October 2024 - ruby-core - ml.ruby-lang.org

[ruby-core:119548] [Ruby master Feature#18336] How to deal with Trojan Source vulnerability
by wilburlo (Daniel Lo) 21 Oct '24

21 Oct '24

Issue #18336 has been updated by wilburlo (Daniel Lo). Please consider the issue of ASCII smuggling as a potential aspect of this problem. While I don’t currently see how ASCII smuggling could be used to affect Ruby, I do believe it would be worthwhile to explore if the command "ruby -c" should implement checks to detect bi-directional characters or ASCII smuggling. For more information, you may find this resource helpful: * https://embracethered.com/blog/posts/2024/hiding-and-finding-text-with-unic… ---------------------------------------- Feature #18336: How to deal with Trojan Source vulnerability https://bugs.ruby-lang.org/issues/18336#change-110164 * Author: duerst (Martin Dürst) * Status: Feedback ---------------------------------------- The "Torjan Source" vulnerability recently has caught some attention. The vulnerability involves using certain combinations of Unicode characters to let source code look like it is correct (and therefore pass code review,...) but actually do something else than intended. For background, please see discussion on KrebsonSecurity (https://krebsonsecurity.com/2021/11/trojan-source-bug-threatens-the-securit…) and the Web site (https://www.trojansource.codes/) and original paper (https://www.trojansource.codes/trojan-source.pdf) I contacted the Ruby security list, which was already aware of the issue, and we agreed to discuss this here because the vulnerability is already public. The paper focuses on the use of [A] Directional Formatting Characters (*1) in string constants, comments, and similar constructs to change the visual appearance of code outside these constructs. There are related vulnerabilities, namely the use of [B] non-spacing (and therefore mostly invisible) characters e.g. in variable names, and the use of [C] mixed-script identifiers, which also lets some variable names look identical even if they are not. Some languages, such as Rust, have addressed [A] (see https://blog.rust-lang.org/2021/11/01/cve-2021-42574.html) by requiring escapes to be used for the relevant characters in source. On the other hand, people such as Russ Cox think compilers are the wrong place to address the issue; it should be addressed in editors and similar tools (see https://research.swtch.com/trojan) Github now warns about The question is what Ruby should do, if anything. Addressing [A] similar to how Rust does it can be done relatively easily. If that's done, I'd prefer to only reject incomplete Bidi control sequences, which is a bit more complicated. In particular, string interpolation needs a very careful analysis. For [B], I'll open a separate issue. For [C], we have all data about scripts, but the way it's currently structured makes finding out which character a script belongs to quite inefficient. (*1) "Directional Formatting Character" is the official Unicode term (see https://www.unicode.org/reports/tr9/#Directional_Formatting_Characters) The terms "Bidi/Bidirectional control" or "Bidi/Bidirectional control character" are also used. Overall, there are 9 such characters. Unfortunately, both the paper and KrebsonSecurity use the term "Bidi Override", which is highly misleading. The term “Bidi Override” is reserved for two characters only: LRO, U+202D, Left-to-Right Override, and RLO, U+202E, Right-to-Left Override (see Table 1 in the paper). It is also used for the phenomenon associated with these two characters, a “hard” override (i.e. affecting all characters including e.g. the Latin alphabet), and mechanisms in other technology that achieve the same (e.g. the HTML bdo element (https://html.spec.whatwg.org/#the-bdo-element) or the ‘bidi-override’ value of the unicode-bidi property in CSS (https://www.w3.org/TR/CSS2/visuren.html#propdef-unicode-bidi)) -- https://bugs.ruby-lang.org/

1 0

[ruby-core:119352] [Ruby master Bug#20771] make-snapshot is broken with ubuntu-latest
by hsbt (Hiroshi SHIBATA) 21 Oct '24

21 Oct '24

Issue #20771 has been reported by hsbt (Hiroshi SHIBATA). ---------------------------------------- Bug #20771: make-snapshot is broken with ubuntu-latest https://bugs.ruby-lang.org/issues/20771 * Author: hsbt (Hiroshi SHIBATA) * Status: Closed * Assignee: hsbt (Hiroshi SHIBATA) * Backport: 3.1: REQUIRED, 3.2: REQUIRED, 3.3: REQUIRED ---------------------------------------- `make-snapshot` is broken now with the following failure. ``` Command Line Error: Unknown switch: -l creating zip archive... /home/runner/work/actions/actions/pkg/snapshot-ruby_3_3.zip 0.003 failed ``` I opened PRs to stable branches: * https://github.com/ruby/ruby/pull/11729 * https://github.com/ruby/ruby/pull/11730 * https://github.com/ruby/ruby/pull/11731 -- https://bugs.ruby-lang.org/

