Bug#986742: unblock: ruby2.7/2.7.3-1

To: Antonio Terceiro <terceiro@debian.org>, 986742@bugs.debian.org, Utkarsh Gupta <utkarsh@debian.org>
Subject: Bug#986742: unblock: ruby2.7/2.7.3-1
From: Sebastian Ramacher <sramacher@debian.org>
Date: Fri, 16 Apr 2021 14:15:54 +0200
Message-id: <YHl/+oeOCM0Yb091@ramacher.at>
Reply-to: Sebastian Ramacher <sramacher@debian.org>, 986742@bugs.debian.org
In-reply-to: <[🔎] YHjInrVGMv+eeW8E@debian.org>
References: <CAPP0f96n+CPsQkTOdRyTwC=O2PMf=Fed_JZVPLnSdsEPSRC60g@mail.gmail.com> <CAPP0f96n+CPsQkTOdRyTwC=O2PMf=Fed_JZVPLnSdsEPSRC60g@mail.gmail.com> <[🔎] YHjInrVGMv+eeW8E@debian.org> <CAPP0f96n+CPsQkTOdRyTwC=O2PMf=Fed_JZVPLnSdsEPSRC60g@mail.gmail.com>

Control: tags -1 + moreinfo

On 2021-04-15 20:13:34 -0300, Antonio Terceiro wrote:
> On Sun, 11 Apr 2021 03:04:42 +0530 Utkarsh Gupta <utkarsh@debian.org> wrote:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian.org@packages.debian.org
> > Usertags: unblock
> > X-Debbugs-Cc: debian-ruby@lists.debian.org
> > 
> > Hello,
> > 
> > Upstream has recently released a bug-fix only release after a
> > vulnerability, CVE-2021-28965, was discovered.
> > 
> > Upstream release note:
> > https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/
> > Upstream git logs b/w 2.7.2 and 2.7.3:
> > https://github.com/ruby/ruby/compare/v2_7_2...v2_7_3
> > 
> > This is clearly a bug-fix only release and it'd be *really great* to
> > have this included in Bullseye. (I'd be sad not to but..) I understand
> > it's your call to make after analyzing so attaching the debdiff for
> > your reference and help (snipping ChangeLog entries for noise
> > reduction).
> > 
> > Hopefully, it'd be OK to get this included and have an even nicer
> > ruby2.7 for Bullseye. Thanks.
> 
>  99 files changed, 39552 insertions(+), 23134 deletions(-)
> 
> The debian diff looks very big because of 3 generated files: ChangeLog,
> parse.c, and ext/ripper/ripper.c (the last two being bison/yacc
> generated parsers). If you filter those out, the result is a lot more
> palatable:
> 
>  96 files changed, 3761 insertions(+), 886 deletions(-)
> 
> Roughtly 1/3 of the insertions are test cases:
> 
>  32 files changed, 1150 insertions(+), 97 deletions(-)

Since the initial bug report didn't reach the list due the size of the
diff, could you or Utkarsh please prepare a filtered debdiff including
the changes to debian/? This would make it easier for us to reach a
decision. Thanks

Cheers

> 
> I have reviewed the upstream patches and compared the upstream diff with
> the debian diff, and indeed all the changes are bug fixes.
> 
> There was one marked as a "Feature" in the commit message, but it was
> really a follwup to fix an inconsistency in a feature that has been
> added in the 2.7 series already. It will cause formerly invalid syntax
> to be valid, but won't break any currently working code.
> 
> I think the risk with this update is low, and releasing with the latest
> available ruby bugfix release will make it easier to provide stable
> support in bullseye.
> 
> Full disclosure: I am trying to get ruby into new hands, but I'm still a
> comaintainer and care a lot about it, so I'm not an uninterested party
> here.



-- 
Sebastian Ramacher

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Bug#986742: unblock: ruby2.7/2.7.3-1
  - From: Antonio Terceiro <terceiro@debian.org>

References:
- Bug#986742: unblock: ruby2.7/2.7.3-1
  - From: Antonio Terceiro <terceiro@debian.org>

Prev by Date: Processed: Re: Bug#986742: unblock: ruby2.7/2.7.3-1
Next by Date: Bug#987015: [pre-approval] unblock: python-apt/2.2.0
Previous by thread: Bug#986742: unblock: ruby2.7/2.7.3-1
Next by thread: Processed: Re: Bug#986742: unblock: ruby2.7/2.7.3-1
Index(es):
- Date
- Thread