diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a678cb132a..4c18fa2eb0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,11 +21,11 @@ jobs: - name: Dump environment run: env | sort - name: Checkout ruby/www.ruby-lang.org - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 1 - name: Setup Ruby - uses: ruby/setup-ruby@8575951200e472d5f2d95c625da0c7bec8217c42 # v1.161.0 + uses: ruby/setup-ruby@a6e6f86333f0a2523ece813039b8b4be04560854 # v1.190.0 with: ruby-version: ${{ matrix.ruby }} bundler-cache: true diff --git a/.github/workflows/draft-release.yml b/.github/workflows/draft-release.yml new file mode 100644 index 0000000000..5557325a66 --- /dev/null +++ b/.github/workflows/draft-release.yml @@ -0,0 +1,59 @@ +name: Create draft release + +on: + repository_dispatch: + types: + - release + workflow_dispatch: + inputs: + version: + description: 'Version of the Ruby package to release' + required: true + default: '3.3.4' + +jobs: + release: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - uses: actions/checkout@v4 + with: + repository: ruby/ruby + path: ruby + + - uses: ruby/setup-ruby@v1 + with: + ruby-version: 3.3.4 + + - name: Generate draft release entry + run: | + ruby lib/draft-release.rb ${{ github.event.client_payload.version || github.event.inputs.version }} + + - name: Update data files + run: | + tool/format-release .. ${{ github.event.client_payload.version || github.event.inputs.version }} . + working-directory: ruby + + - name: Cleanup ruby directory + run: | + rm -rf ruby + + - name: Create Commit + run: | + git config user.name "GitHub Actions Bot" + git config user.email "github-actions[bot]@users.noreply.github.com" + git add . + git commit -m "Create release for ${{ github.event.client_payload.version || github.event.inputs.version }}" + env: + GITHUB_TOKEN: ${{ secrets.MATZBOT_GITHUB_WORKFLOW_TOKEN }} + + - name: Create Pull Request + uses: peter-evans/create-pull-request@v7 + with: + token: ${{ secrets.MATZBOT_GITHUB_WORKFLOW_TOKEN }} + branch: releases/${{ github.event.client_payload.version || github.event.inputs.version }} + delete-branch: true + title: "Create release for ${{ github.event.client_payload.version || github.event.inputs.version }}" + body: "This is an automated pull request to create a release" + draft: true diff --git a/.github/workflows/jekyll.yml b/.github/workflows/jekyll.yml index 63ac135287..60593add43 100644 --- a/.github/workflows/jekyll.yml +++ b/.github/workflows/jekyll.yml @@ -20,21 +20,21 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Setup Ruby - uses: ruby/setup-ruby@8575951200e472d5f2d95c625da0c7bec8217c42 # v1.161.0 + uses: ruby/setup-ruby@a6e6f86333f0a2523ece813039b8b4be04560854 # v1.190.0 with: ruby-version: '3.2' bundler-cache: true - name: Setup Pages id: pages - uses: actions/configure-pages@1f0c5cde4bc74cd7e1254d0cb4de8d49e9068c7d # v4.0.0 + uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0 - name: Build with Jekyll run: bundle exec jekyll build --baseurl "${{ steps.pages.outputs.base_path }}" env: JEKYLL_ENV: production - name: Upload artifact - uses: actions/upload-pages-artifact@a753861a5debcf57bf8b404356158c8e1e33150c # v2.0.0 + uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1 deploy: environment: @@ -45,4 +45,4 @@ jobs: steps: - name: Deploy to GitHub Pages id: deployment - uses: actions/deploy-pages@13b55b33dd8996121833dbc1db458c793a334630 # v3.0.1 + uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5 diff --git a/Gemfile b/Gemfile index bfed5db29b..f7b84d1345 100644 --- a/Gemfile +++ b/Gemfile @@ -4,8 +4,13 @@ gem "rake" gem "jekyll" gem "rouge" -group :development do - gem "minitest" - gem "html-proofer" - gem "validate-website", "~> 1.6" -end +# We didn't use development group for them +# Because lockfile is generated without `BUNDLE_WITHOUT` env variable +# so, some environment couldn't install them +gem "minitest" +gem "html-proofer" +gem "validate-website", "~> 1.6" + +# Jekyll need them for Ruby 3.4+ +gem "csv" +gem "base64" diff --git a/Gemfile.lock b/Gemfile.lock index bfadc88918..10d89d516a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,36 +1,68 @@ GEM remote: https://rubygems.org/ specs: - Ascii85 (1.1.0) - addressable (2.8.4) - public_suffix (>= 2.0.2, < 6.0) + Ascii85 (2.0.1) + addressable (2.8.7) + public_suffix (>= 2.0.2, < 7.0) afm (0.2.2) - async (2.6.2) - console (~> 1.10) + async (2.23.1) + console (~> 1.29) fiber-annotation - io-event (~> 1.1) - timers (~> 4.1) + io-event (~> 1.9) + metrics (~> 0.12) + traces (~> 0.15) + base64 (0.2.0) + bigdecimal (3.1.9) colorator (1.1.0) - concurrent-ruby (1.2.2) - console (1.17.2) + concurrent-ruby (1.3.5) + console (1.30.2) fiber-annotation - fiber-local + fiber-local (~> 1.1) + json crass (1.0.6) + csv (3.3.3) em-websocket (0.5.3) eventmachine (>= 0.12.9) http_parser.rb (~> 0) ethon (0.16.0) ffi (>= 1.15.0) eventmachine (1.2.7) - ffi (1.15.5) + ffi (1.17.1) + ffi (1.17.1-aarch64-linux-gnu) + ffi (1.17.1-aarch64-linux-musl) + ffi (1.17.1-arm-linux-gnu) + ffi (1.17.1-arm-linux-musl) + ffi (1.17.1-arm64-darwin) + ffi (1.17.1-x86-linux-gnu) + ffi (1.17.1-x86-linux-musl) + ffi (1.17.1-x86_64-darwin) + ffi (1.17.1-x86_64-linux-gnu) + ffi (1.17.1-x86_64-linux-musl) fiber-annotation (0.2.0) - fiber-local (1.0.0) + fiber-local (1.1.0) + fiber-storage + fiber-storage (1.0.0) forwardable-extended (2.6.0) - google-protobuf (3.23.3) - google-protobuf (3.23.3-arm64-darwin) - google-protobuf (3.23.3-x86_64-linux) + google-protobuf (4.30.2) + bigdecimal + rake (>= 13) + google-protobuf (4.30.2-aarch64-linux) + bigdecimal + rake (>= 13) + google-protobuf (4.30.2-arm64-darwin) + bigdecimal + rake (>= 13) + google-protobuf (4.30.2-x86-linux) + bigdecimal + rake (>= 13) + google-protobuf (4.30.2-x86_64-darwin) + bigdecimal + rake (>= 13) + google-protobuf (4.30.2-x86_64-linux) + bigdecimal + rake (>= 13) hashery (2.1.2) - html-proofer (5.0.7) + html-proofer (5.0.10) addressable (~> 2.3) async (~> 2.1) nokogiri (~> 1.13) @@ -40,87 +72,129 @@ GEM yell (~> 2.0) zeitwerk (~> 2.5) http_parser.rb (0.8.0) - i18n (1.14.1) + i18n (1.14.7) concurrent-ruby (~> 1.0) - io-event (1.2.2) - jekyll (4.3.2) + io-event (1.10.0) + jekyll (4.4.1) addressable (~> 2.4) + base64 (~> 0.2) colorator (~> 1.0) + csv (~> 3.0) em-websocket (~> 0.5) i18n (~> 1.0) jekyll-sass-converter (>= 2.0, < 4.0) jekyll-watch (~> 2.0) + json (~> 2.6) kramdown (~> 2.3, >= 2.3.1) kramdown-parser-gfm (~> 1.0) liquid (~> 4.0) - mercenary (>= 0.3.6, < 0.5) + mercenary (~> 0.3, >= 0.3.6) pathutil (~> 0.9) rouge (>= 3.0, < 5.0) safe_yaml (~> 1.0) terminal-table (>= 1.8, < 4.0) webrick (~> 1.7) - jekyll-sass-converter (3.0.0) - sass-embedded (~> 1.54) + jekyll-sass-converter (3.1.0) + sass-embedded (~> 1.75) jekyll-watch (2.2.1) listen (~> 3.0) - json (2.6.3) - kramdown (2.4.0) - rexml + json (2.10.2) + kramdown (2.5.1) + rexml (>= 3.3.9) kramdown-parser-gfm (1.1.0) kramdown (~> 2.0) liquid (4.0.4) - listen (3.8.0) + listen (3.9.0) rb-fsevent (~> 0.10, >= 0.10.3) rb-inotify (~> 0.9, >= 0.9.10) mercenary (0.4.0) - mini_portile2 (2.8.2) - minitest (5.18.1) - nokogiri (1.15.2) + metrics (0.12.2) + mini_portile2 (2.8.8) + minitest (5.25.5) + nokogiri (1.18.7) mini_portile2 (~> 2.8.2) racc (~> 1.4) - nokogiri (1.15.2-arm64-darwin) + nokogiri (1.18.7-aarch64-linux-gnu) racc (~> 1.4) - nokogiri (1.15.2-x86_64-linux) + nokogiri (1.18.7-aarch64-linux-musl) + racc (~> 1.4) + nokogiri (1.18.7-arm-linux-gnu) + racc (~> 1.4) + nokogiri (1.18.7-arm-linux-musl) + racc (~> 1.4) + nokogiri (1.18.7-arm64-darwin) + racc (~> 1.4) + nokogiri (1.18.7-x86_64-darwin) + racc (~> 1.4) + nokogiri (1.18.7-x86_64-linux-gnu) + racc (~> 1.4) + nokogiri (1.18.7-x86_64-linux-musl) racc (~> 1.4) paint (2.3.0) pathutil (0.16.2) forwardable-extended (~> 2.6) - pdf-reader (2.11.0) - Ascii85 (~> 1.0) + pdf-reader (2.14.1) + Ascii85 (>= 1.0, < 3.0, != 2.0.0) afm (~> 0.2.1) hashery (~> 2.0) ruby-rc4 ttfunk - public_suffix (5.0.1) - racc (1.7.1) + public_suffix (6.0.1) + racc (1.8.1) rainbow (3.1.1) - rake (13.0.6) + rake (13.2.1) rb-fsevent (0.11.2) - rb-inotify (0.10.1) + rb-inotify (0.11.1) ffi (~> 1.0) - rexml (3.2.5) - rouge (4.1.2) + rexml (3.4.1) + rouge (4.5.1) ruby-rc4 (0.1.5) safe_yaml (1.0.5) - sass-embedded (1.63.6) - google-protobuf (~> 3.23) - rake (>= 13.0.0) - sass-embedded (1.63.6-arm64-darwin) - google-protobuf (~> 3.23) - sass-embedded (1.63.6-x86_64-linux-gnu) - google-protobuf (~> 3.23) + sass-embedded (1.86.1) + google-protobuf (~> 4.30) + rake (>= 13) + sass-embedded (1.86.1-aarch64-linux-android) + google-protobuf (~> 4.30) + sass-embedded (1.86.1-aarch64-linux-gnu) + google-protobuf (~> 4.30) + sass-embedded (1.86.1-aarch64-linux-musl) + google-protobuf (~> 4.30) + sass-embedded (1.86.1-arm-linux-androideabi) + google-protobuf (~> 4.30) + sass-embedded (1.86.1-arm-linux-gnueabihf) + google-protobuf (~> 4.30) + sass-embedded (1.86.1-arm-linux-musleabihf) + google-protobuf (~> 4.30) + sass-embedded (1.86.1-arm64-darwin) + google-protobuf (~> 4.30) + sass-embedded (1.86.1-riscv64-linux-android) + google-protobuf (~> 4.30) + sass-embedded (1.86.1-riscv64-linux-gnu) + google-protobuf (~> 4.30) + sass-embedded (1.86.1-riscv64-linux-musl) + google-protobuf (~> 4.30) + sass-embedded (1.86.1-x86_64-darwin) + google-protobuf (~> 4.30) + sass-embedded (1.86.1-x86_64-linux-android) + google-protobuf (~> 4.30) + sass-embedded (1.86.1-x86_64-linux-gnu) + google-protobuf (~> 4.30) + sass-embedded (1.86.1-x86_64-linux-musl) + google-protobuf (~> 4.30) slop (4.10.1) - spidr (0.7.0) + spidr (0.7.2) + base64 (~> 0.1) nokogiri (~> 1.3) terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) tidy_ffi (1.0.1) ffi (~> 1.2) - timers (4.3.5) - ttfunk (1.7.0) - typhoeus (1.4.0) + traces (0.15.2) + ttfunk (1.8.0) + bigdecimal (~> 3.1) + typhoeus (1.4.1) ethon (>= 0.9.0) - unicode-display_width (2.4.2) + unicode-display_width (2.6.0) validate-website (1.12.0) crass (~> 1) nokogiri (~> 1.12) @@ -134,16 +208,41 @@ GEM json (>= 1.8) nokogiri (~> 1.6) rexml (~> 3.2) - webrick (1.8.1) + webrick (1.9.1) yell (2.2.2) - zeitwerk (2.6.8) + zeitwerk (2.7.2) PLATFORMS - arm64-darwin-22 + aarch64-linux + aarch64-linux-android + aarch64-linux-gnu + aarch64-linux-musl + arm-linux + arm-linux-androideabi + arm-linux-gnu + arm-linux-gnueabihf + arm-linux-musl + arm-linux-musleabihf + arm64-darwin + riscv64-linux-android + riscv64-linux-gnu + riscv64-linux-musl ruby + x86-cygwin + x86-linux + x86-linux-android + x86-linux-gnu + x86-linux-musl + x86_64-cygwin + x86_64-darwin x86_64-linux + x86_64-linux-android + x86_64-linux-gnu + x86_64-linux-musl DEPENDENCIES + base64 + csv html-proofer jekyll minitest @@ -152,4 +251,4 @@ DEPENDENCIES validate-website (~> 1.6) BUNDLED WITH - 2.4.14 + 2.6.6 diff --git a/README.md b/README.md index f3596635db..c5ea65e6f1 100644 --- a/README.md +++ b/README.md @@ -66,7 +66,7 @@ Then start a local web server with bundle exec rake serve ``` -Open [http://localhost:9292/](http://localhost:9292/) +Open [http://localhost:4000/](http://localhost:4000/) in your browser to access the preview. **Note:** The build of the site will take several minutes. diff --git a/_data/branches.yml b/_data/branches.yml index 54cfc1f133..57cf7f9159 100644 --- a/_data/branches.yml +++ b/_data/branches.yml @@ -8,31 +8,41 @@ # date: date of first stable release (YYYY-MM-DD) # eol_date: date of EOL (YYYY-MM-DD) -- name: 3.3 +- name: 3.5 status: preview date: eol_date: -- name: 3.2 +- name: 3.4 status: normal maintenance - date: 2022-12-25 + date: 2024-12-25 + eol_date: + +- name: 3.3 + status: normal maintenance + date: 2023-12-25 security_maintenance_date: eol_date: + expected_eol_date: 2027-03-31 + +- name: 3.2 + status: security maintenance + date: 2022-12-25 + security_maintenance_date: 2025-04-01 + eol_date: expected_eol_date: 2026-03-31 - name: 3.1 - status: normal maintenance + status: eol date: 2021-12-25 - security_maintenance_date: - eol_date: - expected_eol_date: 2025-03-31 + security_maintenance_date: 2024-04-01 + eol_date: 2025-03-26 - name: 3.0 - status: security maintenance + status: eol date: 2020-12-25 security_maintenance_date: 2023-04-01 - eol_date: - expected_eol_date: 2024-03-31 + eol_date: 2024-04-23 - name: 2.7 status: eol diff --git a/_data/downloads.yml b/_data/downloads.yml index 39c843acd5..866046866c 100644 --- a/_data/downloads.yml +++ b/_data/downloads.yml @@ -4,25 +4,39 @@ # optional preview: - - 3.3.0-rc1 + - 3.5.0-preview1 stable: - - 3.2.2 - - 3.1.4 + - 3.4.3 + - 3.3.8 + - 3.2.8 # optional security_maintenance: - - 3.0.6 # optional eol: - - 2.7.8 + - 3.1.7 stable_snapshots: + - branch: ruby_3_4 + url: + gz: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-ruby_3_4.tar.gz + xz: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-ruby_3_4.tar.xz + zip: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-ruby_3_4.zip + version: '3.4' + + - branch: ruby_3_3 + url: + gz: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-ruby_3_3.tar.gz + xz: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-ruby_3_3.tar.xz + zip: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-ruby_3_3.zip + version: '3.3' + - branch: ruby_3_2 url: gz: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-ruby_3_2.tar.gz @@ -30,24 +44,10 @@ stable_snapshots: zip: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-ruby_3_2.zip version: '3.2' - - branch: ruby_3_1 - url: - gz: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-ruby_3_1.tar.gz - xz: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-ruby_3_1.tar.xz - zip: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-ruby_3_1.zip - version: '3.1' - - - branch: ruby_3_0 - url: - gz: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-ruby_3_0.tar.gz - xz: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-ruby_3_0.tar.xz - zip: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-ruby_3_0.zip - version: '3.0' - nightly_snapshot: url: gz: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-master.tar.gz xz: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-master.tar.xz zip: https://cache.ruby-lang.org/pub/ruby/snapshot/snapshot-master.zip - version: '3.3' + version: '3.5' diff --git a/_data/locales/bg.yml b/_data/locales/bg.yml index 0020ebd753..431df55eca 100644 --- a/_data/locales/bg.yml +++ b/_data/locales/bg.yml @@ -3,7 +3,7 @@ ruby: Ruby slogan: най-добрият приятел на програмиста sitelinks: -- text: Home +- text: Начало url: /bg home: true - text: За сваляне diff --git a/_data/locales/en.yml b/_data/locales/en.yml index 60dcafc273..f078c09800 100644 --- a/_data/locales/en.yml +++ b/_data/locales/en.yml @@ -65,7 +65,7 @@ sidebar: url: /en/community/user-groups/ description: Get in contact with Rubyists in your area. weblogs: - text: Blogs + text: Blogs and Newsletters url: /en/community/weblogs/ description: Read about what’s happening right now in the Ruby community. ruby_core: diff --git a/_data/locales/es.yml b/_data/locales/es.yml index 2751234494..3459a8b840 100644 --- a/_data/locales/es.yml +++ b/_data/locales/es.yml @@ -23,10 +23,11 @@ sitelinks: search: text: Buscar + cx_id: '013598269713424429640:g5orptiw95w' sidebar: get_started: - text: Iníciate, ¡es fácil! + text: Comienza, ¡es fácil! try_ruby: text: ¡Prueba Ruby! (en tu navegador) url: https://try.ruby-lang.org/ diff --git a/_data/locales/ja.yml b/_data/locales/ja.yml index 351e725332..2b8667468c 100644 --- a/_data/locales/ja.yml +++ b/_data/locales/ja.yml @@ -3,7 +3,7 @@ ruby: Ruby slogan: A Programmer's Best Friend sitelinks: -- text: Home +- text: ホーム url: /ja home: true - text: ダウンロード diff --git a/_data/locales/ko.yml b/_data/locales/ko.yml index 9c88845b75..a8fc93c5ca 100644 --- a/_data/locales/ko.yml +++ b/_data/locales/ko.yml @@ -63,7 +63,7 @@ sidebar: url: /ko/community/user-groups/ description: 근처의 루비스트와 연락하기 weblogs: - text: 웹로그 + text: 블로그와 뉴스레터 url: /ko/community/weblogs/ description: Ruby 커뮤니티에서 지금 무슨 일이 일어나는지 읽기 ruby_core: diff --git a/_data/locales/zh_tw.yml b/_data/locales/zh_tw.yml index 719a3e016e..320817ece8 100644 --- a/_data/locales/zh_tw.yml +++ b/_data/locales/zh_tw.yml @@ -63,7 +63,7 @@ sidebar: url: /zh_tw/community/user-groups/ description: 與身旁的 Ruby 使用者接觸 weblogs: - text: 部落格 + text: 部落格與電子報 url: /zh_tw/community/weblogs/ description: 了解 Ruby 社群中的最新消息 ruby_core: diff --git a/_data/releases.yml b/_data/releases.yml index 3b8a987f13..b111482216 100644 --- a/_data/releases.yml +++ b/_data/releases.yml @@ -19,8 +19,451 @@ # In order to get the release listed on the downloads page, # you also need to add an entry to `_data/downloads.yml'. +# 3.5 series + +- version: 3.5.0-preview1 + date: 2025-04-18 + post: /en/news/2025/04/18/ruby-3-5-0-preview1-released/ + tag: v3_5_0_preview1 + stats: + files_changed: 2065 + insertions: 36581 + deletions: 203037 + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.5/ruby-3.5.0-preview1.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.5/ruby-3.5.0-preview1.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.5/ruby-3.5.0-preview1.tar.xz + size: + gz: 23146162 + zip: 28548713 + xz: 17443928 + sha1: + gz: ee0fcfe1342116f05060279ff0c9eb1e215db0b9 + zip: bd0c32bc84ac1ce9edbc9c0a50e8c72e56b1229d + xz: 8a78a9189afa20cde42207a466bcf7d421ee144b + sha256: + gz: ecf09c7eb902e91cdaf9cc553cd00cca9b848b3fc0e14297850f9ab08cdd46f0 + zip: 3e1d9df578c69976a01a69b961819d00c4e8942f8b5fe4fb8e135fca4f7e7e5e + xz: c6cc1e9f23fe4719b024b8305345ca0cff4e1bc159f3ebff86cb5b87969863aa + sha512: + gz: d718973648705636eff5933a0919132fd1f6b9afea432e09cce1265c6e0125e11cc94dbff84cba1caefc03190c48d8af4a27337d2af031f3f1660ca3a3531211 + zip: 47057e1615b2b59d5bbd0d6629e1320ed74f3d70748f1db4e8b88d6c8a3ecd255eacc7dac0cccd01923fae4b4dff9e6b9457a9858c81dab81c1ab9ee514b15fa + xz: 835bd0b65d546722c83b0ab454256357b48898a0de9aa8e38966f53d2370a6e99552eeaff76a0b680aefbbe7491e701e5e7357797e50f063c53e79d9561c1dac + +# 3.4 series + +- version: 3.4.3 + date: 2025-04-14 + post: /en/news/2025/04/14/ruby-3-4-3-released/ + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.3.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.3.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.3.tar.xz + size: + gz: 23194448 + zip: 28356998 + xz: 17230984 + sha1: + gz: c269cd122ab9d4620a1e0e6a8f4de378deec3799 + zip: 87cb747a766660cf487a2e9dbbc7a18a8f6b65d9 + xz: d0d86fdfe6bcf9f2eb3b450f3209f655ceda86da + sha256: + gz: 55a4cd1dcbe5ca27cf65e89a935a482c2bb2284832939266551c0ec68b437f46 + zip: 06b8bf2ddf2642327c992d30f5d414ffa5a5df0c4c706d7b2507b42509fb5055 + xz: 174dcd8c516694f833fd3c93ea227fa6c3321464577a3882a6fc7e4fe20237fd + sha512: + gz: 7019889939713c3e649003fed4d973dced36239fc354cfdee2d01dbdeb7e8512881a31b00efc3d5017f08cd492aed7914d15927bc8d076c0cae7534273e471e9 + zip: b25289c899318ce5071b075fc1b75f602e0a543faeefa44df7e8064933500f9c357685fe21d09abc4034d481c22c89491c841f596d07e1cd269d800e6266cc24 + xz: b30aad675cdcc1bdfe9e5fffe9d1925db3b3ac854a5e34180c368bc6e66f73e29ba5d802fea249353b7d799c01384c58bdd763fd1b679303158baa7824b9c08e + +- version: 3.4.2 + date: 2025-02-14 + post: /en/news/2025/02/14/ruby-3-4-2-released/ + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.2.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.2.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.2.tar.xz + size: + gz: 23174066 + zip: 28336243 + xz: 17218200 + sha1: + gz: 1537911b4a47940f11c309898e04187344a43167 + zip: 5a790b8a5aa662df6512f865bb042e93b8520864 + xz: b169f9e0d35cf85085c5f23d774485ba6c00ebac + sha256: + gz: 41328ac21f2bfdd7de6b3565ef4f0dd7543354d37e96f157a1552a6bd0eb364b + zip: e14b850e831bf046cf78d66f14207782da13e76777610596666a74fd6c786021 + xz: ebf1c2eb58f5da17c23e965d658dd7e6202c5c50f5179154c5574452bef4b3e0 + sha512: + gz: edc3aede0aadcaa62343f38ea6cab7adacedba810d883f1d9c3e6e24e28e24e0e27a7df2c8e517cc2aab940168fc4872ab8cad000598aab5940aa79072ac190b + zip: ac897cdc013b71ac3f76d1f70e9b79155a08197e458ddb7bfb638d1168d166b08fbc022aae95953bdade19ccd68989d666b76b6d681ee3480bb5936fb475959d + xz: cb8b5023bce316393716548c5f0a44c7d0240724ff79b995517641266af30bedc6f402c1c8fa27368ea607e2aa6d36bbb201e00c6e9dd2a80d837431d32343b5 + +- version: 3.4.1 + date: 2024-12-25 + post: /en/news/2024/12/25/ruby-3-4-1-released/ + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.1.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.1.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.1.tar.xz + size: + gz: 23152739 + zip: 28310267 + xz: 17222800 + sha1: + gz: dc42fe22bcdfbd30f63cd93296d893c53b1dadcc + zip: a7145041a0178f2423dbad5d1dd67ba0862b9ee7 + xz: 61783f85c57da9f05201e491029889d71742a83f + sha256: + gz: 3d385e5d22d368b064c817a13ed8e3cc3f71a7705d7ed1bae78013c33aa7c87f + zip: a0c62089fb75c47e392bc96778dd76bd7ad1baa40a7ed040372c805de20bccc8 + xz: 018d59ffb52be3c0a6d847e22d3fd7a2c52d0ddfee249d3517a0c8c6dbfa70af + sha512: + gz: 93acc262e3b7cf86aeddebdad5b8938c187b9c44a73b0c252b6f873745964001459ae45ece7376745916e317c24895596a42b4544e836670fc6e90058e6f0de4 + zip: 4f96c56b0a26c0d4d554cf47764f4acdc2e59545da0b85fe4d5235a17d26ac47f0c609af66099173056e3405849a9f847c32e7aaaa3a057c7d46007968aa4c73 + xz: 8d2e34117696f9debf463ae1eed288fdbb5c1a12e32800e901b69218e3b7302a0066052077e2ebca851e3a635296199bd5a10437eea1d6f787f69a77bb865680 + +- version: 3.4.0 + date: 2024-12-25 + post: /en/news/2024/12/25/ruby-3-4-0-released/ + tag: v3_4_0 + stats: + files_changed: 4942 + insertions: 202244 + deletions: 255528 + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.0.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.0.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.0.tar.xz + size: + gz: 23153022 + zip: 28310193 + xz: 17215572 + sha1: + gz: 8ccb561848a7c460ae08e1a120a47c4a88a79335 + zip: 26254ca5d3decc28a4e5faec255995265e5270b5 + xz: eb25447cc404e8d2e177c62550d0224ebd410e68 + sha256: + gz: 068c8523442174bd3400e786f4a6952352c82b1b9f6210fd17fb4823086d3379 + zip: c120228038af04554f6363e716b0a32cbf53cf63c6adf9f2c22a24f43dc8b555 + xz: 0081930db22121eb997207f56c0e22720d4f5d21264b5907693f516c32f233ca + sha512: + gz: bc70ecba27d1cdea00879f03487cad137a7d9ab2ad376cfb7a65780ad14da637fa3944eeeede2c04ab31eeafb970c64ccfeeb854c99c1093937ecc1165731562 + zip: 4d535ed10db76a6aa74f8a025df319deb28483a7a781c24045906ee7663f1cff9d9f9e71dbc993c9e050113a34b37c7fa2143c355a0a6e1e1029bf2c92213ecc + xz: 776a2cf3e9ccc77c27500240f168aa3e996b0c7c1ee1ef5a7afc291a06c118444016fde38b5b139c0b800496b8eb1b5456562d833f0edc0658917164763b1af7 + +- version: 3.4.0-rc1 + date: 2024-12-12 + post: /en/news/2024/12/12/ruby-3-4-0-rc1-released/ + tag: v3_4_0_rc1 + stats: + files_changed: 4820 + insertions: 196907 + deletions: 253488 + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.0-rc1.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.0-rc1.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.0-rc1.tar.xz + size: + gz: 23055998 + zip: 28323595 + xz: 17116016 + sha1: + gz: 216e3085ab8b886b9f74943ee5b62bd2e3d86671 + zip: 4ae8ce4b15ccc3f0c6f42e408c44aa287a1ccc14 + xz: 1424671cdc9c4bfe3778ac159d917c8bfe6107bd + sha256: + gz: 1f3187d3366e90af6d760994f8bfe1fe8999a8ba3553ea4dcfae63e548236e2a + zip: 653162a2db627e8e5feee22a00b20acf215509d88b06ffb281bc8788ed12c74c + xz: 9c54225747f7a786727aa6213503083d5d8ff7097505d4b7456ff60880ee4a17 + sha512: + gz: 0b0420a39c0bf3b38600d4e28805a581c4b5a6cf2abe41be8c8164276a8044a19e676de74eea5dd5b4d7d667d821a6144119795fea510fd4ba6e34865a2ae172 + zip: c6c6b9a0e61308e3f3303cd148613feabb2ee12d8e2fefc1f4aa1403237310f7c9be5e2031248ea89ff01cdc0bca1a66ff60f9f1f19ed9c9fccef3d7a3bbebb8 + xz: 5b92a2b5829ab23735617945839e45df984b319b8932e790a8e0c6f681b9bd74249511a76345516cc216c002ed7887bdd27151501491d5ecedc20acd3fb57cc5 + +- version: 3.4.0-preview2 + date: 2024-10-07 + post: /en/news/2024/10/07/ruby-3-4-0-preview2-released/ + tag: v3_4_0_preview2 + stats: + files_changed: 4422 + insertions: 163889 + deletions: 243380 + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.0-preview2.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.0-preview2.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.0-preview2.tar.xz + size: + gz: 22722332 + zip: 28101194 + xz: 16878876 + sha1: + gz: c23265acf6c07b4c1df1e41eebf8b4cf2f25b97b + zip: 479bd223bca3225fb3a15984e3eae4efb9a40189 + xz: dbff404b969012702dc500cac72f4d6b3822068e + sha256: + gz: 443cd7ec54ade4786bc974ce9f5d49f172a60f8edc84b597b7fe2bd2a94b8371 + zip: e00a6fbf6f9e25a725711a8aac7e38be6bed61de4db9862a405172b96bf38b5b + xz: 626bf4fe952323c15ec9a8999f470ec136ef91c0fc34c484646aaaa9a0b62ca7 + sha512: + gz: 0946d256587597bdf13437a50f7a3298c151133edea161a1c4806a04dcbd8c2e8a7fd617f3eda16c5c05f6e6346317562cc30ba67698f1fdd92237c03bdbd23e + zip: 0d9ee1c41920e4d594b0f2c40d02339b4e9a2cd5232f5ee914cab5a685cb4a2279fbbfd8fbad40ef0a53866db4e1de96068c62580ede6d8fab02550393bcbe81 + xz: f23257896a35d3a581cbf5e8c94fe28e45725e39608a7669f47f31085338b1b4929a4db40d826d8fee628afb97b0c25b2f9e7bda4cd42e80c1208c46caf54265 + +- version: 3.4.0-preview1 + date: 2024-05-16 + post: /en/news/2024/05/16/ruby-3-4-0-preview1-released/ + tag: v3_4_0_preview1 + stats: + files_changed: 3283 + insertions: 107449 + deletions: 115380 + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.0-preview1.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.0-preview1.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.0-preview1.tar.xz + size: + gz: 22507726 + zip: 27731060 + xz: 16709536 + sha1: + gz: 1619cbe06b5a8c774711b3351d18bb0f84f1d017 + zip: 5d79834050369ea9241d86467bf93e9e89e2ab7a + xz: 6041ad2651527d01c36106de3d3cdab680ed3132 + sha256: + gz: 1a3c322e90cb22e5fba0b5d257bb2be9988affa3867eba7642ed981fdde895bb + zip: bd2a6c0e8396698e6f6768c00b0f155510859bb6fb92420f7b7abec610e71dbb + xz: 4ee4ec44366050d4b2ee1d88034cc63e0b9174a1a6650285777f3d3447213a97 + sha512: + gz: 29c0e32179f7b823b6708f5328e495cd333fe8dd88f7df7d9051deab47add67b14d899bba565bba1a77e1b04c9693d9708541445c112925777bb6891cb7b2b62 + zip: 36ea6897e6ad769141516f4c1bb18989fbde27a76f0f3abcce947f8b6b79639846ba93907e085181f7d305ab06ad73f1bbb37928049c8c951d33176ee444abbf + xz: 4ce306b9beb1e2d88c76d7f809724b66bed17e354c07a2b54aa050fc2035652e4d83deadc8dbf7a375bbdb1c816f2996334bb8e7ff5e6c24b71a858bf6b0cb7c + # 3.3 series +- version: 3.3.8 + date: '2025-04-09' + post: "/en/news/2025/04/09/ruby-3-3-8-released/" + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.8.tar.gz + xz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.8.tar.xz + zip: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.8.zip + size: + gz: 22197497 + xz: 16435924 + zip: 27628937 + sha1: + gz: 71b8362d413f58ed5aef2ecd132769210c45f058 + xz: 9ee07098fd930744d8df5d4945b5f99d2fecb9ef + zip: 4c0d938d2791ab696e921557aec19613bb364a67 + sha256: + gz: 5ae28a87a59a3e4ad66bc2931d232dbab953d0aa8f6baf3bc4f8f80977c89cab + xz: 44ae70fee043da3ce48289b7a52618ebe32dc083253993d486211c7e445c8642 + zip: 389b8deae02849e769855dea892c921d3387b6548209189837a00f1cdf353797 + sha512: + gz: c5005ba4019fbae19650a9a9ce139e13608345065da9e2277dbeac9d0ac9e3b07b666816afe7be690088080c8c9cf88a8c372971d429479dcebea80d6c2e3883 + xz: 71c2f3ac9955e088fa885fd2ff695e67362a770a5d33e5160081eda3dd298ca2c692e299b03d757caecfbc94043fedc4ad093de84c505585d480cb36bbf978b9 + zip: 1aa6a0412760d0d1f423cd5f02533696b7c952c04f567b89aa875997e1d53a548c294c0b771a9e06e666daab038e3481a6251e361163449f92b02ab3a89a6373 + +- version: 3.3.7 + date: 2025-01-15 + post: /en/news/2025/01/15/ruby-3-3-7-released/ + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.7.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.7.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.7.tar.xz + size: + gz: 22163173 + zip: 27589557 + xz: 16379504 + sha1: + gz: aaa94abd1a5676dd24e927876935597a505e2a4d + zip: afe9800b8711aba57df5e11005a1710b48c9377e + xz: b5498e7174328fe0af0d93ee9667d39dda36621b + sha256: + gz: 9c37c3b12288c7aec20ca121ce76845be5bb5d77662a24919651aaf1d12c8628 + zip: 9c6b1d13a03d8423391e070e324b1380a597d3ac9eb5d8ea40bc4fd5226556a5 + xz: 5dbcbc605e0ed4b09c52703241577eb7edc3a2dc747e184c72b5285719b6ad72 + sha512: + gz: 9b48be05d1210e9194c8a6d77dfc3227599bff2b55fc9bb2049b11547927deef530ece9a2a505600cdc492c8517b1bef7ab5f2520ebd79ffcf76f0a734fa763d + zip: 20f0ad9e80528c5c5d42c0be8e85cf3f120a20a973a7d8303785f4201263d7896c9a7462d8b862330c2d4039ab8d47616fa13ef487a2ed05490ca4e731c97ef2 + xz: 4082a7684c1b0d53a0ce493f79568e851d37a864f59c58b2e0c273b2659e0ca75318ddff939fdf5e9d0a3eeba1b6d8f03bf88afb49a5ffd77714f1c8a7dfdd55 + +- version: 3.3.6 + date: 2024-11-05 + post: /en/news/2024/11/05/ruby-3-3-6-released/ + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.6.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.6.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.6.tar.xz + size: + gz: 22153657 + zip: 27048656 + xz: 16398228 + sha1: + gz: 0106171cd1801fb5663e8e709f3d6c935d683c9b + zip: 88239456249cd80cadd1cbf98a317ae700ccd9df + xz: 25391e9bd8547cd07e09afcfc472777520a3178a + sha256: + gz: 8dc48fffaf270f86f1019053f28e51e4da4cce32a36760a0603a9aee67d7fd8d + zip: a60240a6f9bcc8db6c07d40ad29c7dceb21430debe3ebc39bf339207818132f6 + xz: 540975969d1af42190d26ff629bc93b1c3f4bffff4ab253e245e125085e66266 + sha512: + gz: 4ae22f5c2a1f7ed84aab7587ff04ce4d9933cffe4347deaef0ab88d22c9780f274c1664a4ee1dd8235bc3cc749be828ffa8db7cb5f5002339a59a599acf3c729 + zip: c010c7d3e2b373b41a18bcadfb6dba276afabe479d75624569b5bdc605f3575bced2aff511708e25ceca43c7c918400222329e55e599c54154f203957f119ad2 + xz: c4b86188bf539fa737932e1ba5b746bc295e7c43b2f8cca2668eb7c88aa7228e2ce9032bbcd244a7d558a11bc842445b5fbeac3503ca7d223b63c53e08dba4ab + +- version: 3.3.5 + date: 2024-09-03 + post: /en/news/2024/09/03/3-3-5-released/ + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.5.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.5.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.5.tar.xz + size: + gz: 22129139 + zip: 27020194 + xz: 16403660 + sha1: + gz: 59444476bbe9e789fc777d8fb4dd456bc057604f + zip: ccb32746aef491ce05be42218301e2c47185e5fc + xz: 692bc3188bdb9ec30b8672543961b011d699590a + sha256: + gz: 3781a3504222c2f26cb4b9eb9c1a12dbf4944d366ce24a9ff8cf99ecbce75196 + zip: d3c13e124707494935d00ebc5c7983b0252bc13de49223fd31104ba5467a057a + xz: 51aec7ea89b46125a2c9adc6f36766b65023d47952b916b1aed300ddcc042359 + sha512: + gz: 5c482059628ef9de5d8a6ad4751f8043f2fc2b159b768265be7f3ee0574ad51d9500ee4fc9146c5978fbd51313039c3de39e7b7a4dedc9bcd5d09a41a713f1a7 + zip: bf83af835a74283aff21042538ee1f1eb70ff12dac1edd4672d787547cd29cb7b69a9299682f89c8499eb610737b10a7fc03eca038574cb4ba565205d96b0016 + xz: dd5c6a7f74854e143e0ca46b9d7c0d1983fc4886f5f733cd108345dbf4b21f61ad978ad6806e05a57b7af28fd9216dd38d7145808188bbb3695a7f3a4eda3883 + +- version: 3.3.4 + date: 2024-07-09 + post: /en/news/2024/07/09/ruby-3-3-4-released/ + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.4.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.4.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.4.tar.xz + size: + gz: 22110179 + zip: 26995054 + xz: 16366580 + sha1: + gz: 408362dfb0413122e09d35bafdcced8922b54e71 + zip: dcd35f8d428e61807b5c95b6e2e79444fb32f214 + xz: 4fac2e1609535f71cbdbf9ab9dcea6f6e80a304a + sha256: + gz: fe6a30f97d54e029768f2ddf4923699c416cdbc3a6e96db3e2d5716c7db96a34 + zip: 3cf0ee03dd4c98e78e8ab5e191af926870415770ef4995088ed069caef639b2a + xz: 1caaee9a5a6befef54bab67da68ace8d985e4fb59cd17ce23c28d9ab04f4ddad + sha512: + gz: 56a0b88954a4efd0236626e49cc90cdb15d9bfd42b27d7fc34efae61f500058e58cb32c73fdef5f1505a36602f4632d6148bf3bd1df539cb5581ae157c78c22b + zip: c24ca2e6b1114f9c489c049c07acccb0db0916c42c68ea90eaa9acc430973de68342df19710c58130fe264a291958c89e60815c5b00f91decf5a4d1d674a0b32 + xz: b26461a13ff82a08a282f10108028bb2a2e4a28da6182a291062fc54089c6655d79c22cc69d59156f9b11cb10a17fe8c69d489343fbae123a45f03361b95c9eb + +- version: 3.3.3 + date: 2024-06-12 + post: /en/news/2024/06/12/ruby-3-3-3-released/ + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.3.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.3.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.3.tar.xz + size: + gz: 22105219 + zip: 26990910 + xz: 16361160 + sha1: + gz: b71971b141ee2325d99046a02291940fcca9830c + zip: 15a903003fba2fa5ae760263d6aa7b951747e545 + xz: 70cc5db132ea277487ede490e430e066a7c862d9 + sha256: + gz: 83c05b2177ee9c335b631b29b8c077b4770166d02fa527f3a9f6a40d13f3cce2 + zip: a9e4a6650cc40643b2b4a005541587443e373fbdec0c03164502f710cfd87a01 + xz: 83c0995388399c9555bad87e70af069755b5a9d84bbaa74aa22d1e37ff70fc1e + sha512: + gz: 0388a96127eb6e53b836f7954af51ff62b84cdb7abeab823cb1349993d805b151204e426b9ac04ca8333fbd5e01c386d58bc37d34c4e9286b219dcda7542a150 + zip: ed5ed5bc26598ba8c39eaae45147159d742e4792d4d8478b2db04bffe25b75b8bd4131a86c010bff91e0368f906bff04e852deab415fefd25cec39bc53f70020 + xz: 27dcae604e6613e1eaa20c6a75ee88b970bb0dd584d9bc0c021ad8da4340858e3c2e874ac841fcca0b0444a0c0146c4650d2d22bac3c9e12853533c37255f8f1 + +- version: 3.3.2 + date: 2024-05-30 + post: /en/news/2024/05/30/ruby-3-3-2-released/ + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.2.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.2.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.2.tar.xz + size: + gz: 22095824 + zip: 26981906 + xz: 16349500 + sha1: + gz: b49719ef383c581008c1fd3b68690f874f78557b + zip: ee641ef4a0c5b9d12456c565d402841ae2ec5ab2 + xz: 5c9f7d5cf55d9e45b24c613014cbe2b605de009d + sha256: + gz: 3be1d100ebf2a0ce60c2cd8d22cd9db4d64b3e04a1943be2c4ff7b520f2bcb5b + zip: 06bf1aa3336afed66e2f89b0be3542c980fcdd76ffad0be284a860f25edea5b1 + xz: b5e8a8ed4a47cdd9a3358b5bdd998c37bd9e971ca63766a37d5ae5933fdb69f1 + sha512: + gz: a15ba8d6c2830fcd1f2b36f671acf9028c303ec78608fd268da0585db8e95ddd971666e8029bcfa2584da2184a6534e1f2f2da07fa7ca4494e8d842eed206f00 + zip: e2bbff1fbe5d9a892bd9c21fe9f10ea7b23f111f3876538bffea3d5451645e155f9ddc61345a44e409d44f83e190ffe30b9c90cd75905dc079cf8803f2f8ccdf + xz: 70dd8eb933956f894c52a8ede42e8ee74ff0e062bd8134a0bfb6bffc83a2848a658b62c8df5530b4dd64087b2d5373909c48917528facb1e6f4e99e79b6ad449 + +- version: 3.3.1 + date: 2024-04-23 + post: /en/news/2024/04/23/ruby-3-3-1-released/ + tag: v3_3_1 + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.1.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.1.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.1.tar.xz + size: + gz: 22074535 + zip: 26953741 + xz: 16350792 + sha1: + gz: affd82947d7cd84bd586f7f487a1da0c0bd8b1fd + zip: 98b9858e3c125cfe6ca838ac4e4e269fa34bcaaa + xz: 88ef585faece4ed76f4330bce52903664d4fbfe0 + sha256: + gz: 8dc2af2802cc700cd182d5430726388ccf885b3f0a14fcd6a0f21ff249c9aa99 + zip: d81c99dd03d095f116361c9d097145666f7bb2512cd856ee086545b1c3e54c55 + xz: 0686941a3ec395a15ae2a852487b2a88e5fb8a5518e188df00d8d1bb71a6349b + sha512: + gz: 0c8ea922a79152ac7adbfb2541320565bce6a631692fd39d499a06f53ad6339c16fad8374d171351ed63f7bda3312b26d4f8c058c5b6df3d7548fde372c718f1 + zip: 200bfcc1cc11282c64b03fe529287509684e01266d248ec85f51f6b382beebd8324321c2db59f52185f42c49fdde84aaa42cb59f0048faca389985431224564d + xz: c58e9be9b5ab48191fbf7d67e13f0ec42ee71ed338170e0f7b246708e9cfc617ce65098f5ce7ab32d4305e785642d3e44253462104d5b9c4abcb1a4113f48347 + +- version: 3.3.0 + date: 2023-12-25 + post: /en/news/2023/12/25/ruby-3-3-0-released/ + tag: v3_3_0 + stats: + files_changed: 5532 + insertions: 326851 + deletions: 185793 + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.0.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.0.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.0.tar.xz + size: + gz: 22065999 + zip: 26935108 + xz: 16345456 + sha1: + gz: 1a7e56851bf29bda1183aca99b3b323c58e0187b + zip: a433eef1d7f96daeaf3b4cb842d0ed2dd82e7dc1 + xz: c8f68e1b0a114b90460a0b44165a3b2f540fa5b6 + sha256: + gz: 96518814d9832bece92a85415a819d4893b307db5921ae1f0f751a9a89a56b7d + zip: 0e6563f679dd3694732eb3addf9de681c67b584602ac574376b60e7a509d2cd8 + xz: 676b65a36e637e90f982b57b059189b3276b9045034dcd186a7e9078847b975b + sha512: + gz: 26074009b501fc793d71a74e419f34a6033c9353433919ca74ba2d24a3de432dbb11fd92c2bc285f0e4d951a6d6c74bf5b69a2ab36200c8c26e871746d6e0fc6 + zip: a94a85937a14b217c1f4b90d24185289ed4aee79239c4f3eecf8034d3fd34e65ee8d66869473857ed153067188adc9b70c0471e4ebe842c9f98ef60c34090450 + xz: 7959c5753bfa0bfc4d6d74060869aabbe9815c1c97930659da11b917ee0803ddbbd80e869e00c48b8694b4ba48709c3b6493fd045568e36e902616c35ababf01 + - version: 3.3.0-rc1 date: 2023-12-11 post: /en/news/2023/12/11/ruby-3-3-0-rc1-released/ @@ -139,8 +582,151 @@ # 3.2 series +- version: 3.2.8 + date: '2025-03-26' + post: "/en/news/2025/03/26/ruby-3-2-8-released/" + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.8.tar.gz + xz: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.8.tar.xz + zip: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.8.zip + size: + gz: 20549999 + xz: 15130380 + zip: 25134315 + sha1: + gz: 419ecff4a0f8e805ddb1314344ffad33afde91d8 + xz: 570b529a10784fc16bb0339e6d37408adf9cd31d + zip: c80bf2e90b3bbfbedc9c8b65d401ce4bd0ed4263 + sha256: + gz: 77acdd8cfbbe1f8e573b5e6536e03c5103df989dc05fa68c70f011833c356075 + xz: 1cccd3100155275293ae5d4ea0a1a1068f5de69e71732220f144acce26327a3c + zip: c8ca517937c05e03ae52c41dad16ccf12ffae323365e73f3720142421f3aa2c7 + sha512: + gz: 342d9ce337936cdbaa5d63a4d393edf0594e431add8cec3b6f17b884075bfdc5aa7a843c03f4ee3bece01700dfa4707bba653715a628d9dcb230762dbd3e5ac8 + xz: 19ff96619945d907e509803b85ecf21750ffa4ae033045272feb43c183ab180d0033b98cf47c18804e448f01bc1928e3b833c61c98446dbe6be31fb9ea6b059d + zip: e248bc2a37b32edca0508df3016ac933089170deba6eec5479d8fb45a3d022c4c9532de2b5486863d30233bd276b14335e8d5ee97c371746b26d64f4864e80d3 +- version: 3.2.7 + date: 2025-02-04 + post: /en/news/2025/02/04/ruby-3-2-7-released/ + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.7.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.7.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.7.tar.xz + size: + gz: 20548416 + zip: 25129063 + xz: 15128228 + sha1: + gz: c45aa881a7ea1175212d385fe5c8b6e9ff14b2e5 + zip: d18fbf11004fdc98bc2c221b167b0d62bfc98dd2 + xz: 54e07b3adf1e948f5a35fc4ef9b24dd5976f1740 + sha256: + gz: 8488fa620ff0333c16d437f2b890bba3b67f8745fdecb1472568a6114aad9741 + zip: e4efb7d9e8f8fee6c717917760796c3e29d6c644f9777e4a46bd0a69ed21d5fd + xz: fc159b0d4a8ce412948fb69e61493839a0b3e1d5c919180f27036f1c948cfbe2 + sha512: + gz: 174e70ac20a21ea77e2c5055a9123a6812109fd7b54c0f7b948312b8159eedbfb11c06120390c158430ca8543e36893da6c809883c82757082d22e08004c5055 + zip: 5f57fb8b2d44187a8f900095cbe7bc90d9439c6436e3e361241b83102b85f665e3d7ed64fe1f6150dfb94eb289467f375ef24b46d5ac9b5f03b01ef31ed39606 + xz: c10b6fd27fad3bbd33d780c0a3eccb5df2a8465a89d2294ea6f14c7e5e8f7c8ea30b8a8b68bf8903c76f9133c5d984d5d66052ec4eb413153c739e6eea24beed + +- version: 3.2.6 + date: 2024-10-30 + post: /en/news/2024/10/30/ruby-3-2-6-released/ + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.6.tar.gz + zip: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.6.zip + xz: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.6.tar.xz + size: + gz: 20521981 + zip: 24653808 + xz: 15126888 + sha1: + gz: bbf265f5e7a3f480056dc2fa6d600a97cba00713 + zip: efbcfc2c2e238a7201366fdefdcf0dc16e4072af + xz: eabbe230df704e7141d53d8221314bb33b5f0dea + sha256: + gz: d9cb65ecdf3f18669639f2638b63379ed6fbb17d93ae4e726d4eb2bf68a48370 + zip: 36ca2292b48d8f6a0281d6c772dc47c358cb838774addc0344e38d4d2735704f + xz: 671134022238c2c4a9d79dc7d1e58c909634197617901d25863642f735a27ecb + sha512: + gz: 26ae9439043cf40e5eddde6b92ae51c9e1fa4e89c8ec6da36732c59c14873b022c683fb3007950d372f35de9b62a4fabbbc3ef1f4ef58cd53058bd56e1552cbe + zip: 8474829ebe13b3357f962571e8114e47634b5ed1f3e2dbfdf4ecb2ece1a3ed354f3506e8526a6768457e980ea4f056d77cd5b547419f2d8f9bea07348f64edc2 + xz: 78f7fc76d47c772b9bc313cbcb57a2c0f1a975e09cfe46a3083f6f603d62b0031bd4c55896c8353c1c343974d45077e06e310111198d870883e06a0cf6fd03ce + +- version: 3.2.5 + date: 2024-07-26 + post: "/en/news/2024/07/26/ruby-3-2-5-released/" + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.5.tar.gz + xz: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.5.tar.xz + zip: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.5.zip + size: + gz: 20619047 + xz: 15189072 + zip: 24777979 + sha1: + gz: e5166c947a4d9057b1310710a2a963df12264ac9 + xz: b5f21884084077b1f684efe40144844b8b37a316 + zip: 07e7638dd5ec40f261c820be523be619fdebe4aa + sha256: + gz: ef0610b498f60fb5cfd77b51adb3c10f4ca8ed9a17cb87c61e5bea314ac34a16 + xz: 7780d91130139406d39b29ed8fe16bba350d8fa00e510c76bef9b8ec1340903c + zip: b001e6c157d79f6fb351d5be83ba389c6ca20000686bbdfc8d2b8a46d38a7183 + sha512: + gz: d86c0151fabf21b418b007465e3f5b3fd0b2de0a9652057fd465b1f7e91b01d00f83a737e972ea994a5d9231e8cb27e64e576852390fe6c2ad502f0d099fe5f4 + xz: '092348b84b513aec62e63ec10b326370d0e3d1fa3126c59c03c84f28e2d7741a4772c461b077ec6a7dac3964a20f434655729e1acd50a3438755d7ad64073305' + zip: f7a05c96a22bd4018c4a79ff595e62aa92dc844ebaf3e66d50c7b35041fade7608806668b5cb25c17b360a3cd98df1c3e0f97c49448a968accab59a9dac97e47 + +- version: 3.2.4 + date: 2024-04-23 + post: "/en/news/2024/04/23/ruby-3-2-4-released/" + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.4.tar.gz + xz: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.4.tar.xz + zip: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.4.zip + size: + gz: 20581711 + zip: 24739492 + xz: 15175656 + sha1: + gz: a177e809102270f1cd77bf23c6df30c50ee7c107 + zip: e81354859b904711ce18eda1f42960a53caf3019 + xz: 2806593a486f54ce56e5ba83c152f397e48eb416 + sha256: + gz: c72b3c5c30482dca18b0f868c9075f3f47d8168eaf626d4e682ce5b59c858692 + zip: 7edc0163bb033e895a8a97392be0146daec03769c1a6c7f8d084b6e8dc7f7299 + xz: e7f1653d653232ec433472489a91afbc7433c9f760cc822defe7437c9d95791b + sha512: + gz: b695b98dac7bb2c8755a106d949cb1b1b91551092fad263765171ddf8a4d86585259ffab5f7cc9bace70143d645dbe5932cfc61c6dba7817177de391d76bcd79 + zip: b52a95b19d98ff5bd29aa74cb7d2cbad58f1ccad75892ad966aec35eef1a57f7c9727b8fd2a51c5c6a1677eaf67226afceee8ce079e523c7b264e841790ddcae + xz: fb0af37be4b6ad7b98ab9f8a508952238ee68b5828e3926331e4db52e2ebc1e6046f31114069322db0cd3bea7c9b82ace91c8564573ddcfa1f960877b237dbff + +- version: 3.2.3 + date: 2024-01-18 + post: "/en/news/2024/01/18/ruby-3-2-3-released/" + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.3.tar.gz + xz: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.3.tar.xz + zip: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.3.zip + size: + gz: 20577155 + xz: 15163960 + zip: 24734275 + sha1: + gz: 7f553e514cb42751a61c3a560a7e8d727c6931ca + xz: '08e0016c8b96103930aaa3b2323081d8f5756e25' + zip: e305dfe36229c5328d231ea0ac03ae5e05bfaca6 + sha256: + gz: af7f1757d9ddb630345988139211f1fd570ff5ba830def1cc7c468ae9b65c9ba + xz: cfb231954b8c241043a538a4c682a1cca0b2016d835fee0b9e4a0be3ceba476b + zip: 42aa39f74e5be9e24e4db47e7bfb15dc7e095f7e2295859b355edccf6fab96a2 + sha512: + gz: 75aecd9cf87f1fa66b24ecda8837a53162071b4f8801dcfd79119a24c6e81df3e3e2ba478e1cc48c60103dfaab12a00cfa2039a621f8651298eba8bd8d576360 + xz: d2a1897c2f4e801a28acb869322abfee76775115016252cecad90639485ed51deda1446cb16edb387f10a2e188602d646ef9b008b57f27bd745071277c535f3b + zip: fd89a0a833df4b5cb1734a7ffc86a8cf7cb3a8e25944331db674d3ad7732f615867e7e214e1fdd61e44e9c9c856b461b46219b340de7c87a758f28f3a99dd172 + - version: 3.2.2 - date: '2023-03-30' + date: 2023-03-30 post: "/en/news/2023/03/30/ruby-3-2-2-released/" url: gz: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.2.tar.gz @@ -164,7 +750,7 @@ zip: 569a68d89cc9a646cd0319d7cb8d57df3a55c0ac2c64f1f61607cc9c06b3aa8415eb8d38f7893ab3dbf072da9e919fbc454a9338e924c20a6a5110a1fa301d52 - version: 3.2.1 - date: '2023-02-08' + date: 2023-02-08 post: "/en/news/2023/02/08/ruby-3-2-1-released/" url: gz: https://cache.ruby-lang.org/pub/ruby/3.2/ruby-3.2.1.tar.gz @@ -334,8 +920,79 @@ # 3.1 series +- version: 3.1.7 + date: '2025-03-26' + post: "/en/news/2025/03/26/ruby-3-1-7-released/" + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.1/ruby-3.1.7.tar.gz + xz: https://cache.ruby-lang.org/pub/ruby/3.1/ruby-3.1.7.tar.xz + zip: https://cache.ruby-lang.org/pub/ruby/3.1/ruby-3.1.7.zip + size: + gz: 20811481 + xz: 15196628 + zip: 25555673 + sha1: + gz: c2023f05989241d1f21409b980ffbda83b1cbe7b + xz: 1437e9ec92f2c166f5b04dbb0c21ac299aca0542 + zip: c2eeaba7ebdabc84ca7b77a14a1f83b16397c87e + sha256: + gz: 0556acd69f141ddace03fa5dd8d76e7ea0d8f5232edf012429579bcdaab30e7b + xz: 658acc455b6bda87ac6cc1380e86552b9c1af87055e7a127589c5bf7ed80b035 + zip: ab91106d0686cd30c375c309c58a5b96e68ac56e96c453c1d4f3fbb6c548dec7 + sha512: + gz: a8432aaeaee4f48027ab30b7870bc61350840761b9d72b0b399d8fdfa96acb3c8f1ebe63663bcd8d835dd89b21128a07ef8f0c0c47eb41b942c169954ccb7edd + xz: 44e013f6e8d159a49125d24eaf02f58e02997fcd7bd4f4370250248c2d3264fb45183e33797638a7d9a2907fb48fe1b46f5f45514d60a800f96bce2c10baca82 + zip: febc49a0350558a8f3ad0d683c94321fc3437201c1adafdaa4e1a454234eef857d324e6ee1f95f5998d96fafce7f3a6c39483b3251a4a9ed4f64d80a1f73964e +- version: 3.1.6 + date: 2024-05-29 + post: "/en/news/2024/05/29/ruby-3-1-6-released/" + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.1/ruby-3.1.6.tar.gz + xz: https://cache.ruby-lang.org/pub/ruby/3.1/ruby-3.1.6.tar.xz + zip: https://cache.ruby-lang.org/pub/ruby/3.1/ruby-3.1.6.zip + size: + gz: 20887803 + xz: 15273916 + zip: 25211787 + sha1: + gz: '02832465f9b0f68b9fe2c443f9f602d6e840b2ca' + xz: 2671606a00d0ad564fb93f92d093590563c4e25b + zip: 534e675022dc30c3674ee68a7b2fbe9300d64367 + sha256: + gz: 0d0dafb859e76763432571a3109d1537d976266be3083445651dc68deed25c22 + xz: 597bd1849f252d8a6863cb5d38014ac54152b508c36dca156f6356a9e63c6102 + zip: c21d16e7953d65d05824834e89d7e1a58ccf2bc018fe966f785774ea383f53db + sha512: + gz: 624555ab3681bd6663bca7cf3529a969b9f0f16928559cfb713c57f763506c8740410c9b460d946922994859189ef2b9956167bd31423cf2e3acbf5a30086fe1 + xz: a3159648706d6d11ce9613201141e884b3accc69bf928c756de8a8f2b71d219886e91435d30cf2c30e85af31f87801138e10106344766100f1b80662c7244652 + zip: f8b5a0fda8dc0248f29796a0b5b67f93a825a013b92b0db437ecf0a5ffaf06a800285999a0e9a61e890a8000dd2e2c081a6ecb5dae62b1045761a13fd87c397b + +- version: 3.1.5 + date: 2024-04-23 + post: "/en/news/2024/04/23/ruby-3-1-5-released/" + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.1/ruby-3.1.5.tar.gz + xz: https://cache.ruby-lang.org/pub/ruby/3.1/ruby-3.1.5.tar.xz + zip: https://cache.ruby-lang.org/pub/ruby/3.1/ruby-3.1.5.zip + size: + gz: 20884264 + xz: 15293020 + zip: 25208327 + sha1: + gz: e3387c8fa2b6faf20beade2239ebdfc701ee6268 + xz: 807bf2b261cf71e7fe58641a6b5dac61fdeb05ea + zip: 83c6b2f26a35a1b23fef091e6db5c60ad0f52bf9 + sha256: + gz: 3685c51eeee1352c31ea039706d71976f53d00ab6d77312de6aa1abaf5cda2c5 + xz: f9375a45bdf1cc41298558e7ac6c367f7b6cdcccf7196618b21f0886ff583b91 + zip: e5eefbd95844b0322f6b2650cdef4d884d31c08856df7362375d26360cca9ba4 + sha512: + gz: 23661cb1b61013d912b7433f8707bbcd723391694d91f413747c71428e74f8c7385c1304de7d08b70c9fa3bd649e4eb5e9acb472d89dc2ad5678cc54855a24ae + xz: a9883f4d074825bb1f54ef3429a9a71341274bd2de1aa8ea32bce19b6b9c1bac5e5dc4c34a92b8e7caa73ba71d7ed7c546a6fec6f1fd3d8986974dce214f6d49 + zip: 390e6f99b101aa80de924532bfb0b9fc29702b1e14b92e12cc596e9c76f9a2e52ba0e72eb95accb4bac16d5d10d81900a2e8afba80aa514ef870f52cfd50b4fd + - version: 3.1.4 - date: '2023-03-30' + date: 2023-03-30 post: "/en/news/2023/03/30/ruby-3-1-4-released/" url: gz: https://cache.ruby-lang.org/pub/ruby/3.1/ruby-3.1.4.tar.gz @@ -359,7 +1016,7 @@ zip: 3a334302df97c2c7fec3c2d05d19a40b1ec6f95fef52c85d397196ce62fac4834f96783f0ac7fcba6e2a670f004bcc275db6f1810ace6c68a594e7d2fd9b297b - version: 3.1.3 - date: '2022-11-24' + date: 2022-11-24 post: "/en/news/2022/11/24/ruby-3-1-3-released/" url: gz: https://cache.ruby-lang.org/pub/ruby/3.1/ruby-3.1.3.tar.gz @@ -383,7 +1040,7 @@ zip: 3901380a27157639dee72f80231790886d269cc741a6c9e0f6472554855be86bdb93f71577ed8d93e817ef0c8d9a168fcd6f6d426fabb465dd0dd22b5a56cfc9 - version: 3.1.2 - date: '2022-04-12' + date: 2022-04-12 post: "/en/news/2022/04/12/ruby-3-1-2-released/" url: gz: https://cache.ruby-lang.org/pub/ruby/3.1/ruby-3.1.2.tar.gz @@ -490,8 +1147,32 @@ # 3.0 series +- version: 3.0.7 + date: 2024-04-23 + post: "/en/news/2024/04/23/ruby-3-0-7-released/" + url: + gz: https://cache.ruby-lang.org/pub/ruby/3.0/ruby-3.0.7.tar.gz + xz: https://cache.ruby-lang.org/pub/ruby/3.0/ruby-3.0.7.tar.xz + zip: https://cache.ruby-lang.org/pub/ruby/3.0/ruby-3.0.7.zip + size: + gz: 21268288 + xz: 15848768 + zip: 25652209 + sha1: + gz: ec95aee1364fc4d0ca0e8f83c525127016e05c86 + xz: efc97e609868a19f89653068c4915c162117b721 + zip: b258a1bfcd49fb801b83a0aec90a8bb3989e9e42 + sha256: + gz: 2a3411977f2850431136b0fab8ad53af09fb74df2ee2f4fb7f11b378fe034388 + xz: 1748338373c4fad80129921080d904aca326e41bd9589b498aa5ee09fd575bab + zip: 163d752070a2ba1a015f004ae75e38ac9aa44bc4ebfafb55d5ff184cc72db5be + sha512: + gz: 66e5116ddd027ab1b27d466104a5b440889318b4f2f74b5fdf3099812bf5f7ef77be62fe1df37e0dc7cd5b2f5efe7fee5b9096910ce815ca4126577cb2abfaa7 + xz: 4760dc7d1345279b53cff30f3dd015b67f6a505e5028357f046dbf23b15a52d09f7d91fcfe5cb75d6c3222e7283aad12b97b36f5de0ff959f824bd42073f9c48 + zip: ed5e6d827ba981808bc4d914e400963b4443d522d52dd5d3f645db0cf38b50ab6c9baafac1b5e348e677500a16ceef1a5ac15c6a67003c2b2037cb86c1bd3654 + - version: 3.0.6 - date: '2023-03-30' + date: 2023-03-30 post: "/en/news/2023/03/30/ruby-3-0-6-released/" url: gz: https://cache.ruby-lang.org/pub/ruby/3.0/ruby-3.0.6.tar.gz @@ -515,7 +1196,7 @@ zip: 576d11c668acac57cf4952228b148d17f16ab1dc491145355a4f2068b15f6cab8a4007a84d9d1eda4c1b62837675c82be99ebe6379c314f46c6ebbbf89677b5e - version: 3.0.5 - date: '2022-11-24' + date: 2022-11-24 post: "/en/news/2022/11/24/ruby-3-0-5-released/" url: gz: https://cache.ruby-lang.org/pub/ruby/3.0/ruby-3.0.5.tar.gz @@ -539,7 +1220,7 @@ zip: 953cef1dd97395e04059cc76ee2a74348f2c9da0b2727c5406af26e88072e8c0bde91835354cb9f1b44f3a81a49ea7b807d7f048d138fd74ba3cabbf7859f2b3 - version: 3.0.4 - date: '2022-04-12' + date: 2022-04-12 post: "/en/news/2022/04/12/ruby-3-0-4-released/" url: gz: https://cache.ruby-lang.org/pub/ruby/3.0/ruby-3.0.4.tar.gz @@ -563,7 +1244,7 @@ zip: 2d97099161bcd17c5fdf1c70da6e062ae410186e7c1235e3b1df5bad6085e370bed3cf1ebd89ed9b5918cd386ae47d1f986a3c96c32f0c8a0b9375e56b66a1d9 - version: 3.0.3 - date: '2021-11-24' + date: 2021-11-24 post: "/en/news/2021/11/24/ruby-3-0-3-released/" url: gz: https://cache.ruby-lang.org/pub/ruby/3.0/ruby-3.0.3.tar.gz @@ -587,7 +1268,7 @@ zip: 24c2a4f455f90e54f85d9565e392519833b36aefce32dc707e6693994d175c82e84ee6c37ed4a9ddf8840479e7cdfaae714c12bc6923368bb00346d4edd434d8 - version: 3.0.2 - date: '2021-07-07' + date: 2021-07-07 post: "/en/news/2021/07/07/ruby-3-0-2-released/" url: gz: https://cache.ruby-lang.org/pub/ruby/3.0/ruby-3.0.2.tar.gz @@ -755,7 +1436,7 @@ # 2.7 series - version: 2.7.8 - date: '2023-03-30' + date: 2023-03-30 post: "/en/news/2023/03/30/ruby-2-7-8-released/" url: bz2: https://cache.ruby-lang.org/pub/ruby/2.7/ruby-2.7.8.tar.bz2 @@ -784,7 +1465,7 @@ zip: e7ad3380cc81ecfebccb39acad7364a20bc5ebf9ce74ca5d82225fe0dea76e2ee46aa97e49b975dd9a00c7ff60d94907d9a27acdbb5c5a48b88a3c58e0a998be - version: 2.7.7 - date: '2022-11-24' + date: 2022-11-24 post: "/en/news/2022/11/24/ruby-2-7-7-released/" url: bz2: https://cache.ruby-lang.org/pub/ruby/2.7/ruby-2.7.7.tar.bz2 @@ -813,7 +1494,7 @@ zip: 90dabc0fcedc25e3e46d5e9f2dff01c56e142c2e71b95c4c5f4da056f1e47cb320ef8b949282fd9594869e91cd76eab27ad70061be6c26b0d0d8837ae0fb8309 - version: 2.7.6 - date: '2022-04-12' + date: 2022-04-12 post: "/en/news/2022/04/12/ruby-2-7-6-released/" url: bz2: https://cache.ruby-lang.org/pub/ruby/2.7/ruby-2.7.6.tar.bz2 @@ -842,7 +1523,7 @@ zip: d7210aa211333cc1afa080b999bf1a50db1708bb8e2c608892bb42fe450f4567aa4d974532071e0eba3d96bee63ed1f2d51f123d443edc46668c4eca3fe1f791 - version: 2.7.5 - date: '2021-11-24' + date: 2021-11-24 post: "/en/news/2021/11/24/ruby-2-7-5-released/" url: bz2: https://cache.ruby-lang.org/pub/ruby/2.7/ruby-2.7.5.tar.bz2 @@ -871,7 +1552,7 @@ zip: fe9a706f8139e59a40ab205dc88cdc613c9c69186cb2daeb5adc80bdf45290a523fa7e3fd0866fa12325039ba413ff1e1f4233073d352da08079dc903063b31a - version: 2.7.4 - date: '2021-07-07' + date: 2021-07-07 post: "/en/news/2021/07/07/ruby-2-7-4-released/" url: bz2: https://cache.ruby-lang.org/pub/ruby/2.7/ruby-2.7.4.tar.bz2 @@ -1146,7 +1827,7 @@ # 2.6 series - version: 2.6.10 - date: '2022-04-12' + date: 2022-04-12 post: "/en/news/2022/04/12/ruby-2-6-10-released/" url: bz2: https://cache.ruby-lang.org/pub/ruby/2.6/ruby-2.6.10.tar.bz2 @@ -1175,7 +1856,7 @@ zip: 352efede781c3c3b1aaaaeaa28050d530b8a350ec549218464dfe57a4d39770f5a345978fc9f6c23d5f539db70bd9f53c4fbf807dc4ec4bdf9cae1acbe6c2c99 - version: 2.6.9 - date: '2021-11-24' + date: 2021-11-24 post: "/en/news/2021/11/24/ruby-2-6-9-released/" url: bz2: https://cache.ruby-lang.org/pub/ruby/2.6/ruby-2.6.9.tar.bz2 @@ -1204,7 +1885,7 @@ zip: 9073e0fc5040434f15158f24c6a551286bc5f1c4c1cb54d6e3debb4ac039187a4f274a217bdb5c8489c72360c65d708f89eb0f2472a1f9232fcfee8e296dec57 - version: 2.6.8 - date: '2021-07-07' + date: 2021-07-07 post: "/en/news/2021/07/07/ruby-2-6-8-released/" url: bz2: https://cache.ruby-lang.org/pub/ruby/2.6/ruby-2.6.8.tar.bz2 @@ -2220,7 +2901,7 @@ date: 2013-02-24 post: /en/news/2013/02/24/ruby-2-0-0-p0-is-released/ url: - gz: https://cache.ruby-lang.org/pub/ruby/2.0/ruby-2.0.0.tar.gz + gz: https://cache.ruby-lang.org/pub/ruby/2.0/ruby-2.0.0-p0.tar.gz - version: 2.0.0-rc2 date: 2013-02-08 post: /en/news/2013/02/08/ruby-2-0-0-rc2-is-released/ @@ -2305,7 +2986,7 @@ date: 2011-10-31 post: /en/news/2011/10/31/ruby-1-9-3-p0-is-released/ url: - gz: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3.tar.gz + gz: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p0.tar.gz - version: 1.9.3-rc1 date: 2011-09-24 post: /en/news/2011/09/24/ruby-1-9-3-rc1-has-been-released/ @@ -2340,7 +3021,7 @@ date: 2010-08-18 post: /en/news/2010/08/18/ruby-1-9-2-released/ url: - gz: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.2.tar.gz + gz: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.2-p0.tar.gz - version: 1.9.2-rc2 date: 2010-07-11 post: /en/news/2010/07/11/ruby-1-9-2-rc2-is-released/ @@ -2388,7 +3069,7 @@ date: 2009-01-30 post: /en/news/2009/01/30/ruby-1-9-1-released/ url: - gz: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1.tar.gz + gz: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p0.tar.gz - version: 1.9.1-preview1 date: 2008-10-28 post: /en/news/2008/10/28/ruby-1-9-1-preview-1-released/ @@ -2398,7 +3079,7 @@ date: 2007-12-25 post: /en/news/2007/12/25/ruby-1-9-0-released/ url: - gz: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.0.tar.gz + gz: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.0-0.tar.gz - version: 1.8.7-p374 date: 2013-06-27 post: /en/news/2013/06/27/ruby-1-8-7-p374-is-released/ diff --git a/_includes/search.html b/_includes/search.html index 41158dd8e0..c78d342521 100644 --- a/_includes/search.html +++ b/_includes/search.html @@ -1,9 +1,13 @@ -{% if site.data.locales[page.lang].search %} - {% assign cx_id = site.data.locales[page.lang].search.cx_id %} +{% if site.data.locales[page.lang].search.text %} {% assign text = site.data.locales[page.lang].search.text %} {% else %} {% assign text = site.data.locales['en'].search.text %} {% endif%} +{% if site.data.locales[page.lang].search.cx_id %} + {% assign cx_id = site.data.locales[page.lang].search.cx_id %} +{% else %} + {% assign cx_id = site.data.locales['en'].search.cx_id %} +{% endif%}
diff --git a/bg/community/mailing-lists/index.md b/bg/community/mailing-lists/index.md index 19bd46cc71..d0ad402338 100644 --- a/bg/community/mailing-lists/index.md +++ b/bg/community/mailing-lists/index.md @@ -32,10 +32,10 @@ comp.lang.ruby дискусионна група. ## Абониране -[Абониране](https://ml.ruby-lang.org/mailman3/postorius/lists/) +[Абониране](https://ml.ruby-lang.org/mailman3/lists/) -[3]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-talk@ml.ruby-lang.org/ -[4]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-core@ml.ruby-lang.org/ -[5]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-doc@ml.ruby-lang.org/ +[3]: https://ml.ruby-lang.org/archives/list/ruby-talk@ml.ruby-lang.org/ +[4]: https://ml.ruby-lang.org/archives/list/ruby-core@ml.ruby-lang.org/ +[5]: https://ml.ruby-lang.org/archives/list/ruby-doc@ml.ruby-lang.org/ diff --git a/bg/documentation/index.md b/bg/documentation/index.md index efbb1f7ea4..55677a858d 100644 --- a/bg/documentation/index.md +++ b/bg/documentation/index.md @@ -107,11 +107,10 @@ ruby -v * [SciTe][28] * [NetBeans][36] * [Sublime Text][37] + * [Visual Studio Code][vscode] с плъгина [Ruby LSP][40] * За Windows: * [Notepad++][29] - * [E-TextEditor][30] - * [Ruby In Steel][31] * За macOS: * [TextMate][32] @@ -150,8 +149,6 @@ ruby -v [27]: http://www.jetbrains.com/ruby/ [28]: http://www.scintilla.org/SciTE.html [29]: http://notepad-plus-plus.org/ -[30]: http://www.e-texteditor.com/ -[31]: http://www.sapphiresteel.com/ [32]: http://macromates.com/ [33]: https://www.barebones.com/products/bbedit/ [34]: http://ruby-doc.org @@ -159,3 +156,5 @@ ruby -v [37]: http://www.sublimetext.com/ [38]: https://learncodethehardway.org/ruby/ [39]: http://kapeli.com/dash +[vscode]: https://code.visualstudio.com/ +[40]: https://marketplace.visualstudio.com/items?itemName=Shopify.ruby-lsp diff --git a/bg/documentation/quickstart/3/index.md b/bg/documentation/quickstart/3/index.md index e141e02c46..8db142707a 100644 --- a/bg/documentation/quickstart/3/index.md +++ b/bg/documentation/quickstart/3/index.md @@ -97,7 +97,7 @@ irb(main):043:0> g.respond_to?("to_s") irb(main):044:0> class Greeter irb(main):045:1> attr_accessor :name irb(main):046:1> end -=> nil +=> [:name, :name=] {% endhighlight %} В Ruby лесно може да отворим класа отново за модификация. Промените ще diff --git a/de/community/mailing-lists/index.md b/de/community/mailing-lists/index.md index 23be89aa83..1d013d0d77 100644 --- a/de/community/mailing-lists/index.md +++ b/de/community/mailing-lists/index.md @@ -38,21 +38,21 @@ comp.lang.ruby (Newsgroup) [comp.lang.ruby](news:comp.lang.ruby)-Newsgroup eine gute Anlaufstelle. ([FAQ][clrFAQ]) -Siehe [https://ml.ruby-lang.org/mailman3/postorius/lists/](https://ml.ruby-lang.org/mailman3/postorius/lists/) +Siehe [https://ml.ruby-lang.org/mailman3/lists/](https://ml.ruby-lang.org/mailman3/lists/) für weitere Informationen über alle Mailinglisten bei ruby-lang.org, einschließlich der Listen in japanischer Sprache. ## An- oder Abmelden -[An- oder Abmelden](https://ml.ruby-lang.org/mailman3/postorius/lists/) +[An- oder Abmelden](https://ml.ruby-lang.org/mailman3/lists/) [guidelines]: /en/community/mailing-lists/ruby-talk-guidelines/ [clrFAQ]: http://rubyhacker.com/clrFAQ.html -[3]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-talk@ml.ruby-lang.org/ -[4]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-core@ml.ruby-lang.org/ -[5]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-doc@ml.ruby-lang.org/ +[3]: https://ml.ruby-lang.org/archives/list/ruby-talk@ml.ruby-lang.org/ +[4]: https://ml.ruby-lang.org/archives/list/ruby-core@ml.ruby-lang.org/ +[5]: https://ml.ruby-lang.org/archives/list/ruby-doc@ml.ruby-lang.org/ [6]: http://lists.ruby-lang.org/cgi-bin/mailman/listinfo/ruby-de [7]: http://lists.ruby-lang.org/pipermail/ruby-de/ [8]: http://planet.ruby-portal.de/ruby-de.html diff --git a/de/documentation/quickstart/2/index.md b/de/documentation/quickstart/2/index.md index 529ed1a156..e3b6a82992 100644 --- a/de/documentation/quickstart/2/index.md +++ b/de/documentation/quickstart/2/index.md @@ -21,18 +21,18 @@ Was machen wir, wenn wir ganz oft “Hallo” sagen wollen, ohne uns die Finger wund zu tippen? Wir definieren eine Methode! {% highlight irb %} -irb(main):010:0> def h +irb(main):010:0> def hi irb(main):011:1> puts "Hallo, Welt!" irb(main):012:1> end -=> nil +=> :hi {% endhighlight %} -Mit dem Code `def h` beginnt man die Methodendefinition. Er teilt Ruby -mit, dass wir eine Methode definieren, deren Name `h` ist. Die nächste +Mit dem Code `def hi` beginnt man die Methodendefinition. Er teilt Ruby +mit, dass wir eine Methode definieren, deren Name `hi` ist. Die nächste Zeile nennt man Rumpf (“Body”) der Methode. Sie ist identisch zu der Zeile, die wir schon von vorhin kennen: `puts "Hallo, Welt!"`. Und schließlich teilt die letzte Zeile `end` Ruby mit, dass wir fertig mit -der Methodendefinition sind. Rubys Antwort `=> nil` sagt uns, dass Ruby +der Methodendefinition sind. Rubys Antwort `=> :hi` sagt uns, dass Ruby das nun weiß. ## Die kurzen, immer wiederkehrenden Lebenszyklen einer Methode @@ -40,10 +40,10 @@ das nun weiß. Rufen wir nun die Methode ein paar Mal auf: {% highlight irb %} -irb(main):013:0> h +irb(main):013:0> hi Hallo, Welt! => nil -irb(main):014:0> h() +irb(main):014:0> hi() Hallo, Welt! => nil {% endhighlight %} @@ -55,15 +55,15 @@ Klammer-Paar ans Ende des Methodennamens setzen, aber das ist nicht notwendig. Was, wenn wir nun Hallo zu einer ganz bestimmten Person statt zur ganzen -Welt sagen möchten? Dann definieren wir `h` einfach neu, so dass ein +Welt sagen möchten? Dann definieren wir `hi` einfach neu, so dass ein Name als Parameter akzeptiert wird: {% highlight irb %} -irb(main):015:0> def h(name) +irb(main):015:0> def hi(name) irb(main):016:1> puts "Hallo, #{name}!" irb(main):017:1> end -=> nil -irb(main):018:0> h("Matz") +=> :hi +irb(main):018:0> hi("Matz") Hallo, Matz! => nil {% endhighlight %} @@ -81,14 +81,14 @@ man auch dazu benutzen, um sicherzugehen, dass der Name einer Person mit einem Großbuchstaben anfängt: {% highlight irb %} -irb(main):019:0> def h(name = "Welt") +irb(main):019:0> def hi(name = "Welt") irb(main):020:1> puts "Hallo, #{name.capitalize}!" irb(main):021:1> end -=> nil -irb(main):022:0> h "chris" +=> :hi +irb(main):022:0> hi "chris" Hallo, Chris! => nil -irb(main):023:0> h +irb(main):023:0> hi Hallo, Welt! => nil {% endhighlight %} @@ -119,7 +119,7 @@ irb(main):031:1> def sag_tschuess irb(main):032:2> puts "Tschuess, #{@name}, bis bald!" irb(main):033:2> end irb(main):034:1> end -=> nil +=> :sag_tschuess {% endhighlight %} Das neue Schlüsselwort hier ist `class`. Damit definieren wir eine neue diff --git a/de/documentation/quickstart/3/index.md b/de/documentation/quickstart/3/index.md index 436f2fbedd..f0ff49b252 100644 --- a/de/documentation/quickstart/3/index.md +++ b/de/documentation/quickstart/3/index.md @@ -35,9 +35,7 @@ Hmm, und wenn wir direkt auf den Namen im Objekt zugreifen wollen? {% highlight irb %} irb(main):038:0> g.@name -SyntaxError: compile error -(irb):52: syntax error - from (irb):52 +:187:in `loop': (irb):52: syntax error, unexpected instance variable (SyntaxError) {% endhighlight %} Nö, das geht offensichtlich nicht. @@ -53,16 +51,21 @@ Welche Methoden existieren nun für Greeter-Objekte? {% highlight irb %} irb(main):039:0> Greeter.instance_methods -=> ["method", "send", "object_id", "singleton_methods", - "__send__", "equal?", "taint", "frozen?", - "instance_variable_get", "kind_of?", "to_a", - "instance_eval", "type", "protected_methods", "extend", - "eql?", "display", "instance_variable_set", "hash", - "is_a?", "to_s", "class", "tainted?", "private_methods", - "untaint", "sag_hallo", "id", "inspect", "==", "===", - "clone", "public_methods", "respond_to?", "freeze", - "sag_tschuess", "__id__", "=~", "methods", "nil?", "dup", - "instance_variables", "instance_of?"] +=> +[:sag_hallo, :sag_tschuess, :to_yaml, :to_json, + :pretty_print, :pretty_print_inspect, :pretty_print_cycle, + :pretty_print_instance_variables, :Namespace, + :singleton_class, :dup, :itself, :methods, + :singleton_methods, :protected_methods, :private_methods, + :public_methods, :instance_variables, :instance_variable_get, + :instance_variable_set, :instance_variable_defined?, + :remove_instance_variable, :instance_of?, :kind_of?, :is_a?, + :display, :TypeName, :public_send, :extend, :clone, :<=>, + :===, :class, :!~, :tap, :frozen?, :yield_self, :then, :nil?, + :eql?, :respond_to?, :method, :public_method, :singleton_method, + :define_singleton_method, :hash, :freeze, :inspect, :object_id, + :send, :to_s, :pretty_inspect, :to_enum, :enum_for, :equal?, :!, + :__send__, :==, :!=, :instance_eval, :instance_exec, :__id__] {% endhighlight %} Hoppla, das sind aber ganz schön viele! Wir haben doch nur zwei Methoden @@ -104,7 +107,7 @@ die Variablen eines Objekts zu gewähren. irb(main):044:0> class Greeter irb(main):045:1> attr_accessor :name irb(main):046:1> end -=> nil +=> [:name, :name=] {% endhighlight %} In Ruby kann man eine Klasse jederzeit verändern. Die Änderungen werden diff --git a/de/news/_posts/2001-07-10-removed-language-comparison-page.md b/de/news/_posts/2001-07-10-removed-language-comparison-page.md index 6597d1425c..dfdc627411 100644 --- a/de/news/_posts/2001-07-10-removed-language-comparison-page.md +++ b/de/news/_posts/2001-07-10-removed-language-comparison-page.md @@ -5,7 +5,7 @@ author: "NaHi" lang: de --- -Matz desided to remove the page. +Matz decided to remove the page. diff --git a/de/news/_posts/2002-03-01-167-is-released.md b/de/news/_posts/2002-03-01-167-is-released.md index 5e0c47bf55..31dd7cff3d 100644 --- a/de/news/_posts/2002-03-01-167-is-released.md +++ b/de/news/_posts/2002-03-01-167-is-released.md @@ -9,4 +9,4 @@ Die neue stabile Version [1.6.7][1] wurde veröffentlicht. -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.6.7.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.6/ruby-1.6.7.tar.gz diff --git a/de/news/_posts/2002-12-24-ruby-1-6-8-and-1-8-0-preview-1.md b/de/news/_posts/2002-12-24-ruby-1-6-8-and-1-8-0-preview-1.md index e7ca2ffbb6..966950c084 100644 --- a/de/news/_posts/2002-12-24-ruby-1-6-8-and-1-8-0-preview-1.md +++ b/de/news/_posts/2002-12-24-ruby-1-6-8-and-1-8-0-preview-1.md @@ -8,7 +8,7 @@ lang: de I just put the 1.6.8 release package on the ftp. 1.6.8 should be the last release in the 1.6.x series. Check out -* [https://cache.ruby-lang.org/pub/ruby/ruby-1.6.8.tar.gz][1] +* [https://cache.ruby-lang.org/pub/ruby/1.6/ruby-1.6.8.tar.gz][1] I also put the first preview of 1.8.0 at @@ -19,6 +19,6 @@ Merry Christmas! -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.6.8.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.6/ruby-1.6.8.tar.gz [2]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.0-preview1.tar.gz [3]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.0-preview1-errata.diff diff --git a/de/news/_posts/2004-12-26-ruby-182-released.md b/de/news/_posts/2004-12-26-ruby-182-released.md index 5bbdf50e53..c2aca111f9 100644 --- a/de/news/_posts/2004-12-26-ruby-182-released.md +++ b/de/news/_posts/2004-12-26-ruby-182-released.md @@ -11,7 +11,7 @@ Matz announced that ruby 1.8.2 was released This is mainly a bug fix release. You can download it at: -* [https://cache.ruby-lang.org/pub/ruby/ruby-1.8.2.tar.gz][1] +* [https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.2.tar.gz][1] md5sum is 8ffc79d96f336b80f2690a17601dea9b @@ -19,4 +19,4 @@ Merry Christmas! -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.2.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.2.tar.gz diff --git a/de/news/_posts/2005-09-21-ruby-183-released.md b/de/news/_posts/2005-09-21-ruby-183-released.md index b8748bbe0c..2fe5808054 100644 --- a/de/news/_posts/2005-09-21-ruby-183-released.md +++ b/de/news/_posts/2005-09-21-ruby-183-released.md @@ -10,4 +10,4 @@ Ruby 1.8.3 has been released. The source is [here][1], and the md5sum is -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.3.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.3.tar.gz diff --git a/de/news/_posts/2005-12-24-ruby-184-released.md b/de/news/_posts/2005-12-24-ruby-184-released.md index d8ea655294..71e8340fc7 100644 --- a/de/news/_posts/2005-12-24-ruby-184-released.md +++ b/de/news/_posts/2005-12-24-ruby-184-released.md @@ -6,9 +6,9 @@ lang: de --- Ruby 1.8.4 has been released. The source is -[https://cache.ruby-lang.org/pub/ruby/ruby-1.8.4.tar.gz][1], the md5sum is +[https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.4.tar.gz][1], the md5sum is bd8c2e593e1fa4b01fd98eaf016329bb, and filesize is 4,312,965 bytes. -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.4.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.4.tar.gz diff --git a/de/news/_posts/2006-08-29-ruby-1-8-5-released.md b/de/news/_posts/2006-08-29-ruby-1-8-5-released.md index 3a38109435..d03a7a8052 100644 --- a/de/news/_posts/2006-08-29-ruby-1-8-5-released.md +++ b/de/news/_posts/2006-08-29-ruby-1-8-5-released.md @@ -7,7 +7,7 @@ lang: de Ruby 1.8.5 has been released. -The source is [https://cache.ruby-lang.org/pub/ruby/ruby-1.8.5.tar.gz][1], +The source is [https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5.tar.gz][1], the md5sum is 3fbb02294a8ca33d4684055adba5ed6f, and filesize is 4,438,603 bytes. @@ -15,5 +15,5 @@ Mauricio Fernandez wrote [a summary of changes][2]. -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.5.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5.tar.gz [2]: http://eigenclass.org/hiki.rb?ruby+1.8.5+changelog diff --git a/de/news/_posts/2009-05-21-ruby-1-9-1-p129-verffentlicht.md b/de/news/_posts/2009-05-21-ruby-1-9-1-p129-verffentlicht.md index 6131ead83b..66b3ab12df 100644 --- a/de/news/_posts/2009-05-21-ruby-1-9-1-p129-verffentlicht.md +++ b/de/news/_posts/2009-05-21-ruby-1-9-1-p129-verffentlicht.md @@ -13,19 +13,19 @@ allen 1.9.1 Benutzern auf diese Version umzusteigen. #### Download -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.bz2>][1] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.bz2>][1] Größe: 7183891 bytes MD5: 6fa62b20f72da471195830dec4eb2013 SHA256: cb730f035aec0e3ac104d23d27a79aa9625fdeb115dae2295de65355f449ce27 -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.gz>][2] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.gz>][2] Größe: 9034947 bytes MD5: c71f413514ee6341c627be2957023a5c SHA256: 27b7a8ace1d17cec237020ae9355230b53f8c3875f8d942de903e7d58d14253b -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.zip>][3] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.zip>][3] Größe: 10299369 bytes MD5: 156305e9633758eb60b419fabc33b6e4 @@ -40,6 +40,6 @@ allen 1.9.1 Benutzern auf diese Version umzusteigen. -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.bz2 -[2]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.gz -[3]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.zip +[1]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.bz2 +[2]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.gz +[3]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.zip diff --git a/de/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md b/de/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md index 50d6598bb0..2bbb8f1388 100644 --- a/de/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md +++ b/de/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md @@ -32,19 +32,19 @@ Sie können den ursprünglichen Fehlerbericht im Ticketsystem nachlesen: ## Download -* +* SIZE: 9081661 bytes MD5: 8ba4aaf707023e76f80fc8f455c99858 SHA256: 6d3487ea8a86ad0fa78a8535078ff3c7a91ca9f99eff0a6a08e66c6e6bf2040f -* +* SIZE: 11416473 bytes MD5: 4b9330730491f96b402adc4a561e859a SHA256: 23ef45fdaecc5d6c7b4e9e2d51b23817fc6aa8225a20f123f7fa98760e8b5ca9 -* +* SIZE: 12732739 bytes MD5: 42d261b28d1b7e500dd3bdbdbfba7fa5 diff --git a/de/news/_posts/2023-12-25-ruby-3-3-0-released.md b/de/news/_posts/2023-12-25-ruby-3-3-0-released.md new file mode 100644 index 0000000000..9f1ca8e3e9 --- /dev/null +++ b/de/news/_posts/2023-12-25-ruby-3-3-0-released.md @@ -0,0 +1,305 @@ +--- +layout: news_post +title: "Ruby 3.3.0 veröffentlicht" +author: "naruse" +translator: Thomas Ritter +date: 2023-12-25 00:00:00 +0000 +lang: de +--- + +{% assign release = site.data.releases | where: "version", "3.3.0" | first %} +Wir freuen uns, die Veröffentlichung von Ruby {{ release.version }} anzukündigen. Ruby 3.3 fügt einen neuen Parser namens Prism hinzu, verwendet Lrama als Parser-Generator, fügt einen neuen reinen Ruby JIT-Compiler namens RJIT hinzu und viele Leistungsverbesserungen, insbesondere YJIT. + +## Prism + +- Einführung des [Prism-Parser](https://github.com/ruby/prism) als Standard-Gem + - Prism ist ein portabler, fehlertoleranter und wartbarer rekursiver Abstiegsparser für die Ruby-Sprache +- Prism ist produktionsreif und wird aktiv gepflegt, Sie können es anstelle von Ripper verwenden + - Es gibt [umfangreiche Dokumentation](https://ruby.github.io/prism/) zur Nutzung von Prism + - Prism ist sowohl eine C-Bibliothek, die intern von CRuby verwendet wird, als auch ein Ruby-Gem, das von jedem Werkzeug verwendet werden kann, das Ruby-Code parsen muss + - Nennenswerte Methoden in der Prism-API sind: + - `Prism.parse(source)`, das den AST als Teil eines Parseergebnisobjekts zurückgibt + - `Prism.parse_comments(source)`, das die Kommentare zurückgibt + - `Prism.parse_success?(source)`, das true zurückgibt, wenn keine Fehler vorliegen +- Sie können Pull-Requests oder Issues direkt im [Prism-Repository](https://github.com/ruby/prism) erstellen, wenn Sie an der Mitarbeit interessiert sind +- Sie können jetzt `ruby --parser=prism` oder `RUBYOPT="--parser=prism"` verwenden, um mit dem Prism-Compiler zu experimentieren. Bitte beachten Sie, dass dieser Flag nur für das Debugging gedacht ist. + +## Verwendung von Lrama anstelle von Bison + +- Ersetzen von Bison durch [Lrama LALR-Parsergenerator](https://github.com/ruby/lrama) [[Feature #19637]](https://bugs.ruby-lang.org/issues/19637) + - Wenn Sie interessiert sind, sehen Sie sich bitte [Die Zukunftsvision des Ruby-Parsers](https://rubykaigi.org/2023/presentations/spikeolaf.html) an + - Der interne Lrama-Parser wird durch einen LR-Parser von Racc ersetzt, um die Wartbarkeit sicherzustellen + - Parameterisierende Regeln `(?, *, +)` werden unterstützt, sie werden im Ruby parse.y verwendet + +## YJIT + +- Große Leistungsverbesserungen gegenüber Ruby 3.2 + - Die Unterstützung für Splat- und Rest-Argumente wurde verbessert. + - Register werden für Stack-Operationen der virtuellen Maschine zugewiesen. + - Mehr Aufrufe mit optionalen Argumenten werden kompiliert. Ausnahmebehandler werden ebenfalls kompiliert. + - Nicht unterstützte Aufruftypen und megamorphe Aufrufstellen werden nicht mehr an den Interpreter übergeben. + - Grundlegende Methoden wie Rails `#blank?` und + [spezialisiertes `#present?`](https://github.com/rails/rails/pull/49909) werden eingebettet (inlined). + - `Integer#*`, `Integer#!=`, `String#!=`, `String#getbyte`, + `Kernel#block_given?`, `Kernel#is_a?`, `Kernel#instance_of?` und `Module#===` + sind speziell optimiert. + - Die Kompilierungsgeschwindigkeit ist jetzt etwas schneller als bei Ruby 3.2. + - Jetzt mehr als 3x schneller als der Interpreter auf Optcarrot! +- Deutlich verbesserte Speichernutzung gegenüber Ruby 3.2 + - Metadaten für kompilierten Code verwenden viel weniger Speicher. + - `--yjit-call-threshold` wird automatisch von 30 auf 120 erhöht + wenn die Anwendung mehr als 40.000 ISEQs hat. + - `--yjit-cold-threshold` wird hinzugefügt, um das Kompilieren von kalten ISEQs zu überspringen. + - Kompakterer Code wird auf Arm64 generiert. +- Code GC ist jetzt standardmäßig deaktiviert + - `--yjit-exec-mem-size` wird als hartes Limit behandelt, bei der die Kompilierung neuer Codes stoppt. + - Keine plötzlichen Leistungseinbrüche aufgrund von Code GC. + Besseres Copy-on-Write-Verhalten auf Servern mit Reforking mit + [Pitchfork](https://github.com/shopify/pitchfork). + - Sie können Code GC weiterhin mit `--yjit-code-gc` aktivieren, falls gewünscht +- Hinzufügen von `RubyVM::YJIT.enable`, das YJIT zur Laufzeit aktivieren kann + - Sie können YJIT starten, ohne Kommandozeilenargumente oder Umgebungsvariablen zu ändern. + Rails 7.2 wird [YJIT standardmäßig aktivieren](https://github.com/rails/rails/pull/49947) + mit dieser Methode. + - Dies kann auch verwendet werden, um YJIT nur zu aktivieren, sobald Ihre Anwendung + hochgefahren ist. `--yjit-disable` kann verwendet werden, wenn Sie andere + YJIT-Optionen verwenden möchten, während YJIT beim Booten deaktiviert ist. +- Mehr YJIT-Statistiken sind standardmäßig verfügbar + - `yjit_alloc_size` und mehrere weitere metadatenbezogene Statistiken sind jetzt standardmäßig verfügbar. + - Die von `--yjit-stats` produzierte `ratio_in_yjit`-Statistik ist jetzt in Release-Builds verfügbar, + ein spezieller Statistik- oder Dev-Build ist nicht mehr erforderlich, um die meisten Statistiken abzurufen. +- Hinzufügen weiterer Profiling-Fähigkeiten + - `--yjit-perf` wird hinzugefügt, um das Profiling mit Linux perf zu erleichtern. + - `--yjit-trace-exits` unterstützt jetzt das Sampling mit `--yjit-trace-exits-sample-rate=N` +- Gründlicheres Testing und mehrere Bugfixes + +## RJIT + +- Einführung eines reinen Ruby JIT-Compilers RJIT und Ersatz von MJIT. + - RJIT unterstützt nur die x86-64-Architektur auf Unix-Plattformen. + - Im Gegensatz zu MJIT wird zur Laufzeit kein C-Compiler benötigt. +- RJIT existiert nur zu experimentellen Zwecken. + - Sie sollten in der Produktion weiterhin YJIT verwenden. +- Wenn Sie an der Entwicklung von JIT für Ruby interessiert sind, schauen Sie sich bitte [k0kubuns Präsentation am Tag 3 von RubyKaigi](https://rubykaigi.org/2023/presentations/k0kubun.html#day3) an. + +## M:N-Thread-Scheduler + +- M:N-Thread-Scheduler wurde eingeführt. [[Feature #19842]](https://bugs.ruby-lang.org/issues/19842) + - M Ruby-Threads werden von N nativen Threads (OS-Threads) verwaltet, sodass die Thread-Erstellungs- und Verwaltungskosten reduziert werden. + - Es kann die Kompatibilität mit C-Erweiterungen brechen, sodass der M:N-Thread-Scheduler standardmäßig auf dem Haupt-Ractor deaktiviert ist. + - Die Umgebungsvariable `RUBY_MN_THREADS=1` aktiviert M:N-Threads auf dem Haupt-Ractor. + - M:N-Threads sind immer auf Nicht-Haupt-Ractors aktiviert. + - Die Umgebungsvariable `RUBY_MAX_CPU=n` legt die maximale Anzahl von `N` (maximale Anzahl nativer Threads) fest. Der Standardwert ist 8. + - Da nur ein Ruby-Thread pro Ractor gleichzeitig ausgeführt werden kann, wird die Anzahl der verwendeten nativen Threads verwendet, die kleiner ist als die in `RUBY_MAX_CPU` angegebene Anzahl und die Anzahl der laufenden Ractors. Einzelne Ractor-Anwendungen (die meisten Anwendungen) verwenden daher nur 1 nativen Thread. + - Zur Unterstützung von blockierenden Operationen können mehr als `N` native Threads verwendet werden. + +## Leistungsverbesserungen + +- `defined?(@ivar)` ist mit Object Shapes optimiert. +- Namensauflösungen wie `Socket.getaddrinfo` können jetzt unterbrochen werden (in Umgebungen, in denen pthreads verfügbar sind). [[Feature #19965]](https://bugs.ruby-lang.org/issues/19965) +- Mehrere Leistungsverbesserungen beim Garbage Collector + - Junge Objekte, die von alten Objekten referenziert werden, werden nicht mehr sofort + in die alte Generation befördert. Dies reduziert die Häufigkeit von + großen GC-Sammlungen erheblich. [[Feature #19678]](https://bugs.ruby-lang.org/issues/19678) + - Eine neue Tuning-Variable `REMEMBERED_WB_UNPROTECTED_OBJECTS_LIMIT_RATIO` wurde + eingeführt, um die Anzahl der ungeschützten Objekte zu steuern, die eine große GC- + Sammlung auslösen. Der Standardwert ist auf `0.01` (1%) festgelegt. Dies reduziert die Häufigkeit von großen GC-Sammlungen erheblich. [[Feature #19571]](https://bugs.ruby-lang.org/issues/19571) + - Write Barriers wurden für viele Kerntypen implementiert, die sie bisher vermisst haben, + insbesondere `Time`, `Enumerator`, `MatchData`, `Method`, `File::Stat`, `BigDecimal` + und mehrere andere. Dies reduziert die Zeit für kleine GC-Sammlungen und die Häufigkeit großer GC-Sammlungen erheblich. + - Die meisten Kerntypen verwenden jetzt Variable Width Allocation, insbesondere `Hash`, `Time`, + `Thread::Backtrace`, `Thread::Backtrace::Location`, `File::Stat`, `Method`. + Dadurch sind diese Klassen schneller zugeteilt und freigegeben, verwenden weniger Speicher und reduzieren + die Heapfragmentierung. + - Unterstützung für schwache Referenzen wurde dem Garbage Collector hinzugefügt. [[Feature #19783]](https://bugs.ruby-lang.org/issues/19783) + +## Weitere bemerkenswerte Änderungen seit 3.2 + +### IRB + +IRB hat mehrere Verbesserungen erhalten, einschließlich, aber nicht beschränkt auf: + +- Fortgeschrittene `irb:rdbg`-Integration, die ein äquivalentes Debugging-Erlebnis zu `pry-byebug` bietet ([Dokumentation](https://github.com/ruby/irb#debugging-with-irb)). +- Pager-Unterstützung für die Befehle `ls`, `show_source` und `show_cmds`. +- Genauere und hilfreichere Informationen, die von den Befehlen `ls` und `show_source` bereitgestellt werden. +- Experimentelle Autovervollständigung mit Typenanalyse ([Dokumentation](https://github.com/ruby/irb#type-based-completion)). +- Es ist jetzt möglich, die Schriftfarbe und den Schriftstil im Vervollständigungsdialog durch eine neu eingeführte Klasse Reline::Face zu ändern ([Dokumentation](https://github.com/ruby/ruby/blob/master/doc/reline/face.md)) + +Zusätzlich dazu hat IRB umfangreiche Refactorings durchlaufen und Dutzende von Bugfixes erhalten, um zukünftige Verbesserungen zu erleichtern. + +Für detailliertere Updates lesen Sie bitte [Die große Weiterentwicklung von Ruby 3.3's IRB enthüllt](https://railsatscale.com/2023-12-19-irb-for-ruby-3-3/). + +## Kompatibilitätsprobleme + +Hinweis: Ausschließlich Bugfixes von Features. + +- `it`-Aufrufe ohne Argumente in einem Block ohne gewöhnliche Parameter sind + veraltet (deprecated). `it` wird in Ruby 3.4 eine Referenz auf den ersten Blockparameter sein. + [[Feature #18980]](https://bugs.ruby-lang.org/issues/18980) + +### Entfernte Umgebungsvariablen + +Die folgenden veralteten Methoden werden entfernt. + +- Umgebungsvariable `RUBY_GC_HEAP_INIT_SLOTS` wurde veraltet (deprecated) und ist eine No-Op. Bitte verwenden Sie stattdessen die Umgebungsvariablen `RUBY_GC_HEAP_{0,1,2,3,4}_INIT_SLOTS`. [[Feature #19785]](https://bugs.ruby-lang.org/issues/19785) + +## Stdlib-Kompatibilitätsprobleme + +### `ext/readline` wird eingestellt + +- Wir haben `reline`, das eine reine Ruby-Implementierung kompatibel mit der `ext/readline` API ist. In Zukunft setzen wir auf `reline`. Wenn Sie `ext/readline` verwenden müssen, können Sie `ext/readline` über rubygems.org mit `gem install readline-ext` installieren. +- Wir müssen keine Bibliotheken wie `libreadline` oder `libedit` mehr installieren. + +## Aktualisierungen der Standardbibliothek + +RubyGems und Bundler warnen, wenn Benutzer die folgenden Gems mit `require` laden ohne sie zum Gemfile oder gemspec hinzuzufügen. Dies liegt daran, dass sie in einer zukünftigen Version von Ruby zu mitinstallierten Gems werden. + +Diese Warnung wird unterdrückt, wenn Sie das Bootsnap-Gem verwenden. Wir empfehlen, Ihre Anwendung mindestens einmal mit der Umgebungsvariable `DISABLE_BOOTSNAP=1` auszuführen. Dies ist eine Einschränkung dieser Version. + +Zielbibliotheken sind: + +- abbrev +- base64 +- bigdecimal +- csv +- drb +- getoptlong +- mutex_m +- nkf +- observer +- racc +- resolv-replace +- rinda +- syslog + +Das folgende Standard-Gem wird hinzugefügt. + +- prism 0.19.0 + +Die folgenden Standard-Gems werden aktualisiert. + +- RubyGems 3.5.3 +- abbrev 0.1.2 +- base64 0.2.0 +- benchmark 0.3.0 +- bigdecimal 3.1.5 +- bundler 2.5.3 +- cgi 0.4.1 +- csv 3.2.8 +- date 3.3.4 +- delegate 0.3.1 +- drb 2.2.0 +- english 0.8.0 +- erb 4.0.3 +- error_highlight 0.6.0 +- etc 1.4.3 +- fcntl 1.1.0 +- fiddle 1.1.2 +- fileutils 1.7.2 +- find 0.2.0 +- getoptlong 0.2.1 +- io-console 0.7.1 +- io-nonblock 0.3.0 +- io-wait 0.3.1 +- ipaddr 1.2.6 +- irb 1.11.0 +- json 2.7.1 +- logger 1.6.0 +- mutex_m 0.2.0 +- net-http 0.4.0 +- net-protocol 0.2.2 +- nkf 0.1.3 +- observer 0.1.2 +- open-uri 0.4.1 +- open3 0.2.1 +- openssl 3.2.0 +- optparse 0.4.0 +- ostruct 0.6.0 +- pathname 0.3.0 +- pp 0.5.0 +- prettyprint 0.2.0 +- pstore 0.1.3 +- psych 5.1.2 +- rdoc 6.6.2 +- readline 0.0.4 +- reline 0.4.1 +- resolv 0.3.0 +- rinda 0.2.0 +- securerandom 0.3.1 +- set 1.1.0 +- shellwords 0.2.0 +- singleton 0.2.0 +- stringio 3.1.0 +- strscan 3.0.7 +- syntax_suggest 2.0.0 +- syslog 0.1.2 +- tempfile 0.2.1 +- time 0.3.0 +- timeout 0.4.1 +- tmpdir 0.2.0 +- tsort 0.2.0 +- un 0.3.0 +- uri 0.13.0 +- weakref 0.1.3 +- win32ole 1.8.10 +- yaml 0.3.0 +- zlib 3.1.0 + +Das folgende mitinstallierten Gem wird von Standard-Gems gefördert. + +- racc 1.7.3 + +Die folgenden mitinstallierten Gems werden aktualisiert. + +- minitest 5.20.0 +- rake 13.1.0 +- test-unit 3.6.1 +- rexml 3.2.6 +- rss 0.3.0 +- net-ftp 0.3.3 +- net-imap 0.4.9 +- net-smtp 0.4.0 +- rbs 3.4.0 +- typeprof 0.21.9 +- debug 1.9.1 + +Weitere Informationen finden Sie in den GitHub-Releases wie [Logger](https://github.com/ruby/logger/releases) oder +Änderungsprotokoll für Details zu den Standard-Gems oder mitinstallierten Gems. + +Siehe [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +oder [Commit-Protokolle](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }}) +für weitere Details. + +Mit diesen Änderungen haben sich [{{ release.stats.files_changed }} Dateien geändert, {{ release.stats.insertions }} Einfügungen(+), {{ release.stats.deletions }} Löschungen(-)](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }}#file_bucket) +seit Ruby 3.2.0! + +Frohe Weihnachten, schöne Feiertage und viel Spaß beim Programmieren mit Ruby 3.3! + +## Download + +- <{{ release.url.gz }}> + + GRÖSSE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +- <{{ release.url.xz }}> + + GRÖSSE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +- <{{ release.url.zip }}> + + GRÖSSE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Was ist Ruby + +Ruby wurde erstmals 1993 von Matz (Yukihiro Matsumoto) entwickelt +und wird jetzt als Open Source entwickelt. Es läuft auf mehreren Plattformen +und wird weltweit vor allem für die Webentwicklung verwendet. diff --git a/de/news/_posts/2024-12-25-ruby-3-4-0-released.md b/de/news/_posts/2024-12-25-ruby-3-4-0-released.md new file mode 100644 index 0000000000..a30d6c7e7d --- /dev/null +++ b/de/news/_posts/2024-12-25-ruby-3-4-0-released.md @@ -0,0 +1,319 @@ +--- +layout: news_post +title: "Ruby 3.4.0 veröffentlicht" +author: "naruse" +translator: "Thomas Ritter" +date: 2024-12-25 00:00:00 +0000 +lang: de +--- + +{% assign release = site.data.releases | where: "version", "3.4.0" | first %} +Wir freuen uns, die Veröffentlichung von Ruby {{ release.version }} bekannt zu geben. Ruby 3.4 führt den `it`-Blockparameter ein, ändert Prism zum Standardparser, bietet Happy Eyeballs Version 2-Unterstützung in der Socket-Bibliothek, verbessert YJIT, integriert Modular GC und mehr. + +## `it` wird eingeführt + +`it` wurde hinzugefügt, um auf einen Blockparameter ohne Variablennamen zu verweisen. [[Feature #18980]] + +```ruby +ary = ["foo", "bar", "baz"] + +p ary.map { it.upcase } #=> ["FOO", "BAR", "BAZ"] +``` + +`it` verhält sich weitgehend wie `_1`. Wenn die Absicht besteht, nur `_1` in einem Block zu verwenden, sind andere nummerierte Parameter wie `_2` eine zusätzliche kognitive Belastung für Leser. Daher wurde `it` als praktische Alternative eingeführt. Verwenden Sie `it` in einfachen Fällen, in denen es sich von selbst erklärt, z. B. in Einzeilern. + +## Prism ist jetzt der Standardparser + +Der Standardparser wurde von parse.y auf Prism umgestellt. [[Feature #20564]] + +Dies ist eine interne Verbesserung, und für den Benutzer sollte es kaum sichtbare Änderungen geben. Wenn Sie Kompatibilitätsprobleme bemerken, melden Sie diese bitte. + +Um den konventionellen Parser zu verwenden, nutzen Sie das Kommandozeilenargument `--parser=parse.y`. + +## Die Socket-Bibliothek unterstützt jetzt Happy Eyeballs Version 2 (RFC 8305) + +Die Socket-Bibliothek unterstützt jetzt [Happy Eyeballs Version 2 (RFC 8305)](https://datatracker.ietf.org/doc/html/rfc8305), die neueste standardisierte Version eines weit verbreiteten Ansatzes für bessere Konnektivität in vielen Programmiersprachen, in `TCPSocket.new` (`TCPSocket.open`) und `Socket.tcp`. + +Diese Verbesserung ermöglicht Ruby, effiziente und zuverlässige Netzwerkverbindungen anzubieten, die an moderne Internetumgebungen angepasst sind. + +Bis Ruby 3.3 wurden Namensauflösung und Verbindungsversuche seriell durchgeführt. Mit diesem Algorithmus funktionieren sie nun wie folgt: + +1. Gleichzeitige Ausführung von IPv6- und IPv4-Namensauflösung +2. Verbindungsversuche mit den aufgelösten IP-Adressen, wobei IPv6 priorisiert wird, mit parallelen Versuchen im Abstand von 250ms +3. Rückgabe der ersten erfolgreichen Verbindung, während alle anderen abgebrochen werden + +Dies minimiert Verbindungsverzögerungen, selbst wenn ein bestimmtes Protokoll oder eine bestimmte IP-Adresse verzögert oder nicht verfügbar ist. + +Diese Funktion ist standardmäßig aktiviert, sodass keine zusätzliche Konfiguration erforderlich ist. Um sie global zu deaktivieren, setzen Sie die Umgebungsvariable `RUBY_TCP_NO_FAST_FALLBACK=1` oder rufen Sie `Socket.tcp_fast_fallback=false` auf. Um sie auf Methodenebene zu deaktivieren, verwenden Sie das Schlüsselwortargument `fast_fallback: false`. + +## YJIT + +### TL;DR + +- Bessere Leistung bei den meisten Benchmarks auf den Plattformen x86-64 und arm64. +- Reduzierter Speicherverbrauch durch komprimierte Metadaten und ein einheitliches Speicherlimit. +- Verschiedene Fehlerbehebungen: YJIT ist jetzt robuster und gründlicher getestet. + +### Neue Funktionen + +- Kommandozeilenoptionen + - `--yjit-mem-size` führt ein einheitliches Speicherlimit ein (Standard 128 MiB), um die gesamte YJIT-Speichernutzung zu verfolgen, und bietet eine intuitivere Alternative zur alten Option `--yjit-exec-mem-size`. + - `--yjit-log` aktiviert ein Kompilierungsprotokoll, um nachzuverfolgen, was kompiliert wird. +- Ruby-API + - `RubyVM::YJIT.log` bietet Zugriff auf das Ende des Kompilierungsprotokolls zur Laufzeit. +- YJIT-Statistiken + - `RubyVM::YJIT.runtime_stats` liefert jetzt immer zusätzliche Statistiken zu Invalidierung, Inline-Verarbeitung und Metadaten-Codierung. + +### Neue Optimierungen + +- Komprimierter Kontext reduziert den Speicherbedarf für die Speicherung von YJIT-Metadaten +- Register für lokale Variablen und Ruby-Methodenargumente zuweisen +- Wenn YJIT aktiviert ist, werden mehr in Ruby geschriebene Kernprimitive verwendet: + - `Array#each`, `Array#select`, `Array#map` wurden in Ruby neu geschrieben, um die Leistung zu verbessern [[Feature #20182]]. +- Möglichkeit, kleine/triviale Methoden zu inlinen, wie z. B.: + - Leere Methoden + - Methoden, die eine Konstante zurückgeben + - Methoden, die `self` zurückgeben + - Methoden, die direkt ein Argument zurückgeben +- Spezialisiertes Codegen für viele weitere Laufzeitmethoden +- Optimierung von `String#getbyte`, `String#setbyte` und anderen String-Methoden +- Optimierung von bitweisen Operationen zur Beschleunigung der Low-Level-Bit/Byte-Manipulation +- Unterstützung von teilbaren Konstanten im Multi-Ractor-Modus +- Verschiedene andere inkrementelle Optimierungen + +## Modularer GC + +- Alternative Implementierungen für den Garbage Collector (GC) können durch die modulare Garbage-Collector-Funktion dynamisch geladen werden. Um diese Funktion zu aktivieren, konfigurieren Sie Ruby zur Build-Zeit mit `--with-modular-gc`. GC-Bibliotheken können zur Laufzeit mithilfe der Umgebungsvariable `RUBY_GC_LIBRARY` geladen werden. [[Feature #20351]] + +- Der eingebaute Garbage Collector von Ruby wurde in eine separate Datei unter `gc/default/default.c` ausgelagert und interagiert über eine in `gc/gc_impl.h` definierte API mit Ruby. Der eingebaute Garbage Collector kann jetzt auch als Bibliothek gebaut werden, indem `make modular-gc MODULAR_GC=default` verwendet wird, und kann mit der Umgebungsvariable `RUBY_GC_LIBRARY=default` aktiviert werden. [[Feature #20470]] + +- Eine experimentelle GC-Bibliothek basierend auf [MMTk](https://www.mmtk.io/) wird bereitgestellt. Diese GC-Bibliothek kann mit `make modular-gc MODULAR_GC=mmtk` gebaut und mit der Umgebungsvariable `RUBY_GC_LIBRARY=mmtk` aktiviert werden. Dies erfordert die Rust-Toolchain auf der Build-Maschine. [[Feature #20860]] + +## Sprachänderungen + +- String-Literale in Dateien ohne einen `frozen_string_literal`-Kommentar geben jetzt eine Deprecation-Warnung aus, wenn sie mutiert werden. Diese Warnungen können mit `-W:deprecated` oder durch Setzen von `Warning[:deprecated] = true` aktiviert werden. Um diese Änderung zu deaktivieren, können Sie Ruby mit dem Kommandozeilenargument `--disable-frozen-string-literal` ausführen. [[Feature #20205]] + +- Keyword-Splatting von `nil` beim Aufrufen von Methoden wird jetzt unterstützt. `**nil` wird ähnlich wie `**{}` behandelt, übergibt keine Schlüsselwörter und ruft keine Konvertierungsmethoden auf. [[Bug #20064]] + +- Die Blockübergabe ist im Index nicht mehr erlaubt. [[Bug #19918]] + +- Keyword-Argumente sind im Index nicht mehr erlaubt. [[Bug #20218]] + +- Der Toplevel-Name `::Ruby` ist jetzt reserviert, und die Definition wird verwarnt, wenn `Warning[:deprecated]` aktiviert ist. [[Feature #20884]] + +## Updates für Kernklassen + +Hinweis: Es werden nur bemerkenswerte Updates der Kernklassen aufgeführt. + +- Exception + + - `Exception#set_backtrace` akzeptiert jetzt ein Array von `Thread::Backtrace::Location`. + Auch `Kernel#raise`, `Thread#raise` und `Fiber#raise` akzeptieren dieses neue Format. [[Feature #13557]] + +- GC + + - `GC.config` hinzugefügt, um Konfigurationsvariablen für den Garbage Collector zu setzen. [[Feature #20443]] + + - Der GC-Konfigurationsparameter `rgengc_allow_full_mark` wird eingeführt. Wenn `false`, markiert GC nur junge Objekte. Standardwert ist `true`. [[Feature #20443]] + +- Ractor + + - `require` in einem Ractor ist erlaubt. Der Ladeprozess wird im Haupt-Ractor ausgeführt. + `Ractor._require(feature)` wurde hinzugefügt, um den Ladeprozess im Haupt-Ractor auszuführen. [[Feature #20627]] + + - `Ractor.main?