2 1

[ruby-core:119537] [Ruby master Bug#20802] It is possible to set the encoding of an IO instance to one that requires binmode when binmode is not set
by javanthropus (Jeremy Bopp) 21 Oct '24

21 Oct '24

Issue #20802 has been reported by javanthropus (Jeremy Bopp). ---------------------------------------- Bug #20802: It is possible to set the encoding of an IO instance to one that requires binmode when binmode is not set https://bugs.ruby-lang.org/issues/20802 * Author: javanthropus (Jeremy Bopp) * Status: Open * ruby -v: ruby 3.3.4 (2024-07-09 revision be1089c8ec) [x86_64-linux] * Backport: 3.1: UNKNOWN, 3.2: UNKNOWN, 3.3: UNKNOWN ---------------------------------------- I don't know what problems this may cause, but there are guards against setting the encoding of an IO instance to one such as UTF-16LE when the IO instance is not set to binary mode. Here is a method to bypass those guards: ```ruby f1 = File.open('/dev/null') f2 = File.open('/dev/null') f1.binmode f1.set_encoding('utf-16le') f2.set_encoding('utf-8') f1.reopen(f2) f1.binmode? # <= false f1.external_encoding # <= Encoding::UTF_16LE ``` -- https://bugs.ruby-lang.org/

1 0

[ruby-core:119536] [Ruby master Bug#20801] Handling non-ascii drive letter on Windows
by mame (Yusuke Endoh) 21 Oct '24

21 Oct '24

Issue #20801 has been reported by mame (Yusuke Endoh). ---------------------------------------- Bug #20801: Handling non-ascii drive letter on Windows https://bugs.ruby-lang.org/issues/20801 * Author: mame (Yusuke Endoh) * Status: Feedback * Backport: 3.1: UNKNOWN, 3.2: UNKNOWN, 3.3: UNKNOWN ---------------------------------------- On Windows, non-ascii drive letters are allowed for virtual drives. Some Ruby methods do not seem to handle this well. ``` subst ä: C:\tmp\ ``` ```ruby File.absolute_path?("ä:/") #=> expected: true, actual: false File.write("ä:/foo.txt", "foo") Dir.glob("c:/tmp/*.txt") #=> ["c:/tmp/foo.txt"] Dir.glob("ä:/*.txt") #=> expected: ["ä:/foo.txt"], actual: [] Dir.entries("ä:/") #=> [".", "..", "foo.txt"] ``` It would be nice if someone more familiar with Windows could do a more comprehensive investigation and write a patch. -- https://bugs.ruby-lang.org/

1 0

[ruby-core:119533] [Ruby master Bug#20799] Bug in forwarding to struct methods
by tenderlovemaking (Aaron Patterson) 21 Oct '24

21 Oct '24

Issue #20799 has been reported by tenderlovemaking (Aaron Patterson). ---------------------------------------- Bug #20799: Bug in forwarding to struct methods https://bugs.ruby-lang.org/issues/20799 * Author: tenderlovemaking (Aaron Patterson) * Status: Closed * Assignee: tenderlovemaking (Aaron Patterson) * ruby -v: ruby 3.4.0dev (2024-10-15T18:34:24Z master f45eb3dcb9) +PRISM [arm64-darwin24] * Backport: 3.1: DONTNEED, 3.2: DONTNEED, 3.3: DONTNEED ---------------------------------------- This program crashes: ```ruby Thing = Struct.new(:value) Obj = Thing.new("ok") def delegate(...) Obj.value(...) end def no_args delegate end def splat_args(*args) delegate(*args) end no_args splat_args ``` It's crashing because we're forwarding to a struct method without taking in to account the forwarding IC. I have a patch prepared, but I am filing this ticket to track it. -- https://bugs.ruby-lang.org/

1 0

[ruby-core:119532] [Ruby master Feature#16986] Anonymous Struct literal
by Eregon (Benoit Daloze) 15 Oct '24

