| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Start update of Ruby on Rails to 6.0.3.
|
|
ruby26-base and beyond don't need this patch anymore. They get the
configuration directory from Gem::ConfigFile::SYSTEM_CONFIG_PATH, which
is set to RbConfig::CONFIG["sysconfdir"], which in turn is set to
PKGSYSCONFDIR.
|
|
Introduce GEM_KEEPBUILD which specifies file should not be removed by
GEM_CLEANBUILD.
|
|
|
|
Update ruby24-base (and ruby24) to 2.4.10.
This release includes a security fix. Please check the topics below for
details.
* CVE-2020-16255: Unsafe Object Creation Vulnerability in JSON (Additional
fix)
Ruby 2.4 is now under the state of the security maintenance phase, until the
end of March of 2020. After that date, maintenance of Ruby 2.4 will be
ended. Thus, this release would be the last of Ruby 2.4 series. We
recommend you immediately upgrade Ruby to newer versions, such as 2.7 or 2.6
or 2.5.
|
|
Update ruby25-base (and ruby25) to 2.5.8.
2.5.8 (2020-03-31)
This release includes security fixes. Please check the topics below for
details.
* CVE-2020-16255: Unsafe Object Creation Vulnerability in JSON (Additional
fix)
* CVE-2020-10933: Heap exposure vulnerability in the socket library
|
|
Update ruby27-base (and ruby27) to 2.7.1.
2.7.1 (2020-03-31)
This release includes security fixes. Please check the topics below for
details.
* CVE-2020-16255: Unsafe Object Creation Vulnerability in JSON (Additional
fix)
* CVE-2020-10933: Heap exposure vulnerability in the socket library
|
|
Update ruby26-base (and ruby26 related packages) to 2.6.6.
2.6.6 (2020-03-31)
This release includes security fixes. Please check the topics below for
details.
* CVE-2020-16255: Unsafe Object Creation Vulnerability in JSON (Additional
fix)
* CVE-2020-10933: Heap exposure vulnerability in the socket library
|
|
Add "used by" lines in comment for lang/ruby27/Makefile and
ruby27-base/Makefile.
|
|
Drop support for Ruby on Rails 4.2 packages.
|
|
Add add support for Ruby on Rails 6.0.
|
|
Start update of rails51 to 5.2.4.2.
|
|
Start update of rails51 to 5.1.7.
|
|
Change RUBY_RAILS_DEFAULT to 52; Ruby on Rails 5.2 to default since
Rails 4.2 is EOL.
|
|
* Drop support for Ruby 2.2.
* Update document in comment for Ruby 2.7.
|
|
Add support for Ruby 2.7.
|
|
Add RUBY_VERSIONS_INCOMPATIBLE document in comment.
|
|
Seems to cause the exact same problem building miniruby.
|
|
pkglint -r --network --only "migrate"
As a side-effect of migrating the homepages, pkglint also fixed a few
indentations in unrelated lines. These and the new homepages have been
checked manually.
|
|
Change default vesion of Ruby from 2.4.x to 2.6.x.
* Ruby 2.7 will be released within this year.
* Ruby 2.6.x is stable enough and actively maintained.
* Ryby 2.5.x will be in security maintenance phase after
release of Ruby 2.7.
* Ruby 2.4.x will be EOL after 31th March 2020.
|
|
pkglint -Wall -F --only aligned --only indent -r
No manual corrections.
|
|
Replace RUBY_BUILD_RDOC and RUBY_BUILD_RI with RUBY_BUILD_DOCUMENT since
rdoc's --no-rdoc and --no-ri options are deprecated almost 8 years ago
and these options are replaced with -no-document option.
No package should be changed.
|
|
Update ruby26-base and ruby26 packges to 2.6.5
pkgsrc chagnes
* fix warnings of pkglint.
Quote from release announce:
Ruby 2.6.5 (2019-10-01)
This release includes security fixes. Please check the topics below for
details.
* CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test
* CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
* CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and
File.fnmatch?
* CVE-2019-16201: Regular Expression Denial of Service vulnerability of
WEBrick's Digest access authentication
|
|
Update ruby25-base, ruby25 and ruby25-mode packges to 2.5.7.
pkgsrc chagnes
* fix warnings of pkglint.
Quote from release announce:
Ruby 2.5.7 (2019-10-01)
This release includes security fixes as listed below. Please check the
topics below for details.
* CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test
* CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
* CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and
File.fnmatch?
* CVE-2019-16201: Regular Expression Denial of Service vulnerability of
WEBrick's Digest access authentication
|
|
Update ruby24-base and related packges to 2.4.9.
pkgsrc chagnes
* fix warnings of pkglint.
Quote from release announce:
Ruby 2.4.8 (2019-10-01)
This release includes security fixes. Please check the topics below for
details.
* CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test
* CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
* CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and
File.fnmatch?
