File mruby.changes of Package mruby
-------------------------------------------------------------------
Wed Jul 9 11:41:30 UTC 2025 - Ferdinand Thiessen <rpm@fthiessen.de>
- Update to 3.4.0
- mruby now supports `private` and `protected` visibility
- Maximum length of inlined symbols reduced from 5 to 4 characters
to provide space for visibility flags
- Many methods are made private according to CRuby visibility
- `initialize` method will be always private
- Add new hooks `method_removed`, `method_undefined`
- Add new hooks `singleton_method_removed`, `singleton_method_undefined`
- Hash `to_s` format has changed
- Remove Float bit-operation
- use SWAR technique for strlen performance
- use merge sort for `Array#sort`
- C API changes:
- pool.c renamed to mempool.c (and mrb_pool to mrb_mempool)
- mrb_pool_value renamed to mrb_irep_pool to reduce confusion
- rename BOXNIX_SET_VALUE to BOXNO_SET_VALUE
- `MRB_FROZEN_P()` is replaced by `mrb_frozen_p()`
- rename `color` to `gc_color`
- add `obj->frozen` instead of flags `MRB_SET_FROZEN_FLAG`/`MRB_UNSET_FROZEN_FLAG`
- Changes in mrbgems:
- **mruby-print**: removed; if you do not use `mruby-io`, mruby use `#print` etc. in the core
- **mruby-toplevel-ext**: top-level public/private/protected moved to the core
- **mruby-metaprog**: method list methods now works according to the visibility
- **mruby-encoding**: MRB_UTF8_STRING turned on automatically with this gem
- Update to 3.3.0
- aliases work properly with `super`
- `callee` method work differently with aliases in mruby
- define `Kernel#respond_to_missing?` method
- `_inspect` method (`inspect` with recursive check) is removed
- `__printstr__` method is removed; use `print` instead
- New method `String#bytesplice`
- Allow `return` in blocks to cross C boundaries
- mruby memory API
- `mrb_default_allocf` can be overridden by the application
- `mrb_open_allocf` will be deprecated
- Changes in C API
- add new error handling API functions
- Add `mrb_vm_ci_env_clear()` function with `MRB_API`
- a new function `mrb_check_frozen_value()`
- avoid formatting in `mrb_bug()`
- stop using `mrbc_` prefix for compiler context
- Allow `Class#allocate` to be prohibited. To disable `#allocate`, use `MRB_UNDEF_ALLOCATOR()`.
- Changes in mrbgems
- **mruby-binding**: renamed from `mruby-binding-core` of mruby3.2
- **mruby-binding**: implemented `Binding#initialize_copy` method
- **mruby-binding**: `Kernel#binding` responds only to calls from Ruby
- **mruby-enumerator**: remove internal attribute methods `obj`, `args`, `kwd`, `meth`, `fib`.
- Other breaking changes
- `mrb_f_raise()` is now an internal function
- `mrb_make_exception()` is now an internal function with different parameters
- The `File#path` method no longer uses the `#to_path` method for implicit conversion
- Update to 3.2.0
- Now `a::B = c` should evaluate `a` then `c`.
- Anonymous arguments `*`, `**`, `&` can be passed for forwarding.
- Multi-precision integer is available now via `mruby-bigint` gem.
- mruby VM and bytecode
- `OP_ARYDUP` was renamed to `OP_ARYSPLAT`. The instruction name
was changed but instruction number and basic behavior have not
changed (except that `ARYDUP nil` makes `[]`).
- `mruby` tool
- `-b` only specifies the script is the binary.
The files loaded by `-r` are not affected by the option.
- `mruby` now loads complied binary if the suffix is `.mrb`.
- `mrbc` tool
- Add `--no-optimize` option to disable optimization.
- mrbgems
- mruby-class-ext: Add `Class#subclasses` method.
- mruby-class-ext: Add `Module#undefined_instance_methods` method.
- mruby-errno is now included
- mruby-set is now included
- mruby-dir is now included
- Fixed security issues:
- CVE-2022-0080, CVE-2022-0240, CVE-2022-0326, CVE-2022-0631,
CVE-2022-0481, CVE-2022-0525, CVE-2022-0570, CVE-2022-0614,
CVE-2022-0623, CVE-2022-0630, CVE-2022-0631, CVE-2022-0632,
CVE-2022-0717, CVE-2022-0890, CVE-2022-1106, CVE-2022-1212,
CVE-2022-1276, CVE-2022-1286, CVE-2022-1934
- Removed upstream merged patches
- CVE-2022-1286.patch
- CVE-2022-1212.patch
- Added CVE-2025-7207.patch as an upstream patch for CVE-2025-7207
also known as boo#1246138
- Updated link-with-soname.patch
-------------------------------------------------------------------
Wed Feb 15 18:26:15 UTC 2023 - Ferdinand Thiessen <rpm@fthiessen.de>
- Update to 3.1.0
* New features:
* CRuby3.0 compatible keyword arguments are introduced.
* Keyword arguments are basically separated from ordinal arguments.
* Implement endless-def
* Replace `R-assignment` by `single-line pattern matching`
* Support squiggly heredocs.
* Hash value omission
* New library methods
* New supported directives for `mrbgems/mruby-pack`
* Breaking Changes
* `Kernel#printf` (`mruby-sprintf`) Format specifiers `%a` and `%A` are removed.
* `Kernel#puts` (`mruby-print`) Now expand Array arguments.
* mruby binaries are no longer backward compatible.
* Upgrade mruby VM version `RITE_VM_VER` to `0300` (means mruby 3.0 or after).