15 Oct '24

Issue #16986 has been updated by Eregon (Benoit Daloze). That's pretty slow and inefficient as it creates a new Struct subclass for every Hash it's applied to. The core idea of this proposal is to make it syntax and disallow **h to make sure that doesn't happen. This example could be a decent use case for OpenStruct, but that would need to be fixed perf-wise first, which is hard because of compatibility concerns: https://github.com/ruby/ostruct/issues/51 Wrapping it in your own OpenStruct-like wrapper would likely be the best for now. ---------------------------------------- Feature #16986: Anonymous Struct literal https://bugs.ruby-lang.org/issues/16986#change-110146 * Author: ko1 (Koichi Sasada) * Status: Assigned * Assignee: matz (Yukihiro Matsumoto) ---------------------------------------- # Abstract How about introducing anonymous Struct literal such as `${a: 1, b: 2}`? It is almost the same as `Struct.new(:a, :b).new(1, 2)`. # Proposal ## Background In many cases, people use hash objects to represent a set of values such as `person = {name: "ko1", country: 'Japan'}` and access its values through `person[:name]` and so on. It is not easy to write (three characters `[:]`!), and it easily introduces misspelling (`person[:nama]` doesn't raise an error). If we make a `Struct` object by doing `Person = Struct.new(:name, :age)` and `person = Person.new('ko1', 'Japan')`, we can access its values through `person.name` naturally. However, it costs coding. And in some cases, we don't want to name the class (such as `Person`). Using `OpenStruct` (`person = OpenStruct.new(name: "ko1", country: "Japan")`), we can access it through `person.name`, but we can extend the fields unintentionally, and the performance is not good. Of course, we can define a class `Person` with attr_readers. But it takes several lines. To summarize the needs: * Easy to write * Doesn't require declaring the class * Accessible through `person.name` format * Limited fields * Better performance ## Idea Introduce new literal syntax for an anonymous Struct such as: `${ a: 1, b: 2 }`. Similar to Hash syntax (with labels), but with `$` prefix to distinguish. Anonymous structs which have the same member in the same order share their class. ```ruby s1 = ${a: 1, b: 2, c: 3} s2 = ${a: 1, b: 2, c: 3} assert s1 == s2 s3 = ${a: 1, c: 3, b: 2} s4 = ${d: 4} assert_equal false, s1 == s3 assert_equal false, s1 == s4 ``` ## Note Unlike Hash literal syntax, this proposal only allows `label: expr` notation. No `${**h}` syntax. This is because if we allow to splat a Hash, it can be a vulnerability by splatting outer-input Hash. Thanks to this spec, we can specify anonymous Struct classes at compile time. We don't need to find or create Struct classes at runtime. ## Implementatation https://github.com/ruby/ruby/pull/3259 # Discussion ## Notation Matz said he thought about `{|a: 1, b: 2 |}` syntax. ## Performance Surprisingly, Hash is fast and Struct is slow. ```ruby Benchmark.driver do |r| r.prelude <<~PRELUDE st = Struct.new(:a, :b).new(1, 2) hs = {a: 1, b: 2} class C attr_reader :a, :b def initialize() = (@a = 1; @b = 2) end ob = C.new PRELUDE r.report "ob.a" r.report "hs[:a]" r.report "st.a" end __END__ Warming up -------------------------------------- ob.a 38.100M i/s - 38.142M times in 1.001101s (26.25ns/i, 76clocks/i) hs[:a] 37.845M i/s - 38.037M times in 1.005051s (26.42ns/i, 76clocks/i) st.a 33.348M i/s - 33.612M times in 1.007904s (29.99ns/i, 87clocks/i) Calculating ------------------------------------- ob.a 87.917M i/s - 114.300M times in 1.300085s (11.37ns/i, 33clocks/i) hs[:a] 85.504M i/s - 113.536M times in 1.327850s (11.70ns/i, 33clocks/i) st.a 61.337M i/s - 100.045M times in 1.631064s (16.30ns/i, 47clocks/i) Comparison: ob.a: 87917391.4 i/s hs[:a]: 85503703.6 i/s - 1.03x slower st.a: 61337463.3 i/s - 1.43x slower ``` I believe we can speed up `Struct` similarly to ivar accesses, so we can improve the performance. BTW, OpenStruct (os.a) is slow. ``` Comparison: hs[:a]: 92835317.7 i/s ob.a: 85865849.5 i/s - 1.08x slower st.a: 53480417.5 i/s - 1.74x slower os.a: 12541267.7 i/s - 7.40x slower ``` For memory consumption, `Struct` is more lightweight because we don't need to keep the key names. ## Naming If we name an anonymous class, literals with the same members share the name. ```ruby s1 = ${a:1} s2 = ${a:2} p [s1, s2] #=> [#<struct a=1>, #<struct a=2>] A = s1.class p [s1, s2] #=> [#<struct A a=1>, #<struct A a=2>] ``` Maybe that is not a good behavior. -- https://bugs.ruby-lang.org/

