Upstream/Downstream
Co-operation in Ruby
utkarsh2102
Debian Developer
$ whoami
➣ 20 y/o undergraduate student.
➣ Debian Developer (since Dec'19).
➣ Open-source contributor.
➣ GSoC'19 & '20 with Debian.
➣ Writing CVE patches for Debian (E)LTS!
➣ utkarsh2102 across the web.
About the project
The main goal of this project is to provide a tool to automatically detect those issues and report them upstream.
WHAT IS THE PROJECT?
During the maintenance of the Ruby packages in Debian, several issues in upstream codebases have been identified that make it difficult to build a Debian package out of Ruby gems.
The Ruby Together logo is licensed under MIT License.
Meet *the* Mentors
This project is being mentored by
David Rodríguez (@deivid-rodriguez)
Antonio Terceiro (@terceiro)
For the problem being faced, the best solution is to write a linter in the Ruby language.
WHAT ARE WE DOING?
SOLUTION
To write a linter (for any language), the first thing would be to create an Abstract Syntax Tree.
Thankfully, there exists such a thing already, called RuboCop, a Ruby static code analyzer and formatter.
IMPLEMENTATION
HOW IS IT TO BE DONE?
class GemspecGit < Cop
def_node_search :xstr, <<~PATTERN
(block
(send
(const
(const {cbase nil?} :Gem) :Specification) :new)
(args
(arg _)) `$(xstr (str start_with('git'))))
PATTERNThe usage of `git ls-files` in the `gemspec` file can be determined by the following AST:
STEP 1:
IMPLEMENTATION
HOW IS IT TO BE DONE?
def investigate(processed_source)
xstr(processed_source.ast).each do |node|
add_offense(
processed_source.ast,
location: node.loc.expression,
message: MSG
)
end
endThe next thing is to process the AST formed against the source code to match problematic lines:
STEP 2:
IMPLEMENTATION
HOW IS IT TO BE DONE?
RSpec.describe RuboCop::Cop::Packaging::GemspecGit do
subject(:cop) { described_class.new(config) }
let(:config) { RuboCop::Config.new }
let(:message) { RuboCop::Cop::Packaging::GemspecGit::MSG }
it 'registers an offense when using `git` for :files=' do
expect_offense(<<~RUBY)
Gem::Specification.new do |spec|
spec.files = `git ls-files`.split("\\n")
^^^^^^^^^^^^^^ #{message}
end
RUBY
end
endWrite tests \o/
STEP 3:
USAGE
HOW TO USE THIS TOOL?
Now, the tool is ready to be deployed, let's use this in other projects:
(this correctly determies the usage of `git ls-files` in the `gemspec` file)
Work Done So Far..
➣ Daily logs are available at gsocwithutkarsh2102.tk.
➣ 5 descriptive blogs have been written, available at
https://utkarsh2102.com.
➣ 2 cops have been written and
released. The latest version is
v0.2.0.
CeLEbR@E!!!!
Work Done So Far..
➣ 3rd cop is almost ready..
➣ The code is documented.
➣ 3 releases have been made at rubygems.org & Debian.
➣ Being used by 16 other libraries/applications.
+ 2 projects hosted on GitLab.
➣ packaging-style-guide is on its way.. :)
And more to come... \o/
Besides GSoC
➣ Maintaining packages for Ruby, Go, Perl, Python, and JS team.
➣ FTP Trainee => reviewing the ever-long NEW queue.
➣ Mailing list moderator.
➣ Bursary team, DebConf.
➣ Content team, DebConf.
➣ Helping security team with providing security patches.
➣ Debian (E)LTS security uploads to Stretch and Jessie.
➣ Organizing MiniDebConfs + orga for DebConf23.
➣ Mentoring newcomers + sponsoring a bunch of uploads.
With my DD hat on, I work(ed) on many more things besides GSoC.
@utkarsh2102
<utkarsh@debian.org>
RuboCop :: Packaging (DC20)
By utkarsh2102
RuboCop :: Packaging (DC20)
This slide is made for the purpose of my DC20 talk.