* CVE-2019-16201: Regular Expression Denial of Service vulnerability of
WEBrick¡Çs Digest access authentication
Ruby 2.4.9 (2019-10-02)
This release is a re-package of 2.4.8 because the previous Ruby 2.4.8
release tarball does not install. (See [Bug #16197] in detail.) There are no
essential change except their version numbers between 2.4.8 and 2.4.9.
Ruby 2.4 is now under the state of the security maintenance phase, until the
end of March of 2020. After that date, maintenance of Ruby 2.4 will be
ended. We recommend you start planning the migration to newer versions of
Ruby, such as 2.6 or 2.5.
|
|
Fix a warning of pkglint.
|
|
|
|
Update lang/ruby26-base and lang/ruby26 to 2.6.4.
Ruby 2.6.4 (2019-08-28)
Ruby 2.6.4 has been released.
This release includes a security fix of rdoc. Please check the topics below
for details.
* Multiple jQuery vulnerabilities in RDoc
See the commit logs for changes in detail.
|
|
Update ruby25-base/ruby25 to 2.5.6.
Ruby 2.5.6 (2019-08-28)
Ruby 2.5.6 has been released.
This release includes about 40 bug fixes after the previous release, and also includes a security fix. Please check the topics below for details.
* Multiple jQuery vulnerabilities in RDoc
See the commit log for details.
|
|
2.4.7 (2019-08-28)
Ruby 2.4.7 has been released.
This release includes a security fix. Please check the topics below for
details.
* Multiple jQuery vulnerabilities in RDoc
Ruby 2.4 is now under the state of the security maintenance phase, until
the end of March of 2020. After that date, maintenance of Ruby 2.4 will be
ended. We recommend you start planning the migration to newer versions of
Ruby, such as 2.6 or 2.5.
|
|
pkglint -Wall -r --only "substitution command" -F
With manual review and indentation fixes since pkglint doesn't get that
part correct in every case.
|
|
Update ruby26{,-base} to 2.6.3. Here is release announce:
Ruby 2.6.3 Released
Posted by naruse on 17 Apr 2019
Ruby 2.6.3 has been released.
This release adds support for New Japanese Era “令和” (Reiwa). It updates
the Unicode version to 12.1 beta (#15195), and updates date library (#15742).
This release also includes some bug fixes. See details commit logs.
|
|
Remove support for ruby23.
|
|
Start update of ruby-rails52.
|
|
Start update of ruby-rails51.
|
|
Start update of ruby-rails42.
|
|
* vulnerabilities of rubygems are already fixed in 2.4.5nb1.
Ruby 2.4.6 Released 1 Apr 2019
Ruby 2.4.6 has been released.
This release includes about 20 bug fixes after the previous release, and also
includes several security fixes. Please check the topics below for details.
* Multiple vulnerabilities in RubyGems
See the commit log for details.
After this release, we will end the normal maintenance phase of Ruby 2.4, and
start the security maintenance phase of it. This means that after the release
of 2.4.6 we will never backport any bug fixes to 2.4 except security fixes.
The term of the security maintenance phase is scheduled for 1 year. By the
end of this term, official support of Ruby 2.4 will be over. Therefore, we
recommend that you start planning to upgrade to Ruby 2.6 or 2.5.
|
|
Revert previous, not yet.
|
|
Start update of Ruby on Rails42 to 4.2.11.1.
|
|
Update ruby26{,-base} to 2.6.2.
Quote from release announce.
Ruby 2.6.2 (2019-03-13)
This release includes bug fixes and a security update of the bundled
RubyGems.
See details in Multiple vulnerabilities in RubyGems and the commit logs.
|
|
Update ruby25{,-base} to 2.5.5.
Quote from release announce:
Ruby 2.5.4 (2019-03-13)
This release includes bug fixes and a security update of the bundled
RubyGems. See details in Multiple vulnerabilities in RubyGems and the commit
logs.
Ruby 2.5.5 (2019-03-15)
This release includes a bug fix for the deadlock in the
multi-thread+multi-process (using Process.fork) applications (ex: puma).
|
|
Remove support for Ruby on Rails 3.2 packages.
|
|
Switch default Ruby on Rails version to 4.2.
|
|
Add support for Ruby on Rails 5.2.
|
|
OVERRIDE_GEMSPEC would not only update rubygem's dependency but also
its meta data.
|
|
* Use "bsdtar" instead of "gtar" as advised by leot@.
* Add "used by" lines for ruby26 and ruby26-base.
|
|
* Add support for Ruby 2.6 with release 2.6.1.
|
|
Use gtar to extract Ruby distfiles.
|
|
Remove "22" from RUBY_VERSIONS_ACCEPTED. Now Ruby 2.2 based package would
be lang/ruby22, devel/ruby-redmine and related packages.
|
|
Switch to use distfiles in '.xz' format.
|