1 0

[ruby-core:119531] [Ruby master Feature#16986] Anonymous Struct literal
by danh337 (Dan H) 15 Oct '24

15 Oct '24

Issue #16986 has been updated by danh337 (Dan H). Adding this here because a new method, something like `as_struct`, feels more Rubyish to me than a new syntax. I've been using this because it lets me define with standard Hash syntactic sugar, then access the object members with method names. ```ruby module AsStruct def as_struct if respond_to?(:keys) && respond_to?(:values) Struct.new(*keys.map(&:to_sym)).new(*values.map(&:as_struct)) elsif respond_to?(:map) map(&:as_struct) else self end end end ::Object.include AsStruct ``` Example usage: ```ruby MyCustomToolConfig = { boot_log: false, check_upd: false, pcc: false, rebooted: false, pacman: { pre_update: { uninstalls: %w[virtualbox-ext-oracle] } }, pikaur: { post_update: { installs: %w[virtualbox-ext-oracle] } }, pkg_cache_clean: { pkg_dirs: %W[#{ENV["HOME"]}/.cache/pikaur/pkg /var/cache/pacman/pkg], keep_installed: 2, keep_uninstalled: 0 } }.as_struct # <-- The new thing ``` ---------------------------------------- Feature #16986: Anonymous Struct literal https://bugs.ruby-lang.org/issues/16986#change-110145 * Author: ko1 (Koichi Sasada) * Status: Assigned * Assignee: matz (Yukihiro Matsumoto) ---------------------------------------- # Abstract How about introducing anonymous Struct literal such as `${a: 1, b: 2}`? It is almost the same as `Struct.new(:a, :b).new(1, 2)`. # Proposal ## Background In many cases, people use hash objects to represent a set of values such as `person = {name: "ko1", country: 'Japan'}` and access its values through `person[:name]` and so on. It is not easy to write (three characters `[:]`!), and it easily introduces misspelling (`person[:nama]` doesn't raise an error). If we make a `Struct` object by doing `Person = Struct.new(:name, :age)` and `person = Person.new('ko1', 'Japan')`, we can access its values through `person.name` naturally. However, it costs coding. And in some cases, we don't want to name the class (such as `Person`). Using `OpenStruct` (`person = OpenStruct.new(name: "ko1", country: "Japan")`), we can access it through `person.name`, but we can extend the fields unintentionally, and the performance is not good. Of course, we can define a class `Person` with attr_readers. But it takes several lines. To summarize the needs: * Easy to write * Doesn't require declaring the class * Accessible through `person.name` format * Limited fields * Better performance ## Idea Introduce new literal syntax for an anonymous Struct such as: `${ a: 1, b: 2 }`. Similar to Hash syntax (with labels), but with `$` prefix to distinguish. Anonymous structs which have the same member in the same order share their class. ```ruby s1 = ${a: 1, b: 2, c: 3} s2 = ${a: 1, b: 2, c: 3} assert s1 == s2 s3 = ${a: 1, c: 3, b: 2} s4 = ${d: 4} assert_equal false, s1 == s3 assert_equal false, s1 == s4 ``` ## Note Unlike Hash literal syntax, this proposal only allows `label: expr` notation. No `${**h}` syntax. This is because if we allow to splat a Hash, it can be a vulnerability by splatting outer-input Hash. Thanks to this spec, we can specify anonymous Struct classes at compile time. We don't need to find or create Struct classes at runtime. ## Implementatation https://github.com/ruby/ruby/pull/3259 # Discussion ## Notation Matz said he thought about `{|a: 1, b: 2 |}` syntax. ## Performance Surprisingly, Hash is fast and Struct is slow. ```ruby Benchmark.driver do |r| r.prelude <<~PRELUDE st = Struct.new(:a, :b).new(1, 2) hs = {a: 1, b: 2} class C attr_reader :a, :b def initialize() = (@a = 1; @b = 2) end ob = C.new PRELUDE r.report "ob.a" r.report "hs[:a]" r.report "st.a" end __END__ Warming up -------------------------------------- ob.a 38.100M i/s - 38.142M times in 1.001101s (26.25ns/i, 76clocks/i) hs[:a] 37.845M i/s - 38.037M times in 1.005051s (26.42ns/i, 76clocks/i) st.a 33.348M i/s - 33.612M times in 1.007904s (29.99ns/i, 87clocks/i) Calculating ------------------------------------- ob.a 87.917M i/s - 114.300M times in 1.300085s (11.37ns/i, 33clocks/i) hs[:a] 85.504M i/s - 113.536M times in 1.327850s (11.70ns/i, 33clocks/i) st.a 61.337M i/s - 100.045M times in 1.631064s (16.30ns/i, 47clocks/i) Comparison: ob.a: 87917391.4 i/s hs[:a]: 85503703.6 i/s - 1.03x slower st.a: 61337463.3 i/s - 1.43x slower ``` I believe we can speed up `Struct` similarly to ivar accesses, so we can improve the performance. BTW, OpenStruct (os.a) is slow. ``` Comparison: hs[:a]: 92835317.7 i/s ob.a: 85865849.5 i/s - 1.08x slower st.a: 53480417.5 i/s - 1.74x slower os.a: 12541267.7 i/s - 7.40x slower ``` For memory consumption, `Struct` is more lightweight because we don't need to keep the key names. ## Naming If we name an anonymous class, literals with the same members share the name. ```ruby s1 = ${a:1} s2 = ${a:2} p [s1, s2] #=> [#<struct a=1>, #<struct a=2>] A = s1.class p [s1, s2] #=> [#<struct A a=1>, #<struct A a=2>] ``` Maybe that is not a good behavior. -- https://bugs.ruby-lang.org/

