From Fedora Project Wiki

Revision as of 20:40, 10 November 2022 by Bcotton (talk | contribs) (Change submitted to FESCo)


Ruby 3.2

This is a proposed Change for Fedora Linux.
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.

Summary

Ruby 3.2 is the latest stable version of Ruby. Many new features and improvements are included for the increasingly diverse and expanding demands for Ruby. With this major update from Ruby 3.1 in Fedora 37 to Ruby 3.2 in Fedora 38, Fedora becomes the superior Ruby development platform.

Owner


Current status

  • Targeted release: Fedora Linux 38
  • Last updated: 2022-11-10
  • devel thread
  • FESCo issue: #2893
  • Tracker bug: <will be assigned by the Wrangler>
  • Release notes tracker: <will be assigned by the Wrangler>

Detailed Description

Ruby 3.2 is upstream's new major release of Ruby. Many new features and improvements are included.

Regexp timeout

A timeout feature for Regexp matching is introduced.

It is known that Regexp matching may take unexpectedly long. If your code attempts to match an possibly inefficient Regexp against an untrusted input, an attacker may exploit it for efficient Denial of Service (so-called Regular expression DoS, or ReDoS).

The risk of DoS can be prevented or significantly mitigated by configuring Regexp.timeout according to the requirements of your Ruby application. Please try it out in your application and welcome your feedback.

Other Notable New Features

  • Language
    • Anonymous rest and keyword rest arguments can now be passed as arguments, instead of just used in method parameters.
    • A proc that accepts a single positional argument and keywords will no longer autosplat.
    • Constant assignment evaluation order for constants set on explicit objects has been made consistent with single attribute assignment evaluation order.
    • Find pattern is no longer experimental.
    • Methods taking a rest parameter and wishing to delegate keyword arguments through foo(*args) must now be marked with ruby2_keywords
  • Performance improvements
    • YJIT
      • Support arm64 / aarch64 on UNIX platforms.
      • Building YJIT requires Rust 1.58.1+.

Other notable changes since 3.1

  • Hash
    • Hash#shift now always returns nil if the hash is empty, instead of returning the default value or calling the default proc.
  • MatchData
    • MatchData#byteoffset has been added.
  • Module
    • Module.used_refinements has been added.
    • Module#refinements has been added.
    • Module#const_added has been added.
  • Proc
    • Proc#dup returns an instance of subclass.
    • Proc#parameters now accepts lambda keyword.
  • Refinement
    • Refinement#refined_class has been added.
  • Set
    • Set is now available as a builtin class without the need for require "set". It is currently autoloaded via the Set constant or a call to Enumerable#to_set.
  • String
    • String#byteindex and String#byterindex have been added.
    • Update Unicode to Version 14.0.0 and Emoji Version 14.0. (also applies to Regexp)
    • String#bytesplice has been added.
  • Struct
    • A Struct class can also be initialized with keyword arguments without keyword_init: true on Struct.new

Compatibility issues

  • Removed constants
    • Fixnum and Bignum
    • Random::DEFAULT
    • Struct::Group
    • Struct::Passwd
  • Removed methods
    • Dir.exists?
    • File.exists?
    • Kernel#=~
    • Kernel#taint, Kernel#untaint, Kernel#tainted?
    • Kernel#trust, Kernel#untrust, Kernel#untrusted?

C API updates

  • Removed C APIs
    • rb_cData variable.
    • "taintedness" and "trustedness" functions.

Feedback

Benefit to Fedora

With a latest release, Ruby language is supporting the newest language features, which enables even faster and easier development of Ruby applications.

Scope

  • Other developers:
    • Rebuild of packages with binary extensions (i.e. packages which depends on libruby) will be handled automatically, but some packages might need fixes/updates to support Ruby 3.2 properly.
  • Release engineering: #11115
    • The packages are going to be rebuild in side-tag, but that does not need releng involvement nowadays.
  • Policies and guidelines: N/A (not needed for this Change)
  • Trademark approval: N/A (not needed for this Change)
  • Alignment with Objectives:

Upgrade/compatibility impact

  • User specific Ruby binary extensions need to be rebuild.
  • Ruby packages/application dependencies might need to be adjusted if newly bundled gems are used.

How To Test

  • No special hardware is needed.
  • To test, install Ruby 3.2. The test builds are published in PR or on Ruby-SIG ML
  • Try to locally rebuild your packages using Ruby 3.2.
  • Use the packages with your applications previously written in Ruby.
  • If something doesn't work as it should, let us know.

User Experience

The Ruby programs/scripts should behave as they were used to.

Dependencies

$ dnf repoquery --disablerepo=* --enablerepo=rawhide --enablerepo=rawhide-source --arch=src --whatrequires 'ruby-devel' | sort | uniq | wc -l
130

Contingency Plan

  • Contingency mechanism: We would like to get a special buildroot tag to be able to rebuild necessary the packages with Ruby 3.2. If anything goes wrong, the tag could be easily dropped and previous version of Ruby 3.1 and its dependencies stays intact. The tag would be merged into F38 after everything is rebuild.
  • Contingency deadline: Mass Rebuild
  • Blocks release? No


Documentation

Release Notes

  • The Ruby 3.2 bumps soname, therefore Ruby packages, which use binary extensions, should be rebuilt. Nevertheless, since upstream paid great attention to source compatibility, no changes to your code are needed.

https://github.com/ruby/ruby/blob/master/NEWS.md