` wurde hinzugefügt. [[Feature #20627]] + + - `Ractor.[]` und `Ractor.[]=` wurden hinzugefügt, um auf den ractor-lokalen Speicher des aktuellen Ractors zuzugreifen. [[Feature #20715]] + + - `Ractor.store_if_absent(key){ init }` wurde hinzugefügt, um ractor-lokale Variablen threadsicher zu initialisieren. [[Feature #20875]] + +- Range + + - `Range#size` löst jetzt einen `TypeError` aus, wenn der Bereich nicht iterierbar ist. [[Misc #18984]] + +## Updates der Standardbibliothek + +Hinweis: Es werden nur erwähnenswerte Updates der Standardbibliotheken aufgeführt. + +- RubyGems + + - Option `--attestation` zu `gem push` hinzugefügt. Sie ermöglicht das Speichern von Signaturen bei [sigstore.dev]. + +- Bundler + + - Eine `lockfile_checksums`-Konfiguration wurde hinzugefügt, um Prüfsummen in neue Lockfiles einzuschließen. + - `bundle lock --add-checksums` wurde hinzugefügt, um Prüfsummen zu einem bestehenden Lockfile hinzuzufügen. + +- JSON + + - Leistungsverbesserungen von `JSON.parse`, etwa 1,5-mal schneller als json in Version 2.7.x. + +- Tempfile + + - Das Schlüsselwortargument `anonymous: true` wurde für `Tempfile.create` implementiert. + `Tempfile.create(anonymous: true)` entfernt die erstellte temporäre Datei sofort. + Anwendungen müssen die Datei daher nicht mehr entfernen. [[Feature #20497]] + +- win32/sspi.rb + + - Diese Bibliothek wurde aus dem Ruby-Repository nach [ruby/net-http-sspi] extrahiert. [[Feature #20775]] + +## Kompatibilitätsprobleme + +Hinweis: Ausgenommen Fehlerbehebungen bei Funktionen. + +- Fehlermeldungen und Backtrace-Anzeigen wurden geändert. + + - Ein einfacher Anführungsstrich wird anstelle eines Backticks als öffnendes Anführungszeichen verwendet. [[Feature #16495]] + - Ein Klassenname wird vor einem Methodennamen angezeigt (nur wenn die Klasse einen permanenten Namen hat). [[Feature #19117]] + - Methoden von `Kernel#caller`, `Thread::Backtrace::Location` usw. wurden entsprechend geändert. + + ``` + Alt: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + Neu: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +- Die Darstellung von Hash#inspect wurde geändert. [[Bug #20433]] + + - Symbolschlüssel werden in der modernen Symbolschlüssel-Syntax angezeigt: `"{user: 1}"` + - Andere Schlüssel haben jetzt Leerzeichen um `=>`: `'{"user" => 1}'`, während vorher keine da waren: `'{"user"=>1}'` + +- Kernel#Float() akzeptiert jetzt Dezimalzeichenketten ohne Dezimalteil. [[Feature #20705]] + + ```rb + Float("1.") #=> 1.0 (zuvor wurde ein ArgumentError ausgelöst) + Float("1.E-1") #=> 0.1 (zuvor wurde ein ArgumentError ausgelöst) + ``` + +- String#to_f akzeptiert jetzt Dezimalzeichenketten ohne Dezimalteil. Beachten Sie, dass sich das Ergebnis ändert, wenn ein Exponent angegeben wird. [[Feature #20705]] + + ```rb + "1.".to_f #=> 1.0 + "1.E-1".to_f #=> 0.1 (zuvor wurde 1.0 zurückgegeben) + ``` + +- Refinement#refined_class wurde entfernt. [[Feature #19714]] + +## Kompatibilitätsprobleme in der Standardbibliothek + +- DidYouMean + + - `DidYouMean::SPELL_CHECKERS[]=` und `DidYouMean::SPELL_CHECKERS.merge!` wurden entfernt. + +- Net::HTTP + + - Die folgenden veralteten Konstanten wurden entfernt: + + - `Net::HTTP::ProxyMod` + - `Net::NetPrivate::HTTPRequest` + - `Net::HTTPInformationCode` + - `Net::HTTPSuccessCode` + - `Net::HTTPRedirectionCode` + - `Net::HTTPRetriableCode` + - `Net::HTTPClientErrorCode` + - `Net::HTTPFatalErrorCode` + - `Net::HTTPServerErrorCode` + - `Net::HTTPResponseReceiver` + - `Net::HTTPResponceReceiver` + + Diese Konstanten wurden seit 2012 als veraltet markiert. + +- Timeout + + - Negative Werte für Timeout.timeout werden abgelehnt. [[Bug #20795]] + +- URI + + - Standardparser wurde von RFC 2396-konform auf RFC 3986-konform umgestellt. + [[Bug #19266]] + +## C-API-Updates + +- `rb_newobj` und `rb_newobj_of` (sowie die entsprechenden Makros `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`) wurden entfernt. [[Feature #20265]] +- Die veraltete Funktion `rb_gc_force_recycle` wurde entfernt. [[Feature #18290]] + +## Sonstige Änderungen + +- Wenn ein Block an eine Methode übergeben wird, die den Block nicht nutzt, wird im verbosen Modus (`-w`) eine Warnung angezeigt. + [[Feature #15554]] + +- Die Neudefinition einiger Kernmethoden, die speziell durch den Interpreter + und JIT optimiert wurden, wie `String.freeze` oder `Integer#+`, gibt jetzt eine Performance-Warnung aus (`-W:performance` oder `Warning[:performance] = true`). + [[Feature #20429]] + +Siehe [NEWS](https://docs.ruby-lang.org/en/3.4/NEWS_md.html) +oder [Commit-Logs](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}) +für weitere Details. + +Mit diesen Änderungen wurden [{{ release.stats.files_changed }} Dateien geändert, {{ release.stats.insertions }} Einfügungen(+), {{ release.stats.deletions }} Löschungen(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket) +seit Ruby 3.3.0! + +Frohe Weihnachten, schöne Feiertage und viel Spaß beim Programmieren mit Ruby 3.4! + +## Herunterladen + +- <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +- <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +- <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Was ist Ruby + +Ruby wurde erstmals 1993 von Matz (Yukihiro Matsumoto) entwickelt +und wird jetzt als Open Source entwickelt. Es läuft auf mehreren Plattformen +und wird weltweit vor allem für die Webentwicklung verwendet. + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19266]: https://bugs.ruby-lang.org/issues/19266 +[Feature #19714]: https://bugs.ruby-lang.org/issues/19714 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20351]: https://bugs.ruby-lang.org/issues/20351 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20443]: https://bugs.ruby-lang.org/issues/20443 +[Feature #20470]: https://bugs.ruby-lang.org/issues/20470 +[Feature #20497]: https://bugs.ruby-lang.org/issues/20497 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Bug #20620]: https://bugs.ruby-lang.org/issues/20620 +[Feature #20627]: https://bugs.ruby-lang.org/issues/20627 +[Feature #20705]: https://bugs.ruby-lang.org/issues/20705 +[Feature #20715]: https://bugs.ruby-lang.org/issues/20715 +[Feature #20775]: https://bugs.ruby-lang.org/issues/20775 +[Bug #20795]: https://bugs.ruby-lang.org/issues/20795 +[Bug #20433]: https://bugs.ruby-lang.org/issues/20433 +[Feature #20860]: https://bugs.ruby-lang.org/issues/20860 +[Feature #20875]: https://bugs.ruby-lang.org/issues/20875 +[Feature #20884]: https://bugs.ruby-lang.org/issues/20884 +[sigstore.dev]: https://www.sigstore.dev +[ruby/net-http-sspi]: https://github.com/ruby/net-http-sspi diff --git a/de/news/_posts/2025-01-15-ruby-3-3-7-released.md b/de/news/_posts/2025-01-15-ruby-3-3-7-released.md new file mode 100644 index 0000000000..ce0b4c7854 --- /dev/null +++ b/de/news/_posts/2025-01-15-ruby-3-3-7-released.md @@ -0,0 +1,43 @@ +--- +layout: news_post +title: "Ruby 3.3.7 veröffentlicht" +author: k0kubun +translator: "Daniel Bovensiepen" +date: 2025-01-15 07:51:59 +0000 +lang: de +--- + +Ruby 3.3.7 wurde veröffentlicht. + +Dies ist ein Routine-Update, welches Fehlerbehebungen enthält. +Bitte beachten Sie die [Release Notes auf GitHub](https://github.com/ruby/ruby/releases/tag/v3_3_7) für weitere Details. + +## Herunterladen + +{% assign release = site.data.releases | where: "version", "3.3.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Veröffentlichungskommentar + +Viele Committer, Entwickler und Benutzer, die Fehlerberichte eingereicht haben, haben uns geholfen, diese Version zu erstellen. +Vielen Dank für Ihre Beiträge. diff --git a/de/news/_posts/2025-02-04-ruby-3-2-7-released.md b/de/news/_posts/2025-02-04-ruby-3-2-7-released.md new file mode 100644 index 0000000000..b6f8d07b6c --- /dev/null +++ b/de/news/_posts/2025-02-04-ruby-3-2-7-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 3.2.7 veröffentlicht" +author: nagachika +translator: "Daniel Bovensiepen" +date: 2025-02-04 12:00:00 +0000 +lang: de +--- + +Ruby 3.2.7 wurde veröffentlicht. + +Bitte beachten Sie die [Release Notes auf GitHub]((https://github.com/ruby/ruby/releases/tag/v3_2_7) für weitere Details. + +## Herunterladen + +{% assign release = site.data.releases | where: "version", "3.2.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Veröffentlichungskommentar + +Viele Committer, Entwickler und Benutzer, die Fehlerberichte eingereicht haben, haben uns geholfen, diese Version zu erstellen. +Vielen Dank für Ihre Beiträge. diff --git a/de/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md b/de/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md new file mode 100644 index 0000000000..7cfdad3f49 --- /dev/null +++ b/de/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md @@ -0,0 +1,33 @@ +--- +layout: news_post +title: "CVE-2025-25186: DoS Sicherheitslücke in net-imap" +author: "nevans" +translator: "Daniel Bovensiepen" +date: 2025-02-10 03:00:00 +0000 +tags: security +lang: de +--- + +Es besteht die Möglichkeit eines DoS Angriffes auf das net-imap Gem. Diese Sicherheitslücke wurde mit der CVE-Kennung [CVE-2025-25186](https://www.cve.org/CVERecord?id=CVE-2025-25186) versehen. Wir empfehlen, das net-imap Gem zu aktualisieren. + +## Details + +A malicious server can send highly compressed uid-set data which is automatically read by the client's receiver thread. The response parser uses Range#to_a to convert the uid-set data into arrays of integers, with no limitation on the expanded size of the ranges. + +## Details + +Ein bösartiger Server kann hochkomprimierte uid-set Daten versenden, welche automatisch vom Empfangsthread des Clients gelesen werden. Der Antwortparser verwendet Range#to_a, um die uid-set Daten in Listen von Ganzzahlen umzuwandeln, dabei gibt es keine Begrenzung der Größe der Range. + +Bitte aktualisieren Sie das net-imap-Gem auf Version 0.3.8, 0.4.19, 0.5.6 oder höher.. + +## Betroffene Versionen + +* net-imap gem Versionen 0.3.2 to 0.3.7, 0.4.0 to 0.4.18, und 0.5.0 bis 0.5.5 (inklusive). + +## Danksagung + +Danke an [manun](https://hackerone.com/manun) für das Entdecken dieses Problems. + +## Veröffentlichungsgeschichte + +* Ursprünglich veröffentlicht am 2025-02-10 03:00:00 (UTC) diff --git a/de/news/_posts/2025-02-14-ruby-3-4-2-released.md b/de/news/_posts/2025-02-14-ruby-3-4-2-released.md new file mode 100644 index 0000000000..569340e9f8 --- /dev/null +++ b/de/news/_posts/2025-02-14-ruby-3-4-2-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.4.2 veröffentlicht" +author: k0kubun +translator: "Daniel Bovensiepen" +date: 2025-02-14 21:55:17 +0000 +lang: de +--- + +Ruby 3.4.2 wurde veröffentlicht. + +Dies ist ein Routine-Update, welches Fehlerbehebungen enthält. Bitte beachten Sie die +[Release Notes auf GitHub](https://github.com/ruby/ruby/releases/tag/v3_4_2) für weitere Details. + +## Veröffentlichungsplan + +Wir beabsichtigen, eine neue stabile Ruby-Version (derzeit Ruby 3.4) alle 2 Monate zu veröffentlichen. +Ruby 3.4.3 wird im April veröffentlicht, 3.4.4 im Juni, 3.4.5 im August, 3.4.6 im Oktober und 3.4.7 im Dezember. + +Wenn es Änderungen gibt, die eine beträchtliche Anzahl von Menschen betreffen, können diese Versionen früher als erwartet veröffentlicht werden. + +## Herunterladen + +{% assign release = site.data.releases | where: "version", "3.4.2" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Veröffentlichungskommentar + +Viele Committer, Entwickler und Benutzer, die Fehlerberichte eingereicht haben, haben uns geholfen, diese Version zu erstellen. +Vielen Dank für Ihre Beiträge. diff --git a/en/about/website/index.md b/en/about/website/index.md index c265f38184..1b1057542e 100644 --- a/en/about/website/index.md +++ b/en/about/website/index.md @@ -34,13 +34,37 @@ to this website. Also many thanks to the organizations that support us: - * [Ruby Association][rubyassociation] (hosting) - * [Ruby no Kai][rubynokai] (build server) - * [AWS][aws] (hosting) - * [Heroku][heroku] (hosting) - * [Fastly][fastly] (CDN) - * [Hatena][hatena] ([mackerel][mackerel], server monitoring) +[Ruby Association][rubyassociation] (hosting) +Ruby Association + +[Ruby no Kai][rubynokai] (build server) + +Ruby no Kai + +[AWS][aws] (hosting) + +AWS + +[Heroku][heroku] (hosting) + +Heroku + +[Fastly][fastly] (CDN) + +Fastly + +[Hatena][hatena] ([Mackerel][mackerel], server monitoring) + +mackerel + +[Datadog][datadog] (server monitoring) + +Datadog + +[1Password][1password] (password manager) + +1password [logo]: /en/about/logo/ [webmaster]: mailto:webmaster@ruby-lang.org @@ -56,3 +80,5 @@ Also many thanks to the organizations that support us: [mackerel]: https://mackerel.io/ [rubynokai]: http://ruby-no-kai.org/ [aws]: https://aws.amazon.com/ +[datadog]: https://www.datadoghq.com/ +[1password]: https://1password.com/ diff --git a/en/community/conferences/index.md b/en/community/conferences/index.md index 7ed2abce1f..490e91b588 100644 --- a/en/community/conferences/index.md +++ b/en/community/conferences/index.md @@ -18,13 +18,8 @@ event dates, location, CFP (Call For Proposals) and Registration information. [RubyConf][1] : Every year since 2001, [Ruby Central, Inc.][2] has produced RubyConf, - the International Ruby conference. Attendance grew by a factor of ten - between 2001 and 2006. RubyConf has provided a forum for presentations - about Ruby technologies by their creators, including talks by - Nathaniel Talbot on Test Unit, Jim Weirich on Rake, David Heinemeier - Hansson on Ruby on Rails, Why the Lucky Stiff on the YAML library, and - Sasada Koichi on YARV. Matz has attended, and spoken at, all the - RubyConfs but one. + the International Ruby conference. RubyConf has provided a forum for presentations + about Ruby technologies by their creators [RubyKaigi][3] : The first Japanese Ruby conference, RubyKaigi 2006, took place in @@ -39,52 +34,11 @@ event dates, location, CFP (Call For Proposals) and Registration information. ### Regional Ruby Conferences -[Ruby Central][2] administers a [Regional Conference Grant Program][6], -to offset expenses for local and regional groups wanting to organize -events. - -Ruby Central had also teamed up with SVForum (previously known as SDForum) -to produce the Silicon Valley Ruby Conference, which took place in 2006 -and in 2007. - -[WindyCityRails][9] is an annual gathering for all who are passionate about -Ruby on Rails. The Chicago-based conference has served the Ruby -community since 2008. - -[Steel City Ruby][16]: Pittsburg, PA - -[GoRuCo][19]: New York City's annual Ruby conference. A one-day single-track conference. - -[DeccanRubyConf][20]: Pune's (India) annual Ruby conference, -themed around fun activities filled around the day. -It is a single-day single-track conference. - -[Southeast Ruby][21]: Nashville, TN workshop and conference. - -### Ruby At Other Conferences - -There has been a Ruby track at the [O’Reilly Open Source Conference][10] -(OSCON) since 2004, and an increasing presence on the part of Ruby and -Rubyists at other non-Ruby-specific gatherings. A number of conferences -have also been devoted to [Ruby on Rails][11], including Ruby Central’s -[RailsConf][12], RailsConf Europe (co-produced in 2006 by Ruby -Central and [Skills Matter][14], and in 2007 by Ruby Central and -O’Reilly), and Canada on Rails. - +An updated list of Regional Ruby Conferences is available at [RubyConferences.org][rc]. +You can also find the GitHub repository link there to add or update information yourself. [rc]: http://rubyconferences.org/ [1]: http://rubyconf.org/ -[2]: http://rubycentral.org [3]: http://rubykaigi.org/ [4]: http://euruko.org -[6]: https://rubycentral.org/grants -[9]: http://windycityrails.org -[10]: http://conferences.oreillynet.com/os2006/ -[11]: http://www.rubyonrails.org -[12]: http://www.railsconf.org -[14]: http://www.skillsmatter.com -[16]: http://steelcityruby.org/ -[19]: http://goruco.com/ -[20]: http://www.deccanrubyconf.org/ -[21]: https://southeastruby.com/ diff --git a/en/community/index.md b/en/community/index.md index 053df6f70b..d7119954c2 100644 --- a/en/community/index.md +++ b/en/community/index.md @@ -36,10 +36,8 @@ to start: : Now is a fantastic time to follow Ruby’s development. If you are interested in helping with Ruby, start here. -[Ruby Blogs](weblogs/) -: Very little happens in the Ruby community that is not talked about on - the blogs. We’ve got a nice list of suggestions for you here for - getting plugged in. +[Ruby Blogs and Newsletters](weblogs/) +: Most activities and updates in the Ruby community are discussed through blogs and newsletters. Here’s a curated list to help you stay connected and informed. [Ruby Conferences](conferences/) : Ruby programmers around the world are getting involved in more and @@ -47,20 +45,16 @@ to start: work-in-progress, discuss the future of Ruby, and welcome newcomers to the Ruby community. + Additionally, you can visit [rubyvideo.dev](https://www.rubyvideo.dev/) to find videos of Ruby conferences and talks. + [Podcasts](podcasts/) : If you prefer to listen to discussions about Ruby rather than read, you can tune into one of these awesome Ruby podcasts. These Rubyists use their podcasts to cover new releases, community news, and interview their fellow Ruby developers. -General Ruby Information -: * [Ruby Central][ruby-central] - * [Ruby at Open Directory Project][ruby-opendir] - * [Rails at Open Directory Project][rails-opendir] - - +[Ruby Central][ruby-central] +: Ruby Central is a non-profit organization dedicated to supporting the worldwide Ruby community. [ruby-central]: http://rubycentral.org/ [ruby-discord]: https://discord.gg/ad2acQFtkh -[ruby-opendir]: https://dmoztools.net/Computers/Programming/Languages/Ruby/ -[rails-opendir]: https://dmoztools.net/Computers/Programming/Languages/Ruby/Software/Frameworks/Rails/ diff --git a/en/community/mailing-lists/index.md b/en/community/mailing-lists/index.md index 8e9647067a..c5ad7a7dc4 100644 --- a/en/community/mailing-lists/index.md +++ b/en/community/mailing-lists/index.md @@ -31,7 +31,7 @@ The comp.lang.ruby Newsgroup ## Subscribe or Unsubscribe -See [https://ml.ruby-lang.org/mailman3/postorius/lists/](https://ml.ruby-lang.org/mailman3/postorius/lists/) +See [https://ml.ruby-lang.org/mailman3/lists/](https://ml.ruby-lang.org/mailman3/lists/) for more information about all mailing lists on ruby-lang.org, including the lists in Japanese language. @@ -39,7 +39,7 @@ including the lists in Japanese language. [guidelines]: ruby-talk-guidelines/ [clrFAQ]: http://rubyhacker.com/clrFAQ.html -[3]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-talk@ml.ruby-lang.org/ -[4]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-core@ml.ruby-lang.org -[5]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-doc@ml.ruby-lang.org/ +[3]: https://ml.ruby-lang.org/archives/list/ruby-talk@ml.ruby-lang.org/ +[4]: https://ml.ruby-lang.org/archives/list/ruby-core@ml.ruby-lang.org +[5]: https://ml.ruby-lang.org/archives/list/ruby-doc@ml.ruby-lang.org/ [rubytalk]: https://rubytalk.org/ diff --git a/en/community/podcasts/index.md b/en/community/podcasts/index.md index f33dabbf85..f8b3775f06 100644 --- a/en/community/podcasts/index.md +++ b/en/community/podcasts/index.md @@ -30,6 +30,6 @@ wisdom to share, get in touch with the creators of these shows. You can also start your own Ruby podcast and get added to this list! [rooftop_ruby]: https://www.rooftopruby.com -[remote_ruby]: https://remoteruby.transistor.fm/ +[remote_ruby]: https://www.remoteruby.com [rorpodcast]: https://www.therubyonrailspodcast.com [rogues]: https://rubyrogues.com diff --git a/en/community/user-groups/index.md b/en/community/user-groups/index.md index 329202a956..9dfd9762cd 100644 --- a/en/community/user-groups/index.md +++ b/en/community/user-groups/index.md @@ -8,7 +8,7 @@ In the programming community, user groups form support networks for people interested in certain topics. They are a great place to increase your skills and network with other programmers. User groups are informal and their structure varies from group to group. Anyone can form their -own group and set their own rules and schedule. +own group and set their own rules and schedule {: .summary} ### Ruby User Groups @@ -21,26 +21,28 @@ to giving people a chance to write Ruby code). Information about Ruby user groups can be found on various websites: -[Ruby Meetup Groups][meetup] -: A substantial number of Ruby User Groups have chosen to make Meetup +- [Ruby Meetup Groups on meetup.com][meetup]. A substantial number + of Ruby User Groups have chosen to make Meetup their home. Meetup provides a number of tools for user groups, including: private forums, a place for announcements, automated meeting reminders, and a nice RSVP system. - -[OnRuby][onruby] -: A number of user groups can also be found at OnRuby. OnRuby is an +- [rubyconferences.org/meetups][rc-meetups] now has a list of Ruby Meetup events + from around the world. +- There is a [Google Group][meetups-google-group] for Ruby Meetup Organizers +- [OnRuby][onruby] - A number of user groups can also be found at OnRuby. OnRuby is an open source platform written in Ruby that can be used to organize meetups. It is [available on GitHub][onruby-github]. ### Organizing Your Own Group If you are interested in forming your own group, be sure to find out if -there is already a Ruby user group in your area. Larger meetings are -usually much more fun, so starting your own group may not be the best -option if there is already one nearby. +there is already a Ruby user group in your area. Try the meetup organizers +group if you're looking for advice on how to start your own group. [meetup]: https://www.meetup.com/topics/ruby/ [onruby]: https://www.onruby.eu/ [onruby-github]: https://github.com/phoet/on_ruby +[rc-meetups]: https://rubyconferences.org/meetups/ +[meetups-google-group]: https://groups.google.com/g/ruby-meetups diff --git a/en/community/weblogs/index.md b/en/community/weblogs/index.md index 5048495b70..b38a7cb94c 100644 --- a/en/community/weblogs/index.md +++ b/en/community/weblogs/index.md @@ -1,14 +1,19 @@ --- layout: page -title: "Blogs" +title: "Blogs and Newsletters" lang: en --- -Ruby blogs have exploded over the past years and given sufficient -hunting, you can unearth hundreds of blogs sharing bits of Ruby code, -describing new techniques, or speculating on Ruby’s future. +Ruby blogs and newsletters have exploded over the past years and given +sufficient hunting, you can unearth hundreds of blogs sharing bits of +Ruby code, describing new techniques, or speculating on Ruby’s future. {: .summary} +### Newsletters + +* [**Ruby Weekly**][ruby-weekly]: A newsletter that curates the most interesting Ruby articles and news each week. +* [**Short Ruby Newsletter**][short-ruby-newsletter]: A weekly summary of the articles, discussions, and news from the Ruby community. + ### Mining for Ruby Blogs * [**RubyFlow**][rubyflow], “the Ruby and Rails community linklog”, @@ -22,16 +27,15 @@ describing new techniques, or speculating on Ruby’s future. A few notable blogs stand out for the frequency and immediacy of their updates. -* [**Ruby Weekly**][ruby-weekly]: Although more of a newsletter than a - blog, Ruby Weekly is a distillation of the most interesting Ruby - articles and news each week. * [**DEV Ruby Tag**][dev-ruby-tag] is the collection of all posts tagged Ruby within the DEV Community. DEV is a network of thousands of software developers who blog about and discuss code. -* [**Riding Rails**][riding-rails] is the official group blog of the +* [**Ruby on Rails Blog**][ruby-on-rails-blog] is the official group blog of the Ruby on Rails team. If you are running Rails, this blog is essential for notification of security updates and an overall view of the wide Rails community. +* [**Rails at Scale**][rails-at-scale] contains posts discussing much + of the recent work being done to advance both Ruby and Rails. ### Spreading the Word @@ -47,6 +51,8 @@ out there, be sure to share! [rubyland]: http://rubyland.news/ [ruby-weekly]: https://rubyweekly.com/ [dev-ruby-tag]: https://dev.to/t/ruby -[riding-rails]: http://weblog.rubyonrails.org/ +[ruby-on-rails-blog]: https://rubyonrails.org/blog/ [reddit]: http://www.reddit.com/r/ruby [hn]: http://news.ycombinator.com/ +[short-ruby-newsletter]: https://newsletter.shortruby.com/ +[rails-at-scale]: https://railsatscale.com/ diff --git a/en/documentation/faq/1/index.md b/en/documentation/faq/1/index.md index 1d03ad67e0..c536bef63c 100644 --- a/en/documentation/faq/1/index.md +++ b/en/documentation/faq/1/index.md @@ -205,7 +205,7 @@ There are several mailing lists talking about Ruby. See the page for more information. You can search the mailing list archives using -[https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-talk@ml.ruby-lang.org/](https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-talk@ml.ruby-lang.org/). +[https://ml.ruby-lang.org/archives/list/ruby-talk@ml.ruby-lang.org/](https://ml.ruby-lang.org/archives/list/ruby-talk@ml.ruby-lang.org/). (This is the URL for the ruby-talk list, munge as required for the others). ### How can I thread the mailing list in mutt? diff --git a/en/documentation/faq/2/index.md b/en/documentation/faq/2/index.md index c1efec2c51..04577bdc1f 100644 --- a/en/documentation/faq/2/index.md +++ b/en/documentation/faq/2/index.md @@ -56,7 +56,7 @@ argument automagically becomes a reference to the receiver. Ruby is a pure OO language that can masquerade as a procedural one. It has no functions, only method calls. In a Ruby method the receiver, also called `self`, is a hidden argument like `this` in C++. A `def` statement outside of -a class definition, which is a function in Python, is actually a method call +a class definition, which defines a function in Python, actually defines a method in Ruby. These ersatz functions become private methods of class Object, the root of the Ruby class hierarchy. Procedural programming is neatly solved from the other direction---everything is an object. If the user doesn't grok diff --git a/en/documentation/faq/3/index.md b/en/documentation/faq/3/index.md index 7d740be207..377778f896 100644 --- a/en/documentation/faq/3/index.md +++ b/en/documentation/faq/3/index.md @@ -189,7 +189,7 @@ Thanks to Anders Schneiderman for the basis of this description. {% include faq-out-of-date.html %} Is Tk installed correctly on your Windows box? Go to -[http://dev.scriptics.com/software/tcltk/](http://dev.scriptics.com/software/tcltk/) +[https://wiki.tcl-lang.org/page/Binary+Distributions](https://wiki.tcl-lang.org/page/Binary+Distributions#85b8647b1ec80c2fa1698c3c7e76204a944a95db2487347c51773f26b9dad6ae) to find a precompiled binary Tcl/Tk distribution for your box. Are the environment variables `TCL_LIBRARY` and `TK_LIBRARY` pointing to the diff --git a/en/documentation/index.md b/en/documentation/index.md index 1965f0706d..504958458c 100644 --- a/en/documentation/index.md +++ b/en/documentation/index.md @@ -12,76 +12,127 @@ Guides, tutorials, and reference material to help you learn more about Ruby Although you can easily [try Ruby in your browser][1], you can also read the [installation guide](installation/) for help on installing Ruby. -### Getting Started +### Official Ruby Documentation -[Official FAQ](/en/documentation/faq/) -: The official frequently asked questions. +[docs.ruby-lang.org/en][docs-rlo]: List of documentation for all Ruby versions released after 2.1. -[Ruby Koans][2] -: The Koans walk you along the path to enlightenment in order to learn - Ruby. The goal is to learn the Ruby language, syntax, structure, and - some common functions and libraries. We also teach you culture. +[docs.ruby-lang.org/en/3.4][docs-rlo-3.4]: Documentation for Ruby 3.4. -[Why’s (Poignant) Guide to Ruby][5] -: An unconventional but interesting book that will teach you Ruby - through stories, wit, and comics. Originally created by *why the lucky - stiff*, this guide remains a classic for Ruby learners. +[docs.ruby-lang.org/en/master][docs-rlo-master]: Documentation for Ruby's master branch. -[Ruby Essentials][7] -: A free on-line book designed to provide a concise - and easy to follow guide to learning Ruby. +[C Extension Guide][docs-rlo-extension]: In-depth guide for creating C extensions for Ruby. + +### Getting Started + +[Try Ruby][1] +: You can try Ruby right in your browser. [Learn to Program][8] : A wonderful little tutorial by Chris Pine for programming newbies. If you don’t know how to program, start here. -[Learn Ruby the Hard Way][38] -: A very good set of exercises with explanations that guide you from - the absolute basics of Ruby all the way to OOP and web development. +[Ruby in Twenty Minutes][rubyin20] +: A small Ruby tutorial that should take no more than 20 minutes to + complete. -### Manuals +[The Odin Project][odin] +: An open source full stack curriculum -[Programming Ruby][9] -: The seminal work on Ruby in English, this first edition of the - [Pragmatic Programmers’ book][10] is available for free online. +[excercism][exercism] +: 120 exercises with automatic analysis and personal mentoring. -[The Ruby Programming Wikibook][12] -: A free online manual with beginner and intermediate content plus a - thorough language reference. +[Codecademy][codecademy] +: Online code bootcamp with a variety of topics. + +### Manuals / Books + +#### Beginner + +[Programming Ruby 3.3][pickaxe] +: The seminal work on Ruby in English. Recently updated to Ruby 3.3. + +[The Well-Grounded Rubyist][grounded] +: A tutorial that begins with your first Ruby program and takes you all the way to sophisticated topics like reflection, threading, and recursion. + +#### Intermediate + +[Practical OOD in Ruby (POODR)][poodr] +: A programmer's tale about how to write object-oriented code. -### Reference Documentation +#### Expert -[Official API Documentation][docs-rlo-en] -: The official Ruby API documentation for different versions including - the currently unreleased (trunk) version. +[Metaprogramming][meta] +: Explains metaprogramming in a down-to-earth style. -[Ruby Core Reference][13] -: Pulled straight from the source code using [RDoc][14], this reference - work documents all of the core classes and modules (like String, - Array, Symbol, etc…). +[Ruby Under a Microscope (RUM)][microscope] +: An illustrated guide to Ruby internals. -[Ruby Standard Library Reference][15] -: Also pulled from the source code using RDoc, this reference work - documents the standard library. +### Community Documentation -[Ruby C API Reference][extensions] -: The official introduction to Ruby's C API. - Great if you want to write C extensions - or contribute to Ruby’s development. +These documentation sites are maintained by the Ruby community. [RubyDoc.info][16] : The one-stop web site for reference documentation about Ruby gems and GitHub-hosted Ruby projects. -[Ruby & Rails Searchable API Docs][17] -: Rails and Ruby documentation with smart searching. - -[APIdock][18] -: Ruby, Rails and RSpec documentation with users’ notes. - [RubyAPI.org][rubyapi-org] : Easily find and browse Ruby classes, modules, and methods. +[ruby-doc.org][39] +: Online API documentation + +[DevDocs.io][40] +: Online API documentation + +[Ruby QuickRef][42] +: The Ruby quick reference + +[rubyreferences][43] +: A full language reference + detailed language changelog. + +### Style Guides + +[rubystyle.guide][44] +: RuboCop's Ruby style guide + +[RuboCop][45] +: Automated enforcement of their style guide. + +[Shopify][46] +: Shopify's Ruby style guide + +[GitLab][47] +: Gitlab's Ruby style guide + +[Airbnb][48] +: Airbnb's Ruby style guide + +[w3resource][49] +: W3's Ruby style guide + +# Tools + +[IRB][50] +: The interactive Ruby Read-Eval-Print-Loop (REPL) + +[Pry][51] +: An alternative Ruby REPL + +[Rake][52] +: A make-like build utility for Ruby. + +[RI][53] +: (Ruby Information) is the Ruby command-line utility that gives fast and easy on-line access to Ruby documentation. + +[RBS][54] +: Type Signature for Ruby + +[TypeProf][55] +: An experimental type-level Ruby interpreter for testing and understanding Ruby code. + +[Steep][56] +: Static type checker for Ruby. + ### Editors and IDEs For coding in Ruby, you can use the default editor of your operating @@ -90,82 +141,106 @@ syntax-highlighting, file browsing) or an integrated development environment with advanced features (e.g. code completion, refactoring, testing support). -Here is a list of popular tools used by Rubyists: - -* Linux and cross-platform tools: - * [Aptana Studio][19] - * [Atom][atom] - * [Emacs][20] with [Ruby mode][21] and [Rsense][22] - * [Eric][eric] - * [Geany][23] - * [gedit][24] - * [Kate][kate] - * [KDevelop][kdevelop] - * [NetBeans][36] - * [RubyMine][27] - * [SciTe][28] - * [Sublime Text][37] - * [Vim][25] with [vim-ruby][26] plugin and [Rsense][22] +Here is a list of popular editors used by Rubyists, broken up by +learning curve: + +* Days + * [Sublime Text][37] (paid) * [Visual Studio Code][vscode] + * [Zed][zed] +* Months + * [RubyMine][27] (paid) +* "Years" (as in, you'll spend years still learning things about it) + * [Emacs][20] with [Ruby mode][21] or [Enhanced Ruby mode][enh-ruby-mode] + * [Vim][25] with [vim-ruby][26] plugin + * [NeoVim][neovim] + +All of these editors support the Language Server Protocol (LSP), +either by default or through their LSP plugins. Shopify's +[ruby-lsp][ruby-lsp] is one of the most popular language servers for +Ruby and [supports all of the above editors][ruby-lsp-supported-editors]. + +### Older Reading / Resources -* On Windows: - * [Notepad++][29] - * [E-TextEditor][30] - * [Ruby In Steel][31] +These links were more prominent but haven't been updated in ages. + +[Ruby Koans][2] +: The Koans walk you along the path to enlightenment in order to learn + Ruby. The goal is to learn the Ruby language, syntax, structure, and + some common functions and libraries. We also teach you culture. -* On macOS: - * [TextMate][32] - * [BBEdit][33] - * [Dash][39] (documentation browser) +[Ruby Essentials][7] +: A free on-line book designed to provide a concise + and easy to follow guide to learning Ruby. -### Further Reading +[Why’s (Poignant) Guide to Ruby][5] +: An unconventional but interesting book that will teach you Ruby + through stories, wit, and comics. Originally created by *why the lucky + stiff*, this guide remains a classic for Ruby learners. -[Ruby-doc.org][34] maintains a comprehensive list of English -documentation sources. -If you have questions about Ruby the -[mailing list](/en/community/mailing-lists/) is a great place to start. +[Learn Ruby the Hard Way][38] +: A very good set of exercises with explanations that guide you from + the absolute basics of Ruby all the way to OOP and web development. +[Programming Ruby][9] +: The seminal work on Ruby in English, this first edition of the + [Pragmatic Programmers’ book][10] is available for free online. +[The Ruby Programming Wikibook][12] +: A free online manual with beginner and intermediate content plus a + thorough language reference. [1]: https://try.ruby-lang.org/ [2]: https://rubykoans.com/ [5]: https://poignant.guide -[7]: http://www.techotopia.com/index.php/Ruby_Essentials -[8]: http://pine.fm/LearnToProgram/ -[9]: http://www.ruby-doc.org/docs/ProgrammingRuby/ -[10]: http://pragmaticprogrammer.com/titles/ruby/index.html -[12]: http://en.wikibooks.org/wiki/Ruby_programming_language -[13]: http://www.ruby-doc.org/core -[14]: https://ruby.github.io/rdoc/ -[15]: http://www.ruby-doc.org/stdlib -[extensions]: https://docs.ruby-lang.org/en/master/extension_rdoc.html -[16]: http://www.rubydoc.info/ -[17]: http://rubydocs.org/ -[18]: http://apidock.com/ -[rubyapi-org]: https://rubyapi.org/ -[19]: http://www.aptana.com/ -[20]: http://www.gnu.org/software/emacs/ -[21]: http://www.emacswiki.org/emacs/RubyMode -[22]: http://rsense.github.io/ -[23]: http://www.geany.org/ -[24]: http://projects.gnome.org/gedit/screenshots.html -[25]: http://www.vim.org/ +[7]: https://www.techotopia.com/index.php/Ruby_Essentials +[8]: https://pine.fm/LearnToProgram/ +[9]: https://www.ruby-doc.org/docs/ProgrammingRuby/ +[10]: https://pragprog.com/titles/ruby5/programming-ruby-3-3-5th-edition/ +[12]: https://en.wikibooks.org/wiki/Ruby_programming_language +[16]: https://www.rubydoc.info/ +[20]: https://www.gnu.org/software/emacs/ +[21]: https://www.emacswiki.org/emacs/RubyMode +[25]: https://www.vim.org/ [26]: https://github.com/vim-ruby/vim-ruby -[27]: http://www.jetbrains.com/ruby/ -[28]: http://www.scintilla.org/SciTE.html -[29]: http://notepad-plus-plus.org/ -[30]: http://www.e-texteditor.com/ -[31]: http://www.sapphiresteel.com/ -[32]: http://macromates.com/ -[33]: https://www.barebones.com/products/bbedit/ -[34]: http://ruby-doc.org -[36]: https://netbeans.org/ -[37]: http://www.sublimetext.com/ +[27]: https://www.jetbrains.com/ruby/ +[34]: https://ruby-doc.org/ +[37]: https://www.sublimetext.com/ [38]: https://learncodethehardway.org/ruby/ -[39]: http://kapeli.com/dash -[docs-rlo-en]: https://docs.ruby-lang.org/en/ -[atom]: https://atom.io/ -[vscode]: https://code.visualstudio.com/ -[eric]: https://eric-ide.python-projects.org/ -[kdevelop]: https://www.kdevelop.org/ -[kate]: https://kate-editor.org/ +[39]: https://www.ruby-doc.org/ +[40]: https://devdocs.io/ruby/ +[42]: https://www.zenspider.com/ruby/quickref.html +[43]: https://rubyreferences.github.io/ +[44]: https://rubystyle.guide/ +[45]: https://github.com/rubocop/ruby-style-guide +[46]: https://ruby-style-guide.shopify.dev/ +[47]: https://docs.gitlab.com/ee/development/backend/ruby_style_guide.html +[48]: https://github.com/airbnb/ruby +[49]: https://www.w3resource.com/ruby/ruby-style-guide.php +[50]: https://github.com/ruby/irb +[51]: https://github.com/pry/pry +[52]: https://github.com/ruby/rake +[53]: https://ruby.github.io/rdoc/RI_md.html +[54]: https://github.com/ruby/rbs +[55]: https://github.com/ruby/typeprof +[56]: https://github.com/soutaro/steep +[codecademy]: https://www.codecademy.com/learn/learn-ruby +[docs-rlo]: https://docs.ruby-lang.org/en +[docs-rlo-3.4]: https://docs.ruby-lang.org/en/3.4 +[docs-rlo-master]: https://docs.ruby-lang.org/en/master +[docs-rlo-extension]: https://docs.ruby-lang.org/en/master/extension_rdoc.html +[enh-ruby-mode]: https://github.com/zenspider/enhanced-ruby-mode/ +[exercism]: https://exercism.org/tracks/ruby +[grounded]: https://www.manning.com/books/the-well-grounded-rubyist-third-edition +[meta]: https://pragprog.com/titles/ppmetr2/metaprogramming-ruby-2/ +[microscope]: https://patshaughnessy.net/ruby-under-a-microscope +[neovim]: https://neovim.io/ +[odin]: https://www.theodinproject.com/paths/full-stack-ruby-on-rails/courses/ruby +[pickaxe]: https://pragprog.com/titles/ruby5/programming-ruby-3-3-5th-edition/ +[poodr]: https://www.poodr.com/ +[ruby-lsp]: https://github.com/Shopify/ruby-lsp +[ruby-lsp-supported-editors]: https://shopify.github.io/ruby-lsp/editors.html +[rubyapi-org]: https://rubyapi.org/ +[rubyin20]: https://www.ruby-lang.org/en/documentation/quickstart/ +[vscode]: https://code.visualstudio.com/docs/languages/ruby +[zed]: https://zed.dev/ diff --git a/en/documentation/installation/index.md b/en/documentation/installation/index.md index 50fbf76273..e4852a3e40 100644 --- a/en/documentation/installation/index.md +++ b/en/documentation/installation/index.md @@ -57,7 +57,9 @@ Here are available installation methods: * [Managers](#managers) * [asdf-vm](#asdf-vm) * [chruby](#chruby) + * [mise-en-place](#mise-en-place) * [rbenv](#rbenv) + * [rbenv for Windows](#rbenv-for-windows) * [RVM](#rvm) * [uru](#uru) * [Building from source](#building-from-source) @@ -229,7 +231,7 @@ to install Ruby: > winget install RubyInstallerTeam.Ruby.{MAJOR}.{MINOR} # Example > winget install RubyInstallerTeam.Ruby.3.2 -# To see all versions avaliable +# To see all versions available > winget search RubyInstallerTeam.Ruby # Note: if you are installing ruby for projects, you may want to install RubyWithDevKit > winget install RubyInstallerTeam.RubyWithDevKit.3.2 @@ -333,6 +335,14 @@ manage Rubies installed by [ruby-install](#ruby-install) or even built from source. +### mise-en-place +{: #mise-en-place} + +[mise-en-place][mise-en-place] allows you to switch between multiple Rubies without requiring additional tools. +It manages installations automatically and includes a [gem backend](https://mise.jdx.dev/dev-tools/backends/gem.html) to manage versions of CLIs written in Ruby. +It supports UNIX-like and Windows operating systems. + + ### rbenv {: #rbenv} @@ -360,6 +370,15 @@ Ruby on your system. It can also manage different gemsets. It is available for macOS, Linux, or other UNIX-like operating systems. +### RVM 4 Windows +{: #rvm-windows} + +[RVM 4 Windows][rvm-windows] allows you to install and manage multiple +installations of Ruby on Windows. It is a clone of the original RVM and +supports the classic command line as well as Powershell by providing +the same command line interface as the original RVM. + + ### uru {: #uru} @@ -390,8 +409,9 @@ though, because the installed Ruby won't be managed by any tools. [rvm]: http://rvm.io/ +[rvm-windows]: https://github.com/magynhard/rvm-windows#readme [rbenv]: https://github.com/rbenv/rbenv#readme -[rbenv-for-windows]: https://github.com/ccmywish/rbenv-for-windows#readme +[rbenv-for-windows]: https://github.com/RubyMetric/rbenv-for-windows#readme [ruby-build]: https://github.com/rbenv/ruby-build#readme [ruby-install]: https://github.com/postmodern/ruby-install#readme [chruby]: https://github.com/postmodern/chruby#readme @@ -410,4 +430,6 @@ though, because the installed Ruby won't be managed by any tools. [wsl]: https://docs.microsoft.com/en-us/windows/wsl/about [asdf-vm]: https://asdf-vm.com/ [asdf-ruby]: https://github.com/asdf-vm/asdf-ruby +[mise-en-place]: https://mise.jdx.dev +[mise-en-place-ruby]: https://mise.jdx.dev/lang/ruby.html [openbsd-current-ruby-ports]: https://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/lang/ruby/?only_with_tag=HEAD diff --git a/en/documentation/quickstart/3/index.md b/en/documentation/quickstart/3/index.md index 9cdd7a0396..0460376fcb 100644 --- a/en/documentation/quickstart/3/index.md +++ b/en/documentation/quickstart/3/index.md @@ -102,7 +102,7 @@ provides an easy way of providing access to an object’s variables. irb(main):044:0> class Greeter irb(main):045:1> attr_accessor :name irb(main):046:1> end -=> nil +=> [:name, :name=] {% endhighlight %} In Ruby, you can reopen a class and modify it. The changes will diff --git a/en/downloads/mirrors/index.md b/en/downloads/mirrors/index.md index 612b3e2f75..49c4504557 100644 --- a/en/downloads/mirrors/index.md +++ b/en/downloads/mirrors/index.md @@ -15,10 +15,7 @@ Please try to use a mirror that is near you. ### Mirror sites via HTTP * [CDN][mirror-https-cdn] (fastly.com) -* Japan (RingServer) - * [shibaura-it.ac.jp][mirror-http-jp-ring-shibaura-it] - * [u-toyama.ac.jp][mirror-http-jp-ring-u-toyama] - * [airnet.ne.jp][mirror-http-jp-ring-airnet] +* [Japan][mirror-http-jp-ring] (RingServer) * [Holland][mirror-http-nl] (XS4ALL) - only release packages * [France][mirror-http-fr] (cyberbits.eu) * [China 2][mirror-http-cn2] (Ruby China) @@ -26,10 +23,7 @@ Please try to use a mirror that is near you. ### Mirror sites via FTP -* Japan (RingServer) - * [shibaura-it.ac.jp][mirror-ftp-jp-ring-shibaura-it] - * [u-toyama.ac.jp][mirror-ftp-jp-ring-u-toyama] - * [airnet.ne.jp][mirror-ftp-jp-ring-airnet] +* [Japan][mirror-ftp-jp-ring] (RingServer) * [Japan 3][mirror-ftp-jp3] (IIJ) * [South Korea][mirror-ftp-kr] (Korea FreeBSD Users Group) * [Germany][mirror-ftp-de] (FU Berlin) @@ -41,17 +35,12 @@ Please try to use a mirror that is near you. * [South Korea][mirror-rsync-kr] (Korea FreeBSD Users Group) [mirror-https-cdn]: https://cache.ruby-lang.org/pub/ruby/ -[mirror-http-jp-ring-shibaura-it]: http://ring.shibaura-it.ac.jp/archives/lang/ruby/ -[mirror-http-jp-ring-u-toyama]: http://ring.u-toyama.ac.jp/archives/lang/ruby/ -[mirror-http-jp-ring-airnet]: http://ring.airnet.ne.jp/archives/lang/ruby/ +[mirror-http-jp-ring]: http://www.ring.gr.jp/pub/lang/ruby/ [mirror-http-nl]: http://www.xs4all.nl/~hipster/lib/mirror/ruby/ [mirror-http-fr]: https://mirror.cyberbits.eu/ruby/ [mirror-http-cn2]: https://cache.ruby-china.com/pub/ruby/ [mirror-http-kr]: http://ftp.kr.freebsd.org/pub/ruby/ -[mirror-ftp-jp-ring-shibaura-it]: ftp://ring.shibaura-it.ac.jp/pub/lang/ruby/ -[mirror-ftp-jp-ring-u-toyama]: ftp://ring.u-toyama.ac.jp/pub/lang/ruby/ -[mirror-ftp-jp-ring-airnet]: ftp://ring.airnet.ne.jp/pub/lang/ruby/ -[mirror-ftp-jp-ring-maffin]: ftp://ring.maffin.ad.jp/pub/lang/ruby/ +[mirror-ftp-jp-ring]: ftp://ftp.ring.gr.jp/pub/lang/ruby/ [mirror-ftp-jp3]: ftp://ftp.iij.ad.jp/pub/lang/ruby/ [mirror-ftp-kr]: ftp://ftp.kr.freebsd.org/pub/ruby/ [mirror-ftp-de]: ftp://ftp.fu-berlin.de/unix/languages/ruby/ diff --git a/en/news/_posts/2001-07-10-removed-language-comparison-page.md b/en/news/_posts/2001-07-10-removed-language-comparison-page.md index c4b16d05a8..4af069b665 100644 --- a/en/news/_posts/2001-07-10-removed-language-comparison-page.md +++ b/en/news/_posts/2001-07-10-removed-language-comparison-page.md @@ -5,7 +5,7 @@ author: "NaHi" lang: en --- -Matz desided to remove the page. +Matz decided to remove the page. diff --git a/en/news/_posts/2002-03-01-167-is-released.md b/en/news/_posts/2002-03-01-167-is-released.md index 022939daaa..0e88ff721f 100644 --- a/en/news/_posts/2002-03-01-167-is-released.md +++ b/en/news/_posts/2002-03-01-167-is-released.md @@ -9,4 +9,4 @@ The new stable version [1.6.7][1] is released. -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.6.7.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.6/ruby-1.6.7.tar.gz diff --git a/en/news/_posts/2002-12-24-ruby-1-6-8-and-1-8-0-preview-1.md b/en/news/_posts/2002-12-24-ruby-1-6-8-and-1-8-0-preview-1.md index c72e99a6d4..846ac5d091 100644 --- a/en/news/_posts/2002-12-24-ruby-1-6-8-and-1-8-0-preview-1.md +++ b/en/news/_posts/2002-12-24-ruby-1-6-8-and-1-8-0-preview-1.md @@ -8,7 +8,7 @@ lang: en I just put the 1.6.8 release package on the ftp. 1.6.8 should be the last release in the 1.6.x series. Check out -* [https://cache.ruby-lang.org/pub/ruby/ruby-1.6.8.tar.gz][1] +* [https://cache.ruby-lang.org/pub/ruby/1.6/ruby-1.6.8.tar.gz][1] I also put the first preview of 1.8.0 at @@ -19,6 +19,6 @@ Merry Christmas! -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.6.8.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.6/ruby-1.6.8.tar.gz [2]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.0-preview1.tar.gz [3]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.0-preview1-errata.diff diff --git a/en/news/_posts/2003-02-24-happy-birthday-ruby.md b/en/news/_posts/2003-02-24-happy-birthday-ruby.md index fb87fab6d3..5c9093ea30 100644 --- a/en/news/_posts/2003-02-24-happy-birthday-ruby.md +++ b/en/news/_posts/2003-02-24-happy-birthday-ruby.md @@ -11,7 +11,7 @@ lang: en > Today, February 24, 2003, is Ruby’s 10th birthday. Happy Birthday, > Ruby! And congratz to Matz! -dblack also annouces the new non-profit organization [Ruby Central, +dblack also announces the new non-profit organization [Ruby Central, Inc][1] and RubyConf 2003!. See [\[ruby-talk:65632\]][2]. diff --git a/en/news/_posts/2004-12-26-ruby-182-released.md b/en/news/_posts/2004-12-26-ruby-182-released.md index 9b81083456..175da8cfc6 100644 --- a/en/news/_posts/2004-12-26-ruby-182-released.md +++ b/en/news/_posts/2004-12-26-ruby-182-released.md @@ -11,7 +11,7 @@ Matz announced that ruby 1.8.2 was released This is mainly a bug fix release. You can download it at: -* [https://cache.ruby-lang.org/pub/ruby/ruby-1.8.2.tar.gz][1] +* [https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.2.tar.gz][1] md5sum is 8ffc79d96f336b80f2690a17601dea9b @@ -19,4 +19,4 @@ Merry Christmas! -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.2.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.2.tar.gz diff --git a/en/news/_posts/2005-09-21-ruby-183-released.md b/en/news/_posts/2005-09-21-ruby-183-released.md index 23158fd514..1efce87220 100644 --- a/en/news/_posts/2005-09-21-ruby-183-released.md +++ b/en/news/_posts/2005-09-21-ruby-183-released.md @@ -10,4 +10,4 @@ Ruby 1.8.3 has been released. The source is [here][1], and the md5sum is -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.3.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.3.tar.gz diff --git a/en/news/_posts/2005-12-24-ruby-184-released.md b/en/news/_posts/2005-12-24-ruby-184-released.md index 1f0de990fb..41be4548e5 100644 --- a/en/news/_posts/2005-12-24-ruby-184-released.md +++ b/en/news/_posts/2005-12-24-ruby-184-released.md @@ -6,9 +6,9 @@ lang: en --- Ruby 1.8.4 has been released. The source is -[https://cache.ruby-lang.org/pub/ruby/ruby-1.8.4.tar.gz][1], the md5sum is +[https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.4.tar.gz][1], the md5sum is bd8c2e593e1fa4b01fd98eaf016329bb, and filesize is 4,312,965 bytes. -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.4.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.4.tar.gz diff --git a/en/news/_posts/2006-08-29-ruby-1-8-5-released.md b/en/news/_posts/2006-08-29-ruby-1-8-5-released.md index 02f0f913db..0032176864 100644 --- a/en/news/_posts/2006-08-29-ruby-1-8-5-released.md +++ b/en/news/_posts/2006-08-29-ruby-1-8-5-released.md @@ -7,7 +7,7 @@ lang: en Ruby 1.8.5 has been released. -The source is [https://cache.ruby-lang.org/pub/ruby/ruby-1.8.5.tar.gz][1], +The source is [https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5.tar.gz][1], the md5sum is 3fbb02294a8ca33d4684055adba5ed6f, and filesize is 4,438,603 bytes. @@ -15,5 +15,5 @@ Mauricio Fernandez wrote [a summary of changes][2]. -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.5.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5.tar.gz [2]: http://eigenclass.org/hiki.rb?ruby+1.8.5+changelog diff --git a/en/news/_posts/2006-10-26-rubyconf-2006-recap.md b/en/news/_posts/2006-10-26-rubyconf-2006-recap.md index add9c02f6e..2806c96750 100644 --- a/en/news/_posts/2006-10-26-rubyconf-2006-recap.md +++ b/en/news/_posts/2006-10-26-rubyconf-2006-recap.md @@ -16,7 +16,7 @@ If there was a theme to this year’s conference, I would have to say it’s Ruby implementations. Two presentations focused on alternate Ruby implementations and a third challenged us to get our planned m17n additions to Ruby just right. Apple dropped in to show their plans for -Ruby integration in Mac OS X and the first Ruby Implementors Summit was +Ruby integration in Mac OS X and the first Ruby Implementers Summit was held. Koichi brought us up to speed on YARV, which plans are currently underway to merge into the core at long last. As a teaser, he even showed it running Rails. diff --git a/en/news/_posts/2007-03-01-cvs-services-will-be-permanently-unavailable.md b/en/news/_posts/2007-03-01-cvs-services-will-be-permanently-unavailable.md index 58adf6046d..7bf261a8b0 100644 --- a/en/news/_posts/2007-03-01-cvs-services-will-be-permanently-unavailable.md +++ b/en/news/_posts/2007-03-01-cvs-services-will-be-permanently-unavailable.md @@ -6,7 +6,7 @@ lang: en --- CVS services (including CVSup and CVSweb) will be permanently -unavailable on Fri Mar 16 03:00 UTC 2007. The source code repositry has +unavailable on Fri Mar 16 03:00 UTC 2007. The source code repository has been [moved to SVN](/en/news/2006/12/22/cvs-repository-moved-to-svn/). -If you require the CVS repositry, please get it by CVSup till that day. +If you require the CVS repository, please get it by CVSup till that day. diff --git a/en/news/_posts/2010-10-01-see-matz-in-san-francisco-or-silicon-valley.md b/en/news/_posts/2010-10-01-see-matz-in-san-francisco-or-silicon-valley.md index c0134cd244..e6fa6e518a 100644 --- a/en/news/_posts/2010-10-01-see-matz-in-san-francisco-or-silicon-valley.md +++ b/en/news/_posts/2010-10-01-see-matz-in-san-francisco-or-silicon-valley.md @@ -5,7 +5,7 @@ author: "James Edward Gray II" lang: en --- -Matz is visiting San Francisco and Silicon Vally on October 7th and +Matz is visiting San Francisco and Silicon Valley on October 7th and 11th. He will be talking about new opportunities for Ruby such as embedded applications, cloud computing, and super computing. Keynote Speech is “Ruby 2.0 What we want to accomplish in the near future.” Not diff --git a/en/news/_posts/2011-02-18-fileutils-is-vulnerable-to-symlink-race-attacks.md b/en/news/_posts/2011-02-18-fileutils-is-vulnerable-to-symlink-race-attacks.md index b3a72c05b2..8c52517f94 100644 --- a/en/news/_posts/2011-02-18-fileutils-is-vulnerable-to-symlink-race-attacks.md +++ b/en/news/_posts/2011-02-18-fileutils-is-vulnerable-to-symlink-race-attacks.md @@ -32,7 +32,7 @@ should not be world writable except when the sticky bit set. ### Updates -* Fixed typo. (vulnerable -> vulnerable) +* Fixed typo. (vulnerabile -> vulnerable) * 1\.8.7-334 was released to fix this issue. 1.8.7 users are encouraged to upgrade. * [https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.7-p334.tar.gz][1] diff --git a/en/news/_posts/2011-08-01-ruby-1-9-3-preview1-has-been-released.md b/en/news/_posts/2011-08-01-ruby-1-9-3-preview1-has-been-released.md index 94b4768560..692d71741e 100644 --- a/en/news/_posts/2011-08-01-ruby-1-9-3-preview1-has-been-released.md +++ b/en/news/_posts/2011-08-01-ruby-1-9-3-preview1-has-been-released.md @@ -33,7 +33,7 @@ Ruby Inside has published [a review of this release][3]. ## Differences from previous version Previous Ruby versions was licensed under \"GPLv2\" and \"Ruby\" license -but \"2-clause BSDL\"(AKA Simplfied BSD License) and \"Ruby\" license +but \"2-clause BSDL\"(AKA Simplified BSD License) and \"Ruby\" license been replacement of them. ### Encoding diff --git a/en/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md b/en/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md index 7b85206fa7..7e52abcdc2 100644 --- a/en/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md +++ b/en/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md @@ -31,19 +31,19 @@ You can read the original report on the bug tracker: ## Download -* +* SIZE: 9081661 bytes MD5: 8ba4aaf707023e76f80fc8f455c99858 SHA256: 6d3487ea8a86ad0fa78a8535078ff3c7a91ca9f99eff0a6a08e66c6e6bf2040f -* +* SIZE: 11416473 bytes MD5: 4b9330730491f96b402adc4a561e859a SHA256: 23ef45fdaecc5d6c7b4e9e2d51b23817fc6aa8225a20f123f7fa98760e8b5ca9 -* +* SIZE: 12732739 bytes MD5: 42d261b28d1b7e500dd3bdbdbfba7fa5 diff --git a/en/news/_posts/2015-07-14-rubyconftw-2015-call-for-proposals.md b/en/news/_posts/2015-07-14-rubyconftw-2015-call-for-proposals.md index 190b55d327..17458addfa 100644 --- a/en/news/_posts/2015-07-14-rubyconftw-2015-call-for-proposals.md +++ b/en/news/_posts/2015-07-14-rubyconftw-2015-call-for-proposals.md @@ -16,7 +16,7 @@ lang: en and [Ruddy Lee](https://ruddyblog.wordpress.com) are confirmed keynote speakers. [CFP is open](http://rubytaiwan.kktix.cc/events/rubyconftw2015-cfp) until July 20th (GMT +8) and -[Lightening talk CFP](http://rubytaiwan.kktix.cc/events/rubyconftw2015-ltcfp) +[Lightning talk CFP](http://rubytaiwan.kktix.cc/events/rubyconftw2015-ltcfp) is open until August 10th (GMT +8). If you want to give a talk, please submit your proposal. Any topics related to diff --git a/en/news/_posts/2018-05-31-ruby-2-6-0-preview2-released.md b/en/news/_posts/2018-05-31-ruby-2-6-0-preview2-released.md index d729da25ee..eafdcf0a37 100644 --- a/en/news/_posts/2018-05-31-ruby-2-6-0-preview2-released.md +++ b/en/news/_posts/2018-05-31-ruby-2-6-0-preview2-released.md @@ -55,7 +55,7 @@ This module has `parse` method which parses a given ruby code of string and retu An endless range, `(1..)`, is introduced. It works as it has no end. This shows typical use cases: ary[1..] # identical to ary[1..-1] without magical -1 - (1..).each {|index| ... } # inifinite loop from index 1 + (1..).each {|index| ... } # infinite loop from index 1 ary.zip(1..) {|elem, index| ... } # ary.each.with_index(1) { ... } * Add `Binding#source_location`. [[Feature #14230]](https://bugs.ruby-lang.org/issues/14230) @@ -66,7 +66,7 @@ This module has `parse` method which parses a given ruby code of string and retu ## Performance improvements -* Speedup `Proc#call` because we dont' need to care about `$SAFE` any more. +* Speedup `Proc#call` because we don't need to care about `$SAFE` any more. [[Feature #14318]](https://bugs.ruby-lang.org/issues/14318) With `lc_fizzbuzz` benchmark which uses `Proc#call` so many times we can measure diff --git a/en/news/_posts/2018-11-06-ruby-2-6-0-preview3-released.md b/en/news/_posts/2018-11-06-ruby-2-6-0-preview3-released.md index 9d73ec6459..dd69708fc7 100644 --- a/en/news/_posts/2018-11-06-ruby-2-6-0-preview3-released.md +++ b/en/news/_posts/2018-11-06-ruby-2-6-0-preview3-released.md @@ -50,7 +50,7 @@ This module has `parse` method which parses a given ruby code of string and retu An endless range, `(1..)`, is introduced. It works as it has no end. This shows typical use cases: ary[1..] # identical to ary[1..-1] without magical -1 - (1..).each {|index| ... } # inifinite loop from index 1 + (1..).each {|index| ... } # infinite loop from index 1 ary.zip(1..) {|elem, index| ... } # ary.each.with_index(1) { ... } * Add `Binding#source_location`. [[Feature #14230]](https://bugs.ruby-lang.org/issues/14230) diff --git a/en/news/_posts/2018-12-06-ruby-2-6-0-rc1-released.md b/en/news/_posts/2018-12-06-ruby-2-6-0-rc1-released.md index 3988fd9c48..f332ca99dc 100644 --- a/en/news/_posts/2018-12-06-ruby-2-6-0-rc1-released.md +++ b/en/news/_posts/2018-12-06-ruby-2-6-0-rc1-released.md @@ -50,7 +50,7 @@ This module has `parse` method which parses a given ruby code of string and retu An endless range, `(1..)`, is introduced. It works as it has no end. This shows typical use cases: ary[1..] # identical to ary[1..-1] without magical -1 - (1..).each {|index| ... } # inifinite loop from index 1 + (1..).each {|index| ... } # infinite loop from index 1 ary.zip(1..) {|elem, index| ... } # ary.each.with_index(1) { ... } * Add `Binding#source_location`. [[Feature #14230]](https://bugs.ruby-lang.org/issues/14230) @@ -93,7 +93,7 @@ This module has `parse` method which parses a given ruby code of string and retu * Passing `safe_level` to `ERB.new` is deprecated. `trim_mode` and `eoutvar` arguments are changed to keyword arguments. [[Feature #14256]](https://bugs.ruby-lang.org/issues/14256) -* Supported Unicode version is updated to 11. It is planed to update 12 and 12.1 in future TEENY releases of Ruby 2.6. +* Supported Unicode version is updated to 11. It is planned to update 12 and 12.1 in future TEENY releases of Ruby 2.6. * Merge RubyGems 3.0.0.beta3. `--ri` and `--rdoc` options was removed. Please use `--document` and `--no-document` options instead of them. diff --git a/en/news/_posts/2018-12-15-ruby-2-6-0-rc2-released.md b/en/news/_posts/2018-12-15-ruby-2-6-0-rc2-released.md index 3296c37791..448daf85bd 100644 --- a/en/news/_posts/2018-12-15-ruby-2-6-0-rc2-released.md +++ b/en/news/_posts/2018-12-15-ruby-2-6-0-rc2-released.md @@ -51,7 +51,7 @@ The `RubyVM::AbstractSyntaxTree::Node` class is also introduced. You can get loc An endless range, `(1..)`, is introduced. It works as if it has no end. This shows typical use cases: ary[1..] # identical to ary[1..-1] without magical -1 - (1..).each {|index| block } # inifinite loop from index 1 + (1..).each {|index| block } # infinite loop from index 1 ary.zip(1..) {|elem, index| block } # ary.each.with_index(1) { } * Add `Binding#source_location`. [[Feature #14230]](https://bugs.ruby-lang.org/issues/14230) diff --git a/en/news/_posts/2020-09-29-http-request-smuggling-cve-2020-25613.md b/en/news/_posts/2020-09-29-http-request-smuggling-cve-2020-25613.md index 891f5e47ad..4223a8bda6 100644 --- a/en/news/_posts/2020-09-29-http-request-smuggling-cve-2020-25613.md +++ b/en/news/_posts/2020-09-29-http-request-smuggling-cve-2020-25613.md @@ -8,7 +8,7 @@ tags: security lang: en --- -A potential HTTP request smuggling vulnerability in WEBrick was reported. This vulnerability has been assigned the CVE idenfitifer [CVE-2020-25613](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25613). We strongly recommend upgrading the webrick gem. +A potential HTTP request smuggling vulnerability in WEBrick was reported. This vulnerability has been assigned the CVE identifier [CVE-2020-25613](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25613). We strongly recommend upgrading the webrick gem. ## Details diff --git a/en/news/_posts/2022-09-09-ruby-3-2-0-preview2-released.md b/en/news/_posts/2022-09-09-ruby-3-2-0-preview2-released.md index a9fddadf7e..dd3b8828cd 100644 --- a/en/news/_posts/2022-09-09-ruby-3-2-0-preview2-released.md +++ b/en/news/_posts/2022-09-09-ruby-3-2-0-preview2-released.md @@ -77,7 +77,7 @@ The original proposal is https://bugs.ruby-lang.org/issues/17837 * We no longer bundle 3rd party sources like `libyaml`, `libffi`. - * libyaml source has been removed from psych. You may need to install `libyaml-dev` with Ubuntu/Debian platfrom. The package name is different each platforms. + * libyaml source has been removed from psych. You may need to install `libyaml-dev` with Ubuntu/Debian platform. The package name is different each platforms. * libffi will be removed from `fiddle` at preview2 diff --git a/en/news/_posts/2022-11-11-ruby-3-2-0-preview3-released.md b/en/news/_posts/2022-11-11-ruby-3-2-0-preview3-released.md index 6f6fdef049..87baf80621 100644 --- a/en/news/_posts/2022-11-11-ruby-3-2-0-preview3-released.md +++ b/en/news/_posts/2022-11-11-ruby-3-2-0-preview3-released.md @@ -94,7 +94,7 @@ The original proposal is * We no longer bundle 3rd party sources like `libyaml`, `libffi`. - * libyaml source has been removed from psych. You may need to install `libyaml-dev` with Ubuntu/Debian platfrom. The package name is different each platforms. + * libyaml source has been removed from psych. You may need to install `libyaml-dev` with Ubuntu/Debian platform. The package name is different each platforms. * bundled libffi source is also removed from `fiddle` diff --git a/en/news/_posts/2022-12-06-ruby-3-2-0-rc1-released.md b/en/news/_posts/2022-12-06-ruby-3-2-0-rc1-released.md index 2e8c7f38b4..ce1953cff8 100644 --- a/en/news/_posts/2022-12-06-ruby-3-2-0-rc1-released.md +++ b/en/news/_posts/2022-12-06-ruby-3-2-0-rc1-released.md @@ -318,7 +318,7 @@ The following deprecated methods are removed. * We no longer bundle 3rd party sources like `libyaml`, `libffi`. - * libyaml source has been removed from psych. You may need to install `libyaml-dev` with Ubuntu/Debian platfrom. The package name is different for each platform. + * libyaml source has been removed from psych. You may need to install `libyaml-dev` with Ubuntu/Debian platform. The package name is different for each platform. * Bundled libffi source is also removed from `fiddle` diff --git a/en/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md b/en/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md index 332794fdc9..fd68aa5252 100644 --- a/en/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md +++ b/en/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md @@ -24,7 +24,8 @@ The `uri` gem version 0.12.1 and all versions prior 0.12.1 are vulnerable for th We recommend to update the `uri` gem to 0.12.2. In order to ensure compatibility with bundled version in older Ruby series, you may update as follows instead: * For Ruby 3.0: Update to `uri` 0.10.3 -* For Ruby 3.1 and 3.2: Update to `uri` 0.12.2 +* For Ruby 3.1: Update to `uri` 0.12.2 +* For Ruby 3.2: Update to `uri` 0.12.2, or update to Ruby 3.2.3 You can use `gem update uri` to update it. If you are using bundler, please add `gem "uri", ">= 0.12.2"` (or other version mentioned above) to your `Gemfile`. @@ -40,4 +41,5 @@ Thanks to [nobu](https://github.com/nobu) for fixing this issue. ## History +* Added a new recommended action for Ruby 3.2 at 2024-01-18 12:00:00 (UTC) * Originally published at 2023-06-29 01:00:00 (UTC) diff --git a/en/news/_posts/2023-09-14-ruby-3-3-0-preview2-released.md b/en/news/_posts/2023-09-14-ruby-3-3-0-preview2-released.md index 1f63bbba09..f8a9fb03c3 100644 --- a/en/news/_posts/2023-09-14-ruby-3-3-0-preview2-released.md +++ b/en/news/_posts/2023-09-14-ruby-3-3-0-preview2-released.md @@ -43,7 +43,7 @@ We are pleased to announce the release of Ruby {{ release.version }}. Ruby 3.3 a * Option to start YJIT in paused mode and then later enable it manually * `--yjit-pause` and `RubyVM::YJIT.resume` * This can be used to enable YJIT only once your application is done booting -* `ratio_in_yjit` stat produced by `--yjit-stats` is now avaiable in release builds, +* `ratio_in_yjit` stat produced by `--yjit-stats` is now available in release builds, a special stats or dev build is no longer required. * Exit tracing option now supports sampling * `--trace-exits-sample-rate=N` diff --git a/en/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md b/en/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md index 9a61525deb..169be51863 100644 --- a/en/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md +++ b/en/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md @@ -19,7 +19,7 @@ We are pleased to announce the release of Ruby {{ release.version }}. Ruby 3.3 a * Prism is both a C library that will be used internally by CRuby and a Ruby gem that can be used by any tooling which needs to parse Ruby code * Notable methods in the Prism API are: * `Prism.parse(source)` which returns the AST as part of a ParseResult - * `Prism.dump(source, filepath)` which returns the serialized AST as a String + * `Prism.dump(source)` which returns the serialized AST as a String * `Prism.parse_comments(source)` which returns the comments * You can make pull requests or issues directly on [the Prism repository](https://github.com/ruby/prism) if you are interested in contributing @@ -63,7 +63,7 @@ We are pleased to announce the release of Ruby {{ release.version }}. Ruby 3.3 a YJIT options while disabling YJIT at boot. * Option to disable code GC and treat `--yjit-exec-mem-size` as a hard limit * Can produce better copy-on-write behavior on servers using unicorn and forking -* `ratio_in_yjit` stat produced by `--yjit-stats` is now avaiable in release builds, +* `ratio_in_yjit` stat produced by `--yjit-stats` is now available in release builds, a special stats or dev build is no longer required to access most stats. * Exit tracing option now supports sampling * `--trace-exits-sample-rate=N` @@ -95,7 +95,7 @@ We are pleased to announce the release of Ruby {{ release.version }}. Ruby 3.3 a * Name resolution such as `Socket.getaddrinfo` can now be interrupted (in environments where pthreads are available). [Feature #19965](https://bugs.ruby-lang.org/issues/19965) * For this purpose, a pthread is now created whenever calling getaddrinfo or getnameinfo. This incurs some overhead in name resolution (about 2.5x in our experiments). We do not expect the name resolution overhead to be a problem for most applications, but if you observe such, or if you see unexpected affects that you believe are due to this change, please report them. * Environment variable `RUBY_GC_HEAP_REMEMBERED_WB_UNPROTECTED_OBJECTS_LIMIT_RATIO` has been added. [Feature #19571](https://bugs.ruby-lang.org/issues/19571) -* Children of old objects are no longer immedately promoted to the old generation in the garbage collector. [Feature #19678](https://bugs.ruby-lang.org/issues/19678) +* Children of old objects are no longer immediately promoted to the old generation in the garbage collector. [Feature #19678](https://bugs.ruby-lang.org/issues/19678) * Support for weak references has been added to the garbage collector. [Feature #19783](https://bugs.ruby-lang.org/issues/19783) ## Other notable changes since 3.2 diff --git a/en/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md b/en/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md index 73d5ed01f0..ccaf405b3c 100644 --- a/en/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md +++ b/en/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md @@ -21,7 +21,7 @@ After the release of RC1, we will avoid introducing ABI incompatibilities wherev * Prism is both a C library that will be used internally by CRuby and a Ruby gem that can be used by any tooling which needs to parse Ruby code * Notable methods in the Prism API are: * `Prism.parse(source)` which returns the AST as part of a ParseResult - * `Prism.dump(source, filepath)` which returns the serialized AST as a String + * `Prism.dump(source)` which returns the serialized AST as a String * `Prism.parse_comments(source)` which returns the comments * You can make pull requests or issues directly on [the Prism repository](https://github.com/ruby/prism) if you are interested in contributing @@ -64,7 +64,7 @@ After the release of RC1, we will avoid introducing ABI incompatibilities wherev done booting. `--yjit-disable` can be used if you want to use other YJIT options while disabling YJIT at boot. * Code GC is now disabled by default, and `--yjit-exec-mem-size` is treated - as a hard limit where copilation of new code stops. + as a hard limit where compilation of new code stops. * Better copy-on-write behavior on servers using unicorn and forking * No sudden drops in performance due to code GC. * You can still enable code GC if desired with `--yjit-code-gc` @@ -152,7 +152,7 @@ The following deprecated methods are removed. ### Removed environment variables -The following deprecated methods are removed. +The following deprecated environment variables are removed. * Environment variable `RUBY_GC_HEAP_INIT_SLOTS` has been deprecated and is a no-op. Please use environment variables `RUBY_GC_HEAP_{0,1,2,3,4}_INIT_SLOTS` instead. [Feature #19785](https://bugs.ruby-lang.org/issues/19785) diff --git a/en/news/_posts/2023-12-25-ruby-3-3-0-released.md b/en/news/_posts/2023-12-25-ruby-3-3-0-released.md new file mode 100644 index 0000000000..6cbad6d110 --- /dev/null +++ b/en/news/_posts/2023-12-25-ruby-3-3-0-released.md @@ -0,0 +1,310 @@ +--- +layout: news_post +title: "Ruby 3.3.0 Released" +author: "naruse" +translator: +date: 2023-12-25 00:00:00 +0000 +lang: en +--- + +{% assign release = site.data.releases | where: "version", "3.3.0" | first %} +We are pleased to announce the release of Ruby {{ release.version }}. Ruby 3.3 adds a new parser named Prism, uses Lrama as a parser generator, adds a new pure-Ruby JIT compiler named RJIT, and many performance improvements especially YJIT. + +## Prism + +* Introduced [the Prism parser](https://github.com/ruby/prism) as a default gem + * Prism is a portable, error tolerant, and maintainable recursive descent parser for the Ruby language +* Prism is production ready and actively maintained, you can use it in place of Ripper + * There is [extensive documentation](https://ruby.github.io/prism/) on how to use Prism + * Prism is both a C library that will be used internally by CRuby and a Ruby gem that can be used by any tooling which needs to parse Ruby code + * Notable methods in the Prism API are: + * `Prism.parse(source)` which returns the AST as part of a parse result object + * `Prism.parse_comments(source)` which returns the comments + * `Prism.parse_success?(source)` which returns true if there are no errors +* You can make pull requests or issues directly on [the Prism repository](https://github.com/ruby/prism) if you are interested in contributing +* You can now use `ruby --parser=prism` or `RUBYOPT="--parser=prism"` to experiment with the Prism compiler. Please note that this flag is for debugging only. + +## Use Lrama instead of Bison + +* Replace Bison with [Lrama LALR parser generator](https://github.com/ruby/lrama) [[Feature #19637]](https://bugs.ruby-lang.org/issues/19637) + * If you have interest, please see [The future vision of Ruby Parser](https://rubykaigi.org/2023/presentations/spikeolaf.html) + * Lrama internal parser is replaced with LR parser generated by Racc for maintainability + * Parameterizing Rules `(?, *, +)` are supported, it will be used in Ruby parse.y + +## YJIT + +* Major performance improvements over Ruby 3.2 + * Support for splat and rest arguments has been improved. + * Registers are allocated for stack operations of the virtual machine. + * More calls with optional arguments are compiled. Exception handlers are also compiled. + * Unsupported call types and megamorphic call sites no longer exit to the interpreter. + * Basic methods like Rails `#blank?` and + [specialized `#present?`](https://github.com/rails/rails/pull/49909) are inlined. + * `Integer#*`, `Integer#!=`, `String#!=`, `String#getbyte`, + `Kernel#block_given?`, `Kernel#is_a?`, `Kernel#instance_of?`, and `Module#===` + are specially optimized. + * Compilation speed is now slightly faster than Ruby 3.2. + * Now more than 3x faster than the interpreter on Optcarrot! +* Significantly improved memory usage over Ruby 3.2 + * Metadata for compiled code uses a lot less memory. + * `--yjit-call-threshold` is automatically raised from 30 to 120 + when the application has more than 40,000 ISEQs. + * `--yjit-cold-threshold` is added to skip compiling cold ISEQs. + * More compact code is generated on Arm64. +* Code GC is now disabled by default + * `--yjit-exec-mem-size` is treated as a hard limit where compilation of new code stops. + * No sudden drops in performance due to code GC. + Better copy-on-write behavior on servers reforking with + [Pitchfork](https://github.com/shopify/pitchfork). + * You can still enable code GC if desired with `--yjit-code-gc` +* Add `RubyVM::YJIT.enable` that can enable YJIT at run-time + * You can start YJIT without modifying command-line arguments or environment variables. + Rails 7.2 will [enable YJIT by default](https://github.com/rails/rails/pull/49947) + using this method. + * This can also be used to enable YJIT only once your application is + done booting. `--yjit-disable` can be used if you want to use other + YJIT options while disabling YJIT at boot. +* More YJIT stats are available by default + * `yjit_alloc_size` and several more metadata-related stats are now available by default. + * `ratio_in_yjit` stat produced by `--yjit-stats` is now available in release builds, + a special stats or dev build is no longer required to access most stats. +* Add more profiling capabilities + * `--yjit-perf` is added to facilitate profiling with Linux perf. + * `--yjit-trace-exits` now supports sampling with `--yjit-trace-exits-sample-rate=N` +* More thorough testing and multiple bug fixes + +## RJIT + +* Introduced a pure-Ruby JIT compiler RJIT and replaced MJIT. + * RJIT supports only x86-64 architecture on Unix platforms. + * Unlike MJIT, it doesn't require a C compiler at runtime. +* RJIT exists only for experimental purposes. + * You should keep using YJIT in production. +* If you are interested in developing JIT for Ruby, please check out [k0kubun's presentation on Day 3 of RubyKaigi](https://rubykaigi.org/2023/presentations/k0kubun.html#day3). + +## M:N thread scheduler + +* M:N thread scheduler was introduced. [[Feature #19842]](https://bugs.ruby-lang.org/issues/19842) + * M Ruby threads are managed by N native threads (OS threads) so the thread creation and management cost are reduced. + * It can break C-extension compatibility so that M:N thread scheduler is disabled on the main Ractor by default. + * `RUBY_MN_THREADS=1` environment variable enables M:N threads on the main Ractor. + * M:N threads are always enabled on non-main Ractors. + * `RUBY_MAX_CPU=n` environment variable sets maximum number of `N` (maximum number of native threads). The default value is 8. + * Since only one Ruby thread per Ractor can run at the same time, the number of native threads will be used, which is the smaller of the number specified in `RUBY_MAX_CPU` and the number of running Ractors. So that single Ractor applications (most of applications) will only use 1 native thread. + * To support blocking operations, more than `N` native threads can be used. + +## Performance improvements + +* `defined?