1 0

[ruby-core:119530] [Ruby master Feature#18242] Parser makes multiple assignment sad in confusing way
by danh337 (Dan H) 15 Oct '24

15 Oct '24

Issue #18242 has been updated by danh337 (Dan H). These `and` & `or` operators are good things. They are much more readable for one-liners in some cases. @matz @nobu I know you are super busy, but is there any way to move this forward? ---------------------------------------- Feature #18242: Parser makes multiple assignment sad in confusing way https://bugs.ruby-lang.org/issues/18242#change-110144 * Author: danh337 (Dan H) * Status: Open ---------------------------------------- Example: ``` ruby a, b = 2, 1 if 1 < 2 # Works a, b = [2, 1] if 1 < 2 # Works (a, b) = 2, 1 if 1 < 2 # Works (a, b) = [2, 1] if 1 < 2 # Works (a, b = [2, 1]) if 1 < 2 # Works a, b = 2, 1 unless 2 < 1 # Works a, b = [2, 1] unless 2 < 1 # Works (a, b) = 2, 1 unless 2 < 1 # Works (a, b) = [2, 1] unless 2 < 1 # Works (a, b = [2, 1]) unless 2 < 1 # Works 1 < 2 and a, b = 2, 1 # SyntaxError 1 < 2 and a, b = [2, 1] # SyntaxError 1 < 2 and (a, b) = 2, 1 # SyntaxError 1 < 2 and (a, b) = [2, 1] # SyntaxError (1 < 2) and a, b = 2, 1 # SyntaxError (1 < 2) and a, b = [2, 1] # SyntaxError (1 < 2) and (a, b) = 2, 1 # SyntaxError (1 < 2) and (a, b) = [2, 1] # SyntaxError 1 < 2 and (a, b = 2, 1) # Works 1 < 2 and (a, b = [2, 1]) # Works 2 < 1 or a, b = 2, 1 # SyntaxError 2 < 1 or a, b = [2, 1] # SyntaxError 2 < 1 or (a, b) = 2, 1 # SyntaxError 2 < 1 or (a, b) = [2, 1] # SyntaxError (2 < 1) or a, b = 2, 1 # SyntaxError (2 < 1) or a, b = [2, 1] # SyntaxError (2 < 1) or (a, b) = 2, 1 # SyntaxError (2 < 1) or (a, b) = [2, 1] # SyntaxError 2 < 1 or (a, b = 2, 1) # Works 2 < 1 or (a, b = [2, 1]) # Works ``` Based on the precedence rules I've been able to find, all of these should work. Believe it or not, there are cases where using `and` or `or` in a stanza of lines is much more readable. Should the parser allow all of these? See attached driver script to reproduce this output. ---Files-------------------------------- driver.rb (1.17 KB) and-or-masgn-18242.diff (963 Bytes) driver.rb (2.1 KB) -- https://bugs.ruby-lang.org/

