summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/ruby
Commit message (Collapse)AuthorAgeFilesLines
* ruby: remove CVE-2018-1000073.patch as already fixedGrandbois, Brett2019-02-122-35/+0
| | | | | | | | | | | | rubygems 2.7.6 which is in ruby 2.5.3 has this fix and as currently applied all gem extraction fails as the realpath check is done against the full path including the file to be extracted which will always fail as the file hasnt been extracted yet (From OE-Core rev: 479620023aa0af9467ca1d2807cf7bedd73327f6) Signed-off-by: Brett Grandbois <brett.grandbois@opengear.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby.inc: Add dependency on readline-nativeManjukumar Matha2019-02-021-1/+1
| | | | | | | | | | | | | | | | | | | | Add dependency on readline-native to fix the following issue uninitialized constant Logfile | Check ext/fiddle/mkmf.log for more details. | readline: | Could not be configured. It will not be installed. | build/tmp/work/x86_64-linux/ruby-native/2.5.1-r0/ruby-2.5.1/ext/readline/extconf.rb:62: Neither readline nor libedit was found | Check ext/readline/mkmf.log for more details. | *** Fix the problems, then remove these directories and try again if you want. (From OE-Core rev: b25acc546b6fc684da9cc8a3a01e44cd195e209b) Signed-off-by: Manjukumar Matha <manjukumar.harthikote-matha@xilinx.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: upgrade 2.5.1 -> 2.5.3Ross Burton2018-12-051-2/+2
| | | | | | | (From OE-Core rev: 17a8576375fadbfa44e9272a942bf12887b5e1a2) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: improve reproducibilityHongxu Jia2018-08-291-0/+20
| | | | | | | | | | | | | | | | | | | | Find out rbconfig.rb and created.rid from ${B}/.installed.list and remove build host directories - For rbconfig.rb, parse it like python's _sysconfigdata.py [snip rbconfig.rb] 26 CONFIG["INSTALL"] = 'install -c' [snip rbconfig.rb] - For created.rid, it records file created time, just strip ${WORKDIR} prefix. [snip created.rid] 840 /ruby-2.5.1/doc/maintainers.rdoc Fri, 22 Dec 2017 23:08:05 +0000 [snip created.rid] (From OE-Core rev: 853e0499be449c71378c087e08b1926be8e2ac87) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: security fix CVE 2018-1000073Joe Slater2018-07-262-0/+35
| | | | | | | | | | | Directory traversal vulnerability as described by https://nvd.nist.gov/vuln/detail/CVE-2018-1000073. (From OE-Core rev: 1a0a1785766c12003e3f8848852af84cae203e6b) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: upgrade to version 2.5.1Maxin B. John2018-05-042-3/+3
| | | | | | | | | | | License-Update: Checksum of LEGAL file updated for changes to upstream URL and addition of Wayback Machine url (From OE-Core rev: 98f889ca4a07c54165d3d983582639951b8ef32e) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: refresh patchesRoss Burton2018-03-111-10/+7
| | | | | | | | | | | | | | | | | | | | | The patch tool will apply patches by default with "fuzz", which is where if the hunk context isn't present but what is there is close enough, it will force the patch in. Whilst this is useful when there's just whitespace changes, when applied to source it is possible for a patch applied with fuzz to produce broken code which still compiles (see #10450). This is obviously bad. We'd like to eventually have do_patch() rejecting any fuzz on these grounds. For that to be realistic the existing patches with fuzz need to be rebased and reviewed. (From OE-Core rev: 44e650f961888b75797da8ecc23654f672c5fae6) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: 2.4.2 -> 2.5.0Huang Qiyu2018-02-067-158/+16
| | | | | | | | | | | | | 1.Upgrade ruby form 2.4.2 to 2.5.0. 2.Update the checksum of LIC_FILES_CHKSUM. 3.Delete ruby-CVE-2017-9224.patch, ruby-CVE-2017-9227.patch, ruby-CVE-2017-9229.patch, since it is integrated upstream. 4.Modify ruby-CVE-2017-9226.patch, since the data has been changed. (From OE-Core rev: 67b9f407f7c40c63c7f9518b4ee3d4d1cc7c75ce) Signed-off-by: Huang Qiyu <huangqy.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: fix typo in gmp PACKAGECONFIG optionAndre McCurdy2018-01-261-1/+1
| | | | | | | | (From OE-Core rev: 9fb931b69ece7f8a644f9e25600bcbbc9266a761) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: remove spurious db build dependencyRoss Burton2017-11-051-1/+1
| | | | | | | | | The dbm module uses gdbm by default which is also a build dependency. (From OE-Core rev: 79121ff54420e5cc331552ca5620aed81a36aac9) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: upgrade to 2.4.2Leonardo Sandoval2017-11-052-90/+2
| | | | | | | | | | | | | | | | | | | | | | The CVE-2017-14064 patch is already at 2.4.2 as explained on project's commit, so removing from the recipe & repo. commit 83735ba29a0bfdaffa8e9c2a1dc025c3b0b63153 Author: hsbt <hsbt@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> Date: Wed Apr 12 00:21:18 2017 +0000 Merge json-2.0.4. * https://github.com/flori/json/releases/tag/v2.0.4 * https://github.com/flori/json/blob/09fabeb03e73ed88dc8ce8f19d76ac59e51dae20/CHANGES.md#2017-03-23-204 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58323 b2dd03c8-39d4-4d8f-98ff-823fe69b080e (From OE-Core rev: 6e37a88af155d5e5453fb0f44bb11d6f8e406438) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: CVE-2017-14064Ovidiu Panait2017-09-182-0/+88
