |||
5 | Without an explicit date, they will get the current date and make the | ||
6 | build unreproducible | ||
7 | |||
8 | Upstream-Status: Backport [debian] | ||
9 | |||
10 | --- | ||
11 | ext/bigdecimal/bigdecimal.gemspec | 1 + | ||
12 | ext/fiddle/fiddle.gemspec | 1 + | ||
13 | ext/io/console/io-console.gemspec | 2 +- | ||
14 | lib/ipaddr.gemspec | 1 + | ||
15 | lib/rdoc/rdoc.gemspec | 1 + | ||
16 | 5 files changed, 5 insertions(+), 1 deletion(-) | ||
17 | |||
18 | --- a/ext/bigdecimal/bigdecimal.gemspec | ||
19 | +++ b/ext/bigdecimal/bigdecimal.gemspec | ||
20 | @@ -6,6 +6,7 @@ | ||
21 | s.name = "bigdecimal" | ||
22 | s.version = bigdecimal_version | ||
23 | s.authors = ["Kenta Murata", "Zachary Scott", "Shigeo Kobayashi"] | ||
24 | + s.date = RUBY_RELEASE_DATE | ||
25 | s.email = ["mrkn@mrkn.jp"] | ||
26 | |||
27 | s.summary = "Arbitrary-precision decimal floating-point number library." | ||
28 | --- a/ext/fiddle/fiddle.gemspec | ||
29 | +++ b/ext/fiddle/fiddle.gemspec | ||
30 | @@ -8,6 +8,7 @@ | ||
31 | Gem::Specification.new do |spec| | ||
32 | spec.name = "fiddle" | ||
33 | spec.version = version_module::Fiddle::VERSION | ||
34 | + spec.date = RUBY_RELEASE_DATE | ||
35 | spec.authors = ["Aaron Patterson", "SHIBATA Hiroshi"] | ||
36 | spec.email = ["aaron@tenderlovemaking.com", "hsbt@ruby-lang.org"] | ||
37 | |||
38 | --- a/ext/io/console/io-console.gemspec | ||
39 | +++ b/ext/io/console/io-console.gemspec | ||
40 | @@ -4,6 +4,7 @@ | ||
41 | Gem::Specification.new do |s| | ||
42 | s.name = "io-console" | ||
43 | s.version = _VERSION | ||
44 | + s.date = RUBY_RELEASE_DATE | ||
45 | s.summary = "Console interface" | ||
46 | s.email = "nobu@ruby-lang.org" | ||
47 | s.description = "add console capabilities to IO instances." | ||
48 | --- a/lib/ipaddr.gemspec | ||
49 | +++ b/lib/ipaddr.gemspec | ||
50 | @@ -6,6 +6,7 @@ | ||
51 | Gem::Specification.new do |spec| | ||
52 | spec.name = "ipaddr" | ||
53 | spec.version = "1.2.2" | ||
54 | + spec.date = RUBY_RELEASE_DATE | ||
55 | spec.authors = ["Akinori MUSHA", "Hajimu UMEMOTO"] | ||
56 | spec.email = ["knu@idaemons.org", "ume@mahoroba.org"] | ||
57 | |||
58 | --- a/lib/rdoc/rdoc.gemspec | ||
59 | +++ b/lib/rdoc/rdoc.gemspec | ||
60 | @@ -7,6 +7,7 @@ | ||
61 | |||
62 | Gem::Specification.new do |s| | ||
63 | s.name = "rdoc" | ||
64 | + s.date = RUBY_RELEASE_DATE | ||
65 | s.version = RDoc::VERSION | ||
66 | |||
67 | s.authors = [ | ||
diff --git a/meta/recipes-devtools/ruby/ruby_3.0.1.bb b/meta/recipes-devtools/ruby/ruby_3.0.1.bb index 4ac7383a97..a348946972 100644 --- a/meta/recipes-devtools/ruby/ruby_3.0.1.bb +++ b/meta/recipes-devtools/ruby/ruby_3.0.1.bb | |||
@@ -9,6 +9,10 @@ SRC_URI += " \ | |||
9 | file://CVE-2021-31810.patch \ | 9 | file://CVE-2021-31810.patch \ |
10 | file://CVE-2021-32066.patch \ | 10 | file://CVE-2021-32066.patch \ |
11 | file://CVE-2021-31799.patch \ | 11 | file://CVE-2021-31799.patch \ |
12 | file://0003-rdoc-build-reproducible-documentation.patch \ | ||
13 | file://0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch \ | ||
14 | file://0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch \ | ||
15 | file://0006-Make-gemspecs-reproducible.patch \ | ||
12 | " | 16 | " |
13 | 17 | ||
14 | SRC_URI[sha256sum] = "369825db2199f6aeef16b408df6a04ebaddb664fb9af0ec8c686b0ce7ab77727" | 18 | SRC_URI[sha256sum] = "369825db2199f6aeef16b408df6a04ebaddb664fb9af0ec8c686b0ce7ab77727" |