1 0

[ruby-core:119527] [Ruby master Feature#15554] warn/error passing a block to a method which never use a block
by ko1 (Koichi Sasada) 15 Oct '24

15 Oct '24

Issue #15554 has been updated by ko1 (Koichi Sasada). In this ticket, `Warning[:strict_unused_block]` is accepted by Matz. We should discuss `:strict` category in different tickets. ---------------------------------------- Feature #15554: warn/error passing a block to a method which never use a block https://bugs.ruby-lang.org/issues/15554#change-110142 * Author: ko1 (Koichi Sasada) * Status: Assigned * Assignee: matz (Yukihiro Matsumoto) ---------------------------------------- # Abstract Warn or raise an ArgumentError if block is passed to a method which does not use a block. In other words, detect "block user methods" implicitly and only "block user methods" can accept a block. # Background Sometimes, we pass a block to a method which ignores the passed block accidentally. ``` def my_open(name) open(name) end # user hopes it works as Kernel#open which invokes a block with opened file. my_open(name){|f| important_work_with f } # but simply ignored... ``` To solve this issue, this feature request propose showing warnings or raising an exception on such case. Last developer's meeting, matz proposed `&nil` which declares this method never receive a block. It is explicit, but it is tough to add this `&nil` parameter declaration to all of methods (do you want to add it to `def []=(i, e, &nil)`?). (I agree `&nil` is valuable on some situations) # Spec ## Define "use a block" methods We need to define which method accepts a block and which method does not. * (1) method has a block parameter (`&b`) * (2) method body has `yield' * (3) method body has `super` (ZSUPER in internal terminology) or `super(...)` * (4) method body has singleton method (optional) (1) and (2) is very clear. I need to explain about (3) and (4). (3). `super` (ZSUPER) passes all parameters as arguments. So there is no surprise that which can accept `block`. However `super(...)` also passes a block if no explicit block passing (like `super(){}` or `super(&b)`) are written. I'm not sure we need to continue this strange specification, but to keep compatibility depending this spec, I add this rule. (4). surprisingly, the following code invoke a block: ``` def foo class << Object.new yield end end foo{ p :ok } #=> :ok ``` I'm also not sure we need to keep this spec, but to allow this spec, I added (4) rule. Strictly speaking, it is not required, but we don't keep the link from singleton class ISeq to lexical parent iseq now, so I added it. ## Exceptional cases A method called by `super` doesn`t warn warning even if this method doesn't use a block. The rule (3) can pass blocks easily and there are many methods don`t use a block. So my patch ignores callings by `super`. ## corner cases There are several cases to use block without (1)-(4) rules. ### `Proc.new/proc/lambda` without a block Now it was deprecated in r66772 (commit:9f1fb0a17febc59356d58cef5e98db61a3c03550). Related discussion: [Bug #15539] ### `block_given?` `block_given?` expects block, but I believe we use it with `yield` or a block parameter. If you know the usecase without them, please tell us. ### `yield` in `eval` We can't know `yield` (or (3), (4) rule) in an `eval` evaluating string at calling time. ``` def foo eval('yield`) end foo{} # at calling time, # we can't know the method foo can accept a block or not. ``` So I added a warning to use `yield` in `eval` like that: `test.rb:4: warning: use yield in eval will not be supported in Ruby 3.