!28 [sync] PR-27: Backport upstream fix for test failure with ruby3.2 wrt class_serial removal

From: @openeuler-sync-bot Reviewed-by: @jxy_git Signed-off-by: @jxy_git
2023-08-14 05:22:00 +00:00 · 2023-08-14 05:22:00 +00:00 · 8159f57b61
commit 8159f57b61
parent 069d221148 62672db840
7 changed files with 58 additions and 5 deletions
--- a/CVE-2023-22796.patch
+++ b/CVE-2023-22796.patch
@ -0,0 +1,26 @@
+From 2164d4f6a1bde74b911fe9ba3c8df1b5bf345bf8 Mon Sep 17 00:00:00 2001
+From: John Hawthorn <john@hawthorn.email>
+Date: Wed, 11 Jan 2023 10:14:55 -0800
+Subject: [PATCH] Avoid regex backtracking in Inflector.underscore
+
+[CVE-2023-22796]
+---
+ activesupport/lib/active_support/inflector/methods.rb | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/activesupport/lib/active_support/inflector/methods.rb b/activesupport/lib/active_support/inflector/methods.rb
+index 68a00d73f2..43abb9c4e1 100644
+--- a/activesupport/lib/active_support/inflector/methods.rb
+++ b/activesupport/lib/active_support/inflector/methods.rb
+@@ -97,7 +97,7 @@ def underscore(camel_cased_word)
+       return camel_cased_word.to_s unless /[A-Z-]|::/.match?(camel_cased_word)
+       word = camel_cased_word.to_s.gsub("::", "/")
+       word.gsub!(inflections.acronyms_underscore_regex) { "#{$1 && '_' }#{$2.downcase}" }
+-      word.gsub!(/([A-Z]+)(?=[A-Z][a-z])|([a-z\d])(?=[A-Z])/) { ($1 || $2) << "_" }
+      word.gsub!(/([A-Z])(?=[A-Z][a-z])|([a-z\d])(?=[A-Z])/) { ($1 || $2) << "_" }
+       word.tr!("-", "_")
+       word.downcase!
+       word
+-- 
+2.35.1
+
--- a/activesupport-7.0.4-tests.txz
+++ b/activesupport-7.0.4-tests.txz
--- a/activesupport-7.0.4.gem
+++ b/activesupport-7.0.4.gem
--- a/activesupport-7.0.6.gem
+++ b/activesupport-7.0.6.gem
--- a/rails-7.0.4-tools.txz
+++ b/rails-7.0.4-tools.txz
--- a/rubygem-activesupport-7.0.4-ruby32-rubyvm-class_serial-removal.patch
+++ b/rubygem-activesupport-7.0.4-ruby32-rubyvm-class_serial-removal.patch
@ -0,0 +1,23 @@
+From 60ffaac2e9644076e53afa1a2b1a716e289b7085 Mon Sep 17 00:00:00 2001
+From: Akira Matsuda <ronnie@dio.jp>
+Date: Thu, 15 Dec 2022 15:45:27 +0900
+Subject: [PATCH] RubyVM class serial is no longer available in Ruby 3.2
+
+since ruby/ruby@13bd617ea6fdf72467c593639cf33312a06c330c
+---
+ activesupport/test/executor_test.rb | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/activesupport/test/executor_test.rb b/activesupport/test/executor_test.rb
+index d366ae55b6e0..27872458d95b 100644
+--- a/activesupport/test/executor_test.rb
+++ b/activesupport/test/executor_test.rb
+@@ -226,7 +226,7 @@ def test_hook_insertion_order
+   end
+ 
+   def test_class_serial_is_unaffected
+-    skip if !defined?(RubyVM)
+    skip if !defined?(RubyVM) || !RubyVM.stat.has_key?(:class_serial)
+ 
+     hook = Class.new do
+       define_method(:run) do
--- a/rubygem-activesupport.spec
+++ b/rubygem-activesupport.spec
@ -1,8 +1,8 @@
 %global gem_name activesupport
 Name:                rubygem-%{gem_name}
 Epoch:               1
-Version:             7.0.6
-Release:             1
+Version:             7.0.4
+Release:             3
 Summary:             A support libraries and Ruby core extensions extracted from the Rails framework
 License:             MIT
 URL:                 http://rubyonrails.org
@ -23,6 +23,9 @@ Patch1: rubygem-activesupport-7.0.2.3-Remove-the-multi-call-form-of-assert_calle
 Patch2: rubygem-activesupport-7.0.2.3-Remove-the-multi-call-form-of-assert_called_with-test.patch
 # https://github.com/rails/rails/pull/45370
 Patch3: rubygem-activesupport-7.0.2.3-Fix-tests-for-minitest-5.16.patch
+Patch4: CVE-2023-22796.patch
+# Fix for test failure with ruby3.2 wrt class_serial removal
+Patch5: rubygem-activesupport-7.0.4-ruby32-rubyvm-class_serial-removal.patch

 Requires:            rubygem(bigdecimal) rubygem(json)
 BuildRequires:       ruby(release) rubygems-devel ruby >= 2.2.2 rubygem(bigdecimal) rubygem(builder)
@ -30,7 +33,6 @@ BuildRequires:       rubygem(concurrent-ruby) rubygem(connection_pool) rubygem(d
 BuildRequires:       (rubygem(i18n) >= 0.7 with rubygem(i18n) < 2) rubygem(minitest) >= 5.0.0
 BuildRequires:       rubygem(rack) rubygem(tzinfo) >= 2.0 rubygem(listen) rubygem(redis) memcached rubygem(rexml)
 BuildArch:           noarch
-
 %description
 A toolkit of support libraries and Ruby core extensions extracted from the
 Rails framework. Rich support for multibyte strings, internationalization,
@ -47,9 +49,11 @@ Documentation for %{name}.
 %setup -q -n %{gem_name}-%{version} -b1 -b2
 %patch1 -p2
 %patch3 -p2
+%patch4 -p2

 pushd %{_builddir}
 %patch2 -p2
+%patch5 -p2
 popd

 %build
@ -96,8 +100,8 @@ popd
 %doc %{gem_instdir}/README.rdoc

 %changelog
-* Wed Aug 02 2023 jiangxinyu <jiangxinyu@kylinos.cn> - 1:7.0.6-1
- Upgrade to version 7.0.6
+* Mon Aug 14 2023 caiyuxin <caiyuxin@kylinos.cn> - 1:7.0.4-3
+- Backport upstream fix for test failure with ruby3.2 wrt class_serial removal

 * Tue Feb 21 2023 wushaozheng <wushaozheng@ncti-gba.cn> - 1:7.0.4-2
 - fix CVE-2023-22796