Bug 223781

Summary: [exp-run] make rubygem-* ports reproducible
Product: Ports & Packages Reporter: Steve Wills <swills>
Component: Package InfrastructureAssignee: Steve Wills <swills>
Status: Closed FIXED    
Severity: Affects Only Me CC: emaste
Priority: --- Flags: antoine: exp-run+
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
patch to make rubygem builds reproducible
none
second version of patch to make rubygem builds reproducible none

Description Steve Wills freebsd_committer freebsd_triage 2017-11-21 14:27:50 UTC 
Created attachment 188152 [details]
patch to make rubygem builds reproducible

Please see attached patch which makes rubygem-* packages reproducible. Please run exp-run with this patch.
Comment 1 Steve Wills freebsd_committer freebsd_triage 2017-11-21 17:25:03 UTC 
Note that in order to actually build reproducibly, this patch will also have to be committed:

https://reviews.freebsd.org/D4385
Comment 2 Steve Wills freebsd_committer freebsd_triage 2017-11-21 17:26:50 UTC 
Also note these upstream bugs:

https://bugs.ruby-lang.org/issues/13628

and

https://bugs.ruby-lang.org/issues/13627

I believe the correct upstream fix would not be these patches, but instead to make it possible to note store the timestamp.
Comment 3 Steve Wills freebsd_committer freebsd_triage 2017-11-21 19:19:05 UTC 
Created attachment 188180 [details]
second version of patch to make rubygem builds reproducible

Removed patch-lib_rdoc_rdoc.rb since it's not needed.
Comment 4 Antoine Brodin freebsd_committer freebsd_triage 2017-11-22 11:47:15 UTC 
Exp-run looks fine.
Comment 5 commit-hook freebsd_committer freebsd_triage 2017-11-22 13:27:54 UTC 
A commit references this bug:

Author: swills
Date: Wed Nov 22 13:27:38 UTC 2017
New revision: 454686
URL: https://svnweb.freebsd.org/changeset/ports/454686

Log:
  lang/ruby2?: make rubygem-* ports reproducible

  PR:		223781
  exp-run by:	antoine

Changes:
  head/Mk/bsd.ruby.mk
  head/lang/ruby22/files/patch-lib_rdoc_generator_json_index.rb
  head/lang/ruby23/files/patch-lib_rdoc_generator_json_index.rb
  head/lang/ruby24/files/patch-lib_rdoc_generator_json_index.rb
Comment 6 commit-hook freebsd_committer freebsd_triage 2017-12-19 02:23:15 UTC 
A commit references this bug:

Author: swills
Date: Tue Dec 19 02:22:54 UTC 2017
New revision: 456701
URL: https://svnweb.freebsd.org/changeset/ports/456701

Log:
  MFH: r454686 r456700

  lang/ruby2?: make rubygem-* ports reproducible

  PR:		223781
  exp-run by:	antoine

  Update lang/ruby2[2,3,4] to latest versions.

  Fixes a security issue.

  PR:		224356
  Submitted by:	Yasuhiro KIMURA <yasu@utahime.org>
  Security:	dd644964-e10e-11e7-8097-0800271d4b9c

  Approved by:	ports-secteam (implicit)

Changes:
_U  branches/2017Q4/
  branches/2017Q4/Mk/bsd.ruby.mk
  branches/2017Q4/lang/ruby22/distinfo
  branches/2017Q4/lang/ruby22/files/patch-lib_rdoc_generator_json_index.rb
  branches/2017Q4/lang/ruby22/pkg-plist
  branches/2017Q4/lang/ruby23/distinfo
  branches/2017Q4/lang/ruby23/files/patch-lib_rdoc_generator_json_index.rb
  branches/2017Q4/lang/ruby23/pkg-plist
  branches/2017Q4/lang/ruby24/distinfo
  branches/2017Q4/lang/ruby24/files/patch-lib_rdoc_generator_json_index.rb
  branches/2017Q4/lang/ruby24/pkg-plist