(@ivar)` is optimized with Object Shapes. +* Name resolution such as `Socket.getaddrinfo` can now be interrupted (in environments where pthreads are available). [[Feature #19965]](https://bugs.ruby-lang.org/issues/19965) +* Several performance improvements to the Garbage Collector + * Young objects referenced by old objects are no longer immediately + promoted to the old generation. This significantly reduces the frequency of + major GC collections. [[Feature #19678]](https://bugs.ruby-lang.org/issues/19678) + * A new `REMEMBERED_WB_UNPROTECTED_OBJECTS_LIMIT_RATIO` tuning variable was + introduced to control the number of unprotected objects cause a major GC + collection to trigger. The default is set to `0.01` (1%). This significantly + reduces the frequency of major GC collection. [[Feature #19571]](https://bugs.ruby-lang.org/issues/19571) + * Write Barriers were implemented for many core types that were missing them, + notably `Time`, `Enumerator`, `MatchData`, `Method`, `File::Stat`, `BigDecimal` + and several others. This significantly reduces minor GC collection time and major + GC collection frequency. + * Most core classes are now using Variable Width Allocation, notably `Hash`, `Time`, + `Thread::Backtrace`, `Thread::Backtrace::Location`, `File::Stat`, `Method`. + This makes these classes faster to allocate and free, use less memory and reduce + heap fragmentation. + * Support for weak references has been added to the garbage collector. [[Feature #19783]](https://bugs.ruby-lang.org/issues/19783) + + +## Other notable changes since 3.2 + +### IRB + +IRB has received several enhancements, including but not limited to: + +* Advanced `irb:rdbg` integration that provides an equivalent debugging experience to `pry-byebug` ([doc](https://github.com/ruby/irb#debugging-with-irb)). +* Pager support for `ls`, `show_source` and `show_cmds` commands. +* More accurate and helpful information provided by the `ls` and `show_source` commands. +* Experimental autocompletion using type analysis ([doc](https://github.com/ruby/irb#type-based-completion)). +* It is now possible to change the font color and font style in the completion dialog by a newly introduced class Reline::Face ([doc](https://github.com/ruby/ruby/blob/master/doc/reline/face.md)) + +In addition, IRB has also undergone extensive refactoring and received dozens of bug fixes to facilitate easier future enhancements. + +For more detailed updates, please refer to [Unveiling the big leap in Ruby 3.3's IRB](https://railsatscale.com/2023-12-19-irb-for-ruby-3-3/). + +## Compatibility issues + +Note: Excluding feature bug fixes. + +* `it` calls without arguments in a block with no ordinary parameters are + deprecated. `it` will be a reference to the first block parameter in Ruby 3.4. + [[Feature #18980]](https://bugs.ruby-lang.org/issues/18980) + +* `Regexp::new` now only accepts up to 2 arguments instead of 3. This was + deprecated in Ruby 3.2. [[Bug #18797]](https://bugs.ruby-lang.org/issues/18797) + +### Removed environment variables + +The following deprecated methods are removed. + +* Environment variable `RUBY_GC_HEAP_INIT_SLOTS` has been deprecated and is a no-op. Please use environment variables `RUBY_GC_HEAP_{0,1,2,3,4}_INIT_SLOTS` instead. [[Feature #19785]](https://bugs.ruby-lang.org/issues/19785) + +## Stdlib compatibility issues + +### `ext/readline` is retired + +* We have `reline` that is pure Ruby implementation compatible with `ext/readline` API. We rely on `reline` in the future. If you need to use `ext/readline`, you can install `ext/readline` via rubygems.org with `gem install readline-ext`. +* We no longer need to install libraries like `libreadline` or `libedit`. + +## Standard library updates + +RubyGems and Bundler warn if users do `require` the following gems without adding them to Gemfile or gemspec. This is because they will become the bundled gems in the future version of Ruby. + +This warning is suppressed if you use bootsnap gem. We recommend to run your application with `DISABLE_BOOTSNAP=1` environment variable at least once. This is limitation of this version. + +Targeted libraries are: + * abbrev + * base64 + * bigdecimal + * csv + * drb + * getoptlong + * mutex_m + * nkf + * observer + * racc + * resolv-replace + * rinda + * syslog + +The following default gem is added. + +* prism 0.19.0 + +The following default gems are updated. + +* RubyGems 3.5.3 +* abbrev 0.1.2 +* base64 0.2.0 +* benchmark 0.3.0 +* bigdecimal 3.1.5 +* bundler 2.5.3 +* cgi 0.4.1 +* csv 3.2.8 +* date 3.3.4 +* delegate 0.3.1 +* drb 2.2.0 +* english 0.8.0 +* erb 4.0.3 +* error_highlight 0.6.0 +* etc 1.4.3 +* fcntl 1.1.0 +* fiddle 1.1.2 +* fileutils 1.7.2 +* find 0.2.0 +* getoptlong 0.2.1 +* io-console 0.7.1 +* io-nonblock 0.3.0 +* io-wait 0.3.1 +* ipaddr 1.2.6 +* irb 1.11.0 +* json 2.7.1 +* logger 1.6.0 +* mutex_m 0.2.0 +* net-http 0.4.0 +* net-protocol 0.2.2 +* nkf 0.1.3 +* observer 0.1.2 +* open-uri 0.4.1 +* open3 0.2.1 +* openssl 3.2.0 +* optparse 0.4.0 +* ostruct 0.6.0 +* pathname 0.3.0 +* pp 0.5.0 +* prettyprint 0.2.0 +* pstore 0.1.3 +* psych 5.1.2 +* rdoc 6.6.2 +* readline 0.0.4 +* reline 0.4.1 +* resolv 0.3.0 +* rinda 0.2.0 +* securerandom 0.3.1 +* set 1.1.0 +* shellwords 0.2.0 +* singleton 0.2.0 +* stringio 3.1.0 +* strscan 3.0.7 +* syntax_suggest 2.0.0 +* syslog 0.1.2 +* tempfile 0.2.1 +* time 0.3.0 +* timeout 0.4.1 +* tmpdir 0.2.0 +* tsort 0.2.0 +* un 0.3.0 +* uri 0.13.0 +* weakref 0.1.3 +* win32ole 1.8.10 +* yaml 0.3.0 +* zlib 3.1.0 + +The following bundled gem is promoted from default gems. + +* racc 1.7.3 + +The following bundled gems are updated. + +* minitest 5.20.0 +* rake 13.1.0 +* test-unit 3.6.1 +* rexml 3.2.6 +* rss 0.3.0 +* net-ftp 0.3.3 +* net-imap 0.4.9 +* net-smtp 0.4.0 +* rbs 3.4.0 +* typeprof 0.21.9 +* debug 1.9.1 + +See GitHub releases like [Logger](https://github.com/ruby/logger/releases) or +changelog for details of the default gems or bundled gems. + +See [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +or [commit logs](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }}) +for more details. + +With those changes, [{{ release.stats.files_changed }} files changed, {{ release.stats.insertions }} insertions(+), {{ release.stats.deletions }} deletions(-)](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }}#file_bucket) +since Ruby 3.2.0! + +Merry Christmas, Happy Holidays, and enjoy programming with Ruby 3.3! + +## Download + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## What is Ruby + +Ruby was first developed by Matz (Yukihiro Matsumoto) in 1993, +and is now developed as Open Source. It runs on multiple platforms +and is used all over the world especially for web development. diff --git a/en/news/_posts/2024-01-18-ruby-3-2-3-released.md b/en/news/_posts/2024-01-18-ruby-3-2-3-released.md new file mode 100644 index 0000000000..3921bcbbee --- /dev/null +++ b/en/news/_posts/2024-01-18-ruby-3-2-3-released.md @@ -0,0 +1,48 @@ +--- +layout: news_post +title: "Ruby 3.2.3 Released" +author: "nagachika" +translator: +date: 2024-01-18 09:00:00 +0000 +lang: en +--- + +Ruby 3.2.3 has been released. + +This release includes many bug-fixes. +See the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_2_3) for further details. + +This release also includes the update of uri.gem to 0.12.2 which contains the security fix. +Please check the topics below for details. + +* [CVE-2023-36617: ReDoS vulnerability in URI]({%link en/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md %}) + +## Download + +{% assign release = site.data.releases | where: "version", "3.2.3" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md b/en/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md new file mode 100644 index 0000000000..0e0bf0c4be --- /dev/null +++ b/en/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md @@ -0,0 +1,46 @@ +--- +layout: news_post +title: "CVE-2024-27280: Buffer overread vulnerability in StringIO" +author: "hsbt" +translator: +date: 2024-03-21 4:00:00 +0000 +tags: security +lang: en +--- + +We have released the StringIO gem version 3.0.1.1 and 3.0.1.2 that have a security fix for a buffer overread vulnerability. +This vulnerability has been assigned the CVE identifier [CVE-2024-27280](https://www.cve.org/CVERecord?id=CVE-2024-27280). + +## Details + +An issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. + +The `ungetbyte` and `ungetc` methods on a StringIO can read past the end of a string, and a subsequent call to `StringIO.gets` may return the memory value. + +This vulnerability is not affected StringIO 3.0.3 and later, and Ruby 3.2.x and later. + +## Recommended action + +We recommend to update the StringIO gem to version 3.0.3 or later. In order to ensure compatibility with bundled version in older Ruby series, you may update as follows instead: + +* For Ruby 3.0 users: Update to `stringio` 3.0.1.1 +* For Ruby 3.1 users: Update to `stringio` 3.0.1.2 + +Note: that StringIO 3.0.1.2 contains not only the fix for this vulnerability but also a bugfix for [[Bug #19389]](https://github.com/ruby/ruby/commit/1d24a931c458c93463da1d5885f33edef3677cc2). + +You can use `gem update stringio` to update it. If you are using bundler, please add `gem "stringio", ">= 3.0.1.2"` to your `Gemfile`. + +## Affected versions + +* Ruby 3.0.6 or lower +* Ruby 3.1.4 or lower +* StringIO gem 3.0.1 or lower + +## Credits + +Thanks to [david_h1](https://hackerone.com/david_h1?type=user) for discovering this issue. + +## History + +* Fixed the affected version of StringIO (3.0.2 -> 3.0.1) at 2024-04-11 12:50:00 (UTC) +* Originally published at 2024-03-21 4:00:00 (UTC) diff --git a/en/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md b/en/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md new file mode 100644 index 0000000000..067f53c745 --- /dev/null +++ b/en/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md @@ -0,0 +1,48 @@ +--- +layout: news_post +title: "CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc" +author: "hsbt" +translator: +date: 2024-03-21 4:00:00 +0000 +tags: security +lang: en +--- + +We have released the RDoc gem version 6.3.4.1, 6.4.1.1, 6.5.1.1 and 6.6.3.1 that have a security fix for a RCE vulnerability. +This vulnerability has been assigned the CVE identifier [CVE-2024-27281](https://www.cve.org/CVERecord?id=CVE-2024-27281). + +## Details + +An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. + +When parsing `.rdoc_options` (used for configuration in RDoc) as a YAML file, object injection and resultant remote code execution are possible because there are no restrictions on the classes that can be restored. + +When loading the documentation cache, object injection and resultant remote code execution are also possible if there were a crafted cache. + +## Recommended action + +We recommend to update the RDoc gem to version 6.6.3.1 or later. In order to ensure compatibility with bundled version in older Ruby series, you may update as follows instead: + +* For Ruby 3.0 users: Update to `rdoc` 6.3.4.1 +* For Ruby 3.1 users: Update to `rdoc` 6.4.1.1 +* For Ruby 3.2 users: Update to `rdoc` 6.5.1.1 + +You can use `gem update rdoc` to update it. If you are using bundler, please add `gem "rdoc", ">= 6.6.3.1"` to your `Gemfile`. + +Note: 6.3.4, 6.4.1, 6.5.1 and 6.6.3 have a incorrect fix. We recommend to upgrade 6.3.4.1, 6.4.1.1, 6.5.1.1 and 6.6.3.1 instead of them. + +## Affected versions + +* Ruby 3.0.6 or lower +* Ruby 3.1.4 or lower +* Ruby 3.2.3 or lower +* Ruby 3.3.0 +* RDoc gem 6.3.3 or lower, 6.4.0 through 6.6.2 without the patch versions (6.3.4, 6.4.1, 6.5.1) + +## Credits + +Thanks to [ooooooo_q](https://hackerone.com/ooooooo_q?type=user) for discovering this issue. + +## History + +* Originally published at 2024-03-21 4:00:00 (UTC) diff --git a/en/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md b/en/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md new file mode 100644 index 0000000000..e27c89c452 --- /dev/null +++ b/en/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search" +author: "hsbt" +translator: +date: 2024-04-23 10:00:00 +0000 +tags: security +lang: en +--- + +We have released the Ruby version 3.0.7, 3.1.5, 3.2.4 and 3.3.1 that have a security fix for an arbitrary memory address read vulnerability in Regex search. +This vulnerability has been assigned the CVE identifier [CVE-2024-27282](https://www.cve.org/CVERecord?id=CVE-2024-27282). + +## Details + +An issue was discovered in Ruby 3.x through 3.3.0. + +If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitrary heap data relative to the start of the text, including pointers and sensitive strings. + +## Recommended action + +We recommend to update the Ruby to version 3.3.1 or later. In order to ensure compatibility with older Ruby series, you may update as follows instead: + +* For Ruby 3.0 users: Update to 3.0.7 +* For Ruby 3.1 users: Update to 3.1.5 +* For Ruby 3.2 users: Update to 3.2.4 +* For Ruby 3.3 users: Update to 3.3.1 + +## Affected versions + +* Ruby 3.0.6 or lower +* Ruby 3.1.4 or lower +* Ruby 3.2.3 or lower +* Ruby 3.3.0 + +## Credits + +Thanks to [sp2ip](https://hackerone.com/sp2ip?type=user) for discovering this issue. + +## History + +* Originally published at 2024-04-23 10:00:00 (UTC) diff --git a/en/news/_posts/2024-04-23-ruby-3-0-7-released.md b/en/news/_posts/2024-04-23-ruby-3-0-7-released.md new file mode 100644 index 0000000000..be1a8d617d --- /dev/null +++ b/en/news/_posts/2024-04-23-ruby-3-0-7-released.md @@ -0,0 +1,53 @@ +--- +layout: news_post +title: "Ruby 3.0.7 Released" +author: "hsbt" +translator: +date: 2024-04-23 10:00:00 +0000 +lang: en +--- + +Ruby 3.0.7 has been released. + +This release includes security fixes. +Please check the topics below for details. + +* [CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search]({%link en/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc]({%link en/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md %}) +* [CVE-2024-27280: Buffer overread vulnerability in StringIO]({%link en/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md %}) + +See the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_0_7) for further details. + +After this release, Ruby 3.0 reaches EOL. In other words, this is expected to be the last release of Ruby 3.0 series. +We will not release Ruby 3.0.8 even if a security vulnerability is found (but could release if a severe regression is found). +We recommend all Ruby 3.0 users to start migration to Ruby 3.3, 3.2, or 3.1 immediately. + +## Download + +{% assign release = site.data.releases | where: "version", "3.0.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2024-04-23-ruby-3-1-5-released.md b/en/news/_posts/2024-04-23-ruby-3-1-5-released.md new file mode 100644 index 0000000000..18b3a82ffa --- /dev/null +++ b/en/news/_posts/2024-04-23-ruby-3-1-5-released.md @@ -0,0 +1,49 @@ +--- +layout: news_post +title: "Ruby 3.1.5 Released" +author: "hsbt" +translator: +date: 2024-04-23 10:00:00 +0000 +lang: en +--- + +Ruby 3.1.5 has been released. + +This release includes security fixes. +Please check the topics below for details. + +* [CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search]({%link en/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc]({%link en/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md %}) +* [CVE-2024-27280: Buffer overread vulnerability in StringIO]({%link en/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md %}) + +See the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_1_5) for further details. + +## Download + +{% assign release = site.data.releases | where: "version", "3.1.5" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2024-04-23-ruby-3-2-4-released.md b/en/news/_posts/2024-04-23-ruby-3-2-4-released.md new file mode 100644 index 0000000000..0b93cd45f4 --- /dev/null +++ b/en/news/_posts/2024-04-23-ruby-3-2-4-released.md @@ -0,0 +1,48 @@ +--- +layout: news_post +title: "Ruby 3.2.4 Released" +author: "nagachika" +translator: +date: 2024-04-23 10:00:00 +0000 +lang: en +--- + +Ruby 3.2.4 has been released. + +This release includes security fixes. +Please check the topics below for details. + +* [CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search]({%link en/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc]({%link en/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md %}) + +See the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_2_4) for further details. + +## Download + +{% assign release = site.data.releases | where: "version", "3.2.4" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2024-04-23-ruby-3-3-1-released.md b/en/news/_posts/2024-04-23-ruby-3-3-1-released.md new file mode 100644 index 0000000000..1119d572ed --- /dev/null +++ b/en/news/_posts/2024-04-23-ruby-3-3-1-released.md @@ -0,0 +1,48 @@ +--- +layout: news_post +title: "Ruby 3.3.1 Released" +author: "naruse" +translator: +date: 2024-04-23 10:00:00 +0000 +lang: en +--- + +Ruby 3.3.1 has been released. + +This release includes security fixes. +Please check the topics below for details. + +* [CVE-2024-27282: Arbitrary memory address read vulnerability with Regex search]({%link en/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc]({%link en/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md %}) + +See the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_3_1) for further details. + +## Download + +{% assign release = site.data.releases | where: "version", "3.3.1" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md b/en/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md new file mode 100644 index 0000000000..7d51393eca --- /dev/null +++ b/en/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2024-35176: DoS vulnerability in REXML" +author: "kou" +translator: +date: 2024-05-16 05:00:00 +0000 +tags: security +lang: en +--- + +There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier [CVE-2024-35176](https://www.cve.org/CVERecord?id=CVE-2024-35176). We strongly recommend upgrading the REXML gem. + +## Details + +When parsing an XML document that has many `<` in an attribute value, REXML gem may take long time. + +Please update REXML gem to version 3.2.7 or later. + +## Affected versions + +* REXML gem 3.2.6 or prior + +## Credits + +Thanks to [mprogrammer](https://hackerone.com/mprogrammer) for discovering this issue. + +## History + +* Originally published at 2024-05-16 05:00:00 (UTC) diff --git a/en/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md b/en/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md new file mode 100644 index 0000000000..c8048b4950 --- /dev/null +++ b/en/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md @@ -0,0 +1,139 @@ +--- +layout: news_post +title: "Ruby 3.4.0 preview1 Released" +author: "naruse" +translator: +date: 2024-05-16 00:00:00 +0000 +lang: en +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-preview1" | first %} +We are pleased to announce the release of Ruby {{ release.version }}. + +## Language changes + +* String literals in files without a `frozen_string_literal` comment now behave + as if they were frozen. If they are mutated a deprecation warning is emitted. + These warnings can be enabled with `-W:deprecated` or by setting `Warning[:deprecated] = true`. + To disable this change, you can run Ruby with the `--disable-frozen-string-literal` + command line argument. [[Feature #20205]] + +* `it` is added to reference a block parameter. [[Feature #18980]] + +* Keyword splatting `nil` when calling methods is now supported. + `**nil` is treated similarly to `**{}`, passing no keywords, + and not calling any conversion methods. [[Bug #20064]] + +* Block passing is no longer allowed in index. [[Bug #19918]] + +* Keyword arguments are no longer allowed in index. [[Bug #20218]] + +## Core classes updates + +Note: We're only listing outstanding class updates. + +* Exception + + * Exception#set_backtrace now accepts arrays of `Thread::Backtrace::Location`. + `Kernel#raise`, `Thread#raise` and `Fiber#raise` also accept this new format. [[Feature #13557]] + +* Range + + * Range#size now raises TypeError if the range is not iterable. [[Misc #18984]] + + + +## Compatibility issues + +Note: Excluding feature bug fixes. + +* Error messages and backtrace displays have been changed. + * Use a single quote instead of a backtick as a opening quote. [[Feature #16495]] + * Display a class name before a method name (only when the class has a permanent name). [[Feature #19117]] + * `Kernel#caller`, `Thread::Backtrace::Location`'s methods, etc. are also changed accordingly. + + ``` + Old: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + New: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + + +## C API updates + +* `rb_newobj` and `rb_newobj_of` (and corresponding macros `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`) have been removed. [[Feature #20265]] +* Removed deprecated function `rb_gc_force_recycle`. [[Feature #18290]] + +## Implementation improvements + +* `Array#each` is rewritten in Ruby for better performance [[Feature #20182]]. + +## Miscellaneous changes + +* Passing a block to a method which doesn't use the passed block will show + a warning on verbose mode (`-w`). + [[Feature #15554]] + +* Redefining some core methods that are specially optimized by the interpeter + and JIT like `String.freeze` or `Integer#+` now emits a performance class + warning (`-W:performance` or `Warning[:performance] = true`). + [[Feature #20429]] + +See GitHub releases like [Logger](https://github.com/ruby/logger/releases) or +changelog for details of the default gems or bundled gems. + +See [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +or [commit logs](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}) +for more details. + +With those changes, [{{ release.stats.files_changed }} files changed, {{ release.stats.insertions }} insertions(+), {{ release.stats.deletions }} deletions(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket) +since Ruby 3.3.0! + + +## Download + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## What is Ruby + +Ruby was first developed by Matz (Yukihiro Matsumoto) in 1993, +and is now developed as Open Source. It runs on multiple platforms +and is used all over the world especially for web development. + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 diff --git a/en/news/_posts/2024-05-29-ruby-3-1-6-released.md b/en/news/_posts/2024-05-29-ruby-3-1-6-released.md new file mode 100644 index 0000000000..b2ba968d66 --- /dev/null +++ b/en/news/_posts/2024-05-29-ruby-3-1-6-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.1.6 Released" +author: "hsbt" +translator: +date: 2024-05-29 9:00:00 +0000 +lang: en +--- + +Ruby 3.1.6 has been released. + +Ruby 3.1 series is now in the security maintenance phase. In general, we will fix only security issues in this phase. But we have several build failure issues after the release of Ruby 3.1.5. We decided to release Ruby 3.1.6 to fix these issues. + +Please check the topics below for details. + +* [Bug #20151: Can't build Ruby 3.1 on FreeBSD 14.0](https://bugs.ruby-lang.org/issues/20151) +* [Bug #20451: Bad Ruby 3.1.5 backport causes fiddle to fail to build](https://bugs.ruby-lang.org/issues/20451) +* [Bug #20431: Ruby 3.3.0 build fail with make: *** \[io_buffer.o\] Error 1](https://bugs.ruby-lang.org/issues/20431) + +See the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_1_6) for further details. + +## Download + +{% assign release = site.data.releases | where: "version", "3.1.6" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2024-05-30-datadog-oss-program.md b/en/news/_posts/2024-05-30-datadog-oss-program.md new file mode 100644 index 0000000000..2a809ec1c3 --- /dev/null +++ b/en/news/_posts/2024-05-30-datadog-oss-program.md @@ -0,0 +1,28 @@ +--- +layout: news_post +title: "Datadog provides OSS community support for ruby-lang.org" +author: "hsbt" +translator: +date: 2024-05-30 00:00:00 +0000 +lang: en +--- + +We are excited to announce that Ruby's official website, ruby-lang.org, has adopted Datadog for monitoring by [Datadog OSS community support](https://opensource.datadoghq.com/projects/oss-program/). + +This allows us to effectively monitor the performance and availability of the site in real time for Ruby users. This key benefits of using Datadog include the following. + +## CDN Visibility + +cache.ruby-lang.org provided by Fastly is most important infrastructure of Ruby ecosystem. Datadog enables monitoring of Content Delivery Network (CDN) performance. It tracks cache coverage, error rate, enhancing user experiences. + +## Unified Data Visualization + +We have various web services for ruby-lang.org. Datadog allows to visualize log analytics data alongside metrics and application performance monitoring (APM) data in the same dashboards. + +## JIT Trace Visibility + +By utilizing Datadog’s tracing capabilities, we can capture traces as requests flow through web servers and databases. This helps identify bottlenecks and problematic requests. + +We published the [public dashboard](https://p.ap1.datadoghq.com/sb/1271b83e-af90-11ee-9072-da7ad0900009-01633a8fa8c0b0c0051f1889afdf55dc) of our key metrics. We will update the dashboard as we continue to improve our monitoring especially YJIT performance. + +We hope that this adoption of Datadog will contribute to improved site performance for the Ruby community. Please continue to use ruby-lang.org and enjoy an enhanced user experience. diff --git a/en/news/_posts/2024-05-30-ruby-3-3-2-released.md b/en/news/_posts/2024-05-30-ruby-3-3-2-released.md new file mode 100644 index 0000000000..e29a51f8a3 --- /dev/null +++ b/en/news/_posts/2024-05-30-ruby-3-3-2-released.md @@ -0,0 +1,43 @@ +--- +layout: news_post +title: "Ruby 3.3.2 Released" +author: "k0kubun" +translator: +date: 2024-05-30 03:50:00 +0000 +lang: en +--- + +Ruby 3.3.2 has been released. + +This release includes many bug-fixes. +See the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_3_2) for further details. + +## Download + +{% assign release = site.data.releases | where: "version", "3.3.2" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2024-06-12-ruby-3-3-3-released.md b/en/news/_posts/2024-06-12-ruby-3-3-3-released.md new file mode 100644 index 0000000000..0d7492fab4 --- /dev/null +++ b/en/news/_posts/2024-06-12-ruby-3-3-3-released.md @@ -0,0 +1,53 @@ +--- +layout: news_post +title: "Ruby 3.3.3 Released" +author: "k0kubun" +translator: +date: 2024-06-12 00:30:00 +0000 +lang: en +--- + +Ruby 3.3.3 has been released. + +This release includes: + +* RubyGems 3.5.11 +* Bundler 2.5.11 +* REXML 3.2.8 +* strscan 3.0.9 +* `--dump=prism_parsetree` is replaced by `--parser=prism --dump=parsetree` +* Invalid encoding symbols raise `SyntaxError` instead of `EncodingError` +* Memory leak fix in Ripper parsing +* Bugfixes for YJIT, `**{}`, `Ripper.tokenize`, `RubyVM::InstructionSequence#to_binary`, `--with-gmp`, and some build environments + +Please see the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_3_3) for further details. + +## Download + +{% assign release = site.data.releases | where: "version", "3.3.3" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2024-07-09-ruby-3-3-4-released.md b/en/news/_posts/2024-07-09-ruby-3-3-4-released.md new file mode 100644 index 0000000000..d1413568b6 --- /dev/null +++ b/en/news/_posts/2024-07-09-ruby-3-3-4-released.md @@ -0,0 +1,57 @@ +--- +layout: news_post +title: "Ruby 3.3.4 Released" +author: "k0kubun" +translator: +date: 2024-07-09 00:30:00 +0000 +lang: en +--- + +Ruby 3.3.4 has been released. + +This release fixes a regression in Ruby 3.3.3 that dependencies are missing in the gemspec +of some bundled gems: `net-pop`, `net-ftp`, `net-imap`, and `prime` +[[Bug #20581]](https://bugs.ruby-lang.org/issues/20581). +The fix allows Bundler to successfully install those gems on platforms like Heroku. +If your `bundle install` runs correctly now, you may not have this issue. + +Other changes are mostly minor bug fixes. +Please see the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_3_4) for further details. + +## Release Schedule + +Going forward, we intend to release the latest stable Ruby version (currently Ruby 3.3) every 2 months after a `.1` release. +For Ruby 3.3, 3.3.5 is supposed to be released on Sep 3rd, 3.3.6 on Nov 5th, and 3.3.7 on Jan 7th. + +If there's any change that affects a considerable amount of people, e.g. Ruby 3.3.3 users on Heroku for this release, +we may release a new version earlier than expected. + +## Download + +{% assign release = site.data.releases | where: "version", "3.3.4" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md b/en/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md new file mode 100644 index 0000000000..844edd5347 --- /dev/null +++ b/en/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2024-39908: DoS vulnerability in REXML" +author: "watson1978" +translator: +date: 2024-07-16 03:00:00 +0000 +tags: security +lang: en +--- + +There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier [CVE-2024-39908](https://www.cve.org/CVERecord?id=CVE-2024-39908). We strongly recommend upgrading the REXML gem. + +## Details + +When it parses an XML that has many specific characters such as `<`, `0` and `%>`. REXML gem may take long time. + +Please update REXML gem to version 3.3.2 or later. + +## Affected versions + +* REXML gem 3.3.1 or prior + +## Credits + +Thanks to [mprogrammer](https://hackerone.com/mprogrammer) for discovering this issue. + +## History + +* Originally published at 2024-07-16 03:00:00 (UTC) diff --git a/en/news/_posts/2024-07-26-ruby-3-2-5-released.md b/en/news/_posts/2024-07-26-ruby-3-2-5-released.md new file mode 100644 index 0000000000..95ed0effc9 --- /dev/null +++ b/en/news/_posts/2024-07-26-ruby-3-2-5-released.md @@ -0,0 +1,46 @@ +--- +layout: news_post +title: "Ruby 3.2.5 Released" +author: "nagachika" +translator: +date: 2024-07-26 10:00:00 +0000 +lang: en +--- + +Ruby 3.2.5 has been released. + +This release include many bug-fixes. +And we updated the version of bundled gem `rexml` to include the following security fix. +[CVE-2024-39908 : DoS in REXML]({%link en/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md %}). + +Please see the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_2_5) for further details. + +## Download + +{% assign release = site.data.releases | where: "version", "3.2.5" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md b/en/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md new file mode 100644 index 0000000000..d4d5e49bd9 --- /dev/null +++ b/en/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2024-41123: DoS vulnerabilities in REXML" +author: "kou" +translator: +date: 2024-08-01 03:00:00 +0000 +tags: security +lang: en +--- + +There are some DoS vulnerabilities in REXML gem. These vulnerabilities have been assigned the CVE identifier [CVE-2024-41123](https://www.cve.org/CVERecord?id=CVE-2024-41123). We strongly recommend upgrading the REXML gem. + +## Details + +When parsing an XML document that has many specific characters such as whitespace character, `>]` and `]>`, REXML gem may take long time. + +Please update REXML gem to version 3.3.3 or later. + +## Affected versions + +* REXML gem 3.3.2 or prior + +## Credits + +Thanks to [mprogrammer](https://hackerone.com/mprogrammer) and [scyoon](https://hackerone.com/scyoon) for discovering these issues. + +## History + +* Originally published at 2024-08-01 03:00:00 (UTC) diff --git a/en/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md b/en/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md new file mode 100644 index 0000000000..34cad88476 --- /dev/null +++ b/en/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2024-41946: DoS vulnerability in REXML" +author: "kou" +translator: +date: 2024-08-01 03:00:00 +0000 +tags: security +lang: en +--- + +There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier [CVE-2024-41946](https://www.cve.org/CVERecord?id=CVE-2024-41946). We strongly recommend upgrading the REXML gem. + +## Details + +When parsing an XML that has many entity expansions with SAX2 or pull parser API, REXML gem may take long time. + +Please update REXML gem to version 3.3.3 or later. + +## Affected versions + +* REXML gem 3.3.2 or prior + +## Credits + +Thanks to [NAITOH Jun](https://github.com/naitoh) for discovering and fixing this issue. + +## History + +* Originally published at 2024-08-01 03:00:00 (UTC) diff --git a/en/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md b/en/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md new file mode 100644 index 0000000000..86ed5ca251 --- /dev/null +++ b/en/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md @@ -0,0 +1,31 @@ +--- +layout: news_post +title: "CVE-2024-43398: DoS vulnerability in REXML" +author: "kou" +translator: +date: 2024-08-22 03:00:00 +0000 +tags: security +lang: en +--- + +There is a DoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier [CVE-2024-43398](https://www.cve.org/CVERecord?id=CVE-2024-43398). We strongly recommend upgrading the REXML gem. + +## Details + +When parsing an XML that has many deep elements that have same local name attributes, REXML gem may take long time. + +It's only affected with the tree parser API. If you're using `REXML::Document.new` to parse an XML, you may be affected. + +Please update REXML gem to version 3.3.6 or later. + +## Affected versions + +* REXML gem 3.3.5 or prior + +## Credits + +Thanks to [l33thaxor](https://hackerone.com/l33thaxor) for discovering this issue. + +## History + +* Originally published at 2024-08-22 03:00:00 (UTC) diff --git a/en/news/_posts/2024-09-03-3-3-5-released.md b/en/news/_posts/2024-09-03-3-3-5-released.md new file mode 100644 index 0000000000..4780be7748 --- /dev/null +++ b/en/news/_posts/2024-09-03-3-3-5-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.3.5 Released" +author: k0kubun +translator: +date: 2024-09-03 06:40:00 +0000 +lang: en +--- + +Ruby 3.3.5 has been released. + +This is a routine update that includes minor bug fixes. +We recommend upgrading your Ruby version at your earliest convenience. +For more details, please refer to the [GitHub release notes](https://github.com/ruby/ruby/releases/tag/v3_3_5). + +## Release Schedule + +As previously [announced](https://www.ruby-lang.org/en/news/2024/07/09/ruby-3-3-4-released/), we intend to release the latest stable Ruby version (currently Ruby 3.3) every 2 months following a `.1` release. + +We expect to release Ruby 3.3.6 on November 5th and Ruby 3.3.7 on January 7th. If any significant changes arise that impact a large number of users, we may release a new version earlier than scheduled. + +## Download + +{% assign release = site.data.releases | where: "version", "3.3.5" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md b/en/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md new file mode 100644 index 0000000000..4f32eb934a --- /dev/null +++ b/en/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md @@ -0,0 +1,148 @@ +--- +layout: news_post +title: "Ruby 3.4.0 preview2 Released" +author: "naruse" +translator: +date: 2024-10-07 00:00:00 +0000 +lang: en +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-preview2" | first %} +We are pleased to announce the release of Ruby {{ release.version }}. + +## Prism + +Switch the default parser from parse.y to Prism. [[Feature #20564]] + +## Language changes + +* String literals in files without a `frozen_string_literal` comment now emit a deprecation warning + when they are mutated. + These warnings can be enabled with `-W:deprecated` or by setting `Warning[:deprecated] = true`. + To disable this change, you can run Ruby with the `--disable-frozen-string-literal` + command line argument. [[Feature #20205]] + +* `it` is added to reference a block parameter. [[Feature #18980]] + +* Keyword splatting `nil` when calling methods is now supported. + `**nil` is treated similarly to `**{}`, passing no keywords, + and not calling any conversion methods. [[Bug #20064]] + +* Block passing is no longer allowed in index. [[Bug #19918]] + +* Keyword arguments are no longer allowed in index. [[Bug #20218]] + +## Core classes updates + +Note: We're only listing outstanding class updates. + +* Exception + + * `Exception#set_backtrace` now accepts an array of `Thread::Backtrace::Location`. + `Kernel#raise`, `Thread#raise` and `Fiber#raise` also accept this new format. [[Feature #13557]] + +* Range + + * `Range#size` now raises `TypeError` if the range is not iterable. [[Misc #18984]] + + + +## Compatibility issues + +Note: Excluding feature bug fixes. + +* Error messages and backtrace displays have been changed. + * Use a single quote instead of a backtick as a opening quote. [[Feature #16495]] + * Display a class name before a method name (only when the class has a permanent name). [[Feature #19117]] + * `Kernel#caller`, `Thread::Backtrace::Location`'s methods, etc. are also changed accordingly. + + ``` + Old: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + New: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +* `Hash#inspect` rendering has changed. [[Bug #20433]] + * Symbol keys are displayed using the modern symbol key syntax: `"{user: 1}"` + * Other keys now have spaces around `=>`: `'{"user" => 1}'`, while previously they didn't: `'{"user"=>1}'` + +## C API updates + +* `rb_newobj` and `rb_newobj_of` (and corresponding macros `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`) have been removed. [[Feature #20265]] +* Removed deprecated function `rb_gc_force_recycle`. [[Feature #18290]] + +## Implementation improvements + +* `Array#each` is rewritten in Ruby for better performance [[Feature #20182]]. + +## Miscellaneous changes + +* Passing a block to a method which doesn't use the passed block will show + a warning on verbose mode (`-w`). + [[Feature #15554]] + +* Redefining some core methods that are specially optimized by the interpeter + and JIT like `String.freeze` or `Integer#+` now emits a performance class + warning (`-W:performance` or `Warning[:performance] = true`). + [[Feature #20429]] + +See GitHub releases like [Logger](https://github.com/ruby/logger/releases) or +changelog for details of the default gems or bundled gems. + +See [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +or [commit logs](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}) +for more details. + +With those changes, [{{ release.stats.files_changed }} files changed, {{ release.stats.insertions }} insertions(+), {{ release.stats.deletions }} deletions(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket) +since Ruby 3.3.0! + + +## Download + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## What is Ruby + +Ruby was first developed by Matz (Yukihiro Matsumoto) in 1993, +and is now developed as Open Source. It runs on multiple platforms +and is used all over the world especially for web development. + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Bug #20433]: https://bugs.ruby-lang.org/issues/20433 diff --git a/en/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md b/en/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md new file mode 100644 index 0000000000..a62f14e4eb --- /dev/null +++ b/en/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md @@ -0,0 +1,31 @@ +--- +layout: news_post +title: "CVE-2024-49761: ReDoS vulnerability in REXML" +author: "kou" +translator: +date: 2024-10-28 03:00:00 +0000 +tags: security +lang: en +--- + +There is a ReDoS vulnerability in REXML gem. This vulnerability has been assigned the CVE identifier [CVE-2024-49761](https://www.cve.org/CVERecord?id=CVE-2024-49761). We strongly recommend upgrading the REXML gem. + +This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. Note that Ruby 3.1 will reach EOL on 2025-03. + +## Details + +When parsing an XML that has many digits between `&#` and `x...;` in a hex numeric character reference (`&#x...;`). + +Please update REXML gem to version 3.3.9 or later. + +## Affected versions + +* REXML gem 3.3.8 or prior with Ruby 3.1 or prior + +## Credits + +Thanks to [manun](https://hackerone.com/manun) for discovering this issue. + +## History + +* Originally published at 2024-10-28 03:00:00 (UTC) diff --git a/en/news/_posts/2024-10-30-ruby-3-2-6-released.md b/en/news/_posts/2024-10-30-ruby-3-2-6-released.md new file mode 100644 index 0000000000..fe1a34e9dd --- /dev/null +++ b/en/news/_posts/2024-10-30-ruby-3-2-6-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 3.2.6 Released" +author: nagachika +translator: +date: 2024-10-30 10:00:00 +0000 +lang: en +--- + +Ruby 3.2.6 has been released. + +Please see the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_2_6) for further details. + +## Download + +{% assign release = site.data.releases | where: "version", "3.2.6" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2024-11-05-ruby-3-3-6-released.md b/en/news/_posts/2024-11-05-ruby-3-3-6-released.md new file mode 100644 index 0000000000..2311dfde64 --- /dev/null +++ b/en/news/_posts/2024-11-05-ruby-3-3-6-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.3.6 Released" +author: k0kubun +translator: +date: 2024-11-05 04:25:00 +0000 +lang: en +--- + +Ruby 3.3.6 has been released. + +This is a routine update that includes minor bug fixes. +It also stops warning missing default gem dependencies that will be bundled gems in Ruby 3.5. +For more details, please refer to [the release notes on GitHub](https://github.com/ruby/ruby/releases/tag/v3_3_6). + +## Release Schedule + +As previously [announced](https://www.ruby-lang.org/en/news/2024/07/09/ruby-3-3-4-released/), we intend to release the latest stable Ruby version (currently Ruby 3.3) every 2 months following a `.1` release. + +We expect to release Ruby 3.3.7 on January 7th. If any significant changes arise that impact a large number of users, we may release a new version earlier than scheduled. + +## Download + +{% assign release = site.data.releases | where: "version", "3.3.6" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md b/en/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md new file mode 100644 index 0000000000..bbbce49821 --- /dev/null +++ b/en/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md @@ -0,0 +1,194 @@ +--- +layout: news_post +title: "Ruby 3.4.0 rc1 Released" +author: "naruse" +translator: +date: 2024-12-12 00:00:00 +0000 +lang: en +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-rc1" | first %} +We are pleased to announce the release of Ruby {{ release.version }}. + +## Prism + +Switch the default parser from parse.y to Prism. [[Feature #20564]] + +## Modular GC + +* Alternative garbage collector (GC) implementations can be loaded dynamically + through the modular garbage collector feature. To enable this feature, + configure Ruby with `--with-modular-gc` at build time. GC libraries can be + loaded at runtime using the environment variable `RUBY_GC_LIBRARY`. + [[Feature #20351]] + +* Ruby's built-in garbage collector has been split into a separate file at + `gc/default/default.c` and interacts with Ruby using an API defined in + `gc/gc_impl.h`. The built-in garbage collector can now also be built as a + library using `make modular-gc MODULAR_GC=default` and enabled using the + environment variable `RUBY_GC_LIBRARY=default`. [[Feature #20470]] + +* An experimental GC library is provided based on [MMTk](https://www.mmtk.io/). + This GC library can be built using `make modular-gc MODULAR_GC=mmtk` and + enabled using the environment variable `RUBY_GC_LIBRARY=mmtk`. This requires + the Rust toolchain on the build machine. [[Feature #20860]] + + +## Language changes + +* String literals in files without a `frozen_string_literal` comment now emit a deprecation warning + when they are mutated. + These warnings can be enabled with `-W:deprecated` or by setting `Warning[:deprecated] = true`. + To disable this change, you can run Ruby with the `--disable-frozen-string-literal` + command line argument. [[Feature #20205]] + +* `it` is added to reference a block parameter. [[Feature #18980]] + +* Keyword splatting `nil` when calling methods is now supported. + `**nil` is treated similarly to `**{}`, passing no keywords, + and not calling any conversion methods. [[Bug #20064]] + +* Block passing is no longer allowed in index. [[Bug #19918]] + +* Keyword arguments are no longer allowed in index. [[Bug #20218]] + +## YJIT + +TL;DR: +* Better performance on most benchmarks on both x86-64 and arm64 platforms. +* Reduced memory usage of compilation metadata +* Multiple bug fixes. YJIT is now even more robust and better tested. + +New features: +* Add unified memory limit via `--yjit-mem-size` command-line option (default 128MiB) + which tracks total YJIT memory usage and is more intuitive than the + old `--yjit-exec-mem-size`. +* More statistics now always available via `RubyVM::YJIT.runtime_stats` +* Add compilation log to track what gets compiled via `--yjit-log` + * Tail of the log also available at run-time via `RubyVM::YJIT.log` +* Add support for shareable consts in multi-ractor mode +* Can now trace counted exits with `--yjit-trace-exits=COUNTER` + +New optimizations: +* Compressed context reduces memory needed to store YJIT metadata +* Improved allocator with ability to allocate registers for local variables +* When YJIT is enabled, use more Core primitives written in Ruby: + * `Array#each`, `Array#select`, `Array#map` rewritten in Ruby for better performance [[Feature #20182]]. +* Ability to inline small/trivial methods such as: + * Empty methods + * Methods returning a constant + * Methods returning `self` + * Methods directly returning an argument +* Specialized codegen for many more runtime methods +* Optimize `String#getbyte`, `String#setbyte` and other string methods +* Optimize bitwise operations to speed up low-level bit/byte manipulation +* Various other incremental optimizations + +## Core classes updates + +Note: We're only listing outstanding class updates. + +* Exception + + * `Exception#set_backtrace` now accepts an array of `Thread::Backtrace::Location`. + `Kernel#raise`, `Thread#raise` and `Fiber#raise` also accept this new format. [[Feature #13557]] + +* Range + + * `Range#size` now raises `TypeError` if the range is not iterable. [[Misc #18984]] + + + +## Compatibility issues + +Note: Excluding feature bug fixes. + +* Error messages and backtrace displays have been changed. + * Use a single quote instead of a backtick as a opening quote. [[Feature #16495]] + * Display a class name before a method name (only when the class has a permanent name). [[Feature #19117]] + * `Kernel#caller`, `Thread::Backtrace::Location`'s methods, etc. are also changed accordingly. + + ``` + Old: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + New: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +## C API updates + +* `rb_newobj` and `rb_newobj_of` (and corresponding macros `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`) have been removed. [[Feature #20265]] +* Removed deprecated function `rb_gc_force_recycle`. [[Feature #18290]] + +## Miscellaneous changes + +* Passing a block to a method which doesn't use the passed block will show + a warning on verbose mode (`-w`). + [[Feature #15554]] + +* Redefining some core methods that are specially optimized by the interpeter + and JIT like `String.freeze` or `Integer#+` now emits a performance class + warning (`-W:performance` or `Warning[:performance] = true`). + [[Feature #20429]] + +See GitHub releases like [Logger](https://github.com/ruby/logger/releases) or +changelog for details of the default gems or bundled gems. + +See [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +or [commit logs](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}) +for more details. + +With those changes, [{{ release.stats.files_changed }} files changed, {{ release.stats.insertions }} insertions(+), {{ release.stats.deletions }} deletions(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket) +since Ruby 3.3.0! + + +## Download + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## What is Ruby + +Ruby was first developed by Matz (Yukihiro Matsumoto) in 1993, +and is now developed as Open Source. It runs on multiple platforms +and is used all over the world especially for web development. + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20351]: https://bugs.ruby-lang.org/issues/20351 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20470]: https://bugs.ruby-lang.org/issues/20470 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Feature #20860]: https://bugs.ruby-lang.org/issues/20860 diff --git a/en/news/_posts/2024-12-25-ruby-3-4-0-released.md b/en/news/_posts/2024-12-25-ruby-3-4-0-released.md new file mode 100644 index 0000000000..944ef4e583 --- /dev/null +++ b/en/news/_posts/2024-12-25-ruby-3-4-0-released.md @@ -0,0 +1,346 @@ +--- +layout: news_post +title: "Ruby 3.4.0 Released" +author: "naruse" +translator: +date: 2024-12-25 00:00:00 +0000 +lang: en +--- + +{% assign release = site.data.releases | where: "version", "3.4.0" | first %} +We are pleased to announce the release of Ruby {{ release.version }}. Ruby 3.4 adds `it` block parameter reference, +changes Prism as default parser, adds Happy Eyeballs Version 2 support to socket library, improves YJIT, +adds Modular GC, and so on. + +## `it` is introduced + +`it` is added to reference a block parameter with no variable name. [[Feature #18980]] + +```ruby +ary = ["foo", "bar", "baz"] + +p ary.map { it.upcase } #=> ["FOO", "BAR", "BAZ"] +``` + +`it` very much behaves the same as `_1`. When the intention is to only use `_1` in a block, the potential for other numbered parameters such as `_2` to also appear imposes an extra cognitive load onto readers. So `it` was introduced as a handy alias. Use `it` in simple cases where `it` speaks for itself, such as in one-line blocks. + +## Prism is now the default parser + +Switch the default parser from parse.y to Prism. [[Feature #20564]] + +This is an internal improvement and there should be little change visible to the user. If you notice any compatibility issues, please report them to us. + +To use the conventional parser, use the command-line argument `--parser=parse.y`. + +## The socket library now features Happy Eyeballs Version 2 (RFC 8305) + +The socket library now features [Happy Eyeballs Version 2 (RFC 8305)](https://datatracker.ietf.org/doc/html/rfc8305), the latest standardized version of a widely adopted approach for better connectivity in many programming languages, in `TCPSocket.new` (`TCPSocket.open`) and `Socket.tcp`. +This improvement enables Ruby to provide efficient and reliable network connections, adapted to modern internet environments. + +Until Ruby 3.3, these methods performed name resolution and connection attempts serially. With this algorithm, they now operate as follows: + +1. Performs IPv6 and IPv4 name resolution concurrently +2. Attempt connections to the resolved IP addresses, prioritizing IPv6, with parallel attempts staggered at 250ms intervals +3. Return the first successful connection while canceling any others + +This ensures minimized connection delays, even if a specific protocol or IP address is delayed or unavailable. +This feature is enabled by default, so additional configuration is not required to use it. To disable it globally, set the environment variable `RUBY_TCP_NO_FAST_FALLBACK=1` or call `Socket.tcp_fast_fallback=false`. Or to disable it on a per-method basis, use the keyword argument `fast_fallback: false`. + +## YJIT + +### TL;DR + +* Better performance across most benchmarks on both x86-64 and arm64 platforms. +* Reduced memory usage through compressed metadata and a unified memory limit. +* Various bug fixes: YJIT is now more robust and thoroughly tested. + +### New features + +* Command-line options + * `--yjit-mem-size` introduces a unified memory limit (default 128MiB) to track total YJIT memory usage, + providing a more intuitive alternative to the old `--yjit-exec-mem-size` option. + * `--yjit-log` enables a compilation log to track what gets compiled. +* Ruby API + * `RubyVM::YJIT.log` provides access to the tail of the compilation log at run-time. +* YJIT stats + * `RubyVM::YJIT.runtime_stats` now always provides additional statistics on + invalidation, inlining, and metadata encoding. + +### New optimizations + +* Compressed context reduces memory needed to store YJIT metadata +* Allocate registers for local variables and Ruby method arguments +* When YJIT is enabled, use more Core primitives written in Ruby: + * `Array#each`, `Array#select`, `Array#map` rewritten in Ruby for better performance [[Feature #20182]]. +* Ability to inline small/trivial methods such as: + * Empty methods + * Methods returning a constant + * Methods returning `self` + * Methods directly returning an argument +* Specialized codegen for many more runtime methods +* Optimize `String#getbyte`, `String#setbyte` and other string methods +* Optimize bitwise operations to speed up low-level bit/byte manipulation +* Support shareable constants in multi-ractor mode +* Various other incremental optimizations + +## Modular GC + +* Alternative garbage collector (GC) implementations can be loaded dynamically + through the modular garbage collector feature. To enable this feature, + configure Ruby with `--with-modular-gc` at build time. GC libraries can be + loaded at runtime using the environment variable `RUBY_GC_LIBRARY`. + [[Feature #20351]] + +* Ruby's built-in garbage collector has been split into a separate file at + `gc/default/default.c` and interacts with Ruby using an API defined in + `gc/gc_impl.h`. The built-in garbage collector can now also be built as a + library using `make modular-gc MODULAR_GC=default` and enabled using the + environment variable `RUBY_GC_LIBRARY=default`. [[Feature #20470]] + +* An experimental GC library is provided based on [MMTk](https://www.mmtk.io/). + This GC library can be built using `make modular-gc MODULAR_GC=mmtk` and + enabled using the environment variable `RUBY_GC_LIBRARY=mmtk`. This requires + the Rust toolchain on the build machine. [[Feature #20860]] + +## Language changes + +* String literals in files without a `frozen_string_literal` comment now emit a deprecation warning + when they are mutated. + These warnings can be enabled with `-W:deprecated` or by setting `Warning[:deprecated] = true`. + To disable this change, you can run Ruby with the `--disable-frozen-string-literal` + command line argument. [[Feature #20205]] + +* Keyword splatting `nil` when calling methods is now supported. + `**nil` is treated similarly to `**{}`, passing no keywords, + and not calling any conversion methods. [[Bug #20064]] + +* Block passing is no longer allowed in index. [[Bug #19918]] + +* Keyword arguments are no longer allowed in index. [[Bug #20218]] + +* The toplevel name `::Ruby` is reserved now, and the definition will be warned when `Warning[:deprecated]`. [[Feature #20884]] + +## Core classes updates + +Note: We're only listing notable updates of Core class. + +* Exception + + * `Exception#set_backtrace` now accepts an array of `Thread::Backtrace::Location`. + `Kernel#raise`, `Thread#raise` and `Fiber#raise` also accept this new format. [[Feature #13557]] + +* GC + + * `GC.config` added to allow setting configuration variables on the Garbage + Collector. [[Feature #20443]] + + * GC configuration parameter `rgengc_allow_full_mark` introduced. When `false` + GC will only mark young objects. Default is `true`. [[Feature #20443]] + +* Ractor + + * `require` in Ractor is allowed. The requiring process will be run on + the main Ractor. + `Ractor._require(feature)` is added to run requiring process on the + main Ractor. + [[Feature #20627]] + + * `Ractor.main?` is added. [[Feature #20627]] + + * `Ractor.[]` and `Ractor.[]=` are added to access the ractor local storage + of the current Ractor. [[Feature #20715]] + + * `Ractor.store_if_absent(key){ init }` is added to initialize ractor local + variables in thread-safty. [[Feature #20875]] + +* Range + + * `Range#size` now raises `TypeError` if the range is not iterable. [[Misc #18984]] + + +## Standard Library updates + +Note: We're only listing notable updates of Standard libraries. + +* RubyGems + * Add `--attestation` option to gem push. It enabled to store signature to [sigstore.dev] + +* Bundler + * Add a `lockfile_checksums` configuration to include checksums in fresh lockfiles + * Add bundle lock `--add-checksums` to add checksums to an existing lockfile + +* JSON + + * Performance improvements of `JSON.parse` about 1.5 times faster than json-2.7.x. + +* Tempfile + + * The keyword argument `anonymous: true` is implemented for Tempfile.create. + `Tempfile.create(anonymous: true)` removes the created temporary file immediately. + So applications don't need to remove the file. + [[Feature #20497]] + +* win32/sspi.rb + + * This library is now extracted from the Ruby repository to [ruby/net-http-sspi]. + [[Feature #20775]] + +## Compatibility issues + +Note: Excluding feature bug fixes. + +* Error messages and backtrace displays have been changed. + * Use a single quote instead of a backtick as a opening quote. [[Feature #16495]] + * Display a class name before a method name (only when the class has a permanent name). [[Feature #19117]] + * `Kernel#caller`, `Thread::Backtrace::Location`'s methods, etc. are also changed accordingly. + + ``` + Old: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + New: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +* Hash#inspect rendering have been changed. [[Bug #20433]] + + * Symbol keys are displayed using the modern symbol key syntax: `"{user: 1}"` + * Other keys now have spaces around `=>`: `'{"user" => 1}'`, while previously they didn't: `'{"user"=>1}'` + +* Kernel#Float() now accepts a decimal string with decimal part omitted. [[Feature #20705]] + + ```rb + Float("1.") #=> 1.0 (previously, an ArgumentError was raised) + Float("1.E-1") #=> 0.1 (previously, an ArgumentError was raised) + ``` + +* String#to_f now accepts a decimal string with decimal part omitted. Note that the result changes when an exponent is specified. [[Feature #20705]] + + ```rb + "1.".to_f #=> 1.0 + "1.E-1".to_f #=> 0.1 (previously, 1.0 was returned) + ``` + +* Refinement#refined_class has been removed. [[Feature #19714]] + +## Standard library compatibility issues + +* DidYouMean + + * `DidYouMean::SPELL_CHECKERS[]=` and `DidYouMean::SPELL_CHECKERS.merge!` are removed. + +* Net::HTTP + + * Removed the following deprecated constants: + * `Net::HTTP::ProxyMod` + * `Net::NetPrivate::HTTPRequest` + * `Net::HTTPInformationCode` + * `Net::HTTPSuccessCode` + * `Net::HTTPRedirectionCode` + * `Net::HTTPRetriableCode` + * `Net::HTTPClientErrorCode` + * `Net::HTTPFatalErrorCode` + * `Net::HTTPServerErrorCode` + * `Net::HTTPResponseReceiver` + * `Net::HTTPResponceReceiver` + + These constants were deprecated from 2012. + +* Timeout + + * Reject negative values for Timeout.timeout. [[Bug #20795]] + +* URI + + * Switched default parser to RFC 3986 compliant from RFC 2396 compliant. + [[Bug #19266]] + +## C API updates + +* `rb_newobj` and `rb_newobj_of` (and corresponding macros `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`) have been removed. [[Feature #20265]] +* Removed deprecated function `rb_gc_force_recycle`. [[Feature #18290]] + +## Miscellaneous changes + +* Passing a block to a method which doesn't use the passed block will show + a warning on verbose mode (`-w`). + [[Feature #15554]] + +* Redefining some core methods that are specially optimized by the interpreter + and JIT like `String.freeze` or `Integer#+` now emits a performance class + warning (`-W:performance` or `Warning[:performance] = true`). + [[Feature #20429]] + +See [NEWS](https://docs.ruby-lang.org/en/3.4/NEWS_md.html) +or [commit logs](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}) +for more details. + +With those changes, [{{ release.stats.files_changed }} files changed, {{ release.stats.insertions }} insertions(+), {{ release.stats.deletions }} deletions(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket) +since Ruby 3.3.0! + +Merry Christmas, Happy Holidays, and enjoy programming with Ruby 3.4! + +## Download + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## What is Ruby + +Ruby was first developed by Matz (Yukihiro Matsumoto) in 1993, +and is now developed as Open Source. It runs on multiple platforms +and is used all over the world especially for web development. + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19266]: https://bugs.ruby-lang.org/issues/19266 +[Feature #19714]: https://bugs.ruby-lang.org/issues/19714 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20351]: https://bugs.ruby-lang.org/issues/20351 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20443]: https://bugs.ruby-lang.org/issues/20443 +[Feature #20470]: https://bugs.ruby-lang.org/issues/20470 +[Feature #20497]: https://bugs.ruby-lang.org/issues/20497 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Bug #20620]: https://bugs.ruby-lang.org/issues/20620 +[Feature #20627]: https://bugs.ruby-lang.org/issues/20627 +[Feature #20705]: https://bugs.ruby-lang.org/issues/20705 +[Feature #20715]: https://bugs.ruby-lang.org/issues/20715 +[Feature #20775]: https://bugs.ruby-lang.org/issues/20775 +[Bug #20795]: https://bugs.ruby-lang.org/issues/20795 +[Bug #20433]: https://bugs.ruby-lang.org/issues/20433 +[Feature #20860]: https://bugs.ruby-lang.org/issues/20860 +[Feature #20875]: https://bugs.ruby-lang.org/issues/20875 +[Feature #20884]: https://bugs.ruby-lang.org/issues/20884 +[sigstore.dev]: https://www.sigstore.dev +[ruby/net-http-sspi]: https://github.com/ruby/net-http-sspi diff --git a/en/news/_posts/2024-12-25-ruby-3-4-1-released.md b/en/news/_posts/2024-12-25-ruby-3-4-1-released.md new file mode 100644 index 0000000000..92b6f4a18c --- /dev/null +++ b/en/news/_posts/2024-12-25-ruby-3-4-1-released.md @@ -0,0 +1,39 @@ +--- +layout: news_post +title: "Ruby 3.4.1 Released" +author: "naruse" +translator: +date: 2024-12-25 00:00:00 +0000 +lang: en +--- + +Ruby 3.4.1 has been released. + +This fixes the version description. + +See the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_4_1) for further details. + +## Download + +{% assign release = site.data.releases | where: "version", "3.4.1" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} diff --git a/en/news/_posts/2025-01-15-ruby-3-3-7-released.md b/en/news/_posts/2025-01-15-ruby-3-3-7-released.md new file mode 100644 index 0000000000..1a57e67d7a --- /dev/null +++ b/en/news/_posts/2025-01-15-ruby-3-3-7-released.md @@ -0,0 +1,43 @@ +--- +layout: news_post +title: "Ruby 3.3.7 Released" +author: k0kubun +translator: +date: 2025-01-15 07:51:59 +0000 +lang: en +--- + +Ruby 3.3.7 has been released. + +This is a routine update that includes minor bug fixes. +Please refer to [the release notes on GitHub](https://github.com/ruby/ruby/releases/tag/v3_3_7) for further details. + +## Download + +{% assign release = site.data.releases | where: "version", "3.3.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2025-02-04-ruby-3-2-7-released.md b/en/news/_posts/2025-02-04-ruby-3-2-7-released.md new file mode 100644 index 0000000000..a10c86dec4 --- /dev/null +++ b/en/news/_posts/2025-02-04-ruby-3-2-7-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 3.2.7 Released" +author: nagachika +translator: +date: 2025-02-04 12:00:00 +0000 +lang: en +--- + +Ruby 3.2.7 has been released. + +Please see the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_2_7) for further details. + +## Download + +{% assign release = site.data.releases | where: "version", "3.2.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md b/en/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md new file mode 100644 index 0000000000..8b39b12ed5 --- /dev/null +++ b/en/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2025-25186: DoS vulnerability in net-imap" +author: "nevans" +translator: +date: 2025-02-10 03:00:00 +0000 +tags: security +lang: en +--- + +There is a possibility for DoS by in the net-imap gem. This vulnerability has been assigned the CVE identifier [CVE-2025-25186](https://www.cve.org/CVERecord?id=CVE-2025-25186). We recommend upgrading the net-imap gem. + +## Details + +A malicious server can send highly compressed uid-set data which is automatically read by the client's receiver thread. The response parser uses Range#to_a to convert the uid-set data into arrays of integers, with no limitation on the expanded size of the ranges. + +Please update net-imap gem to version 0.3.8, 0.4.19, 0.5.6, or later. + +## Affected versions + +* net-imap gem versions 0.3.2 to 0.3.7, 0.4.0 to 0.4.18, and 0.5.0 to 0.5.5 (inclusive). + +## Credits + +Thanks to [manun](https://hackerone.com/manun) for discovering this issue. + +## History + +* Originally published at 2025-02-10 03:00:00 (UTC) diff --git a/en/news/_posts/2025-02-14-ruby-3-4-2-released.md b/en/news/_posts/2025-02-14-ruby-3-4-2-released.md new file mode 100644 index 0000000000..b176f52814 --- /dev/null +++ b/en/news/_posts/2025-02-14-ruby-3-4-2-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.4.2 Released" +author: k0kubun +translator: +date: 2025-02-14 21:55:17 +0000 +lang: en +--- + +Ruby 3.4.2 has been released. + +This is a routine update that includes bug fixes. Please refer to the +[release notes on GitHub](https://github.com/ruby/ruby/releases/tag/v3_4_2) for further details. + +## Release Schedule + +We intend to release the latest stable Ruby version (currently Ruby 3.4) every 2 months. +Ruby 3.4.3 will be released in April, 3.4.4 in June, 3.4.5 in August, 3.4.6 in October, and 3.4.7 in December. + +If there's any change that affects a considerable amount of people, those versions may be released earlier than expected. + +## Download + +{% assign release = site.data.releases | where: "version", "3.4.2" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2025-02-26-security-advisories.md b/en/news/_posts/2025-02-26-security-advisories.md new file mode 100644 index 0000000000..25ae9f4250 --- /dev/null +++ b/en/news/_posts/2025-02-26-security-advisories.md @@ -0,0 +1,70 @@ +--- +layout: news_post +title: "Security advisories: CVE-2025-27219, CVE-2025-27220 and CVE-2025-27221" +author: "hsbt" +translator: +date: 2025-02-26 07:00:00 +0000 +tags: security +lang: en +--- + +We published security advisories for CVE-2025-27219, CVE-2025-27220 and CVE-2025-27221. Please read the details below. + +## CVE-2025-27219: Denial of Service in `CGI::Cookie.parse`. + +There is a possibility for DoS by in the cgi gem. This vulnerability has been assigned the CVE identifier [CVE-2025-27219](https://www.cve.org/CVERecord?id=CVE-2025-27219). We recommend upgrading the cgi gem. + +### Details + +`CGI::Cookie.parse` took super-linear time to parse a cookie string in some cases. Feeding a maliciously crafted cookie string into the method could lead to a Denial of Service. + +Please update CGI gem to version 0.3.5.1, 0.3.7, 0.4.2 or later. + +### Affected versions + +* cgi gem versions <= 0.3.5, 0.3.6, 0.4.0 and 0.4.1. + +### Credits + +Thanks to [lio346](https://hackerone.com/lio346) for discovering this issue. Also thanks to [mame](https://github.com/mame) for fixing this vulnerability. + +## CVE-2025-27220: ReDoS in `CGI::Util#escapeElement`. + +There is a possibility for Regular expression Denial of Service(ReDoS) by in the cgi gem. This vulnerability has been assigned the CVE identifier [CVE-2025-27220](https://www.cve.org/CVERecord?id=CVE-2025-27220). We recommend upgrading the cgi gem. + +### Details + +The regular expression used in `CGI::Util#escapeElement` is vulnerable to ReDoS. The crafted input could lead to a high CPU consumption. + +This vulnerability only affects Ruby 3.1 and 3.2. If you are using these versions, please update CGI gem to version 0.3.5.1, 0.3.7, 0.4.2 or later. + +### Affected versions + +* cgi gem versions <= 0.3.5, 0.3.6, 0.4.0 and 0.4.1. + +### Credits + +Thanks to [svalkanov](https://hackerone.com/svalkanov) for discovering this issue. Also thanks to [nobu](https://github.com/nobu) for fixing this vulnerability. + + +## CVE-2025-27221: userinfo leakage in `URI#join`, `URI#merge` and `URI#+`. + +There is a possibility for userinfo leakage by in the uri gem. This vulnerability has been assigned the CVE identifier [CVE-2025-27221](https://www.cve.org/CVERecord?id=CVE-2025-27221). We recommend upgrading the uri gem. + +### Details + +The methods `URI#join`, `URI#merge`, and `URI#+` retained userinfo, such as `user:password`, even after the host is replaced. When generating a URL to a malicious host from a URL containing secret userinfo using these methods, and having someone access that URL, an unintended userinfo leak could occur. + +Please update URI gem to version 0.11.3, 0.12.4, 0.13.2, 1.0.3 or later. + +### Affected versions + +* uri gem versions < 0.11.3, 0.12.0 to 0.12.3, 0.13.0, 0.13.1 and 1.0.0 to 1.0.2. + +### Credits + +Thanks to [Tsubasa Irisawa (lambdasawa)](https://hackerone.com/lambdasawa) for discovering this issue. Also thanks to [nobu](https://github.com/nobu) for additional fixes of this vulnerability. + +## History + +* Originally published at 2025-02-26 7:00:00 (UTC) diff --git a/en/news/_posts/2025-03-26-ruby-3-1-7-released.md b/en/news/_posts/2025-03-26-ruby-3-1-7-released.md new file mode 100644 index 0000000000..e84a3c6eae --- /dev/null +++ b/en/news/_posts/2025-03-26-ruby-3-1-7-released.md @@ -0,0 +1,46 @@ +--- +layout: news_post +title: "Ruby 3.1.7 Released" +author: hsbt +translator: +date: 2025-03-26 04:44:27 +0000 +lang: en +--- + +Ruby 3.1.7 has been released. This release includes [CVE-2025-27219, CVE-2025-27220 and CVE-2025-27221 fixes](https://www.ruby-lang.org/en/news/2025/02/26/security-advisories/) and update bundled REXML and RSS gems. + +Please see the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_1_7) for further details. + +This version is a final release of Ruby 3.1 series. We will not provide any further updates including security fixes for Ruby 3.1 series. + +We recommend you to upgrade to Ruby 3.3 or 3.4 series. + +## Download + +{% assign release = site.data.releases | where: "version", "3.1.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2025-03-26-ruby-3-2-8-released.md b/en/news/_posts/2025-03-26-ruby-3-2-8-released.md new file mode 100644 index 0000000000..8acf005161 --- /dev/null +++ b/en/news/_posts/2025-03-26-ruby-3-2-8-released.md @@ -0,0 +1,46 @@ +--- +layout: news_post +title: "Ruby 3.2.8 Released" +author: hsbt +translator: +date: 2025-03-26 04:45:01 +0000 +lang: en +--- + +Ruby 3.2.8 has been released. This release includes [CVE-2025-27219, CVE-2025-27220 and CVE-2025-27221 fixes](https://www.ruby-lang.org/en/news/2025/02/26/security-advisories/). + +Please see the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_2_8) for further details. + +This version is a last version of normal maintenance for Ruby 3.2 series. We will fix only security issues for Ruby 3.2 series until end of March 2026. + +Please consider upgrading to Ruby 3.3 or 3.4 series. + +## Download + +{% assign release = site.data.releases | where: "version", "3.2.8" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2025-04-09-ruby-3-3-8-released.md b/en/news/_posts/2025-04-09-ruby-3-3-8-released.md new file mode 100644 index 0000000000..7ca452a3e7 --- /dev/null +++ b/en/news/_posts/2025-04-09-ruby-3-3-8-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 3.3.8 Released" +author: nagachika +translator: +date: 2025-04-09 11:00:00 +0000 +lang: en +--- + +Ruby 3.3.8 has been released. + +Please see the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_3_8) for further details. + +## Download + +{% assign release = site.data.releases | where: "version", "3.3.8" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2025-04-14-ruby-3-4-3-released.md b/en/news/_posts/2025-04-14-ruby-3-4-3-released.md new file mode 100644 index 0000000000..d2a160d9cf --- /dev/null +++ b/en/news/_posts/2025-04-14-ruby-3-4-3-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.4.3 Released" +author: k0kubun +translator: +date: 2025-04-14 08:06:57 +0000 +lang: en +--- + +Ruby 3.4.3 has been released. + +This is a routine update that includes bug fixes. Please refer to the +[release notes on GitHub](https://github.com/ruby/ruby/releases/tag/v3_4_3) for further details. + +## Release Schedule + +We intend to release the latest stable Ruby version (currently Ruby 3.4) every 2 months. +Ruby 3.4.4 will be released in June, 3.4.5 in August, 3.4.6 in October, and 3.4.7 in December. + +If there's any change that affects a considerable amount of people, those versions may be released earlier than expected. + +## Download + +{% assign release = site.data.releases | where: "version", "3.4.3" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/en/news/_posts/2025-04-18-ruby-3-5-0-preview1-released.md b/en/news/_posts/2025-04-18-ruby-3-5-0-preview1-released.md new file mode 100644 index 0000000000..3a14de85d3 --- /dev/null +++ b/en/news/_posts/2025-04-18-ruby-3-5-0-preview1-released.md @@ -0,0 +1,110 @@ +--- +layout: news_post +title: "Ruby 3.5.0 preview1 Released" +author: "naruse" +translator: +date: 2025-04-18 00:00:00 +0000 +lang: en +--- + +{% assign release = site.data.releases | where: "version", "3.5.0-preview1" | first %} +We are pleased to announce the release of Ruby {{ release.version }}. Ruby 3.5 updates its Unicode version to 15.1.0, and so on. + +## Language changes + +* `*nil` no longer calls `nil.to_a`, similar to how `**nil` does + not call `nil.to_hash`. [[Feature #21047]] + +## Core classes updates + +Note: We're only listing notable updates of Core class. + +* Binding + + * `Binding#local_variables` does no longer include numbered parameters. + Also, `Binding#local_variable_get` and `Binding#local_variable_set` reject to handle numbered parameters. + [[Bug #21049]] + +* IO + + * `IO.select` accepts +Float::INFINITY+ as a timeout argument. + [[Feature #20610]] + +* String + + * Update Unicode to Version 15.1.0 and Emoji Version 15.1. [[Feature #19908]] + (also applies to Regexp) + + +## Standard Library updates + +Note: We're only listing notable updates of Standard librarires. + +* ostruct 0.6.1 +* pstore 0.2.0 +* benchmark 0.4.0 +* logger 1.7.0 +* rdoc 6.13.1 +* win32ole 1.9.2 +* irb 1.15.2 +* reline 0.6.1 +* readline 0.0.4 +* fiddle 1.1.6 + +## Compatibility issues + +Note: Excluding feature bug fixes. + + + +## Standard library compatibility issues + + +## C API updates + + + +## Miscellaneous changes + + + +See [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +or [commit logs](https://github.com/ruby/ruby/compare/v3_4_0...{{ release.tag }}) +for more details. + +With those changes, [{{ release.stats.files_changed }} files changed, {{ release.stats.insertions }} insertions(+), {{ release.stats.deletions }} deletions(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket) +since Ruby 3.4.0! + +## Download + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## What is Ruby + +Ruby was first developed by Matz (Yukihiro Matsumoto) in 1993, +and is now developed as Open Source. It runs on multiple platforms +and is used all over the world especially for web development. + +[Feature #21047]: https://bugs.ruby-lang.org/issues/21047 +[Bug #21049]: https://bugs.ruby-lang.org/issues/21049 +[Feature #20610]: https://bugs.ruby-lang.org/issues/20610 +[Feature #19908]: https://bugs.ruby-lang.org/issues/19908 diff --git a/en/news/_posts/2025-04-28-dos-net-imap-cve-2025-43857.md b/en/news/_posts/2025-04-28-dos-net-imap-cve-2025-43857.md new file mode 100644 index 0000000000..7183d72188 --- /dev/null +++ b/en/news/_posts/2025-04-28-dos-net-imap-cve-2025-43857.md @@ -0,0 +1,35 @@ +--- +layout: news_post +title: "CVE-2025-43857: DoS vulnerability in net-imap" +author: "nevans" +translator: +date: 2025-04-28 16:02:04 +0000 +tags: security +lang: en +--- + +There is a possibility for DoS by in the net-imap gem. This vulnerability has been assigned the CVE identifier [CVE-2025-43857]. We recommend upgrading the net-imap gem. + +## Details + +A malicious server can send can send a "literal" byte count which is automatically read by the client's receiver thread. The response reader immediately allocates memory for the number of bytes indicated by the server response. This should not be an issue when securely connecting to trusted IMAP servers that are well-behaved. It affects insecure connections and buggy, untrusted, or compromised servers (for example, connecting to a user supplied hostname). + +Please update net-imap gem to version 0.2.5, 0.3.9, 0.4.20, 0.5.7, or later. + +When connecting to untrusted servers or using an insecure connection, `max_response_size` and response handlers must be configured appropriately to limit memory consumption. See [GHSA-j3g3-5qv5-52mj] for more details. + +## Affected versions + +net-imap gem versions <= 0.2.4, 0.3.0 to 0.3.8, 0.4.0 to 0.4.19, and 0.5.0 to 0.5.6. + +## Credits + +Thanks to [Masamune] for discovering this issue. + +## History + +* Originally published at 2025-04-28 16:02:04 (UTC) + +[CVE-2025-43857]: https://www.cve.org/CVERecord?id=CVE-2025-43857 +[GHSA-j3g3-5qv5-52mj]: https://github.com/ruby/net-imap/security/advisories/GHSA-j3g3-5qv5-52mj +[Masamune]: https://hackerone.com/masamune_ diff --git a/es/about/index.md b/es/about/index.md index cef7eea359..c3e52af870 100644 --- a/es/about/index.md +++ b/es/about/index.md @@ -191,7 +191,7 @@ encuentran las siguientes: Ruby, como lenguaje, tiene algunas implementaciones diferentes. Esta página ha estado discutiendo la implementación de referencia, en la comunidad a menudo referida como **MRI** ("Matz’s Ruby Interpreter") o **CRuby** (ya que está escrito en C), pero también hay otros. -Ellos on útiles en ciertas situaciones, proporcionan una integración adicional a otros lenguajes o entornos, o tienen características especiales que **MRI** no tiene. +Ellos son útiles en ciertas situaciones, proporcionan una integración adicional a otros lenguajes o entornos, o tienen características especiales que **MRI** no tiene. Aquí hay una lista: diff --git a/es/community/mailing-lists/index.md b/es/community/mailing-lists/index.md index 0a81bd38fe..5e6f2a8649 100644 --- a/es/community/mailing-lists/index.md +++ b/es/community/mailing-lists/index.md @@ -28,10 +28,10 @@ Ruby-CVS ## Suscribirse o desuscribirse -[Suscribirse o desuscribirse](https://ml.ruby-lang.org/mailman3/postorius/lists/) +[Suscribirse o desuscribirse](https://ml.ruby-lang.org/mailman3/lists/) -[4]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-talk@ml.ruby-lang.org/ -[5]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-core@ml.ruby-lang.org/ -[6]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-doc@ml.ruby-lang.org/ +[4]: https://ml.ruby-lang.org/archives/list/ruby-talk@ml.ruby-lang.org/ +[5]: https://ml.ruby-lang.org/archives/list/ruby-core@ml.ruby-lang.org/ +[6]: https://ml.ruby-lang.org/archives/list/ruby-doc@ml.ruby-lang.org/ diff --git a/es/documentation/index.md b/es/documentation/index.md index fbc4a8ef72..dfc6ef17e3 100644 --- a/es/documentation/index.md +++ b/es/documentation/index.md @@ -118,8 +118,6 @@ Rubiceros: * En Windows: * [Notepad++][29] - * [E-TextEditor][30] - * [Ruby In Steel][31] * En macOS: * [TextMate][32] @@ -165,8 +163,6 @@ comenzar. [27]: http://www.jetbrains.com/ruby/ [28]: http://www.scintilla.org/SciTE.html [29]: http://notepad-plus-plus.org/ -[30]: http://www.e-texteditor.com/ -[31]: http://www.sapphiresteel.com/ [32]: http://macromates.com/ [33]: https://www.barebones.com/products/bbedit/ [34]: http://ruby-doc.org diff --git a/es/documentation/quickstart/3/index.md b/es/documentation/quickstart/3/index.md index 550e84b49d..6f0dbbdd80 100644 --- a/es/documentation/quickstart/3/index.md +++ b/es/documentation/quickstart/3/index.md @@ -104,7 +104,7 @@ una forma fácil para permitir acceder a las variables de un objeto. irb(main):044:0> class Anfitrion irb(main):045:1> attr_accessor :nombre irb(main):046:1> end -=> nil +=> [:nombre, :nombre=] {% endhighlight %} En Ruby, puedes volver a abrir una clase y modificarla. Eso no cambia diff --git a/es/examples/hello_world.md b/es/examples/hello_world.md index ff82caf3e2..d41be1e654 100644 --- a/es/examples/hello_world.md +++ b/es/examples/hello_world.md @@ -9,10 +9,10 @@ layout: null # Son superfluos: # # * Un método "main" -# * Nueva linea +# * Nueva línea # * Punto y coma # -# Aqui esta el código: +# Aquí está el código: puts "¡Hola Mundo!" {% endhighlight %} diff --git a/es/news/_posts/2009-05-21-ruby-1-9-1-p129.md b/es/news/_posts/2009-05-21-ruby-1-9-1-p129.md index 9a123705ac..c7d39a5186 100644 --- a/es/news/_posts/2009-05-21-ruby-1-9-1-p129.md +++ b/es/news/_posts/2009-05-21-ruby-1-9-1-p129.md @@ -11,19 +11,19 @@ Ruby 1.9.1 que lo instalen. #### Ubicación -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.bz2>][1] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.bz2>][1] SIZE: 7183891 bytes MD5: 6fa62b20f72da471195830dec4eb2013 SHA256: cb730f035aec0e3ac104d23d27a79aa9625fdeb115dae2295de65355f449ce27 -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.gz>][2] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.gz>][2] SIZE: 9034947 bytes MD5: c71f413514ee6341c627be2957023a5c SHA256: 27b7a8ace1d17cec237020ae9355230b53f8c3875f8d942de903e7d58d14253b -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.zip>][3] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.zip>][3] SIZE: 10299369 bytes MD5: 156305e9633758eb60b419fabc33b6e4 @@ -41,6 +41,6 @@ $SAFE > 0 -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.bz2 -[2]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.gz -[3]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.zip +[1]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.bz2 +[2]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.gz +[3]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.zip diff --git a/es/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md b/es/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md index 80f77aa902..5858047414 100644 --- a/es/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md +++ b/es/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md @@ -32,19 +32,19 @@ Puedes leer el reporte original de el problema en el tracker: ## Descarga -* +* SIZE: 9081661 bytes MD5: 8ba4aaf707023e76f80fc8f455c99858 SHA256: 6d3487ea8a86ad0fa78a8535078ff3c7a91ca9f99eff0a6a08e66c6e6bf2040f -* +* SIZE: 11416473 bytes MD5: 4b9330730491f96b402adc4a561e859a SHA256: 23ef45fdaecc5d6c7b4e9e2d51b23817fc6aa8225a20f123f7fa98760e8b5ca9 -* +* SIZE: 12732739 bytes MD5: 42d261b28d1b7e500dd3bdbdbfba7fa5 diff --git a/es/news/_posts/2023-05-12-ruby-3-3-0-preview1-released.md b/es/news/_posts/2023-05-12-ruby-3-3-0-preview1-released.md index 3885be5a52..58d4ca19c6 100644 --- a/es/news/_posts/2023-05-12-ruby-3-3-0-preview1-released.md +++ b/es/news/_posts/2023-05-12-ruby-3-3-0-preview1-released.md @@ -166,5 +166,5 @@ desde Ruby 3.2.0! ## Qué es Ruby Ruby primero fue desarrollado por Matz (Yukihiro Matsumoto) en 1993, -y ahora es desarrollado como Código Abieto. Corre en múltiples +y ahora es desarrollado como Código Abierto. Corre en múltiples plataformas y es usado en todo el mundo especialmente para desarrollo web. diff --git a/es/news/_posts/2023-09-14-ruby-3-3-0-preview2-released.md b/es/news/_posts/2023-09-14-ruby-3-3-0-preview2-released.md index 95bd6b2405..95fb92bc5b 100644 --- a/es/news/_posts/2023-09-14-ruby-3-3-0-preview2-released.md +++ b/es/news/_posts/2023-09-14-ruby-3-3-0-preview2-released.md @@ -199,5 +199,5 @@ desde Ruby 3.2.0! ## Qué es Ruby Ruby primero fue desarrollado por Matz (Yukihiro Matsumoto) en 1993, -y ahora es desarrollado como Código Abieto. Corre en múltiples +y ahora es desarrollado como Código Abierto. Corre en múltiples plataformas y es usado en todo el mundo especialmente para desarrollo web. diff --git a/es/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md b/es/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md index 174809724a..ce25b7f128 100644 --- a/es/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md +++ b/es/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md @@ -350,5 +350,5 @@ desde Ruby 3.2.0! ## Qué es Ruby Ruby primero fue desarrollado por Matz (Yukihiro Matsumoto) en 1993, -y ahora es desarrollado como Código Abieto. Corre en múltiples +y ahora es desarrollado como Código Abierto. Corre en múltiples plataformas y es usado en todo el mundo especialmente para desarrollo web. diff --git a/es/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md b/es/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md new file mode 100644 index 0000000000..d8b9474689 --- /dev/null +++ b/es/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md @@ -0,0 +1,384 @@ +--- +layout: news_post +title: "Publicado Ruby 3.3.0-rc1" +author: "naruse" +translator: vtamara +date: 2023-12-11 00:00:00 +0000 +lang: es +--- + +{% assign release = site.data.releases | where: "version", "3.3.0-rc1" | first %} + +Nos complace anunciar la publicación de Ruby {{ release.version }}. Ruby 3.3 +añade un nuevo analizador sintáctico llamado Prism, usa Lrama como +generador de analizadores, añade un nuevo compilador JIT en puro Ruby +llamado RJIT, e incluye muchas mejoras de desempeño especialmente de YJIT. + +Tras la publicación de RC1, evitaremos introducir incompatibilidades en la ABI +siempre que sea posible. Si requerimos hacerlo, lo anunciaremos en las +notas de publicación. + +## Prism + +* Se introduce [el analizador sintáctico Prism](https://github.com/ruby/prism) + como gema predeterminada. + * Prism es un analizador recursivo-descendente para el lenguaje Ruby + portable, tolerante a errores y mantenible +* Prism está listo para operar en producción es mantenido activamente + y puede emplearlo en lugar de Ripper + * Hay [amplia documentación](https://ruby.github.io/prism/) sobre como + usar Prism + * Prism es tanto una librería en C que es usada internamente por CRuby + como una gema que puede ser usada por cualquier herramienta que + necesite analizar código Ruby. + * Unos métodos notables de la API de Prism son: + * `Prism.parse(fuente)` que retorna el árbol de sintaxis + abstracta (AST) como parte de un ParseResult + * `Prism.dump(fuente, ruta)` que retorna el AST serializado como una + cadena + * `Prism.parse_comments(fuente)` que retorna los comentarios +* Puede hacer solicitudes de cambio o crear incidentes directamente en el + [repositorio de Prism](https://github.com/ruby/prism) si desea + contribuir. + +## Uso de Lrama en lugar de Bison + +* Se remplazó Bison por [el generador de analizadores LALR Lrama](https://github.com/ruby/lrama) + [Característica #19637](https://bugs.ruby-lang.org/issues/19637) + * Si tiene interés, por favor vea + [The future vision of Ruby Parser](https://rubykaigi.org/2023/presentations/spikeolaf.html) + * El analizadores interno de Lrama se ha remplazado con un + analizador LR generado por Racc para hacerlo más mantenible. + * Se soportan reglas de parametrización `(?, *, +)`, que serán + usadas en la fuente parse.y de Ruby. + +## RJIT + +* Se introdujo RJIT un compilador JIT en puro Ruby que remplaza a MJIT. + * RJIT soporta sólo la arquitectura x86-64 en plataformas Unix. + * A diferencia de MJIT, no require de un compilador C en tiempo de ejecución. +* RJIT existe sólo con propósitos experimentales. + * Debería seguir usando YJIT en producción. +* Si le interesa desarrollar un compilador JIT para Ruby, por favor + revise la [presentación de k0kubun en el día 3 de RubyKaigi](https://rubykaigi.org/2023/presentations/k0kubun.html#day3). + +## YJIT + +* Mejoras mayores en desempeño respecto a 3.2 + * Mejorado el soporte para argumentos splat y para el resto de argumentos. + * Los registros se localizan para operaciones en pila de la máquina virtual. + * Se compilan más llamados con argumentos opcionales. + * Los manejadores de excepciones también se compilan. + * Las variables de instancia ya no salen al interprete con Formas de Objetos + mega-mórficas. + * Se optimizaron de manera especial `Integer#!=`, `String#!=`, + `Kernel#block_given?`, `Kernel#is_a?`, `Kernel#instance_of?` y + `Module#===`. + * Ahora es 3 veces más rápido que el interprete normal con optcarrot! +* Mejora significativa en el uso de memoria respecto a 3.2 + * Los meta-datos para el código compilado usan mucha menos memoria. + * Generación de código más compacto en ARM64 +* La velocidad de compilación es ahora un poco más rápida que en 3.2. +* Añade `RubyVM::YJIT.enable` que puede habilitar YJIT en tiempo de ejecución + * Puede iniciar YJIT sin modificar argumentos en la línea de ordenes + o variables de ambiente. + * Esto también puede usarse para habilitar YJIT sólo después de que la + aplicación haya completado el arranque. `--yjit-disable` puede usarse + si quiere usar otras opciones YJIT mientras deshabilita YJIT durante + el arranque. +* El recolector de basura en el código ahora está deshabilitado de manera + predeterminada, y `--yjit-exec-mem-size` se trata como un límite fuerte + en el que se detendrá la compilación de nuevo código. + * Esto produce un mejor comportamiento de copiar-al-escribir en + servidores que usen unicorn y bifurcación de procesos (forking) + * No hay disminuciones inesperadas en el desempeño debidas al + recolector de código basura. + * Aún puede habilitar el recolector de basura en el código si lo + desea con `--yjit-code-gc` +* La estadística `ratio_in_yjit` producida por `--yjit-stats` ahora está + disponible en compilaciones publicadas, ya no se requiere una + estadística especial o una compilación de desarrollo para acceder + a la mayoría de estadísticas. +* La opción para salir del modo con trazas ahora soporta muestreo + * `--trace-exits-sample-rate=N` +* Se añade `--yjit-perf` para facilitar hacer medición de desempeño + usando la herramienta perf de Linux +* Pruebas más extensas y correcciones a múltiples fallas + + +### Planificador de hilos M:N + +* Se introdujo un planificador de hilos M:N. [[Característica #19842]](https://bugs.ruby-lang.org/issues/19842) + * M hilos de Ruby son manejados por N hilos nativos (hilos del + sistema operativo) reduciendo así el costo de creación y + administración. + * Como puede romper la compatibilidad con extensiones en C, el + planificador de hilos M:N está deshabilitado de manera predeterminada + en el Ractor principal. + * La variable de ambiente `RUBY_MN_THREADS=1` habilita los hilos + M:N en el Ractor principal. + * Los hilos M:N se habilitan en Ractos que no son el principal. + * La variable de ambiente `RUBY_MAX_CPU=n` establece el máximo número + de `N` (número máximo de hilos nativos). El valor predeterminado es 8. + * Como sólo un hilo de Ruby por Ractor puede correr al mismo tiempo, + el número de hilos nativos se usará, sera el menor entre + el especificado en `RUBY_MAX_CPU` y el número de Ractors + que estén corriendo. Así que las aplicaciones con un sólo Ractor + (la mayoría de aplicaciones) usarán un solo hilo. + * Para soportar operaciones de bloqueo, pueden usarse más de + `N` hilos nativos. + + +## Otros Características Nuevas Notables + +### Lenguaje + +## Mejoras en desempeño + +* `defined?