` Workaround is use a block parameter explicitly. ``` def foo &b eval('b.call') end foo{ p :ok } ``` # Implementation Strategy is: * [compile time] introduce `iseq::has_yield` field and check it if the iseq (or child iseq) contains `yield` (or something) * [calling time] if block is given, check `iseq::has_yield` flag and show warning (or raise an exception) https://gist.github.com/ko1/c9148ad0224bf5befa3cc76ed2220c0b On this patch, now it raises an error to make it easy to detect. It is easy to switch to show the warning. # Evaluation and discussion I tried to avoid ruby's tests. https://gist.github.com/ko1/37483e7940cdc4390bf8eb0001883786 Here is a patch. There are several patterns to avoid warnings. ## tests for `block_given?`, `Proc.new` (and similar) without block Add a dummy block parameter. It is test-specific issue. ## empty `each` Some tests add `each` methods do not `yield`, like: `def each; end`. Maybe test-specific issue, and adding a dummy block parameter. ## Subtyping / duck typing https://github.com/ruby/ruby/blob/c01a5ee85e2d6a7128cccafb143bfa694284ca87/… This `parse` method doesn't use `yield`, but other sub-type's `parse` methods use. ## `super` with `new` method https://gist.github.com/ko1/37483e7940cdc4390bf8eb0001883786#file-tests-pat… This method override `Class#new` method and introduce a hook with block (yield a block in this hook code). https://github.com/ruby/ruby/blob/trunk/lib/rubygems/package/tar_writer.rb#… In this method, call `super` and it also passing a block. However, called `initialize` doesn't use a block. ## Change robustness This change reduce robustness for API change. `Delegator` requires to support `__getobj__` for client classes. Now `__getobj__` should accept block but most of `__getobj__` clients do not call given block. https://github.com/ruby/ruby/blob/trunk/lib/delegate.rb#L80 This is because of delegator.rb's API change. https://gist.github.com/ko1/37483e7940cdc4390bf8eb0001883786#file-tests-pat… Nobu says calling block is not required (ignoring a block is no problem) so it is not a bug for delegator client classes. ## Found issues. ``` [ 2945/20449] Rinda::TestRingServer#test_do_reply = 0.00 s 1) Error: Rinda::TestRingServer#test_do_reply: ArgumentError: passing block to the method "with_timeout" (defined at /home/ko1/src/ruby/trunk/test/rinda/test_rinda.rb:787) is never used. /home/ko1/src/ruby/trunk/test/rinda/test_rinda.rb:635:in `test_do_reply' [ 2946/20449] Rinda::TestRingServer#test_do_reply_local = 0.00 s 2) Error: Rinda::TestRingServer#test_do_reply_local: ArgumentError: passing block to the method "with_timeout" (defined at /home/ko1/src/ruby/trunk/test/rinda/test_rinda.rb:787) is never used. /home/ko1/src/ruby/trunk/test/rinda/test_rinda.rb:657:in `test_do_reply_local' [10024/20449] TestGemRequestSetGemDependencyAPI#test_platform_mswin = 0.01 s 3) Error: TestGemRequestSetGemDependencyAPI#test_platform_mswin: ArgumentError: passing block to the method "util_set_arch" (defined at /home/ko1/src/ruby/trunk/lib/rubygems/test_case.rb:1053) is never used. /home/ko1/src/ruby/trunk/test/rubygems/test_gem_request_set_gem_dependency_api.rb:655:in `test_platform_mswin' [10025/20449] TestGemRequestSetGemDependencyAPI#test_platforms = 0.01 s 4) Error: TestGemRequestSetGemDependencyAPI#test_platforms: ArgumentError: passing block to the method "util_set_arch" (defined at /home/ko1/src/ruby/trunk/lib/rubygems/test_case.rb:1053) is never used. /home/ko1/src/ruby/trunk/test/rubygems/test_gem_request_set_gem_dependency_api.rb:711:in `test_platforms' ``` These 4 detection show the problem. `with_timeout` method (used in Rinda test) and `util_set_arch` method (used in Rubygems test) simply ignore the given block. So these tests are simply ignored. I reported them. (https://github.com/rubygems/rubygems/issues/2601) ## raise an error or show a warning? At least, Ruby 2.7 should show warning for this kind of violation with `-w`. How about for Ruby3? -- https://bugs.ruby-lang.org/

1 0

[ruby-core:119528] Swift Copy $76,034,00
by HSBC BANK 15 Oct '24

15 Oct '24

1 0