Closed sophiewigmore closed 1 year ago
also requesting @robdimsdale
@ryanmoran, @sophiewigmore
That's pretty late notice about removing ruby from the newest stack. The buildpack we use is mainly written in Ruby and it's not really popular one like java buildpack. https://github.com/cloudfoundry/ibm-websphere-liberty-buildpack
If there's no further development of this BP we would get into the trouble.
Is it final decision about this?
Hey @krismarc, apologies for the late notice. The decision to remove ruby and python is final, we're in the process of shipping the stacks without it.
In the buildpack, you could open a PR to install ruby
before buildpack logic runs, which is the approach we went with for the Java buildpack, check out https://github.com/cloudfoundry/java-buildpack/pull/1000 (we also did something similar for python
in the PHP buildpack). I think this would be a reasonable path forward given its the path we've chosen for the other buildpacks in the project
This PR is based off of the
remove-python
branch, so those changes also appear here. Let's merge #2 in before this PR.Remove Ruby from the stack to reduce the CVE surface area of the image. Work has been done in the Java Buildpack to remove reliance on a stack-provided Ruby installation.
Packages removed:
ruby
Packages added:
Packages in the final receipt that were removed as a result of these changes:
libruby3.0:amd64
rake
ruby
ruby-net-telnet
ruby-rubygems
ruby-webrick
ruby-xmlrpc
ruby3.0
rubygems-integration