(@ivar)` se optimiza con Formas de Objetos. +* La resolución de nombres como con `Socket.getaddrinfo` ahora puede + interrumpirse (en ambientes donde estén disponibles pthreads). + [Característica #19965](https://bugs.ruby-lang.org/issues/19965) + * Con este propósito, se crea un pthread por cada llamada a + getaddrinfo o getnameinfo. Esto incurre en algo de gasto en la + resolución de nombres (alrededor de 2.5x en nuestros experimentos). + No esperamos que el gasto adicional en la resolución de nombres + sea un problema para la mayoría de aplicaciones, pero si lo nota, + o si ve efectos inesperados que crea que pueden deberse a este + cambio, por favor reportelos. +* Diversas mejoras de desempeño al Recolector de Basura + * Los objetos jóvenes referenciados por objetos viejos ya no se promueve + de inmediato a la generación vieja. Esto reduce significativamente la + frecuencia de recolección del Recolector de Basura (GC). + [[Característica #19678]](https://bugs.ruby-lang.org/issues/19678) + * Se introdujo la nueva variable de ajuste + `REMEMBERED_WB_UNPROTECTED_OBJECTS_LIMIT_RATIO` + para controlar el número de objetos no protegidos que activan una + recolección del. De manera predeterminada se establece en `0.01` (1%). + Esto reduce significativamente la frecuencia de las recolecciones + mayores del GC. [[Característica #19571]](https://bugs.ruby-lang.org/issues/19571) + * Se implementaron Barreras de Escritura para muchos tipos básicos a los que + les hacia falta, son notables `Time`, `Enumerator`, `MatchData`, + `Method`, `File::Stat`, `BigDecimal` y muchos otros. Esto reduce + significativamente el tiempo de las recolecciones menores del GC + y la frecuencia de las recolecciones mayores. + * La mayoría de clases ahora usan Localización de Ancho Variable, + son notables `Hash`, `Time`, `Thread::Backtrace`, + `Thread::Backtrace::Location`, `File::Stat`, `Method`. + Esto hace más veloces estas clases para reservar y liberar, que + usen menos memoria y reduce la fragmentación en el montón (*heap*). + * Se ha agregado soporte para referencias débiles en el recolector + de basura. [[Característica #19783]](https://bugs.ruby-lang.org/issues/19783) + + +## Otros cambios notables desde 3.2 + +### IRB + +IRB ha recibido diversas mejoras, incluyendo --no limitadas a estas: + +- Integración avanzada `irb:rdbg` que provee una experiencia + de depuración equivalente a la de `pry-byebug` + ([doc](https://github.com/ruby/irb#debugging-with-irb)). +- Soporte de paginador para las ordenes `ls`, `show_source` y `show_cmds`. +- Las ordenes `ls` y `show_cmds` dan información más precisa y útil. +- Autocompletación experimental usando análisis de tipos + ([doc](https://github.com/ruby/irb#type-based-completion)). +- Ahora es posible cambiar el color del tipo de letra así como su estilo + en el diálogo de completación gracias a la recien introducida + clase Reline::Face ([doc](https://github.com/ruby/ruby/blob/master/doc/reline/face.md)) + +Además, IRB ha experimentado una re-factorización extensa y ha recibido +docenas de correcciones a fallas que facilitan ampliaciones futuras. + + +## Incidentes de compatibilidad + +Nota: Excluyendo correcciones a errores en características + +* Se desprecian llamadas a `it` sin argumentos en bloques sin parámetros + ordinarios. `it` será una referencia al primer parámetro de bloque en + Ruby 3.4. + [Característica #18980](https://bugs.ruby-lang.org/issues/18980) + +### Constantes elminadas + +Las siguientes constantes que eran despreciadas han sido eliminadas. + + +### Métodos eliminados + +Los siguientes métodos que eran despreciados han sido eliminados. + + +### Variables de ambientes eliminadas + +* La variable de ambiente `RUBY_GC_HEAP_INIT_SLOTS` es despreciada + y representa la operación de no hacer nada. En su remplazo por favor use las + variables de ambiente `RUBY_GC_HEAP_{0,1,2,3,4}_INIT_SLOTS`. + [Característica #19785](https://bugs.ruby-lang.org/issues/19785) + +## Problemas de compatibilidad con Stdlib + +### Eliminación de `ext/readline` + +* Tenemos `reline` que es una implementación en Ruby puro compatible con + el API de `ext/readline`. Dependeremos de `reline` a futuro. Si + necesita usar `ext/readline`, puede instalar `ext/readline` vía rubygems.org + con `gem install readline-ext`. +* Ya no necesitamos instalar librerías como `libreadline` o `libedit`. + +## Actualizaciones al API en C + +### APIs en C actualizados + +Los siguientes APIs han sido actualizados. + + + +### APIs en C eliminados + +Los siguientes APIs despreciados han sido eliminados. + +## Actualizaciones a la librería estándar + +RubyGems y Bundler avisan cuando el usuario requiere gemas que están +programadas para convertirse en gemas incluidas en versiones futuras +de Ruby. + +Librerías que son objetivo: + * abbrev + * base64 + * bigdecimal + * csv + * drb + * getoptlong + * mutex_m + * nkf + * observer + * racc + * resolv-replace + * rinda + * syslog + +Se ha añadido la siguiente gema. + +* prism 0.15.1 + +Las siguientes gemas predeterminadas se han actualizado. + +* RubyGems 3.5.0.dev +* base64 0.2.0 +* benchmark 0.3.0 +* bigdecimal 3.1.5 +* bundler 2.5.0.dev +* cgi 0.4.0 +* csv 3.2.8 +* date 3.3.4 +* delegate 0.3.1 +* drb 2.2.0 +* english 0.8.0 +* erb 4.0.3 +* etc 1.4.3.dev.1 +* fcntl 1.1.0 +* fiddle 1.1.2 +* fileutils 1.7.2 +* find 0.2.0 +* getoptlong 0.2.1 +* io-console 0.6.1.dev +* irb 1.8.3 +* logger 1.6.0 +* mutex_m 0.2.0 +* net-http 0.4.0 +* net-protocol 0.2.2 +* nkf 0.1.3 +* observer 0.1.2 +* open-uri 0.4.0 +* open3 0.2.0 +* openssl 3.2.0 +* optparse 0.4.0 +* ostruct 0.6.0 +* pathname 0.3.0 +* pp 0.5.0 +* prettyprint 0.2.0 +* pstore 0.1.3 +* psych 5.1.1.1 +* rdoc 6.6.0 +* reline 0.3.9 +* rinda 0.2.0 +* securerandom 0.3.0 +* shellwords 0.2.0 +* singleton 0.2.0 +* stringio 3.0.9 +* strscan 3.0.7 +* syntax_suggest 1.1.0 +* tempfile 0.2.0 +* time 0.3.0 +* timeout 0.4.1 +* tmpdir 0.2.0 +* tsort 0.2.0 +* un 0.3.0 +* uri 0.13.0 +* weakref 0.1.3 +* win32ole 1.8.10 +* yaml 0.3.0 +* zlib 3.1.0 + + +La siguiente gema incluida ha sido promovida a gema predeterminada. + +* racc 1.7.3 + +Las siguientes gemas incluidas han sido actualizadas. + +* minitest 5.20.0 +* rake 13.1.0 +* test-unit 3.6.1 +* rexml 3.2.6 +* rss 0.3.0 +* net-imap 0.4.4 +* net-smtp 0.4.0 +* rbs 3.2.2 +* typeprof 0.21.8 +* debug 1.8.0 + +Ver la publicación en GitHub como +[Logger](https://github.com/ruby/logger/releases) o +bien la bitácora de cambios con detalles de las gemas predeterminadas +y las gemas incluidas. + +Ver más detalles en el archivo +[NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +o en [la bitácora de cambios](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }}). + +¡Con estos cambios, [{{ release.stats.files_changed }} archivos cambiados, {{ release.stats.insertions }} inserciones(+), {{ release.stats.deletions }} eliminaciones(-)](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }}#file_bucket) +desde Ruby 3.2.0! + +## Descargas + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Qué es Ruby + +Ruby primero fue desarrollado por Matz (Yukihiro Matsumoto) en 1993, +y ahora es desarrollado como Código Abierto. Corre en múltiples +plataformas y es usado en todo el mundo especialmente para desarrollo web. diff --git a/es/news/_posts/2023-12-25-ruby-3-3-0-released.md b/es/news/_posts/2023-12-25-ruby-3-3-0-released.md new file mode 100644 index 0000000000..e338d9e62a --- /dev/null +++ b/es/news/_posts/2023-12-25-ruby-3-3-0-released.md @@ -0,0 +1,397 @@ +--- +layout: news_post +title: "Publicado Ruby 3.3.0" +author: "naruse" +translator: vtamara +date: 2023-12-25 00:00:00 +0000 +lang: es +--- + +{% assign release = site.data.releases | where: "version", "3.3.0" | first %} + +Nos complace anunciar la publicación de Ruby {{ release.version }}. Ruby 3.3 +añade un nuevo analizador sintáctico llamado Prism, usa Lrama como +generador de analizadores, añade un nuevo compilador JIT en puro Ruby +llamado RJIT, e incluye muchas mejoras de desempeño especialmente de YJIT. + +## Prism + +* Se introduce [el analizador sintáctico Prism](https://github.com/ruby/prism) + como gema predeterminada. + * Prism es un analizador recursivo-descendente para el lenguaje Ruby + portable, tolerante a errores y mantenible +* Prism está listo para operar en producción es mantenido activamente + y puede emplearlo en lugar de Ripper + * Hay [amplia documentación](https://ruby.github.io/prism/) sobre como + usar Prism + * Prism es tanto una librería en C que es usada internamente por CRuby + como una gema que puede ser usada por cualquier herramienta que + necesite analizar código Ruby. + * Unos métodos notables de la API de Prism son: + * `Prism.parse(fuente)` que retorna el árbol de sintaxis + abstracta (AST) como parte de un objeto con el resultado del + reconocimiento + * `Prism.parse_success?(fuente)` que retorna verdadeor si no + hay errores + * `Prism.parse_comments(fuente)` que retorna los comentarios +* Puede hacer solicitudes de cambio o crear incidentes directamente en el + [repositorio de Prism](https://github.com/ruby/prism) si desea + contribuir. +* Ahora puede usar `ruby --parser=prism` o `RUBYOPT="--parser=prism"` + para experimentar con el compilador Prism. Por favor note que + esta opción es sólo para depurar. + +## Uso de Lrama en lugar de Bison + +* Se remplazó Bison por [el generador de analizadores LALR Lrama](https://github.com/ruby/lrama) + [[Característica #19637]](https://bugs.ruby-lang.org/issues/19637) + * Si tiene interés, por favor vea + [The future vision of Ruby Parser](https://rubykaigi.org/2023/presentations/spikeolaf.html) + * El analizadores interno de Lrama se ha remplazado con un + analizador LR generado por Racc para hacerlo más mantenible. + * Se soportan reglas de parametrización `(?, *, +)`, que serán + usadas en la fuente parse.y de Ruby. + +## YJIT + +* Mejoras mayores en desempeño respecto a Ruby 3.2 + * Mejorado el soporte para argumentos splat y para el resto de argumentos. + * Los registros se localizan para operaciones en la pila de la máquina + virtual. + * Se compilan más llamadas con argumentos opcionales. Los manejadores de + excepciones también se compilan. + * Las llamadas a tipos y los sitios de llamadas mega-mórficas ya no + salen al interprete. + * Métodos básicos como Rails `#blank?` y + [`#present?` especializado](https://github.com/rails/rails/pull/49909) + se manejan inline. + * `Integer#!=`, `String#!=`, + `Kernel#block_given?`, `Kernel#is_a?`, `Kernel#instance_of?` y + `Module#===` fueron optimizados de manera especial. + * La velocidad de compilación es un poco superior a la de Ruby 3.2. + * ¡Ahora es 3 veces más rápido que el interprete normal con Optcarrot! +* Mejora significativa en el uso de memoria respecto a 3.2 + * Los meta-datos para el código compilado usan mucha menos memoria. + * `--yjit-call-threshold` se eleva automáticamente de 30 a 120 + cuando la aplicación tiene más de 40,000 ISEQs. + * `--yjit-cold-threshold` se agrega para saltarse la compilación + de ISEQs en frio. + * Generación de código más compacto en ARM64 +* El recolector de basura en el código (code GC) ahora está deshabilitado + de manera predeterminada + * `--yjit-exec-mem-size` es tratado como un límite fuerte + en el que se detendrá la compilación de nuevo código. + * No hay disminuciones inesperadas en el desempeño debidas al + recolector de código basura. + * Aún puede habilitar el recolector de basura en el código si lo + desea con `--yjit-code-gc` +* Añade `RubyVM::YJIT.enable` que puede habilitar YJIT en tiempo de ejecución + * Puede iniciar YJIT sin modificar argumentos en la línea de ordenes + o variables de ambiente. + Rails 7.2 [habilitará YJIT de manera predeterminada](https://github.com/rails/rails/pull/49947) + * Esto también puede usarse para habilitar YJIT sólo después de que la + aplicación haya completado el arranque. `--yjit-disable` puede usarse + si quiere usar otras opciones YJIT mientras deshabilita YJIT durante + el arranque. +* Hay más estadísticas de YJIT disponibles de manera predeterminada + * `yjit_alloc_size` y muchas más estadísticas relacionadas con + metadatos ahora están disponibles de manera predeterminada. + * La estadística `ratio_in_yjit` producida por `--yjit-stats` ahora está + disponible en las compilaciones publicadas, ya no se requiere una + estadística especial o una compilación de desarrollo para acceder + a la mayoría de estadísticas. +* Se agregan más posibilidades para analizar rendimiento + * Se añade `--yjit-perf` para facilitar el análisis de rendimiento + con la herramienta perf de Linux + * `--yjit-trace-exits` ahora soporta muestreo con + `--yjit-trace-exits-sample-rate=N` +* Pruebas más extensas y correcciones a múltiples fallas + +## RJIT + +* Se introdujo RJIT un compilador JIT en puro Ruby que remplaza a MJIT. + * RJIT soporta sólo la arquitectura x86-64 en plataformas Unix. + * A diferencia de MJIT, no require de un compilador C en tiempo de ejecución. +* RJIT existe sólo con propósitos experimentales. + * Debería seguir usando YJIT en producción. +* Si le interesa desarrollar un compilador JIT para Ruby, por favor + revise la [presentación de k0kubun en el día 3 de RubyKaigi](https://rubykaigi.org/2023/presentations/k0kubun.html#day3). + + +### Planificador de hilos M:N + +* Se introdujo un planificador de hilos M:N. [[Característica #19842]](https://bugs.ruby-lang.org/issues/19842) + * M hilos de Ruby son manejados por N hilos nativos (hilos del + sistema operativo) reduciendo así el costo de creación y + administración. + * Como puede romper la compatibilidad con extensiones en C, el + planificador de hilos M:N está deshabilitado de manera predeterminada + en el Ractor principal. + * La variable de ambiente `RUBY_MN_THREADS=1` habilita los hilos + M:N en el Ractor principal. + * Los hilos M:N se habilitan siempre en Ractors que no son el principal. + * La variable de ambiente `RUBY_MAX_CPU=n` establece el máximo número + de `N` (número máximo de hilos nativos). El valor predeterminado es 8. + * Como sólo un hilo de Ruby por Ractor puede correr al mismo tiempo, + el número de hilos nativos se usará, sera el menor entre + el especificado en `RUBY_MAX_CPU` y el número de Ractors + que estén corriendo. Así que las aplicaciones con un sólo Ractor + (la mayoría de aplicaciones) sólo usarán un hilo nativo. + * Para soportar operaciones de bloqueo, pueden usarse más de + `N` hilos nativos. + + +## Mejoras en desempeño + +* `defined?(@ivar)` se optimiza con Formas de Objetos. +* La resolución de nombres como con `Socket.getaddrinfo` ahora puede + interrumpirse (en ambientes donde estén disponibles pthreads). + [[Característica #19965]](https://bugs.ruby-lang.org/issues/19965) + * Con este propósito, se crea un pthread por cada llamada a + getaddrinfo o getnameinfo. Esto incurre en algo de gasto en la + resolución de nombres (alrededor de 2.5x en nuestros experimentos). + No esperamos que el gasto adicional en la resolución de nombres + sea un problema para la mayoría de aplicaciones, pero si lo nota, + o si ve efectos inesperados que crea que pueden deberse a este + cambio, por favor reportelos. +* Diversas mejoras de desempeño al Recolector de Basura + * Los objetos jóvenes referenciados por objetos viejos ya no se promueve + de inmediato a la generación vieja. Esto reduce significativamente la + frecuencia de recolección del Recolector de Basura (GC). + [[Característica #19678]](https://bugs.ruby-lang.org/issues/19678) + * Se introdujo la nueva variable de ajuste + `REMEMBERED_WB_UNPROTECTED_OBJECTS_LIMIT_RATIO` + para controlar el número de objetos no protegidos que activan una + recolección del. De manera predeterminada se establece en `0.01` (1%). + Esto reduce significativamente la frecuencia de las recolecciones + mayores del GC. [[Característica #19571]](https://bugs.ruby-lang.org/issues/19571) + * Se implementaron Barreras de Escritura para muchos tipos básicos a los que + les hacia falta, son notables `Time`, `Enumerator`, `MatchData`, + `Method`, `File::Stat`, `BigDecimal` y muchos otros. Esto reduce + significativamente el tiempo de las recolecciones menores del GC + y la frecuencia de las recolecciones mayores. + * La mayoría de clases ahora usan Localización de Ancho Variable, + son notables `Hash`, `Time`, `Thread::Backtrace`, + `Thread::Backtrace::Location`, `File::Stat`, `Method`. + Esto hace más veloces estas clases para reservar y liberar, que + usen menos memoria y reduce la fragmentación en el montón (*heap*). + * Se ha agregado soporte para referencias débiles en el recolector + de basura. [[Característica #19783]](https://bugs.ruby-lang.org/issues/19783) + + +## Otros cambios notables desde 3.2 + +### IRB + +IRB ha recibido diversas mejoras, incluyendo --no limitadas a estas: + +* Integración avanzada `irb:rdbg` que provee una experiencia + de depuración equivalente a la de `pry-byebug` + ([doc](https://github.com/ruby/irb#debugging-with-irb)). +* Soporte de paginador para las ordenes `ls`, `show_source` y `show_cmds`. +* Las ordenes `ls` y `show_cmds` dan información más precisa y útil. +* Autocompletación experimental usando análisis de tipos + ([doc](https://github.com/ruby/irb#type-based-completion)). +* Ahora es posible cambiar el color del tipo de letra así como su estilo + en el diálogo de completación gracias a la recien introducida + clase Reline::Face ([doc](https://github.com/ruby/ruby/blob/master/doc/reline/face.md)) + +Además, IRB ha experimentado una re-factorización extensa y ha recibido +docenas de correcciones a fallas que facilitan ampliaciones futuras. + +Para actualizaciones más detalladas, por favor vea +[Unveiling the big leap in Ruby 3.3's IRB](https://railsatscale.com/2023-12-19-irb-for-ruby-3-3/). + +## Incidentes de compatibilidad + +Nota: Excluyendo correcciones a errores en características + +* Se desprecian llamadas a `it` sin argumentos en bloques sin parámetros + ordinarios. `it` será una referencia al primer parámetro de bloque en + Ruby 3.4. + [[Característica #18980]](https://bugs.ruby-lang.org/issues/18980) + +### Variables de ambientes eliminadas + +* La variable de ambiente `RUBY_GC_HEAP_INIT_SLOTS` es despreciada + y representa la operación de no hacer nada. En su remplazo por favor use las + variables de ambiente `RUBY_GC_HEAP_{0,1,2,3,4}_INIT_SLOTS`. + [[Característica #19785]](https://bugs.ruby-lang.org/issues/19785) + +## Problemas de compatibilidad con Stdlib + +### Eliminación de `ext/readline` + +* Tenemos `reline` que es una implementación en Ruby puro compatible con + el API de `ext/readline`. Dependeremos de `reline` a futuro. Si + necesita usar `ext/readline`, puede instalar `ext/readline` vía rubygems.org + con `gem install readline-ext`. +* Ya no necesitamos instalar librerías como `libreadline` o `libedit`. + +## Actualizaciones al API en C + +### APIs en C actualizados + +Los siguientes APIs han sido actualizados. + + + +### APIs en C eliminados + +Los siguientes APIs despreciados han sido eliminados. + +## Actualizaciones a la librería estándar + +RubyGems y Bundler avisan cuando el usuario hace `require` de las +gemas siguientes sin añadirlas al Gemfile o al gemspec. +Esto porque se convertirán en gemas incluidas en versiones futuras +de Ruby. + +Librerías que son objetivo: + * abbrev + * base64 + * bigdecimal + * csv + * drb + * getoptlong + * mutex_m + * nkf + * observer + * racc + * resolv-replace + * rinda + * syslog + +Se ha añadido la siguiente gema. + +* prism 0.19.0 + +Las siguientes gemas predeterminadas se han actualizado. + +* RubyGems 3.5.3 +* abbrev 0.1.2 +* base64 0.2.0 +* benchmark 0.3.0 +* bigdecimal 3.1.5 +* bundler 2.5.3 +* cgi 0.4.1 +* csv 3.2.8 +* date 3.3.4 +* delegate 0.3.1 +* drb 2.2.0 +* english 0.8.0 +* erb 4.0.3 +* error_highlight 0.6.0 +* etc 1.4.3 +* fcntl 1.1.0 +* fiddle 1.1.2 +* fileutils 1.7.2 +* find 0.2.0 +* getoptlong 0.2.1 +* io-console 0.7.1 +* io-nonblock 0.3.0 +* io-wait 0.3.1 +* ipaddr 1.2.6 +* irb 1.11.0 +* json 2.7.1 +* logger 1.6.0 +* mutex_m 0.2.0 +* net-http 0.4.0 +* net-protocol 0.2.2 +* nkf 0.1.3 +* observer 0.1.2 +* open-uri 0.4.1 +* open3 0.2.1 +* openssl 3.2.0 +* optparse 0.4.0 +* ostruct 0.6.0 +* pathname 0.3.0 +* pp 0.5.0 +* prettyprint 0.2.0 +* pstore 0.1.3 +* psych 5.1.2 +* rdoc 6.6.2 +* readline 0.0.4 +* reline 0.4.1 +* resolv 0.3.0 +* rinda 0.2.0 +* securerandom 0.3.1 +* set 1.1.0 +* shellwords 0.2.0 +* singleton 0.2.0 +* stringio 3.1.0 +* strscan 3.0.7 +* syntax_suggest 2.0.0 +* syslog 0.1.2 +* tempfile 0.2.1 +* time 0.3.0 +* timeout 0.4.1 +* tmpdir 0.2.0 +* tsort 0.2.0 +* un 0.3.0 +* uri 0.13.0 +* weakref 0.1.3 +* win32ole 1.8.10 +* yaml 0.3.0 +* zlib 3.1.0 + +La siguiente gema incluida ha sido promovida a gema predeterminada. + +* racc 1.7.3 + +Las siguientes gemas incluidas han sido actualizadas. + +* minitest 5.20.0 +* rake 13.1.0 +* test-unit 3.6.1 +* rexml 3.2.6 +* rss 0.3.0 +* net-ftp 0.3.3 +* net-imap 0.4.9 +* net-smtp 0.4.0 +* rbs 3.4.0 +* typeprof 0.21.9 +* debug 1.9.1 + +Ver la publicación en GitHub como +[Logger](https://github.com/ruby/logger/releases) o +bien la bitácora de cambios con detalles de las gemas predeterminadas +y las gemas incluidas. + +Ver más detalles en el archivo +[NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +o en [la bitácora de cambios](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }}). + +¡Con estos cambios, [{{ release.stats.files_changed }} archivos cambiados, {{ release.stats.insertions }} inserciones(+), {{ release.stats.deletions }} eliminaciones(-)](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }}#file_bucket) +desde Ruby 3.2.0! + +¡Feliz Navidad, Felices Fiestas, y disfrute programando con Ruby 3.3! + +## Descargas + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Qué es Ruby + +Ruby primero fue desarrollado por Matz (Yukihiro Matsumoto) en 1993, +y ahora es desarrollado como Código Abierto. Corre en múltiples +plataformas y es usado en todo el mundo especialmente para desarrollo web. diff --git a/es/news/_posts/2024-01-18-ruby-3-2-3-released.md b/es/news/_posts/2024-01-18-ruby-3-2-3-released.md new file mode 100644 index 0000000000..db09dcfd40 --- /dev/null +++ b/es/news/_posts/2024-01-18-ruby-3-2-3-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Publicado Ruby 3.2.3" +author: "nagachika" +translator: vtamara +date: 2024-01-18 09:00:00 +0000 +lang: es +--- + +Se ha publicado Ruby 3.2.3. + +Esta versión incluye diversas correcciones a fallas. +Ver detalles en las [publicaciones de GitHub](https://github.com/ruby/ruby/releases/tag/v3_2_3). + +Esta versión también incluye la actualización de uri.gem a 0.12.2 +que contiene una corrección de seguridad. +Por favor vea detalles en el siguiente tema. + +* [CVE-2023-36617: vulnerabilidad de ReDoS en URI]({%link es/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md %}) + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.2.3" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Notas de publicación + +Muchos contribuyentes, desarrolladores, y usuarios que proveyeron +reportes de fallas nos ayudaron a hacer esta versión. +Gracias por sus contribuciones. diff --git a/es/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md b/es/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md new file mode 100644 index 0000000000..d6b48e825a --- /dev/null +++ b/es/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md @@ -0,0 +1,60 @@ +--- +layout: news_post +title: "CVE-2024-27280: Vulnerabilidad de sobre-lectura de buffer en StringIO" +author: "hsbt" +translator: vtamara +date: 2024-03-21 4:00:00 +0000 +tags: security +lang: es +--- + +Hemos publicado las versiones 3.0.1.1 y 3.0.1.2 de la gema +StringIO que tiene una corrección de seguridad para una vulnerabilidad +de sobre-lectura de un buffer. +A esta vulnerabilidad se le ha asignado el identificador CVE +[CVE-2024-27280](https://www.cve.org/CVERecord?id=CVE-2024-27280). + +## Detalles + +Se descubrió un problema en StringIO 3.0.1, distribuido con +Ruby 3.0.x, hasta 3.0.6 y con 3.1.x hasta 3.1.4. + +Los métodos `ungetbyte` y `ungetc` de StringIO pueden leer más +allá del fin de una cadena, y las llamadas subsiguientes a +`StringIO.gets` pueden retornar valores en memoria. + +Esta vulnerabilidad no afecta a StringIO 3.0.3 ni a posteriores, ni +a Ruby 3.2.x ni a posteriores. + +## Acción recomendada + +Recomendamos actualizar la gema StringIO a la versión 3.0.3 o posterior. +Para asegurar la compatibilidad con las versiones incluidas en series +de Ruby anteriores, puede actualizar como se indica a continuación: + +* Para usuarios de Ruby 3.0: Actualizar a `stringio` 3.0.1.1 +* Para usuarios de Ruby 3.1: Actualizar a `stringio` 3.0.1.2 + +Nota: La gema StringIO 3.0.1.2 contiene no sólo corrección para +esta vulnerabilidad, sino también una solución para +la falla [[Falla #19389]](https://github.com/ruby/ruby/commit/1d24a931c458c93463da1d5885f33edef3677cc2). + +Puede usar `gem update stringio` para actualizar. +Si está usando bundler, por favror agregue +`gem "stringio", ">= 3.0.1.2"` a su `Gemfile`. + +## Versiones afectadas + +* Ruby 3.0.6 y anteriores +* Ruby 3.1.4 y anteriores +* Gema StringIO 3.0.1 y anteriores + +## Creditos + +Agradecemos a [david_h1](https://hackerone.com/david_h1?type=user) +por descubrir este problema. + +## Historia + +* Arreglada la versión afectada de StringIO (3.0.2 -> 3.0.1) el 2024-04-11 12:50:00 (UTC) +* Publiado originalmente el 2024-03-21 4:00:00 (UTC) diff --git a/es/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md b/es/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md new file mode 100644 index 0000000000..4bc965c3ba --- /dev/null +++ b/es/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md @@ -0,0 +1,63 @@ +--- +layout: news_post +title: "CVE-2024-27281: Vulnerabilidad RCE con .rdoc_options en RDoc" +author: "hsbt" +translator: vtamara +date: 2024-03-21 4:00:00 +0000 +tags: security +lang: es +--- + +Hemos publicado la gema RDoc versiones 6.3.4.1, 6.4.1.1, 6.5.1.1 y +6.6.3.1 que tienen una corrección de seguridad para una vulnerabilidad RCE. +A esta vulnerabilidad se le ha asignado el identifiador CVE +[CVE-2024-27281](https://www.cve.org/CVERecord?id=CVE-2024-27281). + +## Detalles + +Se descubrió un problema en RDoc de 6.3.3 a 6.6.2, tal como se +distribuyó con Ruby 3.x hasta 3.3.0. + +Cuando se analiza el archivo YAML `.rdoc_options` (usado para configurar RDoc), +resulta posible una inyección de objetos y la resultante ejecución de +código porque no hay restricciones en las clases que pueden restaurarse. + +Cuando se carga el cache de documentación, también resultan viables +la inyección de objetos y la posterior ejecución de código remoto +si hay un cache modificado. + +## Acción recomendada + +Recomendamos actualizar la gema RDoc a la versiónn 6.6.3.1 o posterior. +Para asegurar compatibilidad con la versión incluida en series de Ruby +anteriores, en lugar de eso puede actualizar como se indica a continuación: + +* Para usuarios de Ruby 3.0: Actualizar a `rdoc` 6.3.4.1 +* Para usuarios de Ruby 3.1: Actualizar a `rdoc` 6.4.1.1 +* Para usuarios de Ruby 3.2: Actualizar a `rdoc` 6.5.1.1 + +Puede usar `gem update rdoc` para actualizar. Si está usando +bundler, por favor agregue `gem "rdoc", ">= 6.6.3.1"` a su archivo `Gemfile`. + +Nota: Las versiones 6.3.4, 6.4.1, 6.5.1 y 6.6.3 tienen un arreglo +errado. En lugar de esas, recomendamos actualizar a 6.3.4.1, 6.4.1.1, 6.5.1.1 +y 6.6.3.1. + +## Versiones afectadas + +* Ruby 3.0.6 y anteriores +* Ruby 3.1.4 y anteriores +* Ruby 3.2.3 y anteriores + +* Ruby 3.3.0 +* Gemas RDoc 6.3.3 y anteriores , 6.4.0 hasta 6.6.2 sin las versiones + parchadas (6.3.4, 6.4.1, 6.5.1) + +## Creditos + +Agradecemos a [ooooooo_q](https://hackerone.com/ooooooo_q?type=user) +por descubrir este problema. + +## Historia + +* Publicado originalmente el 2024-03-21 4:00:00 (UTC) diff --git a/es/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md b/es/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md new file mode 100644 index 0000000000..ab32e8f5f2 --- /dev/null +++ b/es/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md @@ -0,0 +1,49 @@ +--- +layout: news_post +title: "CVE-2024-27282: Lectura de direcciones de memoria arbitrarias al buscar Regex" +author: "hsbt" +translator: vtamara +date: 2024-04-23 10:00:00 +0000 +tags: security +lang: es +--- + +Hemos publicado las versiones 3.0.7, 3.1.5, 3.2.4 y 3.3.1 que +incluyen una corrección de seguridad para una vulnerabilidad de +lectura de direcciones de memoria arbitrarias en la búsqueda Regex. +A esta vulnerabilidad se le ha asignado el identificador CVE +[CVE-2024-27282](https://www.cve.org/CVERecord?id=CVE-2024-27282). + +## Detalles + +Se ha descubierto un problema en Ruby 3.x incluyendo 3.3.0. + +Si se suministran datos preparados por un atacante al compilador de Regex de +Ruby, es posible extraer datos del heap relacionados con el comienzo +del texto, incluyendo apuntadores a cadenas sensitivas. + +## Acción recomendada + +Recomendamos actualizar a la versión de Ruby 3.3.1 o posterior. +Para asegurar compatibilidad con series anteriores de Ruby, +en lugar de eso, puede actualizar como se indica a continuación: + +* Para usuarios de Ruby 3.0: Actualizar a 3.0.7 +* Para usuarios de Ruby 3.1: Actualizar a 3.1.5 +* Para usuarios de Ruby 3.2: Actualizar a 3.2.4 + +## Versiones afectadas + +* Ruby 3.0.6 y anteriores +* Ruby 3.1.4 y anteriores +* Ruby 3.2.3 y anteriores +* Ruby 3.3.0 + +## Creditos + +Agradecmoes a [sp2ip](https://hackerone.com/sp2ip?type=user) +por descubrir este problema. + +## Historia + +* Publicado originalmente el 2024-04-23 10:00:00 (UTC) diff --git a/es/news/_posts/2024-04-23-ruby-3-0-7-released.md b/es/news/_posts/2024-04-23-ruby-3-0-7-released.md new file mode 100644 index 0000000000..060884cf78 --- /dev/null +++ b/es/news/_posts/2024-04-23-ruby-3-0-7-released.md @@ -0,0 +1,57 @@ +--- +layout: news_post +title: "Publicado Ruby 3.0.7" +author: "hsbt" +translator: vtamara +date: 2024-04-23 10:00:00 +0000 +lang: es +--- + +Se ha publicado Ruby 3.0.7. + +Esta versión incluye correcciones de seguridad. Por favor +revise detalles en los temas siguientes. + +* [CVE-2024-27282: Lectura de direcciones de memoria arbitrarias al buscar Regex]({%link es/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: Vulnerabilidad RCE con .rdoc_options en RDoc](https://www.ruby-lang.org/es/news/2024/03/21/rce-rdoc-cve-2024-27281/) +* [CVE-2024-27280: Vulnerabilidad de sobre-lectura de buffer en StringIO](https://www.ruby-lang.org/es/news/2024/03/21/buffer-overread-cve-2024-27280/) + +Ver más detalles en la [publicación en Github](https://github.com/ruby/ruby/releases/tag/v3_0_7). + +Tras esta versión, Ruby 3.0 llega a su Fin de Vida. En otras palabras, +se espera que esta sea la última versión de la serie Ruby 3.0. +No publicaremos Ruby 3.0.8 incluso si se encuentra una vulnerabilidad +de seguridad (aunque se podría publicar si se encontrara una +regresión mayor). +Recomendamos a todos los usuarios de Ruby 3.0 comenzar de inmediato +la migración hacía Ruby 3.3, 3.2, o 3.1. + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.0.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Notas de la publicación + +Muchos contribuyentes, desarrolladores, y usuarios que proveyeron reportes de +fallas nos ayudaron a hacer esta versión. Gracias por sus contribuciones. diff --git a/es/news/_posts/2024-04-23-ruby-3-1-5-released.md b/es/news/_posts/2024-04-23-ruby-3-1-5-released.md new file mode 100644 index 0000000000..139b7bb135 --- /dev/null +++ b/es/news/_posts/2024-04-23-ruby-3-1-5-released.md @@ -0,0 +1,51 @@ +--- +layout: news_post +title: "Publicado Ruby 3.1.5" +author: "hsbt" +translator: vtamara +date: 2024-04-23 10:00:00 +0000 +lang: es +--- + +Se ha publicado Ruby 3.1.5. + +Esta versión incluye correcciones de seguridad. Por favor +revise detalles en los temas siguientes. + +* [CVE-2024-27282: Lectura de direcciones de memoria arbitrarias al buscar Regex]({%link es/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: Vulnerabilidad RCE con .rdoc_options en RDoc](https://www.ruby-lang.org/es/news/2024/03/21/rce-rdoc-cve-2024-27281/) +* [CVE-2024-27280: Vulnerabilidad de sobre-lectura de buffer en StringIO](https://www.ruby-lang.org/es/news/2024/03/21/buffer-overread-cve-2024-27280/) + +Ver más detalles en la [publicación en Github](https://github.com/ruby/ruby/releases/tag/v3_1_5). + + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.1.5" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + + +## Notas de la publicación + +Muchos contribuyentes, desarrolladores, y usuarios que proveyeron reportes de +fallas nos ayudaron a hacer esta versión. Gracias por sus contribuciones. diff --git a/es/news/_posts/2024-04-23-ruby-3-2-4-released.md b/es/news/_posts/2024-04-23-ruby-3-2-4-released.md new file mode 100644 index 0000000000..db96250759 --- /dev/null +++ b/es/news/_posts/2024-04-23-ruby-3-2-4-released.md @@ -0,0 +1,49 @@ +--- +layout: news_post +title: "Publicado Ruby 3.2.4" +author: "nagachika" +translator: vtamara +date: 2024-04-23 10:00:00 +0000 +lang: es +--- + +Se ha publicado Ruby 3.2.4. + +Esta versión incluye correcciones de seguridad. Por favor +revise detalles en los temas siguientes. + +* [CVE-2024-27282: Lectura de direcciones de memoria arbitrarias al buscar Regex]({%link es/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: Vulnerabilidad RCE con .rdoc_options en RDoc](https://www.ruby-lang.org/es/news/2024/03/21/rce-rdoc-cve-2024-27281/) + +Ver más detalles en la [publicación en Github](https://github.com/ruby/ruby/releases/tag/v3_2_4). + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.2.4" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + + +## Notas de la publicación + +Muchos contribuyentes, desarrolladores, y usuarios que proveyeron reportes de +fallas nos ayudaron a hacer esta versión. Gracias por sus contribuciones. diff --git a/es/news/_posts/2024-04-23-ruby-3-3-1-released.md b/es/news/_posts/2024-04-23-ruby-3-3-1-released.md new file mode 100644 index 0000000000..4d1572e40d --- /dev/null +++ b/es/news/_posts/2024-04-23-ruby-3-3-1-released.md @@ -0,0 +1,51 @@ +--- +layout: news_post +title: "Publicado Ruby 3.3.1" +author: "naruse" +translator: vtamara +date: 2024-04-23 10:00:00 +0000 +lang: es +--- + +Se ha publicado Ruby 3.3.1. + +Esta versión incluye correcciones de seguridad. +Por favor revise detalles en los temas siguientes. + +* [CVE-2024-27282: Lectura de direcciones de memoria arbitrarias al buscar Regex]({%link es/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: Vulnerabilidad RCE con .rdoc_options en RDoc](https://www.ruby-lang.org/es/news/2024/03/21/rce-rdoc-cve-2024-27281/) +* [CVE-2024-27280: Vulnerabilidad de sobre-lectura de buffer en StringIO](https://www.ruby-lang.org/es/news/2024/03/21/buffer-overread-cve-2024-27280/) + +Ver más detalles en la [publicación en Github](https://github.com/ruby/ruby/releases/tag/v3_3_1). + + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.3.1" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + + +## Notas de la publicación + +Muchos contribuyentes, desarrolladores, y usuarios que proveyeron reportes de +fallas nos ayudaron a hacer esta versión. Gracias por sus contribuciones. diff --git a/es/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md b/es/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md new file mode 100644 index 0000000000..4e093496a4 --- /dev/null +++ b/es/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md @@ -0,0 +1,34 @@ +--- +layout: news_post +title: "CVE-2024-35176: Denegación de servicio en REXML" +author: "kou" +translator: vtamara +date: 2024-05-16 05:00:00 +0000 +tags: security +lang: es +--- + +Hay una vulnerabilidad de denegación de servicio (DoS) en la gema REXML. +A esta vulnerabilidad se le ha asignado el identificador CVE +[CVE-2024-35176](https://www.cve.org/CVERecord?id=CVE-2024-35176). +Recomendamos enfáticamente actualizar la gema REXML. + +## Detalles + +Cuando se analiza un documento XML con muchos `<` en el valor +de un atributo, la gema REXML puede tardar largo tiempo. + +Por favor actualice la gema REXML a la versión 3.2.7 o posterior. + +## Versiones afectadas + +* Gema REXML 3.2.6 o anteriores + +## Créditos + +Agradecemos a [mprogrammer](https://hackerone.com/mprogrammer) +por descubrir este problema. + +## Historia + +* Publicado originalmente el 2024-05-16 05:00:00 (UTC) diff --git a/es/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md b/es/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md new file mode 100644 index 0000000000..01abcd258b --- /dev/null +++ b/es/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md @@ -0,0 +1,157 @@ +--- +layout: news_post +title: "Publicado Ruby 3.4.0 preview1" +author: "naruse" +translator: vtamara +date: 2024-05-16 00:00:00 +0000 +lang: es +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-preview1" | first %} +Nos complace anunciar la publicación de Ruby {{ release.version }}. + +## Cambios en el lenguaje + +* Las cadenas literales en archivos sin el comentario `frozen_string_literal` + ahora se comportan como si estuvieran congeladas. + Si llegan a ser mutadas se produce una advertencia de desprecio. + Estas advertencia pueden ser habilitadas con `-W:deprecated` + o estableciendo `Warning[:deprecated] = true`. + Para deshabilitar este cambio, puede ejecutar Ruby con el argumento + `--disable-frozen-string-literal` desde la línea de ordenes. + [[Característica #20205]] + +* `it` se agrega para referenciar un parámetro de bloque. + [[Característica #18980]] + +* Ahora se soporta hacer splat de palabras clave con `nil` cuando se + llaman métodos. + `**nil` se trata de manera similar a `**{}`, no pasar palabras clave, + y no llamar método de conversión alguno. [[Falla #20064]] + +* Ya no se permite pasar bloques como índices. [[Falla #19918]] + +* Ya no se permiten argumentos de palabra clave como índices. [[Falla #20218]] + +## Clases fundamentales actualizadas + +Nota: Listamos sólo actualizaciones mayores de clases. + +* Exception + + * Exception#set_backtrace ahora acepta arreglos de + `Thread::Backtrace::Location`. + `Kernel#raise`, `Thread#raise` y `Fiber#raise` también aceptan + este nuevo formato. [[Característica #13557]] + +* Range + + * Range#size ahora lanza `TypeError` si el rango no es iterable. + [[Varios #18984]] + + + +## Problemas de compatibilidad + +Nota: Excluyendo correcciones a problemas en características. + +* Los mensajes de error y la presentación de trazas han sido cambiadas. + * Se usa un sólo apóstrofe en lugar de un apostrofe invertido para + iniciar una cita. [[Característica #16495]] + * Se presenta un nombre de clase antes del nombre de un método + (sólo cuando la clase tiene un nombre permanente). [[Característica #19117]] + * También se cambiaron de la manera análoga los métodos `Kernel#caller`, + `Thread::Backtrace::Location`, etc. + + ``` + Antes: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + Ahora: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + + +## Actualizaciones del API en C + +* Se han eliminado `rb_newobj` y `rb_newobj_of` (y los respectivos macros + `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`). + [[Característica #20265]] +* Se eliminó la función despreciada `rb_gc_force_recycle`. + [[Característica #18290]] + +## Mejoras en implementación + +* Se re-escribió `Array#each` en Ruby para mejorar el desempeño [[Característica #20182]]. + +## Cambios diversos + +* Al pasar un bloque a un método que no use el bloque recibido se + presentará una advertencia en modo verboso (`-w`). + [[Característica #15554]] + +* Al redefinir algunos métodos fundamentales que se han optimizado + de manera especial por el interprete y por JIT como `String.freeze` o + `Integer#+` ahora produce una advertencia en la clase de + desempeño (`-W:performance` o `Warning[:performance] = true`). + [[Característica #20429]] + +Vea notas de publicación como las de +[Logger](https://github.com/ruby/logger/releases) o +archivos de cambios (changelog) con detalles de las gemas +predeterminadas y las gemas incluidas. + +Ver más detalles en +[NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +o en la [bitácora de contribuciones](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}). + +Con estas novedades, [{{ release.stats.files_changed }} archivos cambiados, {{ release.stats.insertions }} inserciones(+), {{ release.stats.deletions }} eliminaciones(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket) +desde Ruby 3.3.0! + + +## Descargas + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Qué es Ruby + +Ruby fu desarrollado inicialmente por Matz (Yukihiro Matsumoto) en 1993, +y ahora se desarrolla como Fuentes Abiertas. Corre en múltiples +plataformas y se usa en todo el mundoa especialmente para +de desarrollo de aplicaciones web. + +[Característica #13557]: https://bugs.ruby-lang.org/issues/13557 +[Característica #15554]: https://bugs.ruby-lang.org/issues/15554 +[Característica #16495]: https://bugs.ruby-lang.org/issues/16495 +[Característica #18290]: https://bugs.ruby-lang.org/issues/18290 +[Característica #18980]: https://bugs.ruby-lang.org/issues/18980 +[Varios #18984]: https://bugs.ruby-lang.org/issues/18984 +[Característica #19117]: https://bugs.ruby-lang.org/issues/19117 +[Falla #19918]: https://bugs.ruby-lang.org/issues/19918 +[Falla #20064]: https://bugs.ruby-lang.org/issues/20064 +[Característica #20182]: https://bugs.ruby-lang.org/issues/20182 +[Característica #20205]: https://bugs.ruby-lang.org/issues/20205 +[Falla #20218]: https://bugs.ruby-lang.org/issues/20218 +[Característica #20265]: https://bugs.ruby-lang.org/issues/20265 +[Característica #20429]: https://bugs.ruby-lang.org/issues/20429 diff --git a/es/news/_posts/2024-05-29-ruby-3-1-6-released.md b/es/news/_posts/2024-05-29-ruby-3-1-6-released.md new file mode 100644 index 0000000000..bb70f5b2da --- /dev/null +++ b/es/news/_posts/2024-05-29-ruby-3-1-6-released.md @@ -0,0 +1,56 @@ +--- +layout: news_post +title: "Publicado Ruby 3.1.6" +author: "hsbt" +translator: vtamara +date: 2024-05-29 9:00:00 +0000 +lang: es +--- + +Ruby 3.1.6 ha sido publicado. + +La serie Ruby 3.1 ahora está en fase de mantenimiento de seguridad. +En general, corregiremos sólo fallas de seguridad en esta fase. +Pero tuvimos varios problemas de compilación después +de la publicación de Ruby 3.1.5. Decidimos publicar Ruby 3.1.6 +para corregir esos problemas. + +Por favor vea los temas siguientes para conocer detalles. + +* [Falla #20151: No puede compilar Ruby 3.1 en FreeBSD 14.0](https://bugs.ruby-lang.org/issues/20151) +* [Falla #20451: Retro-porte con falla en Ruby 3.1.5 impide compilación de fiddle](https://bugs.ruby-lang.org/issues/20451) +* [Falla #20431: Ruby 3.3.0 falla al compilar con make: *** \[io_buffer.o\] Error 1](https://bugs.ruby-lang.org/issues/20431) + +Ver la más detalles en la [publicación de GitHub](https://github.com/ruby/ruby/releases/tag/v3_1_6). + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.1.6" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentarios de la versión + +Muchos contribuidores, desarrolladores y usuarios que proveyeron reportes de +fallas nos ayudaron a hacer esta publicación. + +Gracias por sus contribuciones. diff --git a/es/news/_posts/2024-05-30-datadog-oss-program.md b/es/news/_posts/2024-05-30-datadog-oss-program.md new file mode 100644 index 0000000000..1249220024 --- /dev/null +++ b/es/news/_posts/2024-05-30-datadog-oss-program.md @@ -0,0 +1,47 @@ +--- +layout: news_post +title: "Datadog provee soporte comunitario (software de código abierto) para ruby-lang.org" +author: "hsbt" +translator: vtamara +date: 2024-05-30 00:00:00 +0000 +lang: es +--- + +Nos emociona anunciar que el sitio oficial de Ruby, ruby-lang.org, +ha adoptado Datadog para el monitoreo proveido por el +[soporte comunitario de Datadog para software de código abierto](https://opensource.datadoghq.com/projects/oss-program/). + +Esto nos permite monitorear efectivamente el desempeño y disponibilidad del +sitio en tiempo real para los usuarios de Ruby. +Los beneficios clave de usar Datadog incluyen los siguientes. + +## Visibilidad del CDN + +cache.ruby-lang.org proveido por Fastly es la infraestructura más importante +para el ecosistema Ruby. Datadog permite monitorear el desempeño de la +Red de Entrega de Contenido (CDN). Registra la cobertura del cache y la +tasa de errores mejorando la experiencia de usuario. + +## Visualizción unificada de los datos + +Tenemos varios servicios web para ruby-lang.org. +Datadog permite visualizar datos de análisis de las bitácoras junto +con métricas y monitoreo de desempeño de la aplicación (APM) en un +mismo tablero. + +## Visibilidad de la traza JIT + +Al utilizar las capacidades de rastreo de Datadog, podemos capturar trazas como +flujos de peticiones entre servidores web y bases de datos. +Esto ayuda a identificar cuellos de botella y peticiones problemáticas. + +Publicamos el [tablero público](https://p.ap1.datadoghq.com/sb/1271b83e-af90-11ee-9072-da7ad0900009-01633a8fa8c0b0c0051f1889afdf55dc) +de nuestras métricas clave. +Actualizaremos el tablero mientras seguimos mejorando nuestro monitoreo, +especialmente del desempeño YJIT. + +Esperamos que esta adopción de Datadog contribuya a un desempeño mejorado +para la comunidad Ruby. + +Por favor siga usando ruby-lang.org y disfrute de una experiencia +de usuario mejorada. diff --git a/es/news/_posts/2024-05-30-ruby-3-3-2-released.md b/es/news/_posts/2024-05-30-ruby-3-3-2-released.md new file mode 100644 index 0000000000..805ff2b00a --- /dev/null +++ b/es/news/_posts/2024-05-30-ruby-3-3-2-released.md @@ -0,0 +1,45 @@ +--- +layout: news_post +title: "Publicado Ruby 3.3.2" +author: "k0kubun" +translator: vtamara +date: 2024-05-30 03:50:00 +0000 +lang: es +--- + +Ruby 3.3.2 ha sido publicado. + +Esta versión incluye muchas correcciones a fallas. +Ver más detalles en la [publicación en GitHub](https://github.com/ruby/ruby/releases/tag/v3_3_2). + +## Descarga + +{% assign release = site.data.releases | where: "version", "3.3.2" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comntario de la versión + +Muchos contribuidores, desarrolladores y usuarios que proveyeron reportes de +fallas nos ayudaron a hacer esta versión. + +Gracias por sus contribuciones. diff --git a/es/news/_posts/2024-06-12-ruby-3-3-3-released.md b/es/news/_posts/2024-06-12-ruby-3-3-3-released.md new file mode 100644 index 0000000000..d1646ca397 --- /dev/null +++ b/es/news/_posts/2024-06-12-ruby-3-3-3-released.md @@ -0,0 +1,56 @@ +--- +layout: news_post +title: "Publicado Ruby 3.3.3" +author: "k0kubun" +translator: vtamara +date: 2024-06-12 00:30:00 +0000 +lang: es +--- + +Ruby 3.3.3 ha sido publicado. + +Esta versión incluye: + +* RubyGems 3.5.11 +* Bundler 2.5.11 +* REXML 3.2.8 +* strscan 3.0.9 +* se remplaza `--dump=prism_parsetree` por `--parser=prism --dump=parsetree` +* Los símbolos de codificación inválidos lanzan `SyntaxError` en lugar de + `EncodingError` +* Corrección a fuga de memoria al analizar con Ripper +* Correcciones a fallas para YJIT, `**{}`, `Ripper.tokenize`, `RubyVM::InstructionSequence#to_binary`, `--with-gmp`, y algunos ambientes de compilación. + +Por favor ver más detalles en la [publicación en GitHub](https://github.com/ruby/ruby/releases/tag/v3_3_3). + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.3.3" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentarios de la versión + +Muchos contribuidores, desarrolladores y usuarios que proveyeron reportes de +fallas nos ayudaron a hacer esta versión. + +Gracias por sus contribuciones. diff --git a/es/news/_posts/2024-07-09-ruby-3-3-4-released.md b/es/news/_posts/2024-07-09-ruby-3-3-4-released.md new file mode 100644 index 0000000000..12ace2cbba --- /dev/null +++ b/es/news/_posts/2024-07-09-ruby-3-3-4-released.md @@ -0,0 +1,68 @@ +--- +layout: news_post +title: "Publicado Ruby 3.3.4" +author: "k0kubun" +translator: vtamara +date: 2024-07-09 00:30:00 +0000 +lang: es +--- + +Ruby 3.3.4 ha sido publicado. + +Esta versión corrige una regresión en Ruby 3.3.3 de dependencias +que faltaban en el gemspec de algunas gemas incluidas: `net-pop`, +`net-ftp`, `net-imap`, y `prime` +[[Falla #20581]](https://bugs.ruby-lang.org/issues/20581). + +Esta corrección permite que Bundler instale correctamente esas gemas +en plataformas como Heroku. + +Si `bundle install` le opera correctamente, puede que no tenga +esta falla. + +Otros cambios son correcciones a fallas menores. +Por favor ver detalles en [la publicación en GitHub](https://github.com/ruby/ruby/releases/tag/v3_3_4). + +## Calendario de publicación + +Para avanzar, queremos publicar una nueva versión de Ruby estable +(en este momento Ruby 3.3) cada 2 meses después de la versión `.1`. +En el caso de Ruby 3.3, la versión 3.3.5 se supone que debe ser +liberada el 3 de Septiembre, 3.3.6 el 5 de noviembre, y la +3.3.7 el 7 de Enero. + +Si hay algún cambio que afecte a una cantidad considerable de personas, +e.g. para esta versión, los usuarios de Ruby 3.3.3 en Heroku, +liberaremos una nueva versión antes de lo planeado. + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.3.4" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentario de la versión + +Muchos contribuidores, desarrolladores y usuarios que proveyeron reportes de +fallas nos ayudaron a hacer esta versión. + +Gracias por sus contribuciones. diff --git a/es/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md b/es/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md new file mode 100644 index 0000000000..f61893ce22 --- /dev/null +++ b/es/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md @@ -0,0 +1,34 @@ +--- +layout: news_post +title: "CVE-2024-39908: Vulnerabilidad de Denegación de Servicio (DoS) en REXML" +author: "watson1978" +translator: vtamara +date: 2024-07-16 03:00:00 +0000 +tags: security +lang: es +--- + +Hay una vulnerabilidad de denegación de servicio (DoS) en la gema REXML. +A esta vulnerabilidad se le ha asignado el identificador CVE +[CVE-2024-39908](https://www.cve.org/CVERecord?id=CVE-2024-39908). +Recomendamos enfáticamente actualizar la gema REXML. + +## Detalles + +Cuando analiza un XML que tiene caracteres específicos como +`<`, `0` y `%>`, la gema REXML puede tardar mucho tiempo. + +Por favor actualice la gema REXML a la versión 3.3.2 o posterior. + +## Versiones afectadas + +* Gema REXML 3.3.1 y previas. + +## Créditos + +Agradecemos a [mprogrammer](https://hackerone.com/mprogrammer) +por descrubir este problema. + +## Historia + +* Publicado originalmente el 2024-07-16 03:00:00 (UTC) diff --git a/es/news/_posts/2024-07-26-ruby-3-2-5-released.md b/es/news/_posts/2024-07-26-ruby-3-2-5-released.md new file mode 100644 index 0000000000..cc809b0283 --- /dev/null +++ b/es/news/_posts/2024-07-26-ruby-3-2-5-released.md @@ -0,0 +1,48 @@ +--- +layout: news_post +title: "Publicado Ruby 3.2.5" +author: "nagachika" +translator: vtamara +date: 2024-07-26 10:00:00 +0000 +lang: es +--- + +Ruby 3.2.5 ha sido publicado. + +Esta versión incluye muchas correcciones a fallas. +Y actualizamos la versión de la gema incluida `rexml` para incorporar +la corrección a la falla de seguridad +[CVE-2024-39908 : Denegación de servicio (DoS) en REXML]({%link es/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md %}). + +Por favor vea detalles en la [publicación en GitHub](https://github.com/ruby/ruby/releases/tag/v3_2_5). + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.2.5" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentarios de la versión + +Muchos contribuidores, desarrolladores y usuarios que proveyeron reportes de fallas nos ayudaron a hacer esta versión. + +Gracias por sus contribuciones. diff --git a/es/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md b/es/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md new file mode 100644 index 0000000000..24f6454fe2 --- /dev/null +++ b/es/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md @@ -0,0 +1,36 @@ +--- +layout: news_post +title: "CVE-2024-41123: vulnerabilidad de denegación de servicio (DoS) en REXML" +author: "kou" +translator: vtamara +date: 2024-08-01 03:00:00 +0000 +tags: security +lang: es +--- + +Hay algunas vulnerabilidades de denegación de servicio en la gema +REXML. +A estas vulnerabilidades se les ha asignado el identificador CVE +[CVE-2024-41123](https://www.cve.org/CVERecord?id=CVE-2024-41123). +Recomendamos enfáticamente actualizar la gema REXML. + +## Detalles + +Cuando analiza un documento XML que tiene muchos caracteres específicos +como espacio en blanco, `>]` y `]>`, la gema REXML puede tardar mucho +tiempo. + +Por favor actualice la gema REXML a la versión 3.3.3 o posterior. + +## Versiones afectadas + +* Gema REXML 3.3.2 o anterior + +## Créditos + +Agradecemos a [mprogrammer](https://hackerone.com/mprogrammer) y +[scyoon](https://hackerone.com/scyoon) por descubrir estos problemas. + +## Historia + +* Publicado originalmente el 2024-08-01 03:00:00 (UTC) diff --git a/es/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md b/es/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md new file mode 100644 index 0000000000..350980ddce --- /dev/null +++ b/es/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md @@ -0,0 +1,38 @@ +--- +layout: news_post +title: "CVE-2024-41946: Vulnerabilidad de denegación de servicio en REXML" +author: "kou" +translator: vtamara +date: 2024-08-01 03:00:00 +0000 +tags: security +lang: es +--- + + +Hay una vulnerabilidad de denegación de servicio en la gema +REXML. +A esta vulnerabilidad se le ha asignado el identificador CVE +[CVE-2024-41946](https://www.cve.org/CVERecord?id=CVE-2024-41946). + +Recomendamos enfáticamente actualizar la gema REXML. + + +## Detalles + +Cuando analiza un XML que tiene muchas expansiones de entidades con SAX2 +o la API de analizar, la gema REXML puede tardar mucho tiempo. + +Por favor actualice la gema REXML a la version 3.3.3 o posterior. + +## Versiones afectadas + +* Gema REXML 3.3.2 y anteriores + +## Créditos + +Agradecemos a [NAITOH Jun](https://github.com/naitoh) por descubrir y +resolver este problema. + +## Historia + +* Publicado originalmente el 2024-08-01 03:00:00 (UTC) diff --git a/es/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md b/es/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md new file mode 100644 index 0000000000..6b9aa87686 --- /dev/null +++ b/es/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md @@ -0,0 +1,39 @@ +--- +layout: news_post +title: "CVE-2024-43398: Vulnerabilidad de denegación de servicio (DoS) en REXML" +author: "kou" +translator: vtamara +date: 2024-08-22 03:00:00 +0000 +tags: security +lang: es +--- + +Hay una vulnerabilidad de denegación de servicio en la gema REXML. +A esta vulnerabilidad le ha sido asignado el identificador +[CVE-2024-43398](https://www.cve.org/CVERecord?id=CVE-2024-43398). +Recomendamos enfáticamente actualizar la gema REXML. + +## Detalles + +Cuando analiza un XML que tiene muchos elementos profundos con los +mismos nombres de atributos locales, la gema REXML puede tardar +largo tiempo. + +Esta vulnerabilidad sola afecta la API para analizar árboles. +Si está usando `REXML::Document.new` para analizar un XML, puede +resultar afectado. + +Por favor actualice la gema REXML a la versión 3.3.6 o posterior. + +## Versiones afectadas + +* Gema REXML 3.3.5 y anteriores + +## Créditos + +Agradecemos a [l33thaxor](https://hackerone.com/l33thaxor) por descubrir +este problema. + +## Historia + +* Publicado originalmente el 2024-08-22 03:00:00 (UTC) diff --git a/es/news/_posts/2024-09-03-3-3-5-released.md b/es/news/_posts/2024-09-03-3-3-5-released.md new file mode 100644 index 0000000000..bcac7f7058 --- /dev/null +++ b/es/news/_posts/2024-09-03-3-3-5-released.md @@ -0,0 +1,57 @@ +--- +layout: news_post +title: "Publicado Ruby 3.3.5" +author: k0kubun +translator: vtamara +date: 2024-09-03 06:40:00 +0000 +lang: es +--- + +Ruby 3.3.5 ha sido publicado. + +Esta es una actualización rutinaria que incluye solución a fallas menores. +Recomendamos actualizar su versión de Ruby tan pronto le convenga. +Para ver más detalles, por favor refiérase a +[las notas de la publicación en GitHub](https://github.com/ruby/ruby/releases/tag/v3_3_5). + +## Calendario de versiones + +Como previamente se [había anunciado](https://www.ruby-lang.org/en/news/2024/07/09/ruby-3-3-4-released/), +pretendemos publicar la versión estable más reciente de Ruby (en el momento +Ruby 3.3) cada 2 meses tras una versión `.1`. + +Esperamos publicar Ruby 3.3.6 el 5 de Noviembre y Ruby 3.3.7 el 7 de Enero. +Si aparecen algunos cambios significativos que impacten a un gran número +de usuarios, podríamos publicar una nueva versión antes de lo programado. + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.3.5" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentarios de la versión + +Muchos contribuidores, desarrolladores y usuarios que proveyeron reportes de +fallas nos ayudaron a producir esta versión. + +Gracias por sus contribuciones. diff --git a/es/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md b/es/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md new file mode 100644 index 0000000000..edfb244bf1 --- /dev/null +++ b/es/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md @@ -0,0 +1,170 @@ +--- +layout: news_post +title: "Publicado Ruby 3.4.0 preview2" +author: "naruse" +translator: vtamara +date: 2024-10-07 00:00:00 +0000 +lang: es +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-preview2" | first %} +Nos complace anunciar la publicación de Ruby {{ release.version }}. + +## Prism + +Cambió el analizador sintáctico predeterminado de parse.y a Prism. +[[Característica #20564]] + +## Cambios en el lenguaje + +* Las cadenas literales en archivos sin un comentario `frozen_string_literal` + ahora producen una advertencia de obsolescencia cuando se mutan. + Estas advertencias pueden habilitarse con `-W:deprecated` + o estableciendo `Warning[:deprecated] = true`. + Para deshabilitar este cambio, puede ejecutar Ruby con el argumento + `--disable-frozen-string-literal` en la línea de ordenes. + [[Característica #20205]] + +* Se añade `it` para referenciar un parámetro de bloque. + [[Característica #18980]] + +* Ahora soporta splat de palabra clave `nil` + cuando se llaman métodos. + `**nil` se trata de manera similar a `**{}`, al no pasar + palabras clave, ni llamar método de conversión alguno [[Falla #20064]] + +* Ya no se permite pasar bloques como índices. [[Falla #19918]] + +* Argumentos de palabra clave ya no son permitidos como índices. + [[Falla #20218]] + + +## Actualización a clases fundamentales + +Nota: Listamos sólo actualizaciones a clases muy importantes. + +* Excepción + + * `Exception#set_backtrace` ahora acepta un arreglo de + `Thread::Backtrace::Location`. + `Kernel#raise`, `Thread#raise` y `Fiber#raise` también aceptan + este nuevo formato. [[Característica #13557]] + +* Rangos + + * `Range#size` ahora lanza `TypeError` si el rango no es iterable. + [[Varios #18984]] + + + +## Problemas de compatibilidad + +Nota: Excluyendo correcciones a fallas. + +* Se han cambiado mensajes de error y presentación de trazas. + * Se usa un sólo apostrofe en lugar de un acento grave para iniciar + citas. [[Característica #16495]] + * Presentar el nombre de la clase antes del nombre del método (sólo + cuando la clase tiene un nombre permanente). [[Característica #19117]] + * Los métodos de `Kernel#caller`, `Thread::Backtrace::Location` se + han cambiado análogamente. + + ``` + Antiguo: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + Nuevo: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +* La presentación de `Hash#inspect` ha cambiado. [[Falla #20433]] + * Las llaves que son símbolos se presentan con la sintaxis moderna + para llaves que son símbolos: `"{user: 1}"` + * Otras llaves ahora tiene espacios alrededor de `=>`: + `'{"user" => 1}'`, mientras que antes no tenían: `'{"user"=>1}'` + +## Actualizaciones al API en C + +* Se han eliminado `rb_newobj` y `rb_newobj_of` (y los respectivos macros + `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`). [[Característica #20265]] +* Se eliminó la función obsoleta `rb_gc_force_recycle`. [[Característica #18290]] + +## Mejoras a la implementación + +* `Array#each` se ha reescrito en Ruby para mejorar desempeño + [[Característica #20182]]. + +## Cambios varios + +* Al pasar un bloque a un método que no usa el bloque pasado ahora presentará + una advertencia en modo verboso (`-w`). + [[Característica #15554]] + +* Al redefinir algunos métodos fundamentales que son optimizados de manera + especial por el interprete y el JIT como `String.freeze` o `Integer#+` + ahora se emite una advertencia de desempeño + (`-W:performance` o `Warning[:performance] = true`). + [[Característica #20429]] + +Ver publicaciones de nuevas versiones en Github de +[Logger](https://github.com/ruby/logger/releases) o la bitácora de cambios +para ver detalles de las gemas predeterminadas y las gemas incluidas. + +Ver más detalles en +[NOTICIAS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +o en [la bitácora de contribuciones](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}). + +Con estos cambios, [{{ release.stats.files_changed }} archivos modificados, +{{ release.stats.insertions }} inserciones(+), +{{ release.stats.deletions }} eliminaciones(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket) +desde Ruby 3.3.0! + + +## Descargas + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Lo que es Ruby + +Ruby fue desarrolladoa primero por Matz (Yukihiro Matsumoto) en 1993, +y ahora es desarrollado como Fuentes Abiertas. +Opera en múltiples platformas y es usado en todo el mundo +especialmente para desarrollo web. + +[Característica #13557]: https://bugs.ruby-lang.org/issues/13557 +[Característica #15554]: https://bugs.ruby-lang.org/issues/15554 +[Característica #16495]: https://bugs.ruby-lang.org/issues/16495 +[Característica #18290]: https://bugs.ruby-lang.org/issues/18290 +[Característica #18980]: https://bugs.ruby-lang.org/issues/18980 +[Varios #18984]: https://bugs.ruby-lang.org/issues/18984 +[Característica #19117]: https://bugs.ruby-lang.org/issues/19117 +[Falla #19918]: https://bugs.ruby-lang.org/issues/19918 +[Falla #20064]: https://bugs.ruby-lang.org/issues/20064 +[Característica #20182]: https://bugs.ruby-lang.org/issues/20182 +[Característica #20205]: https://bugs.ruby-lang.org/issues/20205 +[Falla #20218]: https://bugs.ruby-lang.org/issues/20218 +[Característica #20265]: https://bugs.ruby-lang.org/issues/20265 +[Característica #20429]: https://bugs.ruby-lang.org/issues/20429 +[Característica #20564]: https://bugs.ruby-lang.org/issues/20564 +[Falla #20433]: https://bugs.ruby-lang.org/issues/20433 diff --git a/es/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md b/es/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md new file mode 100644 index 0000000000..e8e5f8d14c --- /dev/null +++ b/es/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md @@ -0,0 +1,39 @@ +--- +layout: news_post +title: "CVE-2024-49761: Vulnerabilidad ReDoS en REXML" +author: "kou" +translator: vtamara +date: 2024-10-28 03:00:00 +0000 +tags: security +lang: es +--- + +Hay una vulnerabilidad en la gema REXML. A esta vulnerabilidad se le ha +asignado el identificador CVE +[CVE-2024-49761](https://www.cve.org/CVERecord?id=CVE-2024-49761). +Recomendamos enfáticamente actualizar la gema REXML. + +Esto no ocurre con Ruby 3.2 o posteriores. Ruby 3.1 es el único Ruby +con mantenimiento que resulta afectado. +Note que Ruby 3.1 llegará a su Fin de Vida en 2025-03. + +## Detalles + +Cuando se analiza un XML que tiene mucho dígitos entre +`&#` y `x...;`, en una referencia a caracteres de un numero +hexadecimal (`&#x...;`). + +Por favor actualice la gema REXML a la versión 3.3.9 o posterior. + +## Versiones afectadas + +* Gema REXML 3.3.8 y anteriores con Ruby 3.1 o anteriores. + +## Créditos + +Agradecemos a [manun](https://hackerone.com/manun) por descubrir +este problema. + +## Historia + +* Publicado originalmente el 2024-10-28 03:00:00 (UTC) diff --git a/es/news/_posts/2024-10-30-ruby-3-2-6-released.md b/es/news/_posts/2024-10-30-ruby-3-2-6-released.md new file mode 100644 index 0000000000..71671811ac --- /dev/null +++ b/es/news/_posts/2024-10-30-ruby-3-2-6-released.md @@ -0,0 +1,44 @@ +--- +layout: news_post +title: "Publicado Ruby 3.2.6" +author: nagachika +translator: vtamara +date: 2024-10-30 10:00:00 +0000 +lang: es +--- + +Ruby 3.2.6 ha sido publicado. + +Por favor vea detalles en la [publicación en GitHub](https://github.com/ruby/ruby/releases/tag/v3_2_6). + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.2.6" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentario de la versión + +Muchos contribuidores, desarrolladores y usuarios que proveyeron reportes de +fallas nos ayudaron a producir esta versión. + +Gracias por sus contribuciones. diff --git a/es/news/_posts/2024-11-05-ruby-3-3-6-released.md b/es/news/_posts/2024-11-05-ruby-3-3-6-released.md new file mode 100644 index 0000000000..285eb9d906 --- /dev/null +++ b/es/news/_posts/2024-11-05-ruby-3-3-6-released.md @@ -0,0 +1,59 @@ +--- +layout: news_post +title: "Publicado Ruby 3.3.6" +author: k0kubun +translator: vtamara +date: 2024-11-05 04:25:00 +0000 +lang: es +--- + +Ruby 3.3.6 ha sido publicado. + +Esta es una actualización de rutina que incluye soluciones a fallas menores. +También detiene las advertencias sobre dependencias faltantes de gemas +predeterminadas que serán gemas incluidas en Ruby 3.5. + +Para ver más detalles, por favor refiérase a +[las notas de la publicación en GitHub](https://github.com/ruby/ruby/releases/tag/v3_3_6). + +## Calendario de versiones + +Como se [anunció anteriormente](https://www.ruby-lang.org/es/news/2024/07/09/ruby-3-3-4-released/), +queremos publicar la versión de Ruby más estable (Ruby 3.3 al momento de este +escrito) cada 2 meses después de una versión `.1`. + +Esperamos publicar Ruby 3.3.7 en Enero 7. Si ocurre algún cambio significativo +que impacte un gran número de usuario, podríamos publicar una nueva versión +antes de lo programado. + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.3.6" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentario de la versión + +Muchos contribuidores, desarrolladores y usuarios que proveyeron reportes de +fallas nos ayudaron a producir esta versión. + +Gracias por sus contribuciones. diff --git a/es/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md b/es/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md new file mode 100644 index 0000000000..e7112448bf --- /dev/null +++ b/es/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md @@ -0,0 +1,224 @@ +--- +layout: news_post +title: "Publicado Ruby 3.4.0 rc1" +author: "naruse" +translator: vtamara +date: 2024-12-12 00:00:00 +0000 +lang: es +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-rc1" | first %} +Nos complace anunciar la publicación de Ruby {{ release.version }}. + +## Prism + +Cambia el analizador sintáctico predeterminado de parse.y a Prism. +[[Característica #20564]] + +## Recolector de basura modular + +* Pueden cargarse dinámicamente implementaciones alternativas del recolector + de basura (__Garbage Collector__ o __GC__) mediante la característica + recolector de basura modular. Para habilitar esta característica + configure Ruby con `--with-modular-gc` durante la compilación. + Las librerías del GC pueden cargarse en tiempo de ejecución con la + variable de ambiente `RUBY_GC_LIBRARY`. [[Característica #20351]] + +* El recolector de basura incorporado en Ruby se ha dividido en un archivo + `gc/default/default.c` que interacuta con Ruby usando la API definida en + `gc/gc_impl.h`. El recolector de basura incorporado ahora puede ser compilado + como librería usando `make modular-gc MODULAR_GC=default` y se habilita + con la variable de ambiente `RUBY_GC_LIBRARY=default`. [[Característica#20470]] + +* Se provee una librería de GC experimental en [MMTk](https://www.mmtk.io/). + Esta librería de GC puede compilarse usando `make modular-gc MODULAR_GC=mmtk` + y se habiita usando la variable de ambiente `RUBY_GC_LIBRARY=mmtk`. + Esto requiere las herramientas de Rust en el computador donde se compila. + [[Característica#20860]] + + +## Cambios en el lenguaje + +* Las cadenas literales en archivos sin el comentario `frozen_string_literal` + ahora emiten una advertencia de deprecación cuando se mutan. + Estas advertencia pueden ser habilitadas con `-W:deprecated` + o estableciendo `Warning[:deprecated] = true`. + Para deshabilitar este cambio, puede ejecutar Ruby con el argumento + `--disable-frozen-string-literal` desde la línea de ordenes. + [[Característica #20205]] + +* `it` se agrega para referenciar un parámetro de bloque. + [[Característica #18980]] + +* Ahora se soporta hacer splat de palabras clave con `nil` cuando se + llaman métodos. + `**nil` se trata de manera similar a `**{}`, no pasar palabras clave, + y no llamar método de conversión alguno. [[Falla #20064]] + +* Ya no se permite pasar bloques como índices. [[Falla #19918]] + +* Ya no se permiten argumentos de palabra clave como índices. [[Falla #20218]] + +## YJIT + +TL;DR: +* Mejor resultado en la mayoría de pruebas de desempeño tanto en plataformas + x86-64 como en arm64. +* Uso de memoria reducido en los meta-datos de compilación. +* Se corrigen diversas fallas. YJIT es ahora más robusto y mejor probado. + +Nuevas características: +* Agrega un límite de memoria unificado mediante la opción en la línea + de ordenes `--yjit-mem-size` (128MiB de manera predeterminada) + que hace seguimiento al uso total de memoria de YJIT y que es más + intuitivo que el anterior `--yjit-exec-mem-size`. +* Ahora hay más estadísticas disponible con `RubyVM::YJIT.runtime_stats` +* Añade a la bitácora de compilación seguimiento de lo que + se ha compilado con `--yjit-log` +* La cola de la bitácora también está disponible en tiempo de ejecución + con `RubyVM::YJIT.log` +* Añade soporte para constantes compartidas en modo multi-ractor. +* Ahora puede hacer seguimiento a la cuenta de salidas con `--yjit-trace-exits=COUNTER` + +Nuevas optimizaciones: +* El contexto comprimido reduce la memoria requerida para almacenar los + metadatos de YJIT. +* Localizador mejorado con la habilidad de localizar registros para + variables locales. +* Cuando YJIT está habilitado, usa más primitivas fundamentales escritas + en Ruby: + * `Array#each`, `Array#select`, `Array#map` reescritas en Ruby para dar + mejor desempeño [[Caracteristica #20182]]. +* Habilidad de ejecutar en línea métodos pequeños/triviales tales como: + * Métodos vacios. + * Métodos que retornan una constante. + * Métodos que retornan self. + * Métodos que retornan directamente un argumento. +* codegen especializado para muchos más métodos en tiempo de ejecución. +* Optimiza `String#getbyte`, `String#setbyte` y otros métodos de string. +* Optimiza operaciones entre bits para hacer más rápidas las manipulaciones de + bits/bytes a bajo nivel. +* Otra optimizaciones incrementales diversas. + +## Clases fundamentales actualizadas + +Nota: Listamos sólo actualizaciones mayores de clases. + +* Exception + + * `Exception#set_backtrace` ahora acepta arreglos de + `Thread::Backtrace::Location`. + `Kernel#raise`, `Thread#raise` y `Fiber#raise` también aceptan + este nuevo formato. [[Característica #13557]] + +* Range + + * `Range#size` ahora lanza `TypeError` si el rango no es iterable. + [[Varios #18984]] + + + +## Problemas de compatibilidad + +Nota: Excluyendo correcciones a problemas en características. + +* Los mensajes de error y la presentación de trazas han sido cambiadas. + * Se usa un sólo apóstrofe en lugar de un apostrofe invertido para + iniciar una cita. [[Característica #16495]] + * Se presenta un nombre de clase antes del nombre de un método + (sólo cuando la clase tiene un nombre permanente). [[Característica #19117]] + * También se cambiaron de la manera análoga los métodos `Kernel#caller`, + `Thread::Backtrace::Location`, etc. + + ``` + Antes: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + Ahora: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + + +## Actualizaciones del API en C + +* Se han eliminado `rb_newobj` y `rb_newobj_of` (y los respectivos macros + `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`). + [[Característica #20265]] +* Se eliminó la función despreciada `rb_gc_force_recycle`. + [[Característica #18290]] + +## Cambios diversos + +* Al pasar un bloque a un método que no use el bloque recibido se + presentará una advertencia en modo verboso (`-w`). + [[Característica #15554]] + +* Al redefinir algunos métodos fundamentales que se han optimizado + de manera especial por el interprete y por JIT como `String.freeze` o + `Integer#+` ahora produce una advertencia en la clase de + desempeño (`-W:performance` o `Warning[:performance] = true`). + [[Característica #20429]] + +Vea notas de publicación como las de +[Logger](https://github.com/ruby/logger/releases) o +archivos de cambios (changelog) con detalles de las gemas +predeterminadas y las gemas incluidas. + +Ver más detalles en +[NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +o en la [bitácora de contribuciones](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}). + +Con estas novedades, [{{ release.stats.files_changed }} archivos cambiados, {{ release.stats.insertions }} inserciones(+), {{ release.stats.deletions }} eliminaciones(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket) +desde Ruby 3.3.0! + + +## Descargas + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Qué es Ruby + +Ruby fu desarrollado inicialmente por Matz (Yukihiro Matsumoto) en 1993, +y ahora se desarrolla como Fuentes Abiertas. Corre en múltiples +plataformas y se usa en todo el mundo especialmente para +de desarrollo de aplicaciones web. + +[Característica #13557]: https://bugs.ruby-lang.org/issues/13557 +[Característica #15554]: https://bugs.ruby-lang.org/issues/15554 +[Característica #16495]: https://bugs.ruby-lang.org/issues/16495 +[Característica #18290]: https://bugs.ruby-lang.org/issues/18290 +[Característica #18980]: https://bugs.ruby-lang.org/issues/18980 +[Varios #18984]: https://bugs.ruby-lang.org/issues/18984 +[Característica #19117]: https://bugs.ruby-lang.org/issues/19117 +[Falla #19918]: https://bugs.ruby-lang.org/issues/19918 +[Falla #20064]: https://bugs.ruby-lang.org/issues/20064 +[Característica #20182]: https://bugs.ruby-lang.org/issues/20182 +[Característica #20205]: https://bugs.ruby-lang.org/issues/20205 +[Falla #20218]: https://bugs.ruby-lang.org/issues/20218 +[Característica #20265]: https://bugs.ruby-lang.org/issues/20265 +[Característica #20351]: https://bugs.ruby-lang.org/issues/20351 +[Característica #20429]: https://bugs.ruby-lang.org/issues/20429 +[Característica #20470]: https://bugs.ruby-lang.org/issues/20470 +[Característica #20564]: https://bugs.ruby-lang.org/issues/20564 +[Característica #20860]: https://bugs.ruby-lang.org/issues/20860 diff --git a/es/news/_posts/2024-12-25-ruby-3-4-0-released.md b/es/news/_posts/2024-12-25-ruby-3-4-0-released.md new file mode 100644 index 0000000000..c995dacd83 --- /dev/null +++ b/es/news/_posts/2024-12-25-ruby-3-4-0-released.md @@ -0,0 +1,427 @@ +--- +layout: news_post +title: "Publicado Ruby 3.4.0" +author: "naruse" +translator: vtamara +date: 2024-12-25 00:00:00 +0000 +lang: es +--- + +{% assign release = site.data.releases | where: "version", "3.4.0" | first %} +Nos complace anunciar la publicación de Ruby {{ release.version }}. +Ruby 3.4 añade la referencia a parámetros de bloque `it`, cambia Prism +como analizador sintáctico predeterminado, agrega soporte para +Happy Eyeballs Version 2 a la librería de zócales, mejora YJIT, +agrega recolector de basura modular, y otros cambios. + +## Se introduce `it` + +`it` se agrega para referenciar un parámetro de bloque sin un nombre de +variable. [[Característica #18980]] + +```ruby +ary = ["foo", "bar", "baz"] + +p ary.map { it.upcase } #=> ["FOO", "BAR", "BAZ"] +``` + +`it` se comporta de manera muy similar a `_1`. Cuando la intención es usar +sólo `_1` en un bloque, el potencial de otros parámetros numerados tales +como `_2` aparece para imponer una carga cognitiva extra para los lectores. +Así que `it` se introdujo como un sobrenombre práctico. Use `it` en casos +simples donde `it` hable por si mismo, tales como bloques de una sola linea. + +## Prism es ahora el analizador sintáctico predeterminado + +Cambia el analizador sintáctico predeterminado de parse.y a Prism. +[[Característica #20564]] + +Esta es una mejora interna y debería corresponder a un cambio mínimo +visible al usuario. Si nota algún problema de compatibilidad, por favor +reportelo. + +Para usar el analizador convencional, use el argumento para la línea de +ordenes `--parser=parse.y`. + +## La librería de sockets ahora incluye la característica Happy Eyeballs Version 2 (RFC 8305) + +La librería de sockets ahora incluye [Happy Eyeballs Version 2 (RFC 8305)](https://datatracker.ietf.org/doc/html/rfc8305), +la última versión estandarizada de una aproximación ampliamente adoptada para +mejorar la conectividad en muchos lenguajes de programación, en +`TCPSocket.new` (`TCPSocket.open`) y `Socket.tcp`. +Esta mejora le permite a Ruby proveer conexiones de red eficientes y robustas, +adaptadas a los ambientes de internet modernos. + +Hasta Ruby 3.3, estos métodos efectuaban resolución den nombres e intentos de +conexión de manera serial. Con este algoritmo, estos ahora operan así: + +1. Efectuar la resolución de nombres IPv6 e IPv4 concurrentemente +2. Intentar la conexión con las direcciones IP resueltas, priorizando IPv6, + con intentos en paralelo escalonados en intervalos de 250ms +3. Retornar la primera conexión exitosa mientras cancela cualquier otra + +Esto asegura que se minimizan demoras en la conexión, aún si el protocolo +especificado o la dirección IP se demoran o no están disponible. +Esta característica esta habilita de manera predeterminada, así que no +se requiere configuración adicional para usarla. Para deshabilitarla, +establezca la variable de ambiente `RUBY_TCP_NO_FAST_FALLBACK=1` o llame +`Socket.tcp_fast_fallback=false`. +O deshabilitarlas por método, usando el argumento de palabra clave +`fast_fallback: false`. + +## YJIT + +### TL;DR + +* Mejor resultado en la mayoría de pruebas de desempeño tanto en plataformas + x86-64 como en arm64. +* Uso de memoria reducido mediante meta-datos comprimidos y un límite + de memoria unificado. +* Se corrigen diversas fallas: YJIT es ahora más robusto y mejor probado. + +### Nuevas características + +* Opciones en la línea de ordenes + * `--yjit-mem-size` introudce un límite de memoria unificado + (128MiB predeterminado) para hacer seguimiento al uso total de + memoria de YJIT, siendo una alternativa más intuitiva respecto + a la opción anterior `--yjit-exec-mem-size`. + * `--yjit-log` permite que la bitácora de compilación haga seguimiento + a lo que se compila. +* API de Ruby + * `RubyVM::YJIT.log` da acceso a la cola de la bitácora de compilación + en tiempo de ejecución. +* Estadísticas YJIT + * `RubyVM::YJIT.runtime_stats` ahora da estadísticas adicionales de + invalidación, compilación en línea y codificación de meta-datos. + +### Nuevas optimizaciones + +* Añade soporte para constantes compartidas en modo multi-ractor. +* Ahora puede hacer seguimiento a la cuenta de salidas con + `--yjit-trace-exits=COUNTER` + +### Nuevas optimizaciones: +* El contexto comprimido reduce la memoria requerida para almacenar los + metadatos de YJIT. +* Localiza registros para variables locales y para argumentos de métodos. +* Cuando YJIT está habilitado, usa más primitivas fundamentales escritas + en Ruby: + * `Array#each`, `Array#select`, `Array#map` reescritas en Ruby para dar + mejor desempeño [[Caracteristica #20182]]. +* Habilidad de ejecutar en línea métodos pequeños/triviales tales como: + * Métodos vacios. + * Métodos que retornan una constante. + * Métodos que retornan self. + * Métodos que retornan directamente un argumento. +* Codegen especializado para muchos más métodos en tiempo de ejecución. +* Optimiza `String#getbyte`, `String#setbyte` y otros métodos de string. +* Optimiza operaciones entre bits para acelerar las manipulaciones de + bits/bytes a bajo nivel. +* Otra optimizaciones incrementales diversas. + + +## Recolector de basura modular + +* Pueden cargarse dinámicamente implementaciones alternativas del recolector + de basura (__Garbage Collector__ o __GC__) mediante la característica + recolector de basura modular. Para habilitar esta característica + configure Ruby con `--with-modular-gc` durante la compilación. + Las librerías del GC pueden cargarse en tiempo de ejecución con la + variable de ambiente `RUBY_GC_LIBRARY`. [[Característica #20351]] + +* El recolector de basura incorporado en Ruby se ha dividido en un archivo + `gc/default/default.c` que interacuta con Ruby usando la API definida en + `gc/gc_impl.h`. El recolector de basura incorporado ahora puede ser compilado + como librería usando `make modular-gc MODULAR_GC=default` y se habilita + con la variable de ambiente `RUBY_GC_LIBRARY=default`. [[Característica#20470]] + +* Se provee una librería de GC experimental en [MMTk](https://www.mmtk.io/). + Esta librería de GC puede compilarse usando `make modular-gc MODULAR_GC=mmtk` + y se habiita usando la variable de ambiente `RUBY_GC_LIBRARY=mmtk`. + Esto requiere las herramientas de Rust en el computador donde se compila. + [[Característica#20860]] + + +## Cambios en el lenguaje + +* Las cadenas literales en archivos sin el comentario `frozen_string_literal` + ahora emiten una advertencia de deprecación cuando se mutan. + Estas advertencia pueden ser habilitadas con `-W:deprecated` + o estableciendo `Warning[:deprecated] = true`. + Para deshabilitar este cambio, puede ejecutar Ruby con el argumento + `--disable-frozen-string-literal` desde la línea de ordenes. + [[Característica #20205]] + +* Ahora se soporta hacer splat de palabras clave con `nil` cuando se + llaman métodos. + `**nil` se trata de manera similar a `**{}`, no pasar palabras clave, + y no llamar método de conversión alguno. [[Falla #20064]] + +* Ya no se permite pasar bloques como índices. [[Falla #19918]] + +* Ya no se permiten argumentos de palabra clave como índices. [[Falla #20218]] + +* El nombre de nivel superior `::Ruby` ahora es reservao, y su definición + producirá una adverencia `Warning[:deprecated]`. [[Característica #20884]] + +## Clases fundamentales actualizadas + +Nota: Listamos sólo actualizaciones notables a las clases fundamentales. + +* Exception + + * `Exception#set_backtrace` ahora acepta arreglos de + `Thread::Backtrace::Location`. + `Kernel#raise`, `Thread#raise` y `Fiber#raise` también aceptan + este nuevo formato. [[Característica #13557]] + +* GC + + * `GC.config` agregado para establecer variables de configuración del + recolector de basura. [[Característica #20443]] + + * Se introdujo el parámetro de configuración del GC + `rgengc_allow_full_mark`. Cuando es `false` + el GC sólo marcará objetos jóvenes. + De manera predeterminada es `true`. [[Característica #20443]] + +* Ractor + + * Se permite `require` en un Ractor. El proceso requerido se ejecutará + en el Ractor principal. + Se añade `Ractor._require(feature)` para ejecutar procesos requeridos + en el Ractor principal. [[Característica #20627]] + + * Se agrega `Ractor.main?`. [[Característica #20627]] + + * `Ractor.[]` y `Ractor.[]=` se agregan para acceder al almacenamiento + local del Ractor acutual. [[Característica #20715]] + + * `Ractor.store_if_absent(key){ init }` se añade para inicializar las + variables locales del ractor de manera segura entre hilos. + [[Característica #20875]] + +* Range + + * `Range#size` ahora lanza `TypeError` si el rango no es iterable. + [[Varios #18984]] + + +## Actualizaciones a la librería estándar + +Nota: Listamos sólo actualizaciones notables a las librerías estándar. + +* RubyGems + * Se agrega la opción `--attestation` a gem push. + Permite almacenar la firma a [sigstore.dev] + +* Bundler + * Se añade la configuración `lockfile_checksums` para incluir sumas de + chequeo en archivos de bloqueo frescos + * Se añade bundle lock `--add-checksums` para agregar sumas de chequeo + a archivos de bloqueo existentes. + +* JSON + + * Mejoras de desempeño a `JSON.parse` que resulta 1.5 veces más rápido + que json-2.7.x. + +* Tempfile + + * El argumento de palabra clave `anonymous: true` se implementa en + `Tempfile.create`. + `Tempfile.create(anonymous: true)` elimina inmediatamente el archivo + temporal creado. + Así que las aplicaciones no necesitan eliminarlo. + [[Característica #20497]] + +* win32/sspi.rb + + * Se extrajo esta librería del repositorio Ruby a [ruby/net-http-sspi]. + [[Característica #20775]] + +## Problemas de compatibilidad + +Nota: Excluyendo correcciones a problemas en características. + +* Los mensajes de error y la presentación de trazas han sido cambiadas. + * Se usa un sólo apóstrofe en lugar de un apostrofe invertido para + iniciar una cita. [[Característica #16495]] + * Se presenta un nombre de clase antes del nombre de un método + (sólo cuando la clase tiene un nombre permanente). [[Característica #19117]] + * También se cambiaron de la manera análoga los métodos `Kernel#caller`, + `Thread::Backtrace::Location`, etc. + + ``` + Antes: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + Ahora: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +* Hash#inspect ha cambiado la forma de presentar información. [[Falla #20433]] + + * Las llaves símbolo se presentan usando la sintaxis moderna para + llaves símbolo: `"{usuario: 1}"` + * Otras llaves ahora tienen espacio alrededor de `=>`: + `'{"usuario" => 1}'`, aunque antes no lo tenían: `'{"usuario"=>1}'` + +* Kernel#Float() ahora acepta una cadena en decimal omitiendo la parte decimal. [[Característica #20705]] + + ```rb + Float("1.") #=> 1.0 (antes lanzaba ArgumentError) + Float("1.E-1") #=> 0.1 (antes lanzaba ArgumentError) + ``` + +* String#to_f ahora acepta una cadena decimal que omite la parte decimal. + Note que el resultado cambia cuando se especifica un exponente. + [[Característica #20705]] + + ```rb + "1.".to_f #=> 1.0 + "1.E-1".to_f #=> 0.1 (antes retornaba 1.0) + ``` + +* Refinement#refined_class ha sido eliminada. [[Característica #19714]] + +## Problemas de compatibilidad de la Librería Estándar + +* DidYouMean + + * `DidYouMean::SPELL_CHECKERS[]=` y `DidYouMean::SPELL_CHECKERS.merge!