sophiewigmore
commented
1 year ago also requesting @robdimsdale
Closed sophiewigmore closed 1 year ago
sophiewigmore
commented
1 year ago also requesting @robdimsdale
krismarc
commented
1 year ago @ryanmoran, @sophiewigmore
That's pretty late notice about removing ruby from the newest stack. The buildpack we use is mainly written in Ruby and it's not really popular one like java buildpack. https://github.com/cloudfoundry/ibm-websphere-liberty-buildpack
If there's no further development of this BP we would get into the trouble.
Is it final decision about this?
sophiewigmore
commented
1 year ago Hey @krismarc, apologies for the late notice. The decision to remove ruby and python is final, we're in the process of shipping the stacks without it.
In the buildpack, you could open a PR to install ruby before buildpack logic runs, which is the approach we went with for the Java buildpack, check out https://github.com/cloudfoundry/java-buildpack/pull/1000 (we also did something similar for python in the PHP buildpack). I think this would be a reasonable path forward given its the path we've chosen for the other buildpacks in the project
This PR is based off of the
remove-pythonbranch, so those changes also appear here. Let's merge #2 in before this PR.Remove Ruby from the stack to reduce the CVE surface area of the image. Work has been done in the Java Buildpack to remove reliance on a stack-provided Ruby installation.
Packages removed:
rubyPackages added:
Packages in the final receipt that were removed as a result of these changes:
libruby3.0:amd64rakerubyruby-net-telnetruby-rubygemsruby-webrickruby-xmlrpcruby3.0rubygems-integration