| | | | | | | | | | | | | | | | | | | | Ruby through 2.2.7, 2.3.x through 2.3.4, and 2.4.x through 2.4.1 can expose arbitrary memory during a JSON.generate call. The issues lies in using strdup in ext/json/ext/generator/generator.c, which will stop after encountering a '\0' byte, returning a pointer to a string of length zero, which is not the length stored in space_len. Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-14064 Upstream patch: https://github.com/flori/json/commit/8f782fd8e181d9cfe9387ded43a5ca9692266b85 (From OE-Core rev: 17dbfd967019f9b50a9f6aa3f48cd3658fcccc70) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: fix CVE-2017-922{6-9}Joe Slater2017-08-195-0/+170
| | | | | | | | | | | | CVE-2017-9226 : check too big code point value for single byte CVE-2017-9227 : access to invalid address by reg->dmin value CVE-2017-9228 : invalid state(CCS_VALUE) in parse_char_class() CVE-2017-9229 : access to invalid address by reg->dmax value (From OE-Core rev: f15f01edbaa431829a50053d07ed6d6b333584c7) Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: fix CVE-2017-9224Joe Slater2017-08-182-0/+45
| | | | | | | | | Use DATA_ENSURE(1) before access. (From OE-Core rev: 9db907a0bd331c47c4882b82f9f1d2a7ef1f6d1f) Signed-off-by: Joe Slater <jslater@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Add/fix missing Upstream-Status to patchesRichard Purdie2017-06-271-0/+1
| | | | | | | | | This adds or fixes the Upstream-Status for all remaining patches missing it in OE-Core. (From OE-Core rev: 563cab8e823c3fde8ae4785ceaf4d68a5d3e25df) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: upgrade to 2.4.1Leonardo Sandoval2017-05-251-2/+2
| | | | | | | | (From OE-Core rev: 3ff2d0bc7a8e7a7e8c8e953dc0ccf84d891688ef) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: upgrade 2.3.3 -> 2.4.0Leonardo Sandoval2017-03-012-4/+4
| | | | | | | | | | | Two LIC_FILES_CHKSUM checksums changed (COPYING and LEGAL) but LICENSE remains the same. (From OE-Core rev: 2bbad067b6b928d4615df938d0e41fa84e451c15) Signed-off-by: Leonardo Sandoval <leonardo.sandoval.gonzalez@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: fix upstream version checkAlexander Kanavin2017-03-011-0/+1
| | | | | | | | (From OE-Core rev: 0299731f9c11fda2e0a17600f758e0d7ff31fbbe) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* recipes: Make use of the new bb.utils.filter() functionPeter Kjellerstedt2017-03-011-1/+1
| | | | | | | (From OE-Core rev: 0a1427bf9aeeda6bee2cc0af8da4ea5fd90aef6f) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: upgrade to 2.3.3Edwin Plauchu2016-12-221-2/+2
| | | | | | | | (From OE-Core rev: 99000d8bc30fe1eed60499140efa3a4cf0360478) Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: upgrade to 2.3.1Edwin Plauchu2016-11-302-3/+5
| | | | | | | | (From OE-Core rev: 11063a01d4511b2688ea7ba2d7359e4e07328c66) Signed-off-by: Edwin Plauchu <edwin.plauchu.camacho@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: obey LDFLAGS for the link of librubyChristopher Larson2016-05-142-1/+30
| | | | | | | (From OE-Core rev: 8da33111c924be0bef8e175c53dbd3a439dc9788) Signed-off-by: Christopher Larson <chris_larson@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: Upgrade to 2.2.5Khem Raj2016-05-131-6/+2
| | | | | | | | | | This is latest in 2.2 series, helps with compile using clang (From OE-Core rev: 9f1a8cc84105b077cb5896997b220f1f583075b5) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: break out ri-docs and rdoc into separate packagesIoan-Adrian Ratiu2016-02-191-2/+11
| | | | | | | | | | | | | | | | | The ri (Ruby Interactive) documentation for the Ruby standard library consumes a significant amount of space on disk. It is useful to developers, but is usually not necessary for users who just want to run applications written in Ruby. Break it out into a separate package so Ruby can be installed without it. Also break out the rdoc documentation generator in its own package. (From OE-Core rev: adc53d40932151b4822ce2ac74cb31306684ba95) Signed-off-by: Ben Shelton <ben.shelton@ni.com> Signed-off-by: Ioan-Adrian Ratiu <adrian.ratiu@ni.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: more removals of redunant FILES_${PN}-dbgRoss Burton2015-12-161-5/+0
| | | | | | | | | | In some recipes overly-split -dbg packages were merged into PN-dbg. Unless there's a very good reason, recipes should have a single -dev and -dbg package. (From OE-Core rev: a3b000643898d7402b9e57c02e8d10e677cc9722) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby-native: Depend on openssl-nativeKhem Raj2015-12-011-1/+1
| | | | | | | | | | | | | | | | | This dependency is floating otherwise, It races against openssl-native and when openssl config does not match with openssl on build host the build fails occasionally x86_64-linux/usr/include/openssl/ripemd.h:70:4: error: #error RIPEMD is disabled. # error RIPEMD is disabled. Change-Id: I5ff6d8f058ff99c64ad4dc7c0377724071003ae6 (From OE-Core rev: d0c8d98077622a700d92384f676770cb4d6d4f46) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* ruby: add a recipe from meta-rubyAlexander Kanavin2015-09-123-0/+93
Ruby is required to build webkit. Use trim_version() to build the major release, and remove redundant S assignment (RB). (From OE-Core rev: 10fd3b41449d1af15ac9432bc1a7fe26c6f1dae1) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>