` + eliminadas. + +* Net::HTTP + + * Se eliminaron las siguientes contantes despreciadas: + * `Net::HTTP::ProxyMod` + * `Net::NetPrivate::HTTPRequest` + * `Net::HTTPInformationCode` + * `Net::HTTPSuccessCode` + * `Net::HTTPRedirectionCode` + * `Net::HTTPRetriableCode` + * `Net::HTTPClientErrorCode` + * `Net::HTTPFatalErrorCode` + * `Net::HTTPServerErrorCode` + * `Net::HTTPResponseReceiver` + * `Net::HTTPResponceReceiver` + + Estas constantes fueron despreciadas desde el 2012. + +* Timeout + + * Rechaza valores negativos para Timeout.timeout. [[Falla #20795]] + +* URI + + * Se cambió el analizador predeterminado compatible con el RFC 3986 por + otro compatible con le con el RFC 2396. [[Falla #19266]] + + +## Actualizaciones del API en C + +* Se han eliminado `rb_newobj` y `rb_newobj_of` (y los respectivos macros + `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`). + [[Característica #20265]] +* Se eliminó la función despreciada `rb_gc_force_recycle`. + [[Característica #18290]] + +## Cambios diversos + +* Al pasar un bloque a un método que no use el bloque recibido se + presentará una advertencia en modo verboso (`-w`). + [[Característica #15554]] + +* Al redefinir algunos métodos fundamentales que se han optimizado + de manera especial por el interprete y por JIT como `String.freeze` o + `Integer#+` ahora produce una advertencia en la clase de + desempeño (`-W:performance` o `Warning[:performance] = true`). + [[Característica #20429]] + + +Ver más detalles en +[NEWS]([NEWS](https://docs.ruby-lang.org/en/3.4/NEWS_md.html) +o en la [bitácora de contribuciones](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}). + +Con estas novedades, [{{ release.stats.files_changed }} archivos cambiados, {{ release.stats.insertions }} inserciones(+), {{ release.stats.deletions }} eliminaciones(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket) +desde Ruby 3.3.0! + +¡Feliz navidad, felices fiestas, y disfrute programando con Ruby 3.4! + +## Descargas + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Qué es Ruby + +Ruby fu desarrollado inicialmente por Matz (Yukihiro Matsumoto) en 1993, +y ahora se desarrolla como Fuentes Abiertas. Corre en múltiples +plataformas y se usa en todo el mundo especialmente para +de desarrollo de aplicaciones web. + +[Característica #13557]: https://bugs.ruby-lang.org/issues/13557 +[Característica #15554]: https://bugs.ruby-lang.org/issues/15554 +[Característica #16495]: https://bugs.ruby-lang.org/issues/16495 +[Característica #18290]: https://bugs.ruby-lang.org/issues/18290 +[Característica #18980]: https://bugs.ruby-lang.org/issues/18980 +[Varios #18984]: https://bugs.ruby-lang.org/issues/18984 +[Característica #19117]: https://bugs.ruby-lang.org/issues/19117 +[Falla #19918]: https://bugs.ruby-lang.org/issues/19918 +[Falla #20064]: https://bugs.ruby-lang.org/issues/20064 +[Característica #20182]: https://bugs.ruby-lang.org/issues/20182 +[Característica #20205]: https://bugs.ruby-lang.org/issues/20205 +[Falla #20218]: https://bugs.ruby-lang.org/issues/20218 +[Característica #20265]: https://bugs.ruby-lang.org/issues/20265 +[Característica #20351]: https://bugs.ruby-lang.org/issues/20351 +[Característica #20429]: https://bugs.ruby-lang.org/issues/20429 +[Característica #20470]: https://bugs.ruby-lang.org/issues/20470 +[Característica #20564]: https://bugs.ruby-lang.org/issues/20564 +[Característica #20860]: https://bugs.ruby-lang.org/issues/20860 +[Falla #19266]: https://bugs.ruby-lang.org/issues/19266 +[Característica #19714]: https://bugs.ruby-lang.org/issues/19714 +[Falla #19918]: https://bugs.ruby-lang.org/issues/19918 +[Falla #20064]: https://bugs.ruby-lang.org/issues/20064 +[Característica #20182]: https://bugs.ruby-lang.org/issues/20182 +[Característica #20205]: https://bugs.ruby-lang.org/issues/20205 +[Falla #20218]: https://bugs.ruby-lang.org/issues/20218 +[Característica #20265]: https://bugs.ruby-lang.org/issues/20265 +[Característica #20351]: https://bugs.ruby-lang.org/issues/20351 +[Característica #20429]: https://bugs.ruby-lang.org/issues/20429 +[Característica #20443]: https://bugs.ruby-lang.org/issues/20443 +[Característica #20470]: https://bugs.ruby-lang.org/issues/20470 +[Característica #20497]: https://bugs.ruby-lang.org/issues/20497 +[Característica #20564]: https://bugs.ruby-lang.org/issues/20564 +[Falla #20620]: https://bugs.ruby-lang.org/issues/20620 +[Característica #20627]: https://bugs.ruby-lang.org/issues/20627 +[Característica #20705]: https://bugs.ruby-lang.org/issues/20705 +[Característica #20715]: https://bugs.ruby-lang.org/issues/20715 +[Característica #20775]: https://bugs.ruby-lang.org/issues/20775 +[Falla #20795]: https://bugs.ruby-lang.org/issues/20795 +[Característica #20860]: https://bugs.ruby-lang.org/issues/20860 +[Característica #20875]: https://bugs.ruby-lang.org/issues/20875 +[Característica #20884]: https://bugs.ruby-lang.org/issues/20884 +[sigstore.dev]: sigstore.dev +[ruby/net-http-sspi]: https://github.com/ruby/net-http-sspi diff --git a/es/news/_posts/2024-12-25-ruby-3-4-1-released.md b/es/news/_posts/2024-12-25-ruby-3-4-1-released.md new file mode 100644 index 0000000000..eebebe8a17 --- /dev/null +++ b/es/news/_posts/2024-12-25-ruby-3-4-1-released.md @@ -0,0 +1,39 @@ +--- +layout: news_post +title: "Publicado Ruby 3.4.1" +author: "naruse" +translator: vtamara +date: 2024-12-25 00:00:00 +0000 +lang: es +--- + +Se ha publicado Ruby 3.4.1. + +Este corrige la descripción de la versión. + +Ver más detalles en la [publicación de GitHub](https://github.com/ruby/ruby/releases/tag/v3_4_1). + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.4.1" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} diff --git a/es/news/_posts/2025-01-15-ruby-3-3-7-released.md b/es/news/_posts/2025-01-15-ruby-3-3-7-released.md new file mode 100644 index 0000000000..40bcdac186 --- /dev/null +++ b/es/news/_posts/2025-01-15-ruby-3-3-7-released.md @@ -0,0 +1,47 @@ +--- +layout: news_post +title: "Publicado Ruby 3.3.7" +author: k0kubun +translator: vtamara +date: 2025-01-15 07:51:59 +0000 +lang: es +--- + +Ruby 3.3.7 ha sido publicado. + +Esta es una actualización de rutina que incluye corrección a fallas menores. +Por favor revise más detalles en las +[notas de publicación en GitHub](https://github.com/ruby/ruby/releases/tag/v3_3_7). + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.3.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentario de la versión + + +Muchos contribuidores, desarrolladores y usuarios que proveyeron reportes de +fallas nos ayudaron a producir esta versión. + +Gracias por sus contribuciones. diff --git a/es/news/_posts/2025-02-04-ruby-3-2-7-released.md b/es/news/_posts/2025-02-04-ruby-3-2-7-released.md new file mode 100644 index 0000000000..a4af8d1358 --- /dev/null +++ b/es/news/_posts/2025-02-04-ruby-3-2-7-released.md @@ -0,0 +1,45 @@ +--- +layout: news_post +title: "Publicado Ruby 3.2.7" +author: nagachika +translator: vtamara +date: 2025-02-04 12:00:00 +0000 +lang: es +--- + +Ruby 3.2.7 ha sido publicado. + +Por favor vea detalles en la +[publiación en GitHub](https://github.com/ruby/ruby/releases/tag/v3_2_7). + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.2.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentarios de la versión + +Muchos contribuyentes, desarrolladores y usuarios que proveyeron +reportes de fallas nos ayudaron a producir esta versión. + +Gracias por sus contribuciones. diff --git a/es/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md b/es/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md new file mode 100644 index 0000000000..eb51e46abf --- /dev/null +++ b/es/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md @@ -0,0 +1,38 @@ +--- +layout: news_post +title: "CVE-2025-25186: vulnerabilidad de dengación de servicio en net-imap" +author: "nevans" +translator: vtamara +date: 2025-02-10 03:00:00 +0000 +tags: security +lang: es +--- + +Hay posibilidad de un ataque de denegación de servicio (DoS) en la +gema net-imap. A esta vulnerabilidad se la ha asignado el identificador +[CVE-2025-25186](https://www.cve.org/CVERecord?id=CVE-2025-25186). +Recomendamos actualizar la gema net-imap. + +## Detalles + +Un servidor malicioso puede enviar un conjunto de datos uid altamente +comprimido que es leído automáticamente por el hilo receptor del cliente. +El analizador de la respuesta usa Range#to_a para convertir el conjunto +de datos uid a un arreglo de enteros, sin limite en el tamaño de los +rangos expandidos. + +Por favor actualizar la gema net-imap a la versión 0.3.8, 0.4.19, 0.5.6 +o posterior. + +## Versiones afectadas + +* Gema net-imap versiones 0.3.2 to 0.3.7, 0.4.0 to 0.4.18, y + 0.5.0 a 0.5.5 (incluida). + +## Créditos + +Gracias a [manun](https://hackerone.com/manun) por descubrir este problema. + +## Historia + +* Publicado originalmente el 2025-02-10 03:00:00 (UTC) diff --git a/es/news/_posts/2025-02-14-ruby-3-4-2-released.md b/es/news/_posts/2025-02-14-ruby-3-4-2-released.md new file mode 100644 index 0000000000..dbae879927 --- /dev/null +++ b/es/news/_posts/2025-02-14-ruby-3-4-2-released.md @@ -0,0 +1,56 @@ +--- +layout: news_post +title: "Publicado Ruby 3.4.2" +author: k0kubun +translator: vtamara +date: 2025-02-14 21:55:17 +0000 +lang: es +--- + +Ruby 3.4.2 ha sido publicado + +Esta es una actualización rutinaria que incluye correciones a fallas. +Por favor vea detalles en las +[notas de publicación en GitHub](https://github.com/ruby/ruby/releases/tag/v3_4_2) + +## Calendario de publicaciones + +Queremos publicar la versión de Ruby estable más recieente (acutalmente +Ruby 3.4) cada 2 meses. +Ruby 3.4.3 será publicado en Abril, 3.4.4 en Junio, 3.4.5 en Agosto, +3.4.6 en Octubre, y 3.4.7 en Diciembre. + +Si hay algún cambio que afecte a un número considerabl de personas, +esas versiones sera publicadas más pronto de lo esperado. + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.4.2" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentario de la versión + +Muchos contribuidores, desarrolladores y usuarios que proveyeron reportes de +fallas nos ayudaron a producir esta versión. + +Gracias por sus contribuciones. diff --git a/es/news/_posts/2025-02-26-security-advisories.md b/es/news/_posts/2025-02-26-security-advisories.md new file mode 100644 index 0000000000..6371bc0367 --- /dev/null +++ b/es/news/_posts/2025-02-26-security-advisories.md @@ -0,0 +1,102 @@ +--- +layout: news_post +title: "Avisos de seguridad: CVE-2025-27219, CVE-2025-27220 y CVE-2025-27221" +author: "hsbt" +translator: vtamara +date: 2025-02-26 07:00:00 +0000 +tags: security +lang: es +--- + +Publicamos avisos de seguridad para CVE-2025-27219, CVE-2025-27220 y +CVE-2025-27221. Por favor vea detalles a continuación. + +## CVE-2025-27219: Denegación de Servicio en `CGI::Cookie.parse`. + +Hay posibilidad de una DoS por la gema cgi. A esta vulnerabilidad se +le ha asignado el identificador +[CVE-2025-27219](https://www.cve.org/CVERecord?id=CVE-2025-27219). +Recomendamos actualizar la gema cgi. + +### Detalles + +`CGI::Cookie.parse` tomaba tiempo super-lineal para analizar una +cadena con una cookie en algunos casos. +Suministrar una cadena de cookie manipulada a ese método podría +conducir a una Denegación de Servicio. + +Por favor actualice la gema CGI a la versión 0.3.5.1, 0.3.7, 0.4.2 o +posterior. + +### Versiones afectadas + +* Gema cgi versiones <= 0.3.5, 0.3.6, 0.4.0 y 0.4.1. + +### Créditos + +Agradecemos a [lio346](https://hackerone.com/lio346) por descubrir +este problema. También agradecemos a +[mame](https://github.com/mame) por corregirlo. + +## CVE-2025-27220: ReDoS en `CGI::Util#escapeElement`. + +Hay posibilidad de una Denegación de Servicio por Expresión Regular (ReDoS) +por parte de la gema cgi. +A esta vulnerabilidad se le ha asignado el identificador +[CVE-2025-27220](https://www.cve.org/CVERecord?id=CVE-2025-27220). +Recomendamos actualizar la gema cgi. + +### Detalles + +La expresión regular usada en `CGI::Util#escapeElement` es +vulnerable a ReDoS. Una entrada diseñada podría conducir a un alto +consumo de CPU. + +Esta vulnerabilidad sólo afecta a Ruby 3.1 y 3.2. Si usa estas versiones, +por favor actualice la gema CGI a la versión 0.3.5.1, 0.3.7, 0.4.2 o posterior. + +### Versiones afectadas + +* Gema cgi versiones <= 0.3.5, 0.3.6, 0.4.0 y 0.4.1. + +### Créditos + +Gracias a [svalkanov](https://hackerone.com/svalkanov) por descubrir +el problma. También gracias a [nobu](https://github.com/nobu) por +corregir esta vulnerabilidad. + +## CVE-2025-27221: fuga de información del usuario en `URI#join`, +`URI#merge` y `URI#+`. + +Hay posibilidad de que se fugue información con la gema uri. A esta +vulnerabilidad se le ha asignado el identificador +[CVE-2025-27221](https://www.cve.org/CVERecord?id=CVE-2025-27221). +Recomendamos actualizar la gema uri. + +### Detalles + +Los métodos `URI#join`, `URI#merge`, y `URI#+` retienen información +del usuario, tales como `user:password`, incluso aún después de que +la máquina es reemplazada. Cuando genera un URL para una máquina +maliciosa a partir de una URL que contenga información de usuario +secreta usando este método, y teniendo que alguien accede a la URL, +podría ocurrir una fuga de datos no intencionada. + +Por favor actualizar la gema URI a las versiones 0.11.3, 0.12.4, 0.13.2, 1.0.3 +o posterior. + +### Versiones Afectadas + +* Gema uri versions < 0.11.3, 0.12.0 to 0.12.3, 0.13.0, 0.13.1 y + 1.0.0 a 1.0.2. + +### Créditos + +Agradecemos a [Tsubasa Irisawa (lambdasawa)](https://hackerone.com/lambdasawa) +por descubrir este problema. También agradecemos a +[nobu](https://github.com/nobu) por correcciones adicionales +para esta vulnerabilidad. + +## Historia + +* Publicado originalmente el 2025-02-26 7:00:00 (UTC) diff --git a/es/news/_posts/2025-03-26-ruby-3-1-7-released.md b/es/news/_posts/2025-03-26-ruby-3-1-7-released.md new file mode 100644 index 0000000000..d03f74557c --- /dev/null +++ b/es/news/_posts/2025-03-26-ruby-3-1-7-released.md @@ -0,0 +1,52 @@ +--- +layout: news_post +title: "Publicado Ruby 3.1.7" +author: hsbt +translator: vtamara +date: 2025-03-26 04:44:27 +0000 +lang: es +--- + +Ruby 3.1.7 ha sido publicado. Esta versión incluye +[correcciones a las fallas CVE-2025-27219, CVE-2025-27220 y CVE-2025-27221](https://www.ruby-lang.org/es/news/2025/02/26/security-advisories/) +y actualiza las gemas incluidas REXML y RSS. + +Por favor vea más detalles en la [publicación en GitHub](https://github.com/ruby/ruby/releases/tag/v3_1_7). + +Esta versión es una versión final de la serie Ruby 3.1. +No proveeremos más actualizaciones ni siquiera de seguridad para la serie +Ruby 3.1. + +Le recomendamos actualizar a las series Ruby 3.3 o 3.4. + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.1.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentario de la versión + +Muchos contribuyentes, desarrolladores y usuarios que proveyeron reportes de +fallas nos ayudaron a producir esta versión. + +Gracias por sus contribuciones. diff --git a/es/news/_posts/2025-03-26-ruby-3-2-8-released.md b/es/news/_posts/2025-03-26-ruby-3-2-8-released.md new file mode 100644 index 0000000000..5ef0b01d97 --- /dev/null +++ b/es/news/_posts/2025-03-26-ruby-3-2-8-released.md @@ -0,0 +1,51 @@ +--- +layout: news_post +title: "Publicado Ruby 3.2.8" +author: hsbt +translator: vtamara +date: 2025-03-26 04:45:01 +0000 +lang: es +--- + +Ruby 3.2.8 ha sido publicado. Esta version incluye +[correcciones a las fallas CVE-2025-27219, CVE-2025-27220 y CVE-2025-27221](https://www.ruby-lang.org/es/news/2025/02/26/security-advisories/). + +Por favor ver más detalles en la [publicación en GitHub](https://github.com/ruby/ruby/releases/tag/v3_2_8). + +Esta versión es la última versión del mantenimiento normal para la serie +Ruby 3.2. Corregiremos sólo fallas de seguridad para la serie Ruby 3.2 hasta +Marzo de 2026. + +Por favor considere actualizar a la serie Ruby 3.3 o 3.4. + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.2.8" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentarios de la versión + +Muchos contribuyentes, desarrolladores y usuarios que proveyeron reportes de +fallas nos ayudaron a producir esta versión. + +Gracias por sus contribuciones. diff --git a/es/news/_posts/2025-04-09-ruby-3-3-8-released.md b/es/news/_posts/2025-04-09-ruby-3-3-8-released.md new file mode 100644 index 0000000000..4244e5f8f7 --- /dev/null +++ b/es/news/_posts/2025-04-09-ruby-3-3-8-released.md @@ -0,0 +1,44 @@ +--- +layout: news_post +title: "Publicado Ruby 3.3.8" +author: nagachika +translator: vtamara +date: 2025-04-09 11:00:00 +0000 +lang: es +--- + +Ruby 3.3.8 ha sido publicado. + +Por favor vea detalles en la [publicación en GitHub](https://github.com/ruby/ruby/releases/tag/v3_3_8). + +## Descargas + +{% assign release = site.data.releases | where: "version", "3.3.8" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentario de la versión + +Muchos contribuyentes, desarrolladores y usuarios que proveyeron reportes de +fallas nos ayudaron a producir esta versión. + +Gracias por sus contribuciones. diff --git a/fr/community/mailing-lists/index.md b/fr/community/mailing-lists/index.md index e399c3cd10..9413111715 100644 --- a/fr/community/mailing-lists/index.md +++ b/fr/community/mailing-lists/index.md @@ -29,10 +29,10 @@ Ruby-CVS ## S’inscrire ou résilier son inscription -[S’inscrire ou résilier son inscription](https://ml.ruby-lang.org/mailman3/postorius/lists/) +[S’inscrire ou résilier son inscription](https://ml.ruby-lang.org/mailman3/lists/) -[4]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-talk@ml.ruby-lang.org/ -[5]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-core@ml.ruby-lang.org/ -[6]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-doc@ml.ruby-lang.org/ +[4]: https://ml.ruby-lang.org/archives/list/ruby-talk@ml.ruby-lang.org/ +[5]: https://ml.ruby-lang.org/archives/list/ruby-core@ml.ruby-lang.org/ +[6]: https://ml.ruby-lang.org/archives/list/ruby-doc@ml.ruby-lang.org/ diff --git a/fr/documentation/quickstart/3/index.md b/fr/documentation/quickstart/3/index.md index b9d2d5a791..9c4c3f68dc 100644 --- a/fr/documentation/quickstart/3/index.md +++ b/fr/documentation/quickstart/3/index.md @@ -111,7 +111,7 @@ pour accéder aux variables d’instances : irb(main):044:0> class Greeter irb(main):045:1> attr_accessor :name irb(main):046:1> end -=> nil +=> [:name, :name=] {% endhighlight %} Il semblerait que nous ayons défini une seconde fois la classe diff --git a/fr/news/_posts/2009-05-14-sortie-de-ruby-1-9-1-p129.md b/fr/news/_posts/2009-05-14-sortie-de-ruby-1-9-1-p129.md index c36ba10856..511af6d5b8 100644 --- a/fr/news/_posts/2009-05-14-sortie-de-ruby-1-9-1-p129.md +++ b/fr/news/_posts/2009-05-14-sortie-de-ruby-1-9-1-p129.md @@ -13,19 +13,19 @@ d\'installer cette mise-à-jour. #### Téléchargement -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.bz2>][1] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.bz2>][1] SIZE: 7183891 bytes MD5: 6fa62b20f72da471195830dec4eb2013 SHA256: cb730f035aec0e3ac104d23d27a79aa9625fdeb115dae2295de65355f449ce27 -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.gz>][2] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.gz>][2] SIZE: 9034947 bytes MD5: c71f413514ee6341c627be2957023a5c SHA256: 27b7a8ace1d17cec237020ae9355230b53f8c3875f8d942de903e7d58d14253b -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.zip>][3] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.zip>][3] SIZE: 10299369 bytes MD5: 156305e9633758eb60b419fabc33b6e4 @@ -43,6 +43,6 @@ $SAFE > 0 -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.bz2 -[2]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.gz -[3]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.zip +[1]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.bz2 +[2]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.gz +[3]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.zip diff --git a/fr/news/_posts/2025-02-14-ruby-3-4-2-released.md b/fr/news/_posts/2025-02-14-ruby-3-4-2-released.md new file mode 100644 index 0000000000..dd439e7001 --- /dev/null +++ b/fr/news/_posts/2025-02-14-ruby-3-4-2-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.4.2 est disponible" +author: k0kubun +translator: "Florent Drousset" +date: 2025-02-14 21:55:17 +0000 +lang: fr +--- + +Ruby 3.4.2 est disponible. + +Ceci est une mise à jour de routine incluant des corrections de bugs. +Veuillez vous référer aux [release notes sur GitHub](https://github.com/ruby/ruby/releases/tag/v3_4_2) pour plus de détails. + +## Calendrier de publication + +Nous prévoyons de publier la version stable la plus récente de Ruby (actuellement la 3.4) tous les deux mois. +Ruby 3.4.3 sortira en avril, 3.4.4 en juin, 3.4.5 en août, 3.4.6 en octobre et 3.4.7 en décembre. + +Si un changement affecte un grand nombre d’utilisateurs, certaines de ces versions pourraient être publiées plus tôt que prévu. + +## Téléchargement + +{% assign release = site.data.releases | where: "version", "3.4.2" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Commentaire sur la version + +Grâce aux nombreux contributeurs, développeurs et utilisateurs qui ont fourni des rapports de bugs, nous avons pu réaliser cette version. +Merci à tous pour leurs contributions. diff --git a/fr/news/_posts/2025-02-26-security-advisories.md b/fr/news/_posts/2025-02-26-security-advisories.md new file mode 100644 index 0000000000..b06161e47a --- /dev/null +++ b/fr/news/_posts/2025-02-26-security-advisories.md @@ -0,0 +1,70 @@ +--- +layout: news_post +title: "Avis de sécurité : CVE-2025-27219, CVE-2025-27220 et CVE-2025-27221" +author: "hsbt" +translator: "Florent Drousset" +date: 2025-02-26 07:00:00 +0000 +tags: security +lang: fr +--- + +Nous avons publié des avis de sécurité pour CVE-2025-27219, CVE-2025-27220 et CVE-2025-27221. Veuillez lire les détails ci-dessous. + +## CVE-2025-27219 : Déni de service dans `CGI::Cookie.parse`. + +Une possibilité de déni de service (DoS) existe dans la gem cgi. Cette vulnérabilité a été assignée à l'identifiant CVE [CVE-2025-27219](https://www.cve.org/CVERecord?id=CVE-2025-27219). Nous recommandons de mettre à jour la gem cgi. + +### Détails + +La méthode `CGI::Cookie.parse` prenait un temps super-linéaire pour analyser certaines chaînes de cookies. L’insertion d’une chaîne de cookies conçue à des fins malveillantes pouvait entraîner un déni de service. + +Veuillez mettre à jour la gem CGI vers la version 0.3.5.1, 0.3.7, 0.4.2 ou une version ultérieure. + +### Versions affectées + +* Versions de la gem cgi <= 0.3.5, 0.3.6, 0.4.0 et 0.4.1. + +### Remerciements + +Merci à [lio346](https://hackerone.com/lio346) pour avoir découvert ce problème. Merci également à [mame](https://github.com/mame) pour avoir corrigé cette vulnérabilité. + +## CVE-2025-27220 : ReDoS dans `CGI::Util#escapeElement`. + +Une possibilité de déni de service par expression régulière (ReDoS) existe dans la gem cgi. Cette vulnérabilité a été assignée à l'identifiant CVE [CVE-2025-27220](https://www.cve.org/CVERecord?id=CVE-2025-27220). Nous recommandons de mettre à jour la gem cgi. + +### Détails + +L'expression régulière utilisée dans `CGI::Util#escapeElement` est vulnérable à une attaque ReDoS. Une entrée malveillante pouvait entraîner une forte consommation du processeur. + +Cette vulnérabilité affecte uniquement Ruby 3.1 et 3.2. Si vous utilisez ces versions, veuillez mettre à jour la gem cgi vers la version 0.3.5.1, 0.3.7, 0.4.2 ou une version ultérieure. + +### Versions affectées + +* Versions de la gem cgi <= 0.3.5, 0.3.6, 0.4.0 et 0.4.1. + +### Remerciements + +Merci à [svalkanov](https://hackerone.com/svalkanov) pour avoir découvert ce problème. Merci également à [nobu](https://github.com/nobu) pour avoir corrigé cette vulnérabilité. + + +## CVE-2025-27221 : Fuite d’informations utilisateur dans `URI#join`, `URI#merge` et `URI#+`. + +Une possibilité de fuite d’informations utilisateur existe dans la gem `uri`. Cette vulnérabilité a été assignée à l'identifiant CVE [CVE-2025-27221](https://www.cve.org/CVERecord?id=CVE-2025-27221). Nous recommandons de mettre à jour la gem `uri`. + +### Détails + +Les méthodes `URI#join`, `URI#merge` et `URI#+` conservaient les informations utilisateur (comme `user:password`), même après remplacement de l’hôte. Lorsqu’une URL contenant des informations sensibles était utilisée pour générer une URL vers un hôte malveillant via ces méthodes, une fuite involontaire des informations utilisateur pouvait se produire. + +Veuillez mettre à jour la gem URI vers la version 0.11.3, 0.12.4, 0.13.2, 1.0.3 ou une version ultérieure. + +### Versions affectées + +* Versions de la gem uri < 0.11.3, 0.12.0 à 0.12.3, 0.13.0, 0.13.1 et 1.0.0 à 1.0.2. + +### Remerciements + +Merci à [Tsubasa Irisawa (lambdasawa)](https://hackerone.com/lambdasawa) pour avoir découvert ce problème. Merci également à [nobu](https://github.com/nobu) pour les corrections supplémentaires apportées à cette vulnérabilité. + +## Historique + +* Publié initialement le 26-02-2025 à 7:00:00 (UTC). diff --git a/id/community/mailing-lists/index.md b/id/community/mailing-lists/index.md index 8820394a76..ab284eccce 100644 --- a/id/community/mailing-lists/index.md +++ b/id/community/mailing-lists/index.md @@ -42,7 +42,7 @@ termasuk daftar milis dalam bahasa Jepang. ## Mulai atau Berhenti Berlangganan -[Mulai atau Berhenti Berlangganan](https://ml.ruby-lang.org/mailman3/postorius/lists/) +[Mulai atau Berhenti Berlangganan](https://ml.ruby-lang.org/mailman3/lists/) @@ -51,7 +51,7 @@ termasuk daftar milis dalam bahasa Jepang. [1]: http://id.wikipedia.org/wiki/Milis "Group diskusi di internet dimana setiap orang bisa berlangganan dan berpartisipasi didalamnya." [2]: http://groups.yahoo.com/group/id-ruby/ [3]: http://www.mail-archive.com/id-ruby@yahoogroups.com/ -[4]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-talk@ml.ruby-lang.org/ -[5]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-core@ml.ruby-lang.org/ -[6]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-doc@ml.ruby-lang.org/ +[4]: https://ml.ruby-lang.org/archives/list/ruby-talk@ml.ruby-lang.org/ +[5]: https://ml.ruby-lang.org/archives/list/ruby-core@ml.ruby-lang.org/ +[6]: https://ml.ruby-lang.org/archives/list/ruby-doc@ml.ruby-lang.org/ [rubytalk]: https://rubytalk.org/ diff --git a/id/community/podcasts/index.md b/id/community/podcasts/index.md index 1fab7ea77a..5696d7ca02 100644 --- a/id/community/podcasts/index.md +++ b/id/community/podcasts/index.md @@ -31,6 +31,6 @@ Anda juga dapat memulai *podcast* Ruby sendiri and menambahkan pada daftar berikut! [rooftop_ruby]: https://www.rooftopruby.com -[remote_ruby]: https://remoteruby.transistor.fm/ +[remote_ruby]: https://www.remoteruby.com [rorpodcast]: https://www.therubyonrailspodcast.com [rogues]: https://rubyrogues.com diff --git a/id/documentation/index.md b/id/documentation/index.md index 6eb137a7ac..8e059ba9fc 100644 --- a/id/documentation/index.md +++ b/id/documentation/index.md @@ -112,8 +112,6 @@ Berikut adalah daftar kakas populer yang digunakan oleh para pengguna Ruby: * Pada Windows: * [Notepad++][29] - * [E-TextEditor][30] - * [Ruby In Steel][31] * Pada macOS: * [TextMate][32] @@ -156,8 +154,6 @@ adalah tempat yang baik untuk memulai. [27]: http://www.jetbrains.com/ruby/ [28]: http://www.scintilla.org/SciTE.html [29]: http://notepad-plus-plus.org/ -[30]: http://www.e-texteditor.com/ -[31]: http://www.sapphiresteel.com/ [32]: http://macromates.com/ [33]: https://www.barebones.com/products/bbedit/ [34]: http://ruby-doc.org diff --git a/id/documentation/quickstart/3/index.md b/id/documentation/quickstart/3/index.md index 6d671adca3..45720828e4 100644 --- a/id/documentation/quickstart/3/index.md +++ b/id/documentation/quickstart/3/index.md @@ -106,7 +106,7 @@ Ruby menyediakan cara yang mudah untuk mengakses variabel objek. irb(main):044:0> class Greeter irb(main):045:1> attr_accessor :name irb(main):046:1> end -=> nil +=> [:name, :name=] {% endhighlight %} Di Ruby, Anda dapat membuka lagi sebuah kelas dan memodifikasi kelas tersebut. diff --git a/id/news/_posts/2015-07-14-rubyconftw-2015-call-for-proposals.md b/id/news/_posts/2015-07-14-rubyconftw-2015-call-for-proposals.md index 72e59b1001..13b7afa28a 100644 --- a/id/news/_posts/2015-07-14-rubyconftw-2015-call-for-proposals.md +++ b/id/news/_posts/2015-07-14-rubyconftw-2015-call-for-proposals.md @@ -16,7 +16,7 @@ September di Taipei, Taiwan, sebuah pulau tropis yang berlokasi di jantung Benua dan [Ruddy Lee](https://ruddyblog.wordpress.com) dikonfirmasi menjadi pembicara utama. [CFP is open](http://rubytaiwan.kktix.cc/events/rubyconftw2015-cfp) hingga 20 Juli (GMT +8) dan -[Lightening talk CFP](http://rubytaiwan.kktix.cc/events/rubyconftw2015-ltcfp) +[Lightning talk CFP](http://rubytaiwan.kktix.cc/events/rubyconftw2015-ltcfp) dibuka hingga 10 Agustus (GMT +8). Jika Anda ingin memberikan sebuah seminar, mohon ajukan proposal Anda. Semua topik yang berkaitan dengan diff --git a/id/news/_posts/2018-05-31-ruby-2-6-0-preview2-released.md b/id/news/_posts/2018-05-31-ruby-2-6-0-preview2-released.md index 1477d6390b..840505befa 100644 --- a/id/news/_posts/2018-05-31-ruby-2-6-0-preview2-released.md +++ b/id/news/_posts/2018-05-31-ruby-2-6-0-preview2-released.md @@ -75,7 +75,7 @@ Kesesuaian struktur dari AST *node* tidak dijamin. Sebuah endless range, `(1..)`, diperkenalkan. Ini berjalan tanpa ada akhirnya. Biasanya digunakan untuk kasus: ary[1..] # identik dengan ary[1..-1] tanpa magical -1 - (1..).each {|index| ... } # inifinite loop dari indeks 1 + (1..).each {|index| ... } # infinite loop dari indeks 1 ary.zip(1..) {|elem, index| ... } # ary.each.with_index(1) { ... } * Menambahkan `Binding#source_location`. [[Feature #14230]](https://bugs.ruby-lang.org/issues/14230) diff --git a/id/news/_posts/2018-11-06-ruby-2-6-0-preview3-released.md b/id/news/_posts/2018-11-06-ruby-2-6-0-preview3-released.md index 6975fe3bbf..a67e7899d4 100644 --- a/id/news/_posts/2018-11-06-ruby-2-6-0-preview3-released.md +++ b/id/news/_posts/2018-11-06-ruby-2-6-0-preview3-released.md @@ -68,7 +68,7 @@ Kesesuaian struktur dari AST *node* tidak dijamin. Sebuah endless range, `(1..)`, diperkenalkan. Ini berjalan tanpa ada akhirnya. Biasanya digunakan untuk kasus: ary[1..] # identik dengan ary[1..-1] tanpa magical -1 - (1..).each {|index| ... } # inifinite loop dari indeks 1 + (1..).each {|index| ... } # infinite loop dari indeks 1 ary.zip(1..) {|elem, index| ... } # ary.each.with_index(1) { ... } * Menambahkan `Binding#source_location`. [[Feature #14230]](https://bugs.ruby-lang.org/issues/14230) diff --git a/id/news/_posts/2018-12-06-ruby-2-6-0-rc1-released.md b/id/news/_posts/2018-12-06-ruby-2-6-0-rc1-released.md index d5bc935f88..6c38b25fde 100644 --- a/id/news/_posts/2018-12-06-ruby-2-6-0-rc1-released.md +++ b/id/news/_posts/2018-12-06-ruby-2-6-0-rc1-released.md @@ -68,7 +68,7 @@ eksperimental. Kesesuaian struktur dari AST *node* tidak dijamin. Sebuah endless range, `(1..)`, diperkenalkan. Ini berjalan tanpa ada akhirnya. Biasanya digunakan untuk kasus: ary[1..] # identik dengan ary[1..-1] tanpa magical -1 - (1..).each {|index| ... } # inifinite loop dari indeks 1 + (1..).each {|index| ... } # infinite loop dari indeks 1 ary.zip(1..) {|elem, index| ... } # ary.each.with_index(1) { ... } * Menambahkan `Binding#source_location`. [[Feature #14230]](https://bugs.ruby-lang.org/issues/14230) diff --git a/id/news/_posts/2018-12-15-ruby-2-6-0-rc2-released.md b/id/news/_posts/2018-12-15-ruby-2-6-0-rc2-released.md index 804238a15c..d2784f3207 100644 --- a/id/news/_posts/2018-12-15-ruby-2-6-0-rc2-released.md +++ b/id/news/_posts/2018-12-15-ruby-2-6-0-rc2-released.md @@ -69,7 +69,7 @@ eksperimental. Kesesuaian struktur dari AST *node* tidak dijamin. Sebuah endless range, `(1..)`, diperkenalkan. Ini berjalan tanpa ada akhirnya. Biasanya digunakan untuk kasus: ary[1..] # identik dengan ary[1..-1] tanpa magical -1 - (1..).each {|index| ... } # inifinite loop dari indeks 1 + (1..).each {|index| ... } # infinite loop dari indeks 1 ary.zip(1..) {|elem, index| ... } # ary.each.with_index(1) { ... } * Menambahkan `Binding#source_location`. [[Feature #14230]](https://bugs.ruby-lang.org/issues/14230) diff --git a/id/news/_posts/2018-12-25-ruby-2-6-0-released.md b/id/news/_posts/2018-12-25-ruby-2-6-0-released.md index 4b2b81bf97..ed8781ebf7 100644 --- a/id/news/_posts/2018-12-25-ruby-2-6-0-released.md +++ b/id/news/_posts/2018-12-25-ruby-2-6-0-released.md @@ -68,7 +68,7 @@ eksperimental. Sebuah endless range, `(1..)`, berjalan tanpa ada akhirnya. Biasanya digunakan untuk kasus: ary[1..] # identik dengan ary[1..-1] tanpa magical -1 - (1..).each {|index| ... } # inifinite loop dari indeks 1 + (1..).each {|index| ... } # infinite loop dari indeks 1 ary.zip(1..) {|elem, index| ... } # ary.each.with_index(1) { ... } * Menambahkan `Enumerable#chain` dan `Enumerator#+`. [[Feature #15144]](https://bugs.ruby-lang.org/issues/15144) diff --git a/id/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md b/id/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md new file mode 100644 index 0000000000..6c69e4cd83 --- /dev/null +++ b/id/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md @@ -0,0 +1,308 @@ +--- +layout: news_post +title: "Ruby 3.3.0-preview3 Dirilis" +author: "naruse" +translator: "meisyal" +date: 2023-11-12 00:00:00 +0000 +lang: id +--- + +{% assign release = site.data.releases | where: "version", "3.3.0-preview3" | first %} +Kami dengan senang hati mengumumkan rilis dari Ruby {{ release.version }}. +Ruby 3.3 menambahkan sebuah *parser* baru yang bernama Prism, menggunakan Lrama +sebagai *parser generator*, menambahkan *pure-Ruby* JIT *compiler* baru +yang bernama RJIT, dan memperbaiki performa khususnya YJIT. + +## Prism + +* Memperkenalkan [the Prism parser](https://github.com/ruby/prism) sebagai *default gem* + * Prism adalah sebuah *parser* yang *portable*, *error tolerant*, dan *maintainable recursive descent* untuk Ruby +* Prism siap digunakan di *production* dan aktif dirawat, Anda dapat menggunakannya sebagai pengganti Ripper + * Ada [extensive documentation](https://ruby.github.io/prism/) untuk menggunakan Prism + * Prism adalah sebuah pustaka bahasa C yang digunakan secara internal oleh CRuby dan sebuah Ruby *gem* yang digunakan untuk mem-*parse* kode Ruby + * Beberapa *method* penting pada Prism API: + * `Prism.parse(source)` yang mengembalikan AST sebagai bagian dari ParseResult + * `Prism.dump(source)` yang mengembalikan *serialized* AST sebagai sebuah String + * `Prism.parse_comments(source)` yang mengembalikan komentar pada kode +* Anda dapat membuat *pull request* atau melaporkan isu secara langsung pada [the Prism repository](https://github.com/ruby/prism) jika Anda tertarik untuk berkontribusi + +## Menggunakan Lrama ketimbang Bison + +* Mengganti Bison dengan [Lrama LALR parser generator](https://github.com/yui-knk/lrama) [Feature #19637](https://bugs.ruby-lang.org/issues/19637) + * Jika Anda tertarik, silakan lihat [The future vision of Ruby Parser](https://rubykaigi.org/2023/presentations/spikeolaf.html) + * Internal *parser* dari Lrama digantikan dengan LR yang dihasilkan oleh Racc untuk *maintainability* + * *Parameterizing Rule* `(?, *, +)` didukung, ini akan digunakan di Ruby parse.y + +## RJIT + +* Memperkenalkan sebuah *pure-Ruby* JIT *compiler* dan menggantikan MJIT. + * RJIT hanya mendukung arsitektur x86-64 pada *platform Unix*. + * Berbeda dengan MJIT, RJIT tidak memerlukan sebuah *compiler* C saat *runtime*. +* RJIT ada hanya untuk tujuan eksperimen. + * Anda seharusnya tetap menggunakan YJIT pada *production*. +* Jika Anda tertarik untuk mengembangkan JIT pada Ruby, silakan cek [k0kubun's presentation on Day 3 of RubyKaigi](https://rubykaigi.org/2023/presentations/k0kubun.html#day3). + +## YJIT + +* Peningkatan performa yang signifikan dibanding Ruby 3.2 + * Dukungan *splat* dan *rest argument* telah ditingkatkan. + * *Register* dialokasikan untuk operasi *stack* dari *virtual machine*. + * Pemanggilan dengan *optional argument* dikompilasi. + * *Exception handler* juga dikompilasi. + * *Instant variable* tidak lagi keluar ke *intepreter* dengan *Object Shapes* + yang sangat besar. + * *Call type* yang tidak didukung tidak lagi keluar ke *interpreter*. + * `Integer#!=`, `String#!=`, `Kernel#block_given?`, `Kernel#is_a?`, + `Kernel#instance_of?`, `Module#===` dioptimisasi. + * Sekarang 3x lebih cepat dibanding *interpreter* pada optcarrot! +* Peningkatan penggunakan *memory* secara signifikan + * *Metadata* dari kode yang dikompilasi menggunakan *memory* lebih sedikit. + * Peningkatan *code generation* pada ARM64 +* Kecepatan kompilasi sedikit lebih cepat dibanding Ruby 3.2 +* Menambahkan `RubyVM::YJIT.enable` untuk mengaktifkan YJIT saat *run-time* + * Anda dapat menjalankan YJIT tanpa memodifikasi argumen *command-line* atau *environment variable* + * Ini dapat digunakan untuk mengaktifkan YJIT saat aplikasi Anda selesai *booting*. + `--yjit-disable` dapat digunakan jika Anda tidak ingin mengaktifkan YJIT + ketika aplikasi *booting*. +* Opsi untuk menonaktifkan kode GC dan memperlakukan `--yjit-exec-mem-size` sebagai sebuah batas keras + * Dapat menghasilkan perilaku *copy-on-write* lebih baik pada *server* yang menggunakan unicorn dan *forking* +* `ratio_in_yjit` yang dihasilkan oleh `--yjit-stats` sekarang tersedia pada + rilis *build*, data khusus atau dev *build* tidak lagi diperlukan. +* Opsi *exit tracing* sekarang mendukung *sampling* + * `--trace-exits-sample-rate=N` +* `--yjit-perf` ditambahkan untuk memfasilitasi *profiling* dengan Linux perf. +* Pengujian lebih saksama dan perbaikan beberapa *bug* + +### M:N thread scheduler + +* M:N *thread scheduler* diperkenalkan. [[Feature #19842]](https://bugs.ruby-lang.org/issues/19842) + * M Ruby *thread* diatur oleh N *native thread* (OS *thread*) sehingga pembuatan *thread* dan + manajemen berkurang. + * Ini dapat merusak kompatibilitas dengan C-*extension* sehingga M:N *thread* dinonaktifkan + pada *main* dari Ractor secara *default*. + * *Environment variable* `RUBY_MN_THREADS=1` mengaktifkan M:N *thread* pada *main* dari Ractor. + * M:N *thread* diaktifkan pada selain *main* dari Ractor. + * *Environment variable* `RUBY_MAX_CPU=n` menetapkan jumlah maksimum dari `N` (jumlah maksimum dari *native thread*). Nilai *default* adalah 8. + * Karena hanya ada satu Ruby *thread* untuk setiap Ractor yang dapat berjalan bersamaan, + jumlah *native thread* yang digunakan, yang mana lebih kecil dari jumlah yang dispesifikasikan pada + `RUBY_MAX_CPU` dan jumlah dari Ractor yang sedang berjalan. Sehingga, aplikasi Ractor tunggal (mayoritas aplikasi) + akan menggunakan satu *native thread*. + * Untuk mendukung operasi *blocking*, lebih dari `N` *native thread* dapat digunakan. + +## Fitur Penting Lainnya + + + +### Bahasa + + + +## Perbaikan performa + +* `defined?(@ivar)` dioptimisasi dengan *Object Shapes*. +* *Name resolution* seperti `Socket.getaddrinfo` sekarang dapat diinterupsi (pada *environment* di mana pthread tersedia). [Feature #19965](https://bugs.ruby-lang.org/issues/19965) + * Untuk tujuan ini, sebuah pthread sekarang dibuat setiap kali ada pemanggilan getaddrinfo atau getnameinfo. + Ini menimbulkan *overhead* pada *name resolution* (sekitar 2.5x pada eksperimen kami). + Kami tidak mengharapkan *overhead* menjadi sebuah masalah pada kebanyakan aplikasi, namun jika Anda menemui atau + melihat hasil yang tidak diharapkan karena perubahan tersebut, mohon laporkan. +* *Environment variable* `RUBY_GC_HEAP_REMEMBERED_WB_UNPROTECTED_OBJECTS_LIMIT_RATIO` telah ditambahkan. [Feature #19571](https://bugs.ruby-lang.org/issues/19571) +* *Children* dari *object* lama tidak lagi dipromosikan ke generasi lama pada *garbage collector*. [Feature #19678](https://bugs.ruby-lang.org/issues/19678) +* Dukungan untuk *weak reference* telah ditambahkan pada *garbage collector*. [Feature #19783](https://bugs.ruby-lang.org/issues/19783) + +## Perubahan penting lainnya sejak 3.2 + +### IRB + +IRB mendapatkan beberapa peningkatan berikut, namun tidak terbatas pada: + +- Integrasi `irb:rdbg` yang menyediakan pengalaman *deugging* setara dengan `pry-byebug` ([doc](https://github.com/ruby/irb#debugging-with-irb)). +- Dukungan *pager* untuk perintah, seperti `ls`, `show_source`, dan `show_cmds`. +- Menyediakan informasi yang lebih akurat dan membantu dengan perintah `ls` dan `show_source`. +- Eksperimen *autocompletion* menggunakan *type analysis* ([doc](https://github.com/ruby/irb#type-based-completion)). +- Sekarang memungkinkan untuk mengubah warna dan gaya *font* pada *completion dialog* dengan mengenalkan *class* Reline::Face ([doc](https://github.com/ruby/ruby/blob/master/doc/reline/face.md)) + +Sebagai tambahan, IRB telah menjalani *refactoring* yang ekstensif dan menerima +perbaikan *bug* untuk memfasilitasi peningkatan ke depan dengan lebih mudah. + +## Isu kompatibilitas + +Catatan: Tidak termasuk perbaikan *bug* dari fitur. + +### Constant terhapus + +Berikut ini adalah *constant* yang telah dihapus. + + + +### Method terhapus + +Berikut ini adalah *method* yang telah dihapus. + +### Environment variable terhapus + +Berikut adalah *environment variable* yang telah dihapus. + +* *Environment variable* `RUBY_GC_HEAP_INIT_SLOTS` tidak digunakan lagi. Mohon gunakan `RUBY_GC_HEAP_{0,1,2,3,4}_INIT_SLOTS`. [Feature #19785](https://bugs.ruby-lang.org/issues/19785) + +## Isu kompatibilitas Stdlib + +### `ext/readline` dipensiunkan + +* Kami memiliki `reline` yang merupakan implementasi Ruby murni dan kompatibel + dengan `ext/readline` API. Kami bergantung pada `reline` di masa depan. Jika + Anda perlu untuk menggunakan `ext/readline`, Anda dapat memasang `ext/readline` + melalui rubygems.org dengan `gem install readline-ext`. +* Kami tidak lagi memasang pustaka, seperti `libreadline` atau `libedit`. + +## Pembaruan C API + +### C API diperbarui + +Berikut adalah API yang telah diperbarui. + + + +### C API terhapus + +Berikut adalah API yang telah dihapus. + + + +## Pembaruan pustaka standar + +RubyGems dan Bundler memperingatkan jika pengguna membutuhkan *gem* yang dijadwalkan +akan menjadi *bundled gem* pada Ruby versi berikutnya. + +Pustaka yang ditargetkan: + * abbrev + * base64 + * bigdecimal + * csv + * drb + * getoptlong + * mutex_m + * nkf + * observer + * racc + * resolv-replace + * rinda + * syslog + +Berikut adalah *default gem* yang telah ditambahkan. + +* prism 0.15.1 + +Berikut adalah *default gem* yang telah diperbarui. + +* RubyGems 3.5.0.dev +* base64 0.2.0 +* benchmark 0.3.0 +* bigdecimal 3.1.5 +* bundler 2.5.0.dev +* cgi 0.4.0 +* csv 3.2.8 +* date 3.3.4 +* delegate 0.3.1 +* drb 2.2.0 +* english 0.8.0 +* erb 4.0.3 +* etc 1.4.3.dev.1 +* fcntl 1.1.0 +* fiddle 1.1.2 +* fileutils 1.7.2 +* find 0.2.0 +* getoptlong 0.2.1 +* io-console 0.6.1.dev +* irb 1.8.3 +* logger 1.6.0 +* mutex_m 0.2.0 +* net-http 0.4.0 +* net-protocol 0.2.2 +* nkf 0.1.3 +* observer 0.1.2 +* open-uri 0.4.0 +* open3 0.2.0 +* openssl 3.2.0 +* optparse 0.4.0 +* ostruct 0.6.0 +* pathname 0.3.0 +* pp 0.5.0 +* prettyprint 0.2.0 +* pstore 0.1.3 +* psych 5.1.1.1 +* rdoc 6.6.0 +* reline 0.3.9 +* rinda 0.2.0 +* securerandom 0.3.0 +* shellwords 0.2.0 +* singleton 0.2.0 +* stringio 3.0.9 +* strscan 3.0.7 +* syntax_suggest 1.1.0 +* tempfile 0.2.0 +* time 0.3.0 +* timeout 0.4.1 +* tmpdir 0.2.0 +* tsort 0.2.0 +* un 0.3.0 +* uri 0.13.0 +* weakref 0.1.3 +* win32ole 1.8.10 +* yaml 0.3.0 +* zlib 3.1.0 + +Berikut adalah *bundled gem* yang dipromosikan dari *default gem*. + +* racc 1.7.3 + +Berikut adalah *bundled gem* yang telah diperbarui. + +* minitest 5.20.0 +* rake 13.1.0 +* test-unit 3.6.1 +* rexml 3.2.6 +* rss 0.3.0 +* net-imap 0.4.4 +* net-smtp 0.4.0 +* rbs 3.2.2 +* typeprof 0.21.8 +* debug 1.8.0 + +Lihat rilis GitHub, seperti [Logger](https://github.com/ruby/logger/releases) +atau *changelog* untuk detail dari *default gem* atau *bundled gem*. + +Lihat [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +atau [commit logs](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }}) +untuk lebih detail. + +Dengan perubahan tersebut, [{{ release.stats.files_changed }} berkas berubah, {{ release.stats.insertions }} sisipan(+), {{ release.stats.deletions }} terhapus(-)](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }}#file_bucket) +sejak Ruby 3.2.0! + +## Unduh + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Apa itu Ruby + +Ruby pertama kali dikembangkan oleh Matz (Yukihiro Matsumoto) pada 1993 +dan sekarang dikembangkan sebagai *Open Source*. Ruby berjalan pada berbagai +*platform* dan digunakan di seluruh dunia, khususnya pengembangan *web*. diff --git a/images/sponsor/1password.png b/images/sponsor/1password.png new file mode 100644 index 0000000000..aa55858738 Binary files /dev/null and b/images/sponsor/1password.png differ diff --git a/images/sponsor/aws.png b/images/sponsor/aws.png new file mode 100644 index 0000000000..facf721d03 Binary files /dev/null and b/images/sponsor/aws.png differ diff --git a/images/sponsor/dd.png b/images/sponsor/dd.png new file mode 100644 index 0000000000..934f62dfb0 Binary files /dev/null and b/images/sponsor/dd.png differ diff --git a/images/sponsor/fastly.png b/images/sponsor/fastly.png new file mode 100644 index 0000000000..eb35d52453 Binary files /dev/null and b/images/sponsor/fastly.png differ diff --git a/images/sponsor/heroku.png b/images/sponsor/heroku.png new file mode 100644 index 0000000000..9df19af979 Binary files /dev/null and b/images/sponsor/heroku.png differ diff --git a/images/sponsor/mackerel.png b/images/sponsor/mackerel.png new file mode 100644 index 0000000000..2d1b5ce12e Binary files /dev/null and b/images/sponsor/mackerel.png differ diff --git a/images/sponsor/ra.png b/images/sponsor/ra.png new file mode 100644 index 0000000000..a6fc8df6bf Binary files /dev/null and b/images/sponsor/ra.png differ diff --git a/images/sponsor/ruby-no-kai.png b/images/sponsor/ruby-no-kai.png new file mode 100644 index 0000000000..e8a56ad95e Binary files /dev/null and b/images/sponsor/ruby-no-kai.png differ diff --git a/it/community/mailing-lists/index.md b/it/community/mailing-lists/index.md index 5aa4c6e761..f3db1cdcfe 100644 --- a/it/community/mailing-lists/index.md +++ b/it/community/mailing-lists/index.md @@ -28,10 +28,10 @@ Ruby-CVS ## Iscriviti o annulla la tua iscrizione -(Iscriviti o annulla la tua iscrizione)[https://ml.ruby-lang.org/mailman3/postorius/lists/] +(Iscriviti o annulla la tua iscrizione)[https://ml.ruby-lang.org/mailman3/lists/] -[4]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-talk@ml.ruby-lang.org/ -[5]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-core@ml.ruby-lang.org/ -[6]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-doc@ml.ruby-lang.org/ +[4]: https://ml.ruby-lang.org/archives/list/ruby-talk@ml.ruby-lang.org/ +[5]: https://ml.ruby-lang.org/archives/list/ruby-core@ml.ruby-lang.org/ +[6]: https://ml.ruby-lang.org/archives/list/ruby-doc@ml.ruby-lang.org/ diff --git a/it/documentation/index.md b/it/documentation/index.md index f624e05832..e0024b6c67 100644 --- a/it/documentation/index.md +++ b/it/documentation/index.md @@ -103,11 +103,10 @@ Questa è una lista dei tool più comunemente usati dagli sviluppatori Ruby: * [SciTe][28] * [NetBeans][36] * [Sublime Text][37] + * [Visual Studio Code][vscode] con [Ruby LSP][41] plugin * Per Windows: * [Notepad++][29] - * [E-TextEditor][30] - * [Ruby In Steel][31] * Per macOS: * [TextMate][32] @@ -148,8 +147,6 @@ iniziare. [27]: http://www.jetbrains.com/ruby/ [28]: http://www.scintilla.org/SciTE.html [29]: http://notepad-plus-plus.org/ -[30]: http://www.e-texteditor.com/ -[31]: http://www.sapphiresteel.com/ [32]: http://macromates.com/ [33]: https://www.barebones.com/products/bbedit/ [34]: http://ruby-doc.org @@ -158,3 +155,5 @@ iniziare. [38]: https://learncodethehardway.org/ruby/ [39]: https://corsidia.com/materia/programmazione/imparare-a-programmare [40]: http://kapeli.com/dash +[vscode]: https://code.visualstudio.com/ +[41]: https://marketplace.visualstudio.com/items?itemName=Shopify.ruby-lsp diff --git a/it/documentation/quickstart/3/index.md b/it/documentation/quickstart/3/index.md index ce29706244..3f7b14d29d 100644 --- a/it/documentation/quickstart/3/index.md +++ b/it/documentation/quickstart/3/index.md @@ -101,7 +101,7 @@ per permetterci di accedere alle variabili di un oggetto. irb(main):044:0> class PersonaCordiale irb(main):045:1> attr_accessor :nome irb(main):046:1> end -=> nil +=> [:nome, :nome=] {% endhighlight %} In Ruby, puoi aprire una classe e modificarla. I cambiamenti vengono diff --git a/it/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md b/it/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md index 0486dffd8e..b54e3f6515 100644 --- a/it/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md +++ b/it/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md @@ -31,19 +31,19 @@ Potete leggere la segnalazione originale sul bug tracker: ## Download -* +* SIZE: 9081661 bytes MD5: 8ba4aaf707023e76f80fc8f455c99858 SHA256: 6d3487ea8a86ad0fa78a8535078ff3c7a91ca9f99eff0a6a08e66c6e6bf2040f -* +* SIZE: 11416473 bytes MD5: 4b9330730491f96b402adc4a561e859a SHA256: 23ef45fdaecc5d6c7b4e9e2d51b23817fc6aa8225a20f123f7fa98760e8b5ca9 -* +* SIZE: 12732739 bytes MD5: 42d261b28d1b7e500dd3bdbdbfba7fa5 diff --git a/ja/about/index.md b/ja/about/index.md index 0fa467f7b0..895367cb33 100644 --- a/ja/about/index.md +++ b/ja/about/index.md @@ -163,7 +163,7 @@ Rubyは次に示すような豊富な機能を持っています。 言語としてのRubyには、いくつか別の処理系が存在しています。 このページでは、**MRI** (Matz Ruby Interpreter)あるいは **CRuby** (Cで書かれていることに由来する)と呼ばれる -Rubyのリファンレス実装について記載していますが、別のRuby処理系も存在します。 +Rubyのリファレンス実装について記載していますが、別のRuby処理系も存在します。 他の言語や環境と統合したりMRIにはないような特別な機能を使いたい場合など、 ある特定の状況でそうしたRuby処理系は役に立ちます。 diff --git a/ja/community/mailing-lists/index.md b/ja/community/mailing-lists/index.md index c4893fe9c8..6f5c4899bb 100644 --- a/ja/community/mailing-lists/index.md +++ b/ja/community/mailing-lists/index.md @@ -8,12 +8,12 @@ lang: ja 参加希望の方は、それぞれのリンク先のページより登録を行ってください。 -## [ruby-list](https://ml.ruby-lang.org/mailman3/postorius/lists/ruby-list.ml.ruby-lang.org/)(日本語) +## [ruby-list](https://ml.ruby-lang.org/mailman3/lists/ruby-list.ml.ruby-lang.org/)(日本語) Rubyを使ってプログラムを書く人たちが情報交換を行うためのメーリングリストです。 Rubyを使う上での疑問点についての相談や、Rubyを利用したアプリケーションやライブラリなどのリリース情報の紹介、Rubyに関連するイベントの紹介などが行われています。 -## [ruby-dev](https://ml.ruby-lang.org/mailman3/postorius/lists/ruby-dev.ml.ruby-lang.org/)(日本語) +## [ruby-dev](https://ml.ruby-lang.org/mailman3/lists/ruby-dev.ml.ruby-lang.org/)(日本語) Rubyの開発者向け公式メーリングリストです。 こちらではRuby自体のバグの報告とそれに対する対応や、将来の仕様拡張や実装上の問題などについての議論が行われています。 @@ -22,11 +22,11 @@ Rubyの開発者向け公式メーリングリストです。 また、セキュリティ関連のバグや脆弱性については後述する非公開メーリングリストへ報告してください。 -## [ruby-talk](https://ml.ruby-lang.org/mailman3/postorius/lists/ruby-talk.ml.ruby-lang.org/)(英語) +## [ruby-talk](https://ml.ruby-lang.org/mailman3/lists/ruby-talk.ml.ruby-lang.org/)(英語) 英語で一般的な話題を取り扱っています。 上記ruby-listの英語版という位置づけになります。 -## [ruby-core](https://ml.ruby-lang.org/mailman3/postorius/lists/ruby-core.ml.ruby-lang.org/)(英語) +## [ruby-core](https://ml.ruby-lang.org/mailman3/lists/ruby-core.ml.ruby-lang.org/)(英語) 英語でRubyの実装について話し合っています。 上記ruby-devの英語版という位置づけになります。 diff --git a/ja/documentation/index.md b/ja/documentation/index.md index 787971dcbb..437ba5dceb 100644 --- a/ja/documentation/index.md +++ b/ja/documentation/index.md @@ -15,6 +15,8 @@ Rubyでプログラミングする際に役立つドキュメントを紹介し また、現在有志の手により[リファレンスマニュアルの整備][rurema-wiki]が進行中です。 成果物を[<URL:https://docs.ruby-lang.org/ja/>][doc-r-l-o]から閲覧できます。 +* [Rubyリファレンスマニュアル Ruby 3.4版][man-34] +* [Rubyリファレンスマニュアル Ruby 3.3版][man-33] * [Rubyリファレンスマニュアル Ruby 3.2版][man-32] * [Rubyリファレンスマニュアル Ruby 3.1版][man-31] * [Rubyリファレンスマニュアル Ruby 3.0版][man-30] @@ -95,8 +97,6 @@ Rubyistに人気のあるソフトウェアには次のようなものがあり * Windows * [Notepad++][29] - * [E-TextEditor][30] - * [Ruby In Steel][31] * macOS * [TextMate][32] @@ -123,6 +123,8 @@ Posted by Shugo Maeda on 26 May 2006 [man-30]: https://docs.ruby-lang.org/ja/3.0/doc/index.html [man-31]: https://docs.ruby-lang.org/ja/3.1/doc/index.html [man-32]: https://docs.ruby-lang.org/ja/3.2/doc/index.html +[man-33]: https://docs.ruby-lang.org/ja/3.3/doc/index.html +[man-34]: https://docs.ruby-lang.org/ja/3.4/doc/index.html [man-search]: https://docs.ruby-lang.org/ja/search/ [man-xz]: https://cache.ruby-lang.org/pub/ruby/doc/ruby-refm-1.9.3-dynamic-20120829.tar.xz [man-gz]: https://cache.ruby-lang.org/pub/ruby/doc/ruby-refm-1.9.3-dynamic-20120829.tar.gz @@ -151,8 +153,6 @@ Posted by Shugo Maeda on 26 May 2006 [27]: http://www.jetbrains.com/ruby/ [28]: http://www.scintilla.org/SciTE.html [29]: http://notepad-plus-plus.org/ -[30]: http://www.e-texteditor.com/ -[31]: http://www.sapphiresteel.com/ [32]: http://macromates.com/ [33]: https://www.barebones.com/products/bbedit/ [36]: https://netbeans.org/ diff --git a/ja/documentation/installation/index.md b/ja/documentation/installation/index.md index d11169fcfc..a18e7a8b01 100644 --- a/ja/documentation/installation/index.md +++ b/ja/documentation/installation/index.md @@ -342,5 +342,5 @@ $ sudo make install [rubystack]: https://bitnami.com/stack/ruby/virtual-machine [asdf-vm]: https://asdf-vm.com/ [asdf-ruby]: https://github.com/asdf-vm/asdf-ruby -[rbenv-for-windows]: https://github.com/ccmywish/rbenv-for-windows#readme +[rbenv-for-windows]: https://github.com/RubyMetric/rbenv-for-windows#readme [uru]: https://bitbucket.org/jonforums/uru/src/master/ diff --git a/ja/documentation/quickstart/3/index.md b/ja/documentation/quickstart/3/index.md index 127310bf60..00a8b6088a 100644 --- a/ja/documentation/quickstart/3/index.md +++ b/ja/documentation/quickstart/3/index.md @@ -104,7 +104,7 @@ Rubyはオブジェクトの変数にアクセスできる簡単な方法を用 irb(main):044:0> class Greeter irb(main):045:1> attr_accessor :name irb(main):046:1> end -=> nil +=> [:name, :name=] {% endhighlight %} Rubyでは、定義されたクラスをさらに変更できます。 diff --git a/ja/news/_posts/2002-12-24-20021224.md b/ja/news/_posts/2002-12-24-20021224.md index d5a5756b32..1380bdb811 100644 --- a/ja/news/_posts/2002-12-24-20021224.md +++ b/ja/news/_posts/2002-12-24-20021224.md @@ -7,7 +7,7 @@ lang: ja 1\.6.8リリースパッケージがftp上に公開されました。1.6.8は1.6系最後のリリースになる予定です。以下からダウンロードできます。 -* [https://cache.ruby-lang.org/pub/ruby/ruby-1.6.8.tar.gz][1] +* [https://cache.ruby-lang.org/pub/ruby/1.6/ruby-1.6.8.tar.gz][1] また、1.8.0の最初のプレビューも公開されました。 @@ -18,6 +18,6 @@ lang: ja -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.6.8.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.6/ruby-1.6.8.tar.gz [2]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.0-preview1.tar.gz [3]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.0-preview1-errata.diff diff --git a/ja/news/_posts/2004-12-25-20041225.md b/ja/news/_posts/2004-12-25-20041225.md index 18682687d1..f510390202 100644 --- a/ja/news/_posts/2004-12-25-20041225.md +++ b/ja/news/_posts/2004-12-25-20041225.md @@ -9,7 +9,7 @@ Ruby安定版の最新版、Ruby 1.8.2がリリースされました( [\[ruby-list:40458\]][1]、[\[ruby-talk:124413\]][2] )。ソースコードは下記URLよりダウンロードできます。 -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.8.2.tar.gz>][3] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.2.tar.gz>][3] MD5チェックサムは 8ffc79d96f336b80f2690a17601dea9b です。 @@ -21,4 +21,4 @@ MD5チェックサムは 8ffc79d96f336b80f2690a17601dea9b です。 [1]: https://blade.ruby-lang.org/ruby-list/40458 [2]: https://blade.ruby-lang.org/ruby-talk/124413 -[3]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.2.tar.gz +[3]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.2.tar.gz diff --git a/ja/news/_posts/2005-09-21-20050921.md b/ja/news/_posts/2005-09-21-20050921.md index b3181d2639..76d0b8c68d 100644 --- a/ja/news/_posts/2005-09-21-20050921.md +++ b/ja/news/_posts/2005-09-21-20050921.md @@ -6,7 +6,7 @@ lang: ja --- Ruby 1.8.3がリリースされました。ソースコードは -[https://cache.ruby-lang.org/pub/ruby/ruby-1.8.3.tar.gz][1]から入手できます。md5sumは63d6c2bddd6af86664e338b31f3189a6です。 +[https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.3.tar.gz][1]から入手できます。md5sumは63d6c2bddd6af86664e338b31f3189a6です。 近日中にミラーからも入手可能になると思います。 @@ -15,10 +15,10 @@ Ruby 1.8.3がリリースされました。ソースコードは ミラーサイト * [http://rubyforge.org/frs/?group\_id=426][2] -* [http://www.garbagecollect.jp/ruby/ruby-1.8.3.tar.gz][3] +* [http://www.garbagecollect.jp/ruby/1.8/ruby-1.8.3.tar.gz][3] -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.3.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.3.tar.gz [2]: http://rubyforge.org/frs/?group_id=426 -[3]: http://www.garbagecollect.jp/ruby/ruby-1.8.3.tar.gz +[3]: http://www.garbagecollect.jp/ruby/1.8/ruby-1.8.3.tar.gz diff --git a/ja/news/_posts/2005-12-24-20051224.md b/ja/news/_posts/2005-12-24-20051224.md index 4d45ac89cf..cab1c34ff2 100644 --- a/ja/news/_posts/2005-12-24-20051224.md +++ b/ja/news/_posts/2005-12-24-20051224.md @@ -9,7 +9,7 @@ lang: ja 1\.8.4 のソースコードは以下のURLから入手可能です。 -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.8.4.tar.gz>][2] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.4.tar.gz>][2] md5sumは bd8c2e593e1fa4b01fd98eaf016329bb です。 また、サイズは 4312965 バイトです。 @@ -22,5 +22,5 @@ Merry Christmas! そして、Happy Hacking! [1]: https://blade.ruby-lang.org/ruby-list/41728 -[2]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.4.tar.gz +[2]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.4.tar.gz [3]: {{ site.url }}/ja/man/?cmd=view;name=ruby+1.8.4+feature diff --git a/ja/news/_posts/2006-08-25-ruby-1-8-5.md b/ja/news/_posts/2006-08-25-ruby-1-8-5.md index e723cf351c..4b1cff7e5e 100644 --- a/ja/news/_posts/2006-08-25-ruby-1-8-5.md +++ b/ja/news/_posts/2006-08-25-ruby-1-8-5.md @@ -9,7 +9,7 @@ lang: ja ソースコードは以下のURLから入手できます。 -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.8.5.tar.gz>][2] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5.tar.gz>][2] md5sumは 3fbb02294a8ca33d4684055adba5ed6f です。また、サイズは 4,438,603 バイトです。 @@ -24,5 +24,5 @@ Ruby [1]: https://blade.ruby-lang.org/ruby-list/42751 -[2]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.5.tar.gz +[2]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5.tar.gz [3]: {{ site.url }}/ja/man/?cmd=view;name=ruby+1.8.5+feature diff --git a/ja/news/_posts/2006-12-05-ruby-1-8-5-p2.md b/ja/news/_posts/2006-12-05-ruby-1-8-5-p2.md index 6260815106..b20cc1c5a1 100644 --- a/ja/news/_posts/2006-12-05-ruby-1-8-5-p2.md +++ b/ja/news/_posts/2006-12-05-ruby-1-8-5-p2.md @@ -9,7 +9,7 @@ Ruby 1.8.5-p2がリリースされました。(リリースについてのアナ ソースコードは以下のURLから入手できます。 -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.8.5-p2.tar.gz>][2] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5-p2.tar.gz>][2] md5sumは a3517a224716f79b14196adda3e88057 です。また、サイズは 4,519,151 バイトです。 @@ -33,4 +33,4 @@ Ruby [1]: https://blade.ruby-lang.org/ruby-list/43017 -[2]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.5-p2.tar.gz +[2]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5-p2.tar.gz diff --git a/ja/news/_posts/2006-12-25-ruby-1-8-5-p12.md b/ja/news/_posts/2006-12-25-ruby-1-8-5-p12.md index 5c277311c8..bc90931495 100644 --- a/ja/news/_posts/2006-12-25-ruby-1-8-5-p12.md +++ b/ja/news/_posts/2006-12-25-ruby-1-8-5-p12.md @@ -9,7 +9,7 @@ ruby 1.8.5-p12がリリースされました。(リリースについてのア ソースコードは以下のURLから入手できます。 -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.8.5-p12.tar.gz>][2] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5-p12.tar.gz>][2] md5sumは d7d12dd9124c9b7d55cdbbee313e3931です。また、サイズは 4,526,961 バイトです。 @@ -19,4 +19,4 @@ md5sumは d7d12dd9124c9b7d55cdbbee313e3931です。また、サイズは 4,526,9 [1]: https://blade.ruby-lang.org/ruby-list/43074 -[2]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.5-p12.tar.gz +[2]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5-p12.tar.gz diff --git a/ja/news/_posts/2008-12-31-ruby-1-9-1-rc1-released.md b/ja/news/_posts/2008-12-31-ruby-1-9-1-rc1-released.md index e875656ed8..20b8e56839 100644 --- a/ja/news/_posts/2008-12-31-ruby-1-9-1-rc1-released.md +++ b/ja/news/_posts/2008-12-31-ruby-1-9-1-rc1-released.md @@ -15,19 +15,19 @@ RC1のリリースのアナウンスがありました。 ソースコードは以下のURLよりダウンロードできます。 -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-rc1.tar.bz2>][2] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-rc1.tar.bz2>][2] SIZE: 6181532 bytes MD5: d440c030131903e72a6152149a097af3 SHA256: 35acfb6b8d9dd9159ef308ac763c629092cda2e8c9f41254e72a7b9fa454c27f -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-rc1.tar.gz>][3] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-rc1.tar.gz>][3] SIZE: 7425278 bytes MD5: b145bc39667f27c018b188c812f07ca6 SHA256: a5d41b58bb9a379b3a98713c07a17757c853413104694036d9885559163f5518 -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-rc1.zip>][4] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-rc1.zip>][4] SIZE: 8695438 bytes MD5: 91ca7ebd3fe4ad577d08963e81e79c82 @@ -57,9 +57,9 @@ RC1ではまだ対応が行われていない課題は、以下のURLです。 [1]: https://blade.ruby-lang.org/ruby-list/45758 -[2]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-rc1.tar.bz2 -[3]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-rc1.tar.gz -[4]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-rc1.zip +[2]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-rc1.tar.bz2 +[3]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-rc1.tar.gz +[4]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-rc1.zip [5]: https://blade.ruby-lang.org/ruby-list/45759 [6]: http://arton.no-ip.info/data/asr/Ruby-1.9.1.msi [7]: https://bugs.ruby-lang.org/projects/ruby-19/issues?query_id=9 diff --git a/ja/news/_posts/2009-05-12-ruby-1-9-1-p129-released.md b/ja/news/_posts/2009-05-12-ruby-1-9-1-p129-released.md index 3cd384cbbb..fcf6e92e46 100644 --- a/ja/news/_posts/2009-05-12-ruby-1-9-1-p129-released.md +++ b/ja/news/_posts/2009-05-12-ruby-1-9-1-p129-released.md @@ -12,19 +12,19 @@ Ruby 1.9.1-p129がリリースされました。 #### 所在 -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.bz2>][1] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.bz2>][1] SIZE: 7183891 bytes MD5: 6fa62b20f72da471195830dec4eb2013 SHA256: cb730f035aec0e3ac104d23d27a79aa9625fdeb115dae2295de65355f449ce27 -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.gz>][2] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.gz>][2] SIZE: 9034947 bytes MD5: c71f413514ee6341c627be2957023a5c SHA256: 27b7a8ace1d17cec237020ae9355230b53f8c3875f8d942de903e7d58d14253b -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.zip>][3] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.zip>][3] SIZE: 10299369 bytes MD5: 156305e9633758eb60b419fabc33b6e4 @@ -37,6 +37,6 @@ Ruby 1.9.1-p129がリリースされました。 -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.bz2 -[2]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.gz -[3]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.zip +[1]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.bz2 +[2]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.gz +[3]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.zip diff --git a/ja/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md b/ja/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md index 60cd7528d5..8360cefc7b 100644 --- a/ja/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md +++ b/ja/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md @@ -26,19 +26,19 @@ ruby -v -ruri -e'URI.decode_www_form_component "A string that causes catastrophi ## ダウンロード -* +* SIZE: 9081661 bytes MD5: 8ba4aaf707023e76f80fc8f455c99858 SHA256: 6d3487ea8a86ad0fa78a8535078ff3c7a91ca9f99eff0a6a08e66c6e6bf2040f -* +* SIZE: 11416473 bytes MD5: 4b9330730491f96b402adc4a561e859a SHA256: 23ef45fdaecc5d6c7b4e9e2d51b23817fc6aa8225a20f123f7fa98760e8b5ca9 -* +* SIZE: 12732739 bytes MD5: 42d261b28d1b7e500dd3bdbdbfba7fa5 diff --git a/ja/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md b/ja/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md index 26979dc2d1..57d3407ed4 100644 --- a/ja/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md +++ b/ja/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md @@ -24,7 +24,8 @@ ReDoS 脆弱性のセキュリティ修正を含む、uri gem 0.12.2、0.10.3 `uri` gem を 0.12.2 にアップデートすることを推奨します。古い系列の Ruby で同梱されているバージョンとの互換性を確保するためには、以下のようにアップデートできます: * Ruby 3.0: `uri` を 0.10.3 にアップデート -* Ruby 3.1 および 3.2: `uri` を 0.12.2 にアップデート +* Ruby 3.1: `uri` を 0.12.2 にアップデート +* Ruby 3.2: `uri` を 0.12.2 にアップデート、もしくは Ruby 3.2.3 以降にアップデート `gem update uri` でアップデートできます。もし bundler を使っている場合は、`Gemfile` に `gem "uri", ">= 0.12.2"` (または上記の他のバージョン)を追加してください。 @@ -40,4 +41,5 @@ ReDoS 脆弱性のセキュリティ修正を含む、uri gem 0.12.2、0.10.3 ## 更新履歴 +* 2024-01-18 19:00:00 (JST) Ruby 3.2 での対応を追加 * 2023-06-29 10:00:00 (JST) 初版 diff --git a/ja/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md b/ja/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md index 4a8b7d5bbb..508a3fe366 100644 --- a/ja/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md +++ b/ja/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md @@ -19,7 +19,7 @@ Ruby {{ release.version }} が公開されました。Ruby 3.3ではPrismとい * Prism is both a C library that will be used internally by CRuby and a Ruby gem that can be used by any tooling which needs to parse Ruby code * Notable methods in the Prism API are: * `Prism.parse(source)` which returns the AST as part of a ParseResult - * `Prism.dump(source, filepath)` which returns the serialized AST as a String + * `Prism.dump(source)` which returns the serialized AST as a String * `Prism.parse_comments(source)` which returns the comments * You can make pull requests or issues directly on [the Prism repository](https://github.com/ruby/prism) if you are interested in contributing @@ -64,7 +64,7 @@ Ruby {{ release.version }} が公開されました。Ruby 3.3ではPrismとい YJIT options while disabling YJIT at boot. * Option to disable code GC and treat `--yjit-exec-mem-size` as a hard limit * Can produce better copy-on-write behavior on servers using unicorn and forking -* `ratio_in_yjit` stat produced by `--yjit-stats` is now avaiable in release builds, +* `ratio_in_yjit` stat produced by `--yjit-stats` is now available in release builds, a special stats or dev build is no longer required to access most stats. * Exit tracing option now supports sampling * `--trace-exits-sample-rate=N` diff --git a/ja/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md b/ja/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md index 55bf91d8c3..406ce9bc99 100644 --- a/ja/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md +++ b/ja/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md @@ -21,7 +21,7 @@ Ruby {{ release.version }} が公開されました。Ruby 3.3ではPrismとい * Prism is both a C library that will be used internally by CRuby and a Ruby gem that can be used by any tooling which needs to parse Ruby code * Notable methods in the Prism API are: * `Prism.parse(source)` which returns the AST as part of a ParseResult - * `Prism.dump(source, filepath)` which returns the serialized AST as a String + * `Prism.dump(source)` which returns the serialized AST as a String * `Prism.parse_comments(source)` which returns the comments * You can make pull requests or issues directly on [the Prism repository](https://github.com/ruby/prism) if you are interested in contributing @@ -66,7 +66,7 @@ Ruby {{ release.version }} が公開されました。Ruby 3.3ではPrismとい YJIT options while disabling YJIT at boot. * Option to disable code GC and treat `--yjit-exec-mem-size` as a hard limit * Can produce better copy-on-write behavior on servers using unicorn and forking -* `ratio_in_yjit` stat produced by `--yjit-stats` is now avaiable in release builds, +* `ratio_in_yjit` stat produced by `--yjit-stats` is now available in release builds, a special stats or dev build is no longer required to access most stats. * Exit tracing option now supports sampling * `--trace-exits-sample-rate=N` diff --git a/ja/news/_posts/2023-12-25-ruby-3-3-0-released.md b/ja/news/_posts/2023-12-25-ruby-3-3-0-released.md new file mode 100644 index 0000000000..d43acf45c1 --- /dev/null +++ b/ja/news/_posts/2023-12-25-ruby-3-3-0-released.md @@ -0,0 +1,275 @@ +--- +layout: news_post +title: "Ruby 3.3.0 リリース" +author: "naruse" +translator: +date: 2023-12-25 00:00:00 +0000 +lang: ja +--- + +{% assign release = site.data.releases | where: "version", "3.3.0" | first %} +Ruby {{ release.version }} が公開されました。Ruby 3.3ではPrismという新しいパーサーの追加、新しいパーサージェネレーターであるLramaによるBisonの置き換え、RJITという新たなJITの仕組みを追加、YJITの高速化など様々な改善が行われています。 + +## Prism + +* default gemとして[Prismパーサ](https://github.com/ruby/prism)を導入しました。 + * Prismは、Ruby言語のためのポータブルで、エラートレラントで、保守可能な再帰下降パーサです。 +* Prismは本番環境で使用する準備が整っており、積極的にメンテナンスされています。Ripperの代わりに使用することができます。 + * Prismの使用方法については、[詳細なドキュメンテーション](https://ruby.github.io/prism/)があります。 + * Prismは、CRubyに内部的に使用されるCライブラリと、Rubyコードを解析する必要がある任意のツールに使用できるRuby gemの2つのコンポーネントを持っています。 + * Prism APIの注目すべきメソッドには以下のものがあります。 + * `Prism.parse(source)` は、パース結果オブジェクトの一部としてASTを返します。 + * `Prism.parse_comments(source)` はコメントを返します。 + * `Prism.parse_success?(source)` はエラーがない場合にtrueを返します。 +* Prism開発への貢献に興味がある場合は、[Prismリポジトリ](https://github.com/ruby/prism)に直接Pull RequestやIssueを作成することができます。 +* 今後は `ruby --parser=prism` または `RUBYOPT="--parser=prism"` を使用してPrismコンパイラを試すことができます。ただし、このフラグはデバッグ用であることに注意してください。 + +## Bisonの代わりにLramaを使用 + +* Bisonを[Lrama LALRパーサジェネレータ](https://github.com/ruby/lrama)に置き換えました。 [[Feature #19637]](https://bugs.ruby-lang.org/issues/19637) + * 興味がある方は、[The future vision of Ruby Parser](https://rubykaigi.org/2023/presentations/spikeolaf.html)という発表をご覧ください。 + * 参考:[Ruby Parser開発日誌 (5) - Lrama LALR (1) parser generatorを実装した](https://yui-knk.hatenablog.com/entry/2023/03/13/101951) + * Lramaの内部パーサは、保守性のためにRaccによって生成されたLRパーサに置き換えられました。 +* パラメータ化ルール `(?, *, +)` がサポートされ、CRubyのparse.yで使用されます。 + +## YJIT + +* 大幅なパフォーマンスの改善 + * `*` を使った引数のサポートが改善されました。 + * 仮想マシンのスタック操作のためにレジスタが使われるようになりました。 + * オプション引数を持つ呼び出しで全ての組合せがコンパイルされます。例外ハンドラもコンパイルされます。 + * サポートされていない呼び出し方や分岐の数の多い呼出しでのインタプリタへのフォールバックが行なわれなくなりました。 + * Railsの `#blank?` や [特別化された `#present?`](https://github.com/rails/rails/pull/49909) などの単純なメソッドがインライン化されます。 + * `Integer#*`、`Integer#!=`、`String#!=`、`String#getbyte`、`Kernel#block_given?`、`Kernel#is_a?`、`Kernel#instance_of?`、および `Module#===` が特別に最適化されます。 + * コンパイル速度はRuby 3.2よりわずかに速くなりました。 + * Optcarrotでは、インタプリタよりも3倍以上速くなりました! +* メモリ使用量の大幅な改善 + * コンパイルされたコードのメタデータは、はるかに少ないメモリを使用します。 + * アプリケーションが4万個以上のISEQを持つ場合、`--yjit-call-threshold` は自動的に30から120に上げられます。 + * 呼出しの少ないISEQのコンパイルをスキップするために `--yjit-cold-threshold` が追加されました。 + * Arm64ではよりコンパクトなコードが生成されます。 +* コードGCはデフォルトで無効になりました + * `--yjit-exec-mem-size` は新しいコードのコンパイルが停止するハードリミットとして扱われます。 + * これにより、デフォルトではコードGC実行によるパフォーマンスの急激な低下がなくなりました。[Pitchfork](https://github.com/shopify/pitchfork) を使って定期的にforkするサーバーでのコピーオンライトの挙動が改善されました。 + * 必要に応じて `--yjit-code-gc` でコードGCを有効にすることもできます。 +* `RubyVM::YJIT.enable` を追加し、実行時にYJITを有効にできるようにしました + * コマンドライン引数や環境変数を変更せずにYJITを開始できます。Rails 7.2はこの方法を使用して [デフォルトでYJITを有効にします](https://github.com/rails/rails/pull/49947)。 + * これはまた、アプリケーションの起動が完了した後にのみYJITを有効にするために使用できます。YJITの他のオプションを使用しながら起動時にYJITを無効にしたい場合は、`--yjit-disable` を使用できます。 +* デフォルトで利用可能なYJITの統計が増えました + * `yjit_alloc_size` およびその他いくつかのメタデータ関連の統計がデフォルトで利用可能になりました。 + * `--yjit-stats` によって生成される `ratio_in_yjit` 統計は、リリースビルドで利用可能になりました。特別な統計や開発ビルドは、ほとんどの統計にアクセスするためにはもはや必要ありません。 +* プロファイリング機能を追加 + * Linux perfでのプロファイリングを容易にするために `--yjit-perf` が追加されました。 + * `--yjit-trace-exits` は、`--yjit-trace-exits-sample-rate=N` を使用したサンプリングをサポートします。 +* より網羅的なテストと複数のバグ修正 + +## RJIT + +* Rubyで書かれたJITコンパイラであるRJITを導入し、MJITを置き換えました。 + * RJITはUnixプラットフォーム上のx86\_64アーキテクチャのみをサポートします。 + * MJITとは異なり、実行時にCコンパイラを必要としません。 +* RJITは実験的な目的のためだけに存在します。 + * 本番環境ではYJITを引き続き使用してください。 +* RubyのJITの開発に興味がある場合は、[RubyKaigiの3日目のk0kubunの発表](https://rubykaigi.org/2023/presentations/k0kubun.html#day3)をご覧ください。 + +## M:N スレッドスケジューラ + +* M:N スレッドスケジューラが導入されました。[[Feature #19842]](https://bugs.ruby-lang.org/issues/19842) + * M個のRuby スレッドを、N個のネイティブスレッド(OSスレッド)で管理するので、生成管理のコストを抑えることができるようになりました。 + * C拡張ライブラリの互換性に問題が生じる可能性があるため、メインRactorでのM:Nスレッドスケジューラはデフォルトでは無効にされています。 + * `RUBY_MN_THREADS=1` と環境変数を設定することで、メインRactorでM:Nスレッドスケジューラを有効にします。 + * メインRactor以外ではM:Nスレッドスケジューラが常に有効です。 + * `RUBY_MAX_CPU=n` と環境変数を設定することで、Nの最大数(利用するネイティブスレッドの最大数)を設定できます。デフォルトは8です。 + * 一つの Ractor ではたかだか1つのスレッドしか同時に実行されないので、実際に利用するネイティブスレッド数は、`RUBY_MAX_CPU`で指定した数か実行中のRactorの数の少ないほうになります。つまり、Ractorの数が1つのアプリケーション(多くのアプリケーション)では1つのネイティブスレッドだけ利用されます。 + * ブロックする処理をサポートするため、N個以上のネイティブスレッドが利用されることがあります。 + +## パフォーマンスの改善 + +* `defined?(@ivar)` is optimized with Object Shapes. +* `Socket.getaddrinfo` などの名前解決を中断できるようになりました (pthread が利用できる環境のみ)。[[Feature 19965]](https://bugs.ruby-lang.org/issues/19965) +* 環境変数 `RUBY_GC_HEAP_REMEMBERED_WB_UNPROTECTED_OBJECTS_LIMIT_RATIO` が追加されました。[[Feature #19571]](https://bugs.ruby-lang.org/issues/19571) +* GCで古いオブジェクトの子オブジェクトがすぐにプロモートされなくなりました。[[Feature #19678]](https://bugs.ruby-lang.org/issues/19678) +* GCに弱参照が追加されました。[[Feature #19783]](https://bugs.ruby-lang.org/issues/19783) + +## その他の注目すべき 3.2 からの変更点 + +### IRB + +IRBは様々な機能強化を行いました。主なものは以下の通りです。 + +* IRBとrdbgの連携 pry-byebugのような使い心地でデバッグできるようになりました。([使い方](https://github.com/ruby/irb#debugging-with-irb)) +* lsコマンドやshow_cmdsの出力がPagerで表示されるようになりました。 +* lsコマンドやshow_sourceコマンドがより便利で詳細な情報を出力するようになりました。 +* 型情報を使った補完が実験的に実装されました。([有効化するには](https://github.com/ruby/irb#type-based-completion)) +* Reline::Faceクラスの導入により、補完ダイアログの色や文字装飾を変更できるようになりました。([使い方](https://github.com/ruby/ruby/blob/master/doc/reline/face.md)) + +また、機能強化以外にも、数多くのバグ修正および将来的な機能拡張を見越した大規模なリファクタリングを行ないました。 + + +## 互換性に関する変更 + +* ブロック内での引数なし `it` の呼び出しは非推奨になりました。 + Ruby 3.4から最初のブロック引数を参照するようになります。 + [[Feature #18980]](https://bugs.ruby-lang.org/issues/18980) + +### 環境変数の削除 + +以下の非推奨の環境変数は削除されました + +* 環境変数 `RUBY_GC_HEAP_INIT_SLOTS` は非推奨になり、何もしなくなりました。環境変数 `RUBY_GC_HEAP_{0,1,2,3,4}_INIT_SLOTS` を使ってください。[[Feature #19785]](https://bugs.ruby-lang.org/issues/19785) + +## 標準添付ライブラリの互換性に関する変更 + +### `ext/readline` の削除 + +* 今後は Ruby で書かれた GNU Readline の互換ライブラリである `reline` をすべての環境で標準で利用し、`ext/readline` は削除されました。以前の `ext/readline` が必要なユーザーは `gem install readline-ext` でインストールすることができます。 +* この変更により、Ruby のインストール時に `libreadline` や `libedit` などのライブラリのインストールは不要となります。 + +## 標準添付ライブラリのアップデート + +RubyGems と Bundler は将来リリースされる Ruby で bundled gems となる予定の gem が Gemfile または gemspec に存在しない状態で require された際に警告を行う機能が追加されました。 + +この警告は bootsnap gem を使っている場合には 3.3.0 の時点では機能上の制限により出力されません。そのため、環境変数として `DISABLE_BOOTSNAP=1` などを設定して、少なくとも1度はアプリケーションを実行することを推奨します。 + +以下のライブラリが警告の対象となります。 + * abbrev + * base64 + * bigdecimal + * csv + * drb + * getoptlong + * mutex_m + * nkf + * observer + * racc + * resolv-replace + * rinda + * syslog + + +以下の default gem が追加されました。 + +* prism 0.19.0 + +以下の default gems のバージョンがアップデートされました。 + +* RubyGems 3.5.3 +* abbrev 0.1.2 +* base64 0.2.0 +* benchmark 0.3.0 +* bigdecimal 3.1.5 +* bundler 2.5.3 +* cgi 0.4.1 +* csv 3.2.8 +* date 3.3.4 +* delegate 0.3.1 +* drb 2.2.0 +* english 0.8.0 +* erb 4.0.3 +* error_highlight 0.6.0 +* etc 1.4.3 +* fcntl 1.1.0 +* fiddle 1.1.2 +* fileutils 1.7.2 +* find 0.2.0 +* getoptlong 0.2.1 +* io-console 0.7.1 +* io-nonblock 0.3.0 +* io-wait 0.3.1 +* ipaddr 1.2.6 +* irb 1.11.0 +* json 2.7.1 +* logger 1.6.0 +* mutex_m 0.2.0 +* net-http 0.4.0 +* net-protocol 0.2.2 +* nkf 0.1.3 +* observer 0.1.2 +* open-uri 0.4.1 +* open3 0.2.1 +* openssl 3.2.0 +* optparse 0.4.0 +* ostruct 0.6.0 +* pathname 0.3.0 +* pp 0.5.0 +* prettyprint 0.2.0 +* pstore 0.1.3 +* psych 5.1.2 +* rdoc 6.6.2 +* readline 0.0.4 +* reline 0.4.1 +* resolv 0.3.0 +* rinda 0.2.0 +* securerandom 0.3.1 +* set 1.1.0 +* shellwords 0.2.0 +* singleton 0.2.0 +* stringio 3.1.0 +* strscan 3.0.7 +* syntax_suggest 2.0.0 +* syslog 0.1.2 +* tempfile 0.2.1 +* time 0.3.0 +* timeout 0.4.1 +* tmpdir 0.2.0 +* tsort 0.2.0 +* un 0.3.0 +* uri 0.13.0 +* weakref 0.1.3 +* win32ole 1.8.10 +* yaml 0.3.0 +* zlib 3.1.0 + +新たに以下の gem が default gems から bundled gems に変更されました。 + +* racc 1.7.3 + +以下の bundled gems のバージョンがアップデートされました。 + +* minitest 5.20.0 +* rake 13.1.0 +* test-unit 3.6.1 +* rexml 3.2.6 +* rss 0.3.0 +* net-ftp 0.3.3 +* net-imap 0.4.9 +* net-smtp 0.4.0 +* rbs 3.4.0 +* typeprof 0.21.9 +* debug 1.9.1 + +default gems と bundled gems の詳細については [Logger の GitHub Releases](https://github.com/ruby/logger/releases) のような GitHub releases または changelog ファイルを参照してください。 + + +その他詳細については、[NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) ファイルまたは[コミットログ](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }})を参照してください。 + +なお、こうした変更により、Ruby 3.2.0 以降では [{{ release.stats.files_changed }} 個のファイルに変更が加えられ、{{ release.stats.insertions }} 行の追加と {{ release.stats.deletions }} 行の削除が行われました](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }}#file_bucket) ! + +メリークリスマス、Ruby 3.3 とともによいお年をお迎えください! + +## ダウンロード + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby とは + +Rubyはまつもとゆきひろ (Matz) によって1993年に開発が始められ、今もオープンソースソフトウェアとして開発が続けられています。Rubyは様々なプラットフォームで動き、世界中で、特にWebアプリケーション開発のために使われています。 diff --git a/ja/news/_posts/2024-01-18-ruby-3-2-3-released.md b/ja/news/_posts/2024-01-18-ruby-3-2-3-released.md new file mode 100644 index 0000000000..6fe81850db --- /dev/null +++ b/ja/news/_posts/2024-01-18-ruby-3-2-3-released.md @@ -0,0 +1,49 @@ +--- +layout: news_post +title: "Ruby 3.2.3 リリース" +author: "nagachika" +translator: +date: 2024-01-18 09:00:00 +0000 +lang: ja +--- + +Ruby 3.2.3 がリリースされました。 + +このリリースでは多くの不具合修正を行なっています。 +詳しくは [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_2_3) を参照してください。 + +このリリースでは default gem の uri.gem のバージョンを脆弱性修正を含む 0.12.2 に更新しています。 +詳しくは以下の記事を参照してください。 + +* [CVE-2023-36617: URI における ReDoS 脆弱性について]({%link ja/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md %}) + + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.2.3" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 +皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md b/ja/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md new file mode 100644 index 0000000000..e890924cdd --- /dev/null +++ b/ja/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md @@ -0,0 +1,47 @@ +--- +layout: news_post +title: "CVE-2024-27280: Buffer overread vulnerability in StringIO" +title: "CVE-2024-27280: StringIOにおけるバッファーオーバーリード脆弱性" +author: "hsbt" +translator: "nacl-ando" +date: 2024-03-21 4:00:00 +0000 +tags: security +lang: ja +--- + +バッファーオーバーリード脆弱性のセキュリティ修正を含む StringIO gem 3.0.1.1 、 3.0.1.2 をリリースしました。 この脆弱性は、 [CVE-2024-27280](https://www.cve.org/CVERecord?id=CVE-2024-27280) として登録されています。 + +## 詳細 + + +Ruby 3.0.6 以下の 3.0.x 系と3.1.4 以下の 3.1.x 系で配布されている StringIO 3.0.1 に問題が見つかりました。 + +StringIO の`ungetbyte` と `ungetc` メソッドは文字列の終端を超えて読み込む可能性があり、その後に `StringIO.gets` を呼び出すとメモリの値を返します。 + +この脆弱性は StringIO 3.0.3 以降、 Ruby 3.2.x 以降のバージョンには影響ありません。 + +## 推奨する対応 + +StringIO gem を 3.0.3 以降にアップデートすることを推奨します。古い系列の Ruby で同梱されているバージョンとの互換性を確保するためには、以下のようにアップデートできます: + +* Ruby 3.0: `stringio` を 3.0.1.1 にアップデート +* Ruby 3.1: `stringio` を 3.0.1.2 にアップデート + +注意: StringIO 3.0.1.2 はこの脆弱性の他に [[Bug #19389]](https://github.com/ruby/ruby/commit/1d24a931c458c93463da1d5885f33edef3677cc2) のバグフィックスを含みます。 + +`gem update stringio` でアップデートできます。もし bundler を使っている場合は、 `Gemfile` に `gem "stringio", ">= 3.0.1.2"` を追加してください。 + +## 影響を受けるバージョン + +* Ruby 3.0.6 及びそれ以前のバージョン +* Ruby 3.1.4 及びそれ以前のバージョン +* StringIO gem 3.0.1 及びそれ以前のバージョン + +## クレジット + +この脆弱性情報は、 [david_h1](https://hackerone.com/david_h1?type=user) 氏によって報告されました。 + +## 更新履歴 + +* 2024-04-11 21:50:00 (JST) 影響を受ける StringIO の バージョンを 3.0.2 から 3.0.1 に変更 +* 2024-03-21 13:00:00 (JST) 初版 diff --git a/ja/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md b/ja/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md new file mode 100644 index 0000000000..bb4053b0f1 --- /dev/null +++ b/ja/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md @@ -0,0 +1,49 @@ +--- +layout: news_post +title: "CVE-2024-27281: RDoc 内の .rdoc_options におけるRCE 脆弱性" +author: "hsbt" +translator: "nacl-ando" +date: 2024-03-21 4:00:00 +0000 +tags: security +lang: ja +--- + + +RCE 脆弱性に対するセキュリティ修正を含む RDoc gem 6.3.4.1、 6.4.1.1、 6.5.1.1 および 6.6.3.1 をリリースしました。 +この脆弱性は、 [CVE-2024-27281](https://www.cve.org/CVERecord?id=CVE-2024-27281) として登録されています。 + +## 詳細 + +Ruby 3.3.0 以下の Ruby 3.x 系で配布されている.RDoc 6.3.3 から6.6.2 に問題が見つかりました。 + +RDoc の設定に使用される`.rdoc_options` ファイルを YAML 形式として解析する際に、復元可能なクラスに制限がないため、オブジェクトインジェクション及びそれに伴うリモートコード実行が可能です。 + +ドキュメントのキャッシュをロードする際に細工されたキャッシュがあった場合にも、オブジェクトインジェクション及びそれに伴うリモートコード実行が可能です。 + +## 推奨する対応 + +RDoc gem を 6.6.3.1 以上にアップデートすることを推奨します。古い系列の Ruby で同梱されているバージョンとの互換性を確保するためには、以下のようにアップデートできます: + +* Ruby 3.0: `rdoc` を 6.3.4.1 にアップデート +* Ruby 3.1: `rdoc` を 6.4.1.1 にアップデート +* Ruby 3.2: `rdoc` を 6.5.1.1 にアップデート + +`gem update rdoc` でアップデートできます。もし bundler を使っている場合は、 `Gemfile` に `gem "rdoc", ">= 6.6.3.1"` を追加してください。 + +注意: 6.3.4、 6.4.1、 6.5.1 及び 6.6.3 は不正な修正が含まれます。6.3.4.1、 6.4.1.1、 6.5.1.1 または 6.6.3.1 への修正を推奨します。 + +## 影響を受けるバージョン + +* Ruby 3.0.6 以前 +* Ruby 3.1.4 以前 +* Ruby 3.2.3 以前 +* Ruby 3.3.0 +* RDoc gem 6.3.3 以前、修正されたバージョン (6.3.4、 6.4.1、 6.5.1) を除く 6.4.0 から6.6.2 + +## クレジット + +この問題は [ooooooo_q](https://hackerone.com/ooooooo_q?type=user) によって報告されました。 + +## 更新履歴 + +* 2024-03-21 13:00:00 (JST) 初版 diff --git a/ja/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md b/ja/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md new file mode 100644 index 0000000000..a8f80ac92e --- /dev/null +++ b/ja/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md @@ -0,0 +1,41 @@ +--- +layout: news_post +title: "CVE-2024-27282: 正規表現検索における任意のメモリアドレス読み取りの脆弱性" +author: "hsbt" +translator: "HiroyasuTawara" +date: 2024-04-23 10:00:00 +0000 +tags: security +lang: ja +--- + +正規表現検索における任意のメモリアドレス読み取りの脆弱性に対するセキュリティ修正が施されたRuby バージョン 3.0.7、3.1.5、3.2.4、および 3.3.1 をリリースしました。この脆弱性は[CVE-2024-27282](https://www.cve.org/CVERecord?id=CVE-2024-27282)として登録されています + +## 詳細 + +Ruby 3.x から 3.3.0 で問題が見つかりました。 + +攻撃者から与えられたデータを Ruby 正規表現コンパイラが受け取った場合、ポインタや機密文字列を含む、テキストの先頭からの相対アドレス上の任意のヒープデータを抽出することが可能になります。 + +## 推奨する対応 + +Rubyを3.3.1以降にアップデートすることを推奨します。古い系列の Ruby バージョンとの互換性を確保するためには、以下のようにアップデートできます: + +* Ruby 3.0: Ruby を 3.0.7 にアップデート +* Ruby 3.1: Ruby を 3.1.5 にアップデート +* Ruby 3.2: Ruby を 3.2.4 にアップデート +* Ruby 3.3: Ruby を 3.3.1 にアップデート + +## 影響を受けるバージョン + +* Ruby 3.0.6 以前 +* Ruby 3.1.4 以前 +* Ruby 3.2.3 以前 +* Ruby 3.3.0 + +## クレジット + +この脆弱性情報は、 [sp2ip](https://hackerone.com/sp2ip?type=user)氏によって報告されました。 + +## 更新履歴 + +* 2024-04-23 19:00:00 (JST) 初版 diff --git a/ja/news/_posts/2024-04-23-ruby-3-0-7-released.md b/ja/news/_posts/2024-04-23-ruby-3-0-7-released.md new file mode 100644 index 0000000000..70218c682c --- /dev/null +++ b/ja/news/_posts/2024-04-23-ruby-3-0-7-released.md @@ -0,0 +1,52 @@ +--- +layout: news_post +title: "Ruby 3.0.7 リリース" +author: "hsbt" +translator: "HiroyasuTawwara" +date: 2024-04-23 10:00:00 +0000 +lang: ja +--- + +Ruby 3.0.7 がリリースされました。 + +このリリースでは以下の脆弱性修正が含まれています。 +詳しくは以下の記事を参照してください。 + +* [CVE-2024-27282: 正規表現検索における任意のメモリアドレス読み取りの脆弱性]({%link ja/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RDoc 内の .rdoc_options におけるRCE 脆弱性]({%link ja/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md %}) +* [CVE-2024-27280: StringIOにおけるバッファーオーバーリード脆弱性]({%link ja/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md %}) + +詳しくは [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_0_7) を参照してください。 + +このリリースをもって、Ruby 3.0 系列は EOL となります。即ち、Ruby 3.0.7 が Ruby 3.0 系列の最後のリリースとなる予定です。 +これ以降、仮に新たな脆弱性が発見されても、Ruby 3.0.8 などはリリースされません (ただし、深刻なリグレッションが発見された場合にはリリースする可能性があります)。すべての Ruby3.0 ユーザーの皆様は、速やかに 3.3、3.2、3.1 への移行を開始することをお勧めします。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.0.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 +皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2024-04-23-ruby-3-1-5-released.md b/ja/news/_posts/2024-04-23-ruby-3-1-5-released.md new file mode 100644 index 0000000000..4bbf7a379e --- /dev/null +++ b/ja/news/_posts/2024-04-23-ruby-3-1-5-released.md @@ -0,0 +1,49 @@ +--- +layout: news_post +title: "Ruby 3.1.5 リリース" +author: "hsbt" +translator: "HiroyasuTawwara" +date: 2024-04-23 10:00:00 +0000 +lang: ja +--- + +Ruby 3.1.5 がリリースされました。 + +このリリースでは以下の脆弱性修正が含まれています。 +詳しくは以下の記事を参照してください。 + +* [CVE-2024-27282: 正規表現検索における任意のメモリアドレス読み取りの脆弱性]({%link ja/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RDoc 内の .rdoc_options におけるRCE 脆弱性]({%link ja/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md %}) +* [CVE-2024-27280: StringIOにおけるバッファーオーバーリード脆弱性]({%link ja/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md %}) + +詳しくは [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_1_5) を参照してください。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.1.5" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 +皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2024-04-23-ruby-3-2-4-released.md b/ja/news/_posts/2024-04-23-ruby-3-2-4-released.md new file mode 100644 index 0000000000..f9fe35204e --- /dev/null +++ b/ja/news/_posts/2024-04-23-ruby-3-2-4-released.md @@ -0,0 +1,48 @@ +--- +layout: news_post +title: "Ruby 3.2.4 リリース" +author: "nagachika" +translator: "HiroyasuTawwara" +date: 2024-04-23 10:00:00 +0000 +lang: ja +--- + +Ruby 3.2.4 がリリースされました。 + +このリリースでは以下の脆弱性修正が含まれています。 +詳しくは以下の記事を参照してください。 + +* [CVE-2024-27282: 正規表現検索における任意のメモリアドレス読み取りの脆弱性]({%link ja/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RDoc 内の .rdoc_options におけるRCE 脆弱性]({%link ja/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md %}) + +詳しくは [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_2_4) を参照してください。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.2.4" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 +皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2024-04-23-ruby-3-3-1-released.md b/ja/news/_posts/2024-04-23-ruby-3-3-1-released.md new file mode 100644 index 0000000000..94ac592d00 --- /dev/null +++ b/ja/news/_posts/2024-04-23-ruby-3-3-1-released.md @@ -0,0 +1,48 @@ +--- +layout: news_post +title: "Ruby 3.3.1 リリース" +author: "naruse" +translator: "HiroyasuTawwara" +date: 2024-04-23 10:00:00 +0000 +lang: ja +--- + +Ruby 3.3.1 がリリースされました。 + +このリリースでは以下の脆弱性修正が含まれています。 +詳しくは以下の記事を参照してください。 + +* [CVE-2024-27282: 正規表現検索における任意のメモリアドレス読み取りの脆弱性]({%link ja/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RDoc 内の .rdoc_options におけるRCE 脆弱性]({%link ja/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md %}) + +詳しくは [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_3_1) を参照してください。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.3.1" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 +皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md b/ja/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md new file mode 100644 index 0000000000..39a750ab92 --- /dev/null +++ b/ja/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2024-35176: REXML内のDoS脆弱性" +author: "kou" +translator: "nacl-ando" +date: 2024-05-16 05:00:00 +0000 +tags: security +lang: ja +--- + + +REXML gem内のDoS脆弱性が発見されました。この脆弱性は、[CVE-2024-35176](https://www.cve.org/CVERecord?id=CVE-2024-35176)として登録されています。REXML gem をアップグレードすることを強く推奨します。 + +## 詳細 + +REXML gem は、属性値に`<` が多く含まれているXMLドキュメントの解析に時間がかかることがあります。 +REXML gem を 3.2.7 以上にアップデートしてください。 + +## 影響を受けるバージョン + +* REXML gem 3.2.6 以前 + +## クレジット + +この脆弱性情報は、[mprogrammer](https://hackerone.com/mprogrammer) 氏によって報告されました。 + +## 更新履歴 + +* 2024-05-16 14:00:00 (JST) 初版 diff --git a/ja/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md b/ja/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md new file mode 100644 index 0000000000..69cd4d00ef --- /dev/null +++ b/ja/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md @@ -0,0 +1,126 @@ +--- +layout: news_post +title: "Ruby 3.4.0 preview1 リリース" +author: "naruse" +translator: "01hayakawa" +date: 2024-05-16 00:00:00 +0000 +lang: ja +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-preview1" | first %} +Ruby {{ release.version }}がリリースされました。 + +## 言語機能の変更 + +* `frozen_string_literal`のコメントがないファイルで文字列リテラルが凍結されたように振る舞うようになりました。 + 文字列リテラルが破壊的に変更された場合、非推奨の警告が表示されます。 + この警告は `-W:deprecated` または `Warning[:deprecated] = true` で有効にすることができます。 + コマンドライン引数で`--disable-frozen-string-literal` を指定してRubyを実行すると、この変更を無効にできます。 [[Feature #20205]] + +* `it`がブロックパラメータを参照するために追加されました。 [[Feature #18980]] + +* メソッド呼び出し時のnilのキーワードスプラットが使えるようになりました。 + `**nil`は`**{}`と同様に扱われ、キーワードは渡されず、変換メソッドも呼び出されません。 [[Bug #20064]] + +* インデックスにブロックを渡せなくなりました。 [[Bug #19918]] + +* インデックスにキーワード引数が使えなくなりました。 [[Bug #20218]] + +## コアクラスの更新 +注:特に重要なクラスアップデートのみを掲載しています。 + +* Exception + + * Exception#set_backtraceが`Thread::Backtrace::Location`の配列を受け付けるようになりました。 + `Kernel#raise`と`Thread#raise`、`Fiber#raise`も同様に新しいフォーマットを受け付けます。[[Feature #13557]] + +* Range + + * rangeが列挙可能でない場合、`Range#size`がTypeErrorを発生させるようになりました。[[Misc #18984]] + + + +## 互換性に関する変更 + +注:バグフィックスは掲載していません。 + +* エラーメッセージとバックトレースの表示が変更されました。 + * 冒頭の引用符にはバッククォートの代わりにシングルクォートを使用します。 [[Feature #16495]] + * メソッド名の前にクラス名を表示します(クラスが永続的な名前を持つ場合のみ)。 [[Feature #19117]] + * `Kernel#caller`、`Thread::Backtrace::Location`のメソッドなどがそれに応じて変更されました。 + + ``` + Old: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + New: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + + +## C API更新 + +* `rb_newobj`と`rb_newobj_of` (および対応するマクロ `RB_NEWOBJ`、`RB_NEWOBJ_OF`、`NEWOBJ`、`NEWOBJ_OF`)が削除されました。 [[Feature #20265]] +* 廃止予定だった関数`rb_gc_force_recycle`が削除されました。 [[Feature #18290]] + +## 実装の改善 + +* `Array#each`がRubyで書き直され、パフォーマンスが改善されました。 [[Feature #20182]]. + +## その他の変更 + +* 渡されたブロックを使用しないメソッドにブロックを渡すと、verboseモード (`-w`) で警告が表示されるようになりました。 [[Feature #15554]] + +* `String.freeze`や`Integer#+`のようなインタプリタやJITによって特別に最適化されたコアメソッドを再定義すると、パフォーマンスクラスの警告(`-W:performance`または`Warning[:performance] = true`)が出るようになりました。 [[Feature #20429]] + +default gemやbundled gemの詳細については、[Logger](https://github.com/ruby/logger/releases)などのGitHubのリリースやchangelogを参照してください。 + +詳細は[NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +か[commit logs](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }})を参照してください。 + +これらの変更により、Ruby 3.3.0から[{{ release.stats.files_changed }} ファイルが変更され、{{ release.stats.insertions }} 行が追加され、 {{ release.stats.deletions }} 行が削除されました!](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket) + + +## ダウンロード + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby とは + +Rubyはまつもとゆきひろ (Matz) によって1993年に開発が始められ、今もオープンソースソフトウェアとして開発が続けられています。Rubyは様々なプラットフォームで動き、世界中で、特にWebアプリケーション開発のために使われています。 + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 diff --git a/ja/news/_posts/2024-05-29-ruby-3-1-6-released.md b/ja/news/_posts/2024-05-29-ruby-3-1-6-released.md new file mode 100644 index 0000000000..26db09db33 --- /dev/null +++ b/ja/news/_posts/2024-05-29-ruby-3-1-6-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.1.6 リリース" +author: "hsbt" +translator: "teeta32" +date: 2024-05-29 9:00:00 +0000 +lang: ja +--- + +Ruby 3.1.6 がリリースされました。 + +現在、Ruby 3.1 系列はセキュリティメンテナンスフェーズのため、通常は脆弱性の修正のみ行います。しかし、Ruby 3.1.5 のリリース後に Ruby のビルドに失敗する問題がいくつか生じたため、この問題を修正する Ruby 3.1.6 がリリースされました。 + +詳しくは以下の記事を参照してください。 + +* [Bug #20151: Can't build Ruby 3.1 on FreeBSD 14.0](https://bugs.ruby-lang.org/issues/20151) +* [Bug #20451: Bad Ruby 3.1.5 backport causes fiddle to fail to build](https://bugs.ruby-lang.org/issues/20451) +* [Bug #20431: Ruby 3.3.0 build fail with make: *** \[io_buffer.o\] Error 1](https://bugs.ruby-lang.org/issues/20431) + +詳しくは [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_1_6) を参照してください。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.1.6" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 +皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2024-05-30-datadog-oss-program.md b/ja/news/_posts/2024-05-30-datadog-oss-program.md new file mode 100644 index 0000000000..55c071aaf2 --- /dev/null +++ b/ja/news/_posts/2024-05-30-datadog-oss-program.md @@ -0,0 +1,30 @@ +--- +layout: news_post +title: "Datadogがruby-lang.orgに対してOSSコミュニティサポートを提供" +author: "hsbt" +translator: "01hayakawa" +date: 2024-05-30 00:00:00 +0000 +lang: ja +--- + +Rubyの公式サイトであるruby-lang.orgが、[Datadog OSSコミュニティサポート](https://opensource.datadoghq.com/projects/oss-program/)によりモニタリングにDatadogを採用しました。 + +これにより、サイトのパフォーマンスと可用性をリアルタイムで効果的に監視することができます。Datadogを使用する主な利点は以下の通りです。 + +## CDNの可視性 + +Fastlyが提供するcache.ruby-lang.orgは、Rubyエコシステムの最も重要なインフラです。DatadogはContent Delivery Network (CDN)のパフォーマンスを監視することができます。キャッシュカバレッジ、エラー率を追跡し、ユーザ体験を向上させます。 + +## 統一されたデータビジュアライゼーション + +ruby-lang.orgにはさまざまなWebサービスが存在します。Datadogを使用することで、ログ分析データをメトリクスやアプリケーションパフォーマンス監視(APM)データと同じダッシュボードで視覚化することができます。 + +## JITトレースの可視化 + +Datadogのトレース機能を活用することで、リクエストがWebサーバーやデータベースを通過する際のトレースをキャプチャできます。 +これはボトルネックや問題のあるリクエストを特定するのに役立ちます。 + +主要なメトリクスの[公開ダッシュボード](https://p.ap1.datadoghq.com/sb/1271b83e-af90-11ee-9072-da7ad0900009-01633a8fa8c0b0c0051f1889afdf55dc)を公開しました。 +ダッシュボードは、モニタリングの改善を続けながら随時更新していきます。特に、YJITのパフォーマンスモニタリングに注力する予定です。 + +今回のDatadogの採用が、Rubyコミュニティのサイトパフォーマンスの向上に寄与することを期待しています。引き続きruby-lang.orgをご利用いただき、より快適なユーザ体験をお楽しみください。 diff --git a/ja/news/_posts/2024-05-30-ruby-3-3-2-released.md b/ja/news/_posts/2024-05-30-ruby-3-3-2-released.md new file mode 100644 index 0000000000..8eecfb0b86 --- /dev/null +++ b/ja/news/_posts/2024-05-30-ruby-3-3-2-released.md @@ -0,0 +1,43 @@ +--- +layout: news_post +title: "Ruby 3.3.2 リリース" +author: "k0kubun" +translator: 7riatsu +date: 2024-05-30 03:50:00 +0000 +lang: ja +--- + +Ruby 3.3.2 がリリースされました。 + +このリリースでは多くの不具合修正を行なっています。 +詳しくは [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_3_2) を参照してください。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.3.2" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 +皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2024-06-12-ruby-3-3-3-released.md b/ja/news/_posts/2024-06-12-ruby-3-3-3-released.md new file mode 100644 index 0000000000..ad5e9f477c --- /dev/null +++ b/ja/news/_posts/2024-06-12-ruby-3-3-3-released.md @@ -0,0 +1,53 @@ +--- +layout: news_post +title: "Ruby 3.3.3 リリース" +author: "k0kubun" +translator: "egamasa" +date: 2024-06-12 00:30:00 +0000 +lang: ja +--- + +Ruby 3.3.3 がリリースされました。 + +このリリースには、以下が含まれています。 + +* RubyGems 3.5.11 +* Bundler 2.5.11 +* REXML 3.2.8 +* strscan 3.0.9 +* `--dump=prism_parsetree` を `--parser=prism --dump=parsetree` に置き換えました。 +* シンボルのエンコーディング失敗時に、`EncodingError` の代わりに `SyntaxError` を発生させます。 +* Ripper での解析時のメモリリークを修正しました。 +* YJIT、`**{}`、`Ripper.tokenize`、`RubyVM::InstructionSequence#to_binary`、`--with-gmp` および一部のビルド環境におけるバグ修正 + +詳しくは [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_3_3) を参照してください。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.3.3" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 +皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2024-07-09-ruby-3-3-4-released.md b/ja/news/_posts/2024-07-09-ruby-3-3-4-released.md new file mode 100644 index 0000000000..3f3f787ec5 --- /dev/null +++ b/ja/news/_posts/2024-07-09-ruby-3-3-4-released.md @@ -0,0 +1,54 @@ +--- +layout: news_post +title: "Ruby 3.3.4 リリース" +author: "k0kubun" +translator: "egamasa" +date: 2024-07-09 00:30:00 +0000 +lang: ja +--- + +Ruby 3.3.4 がリリースされました。 + +このリリースでは、Ruby 3.3.3 にバンドルされているいくつかの gem (`net-pop`、`net-ftp`、`net-imap` および `prime`)において、gemspec の依存関係が欠落していたリグレッションが修正されました [[Bug #20581]](https://bugs.ruby-lang.org/issues/20581)。 +この修正により、Bundler はこれらの gem を Heroku などのプラットフォームへ正常にインストールできるようになりました。 +現在 `bundle install` を正常に実行できている場合、この問題は発生しないかもしれません。 + +そのほか、数多くの軽微なバグ修正を行っています。 +詳しくは [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_3_4) を参照してください。 + +## リリーススケジュール + +今後は、最新の安定版 Ruby(現在は Ruby 3.3)を `.1` リリース後の2ヶ月おきにリリースする予定です。 +Ruby 3.3 の場合、3.3.5 は 9 月 3 日に、3.3.6 は 11 月 5 日に、3.3.7 は 1 月 7 日にリリースされる予定です。 + +Heroku 上で Ruby 3.3.3 を使用するユーザーに影響を与える今回のリリースのように、多くのユーザーに影響を与えるような変更があった場合、予定よりも早く新しいバージョンをリリースすることがあります。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.3.4" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 +皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md b/ja/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md new file mode 100644 index 0000000000..ca343d5448 --- /dev/null +++ b/ja/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2024-39908: REXML内のDoS脆弱性" +author: "watson1978" +translator: "egamasa" +date: 2024-07-16 03:00:00 +0000 +tags: security +lang: ja +--- + +REXML gem内のDoS脆弱性が発見されました。この脆弱性は、[CVE-2024-39908](https://www.cve.org/CVERecord?id=CVE-2024-39908) として登録されています。REXML gem をアップグレードすることを強く推奨します。 + +## 詳細 + +REXML gem は、 `<`、`0` および `%>` のような特定の文字が多く含まれているXMLドキュメントの解析に時間がかかることがあります。 + +REXML gem を 3.3.2 以上にアップデートしてください。 + +## 影響を受けるバージョン + +* REXML gem 3.3.1 以前 + +## クレジット + +この脆弱性情報は、[mprogrammer](https://hackerone.com/mprogrammer) 氏によって報告されました。 + +## 更新履歴 + +* 2024-07-16 12:00:00 (JST) 初版 diff --git a/ja/news/_posts/2024-07-26-ruby-3-2-5-released.md b/ja/news/_posts/2024-07-26-ruby-3-2-5-released.md new file mode 100644 index 0000000000..50b86899bd --- /dev/null +++ b/ja/news/_posts/2024-07-26-ruby-3-2-5-released.md @@ -0,0 +1,46 @@ +--- +layout: news_post +title: "Ruby 3.2.5 リリース" +author: "nagachika" +translator: "egamasa" +date: 2024-07-26 10:00:00 +0000 +lang: ja +--- + +Ruby 3.2.5 がリリースされました。 + +このリリースでは多くの不具合修正を行っています。 +また、バンドルされている `rexml` gem のバージョンが更新されました。これには、[CVE-2024-39908: REXML内のDoS脆弱性]({%link ja/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md %}) の脆弱性修正が含まれています。 + + +詳しくは [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_2_5) を参照してください。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.2.5" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 +皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md b/ja/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md new file mode 100644 index 0000000000..4c4c48b689 --- /dev/null +++ b/ja/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2024-41123: REXML内のDoS脆弱性" +author: "kou" +translator: "egamasa" +date: 2024-08-01 03:00:00 +0000 +tags: security +lang: ja +--- + +REXML gem内のDoS脆弱性が発見されました。この脆弱性は、[CVE-2024-41123](https://www.cve.org/CVERecord?id=CVE-2024-41123) として登録されています。REXML gem をアップグレードすることを強く推奨します。 + +## 詳細 + +REXML gem は、空白文字、`>]` および `]>` のような特定の文字が多く含まれているXMLドキュメントの解析に時間がかかることがあります。 + +REXML gem を 3.3.3 以上にアップデートしてください。 + +## 影響を受けるバージョン + +* REXML gem 3.3.2 以前 + +## クレジット + +この脆弱性情報は、[mprogrammer](https://hackerone.com/mprogrammer) 氏および [scyoon](https://hackerone.com/scyoon) 氏によって報告されました。 + +## 更新履歴 + +* 2024-08-01 12:00:00 (JST) 初版 diff --git a/ja/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md b/ja/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md new file mode 100644 index 0000000000..fb940eecaf --- /dev/null +++ b/ja/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2024-41946: REXML内のDoS脆弱性" +author: "kou" +translator: "egamasa" +date: 2024-08-01 03:00:00 +0000 +tags: security +lang: ja +--- + +REXML gem内のDoS脆弱性が発見されました。この脆弱性は、[CVE-2024-41946](https://www.cve.org/CVERecord?id=CVE-2024-41946) として登録されています。REXML gem をアップグレードすることを強く推奨します。 + +## 詳細 + +REXML gem は、SAX2 またはプル方式の XML パーサを使用した場合、多数のエンティティ展開を持つ XML ドキュメントの解析に時間がかかることがあります。 + +REXML gem を 3.3.3 以上にアップデートしてください。 + +## 影響を受けるバージョン + +* REXML gem 3.3.2 以前 + +## クレジット + +この脆弱性情報は、[NAITOH Jun](https://github.com/naitoh) 氏によって報告されました。 + +## 更新履歴 + +* 2024-08-01 12:00:00 (JST) 初版 diff --git a/ja/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md b/ja/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md new file mode 100644 index 0000000000..91430ad44e --- /dev/null +++ b/ja/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md @@ -0,0 +1,31 @@ +--- +layout: news_post +title: "CVE-2024-43398: REXML内のDoS脆弱性" +author: "kou" +translator: "egamasa" +date: 2024-08-22 03:00:00 +0000 +tags: security +lang: ja +--- + +REXML gem内のDoS脆弱性が発見されました。この脆弱性は、[CVE-2024-43398](https://www.cve.org/CVERecord?id=CVE-2024-43398) として登録されています。REXML gem をアップグレードすることを強く推奨します。 + +## 詳細 + +REXML gem は、同じローカル名の階層の深い要素を多く持つ XML ドキュメントの解析に時間がかかることがあります。 + +これは TreeParser API にのみ影響します。`REXML::Document.new` を使用して XML ドキュメントを解析する場合に影響を受ける可能性があります。 + +REXML gem を 3.3.6 以上にアップデートしてください。 + +## 影響を受けるバージョン + +* REXML gem 3.3.5 以前 + +## クレジット + +この脆弱性情報は、[l33thaxor](https://hackerone.com/l33thaxor) 氏によって報告されました。 + +## 更新履歴 + +* 2024-08-22 12:00:00 (JST) 初版 diff --git a/ja/news/_posts/2024-09-03-3-3-5-released.md b/ja/news/_posts/2024-09-03-3-3-5-released.md new file mode 100644 index 0000000000..1f82b63f81 --- /dev/null +++ b/ja/news/_posts/2024-09-03-3-3-5-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.3.5 リリース" +author: "k0kubun" +translator: "koic" +date: 2024-09-03 06:40:00 +0000 +lang: ja +--- + +Ruby 3.3.5がリリースされました。 + +これは定期的なアップデートであり、マイナーなバグ修正を含みます。できるだけ早くRubyのバージョンをアップグレードすることを推奨します。 + +詳しくは[GitHub release notes](https://github.com/ruby/ruby/releases/tag/v3_3_5)を参照してください。 + +## リリーススケジュール + +以前[お知らせ](https://www.ruby-lang.org/ja/news/2024/07/09/ruby-3-3-4-released/)したとおり、最新の安定版Ruby(現在はRuby 3.3)を `.1` リリース後の2ヶ月おきにリリースする予定です。 + +Ruby 3.3.6は11月5日に、Ruby 3.3.7は1月7日にリリースされる予定です。多くのユーザーに影響を与えるような変更があった場合、予定よりも早く新しいバージョンをリリースすることがあります。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.3.5" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 +皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md b/ja/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md new file mode 100644 index 0000000000..8002c6e967 --- /dev/null +++ b/ja/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md @@ -0,0 +1,136 @@ +--- +layout: news_post +title: "Ruby 3.4.0 preview2 リリース" +author: "naruse" +translator: "motohiro-mm" +date: 2024-10-07 00:00:00 +0000 +lang: ja +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-preview2" | first %} +Ruby {{ release.version }}がリリースされました。 + +## Prism + +デフォルトのパーサーを parse.y から Prism に変更しました。 [[Feature #20564]] + +## 言語機能の変更 + +* `frozen_string_literal`のコメントがないファイルで文字列リテラルが凍結されたように振る舞うようになりました。 + 文字列リテラルが破壊的に変更された場合、非推奨の警告が表示されます。 + この警告は `-W:deprecated` または `Warning[:deprecated] = true` で有効にすることができます。 + コマンドライン引数で`--disable-frozen-string-literal` を指定してRubyを実行すると、この変更を無効にできます。 [[Feature #20205]] + +* `it`がブロックパラメータを参照するために追加されました。 [[Feature #18980]] + +* メソッド呼び出し時のnilのキーワードスプラットが使えるようになりました。 + `**nil`は`**{}`と同様に扱われ、キーワードは渡されず、変換メソッドも呼び出されません。 [[Bug #20064]] + +* インデックスにブロックを渡せなくなりました。 [[Bug #19918]] + +* インデックスにキーワード引数が使えなくなりました。 [[Bug #20218]] + +## コアクラスの更新 +注:特に重要なクラスアップデートのみを掲載しています。 + +* Exception + + * Exception#set_backtraceが`Thread::Backtrace::Location`の配列を受け付けるようになりました。 + `Kernel#raise`と`Thread#raise`、`Fiber#raise`も同様に新しいフォーマットを受け付けます。[[Feature #13557]] + +* Range + + * rangeが列挙可能でない場合、`Range#size`がTypeErrorを発生させるようになりました。[[Misc #18984]] + + +## 互換性に関する変更 + +注:バグフィックスは掲載していません。 + +* エラーメッセージとバックトレースの表示が変更されました。 + * 冒頭の引用符にはバッククォートの代わりにシングルクォートを使用します。 [[Feature #16495]] + * メソッド名の前にクラス名を表示します(クラスが永続的な名前を持つ場合のみ)。 [[Feature #19117]] + * `Kernel#caller`、`Thread::Backtrace::Location`のメソッドなどがそれに応じて変更されました。 + + ``` + Old: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + New: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +* `Hash#inspect`の出力を変更しました。 [[Bug #20433]] + * キーがシンボルの場合は、コロン形式を使用するようになりました。`"{user: 1}"` + * キーがシンボルでない場合は、`=>`の前後にスペースを追加します。`'{"user" => 1}'` + 以前:`'{"user"=>1}'` + + +## C API更新 + +* `rb_newobj`と`rb_newobj_of` (および対応するマクロ `RB_NEWOBJ`、`RB_NEWOBJ_OF`、`NEWOBJ`、`NEWOBJ_OF`)が削除されました。 [[Feature #20265]] +* 廃止予定だった関数`rb_gc_force_recycle`が削除されました。 [[Feature #18290]] + +## 実装の改善 + +* `Array#each`がRubyで書き直され、パフォーマンスが改善されました。 [[Feature #20182]]. + +## その他の変更 + +* 渡されたブロックを使用しないメソッドにブロックを渡すと、verboseモード (`-w`) で警告が表示されるようになりました。 [[Feature #15554]] + +* `String.freeze`や`Integer#+`のようなインタプリタやJITによって特別に最適化されたコアメソッドを再定義すると、パフォーマンスクラスの警告(`-W:performance`または`Warning[:performance] = true`)が出るようになりました。 [[Feature #20429]] + +default gemやbundled gemの詳細については、[Logger](https://github.com/ruby/logger/releases)などのGitHubのリリースやchangelogを参照してください。 + +詳細は[NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +か[commit logs](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }})を参照してください。 + +これらの変更により、Ruby 3.3.0から[{{ release.stats.files_changed }} ファイルが変更され、{{ release.stats.insertions }} 行が追加され、 {{ release.stats.deletions }} 行が削除されました!](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket) + + +## ダウンロード + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + + +## Ruby とは + +Rubyはまつもとゆきひろ (Matz) によって1993年に開発が始められ、今もオープンソースソフトウェアとして開発が続けられています。Rubyは様々なプラットフォームで動き、世界中で、特にWebアプリケーション開発のために使われています。 + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Bug #20433]: https://bugs.ruby-lang.org/issues/20433 diff --git a/ja/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md b/ja/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md new file mode 100644 index 0000000000..79fd0880b7 --- /dev/null +++ b/ja/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md @@ -0,0 +1,33 @@ +--- +layout: news_post +title: "CVE-2024-49761: REXML の ReDoS 脆弱性" +author: "kou" +translator: "teeta32" +date: 2024-10-28 03:00:00 +0000 +tags: security +lang: ja +--- + +REXML gem に ReDoS 脆弱性が発見されました。この脆弱性は [CVE-2024-49761](https://www.cve.org/CVERecord?id=CVE-2024-49761) として登録されています。REXML gem のアップグレードを強く推奨します。 + +この脆弱性は Ruby 3.2 以降では発生しません。メンテナンスされている Ruby では Ruby 3.1 だけが本脆弱性の影響を受けます。Ruby 3.1 は 2025 年 3 月に EOL となることに注意してください。 + +## 詳細 + +以下のような XML※をパースするときに ReDoS 脆弱性が存在します。 + +※16 進数の数値文字参照 (&#x...;) の &# と x...; の間に多くの数字を含む XML + +REXML gem を 3.3.9 以上にアップデートしてください。 + +## 影響を受けるバージョン + +* Ruby 3.1 以前で REXML gem 3.3.8 以前を利用する場合 + +## クレジット + +* この脆弱性情報は、[manun](https://hackerone.com/manun) 氏によって報告されました。 + +## 更新履歴 + +* 2024-10-28 12:00:00 (JST) 初版 diff --git a/ja/news/_posts/2024-10-30-ruby-3-2-6-released.md b/ja/news/_posts/2024-10-30-ruby-3-2-6-released.md new file mode 100644 index 0000000000..b5b38e959b --- /dev/null +++ b/ja/news/_posts/2024-10-30-ruby-3-2-6-released.md @@ -0,0 +1,41 @@ +--- +layout: news_post +title: "Ruby 3.2.6 リリース" +author: nagachika +translator: teeta32 +date: 2024-10-30 10:00:00 +0000 +lang: ja +--- + +Ruby 3.2.6 がリリースされました。 + +詳しくは [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_2_6) を参照してください。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.2.6" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2024-11-05-ruby-3-3-6-released.md b/ja/news/_posts/2024-11-05-ruby-3-3-6-released.md new file mode 100644 index 0000000000..938f254bab --- /dev/null +++ b/ja/news/_posts/2024-11-05-ruby-3-3-6-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.3.6 リリース" +author: k0kubun +translator: yokomaru +date: 2024-11-05 04:25:00 +0000 +lang: ja +--- + +Ruby 3.3.6がリリースされました。 + +これは定期的なアップデートであり、マイナーなバグ修正を含みます。 +また、Ruby 3.5でバンドルされるデフォルトの gem の依存関係の警告が表示されなくなります。 +詳しくは[GitHub release notes](https://github.com/ruby/ruby/releases/tag/v3_3_6)を参照してください。 + +## リリーススケジュール + +以前[お知らせ](https://www.ruby-lang.org/ja/news/2024/07/09/ruby-3-3-4-released/)したとおり、最新の安定版Ruby(現在は Ruby 3.3)を `.1` リリース後の2ヶ月おきにリリースする予定です。 + +Ruby 3.3.7は1月7日にリリースされる予定です。多くのユーザーに影響を与えるような変更があった場合、予定よりも早く新しいバージョンをリリースすることがあります。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.3.6" | first %} + +- <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +- <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +- <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 +皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md b/ja/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md new file mode 100644 index 0000000000..33a1598180 --- /dev/null +++ b/ja/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md @@ -0,0 +1,168 @@ +--- +layout: news_post +title: "Ruby 3.4.0-rc1 リリース" +author: "naruse" +translator: "npakk" +date: 2024-12-12 00:00:00 +0000 +lang: ja +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-rc1" | first %} +Ruby {{ release.version }} が公開されました。 + +## デフォルトのパーサをPrismに変更 + +デフォルトで使用するパーサーを parse.y から生成するパーサーから Prism へと変更しました。 [[Feature #20564]] + +## Modular GC + +* Modular GC 機能により Ruby 標準とは異なる ガベージ・コレクタ (GC) の実装を動的にロードすることができるようになりました。この機能を使うには Ruby をビルドする時に `--with-modular-gc` を指定してください。GC ライブラリは環境変数 `RUBY_GC_LIBRARY` を用いて Ruby のランタイムにロードすることができます。[[Feature #20351]] + +* Ruby 組み込みのガベージ・コレクタは `gc/default/default.c` ファイルに分割され、 Ruby ランタイムとのやりとりは `gc/gc_impl.h` に定義される API を用いて行われます。組み込みのガベージコレクタは `make modular-gc MODULAR_GC=default` というコマンドを用いてライブラリとしてもビルドすることができ、環境変数として `RUBY_GC_LIBRARY=default` を定義することで有効にすることができます。 [[Feature #20470]] + +* [MMTk](https://www.mmtk.io/) をベースとした実験的な GC ライブラリが提供されました。このライブラリは`make modular-gc MODULAR_GC=mmtk` コマンドによってビルドし、環境変数 `RUBY_GC_LIBRARY=mmtk` によって有効化します。この機能を使うにはビルドを行うマシンに Rust のビルドツールを必要とします。 [[Feature #20860]] + +## 言語機能の変更 + +* マジックコメント `frozen_string_literal` のないファイル中の文字列リテラルは、freeze されているかのように振る舞うようになり、破壊的な変更時に警告を表示するようになりました。これらの警告はコマンドラインオプション `-W:deprecated` か Ruby プログラムで `Warning[:deprecated] = true` を指定すると表示されます。 +これら無効にするにはコマンドラインオプション `--disable-frozen-string-literal` を追加して Ruby を実行してください。 [[Feature #20205]] + +* ブロックパラメータに名前をつけずに参照する `it` が追加されました。 [[Feature #18980]] + +* メソッド呼び出し時の `nil` 展開キーワードがサポートされました。 + `**nil` は `**{}` と同様に扱われ、キーワードは渡せません。 + また、あらゆる変換のためのメソッドも呼ばれません。[[Bug #20064]] + +* インデックスにブロックを渡せなくなりました。[[Bug #19918]] + +* インデックスにキーワード引数を渡せなくなりました。[[Bug #20218]] + +## YJIT + +### TL;DR + +* x86-64 と arm64 の両方のプラットフォームにおいて、ほとんどのベンチマークのパフォーマンスが向上しました。 +* コンパイルメタデータのメモリ使用量を削減しました。 +* 様々な不具合修正: YJIT はより堅牢になり、より多くの環境でテストされました。 + +### 新機能 + +* `--yjit-mem-size` による統一的なメモリ制限が指定可能になりました(デフォルトは 128MiB)。 + このオプションはすべての YJIT のメモリ使用量を監視し、従来の `--yjit-exec-mem-size` オプションよりも直感的に使用できます。 +* `RubyVM::YJIT.runtime_stats` からより多くの統計情報を取得できるようになりました。 +* `--yjit-log` オプションを用いて、コンパイルログを監視できるようになりました。 + * `RubyVM::YJIT.log` を用いてコンパイルログの末尾を取得することができるようになりました。 +* マルチ Ractor モードにおける定数共有をサポートしました。 +* `--yjit-trace-exits=COUNTER`オプションを用いて、カウントされたexitを監視できるようになりました。 + +### 新しい最適化 + +* コンテキストの圧縮化により YJIT のメタデータ保管に必要なメモリを削減しました。 +* ローカル変数やRubyのメソッドの引数のためにレジスタを割り当てるようになりました。 +* YJIT が有効な場合に Ruby で実装されたコアクラスを使うようになりました。 + * Ruby で書き直された `Array#each`, `Array#select`, `Array#map` はより良いパフォーマンスを提供します。 [[Feature #20182]]. +* 以下のような小さいメソッドをインライン化できるようになりました: + * 空メソッド + * 定数を返すメソッド + * `self` を返すメソッド + * 引数を直接返すメソッド +* 組み込みメソッドに特化したコード生成の対象を広げました +* `String#getbyte`, `String#setbyte` など、String のメソッドの最適化を行いました。 +* 低レベルの bit/byte 操作を高速化するためにビット演算を最適化しました +* その他、様々な段階的な最適化を行いました。 + +## コアクラスのアップデート + +注: 複数のアップデートの中から注目すべきアップデートのみを掲載しています。 + +* Exception + + * `Exception#set_backtrace` は `Thread::Backtrace::Location` の配列を受け取れる様になりました。. + `Kernel#raise`, `Thread#raise` や `Fiber#raise` も同じ配列を受け取れます。[[Feature #13557]] + +* Range + + * `Range#size` は範囲オブジェクトが反復可能ではない場合は `TypeError` 例外を出すようになりました。[[Misc #18984]] + +## 互換性に関する変更 + +注: 不具合修正を除きます。 + +* エラーメッセージとして表示するバックトレースを変更しました。 + * 開始の引用符は backtick の代わりにシングルクォートを用いるようになりました。[[Feature #16495]] + * クラス名が変更しないような場合、メソッド名の前にクラス名を表示するようになりました。[[Feature #19117]] + * `Kernel#caller`, `Thread::Backtrace::Location` などのメソッドはそれらに応じて変更されました。 + + ``` + Old: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + New: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +## C API のアップデート + +* `rb_newobj` と `rb_newobj_of` (と対応するマクロの `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`) は削除されました。 [[Feature #20265]] +* 非推奨とされていた `rb_gc_force_recycle` は削除されました。 [[Feature #18290]] + +## その他の変更 + +* 渡されたブロックを使用しないメソッドにブロックを渡すと、verboseモード(`-w`) で警告が表示されるようになりました。[[Feature #15554]] + +* `String.freeze` や `Integer#+` のような JIT とインタプリタによって特別に最適化されたメソッドを再定義すると、performance 警告(`-W:performance` または`Warning[:performance] = true` で有効化)が表示されるようになりました。 [[Feature #20429]] + +default gemsやbundled gemsの詳細については[Logger](https://github.com/ruby/logger/releases)などのChangeLogを参照してください。 + +より詳細な情報は [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +か [commit logs](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}) を参照してください。 + +これらの変更により、Ruby 3.3.0から [{{ release.stats.files_changed }} ファイルが変更され、 {{ release.stats.insertions }} 行が追加され、 {{ release.stats.deletions }} 行が削除されました!](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket) + +## ダウンロード + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby とは + +Rubyはまつもとゆきひろ (Matz) によって1993年に開発が始められ、今もオープンソースソフトウェアとして開発が続けられています。Rubyは様々なプラットフォームで動き、世界中で、特にWebアプリケーション開発のために使われています。 + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20351]: https://bugs.ruby-lang.org/issues/20351 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20470]: https://bugs.ruby-lang.org/issues/20470 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Feature #20860]: https://bugs.ruby-lang.org/issues/20860 diff --git a/ja/news/_posts/2024-12-25-ruby-3-4-0-released.md b/ja/news/_posts/2024-12-25-ruby-3-4-0-released.md new file mode 100644 index 0000000000..07bd85c495 --- /dev/null +++ b/ja/news/_posts/2024-12-25-ruby-3-4-0-released.md @@ -0,0 +1,315 @@ +--- +layout: news_post +title: "Ruby 3.4.0 リリース" +author: "naruse" +translator: +date: 2024-12-25 00:00:00 +0000 +lang: ja +--- + +{% assign release = site.data.releases | where: "version", "3.4.0" | first %} +Ruby {{ release.version }} が公開されました。Ruby 3.4では、ブロックパラメータ参照の `it` の追加、 +デフォルトパーサーのPrismへの変更、Socket ライブラリの Happy Eyeballs Version 2 (RFC 8305) 対応、YJITの改善、 +Modular GCの導入など様々な改善が行われています。 + +## `it` の追加 + +ブロックパラメータに名前をつけずに参照する `it` が追加されました。 [[Feature #18980]] + +```ruby +ary = ["foo", "bar", "baz"] + +p ary.map { it.upcase } #=> ["FOO", "BAR", "BAZ"] +``` + +`it` は `_1` とほとんど同じように動作します。ブロック内で `_1` のみを使用する意図がある場合に `_1` を使うと、`_2` や `_3` などの他の番号付きパラメータが現れる可能性が示唆され、認知的負荷が高い問題がありました。そのため、`it` は便利なエイリアスとして導入されました。一行ブロックなど、`it`の意味が一目でわかる簡単なケースにご利用ください。 + +## デフォルトのパーサをPrismに変更 + +デフォルトで使用するパーサーを parse.y から生成するパーサーから Prism へと変更しました。 [[Feature #20564]] + +これは内部的な改善であり、ユーザーにはほとんど変化が見られないはずです。互換性の問題にお気づきの場合は、ご報告ください。 + +従来のパーサーを使用するにはコマンドライン引数 `--parser=parse.y` を使用してください。 + +## Socket ライブラリの Happy Eyeballs Version 2 (RFC 8305) 対応 + +Socket ライブラリの `TCPSocket.new` (`TCPSocket.open`) と `Socket.tcp` が多数のプログラミング言語で、より良いネットワーク接続の方法として広く標準採用されている [Happy Eyeballs Version 2 (RFC 8305)](https://datatracker.ietf.org/doc/html/rfc8305) に対応しました。この改善により、Ruby は IPv6 と IPv4 が混在するような最新のインターネット環境においても、効率的で信頼性の高いネットワーク接続が可能となりました。 + +Ruby 3.3 までは上記の2つのメソッドは名前解決と接続試行をシリアルに実行していました。Happy Eyeballs Version 2 のアルゴリズムでは以下のように実行します。 + +1. IPv6とIPv4の名前解決を同時実行する。 +2. 解決されたIPアドレスへの接続を、IPv6を優先して、250ミリ秒間隔で並行して試みる。 +3. 最初に成功した接続を返し、他の接続はキャンセルする。 + +このアルゴリズムによって、特定のプロトコルや IP アドレスが遅延したり利用できない場合でも、接続遅延を最小限に抑えることが可能となります。 + +この機能は標準で有効になるため、追加の設定は必要ありません。Ruby 全体で無効にしたい場合は環境変数として `RUBY_TCP_NO_FAST_FALLBACK=1` を設定するか、`Socket.tcp_fast_fallback=false` を Ruby プログラムの中で呼び出してください。またはメソッド単位で無効化する場合、`TCPSocket.new` (`TCPSocket.open`) と `Socket.tcp` のキーワード引数として `fast_fallback: false` を利用してください。 + +## YJIT + +### TL;DR + +* x86-64 と arm64 の両方のプラットフォームにおいて、ほとんどのベンチマークのパフォーマンスが向上しました。 +* メタデータの圧縮と統一的なメモリ使用量制限によりメモリ使用量を削減しました。 +* 様々な不具合修正: YJIT はより堅牢になり、より多くの環境でテストされました。 + +### 新機能 + +* コマンドラインオプション + * `--yjit-mem-size` による統一的なメモリ制限が指定可能になりました(デフォルトは 128MiB)。 + このオプションはすべての YJIT のメモリ使用量を監視し、従来の `--yjit-exec-mem-size` オプションよりも直感的に使用できます。 + * `--yjit-log` オプションを用いて、コンパイルログを監視できるようになりました。 +* Ruby API + * `RubyVM::YJIT.log` を用いてコンパイルログの末尾を取得することができるようになりました。 +* YJIT の統計情報 + * `RubyVM::YJIT.runtime_stats` からインバリデーション、インライン化、メタデータエンコーディングに関する追加の統計情報をいつでも取得できるようになりました。 + +### 新しい最適化 + +* コンテキストの圧縮化により YJIT のメタデータ保管に必要なメモリを削減しました。 +* ローカル変数やRubyのメソッドの引数のためにレジスタを割り当てるようになりました。 +* YJIT が有効な場合に Ruby で実装されたコアクラスを使うようになりました。 + * Ruby で書き直された `Array#each`, `Array#select`, `Array#map` はより良いパフォーマンスを提供します。 [[Feature #20182]]. +* 以下のような小さいメソッドをインライン化できるようになりました: + * 空メソッド + * 定数を返すメソッド + * `self` を返すメソッド + * 引数を直接返すメソッド +* 組み込みメソッドに特化したコード生成の対象を広げました +* `String#getbyte`, `String#setbyte` など、String のメソッドの最適化を行いました。 +* 低レベルの bit/byte 操作を高速化するためにビット演算を最適化しました +* マルチ Ractor モードにおける定数共有をサポートしました。 +* その他、様々な段階的な最適化を行いました。 + +## Modular GC + +* Modular GC 機能により Ruby 標準とは異なる ガベージ・コレクタ (GC) の実装を動的にロードすることができるようになりました。この機能を使うには Ruby をビルドする時に `--with-modular-gc` を指定してください。GC ライブラリは環境変数 `RUBY_GC_LIBRARY` を用いて Ruby のランタイムにロードすることができます。[[Feature #20351]] + +* Ruby 組み込みのガベージ・コレクタは `gc/default/default.c` ファイルに分割され、 Ruby ランタイムとのやりとりは `gc/gc_impl.h` に定義される API を用いて行われます。組み込みのガベージコレクタは `make modular-gc MODULAR_GC=default` というコマンドを用いてライブラリとしてもビルドすることができ、環境変数として `RUBY_GC_LIBRARY=default` を定義することで有効にすることができます。 [[Feature #20470]] + +* [MMTk](https://www.mmtk.io/) をベースとした実験的な GC ライブラリが提供されました。このライブラリは`make modular-gc MODULAR_GC=mmtk` コマンドによってビルドし、環境変数 `RUBY_GC_LIBRARY=mmtk` によって有効化します。この機能を使うにはビルドを行うマシンに Rust のビルドツールを必要とします。 [[Feature #20860]] + +## 言語機能の変更 + +* マジックコメント `frozen_string_literal` のないファイル中の文字列リテラルは、freeze されているかのように振る舞うようになり、破壊的な変更時に警告を表示するようになりました。これらの警告はコマンドラインオプション `-W:deprecated` か Ruby プログラムで `Warning[:deprecated] = true` を指定すると表示されます。 +これら無効にするにはコマンドラインオプション `--disable-frozen-string-literal` を追加して Ruby を実行してください。 [[Feature #20205]] + +* メソッド呼び出し時の `nil` 展開キーワードがサポートされました。 + `**nil` は `**{}` と同様に扱われ、キーワードは渡せません。 + また、あらゆる変換のためのメソッドも呼ばれません。[[Bug #20064]] + +* インデックスにブロックを渡せなくなりました。[[Bug #19918]] + +* インデックスにキーワード引数を渡せなくなりました。[[Bug #20218]] + +* トップレベルに `::Ruby` を予約しました。 + `Warning[:deprecated]` が有効な場合、既に定義済みの場合は警告されます。[[Feature #20884]] + +## コアクラスのアップデート + +注: 複数のアップデートの中から注目すべきアップデートのみを掲載しています。 + +* Exception + + * `Exception#set_backtrace` は `Thread::Backtrace::Location` の配列を受け取れる様になりました。. + `Kernel#raise`, `Thread#raise` や `Fiber#raise` も同じ配列を受け取れます。[[Feature #13557]] + +* GC + + * `GC.config` がガベージ・コレクタの設定変更を可能とするために追加されました。[[Feature #20443]] + + * GC の設定用のパラメータとして `rgengc_allow_full_mark` が追加されました。このパラメータを `false` + とすると、GC は young オブジェクトのみを GC 用にマークします。デフォルト値は `true` です。 + [[Feature #20443]] + +* Ractor + + * Ractor の中で `require` が可能となりました。この `require` の処理はメインの Ractor で行われます。 + また、メインの Ractor には `require` 処理のために `Ractor._require(feature)` が追加されました。 + [[Feature #20627]] + + * `Ractor.main?` が追加されました。[[Feature #20627]] + + * 現在実行中の Ractor の Ractor ローカルストレージにアクセスするためのメソッドとして `Ractor.[]` and `Ractor.[]=` が追加されました。 [[Feature #20715]] + + * スレッドセーフに Ractor ローカル変数を初期化するためのメソッド `Ractor.store_if_absent(key){ init }` が追加されました。 [[Feature #20875]] + +* Range + + * `Range#size` は範囲オブジェクトが反復可能ではない場合は `TypeError` 例外を出すようになりました。[[Misc #18984]] + + +## 標準ライブラリのアップデート + +注: 複数のアップデートの中から注目すべき標準ライブラリのアップデートのみを掲載しています。 + +* RubyGems + * `gem push` コマンドに `--attestation` オプションが追加されました。このオプションをつけると [sigstore](https://www.sigstore.dev/) に gem の署名情報が保存されます。 + +* Bundler + * ロックファイルの新規作成時に gem の checksum を保存する `lockfile_checksums` オプションが `bundle config` に設定可能になりました。 + * 既存のロックファイルに使用している gem の checksum を付与するためのコマンドとして `bundle lock --add-checksums` が追加されました。 + +* JSON + + * `JSON.parse` が Ruby 3.3 シリーズに添付されている json-2.7.x と比較して 1.5 倍程度高速になりました。 + +* Tempfile + + * `Tempfile.create` に `anonymous: true` キーワードが追加されました。 + `Tempfile.create(anonymous: true)` は作成した一時ファイルを即座に削除します。この機能を用いることで、アプリケーションは独自にファイル削除を行う必要がなくなります。 [[Feature #20497]] + +* win32/sspi.rb + + * Windows で SSPI 機能を提供するライブラリは Ruby のリポジトリから [ruby/net-http-sspi] に移動しました。 [[Feature #20775]] + +## 互換性に関する変更 + +注: 不具合修正を除きます。 + +* エラーメッセージとして表示するバックトレースを変更しました。 + * 開始の引用符は backtick の代わりにシングルクォートを用いるようになりました。[[Feature #16495]] + * クラス名が変更しないような場合、メソッド名の前にクラス名を表示するようになりました。[[Feature #19117]] + * `Kernel#caller`, `Thread::Backtrace::Location` などのメソッドはそれらに応じて変更されました。 + + ``` + Old: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + New: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +* `Hash#inspect` の表示が変わりました。[[Bug #20433]] + + * Symbol キーはコロンを用いたモダンな表示になりました: `"{user: 1}"` + * 他のキーは従来の `'{"user"=>1}'` とは異なり、 `=>` の前後にスペースを含む表示になりました: `'{"user" => 1}'`。 + +* `Kernel#Float()` は 10 進表記の小数部がなくても受け付けるようになりました。 [[Feature #20705]] + + ```rb + Float("1.") #=> 1.0 (previously, an ArgumentError was raised) + Float("1.E-1") #=> 0.1 (previously, an ArgumentError was raised) + ``` + +* `String#to_f` は 10 進表記の小数部がなくても受け付けるようになりました。指数を指定すると従来とは結果が変わることに注意してください。 [[Feature #20705]] + + ```rb + "1.".to_f #=> 1.0 + "1.E-1".to_f #=> 0.1 (previously, 1.0 was returned) + ``` + +* `Refinement#refined_class` は削除されました。[[Feature #19714]] + +## 標準ライブラリの互換性の変更 + +* DidYouMean + + * `DidYouMean::SPELL_CHECKERS[]=` と `DidYouMean::SPELL_CHECKERS.merge!` は削除されました。 + +* Net::HTTP + + * 2012 年から非推奨とされている以下の定数が削除されました。 + * `Net::HTTP::ProxyMod` + * `Net::NetPrivate::HTTPRequest` + * `Net::HTTPInformationCode` + * `Net::HTTPSuccessCode` + * `Net::HTTPRedirectionCode` + * `Net::HTTPRetriableCode` + * `Net::HTTPClientErrorCode` + * `Net::HTTPFatalErrorCode` + * `Net::HTTPServerErrorCode` + * `Net::HTTPResponseReceiver` + * `Net::HTTPResponceReceiver` + +* Timeout + + * `Timeout.timeout` が負の値を受け付けなくなりました。[[Bug #20795]] + +* URI + + * デフォルトのパーサーが RFC 2396 準拠のものから RFC 3986 準拠のものに変わりました。 [[Bug #19266]] + +## C API のアップデート + +* `rb_newobj` と `rb_newobj_of` (と対応するマクロの `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`) は削除されました。 [[Feature #20265]] +* 非推奨とされていた `rb_gc_force_recycle` は削除されました。 [[Feature #18290]] + +## その他の変更点 + +* 渡されたブロックを使用しないメソッドにブロックを渡すと、verboseモード(`-w`) で警告が表示されるようになりました。[[Feature #15554]] + +* `String.freeze` や `Integer#+` のような JIT とインタプリタによって特別に最適化されたメソッドを再定義すると、performance 警告(`-W:performance` または`Warning[:performance] = true` で有効化)が表示されるようになりました。 [[Feature #20429]] + +より詳細な情報は [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +か [commit logs](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}) を参照してください。 + + +これらの変更により、Ruby 3.3.0から [{{ release.stats.files_changed }} ファイルが変更され、 {{ release.stats.insertions }} 行が追加され、 {{ release.stats.deletions }} 行が削除されました!deletions(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket) + +メリークリスマス、Ruby 3.4 とともによいお年をお迎えください! + +## Download + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## What is Ruby + +Rubyはまつもとゆきひろ (Matz) によって1993年に開発が始められ、今もオープンソースソフトウェアとして開発が続けられています。Rubyは様々なプラットフォームで動き、世界中で、特にWebアプリケーション開発のために使われています。 + + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19266]: https://bugs.ruby-lang.org/issues/19266 +[Feature #19714]: https://bugs.ruby-lang.org/issues/19714 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20351]: https://bugs.ruby-lang.org/issues/20351 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20443]: https://bugs.ruby-lang.org/issues/20443 +[Feature #20470]: https://bugs.ruby-lang.org/issues/20470 +[Feature #20497]: https://bugs.ruby-lang.org/issues/20497 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Bug #20620]: https://bugs.ruby-lang.org/issues/20620 +[Feature #20627]: https://bugs.ruby-lang.org/issues/20627 +[Feature #20705]: https://bugs.ruby-lang.org/issues/20705 +[Feature #20715]: https://bugs.ruby-lang.org/issues/20715 +[Feature #20775]: https://bugs.ruby-lang.org/issues/20775 +[Bug #20795]: https://bugs.ruby-lang.org/issues/20795 +[Bug #20433]: https://bugs.ruby-lang.org/issues/20433 +[Feature #20860]: https://bugs.ruby-lang.org/issues/20860 +[Feature #20875]: https://bugs.ruby-lang.org/issues/20875 +[Feature #20884]: https://bugs.ruby-lang.org/issues/20884 +[sigstore.dev]: sigstore.dev +[ruby/net-http-sspi]: https://github.com/ruby/net-http-sspi diff --git a/ja/news/_posts/2024-12-25-ruby-3-4-1-released.md b/ja/news/_posts/2024-12-25-ruby-3-4-1-released.md new file mode 100644 index 0000000000..2ec93cbb89 --- /dev/null +++ b/ja/news/_posts/2024-12-25-ruby-3-4-1-released.md @@ -0,0 +1,39 @@ +--- +layout: news_post +title: "Ruby 3.4.1 リリース" +author: "naruse" +translator: +date: 2024-12-25 00:00:00 +0000 +lang: ja +--- + +Ruby 3.4.1 がリリースされました。 + +このリリースではバージョン表記を修正しています。 + +詳しくは [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_4_1) を参照してください。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.4.1" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} diff --git a/ja/news/_posts/2025-01-15-ruby-3-3-7-released.md b/ja/news/_posts/2025-01-15-ruby-3-3-7-released.md new file mode 100644 index 0000000000..c2fc2f7647 --- /dev/null +++ b/ja/news/_posts/2025-01-15-ruby-3-3-7-released.md @@ -0,0 +1,43 @@ +--- +layout: news_post +title: "Ruby 3.3.7 リリース" +author: k0kubun +translator: teeta32 +date: 2025-01-15 07:51:59 +0000 +lang: ja +--- + +Ruby 3.3.7 がリリースされました。 + +本リリースはマイナーなバグ修正を含む定期的なアップデートです。 + +詳しくは [GitHub release notes](https://github.com/ruby/ruby/releases/tag/v3_3_7) を参照してください。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.3.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2025-02-04-ruby-3-2-7-released.md b/ja/news/_posts/2025-02-04-ruby-3-2-7-released.md new file mode 100644 index 0000000000..a52bd5db0e --- /dev/null +++ b/ja/news/_posts/2025-02-04-ruby-3-2-7-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 3.2.7 リリース" +author: nagachika +translator: shia +date: 2025-02-04 12:00:00 +0000 +lang: ja +--- + +Ruby 3.2.7 がリリースされました。 + +詳しくは [GitHub release notes](https://github.com/ruby/ruby/releases/tag/v3_2_7) を参照してください。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.2.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 +皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md b/ja/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md new file mode 100644 index 0000000000..d58d494a85 --- /dev/null +++ b/ja/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2025-25186: net-imap gem の DoS の脆弱性" +author: "nevans" +translator: "shia" +date: 2025-02-10 03:00:00 +0000 +tags: security +lang: ja +--- + +net-imap gem に DoS の脆弱性が発見されました。この脆弱性は [CVE-2025-25186](https://www.cve.org/CVERecord?id=CVE-2025-25186) として登録されています。net-imap gem のアップグレードを推奨します。 + +## 詳細 + +悪意のあるサーバーはクライアントの受信スレッドによって自動的に読み取られる高度に圧縮された uid-set データを送信することができます。応答パーサーは、uid-set データを整数の配列に変換するために Range#to_a を使用しますが、範囲の展開サイズに制限がありません。 + +net-imap gem を 0.3.8、0.4.19、0.5.6 またはそれ以降にアップデートしてください。 + +## 影響を受けるバージョン + +* net-imap gem 0.3.2 から 0.3.7 まで、0.4.0 から 0.4.18 まで、または 0.5.0 から 0.5.5 まで + +## クレジット + +* この脆弱性情報は、[manun](https://hackerone.com/manun) 氏によって報告されました。 + +## 更新履歴 + +* 2025-02-10 12:00:00 (JST) 初版 diff --git a/ja/news/_posts/2025-02-14-ruby-3-4-2-released.md b/ja/news/_posts/2025-02-14-ruby-3-4-2-released.md new file mode 100644 index 0000000000..d9000906f4 --- /dev/null +++ b/ja/news/_posts/2025-02-14-ruby-3-4-2-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.4.2 リリース" +author: k0kubun +translator: shia +date: 2025-02-14 21:55:17 +0000 +lang: ja +--- + +Ruby 3.4.2がリリースされました。 + +これは定期的なアップデートであり、バグ修正を含みます。 +詳しくは[GitHub release notes](https://github.com/ruby/ruby/releases/tag/v3_4_2)を参照してください。 + +## リリーススケジュール + +最新の安定版Ruby(現在はRuby 3.4)を2ヶ月おきにリリースする予定です。 +Ruby 3.4.3は4月にリリースされ、3.4.4は6月、3.4.5は8月、3.4.6は10月、3.4.7は12月にリリースされます。 + +多くのユーザーに影響を与えるような変更があった場合、予定よりも早く新しいバージョンをリリースすることがあります。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.4.2" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 +皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2025-02-18-kansai-rubykaigi-registration-is-open.md b/ja/news/_posts/2025-02-18-kansai-rubykaigi-registration-is-open.md new file mode 100644 index 0000000000..3993a0ab20 --- /dev/null +++ b/ja/news/_posts/2025-02-18-kansai-rubykaigi-registration-is-open.md @@ -0,0 +1,26 @@ +--- +layout: news_post +title: "関西Ruby会議08の参加登録が開始されました" +author: "Yudai Takada(@ydah)" +translator: +date: 2025-02-18 14:30:00 +0000 +lang: ja +--- + +日本Rubyの会が後援する、[地域Ruby会議(RegionalRubyKaigi)][1]の1つである[関西Ruby会議08](https://regional.rubykaigi.org/kansai08/)の参加登録が開始されました。 + +* 開催日: 2025年6月28日(土) 10:00 〜 18:00(時刻は変更となる場合があります) +* 会場: [先斗町 歌舞練場](https://maps.app.goo.gl/tf7ucg1ijkSjVjTr9) +* 主催: Ruby関西(るびーかんさい)、Kyoto.rb(きょうとあーるびー)、Kobe.rb(こうべあーるびー)、Kyobashi.rb(きょうばしあーるびー)、Ruby Tuesday(るびーちゅーずでー)、Ruby舞鶴(るびーまいづる)、AKASHI.rb(あかしあーるびー)、Shinosaka.rb(しんおおさかあーるびー)、naniwa.rb(なにわあーるびー) +* 参加費: 無料 +* 公式タグ: [#kanrk08](https://twitter.com/search?q=kanrk08&src=typd&f=realtime) + +## 参加登録 + +Tito にて申し込みを受け付けています。 + +* [イベントサイト](https://regional.rubykaigi.org/kansai08/) +* [参加受付](https://ti.to/kansairubykaigi/08) +* [発表者募集](https://forms.gle/ijBZ6WM63XJ4rdc58) + +[1]: http://regional.rubykaigi.org/ diff --git a/ja/news/_posts/2025-02-26-security-advisories.md b/ja/news/_posts/2025-02-26-security-advisories.md new file mode 100644 index 0000000000..5b4fc34ae1 --- /dev/null +++ b/ja/news/_posts/2025-02-26-security-advisories.md @@ -0,0 +1,70 @@ +--- +layout: news_post +title: "セキュリティアドバイザリ: CVE-2025-27219、CVE-2025-27220、および CVE-2025-27221" +author: "hsbt" +translator: "teeta32" +date: 2025-02-26 07:00:00 +0000 +tags: security +lang: ja +--- + +CVE-2025-27219, CVE-2025-27220 および CVE-2025-27221 のセキュリティアドバイザリが公開されました。詳細は以下をお読みください。 + +## CVE-2025-27219: `CGI::Cookie.parse` におけるDOS脆弱性 + +cgi gem に DoS 脆弱性が発見されました。本脆弱性には [CVE-2025-27219](https://www.cve.org/CVERecord?id=CVE-2025-27219) が割り当てられています。cgi gem のアップグレードを推奨します。 + +### 詳細 + +`CGI::Cookie.parse` に悪意を持って作られたクッキー文字列が与えられると線形を超える時間がかかる場合があります。 + +cgi gem をバージョン 0.3.5.1, 0.3.7, または 0.4.2 以降にアップデートしてください。 + +### 影響を受けるバージョン + +* cgi gem 0.3.5 以前と 0.3.6, 0.4.0 および 0.4.1 + +### クレジット + +本脆弱性は [lio346](https://hackerone.com/lio346) 氏により報告され、[mame](https://github.com/mame) 氏により修正されました。 + +## CVE-2025-27220: `CGI::Util#escapeElement` におけるReDoS脆弱性 + +cgi gem にReDoS脆弱性が発見されました。本脆弱性に CVE ID [CVE-2025-27220](https://www.cve.org/CVERecord?id=CVE-2025-27220) が割り当てられています。cgi gem のアップグレードを推奨します。 + +### 詳細 + +`CGI::Util#escapeElement` で使われる正規表現が ReDoS に対して脆弱です。細工された入力によって CPU が高負荷になる可能性があります。 + +本脆弱性は Ruby 3.1 と 3.2 のみに影響します。Ruby 3.1 または 3.2 を利用している場合は、cgi gem をバージョン 0.3.5.1, 0.3.7, または 0.4.2 以降にアップデートしてください。 + +### 影響を受けるバージョン + +* cgi gem 0.3.5 以前と 0.3.6, 0.4.0 および 0.4.1 + +### クレジット + +本脆弱性は [svalkanov](https://hackerone.com/svalkanov) 氏により報告され、[nobu](https://github.com/nobu) 氏により修正されました。 + +## CVE-2025-27221: `URI#join`, `URI#merge` と `URI#+`. におけるユーザー情報の漏洩 + +uri gem に ユーザー情報の漏洩の可能性が発見されました。本脆弱性に CVE ID [CVE-2025-27221](https://www.cve.org/CVERecord?id=CVE-2025-27221) が割り当てられています。uri gem のアップグレードを推奨します。 + +### 詳細 + +`URI#join`, `URI#merge` と `URI#+` メソッドはホストを変更した後も `user:password` のようなユーザー情報を保持します。これらのメソッドで作成した秘密のユーザー情報を含む URL から悪意のあるホストへの URL を生成し、この生成した URL を使って悪意のあるホストにアクセスすると意図しないユーザー情報の漏洩が起きる可能性があります。 + +uri gem をバージョン 0.11.3, 0.12.4, 0.13.2 または 1.0.3 以降にアップデートしてください。 + +### 影響を受けるバージョン + +* uri gem 0.11.3 よりも前, 0.12.0 から 0.12.3, 0.13.0, 0.13.1 および 1.0.0 から 1.0.2 + +### クレジット + +本脆弱性は [Tsubasa Irisawa (lambdasawa)](https://hackerone.com/lambdasawa) により報告されました。 +また、[nobu](https://github.com/nobu) 氏により本脆弱性の追加の修正がなされました。 + +## 更新履歴 + +* 2025-02-26 16:00:00 (JST) 初版 diff --git a/ja/news/_posts/2025-04-09-ruby-3-3-8-released.md b/ja/news/_posts/2025-04-09-ruby-3-3-8-released.md new file mode 100644 index 0000000000..b2781d2c78 --- /dev/null +++ b/ja/news/_posts/2025-04-09-ruby-3-3-8-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 3.3.8 リリース" +author: nagachika +translator: GaTo-Rfc +date: 2025-04-09 11:00:00 +0000 +lang: ja +--- + +Ruby 3.3.8 がリリースされました。 + +詳しくは [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_3_8) を参照してください。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.3.8" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 +皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2025-04-14-ruby-3-4-3-released.md b/ja/news/_posts/2025-04-14-ruby-3-4-3-released.md new file mode 100644 index 0000000000..57f4fd445c --- /dev/null +++ b/ja/news/_posts/2025-04-14-ruby-3-4-3-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.4.3 リリース" +author: k0kubun +translator: shia +date: 2025-04-14 08:06:57 +0000 +lang: ja +--- + +Ruby 3.4.3がリリースされました。 + +これは定期的なアップデートであり、バグ修正を含みます。 +詳しくは[GitHub release notes](https://github.com/ruby/ruby/releases/tag/v3_4_3)を参照してください。 + +## リリーススケジュール + +最新の安定版Ruby(現在はRuby 3.4)を2ヶ月おきにリリースする予定です。 +Ruby 3.4.4は6月にリリースされ、3.4.5は8月、3.4.6は10月、3.4.7は12月にリリースされます。 + +多くのユーザーに影響を与えるような変更があった場合、予定よりも早く新しいバージョンをリリースすることがあります。 + +## ダウンロード + +{% assign release = site.data.releases | where: "version", "3.4.3" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## リリースコメント + +Ruby 開発者の皆様、バグや脆弱性を報告してくれたユーザーの皆様のご協力により本リリースは行われています。 +皆様のご協力に感謝します。 diff --git a/ja/news/_posts/2025-04-18-ruby-3-5-0-preview1-released.md b/ja/news/_posts/2025-04-18-ruby-3-5-0-preview1-released.md new file mode 100644 index 0000000000..0af36bffb6 --- /dev/null +++ b/ja/news/_posts/2025-04-18-ruby-3-5-0-preview1-released.md @@ -0,0 +1,104 @@ +--- +layout: news_post +title: "Ruby 3.5.0 preview1 リリース" +author: "naruse" +translator: +date: 2025-04-18 00:00:00 +0000 +lang: ja +--- + +{% assign release = site.data.releases | where: "version", "3.5.0-preview1" | first %} +Ruby {{ release.version }} が公開されました。Ruby 3.5では、Unicodeバージョンの15.1.0へのアップデートなど様々な改善が行われています。 + + + +## 言語機能の変更 + + + +* `*nil` no longer calls `nil.to_a`, similar to how `**nil` does + not call `nil.to_hash`. [[Feature #21047]] + +## コアクラスのアップデート + +注: 複数のアップデートの中から注目すべきアップデートのみを掲載しています。 + +* Binding + + * `Binding#local_variables` does no longer include numbered parameters. + Also, `Binding#local_variable_get` and `Binding#local_variable_set` reject to handle numbered parameters. + [[Bug #21049]] + +* IO + + * `IO.select` accepts +Float::INFINITY+ as a timeout argument. + [[Feature #20610]] + +* String + + * Update Unicode to Version 15.1.0 and Emoji Version 15.1. [[Feature #19908]] + (also applies to Regexp) + + +## 標準ライブラリのアップデート + +注: 複数のアップデートの中から注目すべき標準ライブラリのアップデートのみを掲載しています。 + + + +## 互換性に関する変更 + +注: 不具合修正を除きます。 + + + +## 標準ライブラリの互換性の変更 + + + +## C API のアップデート + + + +## その他の変更点 + + + +より詳細な情報は [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +か [commit logs](https://github.com/ruby/ruby/compare/v3_4_0...{{ release.tag }}) を参照してください。 + + +これらの変更により、Ruby 3.4.0から [{{ release.stats.files_changed }} ファイルが変更され、 {{ release.stats.insertions }} 行が追加され、 {{ release.stats.deletions }} 行が削除されました!deletions(-)](https://github.com/ruby/ruby/compare/v3_4_0...{{ release.tag }}#file_bucket) + + +## Download + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## What is Ruby + +Rubyはまつもとゆきひろ (Matz) によって1993年に開発が始められ、今もオープンソースソフトウェアとして開発が続けられています。Rubyは様々なプラットフォームで動き、世界中で、特にWebアプリケーション開発のために使われています。 + +[Feature #21047]: https://bugs.ruby-lang.org/issues/21047 +[Bug #21049]: https://bugs.ruby-lang.org/issues/21049 +[Feature #20610]: https://bugs.ruby-lang.org/issues/20610 +[Feature #19908]: https://bugs.ruby-lang.org/issues/19908 diff --git a/ja/news/_posts/2025-04-28-dos-net-imap-cve-2025-43857.md b/ja/news/_posts/2025-04-28-dos-net-imap-cve-2025-43857.md new file mode 100644 index 0000000000..6bf081166a --- /dev/null +++ b/ja/news/_posts/2025-04-28-dos-net-imap-cve-2025-43857.md @@ -0,0 +1,35 @@ +--- +layout: news_post +title: "CVE-2025-43857: net-imap gem のDoS脆弱性" +author: "nevans" +translator: "kimu805" +date: 2025-04-28 16:02:04 +0000 +tags: security +lang: ja +--- + +net-imap gem に DoS の脆弱性が発見されました。この脆弱性は [CVE-2025-43857] として登録されています。net-imap gem のアップグレードを推奨します。 + +## 詳細 + +悪意のあるサーバーが、リテラルなバイト数を指定して送信すると、クライアントの受信スレッドがそれを自動的に読み取ってしまいます。レスポンスリーダーは、サーバーの応答に示されたバイト数に基づいて即座にメモリを確保します。これは、信頼された正常な動作をするIMAPサーバーに安全に接続している場合には問題になりませんが、安全でない接続や、バグのあるサーバー、信頼されていないサーバー、侵害されたサーバー(例えば、ユーザーが指定したホスト名への接続)では問題となる可能性があります。 + +net-imap gem を バージョン 0.2.5、0.3.9、0.4.20、0.5.7、またはそれ以降に更新してください。 + +信頼できないサーバーに接続する場合や、安全でない接続を使用する場合には、`max_response_size` やレスポンスハンドラを適切に設定して、メモリの消費を制限する必要があります。詳細については [GHSA-j3g3-5qv5-52mj] をご覧ください。 + +## 影響を受けるバージョン + +net-imap gem 0.2.4以前のもの、 0.3.0 から 0.3.8まで、 0.4.0 から 0.4.19まで、 0.5.0 から 0.5.6まで + +## クレジット + +この脆弱性情報は[Masamune]氏によって報告されました。 + +## 更新履歴 + +* 2025-04-29 01:02:04 (JST)初版 + +[CVE-2025-43857]: https://www.cve.org/CVERecord?id=CVE-2025-43857 +[GHSA-j3g3-5qv5-52mj]: https://github.com/ruby/net-imap/security/advisories/GHSA-j3g3-5qv5-52mj +[Masamune]: https://hackerone.com/masamune_ diff --git a/ko/about/website/index.md b/ko/about/website/index.md index 3ac861d030..a3d0d4622f 100644 --- a/ko/about/website/index.md +++ b/ko/about/website/index.md @@ -36,13 +36,37 @@ lang: ko 지원해주신 단체들에게도 감사드립니다. - * [Ruby Association][rubyassociation] (호스트) - * [Ruby no Kai][rubynokai] (빌드 서버) - * [AWS][aws] (호스트) - * [Heroku][heroku] (호스트) - * [Fastly][fastly] (CDN) - * [Hatena][hatena] ([mackerel][mackerel], 서버 모니터링) +[Ruby Association][rubyassociation] (호스팅) +Ruby Association + +[Ruby no Kai][rubynokai] (빌드 서버) + +Ruby no Kai + +[AWS][aws] (호스팅) + +AWS + +[Heroku][heroku] (호스팅) + +Heroku + +[Fastly][fastly] (CDN) + +Fastly + +[Hatena][hatena] ([mackerel][mackerel], 서버 모니터링) + +mackerel + +[Datadog][datadog] (서버 모니터링) + +Datadog + +[1Password][1password] (비밀번호 관리자) + +1password [logo]: /ko/about/logo/ [webmaster]: mailto:webmaster@ruby-lang.org @@ -58,3 +82,5 @@ lang: ko [mackerel]: https://mackerel.io/ [rubynokai]: http://ruby-no-kai.org/ [aws]: https://aws.amazon.com/ +[datadog]: https://www.datadoghq.com/ +[1password]: https://1password.com/ diff --git a/ko/community/conferences/index.md b/ko/community/conferences/index.md index 7f5e1fd5df..07b34faaad 100644 --- a/ko/community/conferences/index.md +++ b/ko/community/conferences/index.md @@ -16,12 +16,8 @@ Ruby에 대한 콘퍼런스 목록입니다. 이곳에서는 행사일, 장소, [RubyConf][1] : 2001부터 매년, [Ruby Central, Inc.][2]에서 국제적인 Ruby 콘퍼런스인 - RubyConf를 개최합니다. 참가자 수는 2001년에서 2006년까지 10배 정도 - 증가했습니다. RubyConf에서는 제작자가 직접 자신의 테크놀로지를 설명하고 - 있습니다. 여기에는 Nathaniel Talbot의 Test Unit, Jim Weirich의 Rake, - David Heinemeier Hansson의 Ruby on Rails, Why the Lucky Stiff의 YAML - 라이브러리, Sasada Koichi의 YARV 등이 있었습니다. Matz도 한번을 - 제외한 전 RubyConf에 참가하고 강연했습니다. + RubyConf를 개최합니다. RubyConf에서는 제작자가 직접 자신의 테크놀로지를 설명하고 + 있습니다. [RubyKaigi][3] : 오다이바에서 개최된 RubyKaigi 2006은 최초의 일본 Ruby 콘퍼런스였습니다. @@ -37,26 +33,11 @@ Ruby에 대한 콘퍼런스 목록입니다. 이곳에서는 행사일, 장소, 한국에서는 아직 정기적인 Ruby 콘퍼런스는 개최되고 있지 않습니다. -### 다른 콘퍼런스에서의 Ruby - -2004년부터 [오라일리 오픈소스 콘퍼런스][10](OSCON)에 Ruby 트랙이 생겼고 매년 -다른 언어의 트랙에 비해 비중이 증가하는 추세입니다. Ruby Central의 -[RailsConf][12], RailsConf Europe (2006년엔 Ruby Central과 -[Skills Matter][14]에 의해 2007년엔 Ruby Central과 오라일리에 의해 공동기획), -Canada on Rails 등등의 많은 콘퍼런스들은 [Ruby on Rails][11]의 헌신 덕분에 -가능했습니다. - - -한국에서는 [대안언어축제](http://www.pnakorea.org/)에서 Ruby를 다루고 있습니다. +[RubyConferences.org][rc]에서는 지역 Ruby 콘퍼런스의 최신 목록을 확인할 수 있습니다. +정보를 추가하거나 업데이트하려면 해당 페이지에서 GitHub 저장소 링크를 찾아볼 수 있습니다. [rc]: http://rubyconferences.org/ [1]: http://rubyconf.org/ -[2]: http://rubycentral.org [3]: http://rubykaigi.org/ [4]: http://euruko.org -[5]: http://www.osdc.com.au/ -[10]: http://conferences.oreillynet.com/os2006/ -[11]: http://www.rubyonrails.org -[12]: http://www.railsconf.org -[14]: http://www.skillsmatter.com diff --git a/ko/community/index.md b/ko/community/index.md index 51a59d1b7e..1e3702fe61 100644 --- a/ko/community/index.md +++ b/ko/community/index.md @@ -39,26 +39,23 @@ Ruby의 장점, 특징에 대한 설명에서 빠지지 않고 등장하는 것 : Ruby 개발 과정에 참여하고 싶다면 바로 지금이 최고의 타이밍입니다. Ruby를 도와주는데 관심이 있으시다면 여기서 시작하세요. -[Ruby에 관한 블로그](weblogs/) -: Ruby 커뮤니티에서 블로그에 관한 이야기를 빼놓을 수 없죠. 여기에 - 구독할 만한 추천 블로그 목록이 있습니다. +[Ruby 블로그와 뉴스레터](weblogs/) +: Ruby 커뮤니티의 대부분의 활동과 업데이트는 블로그와 뉴스레터를 통해 논의됩니다. 다음은 연결 상태를 유지하고 정보를 얻는 데 도움이 되는 엄선된 목록입니다. [Ruby 콘퍼런스](conferences/) : 세계의 Ruby 개발자들은 더욱더 활발하게 콘퍼런스에 참여하고 있습니다. 콘퍼런스에서는 Ruby에서 작업 중인 내용의 공유, Ruby의 미래에 대한 토론, Ruby 커뮤니티의 뉴비의 환영 등을 함께합니다. + 또한 [rubyvideo.dev](https://www.rubyvideo.dev/)를 방문하면 Ruby 컨퍼런스 및 강연 동영상을 확인할 수 있습니다. + [팟캐스트](podcasts/) : Ruby에 대해 듣고 싶다면 다음 Ruby 팟캐스트 중 하나를 들어보세요. 루비스트들이 팟캐스트를 통해 새 릴리스, 커뮤니티 소식, 동료 Ruby 개발자와의 인터뷰를 다룹니다. -일반적인 Ruby 정보(영문) -: * [Ruby Central][ruby-central] - * [Ruby at Open Directory Project][ruby-opendir] - * [Rails at Open Directory Project][rails-opendir] +[Ruby Central][ruby-central] +: Ruby Central은 전 세계의 Ruby 커뮤니티를 지원하는 비영리 단체입니다. [ruby-central]: http://rubycentral.org/ [ruby-discord]: https://discord.gg/ad2acQFtkh -[ruby-opendir]: https://dmoztools.net/Computers/Programming/Languages/Ruby/ -[rails-opendir]: https://dmoztools.net/Computers/Programming/Languages/Ruby/Software/Frameworks/Rails/ diff --git a/ko/community/mailing-lists/index.md b/ko/community/mailing-lists/index.md index 204a0c8ebc..9ebaa99f61 100644 --- a/ko/community/mailing-lists/index.md +++ b/ko/community/mailing-lists/index.md @@ -28,17 +28,17 @@ comp.lang.ruby 뉴스그룹 [comp.lang.ruby](news:comp.lang.ruby) 뉴스그룹에서 체크아웃하세요. ([FAQ][clrFAQ]) ruby-lang.org의 일본어 리스트를 포함한 모든 메일링 리스트에 대해 자세히 알고 -싶다면 [https://ml.ruby-lang.org/mailman3/postorius/lists/](https://ml.ruby-lang.org/mailman3/postorius/lists/)를 참조하세요. +싶다면 [https://ml.ruby-lang.org/mailman3/lists/](https://ml.ruby-lang.org/mailman3/lists/)를 참조하세요. ## 구독과 해지 -[구독과 해지](https://ml.ruby-lang.org/mailman3/postorius/lists/) +[구독과 해지](https://ml.ruby-lang.org/mailman3/lists/) [guidelines]: /en/community/mailing-lists/ruby-talk-guidelines/ [clrFAQ]: http://rubyhacker.com/clrFAQ.html -[3]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-talk@ml.ruby-lang.org/ -[4]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-core@ml.ruby-lang.org/ -[5]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-doc@ml.ruby-lang.org/ +[3]: https://ml.ruby-lang.org/archives/list/ruby-talk@ml.ruby-lang.org/ +[4]: https://ml.ruby-lang.org/archives/list/ruby-core@ml.ruby-lang.org/ +[5]: https://ml.ruby-lang.org/archives/list/ruby-doc@ml.ruby-lang.org/ [rubytalk]: https://rubytalk.org/ diff --git a/ko/community/podcasts/index.md b/ko/community/podcasts/index.md index bdcbf68b67..c043abe4c5 100644 --- a/ko/community/podcasts/index.md +++ b/ko/community/podcasts/index.md @@ -30,6 +30,6 @@ Ruby와 Ruby 커뮤니티에 대한 뉴스, 인터뷰, 토론을 들어보세요 당신의 Ruby 팟캐스트를 시작하고 이 목록에 추가할 수도 있습니다! [rooftop_ruby]: https://www.rooftopruby.com -[remote_ruby]: https://remoteruby.transistor.fm/ +[remote_ruby]: https://www.remoteruby.com [rorpodcast]: https://www.therubyonrailspodcast.com [rogues]: https://rubyrogues.com diff --git a/ko/community/user-groups/index.md b/ko/community/user-groups/index.md index db501dcd5e..ab15f4249d 100644 --- a/ko/community/user-groups/index.md +++ b/ko/community/user-groups/index.md @@ -19,24 +19,25 @@ Ruby 유저 그룹은 전적으로 Ruby에만 전념합니다. 일반적으로 Ruby 유저 그룹에 관한 정보는 여러 웹 사이트에서 얻을 수 있습니다. -[Ruby Meetup Groups][meetup] -: Ruby 유저 그룹의 상당수는 Meetup 사이트를 홈페이지로 합니다. Meetup은 -유저 그룹을 위한 몇 가지 툴을 제공하고 있습니다. 비공개 포럼, 공지를 위한 장소, -자동 리마인더, 훌륭한 RSVP(참석여부 체크) 시스템 등등이 그것이죠. - -[OnRuby][2] -: OnRuby에서도 유저 그룹을 발견할 수 있습니다. OnRuby는 Ruby로 작성한 오픈 소스 - 플랫폼으로, 미트업을 만드는 데 사용할 수 있습니다. 소스는 [GitHub][3]에서 볼 - 수 있습니다. +- [Ruby Meetup Groups on meetup.com][meetup]. Ruby 유저 그룹의 상당수는 + Meetup 사이트를 홈페이지로 삼습니다. Meetup은 유저 그룹을 위한 몇 가지 툴을 + 제공하고 있습니다. 비공개 포럼, 공지를 위한 장소, 자동 리마인더, 훌륭한 + RSVP(참석여부 체크) 시스템 등이 그것이죠. +- [rubyconferences.org/meetups][rc-meetups]는 전 세계의 Ruby 미트업 이벤트 일람을 + 제공합니다. +- Ruby 미트업 주최자들이 모이는 [Google 그룹][meetups-google-group]이 있습니다. +- [OnRuby][onruby] - OnRuby에서도 유저 그룹을 발견할 수 있습니다. OnRuby는 + Ruby로 작성한 오픈 소스 플랫폼으로, 미트업을 만드는 데 사용할 수 있습니다. + 소스는 [GitHub][onruby-github]에서 볼 수 있습니다. ### 직접 그룹을 만들기 직접 그룹을 만들기 원하시면 지역에 Ruby 그룹이 있는지를 먼저 확인하셔야 합니다. -큰 그룹이 보통 더 유익하고 재미있으므로, 그 지역에 다른 Ruby 그룹이있다면 새로 -만드는 것은 최고의 선택은 아닐 것입니다. - - +자신의 그룹을 시작하는 방법에 대한 조언을 구하고 싶다면, +미트업 주최자 그룹을 방문해보세요. [meetup]: https://www.meetup.com/topics/ruby/ -[2]: https://www.onruby.eu/ -[3]: https://github.com/phoet/on_ruby +[onruby]: https://www.onruby.eu/ +[onruby-github]: https://github.com/phoet/on_ruby +[rc-meetups]: https://rubyconferences.org/meetups/ +[meetups-google-group]: https://groups.google.com/g/ruby-meetups diff --git a/ko/community/weblogs/index.md b/ko/community/weblogs/index.md index 8f28c6b32a..c2b88ca4f8 100644 --- a/ko/community/weblogs/index.md +++ b/ko/community/weblogs/index.md @@ -1,15 +1,19 @@ --- layout: page -title: "블로그" +title: "블로그와 뉴스레터" lang: ko --- -Ruby 블로그들은 지난 몇 년간 폭발적으로 많아졌고, 풍부한 읽을거리를 +Ruby 블로그와 뉴스레터는 지난 몇 년간 폭발적으로 많아졌고, 풍부한 읽을거리를 제공합니다. 당신은 수백 개의 블로그에서 제공하는 Ruby 코드조각, -새로운 기술에 대한 설명, Ruby의 미래에 대한 추측 등을 발굴할 수 -있습니다. +새로운 기술에 대한 설명, Ruby의 미래에 대한 추측 등을 발굴할 수 있습니다. {: .summary} +### 뉴스레터 + +* [**Ruby Weekly**][ruby-weekly]는 매주 흥미로운 Ruby 기사나 뉴스를 엄선해 제공하는 뉴스레터입니다. +* [**Short Ruby Newsletter**][short-ruby-newsletter]는 Ruby 커뮤니티의 기사, 토론 및 뉴스를 주간 요약입니다. + ### Ruby 블로그 발굴하기 * [**RubyFlow**][rubyflow]는 'Ruby와 Rails 커뮤니티의 링크 목록'으로 @@ -22,14 +26,14 @@ Ruby 블로그들은 지난 몇 년간 폭발적으로 많아졌고, 풍부한 업데이트 빈도나 속도에 주목할 만한 블로그들 -* [**Ruby Weekly**][ruby-weekly]는 블로그라기보다는 뉴스레터에 가까움에도 - 불구하고, Ruby Weekly는 매주 흥미로운 Ruby 기사나 뉴스를 제공합니다. * [**DEV Ruby Tag**][dev-ruby-tag]는 DEV 커뮤니티에서 Ruby 태그가 붙어있는 모든 글의 모음입니다. DEV는 코드에 대해서 글을 쓰거나 토론하는 수천 명의 개발자들의 모임입니다. -* [**Riding Rails**][riding-rails]는 Ruby on Rails 팀의 공식 그룹 블로그입니다. - Rails를 이용하고 있다면, 이 블로그는 보안 업데이트를 받아 보거나 넓은 Rails 커뮤니티를 - 전망하기에 필수입니다. +* [**Ruby on Rails Blog**][ruby-on-rails-blog]는 Ruby on Rails 팀의 공식 그룹 + 블로그입니다. Rails를 이용하고 있다면 이 블로그는 보안 업데이트 알림과 + 광범위한 Rails 커뮤니티에 대한 전반적인 정보를 얻는 데 필수입니다. +* [**Rails at Scale**][rails-at-scale]에는 Ruby와 Rails의 발전을 위해 + 이루어진 최근 작업에 대해 논의한 게시물이 있습니다. ### 널리 알리기 @@ -43,6 +47,8 @@ Ruby는 [reddit][reddit], [Hacker News][hn]의 프로그래밍 뉴스에서도 [rubyland]: http://rubyland.news/ [ruby-weekly]: https://rubyweekly.com/ [dev-ruby-tag]: https://dev.to/t/ruby -[riding-rails]: http://weblog.rubyonrails.org/ +[ruby-on-rails-blog]: https://rubyonrails.org/blog/ [reddit]: http://www.reddit.com/r/ruby [hn]: http://news.ycombinator.com/ +[short-ruby-newsletter]: https://newsletter.shortruby.com/ +[rails-at-scale]: https://railsatscale.com/ diff --git a/ko/documentation/faq/1/index.md b/ko/documentation/faq/1/index.md index e98913f95c..ac8cfcdd49 100644 --- a/ko/documentation/faq/1/index.md +++ b/ko/documentation/faq/1/index.md @@ -193,7 +193,7 @@ comp.lang.ruby는 2000년 5월에 설립되었습니다. Ruby에 대해 이야기하는 여러 메일링 리스트가 있습니다. 자세한 내용은 [메일링 리스트](/ko/community/mailing-lists/) 페이지를 참조하세요. -를 +를 사용하여 메일링 리스트 아카이브를 검색할 수 있습니다. (이것은 ruby-talk 메일링 리스트의 URL이며, 다른 메일링 리스트를 원하면 변경해서 사용하세요.) diff --git a/ko/documentation/faq/2/index.md b/ko/documentation/faq/2/index.md index e8b5e322be..3f204b4dbe 100644 --- a/ko/documentation/faq/2/index.md +++ b/ko/documentation/faq/2/index.md @@ -55,7 +55,7 @@ Python은 하이브리드 언어입니다. 절차적 프로그래밍을 위한 Ruby는 절차적 언어로 가장할 수 있는 순수한 객체 지향 언어입니다. 함수는 없고 메서드 호출만 있습니다. Ruby 메서드에서 `self`라고도 하는 수신자는 C++의 `this`와 같은 숨겨진 인수입니다. 클래스 정의 밖의 `def` 문은 Python에서는 -함수지만 Ruby에서 실제로는 메서드 호출입니다. 이러한 가짜 함수는 Ruby 클래스 +함수 정의이지만 Ruby에서 실제로는 메서드 정의입니다. 이러한 가짜 함수는 Ruby 클래스 계층 구조의 루트인 Object 클래스의 private 메서드가 됩니다. 절차적 프로그래밍은 다른 방향에서 깔끔하게 해결됩니다. 모든 것이 객체입니다. 사용자가 아직 객체를 이해하지 못했어도 `def`가 함수 정의인 것처럼 동작해서 문제없이 사용할 수 있습니다. diff --git a/ko/documentation/faq/3/index.md b/ko/documentation/faq/3/index.md index e001e4456b..521d2a55ad 100644 --- a/ko/documentation/faq/3/index.md +++ b/ko/documentation/faq/3/index.md @@ -184,7 +184,7 @@ rbcw 버전을 사용하려면 Cygwin의 .dll을 별도로 설치해야 합니 {% include faq-out-of-date.html %} -Windows에 Tk가 올바르게 설치되었나요? 로 +Windows에 Tk가 올바르게 설치되었나요? [https://wiki.tcl-lang.org/page/Binary+Distributions](https://wiki.tcl-lang.org/page/Binary+Distributions#85b8647b1ec80c2fa1698c3c7e76204a944a95db2487347c51773f26b9dad6ae)로 이동하여 해당 운영 체제에 대해 미리 컴파일된 Tcl/Tk 바이너리 배포판을 찾아보세요. 환경 변수 `TCL_LIBRARY` 및 `TK_LIBRARY`가 tcl 및 tk가 포함된 디렉터리를 가리키고 diff --git a/ko/documentation/index.md b/ko/documentation/index.md index 843f3ab17f..eb7345463a 100644 --- a/ko/documentation/index.md +++ b/ko/documentation/index.md @@ -16,31 +16,36 @@ Ruby를 배울 수 있는 매뉴얼과 튜토리얼, 코딩할 때 도움이 되 [Ruby를 브라우저에서 시험해 볼 수도 있지만][1], Ruby를 설치하기 위해서 [설치 설명서](installation/)를 읽어보아도 좋습니다. -### 초보자용 문서 +### 공식 Ruby 문서 -[공식 FAQ](faq/) -: 자주 묻는 질문들을 모았습니다. +[docs.ruby-lang.org/en][docs-rlo]: Ruby 2.1 이후의 모든 버전에 대한 문서 목록입니다. -[Ruby Koans][2] (영문) -: Koans는 Ruby를 배우는 깨달음의 길로 여러분을 안내합니다. Koans의 목표는 - Ruby 언어, 문법, 구조, 일반적인 함수들과 라이브러리를 배우는 것입니다. - Koans에서는 문화도 가르칩니다. +[docs.ruby-lang.org/en/3.4][docs-rlo-3.4]: Ruby 3.4 버전에 대한 문서입니다. -[Why’s (Poignant) Guide to Ruby][5] (영문) -: 이야기, 재치, 만화를 통해 Ruby를 가르쳐주는 틀에 얽매이지 않는 재미있는 - 책입니다. *Why the Lucky Stiff*의 저작물로 Ruby를 배우는 사람을 위한 - 고전입니다. +[docs.ruby-lang.org/en/master][docs-rlo-master]: Ruby의 master 브랜치의 문서입니다. -[Ruby Essentials][7] (영문) -: 간결하고 따라 하기 쉬운 Ruby 가이드를 제공하는 무료 온라인 책입니다. +[C Extension Guide][docs-rlo-extension]: Ruby의 C 확장을 만드는 방법에 대한 상세 가이드입니다. -[Learn to Program][8] (영문) +### 초보자용 문서 + +[Try Ruby][1] +: 브라우저에서 Ruby를 시험해 볼 수 있습니다. + +[Learn to Program][8] : Chris Pine 님이 작성한 초보자를 위한 작고 멋진 튜토리얼입니다. 프로그래밍을 모르신다면 여기서 시작하세요. -[Learn Ruby the Hard Way][38] (영문) -: 아주 기초적인 내용부터 OOP에서 웹 개발까지 다루는 매우 좋은 설명이 - 달린 예제들입니다. +[Ruby in Twenty Minutes][rubyin20] +: 20분 이내에 끝낼 수 있는 작은 Ruby 튜토리얼입니다. + +[The Odin Project][odin] +: 오픈소스 풀스택 커리큘럼입니다. + +[excercism][exercism] +: 자동 분석과 개인 멘토링이 포함된 120개의 연습문제가 제공됩니다. + +[Codecademy][codecademy] +: 다양한 주제를 다루는 온라인 코드 부트캠프입니다. [Ruby For Impatient Nuby][ko-1] : 서민구 님이 작성하신 Ruby 초보자를 위한 튜토리얼입니다. @@ -48,44 +53,94 @@ Ruby를 배울 수 있는 매뉴얼과 튜토리얼, 코딩할 때 도움이 되 [루비 프로그래밍 언어 FAQ][ko-2] : 황대산 님이 정리하신 FAQ입니다. -### 매뉴얼 +### 매뉴얼 / 책 -[Programming Ruby][9] (영문) -: 영어로 된 독창적인 Ruby 책입니다. [Pragmatic Programmers의 책][10] - 1판이 무료로 온라인에 공개되어 있습니다. +#### 초보자 + +[Programming Ruby 3.3][pickaxe] +: 영어로 된 독창적인 Ruby 책입니다. 최근에 Ruby 3.3으로 업데이트되었습니다. -[The Ruby Programming Wikibook][12] (영문) -: 초보자와 중급자를 위한 무료 온라인 매뉴얼과 전 언어 레퍼런스입니다. +[The Well-Grounded Rubyist][grounded] +: 첫 Ruby 프로그램부터 리플렉션, 스레딩, 재귀 등과 같은 고급 주제까지 다루는 튜토리얼입니다. -### 참조 +#### 중급자 -[공식 API 문서][docs-rlo-en] -: 아직 릴리스되지 않은 트렁크를 포함한 여러 Ruby 버전의 공식 API 문서입니다. +[Practical OOD in Ruby (POODR)][poodr] +: 객체지향 코드를 작성하는 방법에 대한 프로그래머의 이야기입니다. -[Ruby 코어 레퍼런스][13] (영문) -: [RDoc][14]을 이용해 소스에서 추출한 레퍼런스입니다. String, Array, - Symbol 등 모든 코어 클래스와 모듈에 대한 문서를 찾아볼 수 있습니다. +#### 전문가 -[Ruby 표준 라이브러리][15] (영문) -: 마찬가지로 RDoc을 이용해 소스에서 추출한 것으로 표준 라이브러리에 - 대한 레퍼런스입니다. +[Metaprogramming][meta] +: 메타 프로그래밍을 실용적인 방식으로 설명합니다. -[Ruby C API 레퍼런스][extensions] (영문) -: Ruby의 공식 C API 문서입니다. - Ruby 개발에 참여하거나, C 확장을 개발할 때 도움이 될 것입니다. +[Ruby Under a Microscope (RUM)][microscope] +: Ruby 내부를 설명하는 그림이 포함된 가이드입니다. -[RubyDoc.info][16] (영문) +### 커뮤니티 문서 + +다음은 Ruby 커뮤니티에 의해 유지되고 있는 문서입니다. + +[RubyDoc.info][16] : Ruby gem과 GitHub에서 호스팅 되는 Ruby 프로젝트의 레퍼런스 문서들을 모아놓은 사이트입니다. -[Ruby & Rails Searchable API Docs][17] (영문) -: 스마트 검색이 가능한 Ruby, Rails 문서입니다. +[Ruby API][40] +: Ruby 클래스, 모듈, 메서드를 편하게 찾고 탐색하세요. -[APIdock][18] (영문) -: 유저의 댓글이 달린 Ruby, Rails, RSpec의 문서입니다. +[ruby-doc.org][39] +: 온라인 API 문서입니다. -[Ruby API][40] (영문) -: Ruby 클래스, 모듈, 메서드를 편하게 찾고 탐색하세요. +[DevDocs.io][40] +: 온라인 API 문서입니다. + +[Ruby QuickRef][42] +: 빠른 Ruby 참조 문서입니다. + +[rubyreferences][43] +: 완전한 언어 레퍼런스와 상세한 언어 변경 로그입니다. + +### 스타일 가이드 + +[rubystyle.guide][44] +: RuboCop의 Ruby 스타일 가이드 + +[RuboCop][45] +: RuboCop의 스타일 가이드를 자동으로 적용합니다. + +[Shopify][46] +: Shopify의 Ruby 스타일 가이드 + +[GitLab][47] +: GitLab의 Ruby 스타일 가이드 + +[Airbnb][48] +: Airbnb의 Ruby 스타일 가이드 + +[w3resource][49] +: W3의 Ruby 스타일 가이드 + +# 도구 + +[IRB][50] +: 대화형 Ruby 셸(Read-Eval-Print-Loop, REPL)입니다. + +[Pry][51] +: 또 다른 Ruby REPL입니다. + +[Rake][52] +: Ruby의 make와 비슷한 빌드 유틸리티입니다. + +[RI][53] +: RI(Ruby Information)는 Ruby의 명령줄 유틸리티로 Ruby 문서에 빠르고 쉽게 접근할 수 있습니다. + +[RBS][54] +: Ruby의 타입 시그니처입니다. + +[TypeProf][55] +: Ruby 코드를 테스트하고 이해하기 위한 실험적인 타입 수준의 Ruby 인터프리터입니다. + +[Steep][56] +: Ruby의 정적 타입 검사기입니다. ### 편집기와 IDE @@ -94,87 +149,108 @@ Ruby를 코딩할 때 운영체제의 기본 편집기를 사용할 수 있습 파일 브라우징 등등) 편집기나 고급 기능(자동완성, 리팩토링, 테스트 지원 등등)이 있는 통합 개발 환경도 생각해 볼 만합니다. -루비스트들이 주로 사용하는 도구들의 목록입니다. - -* Linux, 크로스 플랫폼 - * [Aptana Studio][19] - * [Atom][atom] - * [Emacs][20], [Ruby mode][21], [Rsense][22] - * [Eric][eric] - * [Geany][23] - * [gedit][24] - * [Kate][kate] - * [KDevelop][kdevelop] - * [NetBeans][36] - * [RubyMine][27] - * [SciTe][28] - * [Sublime Text][37] - * [Vim][25], [vim-ruby][26] 플러그인, [Rsense][22] +루비스트가 사용하는 인기 있는 편집기 목록을 +학습 곡선에 따라 나누어 놓았습니다. +* 며칠 안에 익힐 수 있는 편집기 + * [Sublime Text][37] (유료) * [Visual Studio Code][vscode] + * [Zed][zed] +* 몇 개월 정도 걸리는 편집기 + * [RubyMine][27] (유료) +* "몇 년" (즉, 몇 년 동안 새로운 것을 계속 배울 수 있는 에디터) + * [Ruby 모드][21]나 [향상된 Ruby 모드][enh-ruby-mode]를 사용하는 [Emacs][20] + * [vim-ruby][26] 플러그인을 사용하는 [Vim][25] + * [NeoVim][neovim] + +위에서 언급한 모든 편집기는 기본으로 또는 LSP 플러그인을 통해 +언어 서버 프로토콜(LSP)을 지원합니다. Shopify의 [ruby-lsp][ruby-lsp]는 +Ruby를 위한 가장 인기 있는 언어 서버 중 하나이며, +[위에서 언급한 모든 편집기를 지원합니다][ruby-lsp-supported-editors]. -* Windows - * [Notepad++][29] - * [E-TextEditor][30] - * [Ruby In Steel][31] +### 오래된 문서 / 리소스 -* macOS - * [TextMate][32] - * [BBEdit][33] - * [Dash][39] (문서 브라우저) +다음 링크들은 한때 더 주목받았지만 오랫동안 업데이트되지 않았습니다. -### 더 읽을거리 +[Ruby Koans][2] +: Koans는 Ruby를 배우는 깨달음의 길로 여러분을 안내합니다. Koans의 목표는 + Ruby 언어, 문법, 구조, 일반적인 함수들과 라이브러리를 배우는 것입니다. + Koans에서는 문화도 가르칩니다. + +[Ruby Essentials][7] +: 간결하고 따라 하기 쉬운 Ruby 가이드를 제공하는 + 무료 온라인 책입니다. + +[Why’s (Poignant) Guide to Ruby][5] +: 이야기, 재치, 만화를 통해 Ruby를 가르쳐주는 틀에 얽매이지 않는 재미있는 + 책입니다. *Why the Lucky Stiff*의 저작물로 Ruby를 배우는 사람을 위한 + 고전입니다. + +[Learn Ruby the Hard Way][38] +: 아주 기초적인 내용부터 OOP에서 웹 개발까지 다루는 매우 좋은 설명이 + 달린 예제들입니다. + +[Programming Ruby][9] +: 영어로 된 독창적인 Ruby 책입니다. [Pragmatic Programmers의 책][10] + 1판이 무료로 온라인에 공개되어 있습니다. -[Ruby-Doc.org][34]는 Ruby 영문 문서를 포괄적으로 관리하는 사이트입니다. Ruby -[책들][ko-5]도 출판되어 있습니다. Ruby에 -관한 질문이 있다면, [유저 그룹][ko-3]이나 [페이스북 그룹][ko-4]에서 하실 수 있고 -영어가 되신다면 [메일링 리스트](/ko/community/mailing-lists/)를 사용하실 수도 -있습니다. +[The Ruby Programming Wikibook][12] +: 초보자와 중급자를 위한 무료 온라인 매뉴얼과 + 언어 전체 레퍼런스입니다. [1]: https://try.ruby-lang.org/ [2]: https://rubykoans.com/ [5]: https://poignant.guide -[7]: http://www.techotopia.com/index.php/Ruby_Essentials -[8]: http://pine.fm/LearnToProgram/ -[9]: http://www.ruby-doc.org/docs/ProgrammingRuby/ -[10]: http://pragmaticprogrammer.com/titles/ruby/index.html -[12]: http://en.wikibooks.org/wiki/Ruby_programming_language -[13]: http://www.ruby-doc.org/core -[14]: https://ruby.github.io/rdoc/ -[15]: http://www.ruby-doc.org/stdlib -[extensions]: https://docs.ruby-lang.org/en/master/extension_rdoc.html -[16]: http://www.rubydoc.info/ -[17]: http://rubydocs.org/ -[18]: http://apidock.com/ -[19]: http://www.aptana.com/ -[20]: http://www.gnu.org/software/emacs/ -[21]: http://www.emacswiki.org/emacs/RubyMode -[22]: http://rsense.github.io/ -[23]: http://www.geany.org/ -[24]: http://projects.gnome.org/gedit/screenshots.html -[25]: http://www.vim.org/ +[7]: https://www.techotopia.com/index.php/Ruby_Essentials +[8]: https://pine.fm/LearnToProgram/ +[9]: https://www.ruby-doc.org/docs/ProgrammingRuby/ +[10]: https://pragprog.com/titles/ruby5/programming-ruby-3-3-5th-edition/ +[12]: https://en.wikibooks.org/wiki/Ruby_programming_language +[16]: https://www.rubydoc.info/ +[20]: https://www.gnu.org/software/emacs/ +[21]: https://www.emacswiki.org/emacs/RubyMode +[25]: https://www.vim.org/ [26]: https://github.com/vim-ruby/vim-ruby -[27]: http://www.jetbrains.com/ruby/ -[28]: http://www.scintilla.org/SciTE.html -[29]: http://notepad-plus-plus.org/ -[30]: http://www.e-texteditor.com/ -[31]: http://www.sapphiresteel.com/ -[32]: http://macromates.com/ -[33]: https://www.barebones.com/products/bbedit/ -[34]: http://ruby-doc.org -[36]: https://netbeans.org/ -[37]: http://www.sublimetext.com/ +[27]: https://www.jetbrains.com/ruby/ +[34]: https://ruby-doc.org/ +[37]: https://www.sublimetext.com/ [38]: https://learncodethehardway.org/ruby/ -[39]: http://kapeli.com/dash -[40]: https://rubyapi.org/ -[docs-rlo-en]: https://docs.ruby-lang.org/en/ -[atom]: https://atom.io/ -[vscode]: https://code.visualstudio.com/ -[eric]: https://eric-ide.python-projects.org/ -[kdevelop]: https://www.kdevelop.org/ -[kate]: https://kate-editor.org/ +[39]: https://www.ruby-doc.org/ +[40]: https://devdocs.io/ruby/ +[42]: https://www.zenspider.com/ruby/quickref.html +[43]: https://rubyreferences.github.io/ +[44]: https://rubystyle.guide/ +[45]: https://github.com/rubocop/ruby-style-guide +[46]: https://ruby-style-guide.shopify.dev/ +[47]: https://docs.gitlab.com/ee/development/backend/ruby_style_guide.html +[48]: https://github.com/airbnb/ruby +[49]: https://www.w3resource.com/ruby/ruby-style-guide.php +[50]: https://github.com/ruby/irb +[51]: https://github.com/pry/pry +[52]: https://github.com/ruby/rake +[53]: https://ruby.github.io/rdoc/RI_md.html +[54]: https://github.com/ruby/rbs +[55]: https://github.com/ruby/typeprof +[56]: https://github.com/soutaro/steep +[codecademy]: https://www.codecademy.com/learn/learn-ruby +[docs-rlo]: https://docs.ruby-lang.org/en +[docs-rlo-3.4]: https://docs.ruby-lang.org/en/3.4 +[docs-rlo-master]: https://docs.ruby-lang.org/en/master +[docs-rlo-extension]: https://docs.ruby-lang.org/en/master/extension_rdoc.html +[enh-ruby-mode]: https://github.com/zenspider/enhanced-ruby-mode/ +[exercism]: https://exercism.org/tracks/ruby +[grounded]: https://www.manning.com/books/the-well-grounded-rubyist-third-edition +[meta]: https://pragprog.com/titles/ppmetr2/metaprogramming-ruby-2/ +[microscope]: https://patshaughnessy.net/ruby-under-a-microscope +[neovim]: https://neovim.io/ +[odin]: https://www.theodinproject.com/paths/full-stack-ruby-on-rails/courses/ruby +[pickaxe]: https://pragprog.com/titles/ruby5/programming-ruby-3-3-5th-edition/ +[poodr]: https://www.poodr.com/ +[ruby-lsp]: https://github.com/Shopify/ruby-lsp +[ruby-lsp-supported-editors]: https://shopify.github.io/ruby-lsp/editors.html +[rubyapi-org]: https://rubyapi.org/ +[rubyin20]: https://www.ruby-lang.org/ko/documentation/quickstart/ +[vscode]: https://code.visualstudio.com/docs/languages/ruby +[zed]: https://zed.dev/ [ko-1]: https://docs.google.com/document/d/15yEpi2ZMB2Lld5lA1TANt13SJ_cKygP314cqyKhELwQ/preview [ko-2]: https://web.archive.org/web/20190521035426/http://beyond.daesan.com/pages/ruby-faq -[ko-3]: https://groups.google.com/forum/#!forum/rubykr -[ko-4]: https://www.facebook.com/groups/rubykr/ -[ko-5]: http://ruby-korea.github.io/#book diff --git a/ko/documentation/installation/index.md b/ko/documentation/installation/index.md index 56cd89788f..8c4982926e 100644 --- a/ko/documentation/installation/index.md +++ b/ko/documentation/installation/index.md @@ -4,8 +4,8 @@ title: "Ruby 설치하기" lang: ko --- -Ruby를 설치하고 관리할 수 있는 다양한 패키지 관리 시스템들과 서드파티 도구들이 있습니다. - +Ruby를 설치하고 관리할 수 있는 다양한 패키지 관리 시스템들과 +서드파티 도구들이 있습니다. {: .summary} 컴퓨터에 이미 Ruby가 설치되어 있을 수도 있습니다. @@ -55,8 +55,11 @@ Windows 10을 사용 중이라면 [Windows Subsystem for Linux][wsl]를 사용 * [RubyInstaller](#rubyinstaller) (Windows) * [Ruby Stack](#rubystack) * [관리자](#managers) + * [asdf-vm](#asdf-vm) * [chruby](#chruby) + * [mise-en-place](#mise-en-place) * [rbenv](#rbenv) + * [rbenv for Windows](#rbenv-for-windows) * [RVM](#rvm) * [uru](#uru) * [소스에서 빌드하기](#building-from-source) @@ -71,10 +74,12 @@ Ruby를 설치하기 위해 자신의 시스템의 패키지 관리자를 사용 Ruby 커뮤니티의 일부 회원들은 Ruby를 설치할 때 패키지 관리자를 사용하지 말아야 하고, 대신 도구를 사용해야 한다고 느끼고 있습니다. -대부분의 패키지 관리자들은 오래된 버전의 Ruby를 설치합니다. -최신의 Ruby를 사용하고자 한다면, 패키지의 버전 번호가 올바른지 확인하거나 +대부분의 패키지 관리자들은 최근 릴리스 대신 +오래된 버전의 Ruby를 설치합니다. 최신 버전의 Ruby를 사용하고자 한다면, +패키지의 버전 번호가 올바른지 확인하거나 특정 [인스톨러][installers]를 사용하세요. + ### apt (Debian이나 Ubuntu) {: #apt} @@ -85,6 +90,7 @@ Debian GNU/Linux와 Ubuntu는 apt 패키지 관리 시스템을 사용합니다. $ sudo apt-get install ruby-full {% endhighlight %} + ### yum (CentOS, Fedora, RHEL) {: #yum} @@ -95,20 +101,24 @@ CentOS, Fedora, RHEL은 yum 패키지 관리 시스템을 사용합니다. $ sudo yum install ruby {% endhighlight %} -설치된 버전은 보통 그 특정 배포 버전 릴리스 시기의 최신 버전의 Ruby입니다. +설치된 버전은 보통 그 특정 배포 버전 릴리스 시기의 +최신 버전의 Ruby입니다. ### snap (Ubuntu나 다른 리눅스 배포판) {: #snap} -Snap은 Canonical에 의해 개발된 패키지 매니저입니다. 이는 Ubuntu에서 바로 사용 가능합니다만, 다른 리눅스 배포판에서도 동작합니다. +Snap은 Canonical에 의해 개발된 패키지 매니저입니다. +이는 Ubuntu에서 바로 사용 가능합니다만, +다른 리눅스 배포판에서도 동작합니다. 다음과 같이 사용할 수 있습니다. {% highlight sh %} $ sudo snap install ruby --classic {% endhighlight %} -Ruby의 마이너 시리즈를 위한 채널을 제공합니다. 예를 들어, 다음 명령은 Ruby 2.3으로 변경할 수 있게 해줍니다. +Ruby의 마이너 시리즈를 위한 채널을 제공합니다. +예를 들어, 다음 명령은 Ruby 2.3으로 변경할 수 있게 해줍니다. {% highlight sh %} $ sudo snap switch ruby --channel=2.3/stable @@ -145,7 +155,8 @@ $ sudo pacman -S ruby ### Homebrew (macOS) {: #homebrew} -엘 캐피탄(10.11)부터 모하비(10.14)까지의 macOS 릴리스에서는 Ruby 2.0 이상이 포함되어 있습니다. +엘 캐피탄(10.11)부터 macOS 릴리스에서는 +Ruby 2.0 이상이 포함되어 있습니다. [Homebrew][homebrew]는 macOS에서 일반적으로 사용되는 패키지 관리자입니다. Homebrew를 사용해 새로운 버전의 Ruby를 설치하는 것은 쉽습니다. @@ -167,8 +178,9 @@ pkg를 이용하여 패키지를 설치할 수 있습니다: $ pkg install ruby {% endhighlight %} -[포트 컬렉션][freebsd-ports-collection]을 사용하여 Ruby를 소스로부터 설치 -할 수 있습니다. 이는 설치 설정을 변경하고 싶을 때 유용합니다. +[포트 컬렉션][freebsd-ports-collection]을 사용하여 Ruby를 소스로부터 +설치 할 수 있습니다. 이는 설치 설정을 변경하고 싶을 때 +유용합니다. FreeBSD 상의 Ruby와 그 환경에 대해서 더 자세한 정보는 [FreeBSD Ruby Project 웹사이트][freebsd-ruby]에서 얻을 수 있습니다. @@ -177,8 +189,9 @@ FreeBSD 상의 Ruby와 그 환경에 대해서 더 자세한 정보는 ### OpenBSD {: #openbsd} -OpenBSD와 그 배포판인 adJ에는 3개의 Ruby 메이저 버전의 패키지가 있습니다. -다음 명령을 통해 설치 가능한 버전을 확인하고 설치할 수 있습니다. +OpenBSD와 그 배포판인 adJ에는 3개의 Ruby 메이저 버전의 패키지가 +있습니다. 다음 명령을 통해 설치 가능한 버전을 확인하고 +설치할 수 있습니다. {% highlight sh %} $ doas pkg_add ruby @@ -189,7 +202,8 @@ $ doas pkg_add ruby 가장 최신의 Ruby 버전이 릴리스된 며칠 후면 OpenBSD 포트 컬렉션의 `HEAD` 브랜치에 이 플랫폼을 위한 Ruby 버전이 추가되어 있을 것입니다. -[가장 최신의 포트 컬렉션의 lang/ruby 디렉터리][openbsd-current-ruby-ports]를 확인하세요. +[가장 최신의 포트 컬렉션의 lang/ruby 디렉터리][openbsd-current-ruby-ports]를 +확인하세요. ### OpenIndiana에서의 Ruby @@ -204,7 +218,8 @@ Ruby 바이너리와 RubyGems를 직접 받아 설치합니다. 아주 쉽습니 $ pkg install runtime/ruby {% endhighlight %} -하지만, 서드파티 도구를 사용하는 것이 최신 버전의 Ruby를 얻는 더 좋은 방법입니다. +하지만, 서드파티 도구를 사용하는 것이 최신 버전의 Ruby를 얻는 +더 좋은 방법입니다. ### Windows 패키지 관리자 {: #winget} @@ -232,13 +247,14 @@ Windows에서 [Windows 패키지 관리자 CLI](https://github.com/microsoft/win > choco install ruby {% endhighlight %} -`msys2`가 이미 설치되어 있다면 이를 그대로 사용하고, 아니면 완전한 Ruby 개발 -환경을 위해서 새로 설치합니다. +`msys2`가 이미 설치되어 있다면 이를 그대로 사용하고, 아니면 완전한 Ruby 개발 환경을 위해서 새로 설치합니다. ### 다른 배포판 +{: #other-systems} -다른 시스템에서는 자신의 Linux 배포 관리자를 위한 패키지 저장소를 검색할 수 있습니다. -아니면 [서드파티 인스톨러][installers]를 사용할 수도 있습니다. +다른 시스템에서는 자신의 Linux 배포 관리자를 위한 패키지 저장소를 +검색할 수 있습니다. 아니면 [서드파티 인스톨러][installers]를 +사용할 수도 있습니다. ## 인스톨러 @@ -247,8 +263,9 @@ Windows에서 [Windows 패키지 관리자 CLI](https://github.com/microsoft/win 시스템이나 패키지 관리자에서 제공하는 Ruby가 구 버전이라면, 서드 파티 인스톨러를 사용해 새로운 버전의 Ruby를 설치할 수 있습니다. -어떤 인스톨러는 여러 버전의 Ruby를 같은 시스템에 설치하게 합니다. -관련된 관리자는 다른 Ruby 간의 전환을 도와줍니다. +어떤 인스톨러는 여러 버전의 Ruby를 같은 시스템에 설치하게 +합니다. 관련된 관리자는 다른 Ruby 간의 전환을 +도와줍니다. [RVM](#rvm)을 버전 관리자로 사용할 계획이라면 포함되어 있으므로 별도의 인스톨러는 필요 없습니다. @@ -284,26 +301,30 @@ Windows에서는 [RubyInstaller][rubyinstaller]는 전체 Ruby 개발 환경을 ### Ruby Stack {: #rubystack} -Ruby on Rails를 사용하기 위해 Ruby를 설치하신다면 다음 인스톨러를 사용할 수 있습니다. +Ruby on Rails를 사용하기 위해 Ruby를 설치하신다면 다음 인스톨러를 +사용할 수 있습니다. -* [Bitnami Ruby Stack][rubystack]는 Ruby on Rails를 위한 완전한 개발환경을 제공합니다. +* [Bitnami Ruby Stack][rubystack]는 Ruby on Rails를 위한 + 완전한 개발환경을 제공합니다. macOS, Linux, Windows, 가상 머신, 클라우드 이미지를 지원합니다. ## 관리자 +{: #managers} 많은 루비스트들이 여러 버전의 Ruby를 관리하기 위해 Ruby 관리자를 사용합니다. 각 프로젝트에서 서로 다른 Ruby 버전을 사용할 수 있도록 간단하게 또는 자동으로 버전을 변경해주며 그 이외의 장점들이 있지만, 공식적으로 지원되는 것은 아닙니다. 하지만, 각각의 커뮤니티에서 도움을 구할 수 있습니다. -### asdf-vm +### asdf-vm {: #asdf-vm} -[asdf-vm][asdf-vm]은 프로젝트 단위로 여러 언어 런타임 버전을 관리할 수 있는 -확장 가능한 버전 관리자입니다. Ruby를 설치하려면 [asdf-ruby][asdf-ruby] -플러그인이 필요합니다(이는 [ruby-build](#ruby-build)를 사용합니다). +[asdf-vm][asdf-vm]은 프로젝트 단위로 여러 언어 런타임 버전을 +관리할 수 있는 확장 가능한 버전 관리자입니다. Ruby를 설치하려면 +[asdf-ruby][asdf-ruby] 플러그인이 필요합니다(이는 [ruby-build](#ruby-build)를 +사용합니다). ### chruby @@ -314,30 +335,50 @@ chruby는 [ruby-install](#ruby-install)로 설치된 Ruby뿐만 아니라 소스에서 빌드 된 Ruby도 관리할 수 있습니다. +### mise-en-place +{: #mise-en-place} + +[mise-en-place][mise-en-place]는 추가 도구 없이 여러 Ruby 간의 전환을 할 수 있게 합니다. +설치를 자동으로 관리하며 Ruby로 작성된 CLI의 버전을 관리하기 위한 [gem 백엔드](https://mise.jdx.dev/dev-tools/backends/gem.html)를 포함합니다. +UNIX 계열 운영체제와 Windows를 지원합니다. + + ### rbenv {: #rbenv} -[rbenv][rbenv]는 여러 종류의 Ruby를 설치할 수 있게 합니다. +[rbenv][rbenv]는 여러 버전의 Ruby를 설치할 수 있게 합니다. rbenv 자체는 Ruby 설치를 지원하지 않습니다만, [ruby-build](#ruby-build)라는 유명한 플러그인에서 Ruby를 설치할 수 있습니다. rbenv, ruby-build 모두 macOS, Linux나 다른 UNIX-계열 운영체제에서 사용가능합니다. + ### rbenv for Windows {: #rbenv-for-windows} -[rbenv for Windows][rbenv-for-windows]는 Windows에서 여러 종류의 Ruby를 설치하고 -관리할 수 있도록 합니다. 이는 PowerShell로 작성되었으므로 Windows에서 Ruby를 -이용하는 사용자들에게 자연스러운 수단을 제공합니다. 또한 커맨드 라인 인터페이스는 -UNIX-계열 운영체제의 [rbenv][rbenv]와 호환됩니다. +[rbenv for Windows][rbenv-for-windows]는 Windows에서 여러 버전의 Ruby를 +설치하고 관리할 수 있도록 합니다. 이는 PowerShell로 작성되었으므로 +Windows에서 Ruby를 이용하는 사용자들에게 자연스러운 수단을 제공합니다. +또한 커맨드 라인 인터페이스는 UNIX 계열 +운영체제의 [rbenv][rbenv]와 호환됩니다. + ### RVM ("Ruby Version Manager") {: #rvm} -[RVM][rvm]은 시스템에 여러 종류의 Ruby를 설치하고 관리할 수 있게 해줍니다. +[RVM][rvm]은 시스템에 여러 버전의 Ruby를 설치하고 관리할 수 있게 해줍니다. RVM은 다른 gemset도 관리해 줍니다. macOS, Linux나 다른 UNIX-계열 운영체제에서만 사용 가능합니다. +### RVM 4 Windows +{: #rvm-windows} + +[RVM 4 Windows][rvm-windows]는 Windows에서 여러 버전의 Ruby를 설치하고 +관리할 수 있게 해줍니다. 이는 오리지널 RVM의 복제로, 오리지널 RVM과 +동일한 커맨드 라인 인터페이스를 제공하며, 기존 커맨드 라인 인터페이스와 +PowerShell을 모두 지원합니다. + + ### uru {: #uru} @@ -368,8 +409,9 @@ $ sudo make install [rvm]: http://rvm.io/ +[rvm-windows]: https://github.com/magynhard/rvm-windows#readme [rbenv]: https://github.com/rbenv/rbenv#readme -[rbenv-for-windows]: https://github.com/ccmywish/rbenv-for-windows#readme +[rbenv-for-windows]: https://github.com/RubyMetric/rbenv-for-windows#readme [ruby-build]: https://github.com/rbenv/ruby-build#readme [ruby-install]: https://github.com/postmodern/ruby-install#readme [chruby]: https://github.com/postmodern/chruby#readme @@ -388,4 +430,6 @@ $ sudo make install [wsl]: https://docs.microsoft.com/ko-kr/windows/wsl/about [asdf-vm]: https://asdf-vm.com/ [asdf-ruby]: https://github.com/asdf-vm/asdf-ruby +[mise-en-place]: https://mise.jdx.dev +[mise-en-place-ruby]: https://mise.jdx.dev/lang/ruby.html [openbsd-current-ruby-ports]: https://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/lang/ruby/?only_with_tag=HEAD diff --git a/ko/documentation/quickstart/2/index.md b/ko/documentation/quickstart/2/index.md index 434771da22..a8b304bd20 100644 --- a/ko/documentation/quickstart/2/index.md +++ b/ko/documentation/quickstart/2/index.md @@ -65,7 +65,7 @@ Hello Matz! ## 문자열의 중간에 자리를 잡아두기 -`#\{name}` 부분은 무엇이냐구요? Ruby에서 문자열 중간에 무엇을 삽입하는 방법입니다. +`#{name}` 부분은 무엇이냐구요? Ruby에서 문자열 중간에 무엇을 삽입하는 방법입니다. 중괄호 사이의 부분이 문자열로 변환되어 (이미 문자열이 아니라면) 전체 문자열의 그 지점에 삽입되는 것이지요. 사람 이름의 첫 글자를 대문자로 만들어주는 것도 가능합니다. diff --git a/ko/documentation/quickstart/3/index.md b/ko/documentation/quickstart/3/index.md index 0b63154ba3..2c25561c55 100644 --- a/ko/documentation/quickstart/3/index.md +++ b/ko/documentation/quickstart/3/index.md @@ -94,7 +94,7 @@ Ruby는 객체 변수를 접근하게 해주는 편리한 방법을 제공하고 irb(main):044:0> class Greeter irb(main):045:1> attr_accessor :name irb(main):046:1> end -=> nil +=> [:name, :name=] {% endhighlight %} Ruby에서는 클래스를 언제나 열어서 정의를 변경할 수 있습니다. diff --git a/ko/documentation/quickstart/4/index.md b/ko/documentation/quickstart/4/index.md index f951d5bdaf..6295c7ad73 100644 --- a/ko/documentation/quickstart/4/index.md +++ b/ko/documentation/quickstart/4/index.md @@ -64,7 +64,7 @@ end 매개 변수입니다. 여기서 일어나고 있는 것은 리스트의 각 원소가 `name` 변수에 넘겨져서, 그 `name`을 -가지고 `puts “Hello#\{name}!”` 코드가 실행되고 있는 거랍니다. +가지고 `puts "Hello #{name}!"` 코드가 실행되고 있는 거랍니다. 대부분의 다른 프로그래밍 언어에서는 보통 `for` 반복문을 사용해서 리스트의 내용물을 처리하게 되지요. C 코드로는 다음과 같겠죠. diff --git a/ko/libraries/index.md b/ko/libraries/index.md index 2e6b7eacf5..c63d0cab53 100644 --- a/ko/libraries/index.md +++ b/ko/libraries/index.md @@ -35,15 +35,15 @@ list`를 사용합니다. 좀 더 정보가 필요하시면 아래 내용을 좀 소스코드는 GitHub에서 볼 수 있습니다. [**The Ruby Toolbox**][6]는 오픈소스이며 Ruby 프로젝트를 검색하기 쉽게 하기 위한 -프로젝트입니다. 다양한 종류의 일반적인 개발 작업을 카테고리로 릴리스나 커밋의 -활발함, 라이브러리의 의존관계 등 각 프로젝트의 다양한 정보를 모았습니다. 또 RubyGems.org와 -GitHub의 인기를 바탕으로 프로젝트의 순위를 매깁니다. 검색을 하면 원하는 것을 쉽게 찾으실 -수 있을 것입니다. +프로젝트입니다. 다양한 개발 작업을 위한 카테고리를 가지고 있으며, +릴리스, 커밋 활동 혹은 의존성과 같이 프로젝트에 관한 많은 정보를 수집합니다. +또한 RubyGems.org와 GitHub에서의 인기도를 기반으로 프로젝트를 평가합니다. +검색을 통해 웹 프레임워크, 문서화 도구, 코드 품질 라이브러리 등 문제 해결을 위한 gem을 쉽게 찾으실 수 있을 것입니다. ### RubyGems에 대한 보충 설명 -많이 쓰이는 `gem` 명령어를 가볍게 보시려면, 이 패키지 관리시스템의 전반에 -대한 [좀 더 자세한 문서][7]도 있습니다. +다음은 일상적인 사용을 위한 `gem` 명령어에 대한 간략한 리뷰입니다. +이 패키징 시스템의 모든 기능을 다루는 [더 상세한 문서][7]도 있습니다. #### gem 찾기 @@ -71,7 +71,7 @@ gem을 설치하려면 **install** 명령을 사용하면 됩니다. 예를 들 $ gem install rails {% endhighlight %} -`--version` / `-v` 플래그를 이용하면 특정 버전을 지칭해서 설치할 수도 있습니다. +`--version` / `-v` 플래그를 이용하면 특정 버전을 지정해서 설치할 수도 있습니다. {% highlight sh %} $ gem install rails --version 5.0 diff --git a/ko/news/_posts/2001-07-10-removed-language-comparison-page.md b/ko/news/_posts/2001-07-10-removed-language-comparison-page.md index 69a0af6520..911c7d4b90 100644 --- a/ko/news/_posts/2001-07-10-removed-language-comparison-page.md +++ b/ko/news/_posts/2001-07-10-removed-language-comparison-page.md @@ -5,7 +5,7 @@ author: "NaHi" lang: ko --- -Matz desided to remove the page. +Matz decided to remove the page. diff --git a/ko/news/_posts/2002-03-01-167-is-released.md b/ko/news/_posts/2002-03-01-167-is-released.md index 878cc3b5b2..eccd3f850e 100644 --- a/ko/news/_posts/2002-03-01-167-is-released.md +++ b/ko/news/_posts/2002-03-01-167-is-released.md @@ -9,4 +9,4 @@ The new stable version [1.6.7][1] is released. -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.6.7.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.6/ruby-1.6.7.tar.gz diff --git a/ko/news/_posts/2002-12-24-ruby-1-6-8-and-1-8-0-preview-1.md b/ko/news/_posts/2002-12-24-ruby-1-6-8-and-1-8-0-preview-1.md index 9d2579b2b9..1b95b4b2d0 100644 --- a/ko/news/_posts/2002-12-24-ruby-1-6-8-and-1-8-0-preview-1.md +++ b/ko/news/_posts/2002-12-24-ruby-1-6-8-and-1-8-0-preview-1.md @@ -8,7 +8,7 @@ lang: ko I just put the 1.6.8 release package on the ftp. 1.6.8 should be the last release in the 1.6.x series. Check out -* [https://cache.ruby-lang.org/pub/ruby/ruby-1.6.8.tar.gz][1] +* [https://cache.ruby-lang.org/pub/ruby/1.6/ruby-1.6.8.tar.gz][1] I also put the first preview of 1.8.0 at @@ -19,6 +19,6 @@ Merry Christmas! -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.6.8.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.6/ruby-1.6.8.tar.gz [2]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.0-preview1.tar.gz [3]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.0-preview1-errata.diff diff --git a/ko/news/_posts/2003-02-24-happy-birthday-ruby.md b/ko/news/_posts/2003-02-24-happy-birthday-ruby.md index d134adec62..f0bba365c9 100644 --- a/ko/news/_posts/2003-02-24-happy-birthday-ruby.md +++ b/ko/news/_posts/2003-02-24-happy-birthday-ruby.md @@ -11,7 +11,7 @@ lang: ko > Today, February 24, 2003, is Ruby’s 10th birthday. Happy Birthday, > Ruby! And congratz to Matz! -dblack also annouces the new non-profit organization [Ruby Central, +dblack also announces the new non-profit organization [Ruby Central, Inc][1] and RubyConf 2003!. See [\[ruby-talk:65632\]][2]. diff --git a/ko/news/_posts/2004-12-26-ruby-182-released.md b/ko/news/_posts/2004-12-26-ruby-182-released.md index 56753b5847..ef315a32af 100644 --- a/ko/news/_posts/2004-12-26-ruby-182-released.md +++ b/ko/news/_posts/2004-12-26-ruby-182-released.md @@ -11,7 +11,7 @@ Matz announced that ruby 1.8.2 was released This is mainly a bug fix release. You can download it at: -* [https://cache.ruby-lang.org/pub/ruby/ruby-1.8.2.tar.gz][1] +* [https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.2.tar.gz][1] md5sum is 8ffc79d96f336b80f2690a17601dea9b @@ -19,4 +19,4 @@ Merry Christmas! -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.2.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.2.tar.gz diff --git a/ko/news/_posts/2005-09-21-ruby-183-released.md b/ko/news/_posts/2005-09-21-ruby-183-released.md index e6d638121f..b086ee3c28 100644 --- a/ko/news/_posts/2005-09-21-ruby-183-released.md +++ b/ko/news/_posts/2005-09-21-ruby-183-released.md @@ -10,4 +10,4 @@ Ruby 1.8.3 has been released. The source is [here][1], and the md5sum is -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.3.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.3.tar.gz diff --git a/ko/news/_posts/2005-12-24-ruby-184-released.md b/ko/news/_posts/2005-12-24-ruby-184-released.md index 7e35b0fb8e..ce13c3a2de 100644 --- a/ko/news/_posts/2005-12-24-ruby-184-released.md +++ b/ko/news/_posts/2005-12-24-ruby-184-released.md @@ -6,9 +6,9 @@ lang: ko --- Ruby 1.8.4 has been released. The source is -[https://cache.ruby-lang.org/pub/ruby/ruby-1.8.4.tar.gz][1], the md5sum is +[https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.4.tar.gz][1], the md5sum is bd8c2e593e1fa4b01fd98eaf016329bb, and filesize is 4,312,965 bytes. -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.4.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.4.tar.gz diff --git a/ko/news/_posts/2006-09-17-ruby-1-8-5-released.md b/ko/news/_posts/2006-09-17-ruby-1-8-5-released.md index 7cd55656f3..404f853daa 100644 --- a/ko/news/_posts/2006-09-17-ruby-1-8-5-released.md +++ b/ko/news/_posts/2006-09-17-ruby-1-8-5-released.md @@ -7,7 +7,7 @@ lang: ko 루비 1.8.5 버전이 배포되었습니다. -소스 코드는 [https://cache.ruby-lang.org/pub/ruby/ruby-1.8.5.tar.gz][1]에서 다운로드할 +소스 코드는 [https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5.tar.gz][1]에서 다운로드할 수 있고, md5sum은 3fbb02294a8ca33d4684055adba5ed6f입니다. 용량은 4,438,603 바이트입니다. @@ -15,5 +15,5 @@ lang: ko -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.5.tar.gz +[1]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5.tar.gz [2]: http://eigenclass.org/hiki.rb?ruby+1.8.5+changelog diff --git a/ko/news/_posts/2007-01-01-ruby-1-8-5-p12.md b/ko/news/_posts/2007-01-01-ruby-1-8-5-p12.md index 7e880e60cc..b237ed9226 100644 --- a/ko/news/_posts/2007-01-01-ruby-1-8-5-p12.md +++ b/ko/news/_posts/2007-01-01-ruby-1-8-5-p12.md @@ -9,7 +9,7 @@ lang: ko 아래 주소에서 소스 코드를 내려 받을 수 있습니다. -* [https://cache.ruby-lang.org/pub/ruby/ruby-1.8.5-p12.tar.gz][2] +* [https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5-p12.tar.gz][2] md5sum은 d7d12dd9124c9b7d55cdbbee313e3931이고 파일 크기는 4,526,961 바이트입니다. @@ -19,4 +19,4 @@ md5sum은 d7d12dd9124c9b7d55cdbbee313e3931이고 파일 크기는 4,526,961 바 [1]: https://blade.ruby-lang.org/ruby-list/43074 -[2]: https://cache.ruby-lang.org/pub/ruby/ruby-1.8.5-p12.tar.gz +[2]: https://cache.ruby-lang.org/pub/ruby/1.8/ruby-1.8.5-p12.tar.gz diff --git a/ko/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md b/ko/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md index 825e224e6f..0f99458afc 100644 --- a/ko/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md +++ b/ko/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md @@ -29,19 +29,19 @@ ruby -v -ruri -e'URI.decode_www_form_component "A string that causes catastrophi ## 다운로드 -* +* SIZE: 9081661 bytes MD5: 8ba4aaf707023e76f80fc8f455c99858 SHA256: 6d3487ea8a86ad0fa78a8535078ff3c7a91ca9f99eff0a6a08e66c6e6bf2040f -* +* SIZE: 11416473 bytes MD5: 4b9330730491f96b402adc4a561e859a SHA256: 23ef45fdaecc5d6c7b4e9e2d51b23817fc6aa8225a20f123f7fa98760e8b5ca9 -* +* SIZE: 12732739 bytes MD5: 42d261b28d1b7e500dd3bdbdbfba7fa5 diff --git a/ko/news/_posts/2015-08-18-ruby-2-0-0-p647-released.md b/ko/news/_posts/2015-08-18-ruby-2-0-0-p647-released.md index 7e7e284e1b..ebd1eb0e64 100644 --- a/ko/news/_posts/2015-08-18-ruby-2-0-0-p647-released.md +++ b/ko/news/_posts/2015-08-18-ruby-2-0-0-p647-released.md @@ -12,7 +12,7 @@ lang: ko 이 릴리스에는 RubyGems 도메인 이름 확인 취약점에 관한 보안 수정이 포함됩니다. 더 자세한 내용은 밑의 내용을 보세요. -* [CVE-2015-3900 RubyGems 2.4.6 이전의 요청 가로채기 취약점](http://ruby-korea.github.io/rubygems-blog/2015/05/14/CVE-2015-3900.html) +* [CVE-2015-3900 RubyGems 2.4.6 이전의 요청 가로채기 취약점](https://rubykr.github.io/rubygems-blog/2015/05/14/CVE-2015-3900.html) 그리고 이 릴리스에는 lib/resolv.rb의 회귀에 대한 수정도 포함됩니다. diff --git a/ko/news/_posts/2015-08-18-ruby-2-1-7-released.md b/ko/news/_posts/2015-08-18-ruby-2-1-7-released.md index 42356aa7e6..afbc8e4421 100644 --- a/ko/news/_posts/2015-08-18-ruby-2-1-7-released.md +++ b/ko/news/_posts/2015-08-18-ruby-2-1-7-released.md @@ -12,7 +12,7 @@ lang: ko 이 릴리스에는 RubyGems 도메인 이름 확인 취약점에 관한 보안 수정이 포함됩니다. 