Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 312547

Summary: Please stabilize dev-java/jruby-1.4.1
Product: Gentoo Linux Reporter: Paweł Hajdan, Jr. (RETIRED) <phajdan.jr>
Component: [OLD] JavaAssignee: Java team <java>
Status: RESOLVED FIXED    
Severity: enhancement CC: dliana, ruby
Priority: High Keywords: STABLEREQ
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on: 295840, 317435, 318153, 320733, 325667, 325669    
Bug Blocks: 284294, 318151, 321043, 325695    

Description Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2010-04-01 06:01:09 UTC 
Needed for netbeans. If you're ok with this, please cc archs.
Comment 1 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2010-04-26 13:30:28 UTC 
Maintainer timeout, adding archs.
Comment 2 Vlastimil Babka (Caster) (RETIRED) gentoo-dev 2010-04-27 06:51:44 UTC 
Please hold, seems we need to bump it.
http://www.jruby.org/2010/04/26/jruby-1-4-1-xss-vulnerability.html

Although it seems the problem is in jcodings not jruby itself.
Comment 3 Vlastimil Babka (Caster) (RETIRED) gentoo-dev 2010-04-28 11:24:32 UTC 
1.4.1 is fine - the source is not different from 1.4.0 but depends on a fixed jcodings
Comment 4 Markos Chandras (RETIRED) gentoo-dev 2010-05-27 16:52:52 UTC 
jruby requires nailgun but this bug #295840 is a blocker to this one
Comment 5 Hans de Graaff gentoo-dev Security 2010-06-05 07:04:37 UTC 
Please also stabilize dev-ruby/rake-0.8.7-r4 when you stabilize jruby. This revision of rake has support for jruby and will be needed to stabilize any additional ruby software.
Comment 6 Hans de Graaff gentoo-dev Security 2010-06-14 19:30:24 UTC 
There seems to be some confusion on the ruby side of this bug, so I'm summarizing all of the packages that need to be stabilized. Note that these packages all need to be stabilized together since they are interdependent. We need to include the jruby support in the ruby packages, but obviously this depends on a stable jruby. Working in the following order should keep repoman happy.

dev-ruby/rake-0.8.7-r4
dev-ruby/builder-2.1.2-r1
dev-ruby/rubygems-1.3.6-r2
virtual/rubygems-0-r2
dev-ruby/jruby-openssl-0.6-r1
dev-java/jruby-1.4.1
Comment 7 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2010-06-14 19:33:31 UTC 
(In reply to comment #6)
> There seems to be some confusion on the ruby side of this bug, so I'm
> summarizing all of the packages that need to be stabilized. Note that these
> packages all need to be stabilized together since they are interdependent.
> Working in the following order should keep repoman happy.

Thanks for the list, it's really helpful. Please note there are at least two other issues blocking this stabilization: bug #295840 and bug #322195.
Comment 8 Alistair Bush (RETIRED) gentoo-dev 2010-06-26 12:11:12 UTC 
(In reply to comment #7)
> Thanks for the list, it's really helpful. Please note there are at least two
> other issues blocking this stabilization: bug #295840 and bug #322195.

Tests are restricted in jruby so #322195 is not a blocker for this bug.
Comment 9 Alistair Bush (RETIRED) gentoo-dev 2010-06-26 12:41:05 UTC 
nailgun ebuild has fixed #295840 so it should no longer be a issue.  I will do the reverse if the cjk maintainers don't do it within the next few days
Comment 10 Christoph Mende (RETIRED) gentoo-dev 2010-06-29 10:21:23 UTC 
amd64 stable
Comment 11 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2010-06-30 15:46:46 UTC 
x86 stable, closing, thanks everyone!