* Upgrade mruby binary version `RITE_BINARY_FORMAT_VER` to `0300`.
* `mruby3.0` removed `OP_EXT1`, `OP_EXT2`, `OP_EXT3` for operand extension.
But the operand size limitations was too tight for real-world application.
`mruby3.1` reintroduces those extension instructions.
* Some instructions are removed and some new are added,
see full changelog https://github.com/mruby/mruby/blob/3.1.0/doc/mruby3.1.md
* Fixed CVEs:
CVE-2021-4110, CVE-2021-4188, CVE-2022-0080, CVE-2022-0240,
CVE-2022-0326, CVE-2022-0481, CVE-2022-0631, CVE-2022-0632,
CVE-2022-0890, CVE-2022-1071, CVE-2022-1106, CVE-2022-1201,
CVE-2022-1427
- Drop upstream fixed:
* CVE-2021-4110.patch
* CVE-2022-0240.patch
* CVE-2022-0080.patch
* CVE-2022-0481.patch
- Replaced b1d0296a.patch with CVE-2022-1286.patch
-------------------------------------------------------------------
Tue Apr 26 18:57:21 UTC 2022 - Ferdinand Thiessen <rpm@fthiessen.de>
- Add b1d0296a.patch: fixing CVE-2022-1286 / boo#1198289
- Add CVE-2022-1212.patch: fixing CVE-2022-1212 / boo#1198089
-------------------------------------------------------------------
Mon Feb 21 11:32:34 UTC 2022 - Ferdinand Thiessen <rpm@fthiessen.de>
- Install libmruby_core library, required by mruby binary
- Fix missing SONAME in library by adding link-with-soname.patch
-------------------------------------------------------------------
Wed Feb 9 15:51:52 UTC 2022 - Ferdinand Thiessen <rpm@fthiessen.de>
- Added CVE-2022-0481.patch from upstream
fixed NULL Pointer Dereference boo#1195632 / CVE-2022-0481
- Fixed file attributes (executable bit for shared library)
-------------------------------------------------------------------
Tue Jan 18 08:58:03 UTC 2022 - Ferdinand Thiessen <rpm@fthiessen.de>
- Added CVE-2022-0080.patch from upstream,
fixed Heap-based Buffer Overflow boo#1194244 / CVE-2022-0080
-------------------------------------------------------------------
Tue Jan 18 08:47:09 UTC 2022 - Ferdinand Thiessen <rpm@fthiessen.de>
- Added CVE-2022-0240.patch from upstream,
fixed NULL Pointer Dereference boo#1194808 / CVE-2022-0240
-------------------------------------------------------------------
Thu Dec 16 11:30:22 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>
- Added CVE-2021-4110.patch from upstream, fixes boo#1193796 / CVE-2021-4110
-------------------------------------------------------------------
Sat May 15 14:01:43 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>
- Update to version 3.0.0
* New Core Language Features
* Implement endless-def. Ruby:Feature#16746
* Replace R-assignment by single-line pattern matching.
Ruby:Feature#15921
* Support squiggly heredocs. Ruby:Feature#5246
* Breaking Changes
* mruby VM and bytecode:
mruby binaries are no longer backward compatible
Upgrade mruby VM version RITE_VM_VER to 0300 (means mruby 3.0).
Upgrade mruby binary version RITE_BINARY_FORMAT_VER to 0200.
* Integer has been changed to a specification similar to CRuby.
* Integrate Fixnum and Integer.
* Remove Integral.
* int / int -> int
* Add APIs for Integer.
* Full change log:
https://mruby.org/releases/2021/03/05/mruby-3.0.0-released.html
-------------------------------------------------------------------
Fri May 7 14:26:23 UTC 2021 - Ferdinand Thiessen <rpm@fthiessen.de>
- Update to version 2.1.2
* IO#readchar returns a UTF-8 character fragment instead of
EOFError if EOF is reached in the middle of UTF-8 characters.
* This behavior is different from CRuby, but it is a mruby
specification that supports either ASCII or UTF-8 exclusively.
* Remove mrb_run() from C APIs.
* Fixed segmentation fault at mrb_io_s_select
* Fixed segmentation fault at mrb_vm_exec.
* Fixed some Hash methods are inconsistent with values when hash
has duplicate key.
* Fixed get local variable names from orphan block.
* Fixed memory leaks in some places when out of memory.
* Fixed heap buffer overflow in mruby interpreter.
* Fixed type tag not used when calculating hash code.
* Full log:
https://mruby.org/releases/2020/08/06/mruby-2.1.2-released.html
-------------------------------------------------------------------
Mon Jun 15 22:45:07 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
- update to 2.1.1
too many changes to include here
https://mruby.org/releases/2020/06/04/mruby-2.1.1-released.html
https://mruby.org/releases/2019/11/19/mruby-2.1.0-released.html
https://mruby.org/releases/2019/04/04/mruby-2.0.1-released.html
https://mruby.org/releases/2018/12/11/mruby-2.0.0-released.html
https://mruby.org/releases/2018/04/27/mruby-1.4.1-released.html
https://mruby.org/releases/2017/07/04/mruby-1.3.0-released.html
https://mruby.org/releases/2015/11/18/mruby-1.2.0-released.html
https://mruby.org/releases/2014/11/19/mruby-1.1.0-released.html
https://mruby.org/releases/2014/02/09/mruby-1.0.0-released.html
-------------------------------------------------------------------
Tue Jul 03 06:20:43 CET 2012 - pascal.bleser@opensuse.org
- initial version (0.0+20120701)