더 자세한 내용은 밑의 내용을 보세요. -* [CVE-2015-3900 RubyGems 2.4.6 이전의 요청 가로채기 취약점](http://ruby-korea.github.io/rubygems-blog/2015/05/14/CVE-2015-3900.html) +* [CVE-2015-3900 RubyGems 2.4.6 이전의 요청 가로채기 취약점](https://rubykr.github.io/rubygems-blog/2015/05/14/CVE-2015-3900.html) 또한 많은 버그가 수정되었습니다. 자세한 내용은 [티켓](https://bugs.ruby-lang.org/projects/ruby-21/issues?set_filter=1&status_id=5)과 diff --git a/ko/news/_posts/2015-08-18-ruby-2-2-3-released.md b/ko/news/_posts/2015-08-18-ruby-2-2-3-released.md index c1c8f7959d..4d71bcfbba 100644 --- a/ko/news/_posts/2015-08-18-ruby-2-2-3-released.md +++ b/ko/news/_posts/2015-08-18-ruby-2-2-3-released.md @@ -12,7 +12,7 @@ lang: ko 이 릴리스에는 RubyGems 도메인 이름 확인 취약점에 관한 보안 수정이 포함됩니다. -* [CVE-2015-3900 RubyGems 2.4.6 이전의 요청 가로채기 취약점](http://ruby-korea.github.io/rubygems-blog/2015/05/14/CVE-2015-3900.html) +* [CVE-2015-3900 RubyGems 2.4.6 이전의 요청 가로채기 취약점](https://rubykr.github.io/rubygems-blog/2015/05/14/CVE-2015-3900.html) 버그 수정도 조금 있었습니다. 자세한 내용은 diff --git a/ko/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md b/ko/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md index b11eb1e597..70194cc89a 100644 --- a/ko/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md +++ b/ko/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md @@ -24,7 +24,8 @@ NOTE: 이 문제는 [CVE-2023-28755](https://www.ruby-lang.org/en/news/2023/03/2 `uri` gem을 0.12.2로 업데이트하는 것이 좋습니다. 이전 Ruby 버전대에 포함된 버전과의 호환성을 보장하기 위해 다음과 같이 업데이트할 수 있습니다. * Ruby 3.0: `uri` 0.10.3으로 업데이트 -* Ruby 3.1과 3.2: `uri` 0.12.2로 업데이트 +* Ruby 3.1: `uri` 0.12.2로 업데이트 +* Ruby 3.2: `uri` 0.12.2로 업데이트하거나 Ruby를 3.2.3으로 업데이트 `gem update uri`를 사용하여 업데이트할 수 있습니다. bundler를 사용하는 경우 `gem "uri", ">= 0.12.2"`(또는 위에 언급된 다른 버전)을 `Gemfile`에 추가하세요. @@ -40,4 +41,5 @@ NOTE: 이 문제는 [CVE-2023-28755](https://www.ruby-lang.org/en/news/2023/03/2 ## 수정 이력 +* 2024-01-18 12:00:00 (UTC) Ruby 3.2를 위한 새 권장 조치를 추가 * 2023-06-29 01:00:00 (UTC) 최초 공개 diff --git a/ko/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md b/ko/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md index 3a9204dce9..e05cc55a04 100644 --- a/ko/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md +++ b/ko/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md @@ -19,7 +19,7 @@ Ruby {{ release.version }} 릴리스를 알리게 되어 기쁩니다. Ruby 3.3 * Prism은 CRuby에서 내부적으로 사용하는 C 라이브러리이자 Ruby 코드를 구문 분석해야 하는 모든 도구에서 사용할 수 있는 Ruby gem입니다. * Prism API에서 주목할 만한 메서드는 다음과 같습니다. * `Prism.parse(source)`는 ParseResult의 일부로 AST를 반환합니다. - * `Prism.dump(source, filepath)`는 문자열로 직렬화된 AST를 반환합니다. + * `Prism.dump(source)`는 문자열로 직렬화된 AST를 반환합니다. * `Prism.parse_comments(source)`는 주석을 반환합니다. * 기여에 관심이 있다면 [Prism 저장소](https://github.com/ruby/prism)에서 직접 풀 리퀘스트나 이슈를 만들 수 있습니다. @@ -69,9 +69,9 @@ Ruby {{ release.version }} 릴리스를 알리게 되어 기쁩니다. Ruby 3.3 * Linux perf로 프로파일링을 용이하게 할 수 있도록 `--yjit-perf`가 추가됩니다. * 보다 철저한 테스트와 여러 버그 수정 -### M:N 스레드 스케쥴러 +### M:N 스레드 스케줄러 -* M:N 스레드 스케쥴러가 추가됩니다. [[Feature #19842]](https://bugs.ruby-lang.org/issues/19842) +* M:N 스레드 스케줄러가 추가됩니다. [[Feature #19842]](https://bugs.ruby-lang.org/issues/19842) * M개의 Ruby 스레드를 N개의 네이티브 스레드(OS 스레드)로 관리하므로 스레드의 생성, 관리 비용이 절감됩니다. * C 확장 호환성에 문제가 발생할 가능성이 있으므로, 주 Ractor에서의 기본 설정은 비활성입니다. * `RUBY_MN_THREADS=1` 환경 변수를 사용해 주 Ractor에서 M:N 스레드를 활성화할 수 있습니다. diff --git a/ko/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md b/ko/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md index 9bb87ee469..4b072284cb 100644 --- a/ko/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md +++ b/ko/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md @@ -21,13 +21,13 @@ RC1 릴리스 이후로 ABI의 하위호환성을 깨트리는 변경은 가급 * Prism은 CRuby에서 내부적으로 사용하는 C 라이브러리이자 Ruby 코드를 구문 분석해야 하는 모든 도구에서 사용할 수 있는 Ruby gem입니다. * Prism API에서 주목할 만한 메서드는 다음과 같습니다. * `Prism.parse(source)`는 ParseResult의 일부로 AST를 반환합니다. - * `Prism.dump(source, filepath)`는 문자열로 직렬화된 AST를 반환합니다. + * `Prism.dump(source)`는 문자열로 직렬화된 AST를 반환합니다. * `Prism.parse_comments(source)`는 주석을 반환합니다. * 기여에 관심이 있다면 [Prism 저장소](https://github.com/ruby/prism)에서 직접 풀 리퀘스트나 이슈를 만들 수 있습니다. ## Bison을 Lrama로 대체 -* Bison 대신 [Lrama LALR 파서 생성기](https://github.com/yui-knk/lrama)를 사용하도록 변경했습니다. [Feature #19637](https://bugs.ruby-lang.org/issues/19637) +* Bison 대신 [Lrama LALR 파서 생성기](https://github.com/ruby/lrama)를 사용하도록 변경했습니다. [Feature #19637](https://bugs.ruby-lang.org/issues/19637) * 관심이 있다면 [Ruby 파서의 미래 비전](https://rubykaigi.org/2023/presentations/spikeolaf.html)을 참고하세요. * 유지보수성을 위해 Lrama 내부 구문 분석기가 Racc에서 생성한 LR 구문 분석기로 대체되었습니다. * 매개변수화 규칙 `(?, *, +)`를 지원하며, Ruby의 parse.y에서 사용될 예정입니다. @@ -39,7 +39,7 @@ RC1 릴리스 이후로 ABI의 하위호환성을 깨트리는 변경은 가급 * MJIT과 달리 런타임에 C 컴파일러가 필요하지 않습니다. * RJIT은 실험 목적으로 존재합니다. * 프로덕션 환경에서는 YJIT을 계속 사용해야 합니다. -* Ruby용 JIT 개발에 관심이 있다면 [RubyKaigi 2023 3일 차에 있었던 k0kubun의 발표](https://rubykaigi.org/2023/presentations/k0kubun.html#day3)를 확인하세요. +* Ruby용 JIT 개발에 관심이 있다면 [RubyKaigi 2023 3일차에 있었던 k0kubun의 발표](https://rubykaigi.org/2023/presentations/k0kubun.html#day3)를 확인하세요. ## YJIT @@ -75,9 +75,9 @@ RC1 릴리스 이후로 ABI의 하위호환성을 깨트리는 변경은 가급 * 보다 철저한 테스트와 여러 버그 수정 -### M:N 스레드 스케쥴러 +### M:N 스레드 스케줄러 -* M:N 스레드 스케쥴러가 추가됩니다. [[Feature #19842]](https://bugs.ruby-lang.org/issues/19842) +* M:N 스레드 스케줄러가 추가됩니다. [[Feature #19842]](https://bugs.ruby-lang.org/issues/19842) * M개의 Ruby 스레드를 N개의 네이티브 스레드(OS 스레드)로 관리하므로 스레드의 생성, 관리 비용이 절감됩니다. * C 확장 호환성에 문제가 발생할 가능성이 있으므로, 주 Ractor에서의 기본 설정은 비활성입니다. * `RUBY_MN_THREADS=1` 환경 변수를 사용해 주 Ractor에서 M:N 스레드를 활성화할 수 있습니다. @@ -102,18 +102,18 @@ RC1 릴리스 이후로 ABI의 하위호환성을 깨트리는 변경은 가급 * 오래된 객체가 참조하는 어린 객체는 이제 즉시 오래된 객체로 마킹되지 않습니다. 이 동작은 메이저 GC의 빈도를 상당히 낮춰줍니다. [[Feature #19678]](https://bugs.ruby-lang.org/issues/19678) - * 메이져 GC를 야기하는 보호받지 않은 객체의 숫자를 제어하는 + * 메이저 GC를 야기하는 보호받지 않은 객체의 숫자를 제어하는 새로운 변수 `REMEMBERED_WB_UNPROTECTED_OBJECTS_LIMIT_RATIO`가 추가되었습니다. - 기본값은 `0.01` (1%)입니다. 이는 메이저 GC의 빈도를 상당히 낮춰줍니다. + 기본값은 `0.01`(1%)입니다. 이는 메이저 GC의 빈도를 상당히 낮춰줍니다. [[Feature #19571]](https://bugs.ruby-lang.org/issues/19571) * `Time`, `Enumerator`, `MatchData`, `Method`, `File::Stat`, `BigDecimal` 등의 - 주요 타입에 부족했던 쓰기 보호가 구현되었습니다. + 주요 타입에 부족했던 쓰기 배리어가 구현되었습니다. 이는 마이너 GC에 걸리는 시간과 메이저 GC 빈도를 상당히 줄여줍니다. * `Hash`, `Time`, `Thread::Backtrace`, `Thread::Backtrace::Location`, `File::Stat`, `Method` 등의 대부분의 주요 클래스는 이제 가변 폭 할당을 사용합니다. 이는 해당 클래스의 할당 및 할당 해제 속도를 빠르게 만들며, 메모리 사용량과 힙 파편화를 줄여줍니다. - * 가비지 컬렉터에 약한 참조가 추가됩니다. [Feature #19783](https://bugs.ruby-lang.org/issues/19783) + * 가비지 컬렉터에 약한 참조가 추가됩니다. [[Feature #19783]](https://bugs.ruby-lang.org/issues/19783) ## 그 이외의 3.2 이후로 주목할 만한 변경 diff --git a/ko/news/_posts/2023-12-25-ruby-3-3-0-released.md b/ko/news/_posts/2023-12-25-ruby-3-3-0-released.md new file mode 100644 index 0000000000..375c399a95 --- /dev/null +++ b/ko/news/_posts/2023-12-25-ruby-3-3-0-released.md @@ -0,0 +1,308 @@ +--- +layout: news_post +title: "Ruby 3.3.0 릴리스" +author: "naruse" +translator: "shia" +date: 2023-12-25 00:00:00 +0000 +lang: ko +--- + +{% assign release = site.data.releases | where: "version", "3.3.0" | first %} +Ruby {{ release.version }} 릴리스를 알리게 되어 기쁩니다. Ruby 3.3은 Prism이라는 이름의 새 파서를 추가하고, 파서 생성기로 Lrama를 사용하며, RJIT으로 명명된 새로운 순수 Ruby JIT 컴파일러를 추가하고, 특히 YJIT에서 많은 성능 향상이 있습니다. + +## Prism + +* [Prism 파서](https://github.com/ruby/prism)를 기본 gem에 추가했습니다. + * Prism은 Ruby 언어를 위한 이식 가능하고, 에러 내성이 있으며 유지 보수 가능한 재귀 하향 파서입니다. +* Prism은 프로덕션 환경에서 사용할 준비가 되어있으며 활발하게 유지보수되고 있으므로 Ripper 대신 이용할 수 있습니다. + * Prism 사용 방법에 대한 [광범위한 문서](https://ruby.github.io/prism/)가 있습니다. + * Prism은 CRuby에서 내부적으로 사용하는 C 라이브러리이자 Ruby 코드를 구문 분석해야 하는 모든 도구에서 사용할 수 있는 Ruby gem입니다. + * Prism API에서 주목할 만한 메서드는 다음과 같습니다. + * `Prism.parse(source)`는 구분 분석 결과 객체의 일부로 AST를 반환합니다. + * `Prism.parse_comments(source)`는 주석을 반환합니다. + * `Prism.parse_success?(source)`는 에러가 없다면 true를 반환합니다. +* 기여에 관심이 있다면 [Prism 저장소](https://github.com/ruby/prism)에서 직접 풀 리퀘스트나 이슈를 만들 수 있습니다. +* `ruby --parser=prism`이나 `RUBYOPT="--parser=prism"`을 사용하여 Prism 컴파일러를 실험해 볼 수 있습니다. 이 플래그는 디버깅 용도임을 잊지 마세요. + +## Bison을 Lrama로 대체 + +* Bison 대신 [Lrama LALR 파서 생성기](https://github.com/ruby/lrama)를 사용하도록 변경했습니다. [[Feature #19637]](https://bugs.ruby-lang.org/issues/19637) + * 관심이 있다면 [Ruby 파서의 미래 비전](https://rubykaigi.org/2023/presentations/spikeolaf.html)을 참고하세요. + * 유지보수성을 위해 Lrama 내부 구문 분석기가 Racc에서 생성한 LR 구문 분석기로 대체되었습니다. + * 매개변수화 규칙 `(?, *, +)`를 지원하며, Ruby의 parse.y에서 사용될 예정입니다. + +## YJIT + +* Ruby 3.2 버전 대비 주요 성능 개선 사항 + * 스플랫과 나머지 인자 지원이 개선되었습니다. + * 가상 머신의 스택 연산을 위해 레지스터가 할당됩니다. + * 선택적 인수가 포함된 더 많은 호출이 컴파일됩니다. 예외 처리기도 컴파일됩니다. + * 지원되지 않는 호출 타입인 경우, 클래스의 인스턴스 변수가 가지는 객체 형상의 조합이 매우 복잡한 경우에도 + 컴파일되기 전의 바이트 코드로 전환되지 않습니다. + * Rails의 `#blank?`와 [특수화한 `#present?`](https://github.com/rails/rails/pull/49909) 같은 단순한 메서드는 + 인라인으로 최적화됩니다. + * `Integer#*`, `Integer#!=`, `String#!=`, `String#getbyte`, + `Kernel#block_given?`, `Kernel#is_a?`, `Kernel#instance_of?`, `Module#===`은 특별히 최적화되었습니다. + * Ruby 3.2보다 컴파일 속도가 약간 개선되었습니다. + * 이제 optcarrot에서 인터프리터보다 3배 이상 빠릅니다! +* Ruby 3.2보다 메모리 사용량이 크게 개선되었습니다. + * 컴파일된 코드의 메타데이터가 훨씬 적은 메모리를 사용합니다. + * `--yjit-call-threshold`는 애플리케이션의 ISEQ이 40,000개 이상 존재하는 경우, + 자동으로 30에서 120으로 증가합니다. + * 적게 사용되는 ISEQ의 컴파일을 생략하는 `--yjit-cold-threshold`가 추가됩니다. + * ARM64에서 더 작은 코드를 생성합니다. +* 코드 GC는 이제 비활성화된 상태로 시작합니다. + * `--yjit-exec-mem-size`를 새 코드 컴파일을 멈추는 최대 상한으로 취급합니다. + * 코드 GC로 인한 급격한 성능 하락이 사라집니다. + [Pitchfork](https://github.com/shopify/pitchfork)로 리포크를 사용하는 서버에서 + 더 나은 쓰기 시 복사 동작을 생성할 수 있습니다. + * 필요하다면 `--yjit-code-gc`로 코드 GC를 활성화할 수 있습니다. +* 실행 시간에 YJIT을 활성화할 수 있는 `RubyVM::YJIT.enable`이 추가됩니다. + * 실행 명령의 인수나 환경 변수의 변경 없이 YJIT을 실행할 수 있습니다. + Rails 7.2는 이 메서드를 사용해 + [기본으로 YJIT을 활성화](https://github.com/rails/rails/pull/49947)할 예정입니다. + * 애플리케이션 부팅이 완료된 후에 YJIT를 활성화하는 데에도 사용할 수 있습니다. + 부팅 시 YJIT를 비활성화한 상태에서 다른 YJIT 옵션을 사용하려는 경우 + `--yjit-disable`을 사용할 수 있습니다. +* 기본으로 더 많은 YJIT 통계 정보를 제공합니다. + * `yjit_alloc_size`와 메타 정보에 관련된 몇몇 통계가 기본으로 이용 가능합니다. + * `--yjit-stats`로부터 생성된 `ratio_in_yjit` 통계는 릴리스 빌드에서도 이용 가능하며, + 대부분의 통계에 접근하는 데 특수한 통계나 개발 빌드는 더 이상 필요하지 않습니다. +* 프로파일링 기능 추가 + * Linux perf로 프로파일링을 용이하게 할 수 있도록 `--yjit-perf`가 추가됩니다. + * `--yjit-trace-exits`는 `--yjit-trace-exits-sample-rate=N`을 통한 샘플링을 지원합니다. +* 보다 철저한 테스트와 여러 버그 수정 + +## RJIT + +* 순수 Ruby JIT 컴파일러 RJIT을 도입하고 MJIT을 대체했습니다. + * RJIT은 Unix 플랫폼에서 x86-64 아키텍처만 지원합니다. + * MJIT과 달리 런타임에 C 컴파일러가 필요하지 않습니다. +* RJIT은 실험 목적으로 존재합니다. + * 프로덕션 환경에서는 YJIT을 계속 사용해야 합니다. +* Ruby용 JIT 개발에 관심이 있다면 [RubyKaigi 2023 3일차에 있었던 k0kubun의 발표](https://rubykaigi.org/2023/presentations/k0kubun.html#day3)를 확인하세요. + +## M:N 스레드 스케줄러 + +* M:N 스레드 스케줄러가 추가됩니다. [[Feature #19842]](https://bugs.ruby-lang.org/issues/19842) + * M개의 Ruby 스레드를 N개의 네이티브 스레드(OS 스레드)로 관리하므로 스레드의 생성, 관리 비용이 절감됩니다. + * C 확장 호환성에 문제가 발생할 가능성이 있으므로, 주 Ractor에서의 기본 설정은 비활성입니다. + * `RUBY_MN_THREADS=1` 환경 변수를 사용해 주 Ractor에서 M:N 스레드를 활성화할 수 있습니다. + * M:N 스레드는 주 Ractor가 아닌 Ractor에서 항상 활성화되어 있습니다. + * `RUBY_MAX_CPU=n` 환경 변수는 `N`(네이티브 스레드의 최대 개수)의 최댓값을 지정합니다. 기본값은 8입니다. + * 하나의 Ractor에서는 하나의 Ruby 스레드만 실행 가능하므로 실제로 사용되는 네이티브 스레드의 개수는 `RUBY_MAX_CPU`에서 지정한 숫자나 실행 중인 Ractor의 개수보다 작습니다. 그러므로 (대다수를 차지하는) 단일 Ractor 애플리케이션에서는 단 하나의 네이티브 스레드를 사용합니다. + * 블로킹 동작을 처리하기 위해, `N`개 이상의 네이티브 스레드가 사용될 수 있습니다. + +## 성능 향상 + +* `defined?(@ivar)`가 객체 형상에 맞게 최적화됩니다. +* `Socket.getaddrinfo`와 같은 이름 해결을 (POSIX 스레드가 사용 가능한 환경에서) 중단할 수 있게 됩니다. [[Feature #19965]](https://bugs.ruby-lang.org/issues/19965) +* 가비지 컬렉터의 몇몇 성능 향상 + * 오래된 객체가 참조하는 어린 객체는 이제 즉시 오래된 객체로 마킹되지 않습니다. + 이 동작은 메이저 GC의 빈도를 상당히 낮춰줍니다. + [[Feature #19678]](https://bugs.ruby-lang.org/issues/19678) + * 메이저 GC를 야기하는 보호받지 않은 객체의 숫자를 제어하는 + 새로운 변수 `REMEMBERED_WB_UNPROTECTED_OBJECTS_LIMIT_RATIO`가 추가되었습니다. + 기본값은 `0.01`(1%)입니다. 이는 메이저 GC의 빈도를 상당히 낮춰줍니다. + [[Feature #19571]](https://bugs.ruby-lang.org/issues/19571) + * `Time`, `Enumerator`, `MatchData`, `Method`, `File::Stat`, `BigDecimal` 등의 + 주요 타입에 부족했던 쓰기 보호가 구현되었습니다. + 이는 마이너 GC에 걸리는 시간과 메이저 GC 빈도를 상당히 줄여줍니다. + * `Hash`, `Time`, `Thread::Backtrace`, `Thread::Backtrace::Location`, + `File::Stat`, `Method` 등의 대부분의 주요 클래스는 이제 가변 폭 할당을 사용합니다. + 이는 해당 클래스의 할당 및 할당 해제 속도를 빠르게 만들며, 메모리 사용량과 + 힙 파편화를 줄여줍니다. + * 가비지 컬렉터에 약한 참조가 추가됩니다. [[Feature #19783]](https://bugs.ruby-lang.org/issues/19783) + + +## 그 이외의 3.2 이후로 주목할 만한 변경 + +### IRB + +IRB에 여러 개선 사항이 추가됩니다. 다음과 같은 내용이 포함됩니다. + +* 고급 `irb:rdbg` 통합 기능은 `pry-byebug`와 동등한 디버깅 경험을 제공합니다. ([문서](https://github.com/ruby/irb#debugging-with-irb)). +* `ls`와 `show_source`, `show_cmds`와 같은 명령어에서 페이징을 지원합니다. +* `ls`, `show_source` 명령에서 더 정확하고 유용한 정보를 제공합니다. +* 타입 분석을 사용하는 실험적인 자동 완성 기능을 제공합니다. ([문서](https://github.com/ruby/irb#type-based-completion)). +* Reline::Face 클래스의 도입으로 자동완성 다이얼로그의 글씨 색과 스타일이 변경 가능합니다. ([문서](https://github.com/ruby/ruby/blob/master/doc/reline/face.md)) + +또한, IRB는 광범위한 리팩토링을 거쳤으며, 향후 개선이 용이하도록 많은 버그 수정이 이루어졌습니다. + +더 자세한 변경은 [Ruby 3.3 IRB의 큰 도약을 공개합니다](https://railsatscale.com/2023-12-19-irb-for-ruby-3-3/)를 참조하세요. + +## 호환성 문제 + +주의: 기능 버그 수정은 포함되어 있지 않습니다. + +* 블록에서 매개변수 없이 `it`을 호출하는 기능은 삭제 예정입니다. + Ruby 3.4부터 `it`은 첫 번째 블록 인수를 가리킵니다. + [[Feature #18980]](https://bugs.ruby-lang.org/issues/18980) + +* `Regexp::new`는 최대 3개의 인수를 받았지만 이제 2개까지 허용합니다. 이는 Ruby 3.2에서 폐기예정이었습니다. [[Bug #18797]](https://bugs.ruby-lang.org/issues/18797) + +### 삭제된 환경 변수 + +폐기 예정이었던 환경 변수가 삭제됩니다. + +* 환경 변수 `RUBY_GC_HEAP_INIT_SLOTS`는 폐기 예정이었으며 아무 효과도 없습니다. 대신 환경 변수 `RUBY_GC_HEAP_{0,1,2,3,4}_INIT_SLOTS`를 사용해 주세요. [[Feature #19785]](https://bugs.ruby-lang.org/issues/19785) + +## Stdlib 호환성 문제 + +### `ext/readline` 폐기 + +* 우리는 `ext/readline` API와 호환되는 순수 Ruby 구현인 `reline`을 가지고 있습니다. 앞으로는 `reline`에 의존할 것입니다. `ext/readline`을 사용해야 하는 경우, `gem install readline-ext`를 사용하여 rubygems.org를 통해 `ext/readline`을 설치할 수 있습니다. +* 이제 더 이상 `libreadline` 또는 `libedit`과 같은 라이브러리를 설치할 필요가 없습니다. + +## 표준 라이브러리 갱신 + +사용자가 미래의 Ruby 버전에서 내장될 예정의 gem을 Gemfile이나 gemspec에 추가하지 않고 직접 `require` 할 때 RubyGems와 Bundler가 경고 문구를 출력합니다. + +bootsnap gem을 사용하고 있다면, 해당 경고를 생략합니다. 적어도 한 번은 `DISABLE_BOOTSNAP=1` 환경 변수와 함께 애플리케이션을 실행하길 권장합니다. 이는 이번 버전에만 해당되는 제약입니다. + +다음 라이브러리가 대상입니다. + * abbrev + * base64 + * bigdecimal + * csv + * drb + * getoptlong + * mutex_m + * nkf + * observer + * racc + * resolv-replace + * rinda + * syslog + +다음 기본 gem이 추가되었습니다. + +* prism 0.19.0 + +다음 기본 gem이 갱신되었습니다. + +* RubyGems 3.5.3 +* abbrev 0.1.2 +* base64 0.2.0 +* benchmark 0.3.0 +* bigdecimal 3.1.5 +* bundler 2.5.3 +* cgi 0.4.1 +* csv 3.2.8 +* date 3.3.4 +* delegate 0.3.1 +* drb 2.2.0 +* english 0.8.0 +* erb 4.0.3 +* error_highlight 0.6.0 +* etc 1.4.3 +* fcntl 1.1.0 +* fiddle 1.1.2 +* fileutils 1.7.2 +* find 0.2.0 +* getoptlong 0.2.1 +* io-console 0.7.1 +* io-nonblock 0.3.0 +* io-wait 0.3.1 +* ipaddr 1.2.6 +* irb 1.11.0 +* json 2.7.1 +* logger 1.6.0 +* mutex_m 0.2.0 +* net-http 0.4.0 +* net-protocol 0.2.2 +* nkf 0.1.3 +* observer 0.1.2 +* open-uri 0.4.1 +* open3 0.2.1 +* openssl 3.2.0 +* optparse 0.4.0 +* ostruct 0.6.0 +* pathname 0.3.0 +* pp 0.5.0 +* prettyprint 0.2.0 +* pstore 0.1.3 +* psych 5.1.2 +* rdoc 6.6.2 +* readline 0.0.4 +* reline 0.4.1 +* resolv 0.3.0 +* rinda 0.2.0 +* securerandom 0.3.1 +* set 1.1.0 +* shellwords 0.2.0 +* singleton 0.2.0 +* stringio 3.1.0 +* strscan 3.0.7 +* syntax_suggest 2.0.0 +* syslog 0.1.2 +* tempfile 0.2.1 +* time 0.3.0 +* timeout 0.4.1 +* tmpdir 0.2.0 +* tsort 0.2.0 +* un 0.3.0 +* uri 0.13.0 +* weakref 0.1.3 +* win32ole 1.8.10 +* yaml 0.3.0 +* zlib 3.1.0 + +다음 기본 gem이 내장됩니다. + +* racc 1.7.3 + +다음 내장 gem이 갱신됩니다. + +* minitest 5.20.0 +* rake 13.1.0 +* test-unit 3.6.1 +* rexml 3.2.6 +* rss 0.3.0 +* net-ftp 0.3.3 +* net-imap 0.4.9 +* net-smtp 0.4.0 +* rbs 3.4.0 +* typeprof 0.21.9 +* debug 1.9.1 + +기본 gem 또는 내장 gem에 대한 자세한 내용은 [Logger](https://github.com/ruby/logger/releases)와 같은 +GitHub 릴리스 또는 변경 로그에서 확인하세요. + +더 자세한 내용은 [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md)나 +[커밋 로그](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }})를 +확인해 주세요. + +이러한 변경사항에 따라, Ruby 3.2.0 이후로 [파일 {{ release.stats.files_changed }}개 수정, {{ release.stats.insertions }}줄 추가(+), {{ release.stats.deletions }}줄 삭제(-)](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }}#file_bucket)가 +이루어졌습니다! + +메리 크리스마스, 해피 홀리데이, 그리고 Ruby 3.3과 함께 프로그래밍을 즐겨보세요! + +## 다운로드 + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby는 + +Ruby는 1993년에 Matz(마츠모토 유키히로) 씨가 처음 개발했고, +현재는 오픈 소스로서 개발되고 있습니다. 여러 플랫폼에서 동작하며, +특히 웹 개발에서 전 세계적으로 이용되고 있습니다. diff --git a/ko/news/_posts/2024-01-18-ruby-3-2-3-released.md b/ko/news/_posts/2024-01-18-ruby-3-2-3-released.md new file mode 100644 index 0000000000..1d4d558eb7 --- /dev/null +++ b/ko/news/_posts/2024-01-18-ruby-3-2-3-released.md @@ -0,0 +1,48 @@ +--- +layout: news_post +title: "Ruby 3.2.3 릴리스" +author: "nagachika" +translator: "shia" +date: 2024-01-18 09:00:00 +0000 +lang: ko +--- + +Ruby 3.2.3이 릴리스되었습니다. + +이번 릴리스는 많은 버그 수정이 포함합니다. +자세한 내용은 [GitHub 릴리스](https://github.com/ruby/ruby/releases/tag/v3_2_3)를 참조하세요. + +이번 릴리스에는 보안 수정을 포함하는 uri.gem의 0.12.2 갱신도 포함되어 있습니다. +자세한 내용은 아래 항목을 참조하세요. + +* [CVE-2023-36617: URI의 ReDoS 취약점]({%link ko/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md %}) + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.2.3" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md b/ko/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md new file mode 100644 index 0000000000..fa5cb2593b --- /dev/null +++ b/ko/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md @@ -0,0 +1,46 @@ +--- +layout: news_post +title: "CVE-2024-27280: StringIO에서 버퍼 초과 읽기 취약점" +author: "hsbt" +translator: "shia" +date: 2024-03-21 4:00:00 +0000 +tags: security +lang: ko +--- + +버퍼 초과 읽기 취약점에 대한 보안 수정이 포함된 StringIO gem 버전 3.0.1.1과 3.0.1.2를 릴리스했습니다. +이 취약점에는 CVE 식별자 [CVE-2024-27280](https://www.cve.org/CVERecord?id=CVE-2024-27280)이 할당되었습니다. + +## 세부 내용 + +Ruby 3.0.x부터 3.0.6까지, 3.1.x부터 3.1.4까지 함께 배포된 StringIO 3.0.1에서 문제가 발견되었습니다. + +StringIO의 `ungetbyte`와 `ungetc` 메서드는 문자열의 끝을 넘어서도 읽을 수 있으며, 이어서 호출되는 `StringIO.gets`는 메모리의 값을 반환할 수 있습니다. + +이 취약점은 StringIO 3.0.3과 그 이후, Ruby 3.2.x와 그 이후 버전에는 영향이 없습니다. + +## 권장 조치 + +StringIO gem을 3.0.3이나 그 이상으로 업데이트하는 것이 좋습니다. 이전 Ruby 버전대에 포함된 버전과의 호환성을 보장하기 위해 다음과 같이 업데이트할 수 있습니다. + +* Ruby 3.0 사용자: `stringio` 3.0.1.1로 업데이트 +* Ruby 3.1 사용자: `stringio` 3.0.1.2로 업데이트 + +주의: StringIO 3.0.1.2는 이 취약점뿐만 아니라 [[Bug #19389]](https://github.com/ruby/ruby/commit/1d24a931c458c93463da1d5885f33edef3677cc2)의 버그 수정도 포함하고 있습니다. + +`gem update stringio`를 사용하여 업데이트할 수 있습니다. bundler를 사용하는 경우 `gem "stringio", ">= 3.0.1.2"`를 `Gemfile`에 추가하세요. + +## 해당 버전 + +* Ruby 3.0.6과 그 이하 +* Ruby 3.1.4와 그 이하 +* StringIO gem 3.0.1과 그 이하 + +## 도움을 준 사람 + +이 문제를 발견해 준 [david_h1](https://hackerone.com/david_h1?type=user)에게 감사를 표합니다. + +## 수정 이력 + +* 2024-04-11 12:50:00 (UTC) StringIO의 해당 버전 수정(3.0.2 -> 3.0.1) +* 2024-03-21 04:00:00 (UTC) 최초 공개 diff --git a/ko/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md b/ko/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md new file mode 100644 index 0000000000..b5a42dbfd6 --- /dev/null +++ b/ko/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md @@ -0,0 +1,48 @@ +--- +layout: news_post +title: "CVE-2024-27281: RDoc에서 .rdoc_options 사용 시의 RCE 취약점" +author: "hsbt" +translator: "shia" +date: 2024-03-21 4:00:00 +0000 +tags: security +lang: ko +--- + +RCE 취약점에 대한 보안 수정이 포함된 RDoc gem 버전 6.3.4.1, 6.4.1.1, 6.5.1.1과 6.6.3.1을 릴리스했습니다. +이 취약점에는 CVE 식별자 [CVE-2024-27281](https://www.cve.org/CVERecord?id=CVE-2024-27281)이 할당되었습니다. + +## 세부 내용 + +Ruby 3.x부터 3.3.0까지 함께 배포된 RDoc 6.3.3부터 6.6.2까지 문제가 발견되었습니다. + +(RDoc 설정에 사용되는) `.rdoc_options`를 YAML 파일로 파싱할 때, 복원할 수 있는 클래스에 대한 제한이 없기 때문에, 객체 주입 및 그로 인한 원격 코드 실행이 가능합니다. + +문서 캐시를 읽어올 때도 조작된 캐시가 있을 경우, 객체 주입 및 그로 인한 원격 코드 실행이 가능합니다. + +## 권장 조치 + +RDoc gem을 6.6.3.1이나 그 이상으로 업데이트하는 것이 좋습니다. 이전 Ruby 버전대에 포함된 버전과의 호환성을 보장하기 위해 다음과 같이 업데이트할 수 있습니다. + +* Ruby 3.0 사용자: `rdoc` 6.3.4.1로 업데이트 +* Ruby 3.1 사용자: `rdoc` 6.4.1.1로 업데이트 +* Ruby 3.2 사용자: `rdoc` 6.5.1.1로 업데이트 + +`gem update rdoc`를 사용하여 업데이트할 수 있습니다. bundler를 사용하는 경우 `gem "rdoc", ">= 6.6.3.1"`을 `Gemfile`에 추가하세요. + +주의: 6.3.4, 6.4.1, 6.5.1, 6.6.3은 부정확한 수정을 포함하고 있습니다. 이 대신 6.3.4.1, 6.4.1.1, 6.5.1.1, 6.6.3.1로 업데이트하세요. + +## 해당 버전 + +* Ruby 3.0.6과 그 이하 +* Ruby 3.1.4와 그 이하 +* Ruby 3.2.3과 그 이하 +* Ruby 3.3.0 +* RDoc gem 6.3.3과 그 이하, 수정된 버전(6.3.4, 6.4.1, 6.5.1)을 제외한 6.4.0부터 6.6.2까지 + +## 도움을 준 사람 + +이 문제를 발견해 준 [ooooooo_q](https://hackerone.com/ooooooo_q?type=user)에게 감사를 표합니다. + +## 수정 이력 + +* 2024-03-21 04:00:00 (UTC) 최초 공개 diff --git a/ko/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md b/ko/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md new file mode 100644 index 0000000000..33868c900b --- /dev/null +++ b/ko/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "CVE-2024-27282: 정규표현식 검색의 임의의 메모리 주소 읽기 취약점" +author: "hsbt" +translator: "shia" +date: 2024-04-23 10:00:00 +0000 +tags: security +lang: ko +--- + +정규표현식 검색의 임의의 메모리 주소 읽기 취약점에 대한 보안 수정을 포함하는 Ruby 3.0.7, 3.1.5, 3.2.4, 3.3.1을 릴리스했습니다. +이 취약점은 CVE 번호 [CVE-2024-27282](https://www.cve.org/CVERecord?id=CVE-2024-27282)로 등록되어 있습니다. + +## 세부 내용 + +Ruby 3.x부터 3.3.0까지 문제가 발견되었습니다. + +공격자가 제공한 데이터가 Ruby 정규표현식 컴파일러에 제공되면, 텍스트 시작 지점과 관련된 임의의 힙 데이터를 추출할 수 있습니다. 여기에는 포인터와 민감한 문자열을 포함됩니다. + +## 권장 조치 + +Ruby를 3.3.1이나 그 이상으로 업데이트하는 것이 좋습니다. 이전 Ruby 버전대에 포함된 버전과의 호환성을 보장하기 위해 다음과 같이 업데이트할 수 있습니다. + +* Ruby 3.0 사용자: 3.0.7로 업데이트 +* Ruby 3.1 사용자: 3.1.5로 업데이트 +* Ruby 3.2 사용자: 3.2.4로 업데이트 +* Ruby 3.3 사용자: 3.3.1로 업데이트 + +## 해당 버전 + +* Ruby 3.0.6과 그 이하 +* Ruby 3.1.4와 그 이하 +* Ruby 3.2.3과 그 이하 +* Ruby 3.3.0 + +## 도움을 준 사람 + +이 문제를 발견해 준 [sp2ip](https://hackerone.com/sp2ip?type=user)에게 감사를 표합니다. + +## 수정 이력 + +* 2024-04-23 10:00:00 (UTC) 최초 공개 diff --git a/ko/news/_posts/2024-04-23-ruby-3-0-7-released.md b/ko/news/_posts/2024-04-23-ruby-3-0-7-released.md new file mode 100644 index 0000000000..23050cb394 --- /dev/null +++ b/ko/news/_posts/2024-04-23-ruby-3-0-7-released.md @@ -0,0 +1,53 @@ +--- +layout: news_post +title: "Ruby 3.0.7 릴리스" +author: "hsbt" +translator: "shia" +date: 2024-04-23 10:00:00 +0000 +lang: ko +--- + +Ruby 3.0.7이 릴리스되었습니다. + +이번 릴리스에는 보안 수정 사항이 포함되어 있습니다. +자세한 내용은 아래 항목을 참조하세요. + +* [CVE-2024-27282: 정규표현식 검색의 임의의 메모리 주소 읽기 취약점]({%link ko/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RDoc에서 .rdoc_options 사용 시의 RCE 취약점]({%link ko/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md %}) +* [CVE-2024-27280: StringIO에서 버퍼 초과 읽기 취약점]({%link ko/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md %}) + +자세한 내용은 [GitHub 릴리스](https://github.com/ruby/ruby/releases/tag/v3_0_7)를 참조하세요. + +이 릴리스 후에 Ruby 3.0은 EOL에 도달합니다. 즉, 이번 릴리스가 Ruby 3.0 버전대의 마지막 릴리스가 될 것입니다. +보안 취약점이 발견되더라도 Ruby 3.0.8은 릴리스되지 않을 것입니다. (심각한 회귀 버그가 발생하는 경우는 예외입니다.) +모든 Ruby 3.0 사용자는 즉시 Ruby 3.3, 3.2, 3.1로 마이그레이션할 것을 권장합니다. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.0.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2024-04-23-ruby-3-1-5-released.md b/ko/news/_posts/2024-04-23-ruby-3-1-5-released.md new file mode 100644 index 0000000000..0b90862c4d --- /dev/null +++ b/ko/news/_posts/2024-04-23-ruby-3-1-5-released.md @@ -0,0 +1,49 @@ +--- +layout: news_post +title: "Ruby 3.1.5 릴리스" +author: "hsbt" +translator: "shia" +date: 2024-04-23 10:00:00 +0000 +lang: ko +--- + +Ruby 3.1.5가 릴리스되었습니다. + +이번 릴리스에는 보안 수정 사항이 포함되어 있습니다. +자세한 내용은 아래 항목을 참조하세요. + +* [CVE-2024-27282: 정규표현식 검색의 임의의 메모리 주소 읽기 취약점]({%link ko/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RDoc에서 .rdoc_options 사용 시의 RCE 취약점]({%link ko/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md %}) +* [CVE-2024-27280: StringIO에서 버퍼 초과 읽기 취약점]({%link ko/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md %}) + +자세한 내용은 [GitHub 릴리스](https://github.com/ruby/ruby/releases/tag/v3_1_5)를 참조하세요. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.1.5" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2024-04-23-ruby-3-2-4-released.md b/ko/news/_posts/2024-04-23-ruby-3-2-4-released.md new file mode 100644 index 0000000000..ac30b6e203 --- /dev/null +++ b/ko/news/_posts/2024-04-23-ruby-3-2-4-released.md @@ -0,0 +1,48 @@ +--- +layout: news_post +title: "Ruby 3.2.4 릴리스" +author: "nagachika" +translator: "shia" +date: 2024-04-23 10:00:00 +0000 +lang: ko +--- + +Ruby 3.2.4가 릴리스되었습니다. + +이번 릴리스에는 보안 수정 사항이 포함되어 있습니다. +자세한 내용은 아래 항목을 참조하세요. + +* [CVE-2024-27282: 정규표현식 검색의 임의의 메모리 주소 읽기 취약점]({%link ko/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RDoc에서 .rdoc_options 사용 시의 RCE 취약점]({%link ko/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md %}) + +자세한 내용은 [GitHub 릴리스](https://github.com/ruby/ruby/releases/tag/v3_2_4)를 참조하세요. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.2.4" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2024-04-23-ruby-3-3-1-released.md b/ko/news/_posts/2024-04-23-ruby-3-3-1-released.md new file mode 100644 index 0000000000..05b4b2e137 --- /dev/null +++ b/ko/news/_posts/2024-04-23-ruby-3-3-1-released.md @@ -0,0 +1,48 @@ +--- +layout: news_post +title: "Ruby 3.3.1 릴리스" +author: "naruse" +translator: "shia" +date: 2024-04-23 10:00:00 +0000 +lang: ko +--- + +Ruby 3.3.1이 릴리스되었습니다. + +이번 릴리스에는 보안 수정 사항이 포함되어 있습니다. +자세한 내용은 아래 항목을 참조하세요. + +* [CVE-2024-27282: 정규표현식 검색의 임의의 메모리 주소 읽기 취약점]({%link ko/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RDoc에서 .rdoc_options 사용 시의 RCE 취약점]({%link ko/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md %}) + +자세한 내용은 [GitHub 릴리스](https://github.com/ruby/ruby/releases/tag/v3_3_1)를 참조하세요. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.3.1" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md b/ko/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md new file mode 100644 index 0000000000..0a3558f93b --- /dev/null +++ b/ko/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2024-35176: REXML의 DoS 취약점" +author: "kou" +translator: "shia" +date: 2024-05-16 05:00:00 +0000 +tags: security +lang: ko +--- + +REXML gem에서 DoS 취약점이 발견되었습니다. 이 취약점은 CVE 번호 [CVE-2024-35176](https://www.cve.org/CVERecord?id=CVE-2024-35176)으로 등록되었습니다. REXML gem 업그레이드를 강하게 추천합니다. + +## 세부 내용 + +대량의 `<`를 속성값으로 가지고 있는 XML을 파싱할 때, REXML gem은 처리에 긴 시간이 걸립니다. + +REXML gem을 3.2.7이나 그 이상으로 업데이트하세요. + +## 해당 버전 + +* REXML gem 3.2.6과 그 이하 + +## 도움을 준 사람 + +이 문제를 발견해 준 [mprogrammer](https://hackerone.com/mprogrammer)에게 감사를 표합니다. + +## 수정 이력 + +* 2024-05-16 05:00:00 (UTC) 최초 공개 diff --git a/ko/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md b/ko/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md new file mode 100644 index 0000000000..d93cc972c3 --- /dev/null +++ b/ko/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md @@ -0,0 +1,140 @@ +--- +layout: news_post +title: "Ruby 3.4.0-preview1 릴리스" +author: "naruse" +translator: "shia" +date: 2024-05-16 00:00:00 +0000 +lang: ko +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-preview1" | first %} +Ruby {{ release.version }} 릴리스를 알리게 되어 기쁩니다. + +## 언어 변경 + +* 파일에 `frozen_string_literal` 주석이 없는 경우, 문자열 리터럴은 이제 얼린 것처럼 + 동작합니다. 해당 문자열이 변경되는 경우에는 폐기 예정 경고가 발생합니다. + 이 경고는 `-W:deprecated`나 `Warning[:deprecated] = true` 설정을 통해 활성화할 수 있습니다. + 이 변경을 무효화하고 싶다면 Ruby를 실행할 때 `--disable-frozen-string-literal` 커맨드라인 인수를 + 사용하세요. [[Feature #20205]] + +* 블록 인자를 가리키는 `it`이 추가됩니다. [[Feature #18980]] + +* 메서드 호출 시에 `nil`에 키워드 스플랫을 지원합니다. + `**nil`은 `**{}`와 비슷하게 동작하며, 키워드를 넘기지 않으며, + 어떤 변환 메서드도 호출하지 않습니다. [[Bug #20064]] + +* 블록을 인덱스로 사용할 수 없게 됩니다. [[Bug #19918]] + +* 키워드 인수를 인덱스로 사용할 수 없게 됩니다. [[Bug #20218]] + +## 코어 클래스 변경 + +주의: 눈에 띄는 클래스 변경만을 포함합니다. + +* Exception + + * Exception#set_backtrace는 이제 `Thread::Backtrace::Location`의 배열을 입력으로 받을 수 있습니다. + `Kernel#raise`, `Thread#raise`와 `Fiber#raise`도 같은 형식의 입력을 받습니다. [[Feature #13557]] + + +* Range + + * Range#size는 이제 범위가 순회 가능하지 않다면 TypeError를 던집니다. [[Misc #18984]] + + + +## 호환성 문제 + +주의: 기능 버그 수정은 포함되어 있지 않습니다. + +* 에러 메시지와 백트레이스의 출력 결과가 변경됩니다. + * 인용 시작 부분을 나타내던 백틱 대신 작은 따옴표를 사용합니다. [[Feature #16495]] + * 메서드 이름 앞에 클래스 이름을 출력합니다(클래스가 불변하는 이름을 가지고 있다면). [[Feature #19117]] + * `Kernel#caller`, `Thread::Backtrace::Location`의 메서드 등도 마찬가지로 변경됩니다. + + ``` + Old: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + New: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + + +## C API 변경 + +* `rb_newobj`와 `rb_newobj_of`(그리고 대응하는 매크로인 `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`)가 삭제됩니다. [[Feature #20265]] +* 폐기 예정인 `rb_gc_force_recycle` 함수가 삭제됩니다. [[Feature #18290]] + +## 구현 개선 + +* `Array#each`를 더 나은 성능을 위해 Ruby로 재작성했습니다. [[Feature #20182]] + +## 그 이외의 변경 + +* 상세 모드(`-w`)에서 메서드에 넘긴 블록이 사용되지 않았을 때 + 경고를 출력합니다. + [[Feature #15554]] + +* `String.freeze`나 `Integer#+`처럼 인터프리터와 JIT이 특별히 최적화하는 + 몇몇 코어 메서드를 재정의하면 성능 클래스 + 경고(`-W:performance`나 `Warning[:performance] = true`)를 출력합니다. + [[Feature #20429]] + +기본 gem 또는 내장 gem에 대한 자세한 내용은 [Logger](https://github.com/ruby/logger/releases)와 같은 +GitHub 릴리스 또는 변경 로그에서 확인하세요. + +더 자세한 내용은 [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md)나 +[커밋 로그](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }})를 +확인해 주세요. + +이러한 변경사항에 따라, Ruby 3.3.0 이후로 [파일 {{ release.stats.files_changed }}개 수정, {{ release.stats.insertions }}줄 추가(+), {{ release.stats.deletions }}줄 삭제(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket)가 +이루어졌습니다! + + +## 다운로드 + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby는 + +Ruby는 1993년에 Matz(마츠모토 유키히로) 씨가 처음 개발했고, +현재는 오픈 소스로서 개발되고 있습니다. 여러 플랫폼에서 동작하며, +특히 웹 개발에서 전 세계적으로 이용되고 있습니다. + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 diff --git a/ko/news/_posts/2024-05-29-ruby-3-1-6-released.md b/ko/news/_posts/2024-05-29-ruby-3-1-6-released.md new file mode 100644 index 0000000000..d536320832 --- /dev/null +++ b/ko/news/_posts/2024-05-29-ruby-3-1-6-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.1.6 릴리스" +author: "hsbt" +translator: "shia" +date: 2024-05-29 9:00:00 +0000 +lang: ko +--- + +Ruby 3.1.6이 릴리스되었습니다. + +Ruby 3.1 버전대는 지금 보안 유지보수 단계입니다. 일반적으로 이 단계에서는 보안 문제만 수정합니다. 그러나 Ruby 3.1.5 릴리스 이후 빌드 실패 문제가 여럿 발생했습니다. 이 문제들을 해결하기 위해 Ruby 3.1.6을 릴리스하기로 결정했습니다. + +아래 항목에서 자세한 내용을 확인하세요. + +* [Bug #20151: FreeBSD 14.0에서 Ruby 3.1을 빌드할 수 없음](https://bugs.ruby-lang.org/issues/20151) +* [Bug #20451: 잘못된 Ruby 3.1.5 백포트로 fiddle 빌드에 실패함](https://bugs.ruby-lang.org/issues/20451) +* [Bug #20431: Ruby 3.3.0 빌드 실패 make: *** \[io_buffer.o\] Error 1](https://bugs.ruby-lang.org/issues/20431) + +자세한 사항은 [GitHub 릴리스](https://github.com/ruby/ruby/releases/tag/v3_1_6)를 확인해 주세요. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.1.6" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2024-05-30-datadog-oss-program.md b/ko/news/_posts/2024-05-30-datadog-oss-program.md new file mode 100644 index 0000000000..f0277aefca --- /dev/null +++ b/ko/news/_posts/2024-05-30-datadog-oss-program.md @@ -0,0 +1,28 @@ +--- +layout: news_post +title: "Datadog가 ruby-lang.org의 OSS 커뮤니티 지원을 제공합니다" +author: "hsbt" +translator: "shia" +date: 2024-05-30 00:00:00 +0000 +lang: ko +--- + +우리는 Ruby의 공식 웹사이트인 ruby-lang.org가 모니터링을 위해 Datadog를 적용했다는 것을 알려드립니다. 이는 [Datadog OSS 커뮤니티 지원](https://opensource.datadoghq.com/projects/oss-program/)을 통해 이루어졌습니다. + +Datadog는 Ruby 사용자를 위해 실시간으로 사이트의 성능과 가용성을 효과적으로 모니터링할 수 있도록 도와줍니다. Datadog 사용의 주요 이점은 다음과 같습니다. + +## CDN 가시성 + +Fastly가 제공하는 cache.ruby-lang.org는 Ruby 생태계의 가장 중요한 인프라입니다. Datadog를 통해 콘텐츠 전송 네트워크(CDN) 성능을 모니터링할 수 있습니다. 캐시 커버리지, 오류율을 추적하여 사용자 경험을 향상시킵니다. + +## 통합된 데이터 시각화 + +ruby-lang.org에는 다양한 웹 서비스가 있습니다. Datadog는 로그 분석 데이터를 시각화할 때 메트릭 및 애플리케이션 성능 모니터링(APM) 데이터도 같은 대시보드에 함께 보여줄 수 있게 해줍니다. + +## JIT 추적 가시성 + +Datadog의 트레이싱 기능을 활용하여 웹 서버 및 데이터베이스를 통하는 요청의 흐름을 트레이스로 기록할 수 있습니다. 이를 통해 병목과 문제가 있는 요청을 확인할 수 있습니다. + +주요 메트릭의 [공개 대시보드](https://p.ap1.datadoghq.com/sb/1271b83e-af90-11ee-9072-da7ad0900009-01633a8fa8c0b0c0051f1889afdf55dc)를 게시했습니다. 모니터링, 특히 YJIT 성능을 개선하면서 대시보드를 계속 업데이트할 것입니다. + +Datadog 채택이 Ruby 커뮤니티의 사이트 성능 향상에 이바지하길 바랍니다. 계속해서 ruby-lang.org를 이용하고 향상된 사용자 경험을 즐기시기 바랍니다. diff --git a/ko/news/_posts/2024-05-30-ruby-3-3-2-released.md b/ko/news/_posts/2024-05-30-ruby-3-3-2-released.md new file mode 100644 index 0000000000..aa4c590595 --- /dev/null +++ b/ko/news/_posts/2024-05-30-ruby-3-3-2-released.md @@ -0,0 +1,43 @@ +--- +layout: news_post +title: "Ruby 3.3.2 릴리스" +author: "k0kubun" +translator: "shia" +date: 2024-05-30 03:50:00 +0000 +lang: ko +--- + +Ruby 3.3.2가 릴리스되었습니다. + +이번 릴리스에는 많은 버그 수정이 포함되어 있습니다. +자세한 내용은 [GitHub 릴리스](https://github.com/ruby/ruby/releases/tag/v3_3_2)를 참조하세요. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.3.2" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2024-06-12-ruby-3-3-3-released.md b/ko/news/_posts/2024-06-12-ruby-3-3-3-released.md new file mode 100644 index 0000000000..ae48cb23a5 --- /dev/null +++ b/ko/news/_posts/2024-06-12-ruby-3-3-3-released.md @@ -0,0 +1,53 @@ +--- +layout: news_post +title: "Ruby 3.3.3 릴리스" +author: "k0kubun" +translator: "shia" +date: 2024-06-12 00:30:00 +0000 +lang: ko +--- + +Ruby 3.3.3이 릴리스되었습니다. + +이번 릴리스는 아래 항목을 포함합니다. + +* RubyGems 3.5.11 +* Bundler 2.5.11 +* REXML 3.2.8 +* strscan 3.0.9 +* `--dump=prism_parsetree`는 `--parser=prism --dump=parsetree`로 대체되었습니다. +* 잘못된 인코딩 기호는 이제 `EncodingError` 대신 `SyntaxError`를 던집니다. +* Ripper 파싱 중의 메모리 누수 문제 수정 +* YJIT, `**{}`, `Ripper.tokenize`, `RubyVM::InstructionSequence#to_binary`, `--with-gmp`, 몇몇 빌드 환경의 버그 수정 + +자세한 내용은 [GitHub 릴리스](https://github.com/ruby/ruby/releases/tag/v3_3_3)를 참조하세요. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.3.3" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2024-07-09-ruby-3-3-4-released.md b/ko/news/_posts/2024-07-09-ruby-3-3-4-released.md new file mode 100644 index 0000000000..5e8602c911 --- /dev/null +++ b/ko/news/_posts/2024-07-09-ruby-3-3-4-released.md @@ -0,0 +1,57 @@ +--- +layout: news_post +title: "Ruby 3.3.4 릴리스" +author: "k0kubun" +translator: "shia" +date: 2024-07-09 00:30:00 +0000 +lang: ko +--- + +Ruby 3.3.4가 릴리스되었습니다. + +이번 릴리스에는 Ruby 3.3.3의 내장 gem인 `net-pop`, `net-ftp`, `net-imap`, `prime`의 +gemspec에서 의존성이 누락된 회귀 버그를 해결했습니다 +[[Bug #20581]](https://bugs.ruby-lang.org/issues/20581). +이 수정으로 Bundler가 Heroku와 같은 플랫폼에서 해당 gem을 성공적으로 설치할 수 있습니다. +만약 `bundle install`이 정상적으로 작동한다면, 이 문제는 해결된 것입니다. + +나머지 변경 사항은 대부분 사소한 버그 수정입니다. +자세한 내용은 [GitHub 릴리스](https://github.com/ruby/ruby/releases/tag/v3_3_4)를 참조하세요. + +## 릴리스 일정 + +앞으로 최신 안정 버전의 Ruby(현재 Ruby 3.3)를 `.1` 릴리스 이후 2개월마다 릴리스할 계획입니다. +Ruby 3.3의 경우, 3.3.5는 9월 3일에, 3.3.6은 11월 5일에, 3.3.7은 1월 7일에 릴리스될 예정입니다. + +이번 릴리스는 Heroku의 Ruby 3.3.3 사용자가 영향을 받았습니다. 이와 같이 많은 사람들에게 영향을 미치는 변경 사항이 있을 경우, +예상보다 빨리 새 버전을 릴리스할 수 있습니다. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.3.4" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md b/ko/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md new file mode 100644 index 0000000000..8443590fc4 --- /dev/null +++ b/ko/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2024-39908: REXML의 DoS 취약점" +author: "watson1978" +translator: "yous" +date: 2024-07-16 03:00:00 +0000 +tags: security +lang: ko +--- + +REXML gem에서 DoS 취약점이 발견되었습니다. 이 취약점은 CVE 번호 [CVE-2024-39908](https://www.cve.org/CVERecord?id=CVE-2024-39908)로 등록되었습니다. REXML gem 업그레이드를 강하게 추천합니다. + +## 세부 내용 + +`<`, `0`, `%>`과 같은 특정 캐릭터를 대량으로 갖고 있는 XML을 파싱할 때, REXML gem은 처리에 긴 시간이 걸립니다. + +REXML gem을 3.3.2나 그 이상으로 업데이트하세요. + +## 해당 버전 + +* REXML gem 3.3.1과 그 이하 + +## 도움을 준 사람 + +이 문제를 발견해 준 [mprogrammer](https://hackerone.com/mprogrammer)에게 감사를 표합니다. + +## 수정 이력 + +* 2024-07-16 03:00:00 (UTC) 최초 공개 diff --git a/ko/news/_posts/2024-07-26-ruby-3-2-5-released.md b/ko/news/_posts/2024-07-26-ruby-3-2-5-released.md new file mode 100644 index 0000000000..363e256e87 --- /dev/null +++ b/ko/news/_posts/2024-07-26-ruby-3-2-5-released.md @@ -0,0 +1,46 @@ +--- +layout: news_post +title: "Ruby 3.2.5 릴리스" +author: "nagachika" +translator: "shia" +date: 2024-07-26 10:00:00 +0000 +lang: ko +--- + +Ruby 3.2.5가 릴리스되었습니다. + +이번 릴리스에는 많은 버그 수정이 포함되어 있습니다. +그리고 내장된 `rexml` gem을 다음 보안 수정을 포함하는 버전으로 업데이트했습니다. +[CVE-2024-39908: REXML의 DoS 취약점]({%link ko/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md %}). + +자세한 내용은 [GitHub 릴리스](https://github.com/ruby/ruby/releases/tag/v3_2_5)를 참조하세요. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.2.5" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md b/ko/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md new file mode 100644 index 0000000000..d8efca8b1e --- /dev/null +++ b/ko/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2024-41123: REXML의 DoS 취약점" +author: "kou" +translator: "shia" +date: 2024-08-01 03:00:00 +0000 +tags: security +lang: ko +--- + +REXML gem에서 DoS 취약점이 몇 개 발견되었습니다. 이 취약점은 CVE 번호 [CVE-2024-41123](https://www.cve.org/CVERecord?id=CVE-2024-41123)으로 등록되었습니다. REXML gem 업그레이드를 강하게 추천합니다. + +## 세부 내용 + +공백 문자, `>]`, `]>`와 같은 특정 문자가 많이 포함된 XML 문서를 파싱할 때, REXML gem은 처리에 긴 시간이 걸립니다. + +REXML gem을 3.3.3이나 그 이상으로 업데이트하세요. + +## 해당 버전 + +* REXML gem 3.3.2와 그 이하 + +## 도움을 준 사람 + +이 문제를 발견해 준 [mprogrammer](https://hackerone.com/mprogrammer)와 [scyoon](https://hackerone.com/scyoon)에게 감사를 표합니다. + +## 수정 이력 + +* 2024-08-01 03:00:00 (UTC) 최초 공개 diff --git a/ko/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md b/ko/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md new file mode 100644 index 0000000000..0ab27c73d9 --- /dev/null +++ b/ko/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2024-41946: REXML의 DoS 취약점" +author: "kou" +translator: "shia" +date: 2024-08-01 03:00:00 +0000 +tags: security +lang: ko +--- + +REXML gem에서 DoS 취약점이 발견되었습니다. 이 취약점은 CVE 번호 [CVE-2024-41946](https://www.cve.org/CVERecord?id=CVE-2024-41946)으로 등록되었습니다. REXML gem 업그레이드를 강하게 추천합니다. + +## 세부 내용 + +SAX2나 풀(pull) 파서 API로 많은 엔티티 확장을 포함하는 XML을 파싱할 때, REXML gem은 처리에 긴 시간이 걸립니다. + +REXML gem을 3.3.3이나 그 이상으로 업데이트하세요. + +## 해당 버전 + +* REXML gem 3.3.2와 그 이하 + +## 도움을 준 사람 + +이 문제를 발견해 준 [NAITOH Jun](https://github.com/naitoh)에게 감사를 표합니다. + +## 수정 이력 + +* 2024-08-01 03:00:00 (UTC) 최초 공개 diff --git a/ko/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md b/ko/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md new file mode 100644 index 0000000000..8daecb6fdb --- /dev/null +++ b/ko/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md @@ -0,0 +1,31 @@ +--- +layout: news_post +title: "CVE-2024-43398: REXML의 DoS 취약점" +author: "kou" +translator: "shia" +date: 2024-08-22 03:00:00 +0000 +tags: security +lang: ko +--- + +REXML gem에서 DoS 취약점이 발견되었습니다. 이 취약점은 CVE 번호 [CVE-2024-43398](https://www.cve.org/CVERecord?id=CVE-2024-43398)로 등록되었습니다. REXML gem 업그레이드를 강하게 추천합니다. + +## 세부 내용 + +동일한 지역 이름 속성을 가진 여러 깊은 요소를 포함하는 XML을 파싱할 때, REXML gem은 처리에 긴 시간이 걸립니다. + +해당 취약점은 트리 파서 API에만 영향을 줍니다. XML을 파싱하기 위해 `REXML::Document.new`를 사용한다면 영향을 받을 수 있습니다. + +REXML gem을 3.3.6이나 그 이상으로 업데이트하세요. + +## 해당 버전 + +* REXML gem 3.3.5와 그 이하 + +## 도움을 준 사람 + +이 문제를 발견해 준 [l33thaxor](https://hackerone.com/l33thaxor)에게 감사를 표합니다. + +## 수정 이력 + +* 2024-08-22 03:00:00 (UTC) 최초 공개 diff --git a/ko/news/_posts/2024-09-03-3-3-5-released.md b/ko/news/_posts/2024-09-03-3-3-5-released.md new file mode 100644 index 0000000000..2e2b176920 --- /dev/null +++ b/ko/news/_posts/2024-09-03-3-3-5-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.3.5 릴리스" +author: k0kubun +translator: shia +date: 2024-09-03 06:40:00 +0000 +lang: ko +--- + +Ruby 3.3.5가 릴리스되었습니다. + +이번 릴리스는 일반적인 업데이트로, 사소한 버그 수정이 포함되어 있습니다. +가능한 빨리 Ruby 버전을 업그레이드하는 것을 권장합니다. +자세한 내용은 [GitHub 릴리스 노트](https://github.com/ruby/ruby/releases/tag/v3_3_5)를 참조하세요. + +## 릴리스 일정 + +이전에 [발표했던 것](https://www.ruby-lang.org/ko/news/2024/07/09/ruby-3-3-4-released/)처럼, 앞으로 최신 안정 버전의 Ruby(현재 Ruby 3.3)를 `.1` 릴리스 이후 2개월마다 릴리스할 계획입니다. + +3.3.6은 11월 5일에, 3.3.7은 1월 7일에 릴리스될 예정입니다. 많은 사람들에게 영향을 미치는 변경 사항이 있을 경우, 예상보다 빨리 새 버전을 릴리스할 수 있습니다. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.3.5" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md b/ko/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md new file mode 100644 index 0000000000..070b8dea8e --- /dev/null +++ b/ko/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md @@ -0,0 +1,148 @@ +--- +layout: news_post +title: "Ruby 3.4.0 preview2 릴리스" +author: "naruse" +translator: "shia" +date: 2024-10-07 00:00:00 +0000 +lang: ko +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-preview2" | first %} +Ruby {{ release.version }} 릴리스를 알리게 되어 기쁩니다. + +## Prism + +parse.y에서 Prism으로 기본 파서를 변경했습니다. [[Feature #20564]] + +## 언어 변경 + +* 파일에 `frozen_string_literal` 주석이 없을 때, 문자열 리터럴이 변경되면 + 폐기 예정 경고를 출력합니다. + 이 경고는 `-W:deprecated`나 `Warning[:deprecated] = true` 설정을 통해 활성화할 수 있습니다. + 이 변경을 무효화하고 싶다면 Ruby를 실행할 때 `--disable-frozen-string-literal` 커맨드라인 인수를 + 사용하세요. [[Feature #20205]] + +* 블록 인자를 가리키는 `it`이 추가됩니다. [[Feature #18980]] + +* 메서드 호출 시에 `nil`에 키워드 스플랫을 지원합니다. + `**nil`은 `**{}`와 비슷하게 동작하며, 키워드를 넘기지 않으며, + 어떤 변환 메서드도 호출하지 않습니다. [[Bug #20064]] + +* 블록을 인덱스로 사용할 수 없게 됩니다. [[Bug #19918]] + +* 키워드 인수를 인덱스로 사용할 수 없게 됩니다. [[Bug #20218]] + +## 코어 클래스 변경 + +주의: 눈에 띄는 클래스 변경만을 포함합니다. + +* Exception + + * `Exception#set_backtrace`는 이제 `Thread::Backtrace::Location`의 배열을 입력으로 받을 수 있습니다. + `Kernel#raise`, `Thread#raise`와 `Fiber#raise`도 같은 형식의 입력을 받습니다. [[Feature #13557]] + +* Range + + * `Range#size`는 이제 범위가 순회 가능하지 않다면 `TypeError`를 던집니다. [[Misc #18984]] + + + +## 호환성 문제 + +주의: 기능 버그 수정은 포함되어 있지 않습니다. + +* 에러 메시지와 백트레이스의 출력 결과가 변경됩니다. + * 여는 따옴표로 백틱 대신 작은 따옴표를 사용합니다. [[Feature #16495]] + * 메서드 이름 앞에 클래스 이름을 출력합니다(클래스가 불변하는 이름을 가지고 있는 경우만). [[Feature #19117]] + * `Kernel#caller`, `Thread::Backtrace::Location`의 메서드 등도 마찬가지로 변경됩니다. + + ``` + Old: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + New: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +* `Hash#inspect` 결과가 변경되었습니다. [[Bug #20433]] + * 심볼 키는 최신 심볼 키 구문을 사용하여 표시됩니다. 예시: `"{user: 1}"` + * 다른 키는 `=>` 주변에 공백이 추가되었습니다. 예시: `'{"user" => 1}'`. 이전에는 그렇지 않았습니다. 예시: `'{"user"=>1}'`. + +## C API 변경 + +* `rb_newobj`와 `rb_newobj_of`(그리고 대응하는 매크로인 `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`)가 삭제됩니다. [[Feature #20265]] +* 폐기 예정인 `rb_gc_force_recycle` 함수가 삭제됩니다. [[Feature #18290]] + +## 구현 개선 + +* 더 나은 성능을 위해 `Array#each`를 Ruby로 재작성했습니다. [[Feature #20182]] + +## 그 이외의 변경 + +* 상세 모드(`-w`)에서 메서드에 넘긴 블록이 사용되지 않았을 때 + 경고를 출력합니다. + [[Feature #15554]] + +* `String.freeze`나 `Integer#+`처럼 인터프리터와 JIT이 특별히 최적화하는 + 몇몇 코어 메서드를 재정의하면 성능 클래스 + 경고(`-W:performance`나 `Warning[:performance] = true`)를 출력합니다. + [[Feature #20429]] + +기본 gem 또는 내장 gem에 대한 자세한 내용은 [Logger](https://github.com/ruby/logger/releases)와 같은 +GitHub 릴리스 또는 변경 로그에서 확인하세요. + +더 자세한 내용은 [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md)나 +[커밋 로그](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }})를 +확인해 주세요. + +이러한 변경사항에 따라, Ruby 3.3.0 이후로 [파일 {{ release.stats.files_changed }}개 수정, {{ release.stats.insertions }}줄 추가(+), {{ release.stats.deletions }}줄 삭제(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket)가 +이루어졌습니다! + + +## 다운로드 + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby는 + +Ruby는 1993년에 Matz(마츠모토 유키히로) 씨가 처음 개발했고, +현재는 오픈 소스로서 개발되고 있습니다. 여러 플랫폼에서 동작하며, +특히 웹 개발에서 전 세계적으로 이용되고 있습니다. + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Bug #20433]: https://bugs.ruby-lang.org/issues/20433 diff --git a/ko/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md b/ko/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md new file mode 100644 index 0000000000..9e621d2b99 --- /dev/null +++ b/ko/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md @@ -0,0 +1,31 @@ +--- +layout: news_post +title: "CVE-2024-49761: REXML의 ReDoS 취약점" +author: "kou" +translator: "shia" +date: 2024-10-28 03:00:00 +0000 +tags: security +lang: ko +--- + +REXML gem에서 ReDoS 취약점이 발견되었습니다. 이 취약점은 CVE 번호 [CVE-2024-49761](https://www.cve.org/CVERecord?id=CVE-2024-49761)로 등록되었습니다. REXML gem 업그레이드를 강하게 추천합니다. + +Ruby 3.2나 그 이상에서는 이 문제가 발생하지 않습니다. 유지 관리 중인 Ruby 중 유일하게 영향을 받는 버전은 Ruby 3.1입니다. Ruby 3.1은 2025년 3월에 EOL이 예정되어 있습니다. + +## 세부 내용 + +16진수 숫자 문자 참조(`&#x...;`)에서 `&#`과 `x...;` 사이에 많은 숫자가 있는 XML을 파싱할 때 발생합니다. + +REXML gem을 3.3.9나 그 이상으로 업데이트하세요. + +## 해당 버전 + +* Ruby 3.1과 그 이하 버전에서 REXML gem 3.3.8과 그 이하 + +## 도움을 준 사람 + +이 문제를 발견해 준 [manun](https://hackerone.com/manun)에게 감사를 표합니다. + +## 수정 이력 + +* 2024-10-28 03:00:00 (UTC) 최초 공개 diff --git a/ko/news/_posts/2024-10-30-ruby-3-2-6-released.md b/ko/news/_posts/2024-10-30-ruby-3-2-6-released.md new file mode 100644 index 0000000000..ffa12569d2 --- /dev/null +++ b/ko/news/_posts/2024-10-30-ruby-3-2-6-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 3.2.6 릴리스" +author: nagachika +translator: shia +date: 2024-10-30 10:00:00 +0000 +lang: ko +--- + +Ruby 3.2.6이 릴리스되었습니다. + +자세한 내용은 [GitHub 릴리스](https://github.com/ruby/ruby/releases/tag/v3_2_6)를 참조하세요. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.2.6" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2024-11-05-ruby-3-3-6-released.md b/ko/news/_posts/2024-11-05-ruby-3-3-6-released.md new file mode 100644 index 0000000000..941a95b0e5 --- /dev/null +++ b/ko/news/_posts/2024-11-05-ruby-3-3-6-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.3.6 릴리스" +author: k0kubun +translator: shia +date: 2024-11-05 04:25:00 +0000 +lang: ko +--- + +Ruby 3.3.6이 릴리스되었습니다. + +이번 릴리스는 일반적인 업데이트로, 사소한 버그 수정이 포함되어 있습니다. +또한 Ruby 3.5에서 번들된 gem으로 제공될 기본 gem 의존성이 누락되었다는 경고를 중지합니다. +자세한 내용은 [GitHub 릴리스 노트](https://github.com/ruby/ruby/releases/tag/v3_3_6)를 참조하세요. + +## 릴리스 일정 + +이전에 [발표했던 것](https://www.ruby-lang.org/ko/news/2024/07/09/ruby-3-3-4-released/)처럼, 앞으로 최신 안정 버전의 Ruby(현재 Ruby 3.3)를 `.1` 릴리스 이후 2개월마다 릴리스할 계획입니다. + +3.3.7은 1월 7일에 릴리스될 예정입니다. 많은 사람들에게 영향을 미치는 변경 사항이 있을 경우, 예상보다 빨리 새 버전을 릴리스할 수 있습니다. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.3.6" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md b/ko/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md new file mode 100644 index 0000000000..5ccbf80507 --- /dev/null +++ b/ko/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md @@ -0,0 +1,193 @@ +--- +layout: news_post +title: "Ruby 3.4.0 rc1 릴리스" +author: "naruse" +translator: "shia" +date: 2024-12-12 00:00:00 +0000 +lang: ko +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-rc1" | first %} +Ruby {{ release.version }} 릴리스를 알리게 되어 기쁩니다. + +## Prism + +parse.y에서 Prism으로 기본 파서를 변경했습니다. [[Feature #20564]] + +## 모듈러 GC + +* 다른 가비지 컬렉터(GC) 구현을 모듈러 가비지 컬렉터 기능을 통해 동적으로 로드할 수 있습니다. + 이 기능을 활성화하려면 Ruby 빌드 시에 `--with-modular-gc`를 설정하세요. GC 라이브러리는 + 환경 변수 `RUBY_GC_LIBRARY`를 사용하여 런타임에 로드할 수 있습니다. + [[Feature #20351]] + +* Ruby의 내장 가비지 컬렉터는 `gc/default/default.c`에 분리되어 있으며, + `gc/gc_impl.h`에 정의된 API를 사용하여 Ruby와 상호 작용합니다. + 내장 가비지 컬렉터는 `make modular-gc MODULAR_GC=default`를 사용하여 + 라이브러리로서 빌드하고 환경 변수 `RUBY_GC_LIBRARY=default`를 + 사용하여 활성화할 수 있습니다. [[Feature #20470]] + +* [MMTk](https://www.mmtk.io/)를 기반으로 한 실험적인 GC 라이브러리가 제공됩니다. + 이 GC 라이브러리는 `make modular-gc MODULAR_GC=mmtk`를 사용하여 빌드하고 + 환경 변수 `RUBY_GC_LIBRARY=mmtk`를 사용하여 활성화할 수 있습니다. + 이는 빌드 머신에 Rust 툴체인이 필요합니다. [[Feature #20860]] + + +## 언어 변경 + +* 파일에 `frozen_string_literal` 주석이 없을 때, 문자열 리터럴이 변경되면 + 폐기 예정 경고를 출력합니다. + 이 경고는 `-W:deprecated`나 `Warning[:deprecated] = true` 설정을 통해 활성화할 수 있습니다. + 이 변경을 무효화하고 싶다면 Ruby를 실행할 때 `--disable-frozen-string-literal` 커맨드 라인 인수를 + 사용하세요. [[Feature #20205]] + +* 블록 인자를 가리키는 `it`이 추가됩니다. [[Feature #18980]] + +* 메서드 호출 시에 `nil`에 키워드 스플랫을 지원합니다. + `**nil`은 `**{}`와 비슷하게 동작하며, 키워드를 넘기지 않으며, + 어떤 변환 메서드도 호출하지 않습니다. [[Bug #20064]] + +* 블록을 인덱스로 사용할 수 없게 됩니다. [[Bug #19918]] + +* 키워드 인수를 인덱스로 사용할 수 없게 됩니다. [[Bug #20218]] + +## YJIT + +TL;DR: +* x86-64와 arm64 플랫폼에서 대부분의 벤치마크에서 성능이 향상되었습니다. +* YJIT 메타 데이터 컴파일의 메모리 사용량이 줄었습니다. +* 여러 버그가 수정되었습니다. YJIT는 이제 더 견고하고 잘 테스트되었습니다. + +새 기능: +* `--yjit-mem-size` 커맨드 라인 옵션(기본값 128 MiB)을 통해 + YJIT의 통합 메모리 제한을 추가했습니다. + 이는 이전 `--yjit-exec-mem-size`보다 직관적이며, YJIT의 전체 메모리 사용량을 추적합니다. +* 이제 `RubyVM::YJIT.runtime_stats`를 통해 항상 더 많은 통계가 사용 가능합니다. +* `--yjit-log`를 통해 무엇이 컴파일되었는지 추적하는 컴파일 로그를 추가했습니다. + * 런타임에서도 로그의 마지막 부분을 `RubyVM::YJIT.log`로 확인할 수 있습니다. +* 멀티 Ractor 모드에서 공유 가능한 상수를 지원합니다. +* `--yjit-track-exits=COUNTER`로 종료한 횟수를 추적할 수 있습니다. + +새 최적화: +* YJIT 메타 데이터를 저장하는 데 필요한 메모리를 줄이는 콘텍스트 압축. +* 로컬 변수를 위한 레지스터를 할당할 수 있는 개선된 할당기. +* YJIT을 사용할 때 Ruby로 작성된 더 많은 코어 프리미티브를 사용합니다. + * 성능을 높이기 위해 Ruby로 다시 작성된 `Array#each`, `Array#select`, `Array#map` [[Feature #20182]]. +* 작고 사소한 메서드를 인라인으로 변환하는 능력. + * 빈 메서드 + * 상수를 반환하는 메서드 + * `self`를 반환하는 메서드 + * 인수를 직접 반환하는 메서드 +* 더 많은 런타임 메서드에 대한 특별한 코드 생성 +* `String#getbyte`, `String#setbyte` 및 다른 문자열 메서드를 최적화 +* 저레벨 비트/바이트 조작을 빠르게 하기 위한 비트 연산 최적화 +* 다양한 다른 점진적 최적화 + +## 코어 클래스 변경 + +주의: 눈에 띄는 클래스 변경만을 포함합니다. + +* Exception + + * `Exception#set_backtrace`는 이제 `Thread::Backtrace::Location`의 배열을 입력으로 받을 수 있습니다. + `Kernel#raise`, `Thread#raise`와 `Fiber#raise`도 같은 형식의 입력을 받습니다. [[Feature #13557]] + +* Range + + * `Range#size`는 이제 범위가 순회 가능하지 않다면 `TypeError`를 던집니다. [[Misc #18984]] + + + +## 호환성 문제 + +주의: 기능 버그 수정은 포함되어 있지 않습니다. + +* 에러 메시지와 백트레이스의 출력 결과가 변경됩니다. + * 여는 따옴표로 백틱 대신 작은따옴표를 사용합니다. [[Feature #16495]] + * 메서드 이름 앞에 클래스 이름을 출력합니다(클래스가 불변하는 이름을 가지고 있는 경우만). [[Feature #19117]] + * `Kernel#caller`, `Thread::Backtrace::Location`의 메서드 등도 마찬가지로 변경됩니다. + + ``` + Old: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + New: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +## C API 변경 + +* `rb_newobj`와 `rb_newobj_of`(그리고 대응하는 매크로인 `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`)가 삭제됩니다. [[Feature #20265]] +* 폐기 예정인 `rb_gc_force_recycle` 함수가 삭제됩니다. [[Feature #18290]] + +## 그 이외의 변경 + +* 상세 모드(`-w`)에서 메서드에 넘긴 블록이 사용되지 않았을 때 + 경고를 출력합니다. + [[Feature #15554]] + +* `String.freeze`나 `Integer#+`처럼 인터프리터와 JIT이 특별히 최적화하는 + 몇몇 코어 메서드를 재정의하면 성능 클래스 + 경고(`-W:performance`나 `Warning[:performance] = true`)를 출력합니다. + [[Feature #20429]] + +기본 gem 또는 내장 gem에 대한 자세한 내용은 [Logger](https://github.com/ruby/logger/releases)와 같은 +GitHub 릴리스 또는 변경 로그에서 확인하세요. + +더 자세한 내용은 [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md)나 +[커밋 로그](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }})를 +확인해 주세요. + +이러한 변경사항에 따라, Ruby 3.3.0 이후로 [파일 {{ release.stats.files_changed }}개 수정, {{ release.stats.insertions }}줄 추가(+), {{ release.stats.deletions }}줄 삭제(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket)가 +이루어졌습니다! + + +## 다운로드 + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby는 + +Ruby는 1993년에 Matz(마츠모토 유키히로) 씨가 처음 개발했고, +현재는 오픈 소스로서 개발되고 있습니다. 여러 플랫폼에서 동작하며, +특히 웹 개발에서 전 세계적으로 이용되고 있습니다. + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20351]: https://bugs.ruby-lang.org/issues/20351 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20470]: https://bugs.ruby-lang.org/issues/20470 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Feature #20860]: https://bugs.ruby-lang.org/issues/20860 diff --git a/ko/news/_posts/2024-12-25-ruby-3-4-0-released.md b/ko/news/_posts/2024-12-25-ruby-3-4-0-released.md new file mode 100644 index 0000000000..5c9f8b0d78 --- /dev/null +++ b/ko/news/_posts/2024-12-25-ruby-3-4-0-released.md @@ -0,0 +1,345 @@ +--- +layout: news_post +title: "Ruby 3.4.0 릴리스" +author: "naruse" +translator: "shia" +date: 2024-12-25 00:00:00 +0000 +lang: ko +--- + +{% assign release = site.data.releases | where: "version", "3.4.0" | first %} +Ruby {{ release.version }} 릴리스를 알리게 되어 기쁩니다. +Ruby 3.4는 `it` 블록 파라미터 참조, Prism을 기본 파서로 변경, 소켓 라이브러리에 +Happy Eyeballs Version 2 지원 추가, YJIT 개선, 모듈러 GC 추가 등을 포함하고 있습니다. + +## `it` 추가 + +`it`은 변수 이름 없이 블록 파라미터를 참조하기 위해 추가되었습니다. [[Feature #18980]] + +```ruby +ary = ["foo", "bar", "baz"] + +p ary.map { it.upcase } #=> ["FOO", "BAR", "BAZ"] +``` + +`it`은 `_1`과 거의 동일하게 동작합니다. 블록에서 `_1`만 사용할 때 다른 번호 파라미터인 `_2` 등이 나타날 가능성이 읽는 사람에게 추가적인 인지 부담을 주게 됩니다. 따라서 `it`은 편리한 별칭으로 추가되었습니다. `it`은 `it` 자체로 충분히 명확한 경우에 사용하세요. 예를 들어, 한 줄짜리 블록에서 사용하세요. + +## 기본 파서를 Prism으로 변경 + +parse.y에서 Prism으로 기본 파서를 변경했습니다. [[Feature #20564]] + +이는 내부적인 개선이며 사용자에게는 거의 변화가 없어야 합니다. 호환성 문제가 발생하면 보고해 주세요. + +기존 파서를 사용하려면 `--parser=parse.y` 커맨드 라인 인수를 사용하세요. + +## 소켓 라이브러리가 Happy Eyeballs Version 2 (RFC 8305) 대응 + +소켓 라이브러리는 이제 [Happy Eyeballs Version 2(RFC 8305)](https://datatracker.ietf.org/doc/html/rfc8305)를 지원합니다. 이는 `TCPSocket.new`(`TCPSocket.open`)와 `Socket.tcp`에서 네트워크 연결을 효율적이고 안정적으로 제공하기 위해 많은 언어에서 널리 사용되는 방법의 최신 표준화 버전입니다. +이 개선 사항은 Ruby가 현대적인 인터넷 환경에 적응된 효율적이고 신뢰할 수 있는 네트워크 연결을 제공할 수 있도록 합니다. + +Ruby 3.3까지 이러한 메서드는 이름 해석과 연결 시도를 직렬로 수행했습니다. 해당 알고리즘 도입으로 이제 다음과 같이 작동합니다. + +1. IPv6와 IPv4 이름 해석을 동시에 수행 +2. IPv6를 우선하며 병렬로 연결을 시도하되 250ms 간격으로 떨어뜨려 시도 +3. 성공한 연결을 반환하고 다른 연결을 취소 + +이는 특정 프로토콜이나 IP 주소가 지연되거나 사용할 수 없는 경우에도 연결 지연을 최소화합니다. +이 기능은 기본적으로 활성화되어 있으므로 추가 구성은 필요하지 않습니다. 전역으로 비활성화하려면 환경 변수 `RUBY_TCP_NO_FAST_FALLBACK=1`을 설정하거나 `Socket.tcp_fast_fallback=false`를 호출하세요. 또는 메서드별로 비활성화하려면 키워드 인수 `fast_fallback: false`를 사용하세요. + +## YJIT + +### TL;DR + +* x86-64와 arm64 플랫폼에서 대부분의 벤치마크에서 성능이 향상되었습니다. +* 메타 데이터 압축과 통합 메모리 제한을 통해 메모리 사용량이 줄었습니다. +* 여러 버그가 수정되었습니다. YJIT는 이제 더 견고하고 잘 테스트되었습니다. + +### 새 기능 + +* 커맨드 라인 옵션 + * `--yjit-mem-size` 커맨드 라인 옵션(기본값 128MiB)을 통해 YJIT의 통합 메모리 제한을 추가했습니다. + 이는 이전 `--yjit-exec-mem-size`보다 직관적이며, YJIT의 전체 메모리 사용량을 추적합니다. + * `--yjit-log`를 통해 무엇이 컴파일되었는지 추적하는 컴파일 로그를 추가했습니다. +* Ruby API + * `RubyVM::YJIT.log`로 런타임에서 컴파일 로그의 마지막 부분을 확인할 수 있습니다. +* YJIT 통계 정보 + * `RubyVM::YJIT.runtime_stats`는 이제 언제나 무효화, 인라인, 메타 정보 인코딩에 대한 + 추가 통계 정보를 제공합니다. + +### 새 최적화 + +* YJIT 메타 데이터를 저장하는 데 필요한 메모리를 줄이는 콘텍스트 압축 +* 로컬 변수와 Ruby 메서드 인수를 위한 레지스터를 할당합니다. +* YJIT을 사용할 때 Ruby로 작성된 더 많은 코어 프리미티브를 사용합니다. + * 성능을 높이기 위해 Ruby로 다시 작성된 `Array#each`, `Array#select`, `Array#map` [[Feature #20182]] +* 작고 사소한 메서드를 인라인으로 변환하는 능력 + * 빈 메서드 + * 상수를 반환하는 메서드 + * `self`를 반환하는 메서드 + * 인수를 직접 반환하는 메서드 +* 더 많은 런타임 메서드에 대한 특별한 코드 생성 +* `String#getbyte`, `String#setbyte` 및 다른 문자열 메서드를 최적화 +* 저레벨 비트/바이트 조작을 빠르게 하기 위한 비트 연산 최적화 +* 멀티 Ractor 모드에서 공유 가능한 상수 지원 +* 다양한 다른 점진적 최적화 + +## 모듈러 GC + +* 다른 가비지 컬렉터(GC) 구현을 모듈러 가비지 컬렉터 기능을 통해 동적으로 + 로드할 수 있습니다. 이 기능을 활성화하려면 Ruby 빌드 시에 + `--with-modular-gc`를 설정하세요. GC 라이브러리는 환경 변수 `RUBY_GC_LIBRARY`를 + 사용하여 런타임에 로드할 수 있습니다. + [[Feature #20351]] + +* Ruby의 내장 가비지 컬렉터는 `gc/default/default.c`에 분리되어 있으며, + `gc/gc_impl.h`에 정의된 API를 사용하여 Ruby와 상호 작용합니다. + 내장 가비지 컬렉터는 `make modular-gc MODULAR_GC=default`를 사용하여 + 라이브러리로서 빌드하고 환경 변수 `RUBY_GC_LIBRARY=default`를 + 사용하여 활성화할 수 있습니다. [[Feature #20470]] + +* [MMTk](https://www.mmtk.io/)를 기반으로 한 실험적인 GC 라이브러리가 제공됩니다. + 이 GC 라이브러리는 `make modular-gc MODULAR_GC=mmtk`를 사용하여 빌드하고 + 환경 변수 `RUBY_GC_LIBRARY=mmtk`를 사용하여 활성화할 수 있습니다. + 이는 빌드 머신에 Rust 툴체인이 필요합니다. [[Feature #20860]] + +## 언어 변경 + +* 파일에 `frozen_string_literal` 주석이 없을 때, 문자열 리터럴이 변경되면 + 폐기 예정 경고를 출력합니다. + 이 경고는 `-W:deprecated`나 `Warning[:deprecated] = true` 설정을 통해 활성화할 수 있습니다. + 이 변경을 무효화하고 싶다면 Ruby를 실행할 때 `--disable-frozen-string-literal` + 커맨드 라인 인수를 사용하세요. [[Feature #20205]] + +* 메서드 호출 시에 `nil`에 키워드 스플랫을 지원합니다. + `**nil`은 `**{}`와 비슷하게 동작하며, 키워드를 넘기지 않으며, + 어떤 변환 메서드도 호출하지 않습니다. [[Bug #20064]] + +* 블록을 인덱스로 사용할 수 없게 됩니다. [[Bug #19918]] + +* 키워드 인수를 인덱스로 사용할 수 없게 됩니다. [[Bug #20218]] + +* 최상위 이름 `::Ruby`은 예약되었으며, 이를 정의할 경우 `Warning[:deprecated]`가 발생합니다. [[Feature #20884]] + +## 코어 클래스 변경 + +주의: 눈에 띄는 코어 클래스 변경만을 포함합니다. + +* Exception + + * `Exception#set_backtrace`는 이제 `Thread::Backtrace::Location`의 배열을 입력으로 받을 수 있습니다. + `Kernel#raise`, `Thread#raise`와 `Fiber#raise`도 같은 형식의 입력을 받습니다. [[Feature #13557]] + +* GC + + * `GC.config`가 추가되어 가비지 컬렉터(GC)의 설정을 변경할 수 있습니다. + [[Feature #20443]] + + * GC 설정 파라미터 `rgengc_allow_full_mark`가 추가되었습니다. `false`일 때 + GC는 젊은 객체만 마킹합니다. 기본값은 `true`입니다. [[Feature #20443]] + +* Ractor + + * Ractor 내부에서 `require`가 허용됩니다. 해당 처리는 주 Ractor에서 + 실행됩니다. 불러오는 처리를 주 Ractor에서 실행하는 + `Ractor._require(feature)`가 추가되었습니다. + [[Feature #20627]] + + * `Ractor.main?`이 추가되었습니다. [[Feature #20627]] + + * 현재 Ractor의 Ractor 로컬 저장소에 접근하는 `Ractor.[]`와 `Ractor.[]=`가 추가되었습니다. + [[Feature #20715]] + + * Ractor 로컬 변수를 스레드 안전하게 초기화하는 `Ractor.store_if_absent(key){ init }`가 + 추가되었습니다. [[Feature #20875]] + +* Range + + * `Range#size`는 이제 범위가 순회 가능하지 않다면 `TypeError`를 던집니다. [[Misc #18984]] + + +## 표준 라이브러리 변경 + +주의: 눈에 띄는 표준 라이브러리 변경만을 포함합니다. + +* RubyGems + * `--attestation` 옵션을 gem push에 추가했습니다. [sigstore.dev]에 서명을 저장할 수 있습니다. + +* Bundler + * 새 lockfile 생성 시에 체크섬을 포함하는 `lockfile_checksums` 설정을 추가합니다. + * 기존 lockfile에 체크섬을 추가하는 `--add-checksums`를 추가합니다. + +* JSON + + * `JSON.parse`의 성능이 json-2.7.x보다 약 1.5배 빨라졌습니다. + +* Tempfile + + * `Tempfile.create`에 `anonymous: true` 키워드 인수가 구현되었습니다. + `Tempfile.create(anonymous: true)`는 즉시 생성된 임시 파일을 제거합니다. + 따라서 애플리케이션에서 파일을 제거할 필요가 없습니다. + [[Feature #20497]] + +* win32/sspi.rb + + * 이 라이브러리는 이제 Ruby 저장소에서 [ruby/net-http-sspi]로 추출되었습니다. + [[Feature #20775]] + +## 호환성 문제 + +주의: 기능 버그 수정은 포함되어 있지 않습니다. + +* 에러 메시지와 백트레이스의 출력 결과가 변경됩니다. + * 여는 따옴표로 백틱 대신 작은따옴표를 사용합니다. [[Feature #16495]] + * 메서드 이름 앞에 클래스 이름을 출력합니다(클래스가 불변하는 이름을 가지고 있는 경우만). [[Feature #19117]] + * `Kernel#caller`, `Thread::Backtrace::Location`의 메서드 등도 마찬가지로 변경됩니다. + + ``` + Old: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + New: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +* `Hash#inspect` 렌더링이 변경되었습니다. [[Bug #20433]] + + * 심볼 키는 최신 심볼 키 구문을 사용하여 표시됩니다. 예시: `"{user: 1}"` + * 다른 키는 `=>` 주변에 공백이 표시됩니다. 예시: `'{"user" => 1}'`. 이전에는 없었습니다. 예시: `'{"user"=>1}'` + +* `Kernel#Float()`는 이제 소수 부분이 생략된 소수 문자열을 허용합니다. [[Feature #20705]] + + ```rb + Float("1.") #=> 1.0 (이전에는 ArgumentError가 발생했습니다) + Float("1.E-1") #=> 0.1 (이전에는 ArgumentError가 발생했습니다) + ``` + +* `String#to_f`는 이제 소수 부분이 생략된 소수 문자열을 허용합니다. 지수가 지정된 경우 결과가 변경됩니다. [[Feature #20705]] + + ```rb + "1.".to_f #=> 1.0 + "1.E-1".to_f #=> 0.1 (이전에는 1.0이 반환되었습니다) + ``` + +* `Refinement#refined_class`가 삭제되었습니다. [[Feature #19714]] + +## 표준 라이브러리 호환성 문제 + +* DidYouMean + + * `DidYouMean::SPELL_CHECKERS[]=`과 `DidYouMean::SPELL_CHECKERS.merge!`가 삭제됩니다. + +* Net::HTTP + + * 폐기 예정이었던 상수가 삭제됩니다. + * `Net::HTTP::ProxyMod` + * `Net::NetPrivate::HTTPRequest` + * `Net::HTTPInformationCode` + * `Net::HTTPSuccessCode` + * `Net::HTTPRedirectionCode` + * `Net::HTTPRetriableCode` + * `Net::HTTPClientErrorCode` + * `Net::HTTPFatalErrorCode` + * `Net::HTTPServerErrorCode` + * `Net::HTTPResponseReceiver` + * `Net::HTTPResponceReceiver` + + 이 상수들은 2012년부터 폐기 예정이었습니다. + +* Timeout + + * `Timeout.timeout`은 음수 값을 거부합니다. [[Bug #20795]] + +* URI + + * 기본 파서를 RFC 2396 호환에서 RFC 3986 호환으로 변경했습니다. + [[Bug #19266]] + +## C API 변경 + +* `rb_newobj`와 `rb_newobj_of`(그리고 대응하는 매크로인 `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`)가 삭제됩니다. [[Feature #20265]] +* 폐기 예정이던 `rb_gc_force_recycle` 함수를 삭제했습니다. [[Feature #18290]] + +## 그 이외의 변경 + +* 상세 모드(`-w`)에서 메서드에 넘긴 블록이 사용되지 않았을 때 + 경고를 출력합니다. + [[Feature #15554]] + +* `String.freeze`나 `Integer#+`처럼 인터프리터와 JIT이 특별히 최적화하는 + 몇몇 코어 메서드를 재정의하면 성능 클래스 + 경고(`-W:performance`나 `Warning[:performance] = true`)를 출력합니다. + [[Feature #20429]] + +더 자세한 내용은 [NEWS](https://docs.ruby-lang.org/en/3.4/NEWS_md.html)나 +[커밋 로그](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }})를 +확인해 주세요. + +이러한 변경사항에 따라, Ruby 3.3.0 이후로 [파일 {{ release.stats.files_changed }}개 수정, {{ release.stats.insertions }}줄 추가(+), {{ release.stats.deletions }}줄 삭제(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket)가 +이루어졌습니다! + +메리 크리스마스, 해피 홀리데이, 그리고 Ruby 3.4와 함께 프로그래밍을 즐겨보세요! + +## 다운로드 + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby는 + +Ruby는 1993년에 Matz(마츠모토 유키히로) 씨가 처음 개발했고, +현재는 오픈 소스로서 개발되고 있습니다. 여러 플랫폼에서 동작하며, +특히 웹 개발에서 전 세계적으로 이용되고 있습니다. + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19266]: https://bugs.ruby-lang.org/issues/19266 +[Feature #19714]: https://bugs.ruby-lang.org/issues/19714 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20351]: https://bugs.ruby-lang.org/issues/20351 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20443]: https://bugs.ruby-lang.org/issues/20443 +[Feature #20470]: https://bugs.ruby-lang.org/issues/20470 +[Feature #20497]: https://bugs.ruby-lang.org/issues/20497 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Bug #20620]: https://bugs.ruby-lang.org/issues/20620 +[Feature #20627]: https://bugs.ruby-lang.org/issues/20627 +[Feature #20705]: https://bugs.ruby-lang.org/issues/20705 +[Feature #20715]: https://bugs.ruby-lang.org/issues/20715 +[Feature #20775]: https://bugs.ruby-lang.org/issues/20775 +[Bug #20795]: https://bugs.ruby-lang.org/issues/20795 +[Bug #20433]: https://bugs.ruby-lang.org/issues/20433 +[Feature #20860]: https://bugs.ruby-lang.org/issues/20860 +[Feature #20875]: https://bugs.ruby-lang.org/issues/20875 +[Feature #20884]: https://bugs.ruby-lang.org/issues/20884 +[sigstore.dev]: https://www.sigstore.dev +[ruby/net-http-sspi]: https://github.com/ruby/net-http-sspi diff --git a/ko/news/_posts/2024-12-25-ruby-3-4-1-released.md b/ko/news/_posts/2024-12-25-ruby-3-4-1-released.md new file mode 100644 index 0000000000..80b09d4ae1 --- /dev/null +++ b/ko/news/_posts/2024-12-25-ruby-3-4-1-released.md @@ -0,0 +1,39 @@ +--- +layout: news_post +title: "Ruby 3.4.1 릴리스" +author: "naruse" +translator: "shia" +date: 2024-12-25 00:00:00 +0000 +lang: ko +--- + +Ruby 3.4.1이 릴리스되었습니다. + +이번 릴리스는 버전 설명을 수정합니다. + +자세한 내용은 [GitHub 릴리스](https://github.com/ruby/ruby/releases/tag/v3_4_1)를 참조하세요. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.4.1" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} diff --git a/ko/news/_posts/2025-01-15-ruby-3-3-7-released.md b/ko/news/_posts/2025-01-15-ruby-3-3-7-released.md new file mode 100644 index 0000000000..1a501ed3a9 --- /dev/null +++ b/ko/news/_posts/2025-01-15-ruby-3-3-7-released.md @@ -0,0 +1,43 @@ +--- +layout: news_post +title: "Ruby 3.3.7 릴리스" +author: k0kubun +translator: shia +date: 2025-01-15 07:51:59 +0000 +lang: ko +--- + +Ruby 3.3.7이 릴리스되었습니다. + +이번 릴리스는 일반적인 업데이트로, 사소한 버그 수정이 포함되어 있습니다. +자세한 내용은 [GitHub 릴리스 노트](https://github.com/ruby/ruby/releases/tag/v3_3_7)를 참조하세요. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.3.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2025-02-04-ruby-3-2-7-released.md b/ko/news/_posts/2025-02-04-ruby-3-2-7-released.md new file mode 100644 index 0000000000..bb10f69369 --- /dev/null +++ b/ko/news/_posts/2025-02-04-ruby-3-2-7-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 3.2.7 릴리스" +author: nagachika +translator: shia +date: 2025-02-04 12:00:00 +0000 +lang: ko +--- + +Ruby 3.2.7이 릴리스되었습니다. + +자세한 내용은 [GitHub 릴리스](https://github.com/ruby/ruby/releases/tag/v3_2_7)를 참조하세요. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.2.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md b/ko/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md new file mode 100644 index 0000000000..58c493cbb7 --- /dev/null +++ b/ko/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2025-25186: net-imap의 DoS 취약점" +author: "nevans" +translator: "shia" +date: 2025-02-10 03:00:00 +0000 +tags: security +lang: ko +--- + +net-imap gem에서 DoS 취약점이 발견되었습니다. 이 취약점은 CVE 번호 [CVE-2025-25186](https://www.cve.org/CVERecord?id=CVE-2025-25186)으로 등록되었습니다. net-imap gem을 업그레이드하기를 추천합니다. + +## 세부 내용 + +악의적인 서버가 고도로 압축된 uid-set 데이터를 보낼 수 있으며, 클라이언트의 수신 스레드는 이 데이터를 자동으로 읽습니다. 응답 파서는 uid-set 데이터를 정수 배열로 변환하기 위해 Range#to_a를 사용하며, 이때 확장된 범위의 크기에 대한 제한이 없습니다. + +net-imap gem을 0.3.8, 0.4.19, 또는 0.5.6으로 업데이트하세요. + +## 해당 버전 + +* net-imap gem 0.3.2부터 0.3.7까지, 0.4.0부터 0.4.18까지, 또는 0.5.0부터 0.5.5까지 + +## 도움을 준 사람 + +이 문제를 발견해 준 [manun](https://hackerone.com/manun)에게 감사를 표합니다. + +## 수정 이력 + +* 2025-02-10 03:00:00 (UTC) 최초 공개 diff --git a/ko/news/_posts/2025-02-14-ruby-3-4-2-released.md b/ko/news/_posts/2025-02-14-ruby-3-4-2-released.md new file mode 100644 index 0000000000..b29480454c --- /dev/null +++ b/ko/news/_posts/2025-02-14-ruby-3-4-2-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.4.2 릴리스" +author: k0kubun +translator: "shia" +date: 2025-02-14 21:55:17 +0000 +lang: ko +--- + +Ruby 3.4.2가 릴리스되었습니다. + +이번 릴리스는 일반적인 업데이트로, 사소한 버그 수정이 포함되어 있습니다. +자세한 내용은 [GitHub 릴리스 노트](https://github.com/ruby/ruby/releases/tag/v3_4_2)를 참조하세요. + +## 릴리스 일정 + +Ruby의 최신 안정 버전(현재 Ruby 3.4)을 2개월마다 릴리스할 계획입니다. +Ruby 3.4.3은 4월에 릴리스될 예정이며, 3.4.4는 6월, 3.4.5는 8월, 3.4.6은 10월, 3.4.7은 12월에 릴리스될 예정입니다. + +만약 많은 사람들에게 영향을 미치는 변경 사항이 있을 경우, 해당 버전은 예상보다 빨리 릴리스될 수 있습니다. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.4.2" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2025-02-26-security-advisories.md b/ko/news/_posts/2025-02-26-security-advisories.md new file mode 100644 index 0000000000..fe24d760da --- /dev/null +++ b/ko/news/_posts/2025-02-26-security-advisories.md @@ -0,0 +1,70 @@ +--- +layout: news_post +title: "보안 권고: CVE-2025-27219, CVE-2025-27220, CVE-2025-27221" +author: "hsbt" +translator: "shia" +date: 2025-02-26 07:00:00 +0000 +tags: security +lang: ko +--- + +CVE-2025-27219, CVE-2025-27220 및 CVE-2025-27221에 대한 보안 권고를 발표했습니다. 아래 내용을 확인해 주세요. + +## CVE-2025-27219: `CGI::Cookie.parse`에서의 서비스 거부 + +cgi gem에서 DoS가 발생할 수 있습니다. 이 취약점은 CVE 식별자 [CVE-2025-27219](https://www.cve.org/CVERecord?id=CVE-2025-27219)가 할당되었습니다. cgi gem을 업그레이드하기를 추천합니다. + +### 세부 내용 + +`CGI::Cookie.parse`는 특정 쿠키 문자열을 구문 분석할 때 초선형(super-linear) 시간이 걸렸습니다. 이 메서드에 악의적으로 조작된 쿠키 문자열을 넘기면 서비스 거부가 발생할 수 있습니다. + +CGI gem의 버전을 0.3.5.1, 0.3.7, 0.4.2 또는 그 이상으로 업데이트하세요. + +### 해당 버전 + +* cgi gem 버전 <= 0.3.5, 0.3.6, 0.4.0 및 0.4.1 + +### 도움을 준 사람 + +이 문제를 발견해 준 [lio346](https://hackerone.com/lio346)에게 감사를 표합니다. 또한 이 취약점을 수정한 [mame](https://github.com/mame)에게도 감사를 표합니다. + +## CVE-2025-27220: `CGI::Util#escapeElement`에서의 ReDoS + +cgi gem에서 정규 표현식 서비스 거부(ReDoS)가 발생할 수 있습니다. 이 취약점은 CVE 식별자 [CVE-2025-27220](https://www.cve.org/CVERecord?id=CVE-2025-27220)이 할당되었습니다. cgi gem을 업그레이드하기를 추천합니다. + +### 세부 내용 + +`CGI::Util#escapeElement`에서 사용된 정규 표현식이 ReDoS에 취약합니다. 정교하게 만들어진 입력은 높은 CPU 사용으로 이어질 수 있습니다. + +이 취약점은 Ruby 3.1 및 3.2에서만 영향을 미칩니다. 이러한 버전을 사용 중이라면 CGI gem을 버전을 0.3.5.1, 0.3.7, 0.4.2 또는 그 이상으로 업데이트하세요. + +### 해당 버전 + +* cgi gem 버전 <= 0.3.5, 0.3.6, 0.4.0 및 0.4.1 + +### 도움을 준 사람 + +이 문제를 발견해 준 [svalkanov](https://hackerone.com/svalkanov)에게 감사를 표합니다. 또한 이 취약점을 수정한 [nobu](https://github.com/nobu)에게도 감사를 표합니다. + + +## CVE-2025-27221: `URI#join`, `URI#merge` 및 `URI#+`에서의 사용자 정보 유출 + +uri gem에서 사용자 정보 유출이 발생할 수 있습니다. 이 취약점은 CVE 식별자 [CVE-2025-27221](https://www.cve.org/CVERecord?id=CVE-2025-27221)이 할당되었습니다. uri gem을 업그레이드하기를 추천합니다. + +### 세부 내용 + +`URI#join`, `URI#merge`, `URI#+` 메서드는 호스트 정보를 교체하더라도 `user:password`와 같은 사용자 정보를 유지합니다. 이러한 메서드를 사용하여 비밀인 사용자 정보를 포함하는 URL에서 악의적인 호스트로 URL을 생성하고, 누군가가 해당 URL에 액세스하면 의도하지 않은 사용자 정보 유출이 발생할 수 있습니다. + +URI gem을 버전 0.11.3, 0.12.4, 0.13.2, 1.0.3 또는 그 이상으로 업데이트하세요. + +### 해당 버전 + +* uri gem 버전 < 0.11.3, 0.12.0부터 0.12.3까지, 0.13.0, 0.13.1 및 1.0.0부터 1.0.2까지 + +### 도움을 준 사람 + +이 문제를 발견해 준 [Tsubasa Irisawa(lambdasawa)](https://hackerone.com/lambdasawa)에게 감사를 표합니다. 또한 이 취약점을 수정한 [nobu](https://github.com/nobu)에게도 감사를 표합니다. + +## 수정 이력 + +* 2025-02-26 7:00:00 (UTC) 최초 공개 diff --git a/ko/news/_posts/2025-03-26-ruby-3-1-7-released.md b/ko/news/_posts/2025-03-26-ruby-3-1-7-released.md new file mode 100644 index 0000000000..51a22a3847 --- /dev/null +++ b/ko/news/_posts/2025-03-26-ruby-3-1-7-released.md @@ -0,0 +1,46 @@ +--- +layout: news_post +title: "Ruby 3.1.7 릴리스" +author: hsbt +translator: shia +date: 2025-03-26 04:44:27 +0000 +lang: ko +--- + +Ruby 3.1.7이 릴리스되었습니다. 이 릴리스에는 [CVE-2025-27219, CVE-2025-27220 및 CVE-2025-27221 수정 사항](https://www.ruby-lang.org/ko/news/2025/02/26/security-advisories/)이 포함되어 있고, 내장된 REXML 및 RSS gem이 업데이트되었습니다. + +자세한 사항은 [GitHub 릴리스](https://github.com/ruby/ruby/releases/tag/v3_1_7)를 확인해 주세요. + +이 버전은 Ruby 3.1 버전대의 최종 릴리스입니다. Ruby 3.1 버전대에 대한 보안 수정을 포함한 추가 업데이트는 제공되지 않습니다. + +Ruby 3.3 또는 3.4 버전대로 업그레이드하는 것을 권장합니다. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.1.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2025-03-26-ruby-3-2-8-released.md b/ko/news/_posts/2025-03-26-ruby-3-2-8-released.md new file mode 100644 index 0000000000..aed1e2ba99 --- /dev/null +++ b/ko/news/_posts/2025-03-26-ruby-3-2-8-released.md @@ -0,0 +1,46 @@ +--- +layout: news_post +title: "Ruby 3.2.8 릴리스" +author: hsbt +translator: shia +date: 2025-03-26 04:45:01 +0000 +lang: ko +--- + +Ruby 3.2.8이 릴리스되었습니다. 이 릴리스에는 [CVE-2025-27219, CVE-2025-27220 및 CVE-2025-27221 수정 사항](https://www.ruby-lang.org/ko/news/2025/02/26/security-advisories/)이 포함되어 있습니다. + +자세한 사항은 [GitHub 릴리스](https://github.com/ruby/ruby/releases/tag/v3_2_8)를 확인해 주세요. + +이 버전은 Ruby 3.2 버전대의 일반 유지보수 마지막 버전입니다. Ruby 3.2 버전대는 2026년 3월 말까지 보안 문제만 수정될 것입니다. + +Ruby 3.3 또는 3.4 버전대로 업그레이드하는 것을 권장합니다. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.2.8" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2025-04-09-ruby-3-3-8-released.md b/ko/news/_posts/2025-04-09-ruby-3-3-8-released.md new file mode 100644 index 0000000000..7edd5c7872 --- /dev/null +++ b/ko/news/_posts/2025-04-09-ruby-3-3-8-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 3.3.8 릴리스" +author: nagachika +translator: shia +date: 2025-04-09 11:00:00 +0000 +lang: ko +--- + +Ruby 3.3.8이 릴리스되었습니다. + +자세한 내용은 [GitHub 릴리스 노트](https://github.com/ruby/ruby/releases/tag/v3_3_8)를 참조하세요. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.3.8" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2025-04-14-ruby-3-4-3-released.md b/ko/news/_posts/2025-04-14-ruby-3-4-3-released.md new file mode 100644 index 0000000000..27989b7a5e --- /dev/null +++ b/ko/news/_posts/2025-04-14-ruby-3-4-3-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.4.3 릴리스" +author: k0kubun +translator: "shia" +date: 2025-04-14 08:06:57 +0000 +lang: ko +--- + +Ruby 3.4.3이 릴리스되었습니다. + +이번 릴리스는 일반적인 업데이트로, 사소한 버그 수정이 포함되어 있습니다. +자세한 내용은 [GitHub 릴리스 노트](https://github.com/ruby/ruby/releases/tag/v3_4_3)를 참조하세요. + +## 릴리스 일정 + +Ruby의 최신 안정 버전(현재 Ruby 3.4)을 2개월마다 릴리스할 계획입니다. +Ruby 3.4.4는 6월에 릴리스될 예정이며, 3.4.5는 8월, 3.4.6은 10월, 3.4.7은 12월에 릴리스될 예정입니다. + +만약 많은 사람들에게 영향을 미치는 변경 사항이 있을 경우, 해당 버전은 예상보다 빨리 릴리스될 수 있습니다. + +## 다운로드 + +{% assign release = site.data.releases | where: "version", "3.4.3" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 릴리스 코멘트 + +많은 커미터, 개발자, 버그를 보고해 준 사용자들이 이 릴리스를 만드는 데 도움을 주었습니다. +그들의 기여에 감사드립니다. diff --git a/ko/news/_posts/2025-04-18-ruby-3-5-0-preview1-released.md b/ko/news/_posts/2025-04-18-ruby-3-5-0-preview1-released.md new file mode 100644 index 0000000000..50c084aeb5 --- /dev/null +++ b/ko/news/_posts/2025-04-18-ruby-3-5-0-preview1-released.md @@ -0,0 +1,110 @@ +--- +layout: news_post +title: "Ruby 3.5.0-preview1 릴리스" +author: "naruse" +translator: "shia" +date: 2025-04-18 00:00:00 +0000 +lang: ko +--- + +{% assign release = site.data.releases | where: "version", "3.5.0-preview1" | first %} +Ruby {{ release.version }} 릴리스를 알리게 되어 기쁩니다. Ruby 3.5는 유니코드 버전을 15.1.0으로 업데이트했으며, 더 많은 것들이 있습니다. + +## 언어 변경 + +* `**nil`이 `nil.to_hash`를 호출하지 않는 것과 비슷하게 `*nil`은 더 이상 `nil.to_a`를 호출하지 않습니다. + [[Feature #21047]] + +## 코어 클래스 변경 + +주의: 눈에 띄는 코어 클래스 변경만을 포함합니다. + +* Binding + + * `Binding#local_variables`는 더 이상 번호가 매겨진 매개변수를 포함하지 않습니다. + 또한, `Binding#local_variable_get`과 `Binding#local_variable_set`은 번호가 매겨진 매개변수를 처리하지 않습니다. + [[Bug #21049]] + +* IO + + * `IO.select`는 타임아웃 인수로 +Float::INFINITY+를 허용합니다. + [[Feature #20610]] + +* String + + * 유니코드 15.1.0 및 이모지 버전 15.1로 업데이트합니다. [[Feature #19908]] + (Regexp에도 적용됩니다) + + +## 표준 라이브러리 변경 + +주의: 눈에 띄는 표준 라이브러리 변경만을 포함합니다. + +* ostruct 0.6.1 +* pstore 0.2.0 +* benchmark 0.4.0 +* logger 1.7.0 +* rdoc 6.13.1 +* win32ole 1.9.2 +* irb 1.15.2 +* reline 0.6.1 +* readline 0.0.4 +* fiddle 1.1.6 + +## 호환성 문제 + +주의: 기능 버그 수정은 포함되어 있지 않습니다. + + + +## 표준 라이브러리 호환성 문제 + + +## C API 변경 + + + +## 그 이외의 변경 + + + +더 자세한 내용은 [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md)나 +[커밋 로그](https://github.com/ruby/ruby/compare/v3_4_0...{{ release.tag }})를 +확인해 주세요. + +이러한 변경사항에 따라, Ruby 3.4.0 이후로 [파일 {{ release.stats.files_changed }}개 수정, {{ release.stats.insertions }}줄 추가(+), {{ release.stats.deletions }}줄 삭제(-)](https://github.com/ruby/ruby/compare/v3_4_0...{{ release.tag }}#file_bucket)가 +이루어졌습니다! + +## 다운로드 + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby는 + +Ruby는 1993년에 Matz(마츠모토 유키히로) 씨가 처음 개발했고, +현재는 오픈 소스로서 개발되고 있습니다. 여러 플랫폼에서 동작하며, +특히 웹 개발에서 전 세계적으로 이용되고 있습니다. + +[Feature #21047]: https://bugs.ruby-lang.org/issues/21047 +[Bug #21049]: https://bugs.ruby-lang.org/issues/21049 +[Feature #20610]: https://bugs.ruby-lang.org/issues/20610 +[Feature #19908]: https://bugs.ruby-lang.org/issues/19908 diff --git a/ko/news/_posts/2025-04-28-dos-net-imap-cve-2025-43857.md b/ko/news/_posts/2025-04-28-dos-net-imap-cve-2025-43857.md new file mode 100644 index 0000000000..1ddf6e44a2 --- /dev/null +++ b/ko/news/_posts/2025-04-28-dos-net-imap-cve-2025-43857.md @@ -0,0 +1,35 @@ +--- +layout: news_post +title: "CVE-2025-43857: net-imap의 DoS 취약점" +author: "nevans" +translator: "shia" +date: 2025-04-28 16:02:04 +0000 +tags: security +lang: ko +--- + +net-imap gem에서 DoS 취약점이 발견되었습니다. 이 취약점은 CVE 번호 [CVE-2025-43857](https://www.cve.org/CVERecord?id=CVE-2025-43857)로 등록되었습니다. net-imap gem을 업그레이드하기를 추천합니다. + +## 세부 내용 + +악의적인 서버가 "문자 그대로" 바이트 수를 보낼 수 있으며, 클라이언트의 수신 스레드는 이 데이터를 자동으로 읽습니다. 응답 리더는 서버 응답에 의해 표시된 바이트 수에 대한 메모리를 즉시 할당합니다. 신뢰할 수 있는 IMAP 서버에 안전하게 연결할 때는 문제가 되지 않습니다. 그러나 보안 연결을 사용하지 않거나, 버그가 있거나, 신뢰할 수 없거나, 오염된 서버(예: 사용자가 제공한 호스트 이름에 연결하는 경우)에서는 문제가 발생할 수 있습니다. + +net-imap gem 0.2.5, 0.3.9, 0.4.20, 0.5.7 이상으로 업데이트하세요. + +신뢰할 수 없는 서버에 연결하거나 보안 연결을 사용하고 있지 않다면, `max_response_size`와 응답 핸들러를 적절히 설정하여 메모리 소비를 제한해야 합니다. 자세한 내용은 [GHSA-j3g3-5qv5-52mj]를 참조하세요. + +## 해당 버전 + +net-imap gem 0.2.4 이하, 0.3.0부터 0.3.8까지, 0.4.0부터 0.4.19까지, 0.5.0부터 0.5.6까지 + +## 도움을 준 사람 + +이 문제를 발견해 준 [Masamune]에게 감사를 표합니다. + +## 수정 이력 + +* 2025-04-28 16:02:04 (UTC) 최초 공개 + +[CVE-2025-43857]: https://www.cve.org/CVERecord?id=CVE-2025-43857 +[GHSA-j3g3-5qv5-52mj]: https://github.com/ruby/net-imap/security/advisories/GHSA-j3g3-5qv5-52mj +[Masamune]: https://hackerone.com/masamune_ diff --git a/lib/draft-release.rb b/lib/draft-release.rb new file mode 100644 index 0000000000..09c411f1cd --- /dev/null +++ b/lib/draft-release.rb @@ -0,0 +1,10 @@ +require "erb" + +template = File.read("lib/release-template.erb") +version = ARGV[0] || "3.3.4" + +output_path = "en/news/_posts/#{Time.now.strftime("%Y-%m-%d")}-ruby-#{version.gsub(/\./, "-")}-released.md" + +File.open(output_path, "w") do |file| + file.write ERB.new(template).result(binding) +end diff --git a/lib/release-template.erb b/lib/release-template.erb new file mode 100644 index 0000000000..067e651799 --- /dev/null +++ b/lib/release-template.erb @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby <%= version %> Released" +author: +translator: +date: <%= Time.now %> +lang: en +--- + +Ruby <%= version %> has been released. + +Please see the [GitHub releases](https://github.com/ruby/ruby/releases/tag/v<%= version.gsub(/\./, '_') %>) for further details. + +## Download + +{% assign release = site.data.releases | where: "version", "<%= version %>" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Release Comment + +Many committers, developers, and users who provided bug reports helped us make this release. +Thanks for their contributions. diff --git a/pl/community/mailing-lists/index.md b/pl/community/mailing-lists/index.md index d9e1525980..98e3eb1ccf 100644 --- a/pl/community/mailing-lists/index.md +++ b/pl/community/mailing-lists/index.md @@ -33,10 +33,10 @@ listy: ## Subscribe or Unsubscribe -[Subscribe or Unsubscribe](https://ml.ruby-lang.org/mailman3/postorius/lists/) +[Subscribe or Unsubscribe](https://ml.ruby-lang.org/mailman3/lists/) -[4]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-talk@ml.ruby-lang.org/ -[5]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-core@ml.ruby-lang.org/ -[6]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-doc@ml.ruby-lang.org/ +[4]: https://ml.ruby-lang.org/archives/list/ruby-talk@ml.ruby-lang.org/ +[5]: https://ml.ruby-lang.org/archives/list/ruby-core@ml.ruby-lang.org/ +[6]: https://ml.ruby-lang.org/archives/list/ruby-doc@ml.ruby-lang.org/ diff --git a/pl/documentation/index.md b/pl/documentation/index.md index 45a8498ddb..f26be3c6c8 100644 --- a/pl/documentation/index.md +++ b/pl/documentation/index.md @@ -107,11 +107,10 @@ Oto lista popularnych narzędzi używanych przez rubistów: * [SciTe][28] * [NetBeans][36] * [Sublime Text][37] + * [Visual Studio Code][vscode] z wtyczką [Ruby LSP][40] * Dla Windows: * [Notepad++][29] - * [E-TextEditor][30] - * [Ruby In Steel][31] * Dla macOS: * [TextMate][32] @@ -152,8 +151,6 @@ Jeśli szukasz pomocy w języku polskim, zajrzyj na [forum][pl-2]. [27]: http://www.jetbrains.com/ruby/ [28]: http://www.scintilla.org/SciTE.html [29]: http://notepad-plus-plus.org/ -[30]: http://www.e-texteditor.com/ -[31]: http://www.sapphiresteel.com/ [32]: http://macromates.com/ [33]: https://www.barebones.com/products/bbedit/ [34]: http://ruby-doc.org @@ -163,3 +160,5 @@ Jeśli szukasz pomocy w języku polskim, zajrzyj na [forum][pl-2]. [39]: http://kapeli.com/dash [pl-1]: http://www.apohllo.pl/dydaktyka/ruby/intro/ [pl-2]: http://forum.rubyonrails.pl/ +[vscode]: https://code.visualstudio.com/ +[40]: https://marketplace.visualstudio.com/items?itemName=Shopify.ruby-lsp diff --git a/pl/documentation/quickstart/3/index.md b/pl/documentation/quickstart/3/index.md index 78f03b2b72..2cc18c953a 100644 --- a/pl/documentation/quickstart/3/index.md +++ b/pl/documentation/quickstart/3/index.md @@ -101,7 +101,7 @@ nam łatwy dostępn do zmiennych obiektu. irb(main):044:0> class Greeter irb(main):045:1> attr_accessor :name irb(main):046:1> end -=> nil +=> [:name, :name=] {% endhighlight %} W Rubim możesz ponownie otworzyć klasę i zmodyfikować ją. To nie zmienia diff --git a/pl/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md b/pl/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md index c0e133d565..00a6dcb073 100644 --- a/pl/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md +++ b/pl/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md @@ -31,19 +31,19 @@ Możesz przeczytać oryginalny raport o błędzie: ## Pobieranie -* +* SIZE: 9081661 bytes MD5: 8ba4aaf707023e76f80fc8f455c99858 SHA256: 6d3487ea8a86ad0fa78a8535078ff3c7a91ca9f99eff0a6a08e66c6e6bf2040f -* +* SIZE: 11416473 bytes MD5: 4b9330730491f96b402adc4a561e859a SHA256: 23ef45fdaecc5d6c7b4e9e2d51b23817fc6aa8225a20f123f7fa98760e8b5ca9 -* +* SIZE: 12732739 bytes MD5: 42d261b28d1b7e500dd3bdbdbfba7fa5 diff --git a/pt/about/index.md b/pt/about/index.md index 2c14fa521f..27ec4f4840 100644 --- a/pt/about/index.md +++ b/pt/about/index.md @@ -240,7 +240,7 @@ Nov. 2001. [ror]: http://rubyonrails.org/ [linuxdevcenter]: http://www.linuxdevcenter.com/pub/a/linux/2001/11/29/ruby.html [artima]: http://www.artima.com/intv/closures2.html -[tiobe]: http://www.tiobe.com/index.php/content/paperinfo/tpci/index.html +[tiobe]: https://www.tiobe.com/tiobe-index/ [jruby]: http://jruby.org [rubinius]: http://rubini.us [mruby]: http://www.mruby.org/ diff --git a/pt/community/mailing-lists/index.md b/pt/community/mailing-lists/index.md index 8c7e14ea64..10bab12a31 100644 --- a/pt/community/mailing-lists/index.md +++ b/pt/community/mailing-lists/index.md @@ -35,11 +35,11 @@ Ruby << portuguese ## Inscrever ou Desinscrever -[Inscrever ou Desinscrever](https://ml.ruby-lang.org/mailman3/postorius/lists/) +[Inscrever ou Desinscrever](https://ml.ruby-lang.org/mailman3/lists/) -[3]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-talk@ml.ruby-lang.org/ -[4]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-core@ml.ruby-lang.org/ -[5]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-doc@ml.ruby-lang.org/ +[3]: https://ml.ruby-lang.org/archives/list/ruby-talk@ml.ruby-lang.org/ +[4]: https://ml.ruby-lang.org/archives/list/ruby-core@ml.ruby-lang.org/ +[5]: https://ml.ruby-lang.org/archives/list/ruby-doc@ml.ruby-lang.org/ [ruby-pt]: http://groups.google.com/group/ruby-pt diff --git a/pt/documentation/index.md b/pt/documentation/index.md index d91cb26830..4e1d9d9947 100644 --- a/pt/documentation/index.md +++ b/pt/documentation/index.md @@ -118,8 +118,6 @@ programadores Ruby: * No Windows: * [Notepad++][29] - * [E-TextEditor][30] - * [Ruby In Steel][31] * No macOS: * [TextMate][32] @@ -160,8 +158,6 @@ perguntas sobre Ruby, a [lista de e-mails](/pt/community/mailing-lists/) [27]: http://www.jetbrains.com/ruby/ [28]: http://www.scintilla.org/SciTE.html [29]: http://notepad-plus-plus.org/ -[30]: http://www.e-texteditor.com/ -[31]: http://www.sapphiresteel.com/ [32]: http://macromates.com/ [33]: https://www.barebones.com/products/bbedit/ [34]: http://ruby-doc.org diff --git a/pt/documentation/quickstart/3/index.md b/pt/documentation/quickstart/3/index.md index dda2230763..bf68c804fc 100644 --- a/pt/documentation/quickstart/3/index.md +++ b/pt/documentation/quickstart/3/index.md @@ -105,7 +105,7 @@ de fornecer acesso às variáveis de um objeto. irb(main):044:0> class Anfitriao irb(main):045:1> attr_accessor :nome irb(main):046:1> end -=> nil +=> [:nome, :nome=] {% endhighlight %} Em Ruby, podemos abrir uma classe novamente e alterá-la. As mudanças estarão diff --git a/pt/news/_posts/2009-05-15-ruby-1-9-1-p129-j-disponvel-para-download.md b/pt/news/_posts/2009-05-15-ruby-1-9-1-p129-j-disponvel-para-download.md index c603e77628..9fcf68303e 100644 --- a/pt/news/_posts/2009-05-15-ruby-1-9-1-p129-j-disponvel-para-download.md +++ b/pt/news/_posts/2009-05-15-ruby-1-9-1-p129-j-disponvel-para-download.md @@ -14,19 +14,19 @@ façam esta actualização. #### Disponível a partir de -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.bz2>][1] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.bz2>][1] SIZE: 7183891 bytes MD5: 6fa62b20f72da471195830dec4eb2013 SHA256: cb730f035aec0e3ac104d23d27a79aa9625fdeb115dae2295de65355f449ce27 -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.gz>][2] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.gz>][2] SIZE: 9034947 bytes MD5: c71f413514ee6341c627be2957023a5c SHA256: 27b7a8ace1d17cec237020ae9355230b53f8c3875f8d942de903e7d58d14253b -* [<URL:https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.zip>][3] +* [<URL:https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.zip>][3] SIZE: 10299369 bytes MD5: 156305e9633758eb60b419fabc33b6e4 @@ -44,6 +44,6 @@ $SAFE > 0 -[1]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.bz2 -[2]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.tar.gz -[3]: https://cache.ruby-lang.org/pub/ruby/ruby-1.9.1-p129.zip +[1]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.bz2 +[2]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.tar.gz +[3]: https://cache.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p129.zip diff --git a/pt/news/_posts/2011-08-02-lancado-o-ruby-1-9-3-preview1.md b/pt/news/_posts/2011-08-02-lancado-o-ruby-1-9-3-preview1.md index bf822c4f44..73a1366ba8 100644 --- a/pt/news/_posts/2011-08-02-lancado-o-ruby-1-9-3-preview1.md +++ b/pt/news/_posts/2011-08-02-lancado-o-ruby-1-9-3-preview1.md @@ -32,7 +32,7 @@ Ver [ChangeLogs][1] e [NEWS][2] para descrições. As versões anteriores do Ruby encontravam-se sob a licença \"GPLv2\" e \"Ruby\". No entanto, nesta versão foi substituida pela licença -\"2-clause BSDL\"(AKA Simplfied BSD License) e \"Ruby\". +\"2-clause BSDL\"(AKA Simplified BSD License) e \"Ruby\". ### Encoding diff --git a/pt/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md b/pt/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md new file mode 100644 index 0000000000..34cfce30b4 --- /dev/null +++ b/pt/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md @@ -0,0 +1,31 @@ +--- +layout: news_post +title: "CVE-2024-49761: Vulnerabilidade ReDoS na REXML" +author: "kou" +translator: nbluis +date: 2024-10-28 03:00:00 +0000 +tags: security +lang: pt +--- + +Existe uma vulnerabilidade ReDoS na gem REXML. Esta vulnerabilidade foi atribuída ao identificador CVE [CVE-2024-49761](https://www.cve.org/CVERecord?id=CVE-2024-49761). Recomendamos fortemente a atualização da gem REXML. + +Isso não acontece com Ruby 3.2 ou posterior. Ruby 3.1 é a única versão mantida afetada. Note que Ruby 3.1 atingirá EOL em 2025-03. + +## Detalhes + +Ao analisar um XML que possui muitos dígitos entre `&#` e `x...;` em uma referência de caractere numérico hexadecimal (`&#x...;`). + +Por favor, atualize a gem REXML para a versão 3.3.9 ou posterior. + +## Versões afetadas + +* Gem REXML 3.3.8 ou anterior com Ruby 3.1 ou anterior + +## Créditos + +Agradecimentos a [manun](https://hackerone.com/manun) por descobrir este problema. + +## Histórico + +* Publicado originalmente em 2024-10-28 03:00:00 (UTC) diff --git a/pt/news/_posts/2024-10-30-ruby-3-2-6-released.md b/pt/news/_posts/2024-10-30-ruby-3-2-6-released.md new file mode 100644 index 0000000000..6e07ffd96e --- /dev/null +++ b/pt/news/_posts/2024-10-30-ruby-3-2-6-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 3.2.6 Lançado" +author: nagachika +translator: nbluis +date: 2024-10-30 10:00:00 +0000 +lang: pt +--- + +Ruby 3.2.6 foi lançado. + +Por favor, consulte os [lançamentos no GitHub](https://github.com/ruby/ruby/releases/tag/v3_2_6) para mais detalhes. + +## Download + +{% assign release = site.data.releases | where: "version", "3.2.6" | first %} + +* <{{ release.url.gz }}> + + TAMANHO: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + TAMANHO: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + TAMANHO: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentário do Lançamento + +Muitos committers, desenvolvedores e usuários que forneceram relatórios de bugs nos ajudaram a fazer este lançamento. +Obrigado pelas suas contribuições. diff --git a/pt/news/_posts/2024-11-05-ruby-3-3-6-released.md b/pt/news/_posts/2024-11-05-ruby-3-3-6-released.md new file mode 100644 index 0000000000..f3191cd0d9 --- /dev/null +++ b/pt/news/_posts/2024-11-05-ruby-3-3-6-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.3.6 Lançado" +author: k0kubun +translator: nbluis +date: 2024-11-05 04:25:00 +0000 +lang: pt +--- + +Ruby 3.3.6 foi lançado. + +Esta é uma atualização de rotina que inclui correções de bugs menores. +Esta versão também para de notificar sobre a ausência de dependências de gems padrões que serão incorporadas no Ruby 3.5. +Para mais detalhes, por favor, consulte [as notas de lançamento no GitHub](https://github.com/ruby/ruby/releases/tag/v3_3_6). + +## Cronograma de Lançamento + +Conforme [anunciado](https://www.ruby-lang.org/en/news/2024/07/09/ruby-3-3-4-released/) anteriormente, pretendemos lançar a versão estável mais recente do Ruby (atualmente Ruby 3.3) a cada 2 meses após um lançamento `.1`. + +Esperamos lançar o Ruby 3.3.7 em 7 de janeiro. Se surgirem mudanças significativas que impactem um grande número de usuários, podemos lançar uma nova versão antes do previsto. + +## Download + +{% assign release = site.data.releases | where: "version", "3.3.6" | first %} + +* <{{ release.url.gz }}> + + TAMANHO: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + TAMANHO: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + TAMANHO: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentário sobre o Lançamento + +Muitos committers, desenvolvedores e usuários que forneceram relatórios de bugs nos ajudaram a fazer este lançamento. +Obrigado pelas suas contribuições. diff --git a/pt/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md b/pt/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md new file mode 100644 index 0000000000..45c8277a4e --- /dev/null +++ b/pt/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md @@ -0,0 +1,189 @@ +--- +layout: news_post +title: "Ruby 3.4.0 rc1 Lançado" +author: "naruse" +translator: nbluis +date: 2024-12-12 00:00:00 +0000 +lang: pt +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-rc1" | first %} +Estamos felizes em anunciar o lançamento do Ruby {{ release.version }}. + +## Prism + +Alterado o parser padrão de parse.y para Prism. [[Feature #20564]] + +## GC Modular + +* Implementações alternativas de garbage collector (GC) podem ser carregadas dinamicamente + através do recurso de garbage collector modular. Para habilitar este recurso, + configure o Ruby com `--with-modular-gc` no momento da compilação. Bibliotecas de GC podem ser + carregadas em tempo de execução usando a variável de ambiente `RUBY_GC_LIBRARY`. + [[Feature #20351]] + +* O garbage collector embutido do Ruby foi dividido em um arquivo separado em + `gc/default/default.c` e interage com o Ruby usando uma API definida em + `gc/gc_impl.h`. O garbage collector embutido agora também pode ser compilado como uma + biblioteca usando `make modular-gc MODULAR_GC=default` e habilitado usando a + variável de ambiente `RUBY_GC_LIBRARY=default`. [[Feature #20470]] + +* Uma biblioteca experimental de GC é fornecida com base no [MMTk](https://www.mmtk.io/). + Esta biblioteca de GC pode ser compilada usando `make modular-gc MODULAR_GC=mmtk` e + habilitada usando a variável de ambiente `RUBY_GC_LIBRARY=mmtk`. Isso requer + a ferramenta Rust na máquina de compilação. [[Feature #20860]] + +## Mudanças na linguagem + +* Literais de string em arquivos sem um comentário `frozen_string_literal` agora emitem um aviso de descontinuação + quando são mutados. + Esses avisos podem ser habilitados com `-W:deprecated` ou configurando `Warning[:deprecated] = true`. + Para desativar essa mudança, você pode executar o Ruby com o argumento de linha de comando `--disable-frozen-string-literal`. [[Feature #20205]] + +* `it` foi adicionado para referenciar um parâmetro de bloco. [[Feature #18980]] + +* O splatting de palavra-chave `nil` ao chamar métodos agora é suportado. + `**nil` é tratado de maneira semelhante a `**{}`, não passando palavras-chave, + e não chamando nenhum método de conversão. [[Bug #20064]] + +* Passagem de bloco não é mais permitida em índice. [[Bug #19918]] + +* Argumentos de palavra-chave não são mais permitidos em índice. [[Bug #20218]] + +## YJIT + +TL;DR: +* Melhor desempenho na maioria dos benchmarks em plataformas x86-64 e arm64. +* Uso reduzido de memória de metadados de compilação +* Várias correções de bugs. YJIT agora é ainda mais robusto e melhor testado. + +Novos recursos: +* Adiciona limite de memória unificado via opção de linha de comando `--yjit-mem-size` (padrão 128MiB) + que rastreia o uso total de memória do YJIT e é mais intuitivo do que o + antigo `--yjit-exec-mem-size`. +* Mais estatísticas agora sempre disponíveis via `RubyVM::YJIT.runtime_stats` +* Adiciona log de compilação para rastrear o que é compilado via `--yjit-log` + * Final do log também disponível em tempo de execução via `RubyVM::YJIT.log` +* Adiciona suporte para constantes compartilháveis em modo multi-ractor +* Agora pode rastrear saídas contadas com `--yjit-trace-exits=COUNTER` + +Novas otimizações: +* Contexto comprimido reduz a memória necessária para armazenar metadados do YJIT +* Alocador aprimorado com capacidade de alocar registradores para variáveis locais +* Quando o YJIT está habilitado, use mais primitivas Core escritas em Ruby: + * `Array#each`, `Array#select`, `Array#map` reescritos em Ruby para melhor desempenho [[Feature #20182]]. +* Capacidade de inline de métodos pequenos/triviais, como: + * Métodos vazios + * Métodos que retornam uma constante + * Métodos que retornam `self` + * Métodos que retornam diretamente um argumento +* Geração de código especializada para muitos mais métodos em tempo de execução +* Otimiza `String#getbyte`, `String#setbyte` e outros métodos de string +* Otimiza operações bitwise para acelerar a manipulação de bits/bytes de baixo nível +* Várias outras otimizações incrementais + +## Atualizações das classes principais + +Nota: Estamos listando apenas atualizações notáveis das classes principais. + +* Exception + + * `Exception#set_backtrace` agora aceita um array de `Thread::Backtrace::Location`. + `Kernel#raise`, `Thread#raise` e `Fiber#raise` também aceitam este novo formato. [[Feature #13557]] + +* Range + + * `Range#size` agora levanta `TypeError` se o intervalo não for iterável. [[Misc #18984]] + +## Problemas de compatibilidade + +Nota: Excluindo correções de bugs. + +* As mensagens de erro e exibições de backtrace foram alteradas. + * Usa uma aspa simples em vez de um acento grave como uma aspa de abertura. [[Feature #16495]] + * Exibe o nome de classe antes de um nome de método (somente quando a classe tiver um nome permanente). [[Feature #19117]] + * `Kernel#caller`, métodos de `Thread::Backtrace::Location`, etc. também foram alterados de acordo. + + ``` + Antes: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + Agora: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +## Atualizações da C API + +* `rb_newobj` e `rb_newobj_of` (e macros correspondentes `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`) foram removidos. [[Feature #20265]] +* Removida a função obsoleta `rb_gc_force_recycle`. [[Feature #18290]] + +## Mudanças diversas + +* Passar um bloco para um método que não usa o bloco passado mostrará + um aviso no modo verbose (`-w`). + [[Feature #15554]] + +* Redefinir alguns métodos principais que são especialmente otimizados pelo interpretador + e JIT como `String.freeze` ou `Integer#+` agora emite um aviso de classe de desempenho + (`-W:performance` ou `Warning[:performance] = true`). + [[Feature #20429]] + +Veja lançamentos no GitHub como [Logger](https://github.com/ruby/logger/releases) ou +changelog para detalhes das gems padrão ou gems incluídas. + +Veja [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +ou [logs de commits](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}) +para mais detalhes. + +Com essas mudanças, [{{ release.stats.files_changed }} arquivos alterados, {{ release.stats.insertions }} inserções(+), {{ release.stats.deletions }} deleções(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket) +desde Ruby 3.3.0! + +## Download + +* <{{ release.url.gz }}> + + TAMANHO: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + TAMANHO: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + TAMANHO: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## O que é Ruby + +Ruby foi desenvolvido pela primeira vez por Matz (Yukihiro Matsumoto) em 1993, +e agora é desenvolvido como Open Source. Ele roda em várias plataformas +e é usado em todo o mundo, especialmente para desenvolvimento web. + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20351]: https://bugs.ruby-lang.org/issues/20351 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20470]: https://bugs.ruby-lang.org/issues/20470 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Feature #20860]: https://bugs.ruby-lang.org/issues/20860 diff --git a/pt/news/_posts/2024-12-25-ruby-3-4-0-released.md b/pt/news/_posts/2024-12-25-ruby-3-4-0-released.md new file mode 100644 index 0000000000..4baff89108 --- /dev/null +++ b/pt/news/_posts/2024-12-25-ruby-3-4-0-released.md @@ -0,0 +1,343 @@ +--- +layout: news_post +title: "Ruby 3.4.0 Lançado" +author: "naruse" +translator: nbluis +date: 2024-12-25 00:00:00 +0000 +lang: pt +--- + +{% assign release = site.data.releases | where: "version", "3.4.0" | first %} +Estamos felizes em anunciar o lançamento do Ruby {{ release.version }}. Ruby 3.4 adiciona a referência de parâmetro de bloco `it`, +altera o Prism como parser padrão, adiciona suporte ao Happy Eyeballs Versão 2 na biblioteca de socket, melhora o YJIT, +adiciona GC Modular, e muito mais. + +## `it` é introduzido + +`it` foi adicionado para referenciar um parâmetro de bloco sem nome de variável. [[Feature #18980]] + +```ruby +ary = ["foo", "bar", "baz"] + +p ary.map { it.upcase } #=> ["FOO", "BAR", "BAZ"] +``` + +`it` se comporta de maneira muito semelhante a `_1`. Quando a intenção é usar apenas `_1` em um bloco, a possibilidade de outros parâmetros numerados como `_2` aparecer impõe uma carga cognitiva extra aos leitores. Então `it` foi introduzido como um alias prático. Use `it` em casos simples onde `it` representa itself, como em blocos de uma linha. + +## Prism agora é o parser padrão + +Alteração do parser padrão de parse.y para Prism. [[Feature #20564]] + +Esta é uma melhoria interna e deve haver pouca mudança visível para o usuário. Se você notar algum problema de compatibilidade, por favor, reporte para nós. + +Para usar o parser convencional, use o argumento de linha de comando `--parser=parse.y`. + +## A biblioteca de socket agora possui Happy Eyeballs Versão 2 (RFC 8305) + +A biblioteca de socket agora possui [Happy Eyeballs Version 2 (RFC 8305)](https://datatracker.ietf.org/doc/html/rfc8305), a versão padronizada mais recente de uma abordagem amplamente adotada para melhor conectividade em muitas linguagens de programação, em `TCPSocket.new` (`TCPSocket.open`) e `Socket.tcp`. +Esta melhoria permite que o Ruby forneça conexões de rede eficientes e confiáveis, adaptadas aos ambientes modernos da internet. + +Até o Ruby 3.3, esses métodos realizavam a resolução de nomes e tentativas de conexão de forma serial. Com este algoritmo, eles agora operam da seguinte forma: + +1. Realiza a resolução de nomes IPv6 e IPv4 simultaneamente +2. Tenta conexões com os endereços IP resolvidos, priorizando IPv6, com tentativas paralelas escalonadas em intervalos de 250ms +3. Retorna a primeira conexão bem-sucedida enquanto cancela quaisquer outras + +Isso garante atrasos mínimos de conexão, mesmo se um protocolo específico ou endereço IP estiver atrasado ou indisponível. +Este recurso é habilitado por padrão, portanto, configuração adicional não é necessária para usá-lo. Para desativá-lo globalmente, defina a variável de ambiente `RUBY_TCP_NO_FAST_FALLBACK=1` ou chame `Socket.tcp_fast_fallback=false`. Ou para desativá-lo em um método específico, use o argumento `fast_fallback: false`. + +## YJIT + +### TL;DR + +* Melhor desempenho na maioria dos benchmarks em plataformas x86-64 e arm64. +* Uso reduzido de memória através de metadados comprimidos e um limite de memória unificado. +* Várias correções de bugs: YJIT agora é mais robusto e testado exaustivamente. + +### Novos recursos + +* Opções de linha de comando + * `--yjit-mem-size` introduz um limite de memória unificado (padrão 128MiB) para rastrear o uso total de memória do YJIT, + fornecendo uma alternativa mais intuitiva à antiga opção `--yjit-exec-mem-size`. + * `--yjit-log` habilita um log de compilação para rastrear o que é compilado. +* API Ruby + * `RubyVM::YJIT.log` fornece acesso ao final do log de compilação em tempo de execução. +* Estatísticas do YJIT + * `RubyVM::YJIT.runtime_stats` agora sempre fornece estatísticas adicionais sobre + invalidação, inlining e codificação de metadados. + +### Novas otimizações + +* Contexto comprimido reduz a memória necessária para armazenar metadados do YJIT +* Alocar registradores para variáveis locais e argumentos de métodos Ruby +* Quando o YJIT está habilitado, usa mais primitivas Core escritas em Ruby: + * `Array#each`, `Array#select`, `Array#map` reescritos em Ruby para melhor desempenho [[Feature #20182]]. +* Capacidade de inline de métodos pequenos/triviais, como: + * Métodos vazios + * Métodos que retornam uma constante + * Métodos que retornam `self` + * Métodos que retornam diretamente um argumento +* Geração de código especializada para muitos mais métodos em tempo de execução +* Otimiza `String#getbyte`, `String#setbyte` e outros métodos de string +* Otimiza operações bitwise para acelerar a manipulação de bits/bytes de baixo nível +* Suporte a constantes compartilháveis em modo multi-ractor +* Várias outras otimizações incrementais + +## Modular GC + +* Implementações alternativas de garbage collector (GC) podem ser carregadas dinamicamente + através do recurso de garbage collector modular. Para habilitar este recurso, + configure o Ruby com `--with-modular-gc` no momento da compilação. Bibliotecas de GC podem ser + carregadas em tempo de execução usando a variável de ambiente `RUBY_GC_LIBRARY`. + [[Feature #20351]] + +* O garbage collector embutido do Ruby foi dividido em um arquivo separado em + `gc/default/default.c` e interage com o Ruby usando uma API definida em + `gc/gc_impl.h`. O garbage collector embutido agora também pode ser compilado como uma + biblioteca usando `make modular-gc MODULAR_GC=default` e habilitado usando a + variável de ambiente `RUBY_GC_LIBRARY=default`. [[Feature #20470]] + +* Uma biblioteca experimental de GC é fornecida com base no [MMTk](https://www.mmtk.io/). + Esta biblioteca de GC pode ser compilada usando `make modular-gc MODULAR_GC=mmtk` e + habilitada usando a variável de ambiente `RUBY_GC_LIBRARY=mmtk`. Isso requer + a ferramenta Rust na máquina de compilação. [[Feature #20860]] + +## Mudanças na linguagem + +* Literais de string em arquivos sem um comentário `frozen_string_literal` agora emitem um aviso de descontinuação + quando são mutados. + Esses avisos podem ser habilitados com `-W:deprecated` ou configurando `Warning[:deprecated] = true`. + Para desativar essa mudança, você pode executar o Ruby com o argumento de linha de comando `--disable-frozen-string-literal`. [[Feature #20205]] + +* O splatting de palavra-chave `nil` ao chamar métodos agora é suportado. + `**nil` é tratado de maneira semelhante a `**{}`, não passando palavras-chave, + e não chamando nenhum método de conversão. [[Bug #20064]] + +* Passagem de bloco não é mais permitida em índice. [[Bug #19918]] + +* Argumentos de palavra-chave não são mais permitidos em índice. [[Bug #20218]] + +* O nome de nível superior `::Ruby` agora está reservado, e a definição será avisada quando `Warning[:deprecated]`. [[Feature #20884]] + +## Atualizações de classes principais + +Nota: Estamos listando apenas atualizações notáveis das classes principais. + +* Exception + + * `Exception#set_backtrace` agora aceita um array de `Thread::Backtrace::Location`. + `Kernel#raise`, `Thread#raise` e `Fiber#raise` também aceitam este novo formato. [[Feature #13557]] + +* GC + + * `GC.config` adicionado para permitir a configuração de variáveis no Garbage + Collector. [[Feature #20443]] + + * Parâmetro de configuração do GC `rgengc_allow_full_mark` introduzido. Quando `false` + o GC marcará apenas objetos jovens. O padrão é `true`. [[Feature #20443]] + +* Ractor + + * `require` em Ractor é permitido. O processo de requisição será executado no + Ractor principal. + `Ractor._require(feature)` é adicionado para executar o processo de requisição no + Ractor principal. [[Feature #20627]] + + * `Ractor.main?` é adicionado. [[Feature #20627]] + + * `Ractor.[]` e `Ractor.[]=` são adicionados para acessar o armazenamento local + do Ractor atual. [[Feature #20715]] + + * `Ractor.store_if_absent(key){ init }` é adicionado para inicializar variáveis locais do ractor + de forma segura para threads. [[Feature #20875]] + +* Range + + * `Range#size` agora levanta `TypeError` se o intervalo não for iterável. [[Misc #18984]] + +## Atualizações da Biblioteca Padrão + +Nota: Estamos listando apenas atualizações notáveis das bibliotecas padrão. + +* RubyGems + * Adicionada a opção `--attestation` ao gem push. Ela permite armazenar a assinatura no [sigstore.dev] + +* Bundler + * Adicionada uma configuração `lockfile_checksums` para incluir checksums em novos arquivos lockfile. + * Adicionado bundle lock `--add-checksums` para adicionar checksums a um arquivo lockfile existente + +* JSON + + * Melhorias de desempenho do `JSON.parse` cerca de 1,5 vezes mais rápido que json-2.7.x. + +* Tempfile + + * O argumento de palavra-chave `anonymous: true` foi implementado para Tempfile.create. + `Tempfile.create(anonymous: true)` remove o arquivo temporário criado imediatamente. + Assim, as aplicações não precisam remover o arquivo. + [[Feature #20497]] + +* win32/sspi.rb + + * Esta biblioteca agora foi extraída do repositório Ruby para [ruby/net-http-sspi]. + [[Feature #20775]] + +## Problemas de compatibilidade + +Nota: Excluindo correções de bugs. + +* As mensagens de erro e exibições de backtrace foram alteradas. + * Usa uma aspa simples em vez de um acento grave como uma aspa de abertura. [[Feature #16495]] + * Exibe o nome de classe antes de um nome de método (somente quando a classe tiver um nome permanente). [[Feature #19117]] + * `Kernel#caller`, métodos de `Thread::Backtrace::Location`, etc. também foram alterados de acordo. + + ``` + Antes: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + Agora: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +* A renderização de Hash#inspect foi alterada. [[Bug #20433]] + + * Chaves de símbolo são exibidas usando a sintaxe moderna de chave de símbolo: `"{user: 1}"` + * Outras chaves agora têm espaços ao redor de `=>`: `'{"user" => 1}'`, enquanto anteriormente não tinham: `'{"user"=>1}'` + +* Kernel#Float() agora aceita uma string decimal com a parte decimal omitida. [[Feature #20705]] + + ```rb + Float("1.") #=> 1.0 (anteriormente, um ArgumentError era levantado) + Float("1.E-1") #=> 0.1 (anteriormente, um ArgumentError era levantado) + ``` + +* String#to_f agora aceita uma string decimal com a parte decimal omitida. Note que o resultado muda quando um expoente é especificado. [[Feature #20705]] + + ```rb + "1.".to_f #=> 1.0 + "1.E-1".to_f #=> 0.1 (anteriormente, 1.0 era retornado) + ``` + +* Refinement#refined_class foi removido. [[Feature #19714]] + +## Problemas de compatibilidade da biblioteca padrão + +* DidYouMean + + * `DidYouMean::SPELL_CHECKERS[]=` e `DidYouMean::SPELL_CHECKERS.merge!` foram removidos. + +* Net::HTTP + + * Removidas as seguintes constantes obsoletas: + * `Net::HTTP::ProxyMod` + * `Net::NetPrivate::HTTPRequest` + * `Net::HTTPInformationCode` + * `Net::HTTPSuccessCode` + * `Net::HTTPRedirectionCode` + * `Net::HTTPRetriableCode` + * `Net::HTTPClientErrorCode` + * `Net::HTTPFatalErrorCode` + * `Net::HTTPServerErrorCode` + * `Net::HTTPResponseReceiver` + * `Net::HTTPResponceReceiver` + + Essas constantes foram obsoletas desde 2012. + +* Timeout + + * Rejeita valores negativos para Timeout.timeout. [[Bug #20795]] + +* URI + + * Alterado o parser padrão para compatível com RFC 3986 em vez de RFC 2396. + [[Bug #19266]] + +## Atualizações da C API + +* `rb_newobj` e `rb_newobj_of` (e macros correspondentes `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`) foram removidos. [[Feature #20265]] +* Removida a função obsoleta `rb_gc_force_recycle`. [[Feature #18290]] + +## Mudanças diversas + +* Passar um bloco para um método que não usa o bloco passado mostrará + um aviso no modo verbose (`-w`). + [[Feature #15554]] + +* Redefinir alguns métodos principais que são especialmente otimizados pelo interpretador + e JIT como `String.freeze` ou `Integer#+` agora emite um aviso de classe de desempenho + (`-W:performance` ou `Warning[:performance] = true`). + [[Feature #20429]] + +Veja [NEWS](https://docs.ruby-lang.org/en/3.4/NEWS_md.html) +ou [logs de commits](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}) +para mais detalhes. + +Com essas mudanças, [{{ release.stats.files_changed }} arquivos alterados, {{ release.stats.insertions }} inserções(+), {{ release.stats.deletions }} deleções(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket) +desde Ruby 3.3.0! + +Feliz Natal, Boas Festas e aproveite a programação com Ruby 3.4! + +## Download + +* <{{ release.url.gz }}> + + TAMANHO: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + TAMANHO: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + TAMANHO: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## O que é Ruby + +Ruby foi desenvolvido pela primeira vez por Matz (Yukihiro Matsumoto) em 1993, +e agora é desenvolvido como Open Source. Ele roda em várias plataformas +e é usado em todo o mundo, especialmente para desenvolvimento web. + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19266]: https://bugs.ruby-lang.org/issues/19266 +[Feature #19714]: https://bugs.ruby-lang.org/issues/19714 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20351]: https://bugs.ruby-lang.org/issues/20351 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20443]: https://bugs.ruby-lang.org/issues/20443 +[Feature #20470]: https://bugs.ruby-lang.org/issues/20470 +[Feature #20497]: https://bugs.ruby-lang.org/issues/20497 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Bug #20620]: https://bugs.ruby-lang.org/issues/20620 +[Feature #20627]: https://bugs.ruby-lang.org/issues/20627 +[Feature #20705]: https://bugs.ruby-lang.org/issues/20705 +[Feature #20715]: https://bugs.ruby-lang.org/issues/20715 +[Feature #20775]: https://bugs.ruby-lang.org/issues/20775 +[Bug #20795]: https://bugs.ruby-lang.org/issues/20795 +[Bug #20433]: https://bugs.ruby-lang.org/issues/20433 +[Feature #20860]: https://bugs.ruby-lang.org/issues/20860 +[Feature #20875]: https://bugs.ruby-lang.org/issues/20875 +[Feature #20884]: https://bugs.ruby-lang.org/issues/20884 +[sigstore.dev]: https://www.sigstore.dev +[ruby/net-http-sspi]: https://github.com/ruby/net-http-sspi diff --git a/pt/news/_posts/2024-12-25-ruby-3-4-1-released.md b/pt/news/_posts/2024-12-25-ruby-3-4-1-released.md new file mode 100644 index 0000000000..1ef49837b7 --- /dev/null +++ b/pt/news/_posts/2024-12-25-ruby-3-4-1-released.md @@ -0,0 +1,39 @@ +--- +layout: news_post +title: "Ruby 3.4.1 Lançado" +author: "naruse" +translator: nbluis +date: 2024-12-25 00:00:00 +0000 +lang: pt +--- + +Ruby 3.4.1 foi lançado. + +Isso corrige a descrição da versão. + +Veja os [lançamentos no GitHub](https://github.com/ruby/ruby/releases/tag/v3_4_1) para mais detalhes. + +## Download + +{% assign release = site.data.releases | where: "version", "3.4.1" | first %} + +* <{{ release.url.gz }}> + + TAMANHO: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + TAMANHO: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + TAMANHO: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} diff --git a/pt/news/_posts/2025-01-15-ruby-3-3-7-released.md b/pt/news/_posts/2025-01-15-ruby-3-3-7-released.md new file mode 100644 index 0000000000..8d450c94fd --- /dev/null +++ b/pt/news/_posts/2025-01-15-ruby-3-3-7-released.md @@ -0,0 +1,43 @@ +--- +layout: news_post +title: "Ruby 3.3.7 Lançado" +author: k0kubun +translator: nbluis +date: 2025-01-15 07:51:59 +0000 +lang: pt +--- + +Ruby 3.3.7 foi lançado. + +Esta é uma atualização de rotina que inclui correções de bugs menores. +Por favor, consulte [as notas de lançamento no GitHub](https://github.com/ruby/ruby/releases/tag/v3_3_7) para mais detalhes. + +## Download + +{% assign release = site.data.releases | where: "version", "3.3.7" | first %} + +* <{{ release.url.gz }}> + + TAMANHO: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + TAMANHO: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + TAMANHO: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentário sobre o Lançamento + +Muitos committers, desenvolvedores e usuários que forneceram relatórios de bugs nos ajudaram a fazer este lançamento. +Obrigado pelas suas contribuições. diff --git a/pt/news/_posts/2025-02-04-ruby-3-2-7-released.md b/pt/news/_posts/2025-02-04-ruby-3-2-7-released.md new file mode 100644 index 0000000000..ef0cfcef67 --- /dev/null +++ b/pt/news/_posts/2025-02-04-ruby-3-2-7-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 3.2.7 Lançado" +author: nagachika +translator: nbluis +date: 2025-02-04 12:00:00 +0000 +lang: pt +--- + +Ruby 3.2.7 foi lançado. + +Por favor, consulte os [lançamentos no GitHub](https://github.com/ruby/ruby/releases/tag/v3_2_7) para mais detalhes. + +## Download + +{% assign release = site.data.releases | where: "version", "3.2.7" | first %} + +* <{{ release.url.gz }}> + + TAMANHO: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + TAMANHO: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + TAMANHO: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentário do Lançamento + +Muitos committers, desenvolvedores e usuários que forneceram relatórios de bugs nos ajudaram a fazer este lançamento. +Obrigado pelas contribuições. diff --git a/pt/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md b/pt/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md new file mode 100644 index 0000000000..09e8701462 --- /dev/null +++ b/pt/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2025-25186: Vulnerabilidade de DoS em net-imap" +author: "nevans" +translator: nbluis +date: 2025-02-10 03:00:00 +0000 +tags: security +lang: pt +--- + +Existe uma possibilidade de DoS na gem net-imap. Esta vulnerabilidade foi atribuída ao identificador CVE [CVE-2025-25186](https://www.cve.org/CVERecord?id=CVE-2025-25186). Recomendamos atualizar a gem net-imap. + +## Detalhes + +Um servidor malicioso pode enviar dados uid-set altamente compactados, que são lidos automaticamente pelo thread receptor do cliente. O parser de resposta usa Range#to_a para converter os dados uid-set em arrays de inteiros, sem limitação no tamanho expandido dos intervalos. + +Atualize a gem net-imap para a versão 0.3.8, 0.4.19, 0.5.6 ou posterior. + +## Versões afetadas + +* gem net-imap entre 0.3.2 e 0.3.7, 0.4.0 e 0.4.18, ou 0.5.0 e 0.5.5 + +## Créditos + +Obrigado a [manun](https://hackerone.com/manun) por descobrir este problema. + +## Histórico + +* Publicado originalmente em 2025-02-10 03:00:00 (UTC) diff --git a/pt/news/_posts/2025-02-14-ruby-3-4-2-released.md b/pt/news/_posts/2025-02-14-ruby-3-4-2-released.md new file mode 100644 index 0000000000..821129f910 --- /dev/null +++ b/pt/news/_posts/2025-02-14-ruby-3-4-2-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.4.2 Lançado" +author: k0kubun +translator: nbluis +date: 2025-02-14 21:55:17 +0000 +lang: pt +--- + +Ruby 3.4.2 foi lançado. + +Esta é uma atualização de rotina que inclui correções de bugs. Por favor consulte as +[notas de lançamento no GitHub](https://github.com/ruby/ruby/releases/tag/v3_4_2) para maiores detalhes. + +## Cronograma de Lançamento + +Nosso objetivo é lançar a versão estável mais recente do Ruby (atualmente Ruby 3.4) a cada 2 meses. +O Ruby 3.4.3 será lançado em abril, 3.4.4 em junho, 3.4.5 em agosto, 3.4.6 em outubro e 3.4.7 em dezembro. + +Caso haja alguma alteração que afete um número considerável de pessoas, essas versões podem ser lançadas antes do esperado. + +## Download + +{% assign release = site.data.releases | where: "version", "3.4.2" | first %} + +* <{{ release.url.gz }}> + + TAMANHO: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + TAMANHO: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + TAMANHO: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Comentário sobre o Lançamento + +Muitos committers, desenvolvedores e usuários que forneceram relatórios de bugs nos ajudaram a fazer este lançamento. +Obrigado pelas contribuições. diff --git a/pt/news/_posts/2025-02-26-security-advisories.md b/pt/news/_posts/2025-02-26-security-advisories.md new file mode 100644 index 0000000000..8e7c9c9646 --- /dev/null +++ b/pt/news/_posts/2025-02-26-security-advisories.md @@ -0,0 +1,69 @@ +--- +layout: news_post +title: "Avisos de segurança: CVE-2025-27219, CVE-2025-27220 e CVE-2025-27221" +author: "hsbt" +translator: nbluis +date: 2025-02-26 07:00:00 +0000 +tags: security +lang: pt +--- + +Publicamos avisos de segurança para CVE-2025-27219, CVE-2025-27220 e CVE-2025-27221. Por favor, leia os detalhes abaixo. + +## CVE-2025-27219: Negação de Serviço em `CGI::Cookie.parse`. + +Há uma possibilidade de DoS na gem cgi. Esta vulnerabilidade foi identificada com o CVE [CVE-2025-27219](https://www.cve.org/CVERecord?id=CVE-2025-27219). Recomendamos atualizar a gem cgi. + +### Detalhes + +`CGI::Cookie.parse` levava tempo super-linear para analisar uma string de cookie em alguns casos. Alimentar uma string de cookie maliciosamente criada no método poderia levar a uma Negação de Serviço. + +Por favor, atualize a gem CGI para a versão 0.3.5.1, 0.3.7, 0.4.2 ou posterior. + +### Versões afetadas + +* Versões da gem cgi <= 0.3.5, 0.3.6, 0.4.0 e 0.4.1. + +### Créditos + +Obrigado a [lio346](https://hackerone.com/lio346) por descobrir este problema. Também agradecemos a [mame](https://github.com/mame) por corrigir esta vulnerabilidade. + +## CVE-2025-27220: ReDoS em `CGI::Util#escapeElement`. + +Há uma possibilidade de Negação de Serviço por expressão regular (ReDoS) na gem cgi. Esta vulnerabilidade foi identificada com o CVE [CVE-2025-27220](https://www.cve.org/CVERecord?id=CVE-2025-27220). Recomendamos atualizar a gem cgi. + +### Detalhes + +A expressão regular usada em `CGI::Util#escapeElement` é vulnerável a ReDoS. A entrada criada poderia levar a um alto consumo de CPU. + +Esta vulnerabilidade afeta apenas Ruby 3.1 e 3.2. Se você estiver usando essas versões, por favor, atualize a gem CGI para a versão 0.3.5.1, 0.3.7, 0.4.2 ou posterior. + +### Versões afetadas + +* Versões da gem cgi <= 0.3.5, 0.3.6, 0.4.0 e 0.4.1. + +### Créditos + +Obrigado a [svalkanov](https://hackerone.com/svalkanov) por descobrir este problema. Também agradecemos a [nobu](https://github.com/nobu) por corrigir esta vulnerabilidade. + +## CVE-2025-27221: vazamento de informações de usuário em `URI#join`, `URI#merge` e `URI#+`. + +Há uma possibilidade de vazamento de informações de usuário na gem uri. Esta vulnerabilidade foi identificada com o CVE [CVE-2025-27221](https://www.cve.org/CVERecord?id=CVE-2025-27221). Recomendamos atualizar a gem uri. + +### Detalhes + +Os métodos `URI#join`, `URI#merge` e `URI#+` mantinham informações de usuário, como `user:password`, mesmo após o host ser substituído. Ao gerar uma URL para um host malicioso a partir de uma URL contendo informações de usuário secretas usando esses métodos, e fazer alguém acessar essa URL, poderia ocorrer um vazamento não intencional de informações de usuário. + +Por favor, atualize a gem URI para a versão 0.11.3, 0.12.4, 0.13.2, 1.0.3 ou posterior. + +### Versões afetadas + +* Versões da gem uri < 0.11.3, 0.12.0 a 0.12.3, 0.13.0, 0.13.1 e 1.0.0 a 1.0.2. + +### Créditos + +Obrigado a [Tsubasa Irisawa (lambdasawa)](https://hackerone.com/lambdasawa) por descobrir este problema. Também agradecemos a [nobu](https://github.com/nobu) por correções adicionais desta vulnerabilidade. + +## Histórico + +* Publicado originalmente em 2025-02-26 7:00:00 (UTC) diff --git a/release.patch b/release.patch deleted file mode 100644 index 903bc2c6c7..0000000000 --- a/release.patch +++ /dev/null @@ -1,41 +0,0 @@ ---- a/_data/downloads.yml 2023-12-11 17:02:14 -+++ b/_data/downloads.yml 2023-12-11 17:02:14 -@@ -6,3 +6,3 @@ - -- - 3.3.0-preview3 -+ - 3.3.0-rc1 - ---- a/_data/releases.yml 2023-12-11 17:02:14 -+++ b/_data/releases.yml 2023-12-11 17:02:14 -@@ -23,2 +23,31 @@ - -+- version: 3.3.0-rc1 -+ date: 2023-12-11 -+ post: /en/news/2023/12/11/ruby-3-3-0-rc1-released/ -+ tag: v3_3_0_rc1 -+ stats: -+ files_changed: 5414 -+ insertions: 306141 -+ deletions: 183575 -+ url: -+ gz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.0-rc1.tar.gz -+ zip: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.0-rc1.zip -+ xz: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.0-rc1.tar.xz -+ size: -+ gz: 21783575 -+ zip: 26735443 -+ xz: 16163884 -+ sha1: -+ gz: c75a860e06f27b7f69b874757417277c21d1d3f4 -+ zip: 35583453a7734216b08829ef0ec9ea1bc0d4ae7f -+ xz: 26503f9bdc7d0a05aaa9836f54d3aa9e74a9ead9 -+ sha256: -+ gz: c4ff82395a90ef76c7f906b7687026e0ab96b094dcf3a532d9ab97784a073222 -+ zip: 56dd82e1dd714f2889ca975ae7befbe005675de08839c2cc4a484de2ae65201c -+ xz: 051815637f1fa75a1edf2c54b66d5d5b69563daad777da8dc39543b7754b5290 -+ sha512: -+ gz: 265fb2ffe55af47d8349edffcebe749cc170291227cef55529fe4e67363e4e84b88daa34ffb5364a99c8a0e32110266a34c9a11d62f3bd6f6d47fa76eca641f4 -+ zip: 7fbe414c230aedc9f364512bcbc213038f8f6e4268929a559d2527e2f3e32a140b394e37098ab7e59161236eca8b89cc9e52d73a3be8d7bd44faa91681483f5d -+ xz: 82f4acfaad1dc47db27ee3eb952481a95b3474a98059e9e9f5ceb035b690d1faabe99f2ec52371c4089ed1615eb10c395f029088418fec4d26399b65b4f259b9 -+ - - version: 3.3.0-preview3 diff --git a/ru/community/mailing-lists/index.md b/ru/community/mailing-lists/index.md index 24a0fd0b37..1ec1770f3a 100644 --- a/ru/community/mailing-lists/index.md +++ b/ru/community/mailing-lists/index.md @@ -32,10 +32,10 @@ Ruby-CVS ## Подписаться или не подписаться -[Подписаться или не подписаться](https://ml.ruby-lang.org/mailman3/postorius/lists/) +[Подписаться или не подписаться](https://ml.ruby-lang.org/mailman3/lists/) -[3]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-talk@ml.ruby-lang.org/ -[4]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-core@ml.ruby-lang.org/ -[5]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-doc@ml.ruby-lang.org/ +[3]: https://ml.ruby-lang.org/archives/list/ruby-talk@ml.ruby-lang.org/ +[4]: https://ml.ruby-lang.org/archives/list/ruby-core@ml.ruby-lang.org/ +[5]: https://ml.ruby-lang.org/archives/list/ruby-doc@ml.ruby-lang.org/ diff --git a/ru/documentation/index.md b/ru/documentation/index.md index 1af7f4448b..463192d7db 100644 --- a/ru/documentation/index.md +++ b/ru/documentation/index.md @@ -116,11 +116,10 @@ ruby -v * [SciTe][28] * [NetBeans][36] * [Sublime Text][37] + * [Visual Studio Code][vscode] с [Ruby LSP][39] плагином * На Windows: * [Notepad++][29] - * [E-TextEditor][30] - * [Ruby In Steel][31] * На macOS: * [TextMate][32] @@ -160,11 +159,11 @@ ruby -v [27]: http://www.jetbrains.com/ruby/ [28]: http://www.scintilla.org/SciTE.html [29]: http://notepad-plus-plus.org/ -[30]: http://www.e-texteditor.com/ -[31]: http://www.sapphiresteel.com/ [32]: http://macromates.com/ [33]: https://www.barebones.com/products/bbedit/ [34]: http://ruby-doc.org [36]: https://netbeans.org/ [37]: http://www.sublimetext.com/ [38]: https://learncodethehardway.org/ruby/ +[vscode]: https://code.visualstudio.com/ +[39]: https://marketplace.visualstudio.com/items?itemName=Shopify.ruby-lsp diff --git a/ru/documentation/quickstart/2/index.md b/ru/documentation/quickstart/2/index.md index 3607052698..851d7f00a7 100644 --- a/ru/documentation/quickstart/2/index.md +++ b/ru/documentation/quickstart/2/index.md @@ -21,28 +21,29 @@ header: | создать метод! {% highlight irb %} -irb(main):010:0> def h +irb(main):010:0> def hi irb(main):011:1> puts "Hello World!" irb(main):012:1> end -=> nil +=> :hi {% endhighlight %} -Код `def h` означает начало объявление метода. Он говорит Ruby, что мы -определяем метод, имя которого `h`. Следующая строка – тело метода, та +Код `def hi` означает начало объявление метода. Он говорит Ruby, что мы +определяем метод, имя которого `hi`. Следующая строка – тело метода, та же строка, что мы видели раньше: `puts "Hello World"`. И, наконец, последняя строка, `end`, говорит Ruby, что мы завершили объявление -метода. Ответ от Ruby, `=> nil`, говорит нам, что он понял, что мы -завершили объявление метода. +метода. Ответ от Ruby, `=> :hi`, говорит нам, что он понял, что мы +завершили объявление метода. Ответ может быть таким: `=> nil`, в Ruby +версии 2.0 и ниже, но это здесь не важно, поэтому двинемся дальше. ## Кратко о повторяющихся жизнях метода Теперь давайте попробуем вызвать метод несколько раз: {% highlight irb %} -irb(main):013:0> h +irb(main):013:0> hi Hello World! => nil -irb(main):014:0> h() +irb(main):014:0> hi() Hello World! => nil {% endhighlight %} @@ -53,14 +54,14 @@ Hello World! нравится, но это не обязательно. Что если мы хотим сказать hello одному человеку, а не всему миру? -Просто переопределим метод `h`, чтобы он принимал имя как параметр. +Просто переопределим метод `hi`, чтобы он принимал имя как параметр. {% highlight irb %} -irb(main):015:0> def h(name) +irb(main):015:0> def hi(name) irb(main):016:1> puts "Hello #{name}!" irb(main):017:1> end -=> nil -irb(main):018:0> h("Matz") +=> :hi +irb(main):018:0> hi("Matz") Hello Matz! => nil {% endhighlight %} @@ -77,14 +78,14 @@ Hello Matz! большой буквы: {% highlight irb %} -irb(main):019:0> def h(name = "World") +irb(main):019:0> def hi(name = "World") irb(main):020:1> puts "Hello #{name.capitalize}!" irb(main):021:1> end -=> nil -irb(main):022:0> h "chris" +=> :hi +irb(main):022:0> hi "chris" Hello Chris! => nil -irb(main):023:0> h +irb(main):023:0> hi Hello World! => nil {% endhighlight %} @@ -114,7 +115,7 @@ irb(main):031:1> def say_bye irb(main):032:2> puts "Bye #{@name}, come back soon." irb(main):033:2> end irb(main):034:1> end -=> nil +=> :say_bye {% endhighlight %} Новое ключевое слово здесь - `class`. Оно служит для объявления нового diff --git a/ru/documentation/quickstart/3/index.md b/ru/documentation/quickstart/3/index.md index 6bddccc79e..3c741c549f 100644 --- a/ru/documentation/quickstart/3/index.md +++ b/ru/documentation/quickstart/3/index.md @@ -35,9 +35,7 @@ Bye Pat, come back soon. {% highlight irb %} irb(main):038:0> g.@name -SyntaxError: compile error -(irb):52: syntax error - from (irb):52 +SyntaxError: (irb):38: syntax error, unexpected tIVAR, expecting '(' {% endhighlight %} Неа, не можем этого сделать. @@ -53,16 +51,19 @@ SyntaxError: compile error {% highlight irb %} irb(main):039:0> Greeter.instance_methods -=> ["method", "send", "object_id", "singleton_methods", - "__send__", "equal?", "taint", "frozen?", - "instance_variable_get", "kind_of?", "to_a", - "instance_eval", "type", "protected_methods", "extend", - "eql?", "display", "instance_variable_set", "hash", - "is_a?", "to_s", "class", "tainted?", "private_methods", - "untaint", "say_hi", "id", "inspect", "==", "===", - "clone", "public_methods", "respond_to?", "freeze", - "say_bye", "__id__", "=~", "methods", "nil?", "dup", - "instance_variables", "instance_of?"] +=> [:say_hi, :say_bye, :instance_of?, :public_send, + :instance_variable_get, :instance_variable_set, + :instance_variable_defined?, :remove_instance_variable, + :private_methods, :kind_of?, :instance_variables, :tap, + :is_a?, :extend, :define_singleton_method, :to_enum, + :enum_for, :<=>, :===, :=~, :!~, :eql?, :respond_to?, + :freeze, :inspect, :display, :send, :object_id, :to_s, + :method, :public_method, :singleton_method, :nil?, :hash, + :class, :singleton_class, :clone, :dup, :itself, :taint, + :tainted?, :untaint, :untrust, :trust, :untrusted?, :methods, + :protected_methods, :frozen?, :public_methods, + :singleton_methods, :!, :==, :!=, :__send__, :equal?, + :instance_eval, :instance_exec, :__id__] {% endhighlight %} Ого! Это куча методов. А мы объявили всего два. Что здесь происходит? @@ -102,7 +103,7 @@ irb(main):043:0> g.respond_to?("to_s") irb(main):044:0> class Greeter irb(main):045:1> attr_accessor :name irb(main):046:1> end -=> nil +=> [:name, :name=] {% endhighlight %} В Ruby вы можете открыть класс снова и изменить его. Изменения будут diff --git a/ru/documentation/quickstart/4/index.md b/ru/documentation/quickstart/4/index.md index 64cef847e8..8a3bd40ad5 100644 --- a/ru/documentation/quickstart/4/index.md +++ b/ru/documentation/quickstart/4/index.md @@ -47,13 +47,13 @@ end ее значение nil, он просто печатает три точки. Нет смысла приветствовать несуществующее, верно? -## Циклы и повторы – так же известные как итерации +## Циклы и повторы – также известные как итерации -Если объект, записанный в переменной `@names` откликается на метод -`each`, значит он является объектом на котором вы можете итерировать. И -итерируя по нему вы можете приветствовать каждого человека за раз. И -наконец, если `@names` является чем-то совсем другим, просто превратим -ее в строку автоматически и поприветствуем. +Если объект, записанный в переменной `@names`, откликается на метод +`each`, значит он является объектом, на котором вы можете итерировать. +И, итерируя по нему, вы можете приветствовать каждого человека за раз. +И, наконец, если переменная `@names` является чем-то совсем другим, +просто превратим её в строку автоматически и поприветствуем. Давайте взглянем на итератор повнимательнее: @@ -64,14 +64,14 @@ end {% endhighlight %} `each` – это метод, который принимает блок кода и запускает этот блок -кода для каждого элемента в списке. И в примере выше, код между `do` и -`end`, это просто некий блок. Блок это что-то вроде анонимной функции +кода для каждого элемента в списке. И в примере выше код между `do` и +`end` – это просто некий блок. Блок – это что-то вроде анонимной функции или `лямбды`. Переменная между знаками (|) – это параметр для данного блока, как раз тот самый элемент списка, на которым будет производится действие в блоке кода. -Что происходит здесь, это то, что каждая запись в списке, `name`, -привязана к элементу в списке, и таким образом выражение `puts "Hello +Что происходит здесь, это то, что каждая запись в списке – `name` – +привязана к элементу в списке, и, таким образом, выражение `puts "Hello #{name}!"` будет выполнено с этим элементом. Большинство других языков программирования поддерживают прохождение по @@ -86,17 +86,17 @@ for (i=0; i class Greeter irb(main):045:1> attr_accessor :name irb(main):046:1> end -=> nil +=> [:name, :name=] {% endhighlight %} Ruby’de bir sınıfı açıp değiştirebilirsiniz. Yapılan değişiklikler diff --git a/tr/news/_posts/2014-07-26-rubykaigi-2014-registration-online.md b/tr/news/_posts/2014-07-26-rubykaigi-2014-registration-online.md index 3fb53bd25c..cc22b4f5c1 100644 --- a/tr/news/_posts/2014-07-26-rubykaigi-2014-registration-online.md +++ b/tr/news/_posts/2014-07-26-rubykaigi-2014-registration-online.md @@ -51,7 +51,7 @@ gelen Rubyciler için mükemmel bir ortam sağlayacağız. ## Daha fazla bilgi için: * [http://rubykaigi.org/2014](http://rubykaigi.org/2014) -* [http://blog.rubykaigi.org](http://blog.rubykaigi.org) +* [https://rubykaigi.org](https://rubykaigi.org) * [@rubykaigi](https://twitter.com/rubykaigi) * [http://lanyrd.com/2014/rubykaigi/](http://lanyrd.com/2014/rubykaigi) diff --git a/tr/news/_posts/2019-10-16-fukuoka-ruby-award-2020.md b/tr/news/_posts/2019-10-16-fukuoka-ruby-award-2020.md index 981e0e5504..307df2847c 100644 --- a/tr/news/_posts/2019-10-16-fukuoka-ruby-award-2020.md +++ b/tr/news/_posts/2019-10-16-fukuoka-ruby-award-2020.md @@ -22,8 +22,6 @@ Matz ve bir grup oturum katılımcısı Fukuoka Yarışmasının kazananlarını Fukuoka Yarışması için büyük ödül 1 milyon yen'dir. Önceki büyük ödül sahipleri arasında Rhomobile (ABD) ve APEC İklim Merkezi (Kore) bulunmaktadır. -[http://myfukuoka.com/category/news/ruby-news/](http://myfukuoka.com/category/news/ruby-news/) - Yarışmaya giren programlar tümüyle Ruby ile yazılmak zorunda değildir fakat Ruby'nin eşsiz karakteristiklerinden faydalanmalıdır. Projeler, değerlendirmeye alınabilmeleri için, son 12 ayda geliştirilmiş ya da tamamlanmış olmalıdır. diff --git a/tr/news/_posts/2020-12-25-ruby-3-0-0-released.md b/tr/news/_posts/2020-12-25-ruby-3-0-0-released.md index d1889c441a..ea2850a513 100644 --- a/tr/news/_posts/2020-12-25-ruby-3-0-0-released.md +++ b/tr/news/_posts/2020-12-25-ruby-3-0-0-released.md @@ -17,7 +17,7 @@ Ruby 3.0.0'ın yayınlandığını duyurmaktan memnuniyet duyuyoruz. NES'in oyun emulasyonu işyükü temelli tek threadde performansı ölçen [Optcarrot kıyaslaması](https://github.com/mame/optcarrot) ile Ruby3, Ruby 2.0'dan 3 kat daha hızlı olduğunu kanıtladı!
- Bunlar şurada not edilen ortama göre ölçülmüştür: [benchmark-driver.github.io/hardware.html](https://benchmark-driver.github.io/hardware.html) + Bunlar şurada not edilen ortama göre ölçülmüştür: [benchmark-driver.github.io/hardware.html](https://github.com/benchmark-driver/benchmark-driver) [Commit 8c510e4095](https://github.com/ruby/ruby/commit/8c510e4095), Ruby 3.0 olarak kullanıldı. Ortamınıza ya da kıyaslamanıza göre 3 kat hız ölçemeyebilirsiniz.
@@ -46,7 +46,7 @@ Yukarıda anlatılan performans artışı ile birlikte, Ruby 3.0 aşağıda anla Birçok iyileştirme MJIT'te gerçeklenmiştir. Ayrıntılar için NEWS'e bakınız. -Ruby 3.0 itibariyle, JIT'in sınırlı işyüklerinde performans iyileştirmeleri vermesi gerekiyor; oyunlar ([Optcarrot](https://benchmark-driver.github.io/benchmarks/optcarrot/commits.html#chart-1)), yapay zeka ([Rubykon](https://benchmark-driver.github.io/benchmarks/rubykon/commits.html)) ya da zamanının çoğunu birkaç metodu birçok kez çağırarak geçiren herhangi bir uygulama gibi. +Ruby 3.0 itibariyle, JIT'in sınırlı işyüklerinde performans iyileştirmeleri vermesi gerekiyor; oyunlar ([Optcarrot](https://github.com/mame/optcarrot)), yapay zeka ([Rubykon](https://github.com/benchmark-driver)) ya da zamanının çoğunu birkaç metodu birçok kez çağırarak geçiren herhangi bir uygulama gibi. Ruby 3.0 [JIT'lenmiş kodun boyutunu önemli ölçüde düşürmüş olsa da](https://twitter.com/k0kubun/status/1256142302608650244), Rails gibi optimize eden işyükleri için hala hazır değildir. diff --git a/vi/community/mailing-lists/index.md b/vi/community/mailing-lists/index.md index 90b0878649..26eddc62dc 100644 --- a/vi/community/mailing-lists/index.md +++ b/vi/community/mailing-lists/index.md @@ -32,10 +32,10 @@ The comp.lang.ruby Newsgroup ## Đăng ký theo dõi hoặc Hủy đăng ký -[Đăng ký theo dõi hoặc Hủy đăng ký](https://ml.ruby-lang.org/mailman3/postorius/lists/) +[Đăng ký theo dõi hoặc Hủy đăng ký](https://ml.ruby-lang.org/mailman3/lists/) -[3]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-talk@ml.ruby-lang.org/ -[4]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-core@ml.ruby-lang.org/ -[5]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-doc@ml.ruby-lang.org/ +[3]: https://ml.ruby-lang.org/archives/list/ruby-talk@ml.ruby-lang.org/ +[4]: https://ml.ruby-lang.org/archives/list/ruby-core@ml.ruby-lang.org/ +[5]: https://ml.ruby-lang.org/archives/list/ruby-doc@ml.ruby-lang.org/ diff --git a/vi/documentation/index.md b/vi/documentation/index.md index 8939879124..5a7a50f082 100644 --- a/vi/documentation/index.md +++ b/vi/documentation/index.md @@ -117,8 +117,6 @@ tính năng nâng cao (ví dụ: tự động hoàn thiện, tái cấu trúc, h * Trên Windows: * [Notepad++][29] - * [E-TextEditor][30] - * [Ruby In Steel][31] * Trên macOS: * [TextMate][32] @@ -159,8 +157,6 @@ là một nơi tuyệt vời. [27]: http://www.jetbrains.com/ruby/ [28]: http://www.scintilla.org/SciTE.html [29]: http://notepad-plus-plus.org/ -[30]: http://www.e-texteditor.com/ -[31]: http://www.sapphiresteel.com/ [32]: http://macromates.com/ [33]: https://www.barebones.com/products/bbedit/ [34]: http://ruby-doc.org diff --git a/vi/documentation/quickstart/3/index.md b/vi/documentation/quickstart/3/index.md index a1758b39ee..72daba846b 100644 --- a/vi/documentation/quickstart/3/index.md +++ b/vi/documentation/quickstart/3/index.md @@ -101,7 +101,7 @@ truy xuất dữ liệu tới các biến của một đối tượng. irb(main):044:0> class ChàoMừng irb(main):045:1> attr_accessor :tên irb(main):046:1> end -=> nil +=> [:tên, :tên=] {% endhighlight %} Trong Ruby, bạn có thể mở một lớp ở phía trên và sửa nó. Sự thay đổi sẽ xuất diff --git a/vi/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md b/vi/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md index d859aeb9e2..38739670a4 100644 --- a/vi/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md +++ b/vi/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md @@ -32,19 +32,19 @@ Bạn có thể đọc bản báo cáo gốc trên bug tracker: ## Download -* +* SIZE: 9081661 bytes MD5: 8ba4aaf707023e76f80fc8f455c99858 SHA256: 6d3487ea8a86ad0fa78a8535078ff3c7a91ca9f99eff0a6a08e66c6e6bf2040f -* +* SIZE: 11416473 bytes MD5: 4b9330730491f96b402adc4a561e859a SHA256: 23ef45fdaecc5d6c7b4e9e2d51b23817fc6aa8225a20f123f7fa98760e8b5ca9 -* +* SIZE: 12732739 bytes MD5: 42d261b28d1b7e500dd3bdbdbfba7fa5 diff --git a/zh_cn/community/mailing-lists/index.md b/zh_cn/community/mailing-lists/index.md index 6334f0dfd6..cb6506b07f 100644 --- a/zh_cn/community/mailing-lists/index.md +++ b/zh_cn/community/mailing-lists/index.md @@ -26,10 +26,10 @@ comp.lang.ruby新闻组 ## 订阅或退订 -[订阅或退订](https://ml.ruby-lang.org/mailman3/postorius/lists/) +[订阅或退订](https://ml.ruby-lang.org/mailman3/lists/) -[4]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-talk@ml.ruby-lang.org/ -[5]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-core@ml.ruby-lang.org/ -[6]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-doc@ml.ruby-lang.org/ +[4]: https://ml.ruby-lang.org/archives/list/ruby-talk@ml.ruby-lang.org/ +[5]: https://ml.ruby-lang.org/archives/list/ruby-core@ml.ruby-lang.org/ +[6]: https://ml.ruby-lang.org/archives/list/ruby-doc@ml.ruby-lang.org/ diff --git a/zh_cn/documentation/index.md b/zh_cn/documentation/index.md index abb6107be6..c56ce1615e 100644 --- a/zh_cn/documentation/index.md +++ b/zh_cn/documentation/index.md @@ -93,8 +93,6 @@ ruby -v * Windows: * [Notepad++][29] - * [E-TextEditor][30] - * [Ruby In Steel][31] * macOS: * [TextMate][32] @@ -133,8 +131,6 @@ ruby -v [27]: http://www.jetbrains.com/ruby/ [28]: http://www.scintilla.org/SciTE.html [29]: http://notepad-plus-plus.org/ -[30]: http://www.e-texteditor.com/ -[31]: http://www.sapphiresteel.com/ [32]: http://macromates.com/ [33]: https://www.barebones.com/products/bbedit/ [34]: http://ruby-doc.org diff --git a/zh_cn/documentation/installation/index.md b/zh_cn/documentation/installation/index.md index 2b9ea57375..774fc1f8b3 100644 --- a/zh_cn/documentation/installation/index.md +++ b/zh_cn/documentation/installation/index.md @@ -35,6 +35,7 @@ lang: zh_cn * [管理工具](#managers) * [chruby](#chruby) * [rbenv](#rbenv) + * [rbenv for Windows](#rbenv-for-windows) * [RVM](#rvm) * [uru](#uru) * [通过源码编译安装](#building-from-source) @@ -214,7 +215,7 @@ $ sudo make install [rvm]: http://rvm.io/ [rbenv]: https://github.com/rbenv/rbenv#readme -[rbenv-for-windows]: https://github.com/ccmywish/rbenv-for-windows#readme +[rbenv-for-windows]: https://github.com/RubyMetric/rbenv-for-windows#readme [ruby-build]: https://github.com/rbenv/ruby-build#readme [ruby-install]: https://github.com/postmodern/ruby-install#readme [chruby]: https://github.com/postmodern/chruby#readme diff --git a/zh_cn/documentation/quickstart/3/index.md b/zh_cn/documentation/quickstart/3/index.md index 02f0b446e0..2ab127eb63 100644 --- a/zh_cn/documentation/quickstart/3/index.md +++ b/zh_cn/documentation/quickstart/3/index.md @@ -92,7 +92,7 @@ irb(main):043:0> g.respond_to?("to_s") irb(main):044:0> class Greeter irb(main):045:1> attr_accessor :name irb(main):046:1> end -=> nil +=> [:name, :name=] {% endhighlight %} 在 Ruby 里,您可以把一个类打开然后改变它。这些改变会对以后生成的甚至是已经生成的对象产生即时效果。 下面我们来建一个新的 Greeter diff --git a/zh_cn/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md b/zh_cn/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md index b974d6c5c4..624f6b0e85 100644 --- a/zh_cn/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md +++ b/zh_cn/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md @@ -26,19 +26,19 @@ ruby -v -ruri -e'URI.decode_www_form_component "A string that causes catastrophi ## 下载 -* +* SIZE: 9081661 bytes MD5: 8ba4aaf707023e76f80fc8f455c99858 SHA256: 6d3487ea8a86ad0fa78a8535078ff3c7a91ca9f99eff0a6a08e66c6e6bf2040f -* +* SIZE: 11416473 bytes MD5: 4b9330730491f96b402adc4a561e859a SHA256: 23ef45fdaecc5d6c7b4e9e2d51b23817fc6aa8225a20f123f7fa98760e8b5ca9 -* +* SIZE: 12732739 bytes MD5: 42d261b28d1b7e500dd3bdbdbfba7fa5 diff --git a/zh_cn/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md b/zh_cn/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md index 2513b1fca0..75e3eb44af 100644 --- a/zh_cn/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md +++ b/zh_cn/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md @@ -20,7 +20,7 @@ Ruby 3.3 新增了 Prism 解析器,使用 Lrama 作为解析生成器,新增 * Prism 既是 CRuby 内部使用的 C 库,也是任何需要解析 Ruby 代码的工具可以使用的 Ruby gem * Prism API 中值得注意的方法有: * `Prism.parse(source)` 返回 AST 作为 ParseResult 的一部分 - * `Prism.dump(source, filepath)` 将序列化的 AST 以字符串形式返回 + * `Prism.dump(source)` 将序列化的 AST 以字符串形式返回 * `Prism.parse_comments(source)` 返回注释 * 如果您有兴趣贡献,可以直接在 [Prism 代码库](https://github.com/ruby/prism) 上提出拉取请求或报告问题 diff --git a/zh_cn/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md b/zh_cn/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md index 142492d656..811d772dc8 100644 --- a/zh_cn/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md +++ b/zh_cn/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md @@ -22,7 +22,7 @@ Ruby 3.3 新增了 Prism 解析器,使用 Lrama 作为解析生成器,新增 * Prism 既是 CRuby 内部使用的 C 库,也是任何需要解析 Ruby 代码的工具可以使用的 Ruby gem * Prism API 中值得注意的方法有: * `Prism.parse(source)` 返回 AST 作为 ParseResult 的一部分 - * `Prism.dump(source, filepath)` 将序列化的 AST 以字符串形式返回 + * `Prism.dump(source)` 将序列化的 AST 以字符串形式返回 * `Prism.parse_comments(source)` 返回注释 * 如果您有兴趣贡献,可以直接在 [Prism 代码库](https://github.com/ruby/prism) 上提出拉取请求或报告问题 diff --git a/zh_cn/news/_posts/2023-12-25-ruby-3-3-0-released.md b/zh_cn/news/_posts/2023-12-25-ruby-3-3-0-released.md new file mode 100644 index 0000000000..6e93ea1409 --- /dev/null +++ b/zh_cn/news/_posts/2023-12-25-ruby-3-3-0-released.md @@ -0,0 +1,286 @@ +--- +layout: news_post +title: "Ruby 3.3.0 已发布" +author: "naruse" +translator: GAO Jun +date: 2023-12-25 00:00:00 +0000 +lang: zh_cn +--- + +{% assign release = site.data.releases | where: "version", "3.3.0" | first %} +我们很高兴地宣布 Ruby {{ release.version }} 发布。 +Ruby 3.3 新增了 Prism 解析器,使用 Lrama 作为解析生成器,新增了纯 Ruby 实现的 JIT 编译器 RJIT,另有许多性能改进,尤其是 YJIT。 + +## Prism + +* 引入 [Prism 解析器](https://github.com/ruby/prism) 为默认 gem + * Prism 是一个可移植、容错且可维护的 Ruby 语言递归下降解析器 +* Prism 已可用于生产环境,并得到了积极维护,您可以使用它来代替 Ripper + * 有关于如何使用 Prism 的 [详细文档](https://ruby.github.io/prism/) + * Prism 既是 CRuby 内部使用的 C 库,也是任何需要解析 Ruby 代码的工具可以使用的 Ruby gem + * Prism API 中值得注意的方法有: + * `Prism.parse(source)` 返回 AST 作为解析结果对象的一部分 + * `Prism.parse_comments(source)` 返回注释 + * `Prism.parse_success?(source)` 返回解析是否成功(没有错误) +* 如果您有兴趣贡献,可以直接在 [Prism 代码库](https://github.com/ruby/prism) 上提出拉取请求或报告问题 +* 您现在可以通过 `ruby --parser=prism` 或 `RUBYOPT="--parser=prism"` 来试用 Prism 编译器。 请注意,此选项仅用于调试。 + +## 使用 Lrama 替代 Bison + +* 使用 [Lrama LALR 解析生成器](https://github.com/ruby/lrama) 替换 Bison [[Feature #19637]](https://bugs.ruby-lang.org/issues/19637) + * 如果您有兴趣,请参阅 [Ruby 解析器的未来愿景](https://rubykaigi.org/2023/presentations/spikeolaf.html) + * Lrama 内部解析器被 Racc 生成的 LR 解析器替换,以便于维护 + * 已支持参数化规则 `(?, *, +)` ,将被用于 Ruby parse.y 中 + +## YJIT + +* 相对于 Ruby 3.2 的主要性能提升 + * 改进了 splat 和 rest 参数支持。 + * 虚拟机的栈操作分配了寄存器。 + * 更多带有可选参数的调用被编译。错误处理也被编译。 + * 不支持的调用类型和多态调用不再推出到解释器执行。 + * 诸如 Rails 的 `#blank?` 和 [特定的 `#present?`](https://github.com/rails/rails/pull/49909) 现在被内联。 + * 特别优化了 `Integer#*`, `Integer#!=`, `String#!=`, `String#getbyte`, + `Kernel#block_given?`, `Kernel#is_a?`, `Kernel#instance_of?`, `Module#===`。 + * 编译速度比 Ruby 3.2 略快。 + * 比 Optcarrot 的解释器快 3 倍以上! +* 内存利用率相较 Ruby 3.2 有显著提升 + * 编译代码所用的元数据使用更少的内存。 + * 当应用程序超过 40000 ISEQ 时,`--yjit-call-threshold` 自动从 30 提升到 120。 + * 增加 `--yjit-cold-threshold` 来跳过编译冷 ISEQ。 + * 在 ARM64 中的生成更多紧凑代码。 +* 代码垃圾收集现在默认禁用 + * 将 `--yjit-exec-mem-size` 作为新代码编译停止的硬限制。 + * 代码垃圾收集不会导致性能突然大幅降低 + 基于 [Pitchfork](https://github.com/shopify/pitchfork) 为服务器上的重新分叉提供更好的写时复制行为。 + * 您依旧可以通过 `--yjit-code-gc` 启用代码垃圾收集 +* 新增 `RubyVM::YJIT.enable` 可以在运行时启用 YJIT + * 您可以在不修改命令行参数或环境变量的情况下启用 YJIT。 + Rails 7.2 将通过此方法 [默认启用 YJIT](https://github.com/rails/rails/pull/49947)。 + * 这也可以用于在应用程序启动完成后,仅启用 YJIT 一次。当您在启动程序时禁用了 YJIT ,您可以通过 `--yjit-disable` 来使用其他 YJIT 选项。 +* 默认可以获取更多的 YJIT 状态 + * `yjit_alloc_size` 和一些更多的元数据相关状态现在默认可用。 + * 发布版本中,现在可以用到通过 `--yjit-stats` 产生的 `ratio_in_yjit` 统计信息,不再需要特殊的统计信息或开发版本。 +* 新增更多性能分析能力 + * 新增 `--yjit-perf` 以便于利用 Linux perf 进行性能分析。 + * `--yjit-trace-exits` 现在支持通过 `--yjit-trace-exits-sample-rate=N` 进行取样 +* 更彻底的测试及多个错误修复 + +## RJIT + +* 引入了纯 Ruby 的 JIT 编译器 RJIT 并替代 MJIT。 + * RJIT 仅支持 x86\_64 架构上的 Unix 平台。 + * 不同于 MJIT,RJIT在运行时不需要 C 编译器。 +* RJIT 目前仅用于实验目的。 + * 您在生产环境中应当继续使用 YJIT。 +* 如果您有兴趣为 Ruby 开发 JIT,请查看 [k0kubun 在 RubyKaigi 第 3 天 中的演讲](https://rubykaigi.org/2023/presentations/k0kubun.html#day3)。 + +## M:N 线程调度器 + +* 引入了 M:N 线程调度器。[[Feature #19842]](https://bugs.ruby-lang.org/issues/19842) + * M 个 Ruby 线程由 N 个原生线程(OS 线程)管理,从而降低线程创建和管理成本。 + * 由于可能会破坏 C 扩展的兼容性,因此在默认情况下,主 Ractor 上禁用 M:N 线程调度器。 + * 可通过环境变量 `RUBY_MN_THREADS=1` 在主 Ractor 上启用 M:N 线程。 + * 非主 Ractor 上总是启用 M:N 线程。 + * 可通过环境变量 `RUBY_MAX_CPU=n` 设置 `N` 的最大值(原生线程的最大数量)。默认值为 8。 + * 由于每个 Ractor 中只能同时运行一个 Ruby 线程,因此将使用原生线程的数量,即 `RUBY_MAX_CPU` 和运行中的 Ractor 数量中较小的值。因此单 Ractor 应用程序(大多数应用程序)将仅使用 1 个原生线程。 + * 为了支持阻塞操作,可以使用多于 `N` 个原生线程。 + +## 性能提升 + +* 根据对象形状,优化 `defined?(@ivar)`。 +* 诸如 `Socket.getaddrinfo` 的域名解析现在可以被中断(在 pthreads 可用的环境中)。[[Feature #19965]](https://bugs.ruby-lang.org/issues/19965) +* 垃圾收集器的一些性能改进 + * 老对象引用的年轻对象不再立即提升到老一代。这显着降低了主要垃圾收集的频率。 [[Feature #19678]](https://bugs.ruby-lang.org/issues/19678) + * 新增调节变量 `RUBY_GC_HEAP_REMEMBERED_WB_UNPROTECTED_OBJECTS_LIMIT_RATIO` 来控制导致触发主要垃圾收集的未保护对象的数量。 + 默认设置为 `0.01` (1%)。这显著降低了主要垃圾收集的频率。 [[Feature #19571]](https://bugs.ruby-lang.org/issues/19571) + * 为许多缺少写入屏障的核心类型实现了写入屏障,特别是`Time`, `Enumerator`, `MatchData`, `Method`, `File::Stat`, `BigDecimal`等。 + 这显着减少了次要垃圾收集时间和主要垃圾收集的频率。 + * 大多数核心类现在都使用可变宽度分配,特别是`Hash`, `Time`, `Thread::Backtrace`, `Thread::Backtrace::Location`, `File::Stat`, `Method`。 + 这使得这些类的分配和释放速度更快,使用更少的内存并减少堆碎片。 + * 垃圾收集器中添加了对弱引用的支持。 [功能 #19783](https://bugs.ruby-lang.org/issues/19783) + + +## 自 3.2 以来,其他值得注意的变化 + +### IRB + +IRB 进行了多项增强功能,包括但不限于: + +* 高级 `irb:rdbg` 集成,提供了类似 `pry-byebug` 的调试体验([文档](https://github.com/ruby/irb#debugging-with-irb))。 +* 为 `ls` 和 `show_cmds` 这样的方法提供分页支持。 +* 为 `ls` 和 `show_source` 方法提供更准确更有用的信息。 +* 实验性的基于类型分析的自动补全功能([文档](https://github.com/ruby/irb#type-based-completion))。 +* 现在可以通过新引入的类 Reline::Face 来更改自动补全对话框中的字体颜色和字体样式([文档](https://github.com/ruby/ruby/blob/master/doc/reline/face.md))。 + +另外,IRB 还进行了广泛的重构,修复了数十个错误,以便未来的增强。 + +如需了解更详细信息,请参考 [Unveiling the big leap in Ruby 3.3's IRB](https://railsatscale.com/2023-12-19-irb-for-ruby-3-3/)。 + +## 兼容性问题 + +注意:不包括 bug 修复。 + +* 在没有普通参数的 block 中对于没有参数的 `it` 调用被废弃。`it` 将在 Ruby 3.4 中作为第一个 block 参数的引用。[[Feature #18980]](https://bugs.ruby-lang.org/issues/18980) + +### 移除的环境变量 + +移除了以下已废除的环境变量 + +* 环境变量 `RUBY_GC_HEAP_INIT_SLOTS` 被废弃,并不再产生实际作用。请使用环境变量 `RUBY_GC_HEAP_{0,1,2,3,4}_INIT_SLOTS` 进行替代。 [[Feature #19785]](https://bugs.ruby-lang.org/issues/19785) + +## Stdlib 兼容性问题 + +### `ext/readline` 已退役 + +* 我们有了纯 Ruby 实现的 `reline`,兼容 `ext/readline` API。未来我们将依赖 `reline`。如果您需要使用 `ext/readline`,可以通过 rubygems.org 进行安装 `gem install readline-ext`。 +* 我们不再需要安装类似 `libreadline` 或 `libedit` 这样的库了。 + +## 标准库更新 + +如果在 Gemfile 或 gemspec 中没有加入下列 gems,那么当用户 `require` 这些 gems时,RubyGems 和 Bundler 会发出警告。 +因为这些 gems 会在将来的 Ruby 版本中成为绑定的 gems 库。 + +当时用 bootsnap gem 时,将不显示此警告。我们建议使用 `DISABLE_BOOTSNAP=1` 环境变量运行您的应用程序至少一次。这是此版本的限制。 + +这些库包括: +* abbrev +* base64 +* bigdecimal +* csv +* drb +* getoptlong +* mutex_m +* nkf +* observer +* racc +* resolv-replace +* rinda +* syslog + +新增以下默认 gem。 + +* prism 0.19.0 + +更新了以下默认 gems。 + +* RubyGems 3.5.3 +* abbrev 0.1.2 +* base64 0.2.0 +* benchmark 0.3.0 +* bigdecimal 3.1.5 +* bundler 2.5.3 +* cgi 0.4.1 +* csv 3.2.8 +* date 3.3.4 +* delegate 0.3.1 +* drb 2.2.0 +* english 0.8.0 +* erb 4.0.3 +* error_highlight 0.6.0 +* etc 1.4.3 +* fcntl 1.1.0 +* fiddle 1.1.2 +* fileutils 1.7.2 +* find 0.2.0 +* getoptlong 0.2.1 +* io-console 0.7.1 +* io-nonblock 0.3.0 +* io-wait 0.3.1 +* ipaddr 1.2.6 +* irb 1.11.0 +* json 2.7.1 +* logger 1.6.0 +* mutex_m 0.2.0 +* net-http 0.4.0 +* net-protocol 0.2.2 +* nkf 0.1.3 +* observer 0.1.2 +* open-uri 0.4.1 +* open3 0.2.1 +* openssl 3.2.0 +* optparse 0.4.0 +* ostruct 0.6.0 +* pathname 0.3.0 +* pp 0.5.0 +* prettyprint 0.2.0 +* pstore 0.1.3 +* psych 5.1.2 +* rdoc 6.6.2 +* readline 0.0.4 +* reline 0.4.1 +* resolv 0.3.0 +* rinda 0.2.0 +* securerandom 0.3.1 +* set 1.1.0 +* shellwords 0.2.0 +* singleton 0.2.0 +* stringio 3.1.0 +* strscan 3.0.7 +* syntax_suggest 2.0.0 +* syslog 0.1.2 +* tempfile 0.2.1 +* time 0.3.0 +* timeout 0.4.1 +* tmpdir 0.2.0 +* tsort 0.2.0 +* un 0.3.0 +* uri 0.13.0 +* weakref 0.1.3 +* win32ole 1.8.10 +* yaml 0.3.0 +* zlib 3.1.0 + +以下默认 gem 成为绑定 gem + +* racc 1.7.3 + +更新了以下绑定 gems。 + +* minitest 5.20.0 +* rake 13.1.0 +* test-unit 3.6.1 +* rexml 3.2.6 +* rss 0.3.0 +* net-ftp 0.3.3 +* net-imap 0.4.9 +* net-smtp 0.4.0 +* rbs 3.4.0 +* typeprof 0.21.9 +* debug 1.9.1 + +有关默认 gems 和 绑定 gems 的细节,可以参考 GitHub 上的发布,例如 [logger gem](https://github.com/ruby/logger/releases) 或相应的变更日志。 + +更多详情,可参见 [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +或 [提交日志](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }})。 + +自 Ruby 3.2.0 以来,[{{ release.stats.files_changed }} 个文件被更改,新增 {{ release.stats.insertions }} 行(+), 删除 {{ release.stats.deletions }} 行(-)](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }}#file_bucket)! + +圣诞快乐,节日快乐,享受 Ruby 3.3 的编程乐趣! + +## 下载 + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 什么是 Ruby + +Ruby 最初由 Matz (松本行弘,Yukihiro Matsumoto) 于 1993 年开发,现在以开源软件的形式开发。它可以在多个平台上运行,并在全球得到广泛使用,尤其是Web开发领域。 diff --git a/zh_cn/news/_posts/2024-01-18-ruby-3-2-3-released.md b/zh_cn/news/_posts/2024-01-18-ruby-3-2-3-released.md new file mode 100644 index 0000000000..a0a0f261b5 --- /dev/null +++ b/zh_cn/news/_posts/2024-01-18-ruby-3-2-3-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.2.3 已发布" +author: "nagachika" +translator: "GAO Jun" +date: 2024-01-18 09:00:00 +0000 +lang: zh_cn +--- + +Ruby 3.2.3 已发布。 + +此版本修正了很多问题。 +您可以通过查看 [GitHub 发布页面](https://github.com/ruby/ruby/releases/tag/v3_2_3) 获取更多信息。 + +此版本还将 `uri` gem 更新到了 0.12.2,其中包含了安全修正。 +您可以查看下面的主题来获取详细信息。 + +* [CVE-2023-36617: URI 包中的 ReDoS 漏洞]({%link zh_cn/news/_posts/2023-06-29-redos-in-uri-CVE-2023-36617.md %}) + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.2.3" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md b/zh_cn/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md new file mode 100644 index 0000000000..7c3d57f4d3 --- /dev/null +++ b/zh_cn/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md @@ -0,0 +1,45 @@ +--- +layout: news_post +title: "CVE-2024-27280: StringIO 中的缓存过读漏洞" +author: "hsbt" +translator: "GAO Jun" +date: 2024-03-21 4:00:00 +0000 +tags: security +lang: zh_cn +--- + +我们发布了包含缓存过读漏洞补丁的 StringIO gem 版本 3.0.1.1 和 3.0.1.2。 +此漏洞的 CVE 编号为 [CVE-2024-27280](https://www.cve.org/CVERecord?id=CVE-2024-27280). + +## 详情 + +在 StringIO 3.0.1 中发现了一个问题,在 Ruby 3.0.x 中影响至 3.0.6,在 3.1.x 中影响至 3.1.4。 + +StringIO 中的 `ungetbyte` 和 `ungetc` 方法能够读取超过字符串结尾的内容,如果后续调用 `StringIO.gets` 能返回内存数据。 + +此漏洞不会影响 StringIO 3.0.3 及之后版本,不会影响 Ruby 3.2.x 及之后版本。 + +## 建议操作 + +我们建议将 StringIO gem 更新到 3.0.3 或后续版本。 为确保与旧版 Ruby 中的绑定版本兼容,您可以按照下面的方式进行更新: + +* Ruby 3.0:更新 `stringio` 至 3.0.1.1 +* Ruby 3.1:更新 `stringio` 至 3.0.1.2 + +注意:StringIO 3.0.1.2 不仅包含了本问题的补丁,也包含了 [[Bug #19389]](https://github.com/ruby/ruby/commit/1d24a931c458c93463da1d5885f33edef3677cc2) 的补丁。 + +您可以通过 `gem update stringio` 进行更新。如果您使用 bundler,请在您的 `Gemfile` 中增加 `gem "stringio", ">= 3.0.1.2"`。 + +## 受影响版本 + +* Ruby 3.0.6 或更低版本 +* Ruby 3.1.4 或更低版本 +* StringIO gem 3.0.2 或更低版本 + +## 致谢 + +感谢 [david_h1](https://hackerone.com/david_h1?type=user) 发现此问题。 + +## 历史 + +* 最初发布于 2024-03-21 4:00:00 (UTC) diff --git a/zh_cn/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md b/zh_cn/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md new file mode 100644 index 0000000000..d2d8f5967c --- /dev/null +++ b/zh_cn/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md @@ -0,0 +1,48 @@ +--- +layout: news_post +title: "CVE-2024-27281: RDoc 中 .rdoc_options 的 RCE 漏洞" +author: "hsbt" +translator: "GAO Jun" +date: 2024-03-21 4:00:00 +0000 +tags: security +lang: zh_cn +--- + +我们发布了包含 RCE 漏洞补丁的 RDoc gem 版本 6.3.4.1, 6.4.1.1, 6.5.1.1 和 6.6.3.1。 +此漏洞的 CVE 编号为 [CVE-2024-27281](https://www.cve.org/CVERecord?id=CVE-2024-27281). + +## 详情 + +在 RDoc 6.3.3 至 6.6.2 中发现了一个问题,影响了 Ruby 3.x 至 3.3.0。 + +当解析 YAML 格式的 `.rdoc_options` 文件时(用于 RDoc 配置),由于对恢复的类没有限制,可能导致对象注入和由此产生的远程代码执行。 + +当载入文档缓存时,如果存在特制的缓存,对象注入和由此产生的远程代码执行也可能存在。 + +## 建议操作 + +我们建议将 RDoc gem 更新到 6.6.3.1 或后续版本。 为确保与旧版 Ruby 中的绑定版本兼容,您可以按照下面的方式进行更新: + +* Ruby 3.0:更新 `rdoc` 至 6.3.4.1 +* Ruby 3.1:更新 `rdoc` 至 6.4.1.1 +* Ruby 3.2:更新 `rdoc` 至 6.5.1.1 + +您可以通过 `gem update rdoc` 进行更新。如果您使用 bundler,请在您的 `Gemfile` 中增加 `gem "rdoc", ">= 6.6.3.1`。 + +注意: 6.3.4, 6.4.1, 6.5.1 和 6.6.3 中的补丁不正确。我们建议更新到 6.3.4.1, 6.4.1.1, 6.5.1.1 和 6.6.3.1。 + +## 受影响版本 + +* Ruby 3.0.6 或更低版本 +* Ruby 3.1.4 或更低版本 +* Ruby 3.2.3 或更低版本 +* Ruby 3.3.0 +* RDoc gem 6.3.3 或更低版本, 6.4.0 至 6.6.2 (除已修正版本 6.3.4,6.4.1, 6.5.1) + +## 致谢 + +感谢 [ooooooo_q](https://hackerone.com/ooooooo_q?type=user) 发现此问题。 + +## 历史 + +* 最初发布于 2024-03-21 4:00:00 (UTC) diff --git a/zh_cn/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md b/zh_cn/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md new file mode 100644 index 0000000000..18f037b8b3 --- /dev/null +++ b/zh_cn/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md @@ -0,0 +1,41 @@ +--- +layout: news_post +title: "CVE-2024-27282: Regex 搜索中的任意地址读取漏洞" +author: "hsbt" +translator: "GAO Jun" +date: 2024-04-23 10:00:00 +0000 +tags: security +lang: zh_cn +--- + +我们发布了 Ruby 3.0.7,3.1.5,3.2.4 和 3.3.1,其中包含了 Regex 搜索中的任意地址读取漏洞的补丁。 +此漏洞的 CVE 编号为 [CVE-2024-27282](https://www.cve.org/CVERecord?id=CVE-2024-27282)。 + +## 详情 + +在 Ruby 3.x 至 3.3.0 中发现了一个问题。 + +如果将攻击者提供的特定数据提供给 Ruby 的正则表达式编译器,则可能提取与文本开始相关的任意堆数据,包括指针和敏感字符串。 + +## 建议操作 + +我们建议将 Ruby 更新到 3.3.1 或后续版本。为确保与旧版 Ruby 兼容,您可以按照下面的方式进行更新: + +* Ruby 3.0:更新至 3.0.7 +* Ruby 3.1:更新至 3.1.5 +* Ruby 3.2:更新至 3.2.4 + +## 受影响版本 + +* Ruby 3.0.6 或更低版本 +* Ruby 3.1.4 或更低版本 +* Ruby 3.2.3 或更低版本 +* Ruby 3.3.0 + +## 致谢 + +感谢 [sp2ip](https://hackerone.com/sp2ip?type=user) 发现此问题。 + +## 历史 + +* 最初发布于 2024-04-23 10:00:00 (UTC) diff --git a/zh_cn/news/_posts/2024-04-23-ruby-3-0-7-released.md b/zh_cn/news/_posts/2024-04-23-ruby-3-0-7-released.md new file mode 100644 index 0000000000..e6e1b76f39 --- /dev/null +++ b/zh_cn/news/_posts/2024-04-23-ruby-3-0-7-released.md @@ -0,0 +1,53 @@ +--- +layout: news_post +title: "Ruby 3.0.7 已发布" +author: "hsbt" +translator: "GAO Jun" +date: 2024-04-23 10:00:00 +0000 +lang: zh_cn +--- + +Ruby 3.0.7 已发布。 + +此版本包括安全补丁。 +请通过以下条目来获取详情。 + +* [CVE-2024-27282: Regex 搜索中的任意地址读取漏洞]({%link zh_cn/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RDoc 中 .rdoc_options 的 RCE 漏洞](https://www.ruby-lang.org/zh_cn/news/2024/03/21/rce-rdoc-cve-2024-27281/) +* [CVE-2024-27280: StringIO 中的缓存过读漏洞](https://www.ruby-lang.org/zh_cn/news/2024/03/21/buffer-overread-cve-2024-27280/) + +您可以通过 [发布说明](https://github.com/ruby/ruby/releases/tag/v3_0_7) 获取进一步信息。 + +此版本发布后,Ruby 3.0 达到 EOL。也就是说,这应该是 Ruby 3.0 系列的最后一个版本。 +即使发现安全漏洞,我们也不会发布 Ruby 3.0.8(但如果发现严重回归问题时,则有可能会发布)。 +我们建议所有 Ruby 3.0 用户立即开始迁移到 Ruby 3.3,3.2 或 3.1。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.0.7" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2024-04-23-ruby-3-1-5-released.md b/zh_cn/news/_posts/2024-04-23-ruby-3-1-5-released.md new file mode 100644 index 0000000000..ecc1112dfb --- /dev/null +++ b/zh_cn/news/_posts/2024-04-23-ruby-3-1-5-released.md @@ -0,0 +1,49 @@ +--- +layout: news_post +title: "Ruby 3.1.5 已发布" +author: "hsbt" +translator: "GAO Jun" +date: 2024-04-23 10:00:00 +0000 +lang: zh_cn +--- + +Ruby 3.1.5 已发布。 + +此版本包括安全补丁。 +请通过以下条目来获取详情。 + +* [CVE-2024-27282: Regex 搜索中的任意地址读取漏洞]({%link zh_cn/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RDoc 中 .rdoc_options 的 RCE 漏洞](https://www.ruby-lang.org/zh_cn/news/2024/03/21/rce-rdoc-cve-2024-27281/) +* [CVE-2024-27280: StringIO 中的缓存过读漏洞](https://www.ruby-lang.org/zh_cn/news/2024/03/21/buffer-overread-cve-2024-27280/) + +您可以通过 [发布说明](https://github.com/ruby/ruby/releases/tag/v3_1_5) 获取进一步信息。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.1.5" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2024-04-23-ruby-3-2-4-released.md b/zh_cn/news/_posts/2024-04-23-ruby-3-2-4-released.md new file mode 100644 index 0000000000..dace0fbe73 --- /dev/null +++ b/zh_cn/news/_posts/2024-04-23-ruby-3-2-4-released.md @@ -0,0 +1,48 @@ +--- +layout: news_post +title: "Ruby 3.2.4 已发布" +author: "nagachika" +translator: "GAO Jun" +date: 2024-04-23 10:00:00 +0000 +lang: zh_cn +--- + +Ruby 3.2.4 已发布。 + +此版本包括安全补丁。 +请通过以下条目来获取详情。 + +* [CVE-2024-27282: Regex 搜索中的任意地址读取漏洞]({%link zh_cn/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RDoc 中 .rdoc_options 的 RCE 漏洞](https://www.ruby-lang.org/zh_cn/news/2024/03/21/rce-rdoc-cve-2024-27281/) + +您可以通过 [发布说明](https://github.com/ruby/ruby/releases/tag/v3_2_4) 获取进一步信息。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.2.4" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2024-04-23-ruby-3-3-1-released.md b/zh_cn/news/_posts/2024-04-23-ruby-3-3-1-released.md new file mode 100644 index 0000000000..bddf2004a4 --- /dev/null +++ b/zh_cn/news/_posts/2024-04-23-ruby-3-3-1-released.md @@ -0,0 +1,48 @@ +--- +layout: news_post +title: "Ruby 3.3.1 已发布" +author: "naruse" +translator: "GAO Jun" +date: 2024-04-23 10:00:00 +0000 +lang: zh_cn +--- + +Ruby 3.3.1 已发布。 + +此版本包括安全补丁。 +请通过以下条目来获取详情。 + +* [CVE-2024-27282: Regex 搜索中的任意地址读取漏洞]({%link zh_cn/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RDoc 中 .rdoc_options 的 RCE 漏洞](https://www.ruby-lang.org/zh_cn/news/2024/03/21/rce-rdoc-cve-2024-27281/) + +您可以通过 [发布说明](https://github.com/ruby/ruby/releases/tag/v3_3_1) 获取进一步信息。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.3.1" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md b/zh_cn/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md new file mode 100644 index 0000000000..60277c548d --- /dev/null +++ b/zh_cn/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2024-35176: REXML 中的 DoS 漏洞" +author: "kou" +translator: "GAO Jun" +date: 2024-05-16 05:00:00 +0000 +tags: security +lang: zh_cn +--- + +REXML gem 中存在一个 DoS 漏洞。此漏洞的 CVE 编号为 [CVE-2024-35176](https://www.cve.org/CVERecord?id=CVE-2024-35176)。我们强烈建议您更新 REXML gem。 + +## 详情 + +当 XML 文档中的一个属性值包含很多 `<` 时,REXML gem 在解析时可能会花费很长时间。 + +请更新 REXML gem 至 3.2.7 或后续版本。 + +## 受影响版本 + +* REXML gem 3.2.6 或更低版本 + +## 致谢 + +感谢 [mprogrammer](https://hackerone.com/mprogrammer) 发现此问题。 + +## 历史 + +* 最初发布于 2024-05-16 05:00:00 (UTC) diff --git a/zh_cn/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md b/zh_cn/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md new file mode 100644 index 0000000000..0d2a4d1480 --- /dev/null +++ b/zh_cn/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md @@ -0,0 +1,125 @@ +--- +layout: news_post +title: "Ruby 3.4.0 preview1 已发布" +author: "naruse" +translator: "GAO Jun" +date: 2024-05-16 00:00:00 +0000 +lang: zh_cn +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-preview1" | first %} +我们很高兴地宣布 {{ release.version }} 发布。 + +## 语言变化 + +* 在没有 `frozen_string_literal` 注释的文件中的字符串将表现为已被冻结。 + 如果它们被修改,将发出弃用警告。 + 这些警告可以使用 `-W:deprecated` 或者通过设置 `Warning[:deprecated] = true` 来启用。 + 如要禁用此变化,您可以使用 `--disable-frozen-string-literal` 命令行参数运行 Ruby。 [[Feature #20205]] + +* 增加了 `it` 来引用块参数。 [[Feature #18980]] + +* 现在支持在调用方法时使用 `nil` 作为关键字展开。 + `**nil` 类似于 `**{}`,不传递关键字,也不调用任何转换方法。 [[Bug #20064]] + +* 索引不再接受块传递。 [[Bug #19918]] + +* 索引不再接受关键字参数。 [[Bug #20218]] + +## 核心类更新 + +注意:我们只列出了重要的类更新。 + +* Exception + + * Exception#set_backtrace 现在接受 `Thread::Backtrace::Location` 数组。 + `Kernel#raise`,`Thread#raise` 和 `Fiber#raise` 也接受这个新格式。 [[Feature #13557]] + +* Range + + * Range#size 在 range 不可枚举时,将抛出 TypeError。 [[Misc #18984]] + +## 兼容性问题 + +注意:不包括问题补丁。 + +* 修改了错误信息和错误栈的显示。 + * 使用单引号(`'`)代替反勾号(`` ` ``)作为错误消息的起始引号。 [[Feature #16495]] + * 在方法名前显示类名(仅当类具有永久名称时)。 [[Feature #19117]] + * `Kernel#caller`,`Thread::Backtrace::Location` 等的方法等也相应更改。 + + ``` + 此前: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + 现在: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +## C API 更新 + +* 移除 `rb_newobj` 和 `rb_newobj_of` (以及相关的宏 `RB_NEWOBJ`,`RB_NEWOBJ_OF`,`NEWOBJ`,`NEWOBJ_OF`)。 [[Feature #20265]] +* 移除废除的函数 `rb_gc_force_recycle`。 [[Feature #18290]] + +## 实现改进 + +* `Array#each` 用 Ruby 重写,以提供更好的性能 [[Feature #20182]]。 + +## 其他变化 + +* 如果传递了一个块给不使用块的方法时,在详细模式(`-w`)中将显示警告。 [[Feature #15554]] + +* Ruby 对一些核心方法通过解释器和 JIT 进行了优化,诸如 `String.freeze`,`Integer#+`。 + 当这些方法被重定义时,解释器将发出性能警告(`-W:performance` 或 `Warning[:performance] = true`)。 [[Feature #20429]] + +有关默认 gems 和 绑定 gems 的细节,可以参考 GitHub 上的发布,例如 [logger gem](https://github.com/ruby/logger/releases) 或相应的变更日志。 + +更多详情,可参见 [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +或 [提交日志](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }})。 + +自 Ruby 3.3.0 以来,这些变化共导致 [{{ release.stats.files_changed }} 个文件被更改,新增 {{ release.stats.insertions }} 行(+),删除 {{ release.stats.deletions }} 行(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket)! + +## 下载 + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby 是什么 + +Ruby 最初由 Matz (松本行弘,Yukihiro Matsumoto) 于 1993 年开发,现在以开源软件的形式开发。它可以在多个平台上运行,并在全球得到广泛使用,尤其是 Web 开发领域。 + + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 diff --git a/zh_cn/news/_posts/2024-05-29-ruby-3-1-6-released.md b/zh_cn/news/_posts/2024-05-29-ruby-3-1-6-released.md new file mode 100644 index 0000000000..b42e30a883 --- /dev/null +++ b/zh_cn/news/_posts/2024-05-29-ruby-3-1-6-released.md @@ -0,0 +1,51 @@ +--- +layout: news_post +title: "Ruby 3.1.6 已发布" +author: "hsbt" +translator: "GAO Jun" +date: 2024-05-29 9:00:00 +0000 +lang: zh_cn +--- + +Ruby 3.1.6 已发布。 + +Ruby 3.1 目前处于安全维护状态。一般来说,在此期间我们只会修正安全问题。但在 Ruby 3.1.5 发布后,我们发现了一些编译失败的问题。 +因此,我们决定发布 Ruby 3.1.6 来修正这些问题。 + +您可以点击下面的链接来了解详情。 + +* [Bug #20151: Can't build Ruby 3.1 on FreeBSD 14.0](https://bugs.ruby-lang.org/issues/20151) +* [Bug #20451: Bad Ruby 3.1.5 backport causes fiddle to fail to build](https://bugs.ruby-lang.org/issues/20451) +* [Bug #20431: Ruby 3.3.0 build fail with make: *** \[io_buffer.o\] Error 1](https://bugs.ruby-lang.org/issues/20431) + +您可以通过 [发布说明](https://github.com/ruby/ruby/releases/tag/v3_1_6) 获取进一步信息。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.1.6" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2024-05-30-datadog-oss-program.md b/zh_cn/news/_posts/2024-05-30-datadog-oss-program.md new file mode 100644 index 0000000000..d18dacfd66 --- /dev/null +++ b/zh_cn/news/_posts/2024-05-30-datadog-oss-program.md @@ -0,0 +1,28 @@ +--- +layout: news_post +title: "Datadog 为 ruby-lang.org 提供开源软件社区支持" +author: "hsbt" +translator: "GAO Jun" +date: 2024-05-30 00:00:00 +0000 +lang: zh_cn +--- + +我们很激动地宣布 Ruby 官方站点,ruby-lang.org,采用了 Datadog 的 [Datadog 开源软件社区支持](https://opensource.datadoghq.com/projects/oss-program/) 来进行运维监控。 + +这使我们能够有效地实时监控 Ruby 用户站点的性能和可用性。使用 Datadog 的好处包括以下几点: + +## CDN 可见性 + +由 Fastly 提供的 cache.ruby-lang.org 是 Ruby 生态系统中的重要一环。Datadog 能监控 CDN 的性能,跟踪缓存覆盖率和错误率,提升用户体验。 + +## 统一的数据可视化 + +ruby-lang.org 提供了多种 Web 服务。Datadog 能够在同一仪表板中可视化地呈现日志分析数据以及应用程序性能监控 (APM) 数据。 + +## JIT 跟踪可见性 + +通过 Datadog 的跟踪功能,我们可以在请求通过 Web 服务器和数据库时进行捕获并跟踪。这有助于识别瓶颈和有问题的请求。 + +我们发布了关键指标的 [公共仪表板](https://p.ap1.datadoghq.com/sb/1271b83e-af90-11ee-9072-da7ad0900009-01633a8fa8c0b0c0051f1889afdf55dc)。随着我们持续改进监控,尤其是 YJIT 性能,我们将相应地更新仪表板。 + +我们希望采用 Datadog 能有助于提高 Ruby 社区的站点性能。请继续使用 ruby-lang.org 来享受更好的用户体验。 diff --git a/zh_cn/news/_posts/2024-05-30-ruby-3-3-2-released.md b/zh_cn/news/_posts/2024-05-30-ruby-3-3-2-released.md new file mode 100644 index 0000000000..fec434fd75 --- /dev/null +++ b/zh_cn/news/_posts/2024-05-30-ruby-3-3-2-released.md @@ -0,0 +1,43 @@ +--- +layout: news_post +title: "Ruby 3.3.2 已发布" +author: "k0kubun" +translator: "GAO Jun" +date: 2024-05-30 03:50:00 +0000 +lang: zh_cn +--- + +Ruby 3.3.2 已发布. + +此版本包含了很多问题修正补丁。 +您可以通过 [发布说明](https://github.com/ruby/ruby/releases/tag/v3_3_2) 获取进一步信息。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.3.2" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2024-06-12-ruby-3-3-3-released.md b/zh_cn/news/_posts/2024-06-12-ruby-3-3-3-released.md new file mode 100644 index 0000000000..8f79ba677f --- /dev/null +++ b/zh_cn/news/_posts/2024-06-12-ruby-3-3-3-released.md @@ -0,0 +1,53 @@ +--- +layout: news_post +title: "Ruby 3.3.3 已发布" +author: "k0kubun" +translator: "GAO Jun" +date: 2024-06-12 00:30:00 +0000 +lang: zh_cn +--- + +Ruby 3.3.3 已发布。 + +此版本包括: + +* RubyGems 3.5.11 +* Bundler 2.5.11 +* REXML 3.2.8 +* strscan 3.0.9 +* `--dump=prism_parsetree` 被替换为 `--parser=prism --dump=parsetree` +* 无效的编码将抛出 `SyntaxError`,取代原来的 `EncodingError` +* 修正 Ripper 解析中的内存溢出 +* YJIT 的问题修正,`**{}`,`Ripper.tokenize`,`RubyVM::InstructionSequence#to_binary`,`--with-gmp`,以及一些编译环境 + +您可以通过 [发布说明](https://github.com/ruby/ruby/releases/tag/v3_3_3) 获取进一步信息。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.3.3" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2024-07-09-ruby-3-3-4-released.md b/zh_cn/news/_posts/2024-07-09-ruby-3-3-4-released.md new file mode 100644 index 0000000000..cf23340324 --- /dev/null +++ b/zh_cn/news/_posts/2024-07-09-ruby-3-3-4-released.md @@ -0,0 +1,55 @@ +--- +layout: news_post +title: "Ruby 3.3.4 已发布" +author: "k0kubun" +translator: "GAO Jun" +date: 2024-07-09 00:30:00 +0000 +lang: zh_cn +--- + +Ruby 3.3.4 已发布。 + +此版本修复了 Ruby 3.3.3 中的一个回归问题,一些绑定 gem 的 gemspec 中缺失了依赖项,这些 gem 包括:`net-pop`,`net-ftp`,`net-imap` 和 `prime`。 +[[问题 #20581]](https://bugs.ruby-lang.org/issues/20581)。 +这个修正可以让 Bundler 在 Heroku 之类的平台上成功安装这些 gem。 +如果您能够正常运行 `bundle install` ,说明您可能不受此问题影响。 + +其他的变化大多是一些较小的问题修正。 +您可以通过 [发布说明](https://github.com/ruby/ruby/releases/tag/v3_3_4) 获取进一步信息。 + +## 发布时间表 + +从今以后,我们打算在 `.1` 版本发布后,每 2 个月发布一次最新的 Ruby 稳定版本(目前是 Ruby 3.3)。 +对于 Ruby 3.3,计划在9月3日发布 3.3.5,在11月7日发布 3.3.6,在1月7日发布 3.3.7。 + +如果有影响大量用户的变更,例如此次发布对 Heroku 上的 Ruby 3.3.3 用户的情况,我们可能会提前发布新版本。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.3.4" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md b/zh_cn/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md new file mode 100644 index 0000000000..6562dc0395 --- /dev/null +++ b/zh_cn/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2024-39908 : REXML 中的 DoS 漏洞" +author: "watson1978" +translator: "GAO Jun" +date: 2024-07-16 03:00:00 +0000 +tags: security +lang: zh_cn +--- + +REXML gem 中存在一个 DoS 漏洞。此漏洞的 CVE 编号为 [CVE-2024-39908](https://www.cve.org/CVERecord?id=CVE-2024-39908)。我们强烈建议您更新 REXML gem。 + +## 详情 + +当 XML 文档中包含很多 `<`,`0`,`%>` 之类的特殊字符时,REXML gem 在解析时可能会花费很长时间。 + +请更新 REXML gem 至 3.3.2 或后续版本。 + +## 受影响版本 + +* REXML gem 3.3.1 或更低版本 + +## 致谢 + +感谢 [mprogrammer](https://hackerone.com/mprogrammer) 发现此问题。 + +## 历史 + +* 最初发布于 2024-07-16 03:00:00 (UTC) diff --git a/zh_cn/news/_posts/2024-07-26-ruby-3-2-5-released.md b/zh_cn/news/_posts/2024-07-26-ruby-3-2-5-released.md new file mode 100644 index 0000000000..1ad8aa6532 --- /dev/null +++ b/zh_cn/news/_posts/2024-07-26-ruby-3-2-5-released.md @@ -0,0 +1,47 @@ +--- +layout: news_post +title: "Ruby 3.2.5 已发布" +author: "nagachika" +translator: "GAO Jun" +date: 2024-07-26 10:00:00 +0000 +lang: zh_cn +--- + +Ruby 3.2.5 已发布。 + +此版本包含很多修正补丁。 +并更新了绑定 gem `rexml` 的版本,以包含下面的安全更新。 + +[CVE-2024-39908 : REXML 中的 DoS 漏洞]({%link zh_cn/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md %}). + +您可以通过 [发布说明](https://github.com/ruby/ruby/releases/tag/v3_2_5) 获取进一步信息。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.2.5" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md b/zh_cn/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md new file mode 100644 index 0000000000..0d4dfa9dbf --- /dev/null +++ b/zh_cn/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2024-41123: REXML 中的 DoS 漏洞" +author: "kou" +translator: "GAO Jun" +date: 2024-08-01 03:00:00 +0000 +tags: security +lang: zh_cn +--- + +REXML gem 中存在多个 DoS 漏洞。此漏洞的 CVE 编号为 [CVE-2024-41123](https://www.cve.org/CVERecord?id=CVE-2024-41123)。我们强烈建议您更新 REXML gem。 + +## 详情 + +当要处理的 XML 文档中存在很多特定字符时(如空格、`>]` 和 `]>`),REXML gem 可能会花费很长时间。 + +请更新 REXML gem 至 3.3.3 或更高版本。 + +## 受影响版本 + +* REXML gem 3.3.2 或更低版本 + +## 致谢 + +感谢 [mprogrammer](https://hackerone.com/mprogrammer) 和 [scyoon](https://hackerone.com/scyoon) 发现此问题 + +## 历史 + +* 最初发布于 2024-08-01 03:00:00 (UTC) diff --git a/zh_cn/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md b/zh_cn/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md new file mode 100644 index 0000000000..7ea4c504e5 --- /dev/null +++ b/zh_cn/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md @@ -0,0 +1,29 @@ +--- +layout: news_post +title: "CVE-2024-41946: REXML 中的 DoS 漏洞" +author: "kou" +translator: "GAO Jun" +date: 2024-08-01 03:00:00 +0000 +tags: security +lang: zh_cn +--- + +REXML gem 中存在 DoS 漏洞。此漏洞的 CVE 编号为 [CVE-2024-41946](https://www.cve.org/CVERecord?id=CVE-2024-41946)。我们强烈建议您更新 REXML gem。 + +## 详情 + +当使用 SAX2 或 拉取解析器 API 解析具有许多实体扩展的 XML 时,REXML gem 可能需要很长时间。 + +请更新 REXML gem 至 3.3.3 或更高版本。 + +## 受影响版本 + +* REXML gem 3.3.2 或更低版本 + +## 致谢 + +感谢 [NAITOH Jun](https://github.com/naitoh) 发现此问题。 + +## 历史 + +* 最初发布于 2024-08-01 03:00:00 (UTC) diff --git a/zh_cn/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md b/zh_cn/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md new file mode 100644 index 0000000000..6123f6fda2 --- /dev/null +++ b/zh_cn/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md @@ -0,0 +1,31 @@ +--- +layout: news_post +title: "CVE-2024-43398: REXML 中的 DoS 漏洞" +author: "kou" +translator: "GAO Jun" +date: 2024-08-22 03:00:00 +0000 +tags: security +lang: zh_cn +--- + +REXML gem 中存在 DoS 漏洞。此漏洞的 CVE 编号为 [CVE-2024-43398](https://www.cve.org/CVERecord?id=CVE-2024-43398)。我们强烈建议您更新 REXML gem。 + +## 详情 + +问题触发场景:当解析的 XML 中存在很多深层元素,且这些元素有同名本地属性时。 + +此问题仅影响树解析 API。如果您使用 `REXML::Document.new` 来解析 XML,就有可能受到影响。 + +请更新 REXML gem 至 3.3.6 或更高版本。 + +## 受影响版本 + +* REXML gem 3.3.5 或更低版本 + +## 致谢 + +感谢 [l33thaxor](https://hackerone.com/l33thaxor) 发现此问题。 + +## 历史 + +* 最初发布于 2024-08-22 03:00:00 (UTC) diff --git a/zh_cn/news/_posts/2024-09-03-3-3-5-released.md b/zh_cn/news/_posts/2024-09-03-3-3-5-released.md new file mode 100644 index 0000000000..f013b30446 --- /dev/null +++ b/zh_cn/news/_posts/2024-09-03-3-3-5-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.3.5 已发布" +author: k0kubun +translator: "GAO Jun" +date: 2024-09-03 06:40:00 +0000 +lang: zh_cn +--- + +Ruby 3.3.5 已发布。 + +这是包含了一些小补丁的计划更新。 +我们建议您在方便的时候尽早更新您的 Ruby 版本。 +更多信息,可以参考 [GitHub 发布说明](https://github.com/ruby/ruby/releases/tag/v3_3_5). + +## 发布计划 + +正如此前的 [公告](https://www.ruby-lang.org/zh_cn/news/2024/07/09/ruby-3-3-4-released/),我们打算在 `.1` 版本发布后,每 2 个月发布一次最新的 Ruby 稳定版本(目前是 Ruby 3.3)。 + +我们期望在11月5日发布 Ruby 3.3.6,在1月7日发布 3.3.7。如果有影响大量用户的变更,我们可能会提前发布新版本。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.3.5" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md b/zh_cn/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md new file mode 100644 index 0000000000..7c47b47d56 --- /dev/null +++ b/zh_cn/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md @@ -0,0 +1,134 @@ +--- +layout: news_post +title: "Ruby 3.4.0 preview2 已发布" +author: "naruse" +translator: "GAO Jun" +date: 2024-10-07 00:00:00 +0000 +lang: zh_cn +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-preview2" | first %} +我们很高兴地宣布 Ruby {{ release.version }} 发布。 + +## Prism + +默认解析器由 parse.y 切换到 Prism。 [[Feature #20564]] + +## 语言变化 + +* 在没有 `frozen_string_literal` 注释的文件中,当字符串字面量被修改时会发出警告。 + 这些警告可以使用 `-W:deprecated` 或者通过设置 `Warning[:deprecated] = true` 来启用。 + 如要禁用此变化,您可以在运行 Ruby 时,使用 `--disable-frozen-string-literal` 命令行参数。 [[Feature #20205]] + +* 增加了 `it` 来引用块参数。 [[Feature #18980]] + +* 支持在调用方法时使用 `nil` 作为关键字展开参数。 + `**nil` 类似于 `**{}`,不传递关键字参数,也不调用任何转换方法。 [[Bug #20064]] + +* 索引不再接受块传递。 [[Bug #19918]] + +* 索引不再接受关键字参数。 [[Bug #20218]] + +## 核心类更新 + +注意:我们只列出了重要的类更新。 + +* Exception + + * Exception#set_backtrace 现在接受 `Thread::Backtrace::Location` 数组。 + `Kernel#raise`,`Thread#raise` 和 `Fiber#raise` 也接受这个新格式。 [[Feature #13557]] + +* Range + + * 当 range 不可枚举时,Range#size 将抛出 TypeError。 [[Misc #18984]] + + + +## 兼容性问题 + +注意:不包括问题补丁。 + +* 修改了错误信息和错误栈的显示。 + * 使用单引号(`'`)代替反勾号(`` ` ``)作为错误消息的起始引号。 [[Feature #16495]] + * 在方法名前显示类名(仅当类具有永久名称时)。 [[Feature #19117]] + * `Kernel#caller`,`Thread::Backtrace::Location` 等的方法也进行了相应更改。 + + ``` + 此前: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + 现在: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in `
' + ``` + +* `Hash#inspect` 显示格式发生变化 [[Bug #20433]] + * 使用现代的表达语法来显示符号类型键值的情况: `"{user: 1}"` + * 其他类型的键值在显示时,在 `=>` 前后增加空格: `'{"user" => 1}'`,此前的显示为: `'{"user"=>1}'` + +## C API 更新 + +* 移除 `rb_newobj` 和 `rb_newobj_of` (以及相关的宏 `RB_NEWOBJ`,`RB_NEWOBJ_OF`,`NEWOBJ`,`NEWOBJ_OF`)。 [[Feature #20265]] +* 移除废除的函数 `rb_gc_force_recycle`。 [[Feature #18290]] + +## 实现改进 + +* `Array#each` 用 Ruby 重写,以提供更好的性能 [[Feature #20182]]。 + +## 其他变化 + +* 如果传递了一个块给不使用块的方法时,在详细模式(`-w`)中将显示警告。 [[Feature #15554]] + +* Ruby 对一些核心方法通过解释器和 JIT 进行了优化,诸如 `String.freeze`,`Integer#+`。 + 当这些方法被重定义时,解释器将发出性能警告(`-W:performance` 或 `Warning[:performance] = true`)。 [[Feature #20429]] + +有关默认 gems 和 绑定 gems 的细节,可以参考 GitHub 上的发布,例如 [logger gem](https://github.com/ruby/logger/releases) 或相应的变更日志。 +或 [提交日志](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }})。 + +自 Ruby 3.3.0 以来,这些变化共导致 [{{ release.stats.files_changed }} 个文件被更改,新增 {{ release.stats.insertions }} 行(+),删除 {{ release.stats.deletions }} 行(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket)! + + +## 下载 + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby 是什么 + +Ruby 最初由 Matz (松本行弘,Yukihiro Matsumoto) 于 1993 年开发,现在以开源软件的形式开发。它可以在多个平台上运行,并在全球得到广泛使用,尤其是 Web 开发领域。 + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Bug #20433]: https://bugs.ruby-lang.org/issues/20433 diff --git a/zh_cn/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md b/zh_cn/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md new file mode 100644 index 0000000000..915fe538a1 --- /dev/null +++ b/zh_cn/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md @@ -0,0 +1,31 @@ +--- +layout: news_post +title: "CVE-2024-49761: REXML 中的 ReDoS 漏洞" +author: "kou" +translator: "GAO Jun" +date: 2024-10-28 03:00:00 +0000 +tags: security +lang: zh_cn +--- + +在 REXML gem 中存在 ReDoS 漏洞。此漏洞的 CVE 编号为 [CVE-2024-49761](https://www.cve.org/CVERecord?id=CVE-2024-49761)。我们强烈建议您更新 REXML gem. + +此漏洞不影响 Ruby 3.2 及后续版本。Ruby 3.1 是唯一受影响的维护版本。请注意 Ruby 3.1 将在 2025-03 结束生命周期。 + +## 详情 + +触发场景:当解析 XML 时,如果在十六进制表达式 (`&#x...;`) 的 `&#` 和 `x` 中间存在大量数字时。 + +请更新 REXML gem 至 3.3.9 或更高版本。 + +## 受影响版本 + +* Ruby 3.1 且 REXML gem 是 3.3.8 或更低版本 + +## 致谢 + +感谢 [manun](https://hackerone.com/manun) 发现此问题。 + +## 历史 + +* 最初发布于 2024-10-28 03:00:00 (UTC) diff --git a/zh_cn/news/_posts/2024-10-30-ruby-3-2-6-released.md b/zh_cn/news/_posts/2024-10-30-ruby-3-2-6-released.md new file mode 100644 index 0000000000..ee7c65e675 --- /dev/null +++ b/zh_cn/news/_posts/2024-10-30-ruby-3-2-6-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 3.2.6 已发布" +author: nagachika +translator: "GAO Jun" +date: 2024-10-30 10:00:00 +0000 +lang: zh_cn +--- + +Ruby 3.2.6 已发布。 + +您可以通过 [GitHub 发布页](https://github.com/ruby/ruby/releases/tag/v3_2_6) 了解详情。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.2.6" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2024-11-05-ruby-3-3-6-released.md b/zh_cn/news/_posts/2024-11-05-ruby-3-3-6-released.md new file mode 100644 index 0000000000..7f3cee118e --- /dev/null +++ b/zh_cn/news/_posts/2024-11-05-ruby-3-3-6-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.3.6 已发布" +author: k0kubun +translator: "GAO Jun" +date: 2024-11-05 04:25:00 +0000 +lang: zh_cn +--- + +Ruby 3.3.6 已发布。 + +这是包含了一些小补丁的计划更新。 +此版本同时停止了对 Ruby 3.5 中即将作为绑定 gems 的依赖警告。 +更多信息可以参考 [GitHub 发布说明](https://github.com/ruby/ruby/releases/tag/v3_3_6)。 + +## 发布计划 + +正如此前的 [公告](https://www.ruby-lang.org/zh_cn/news/2024/07/09/ruby-3-3-4-released/) 中所规划的,我们打算在 `.1` 版本发布后,每 2 个月发布一次最新的 Ruby 稳定版本(目前是 Ruby 3.3)。 + +我们预期在1月7日发布 Ruby 3.3.7。 如果有影响大量用户的变更,我们可能会提前发布新版本。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.3.6" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md b/zh_cn/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md new file mode 100644 index 0000000000..394e9be043 --- /dev/null +++ b/zh_cn/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md @@ -0,0 +1,173 @@ +--- +layout: news_post +title: "Ruby 3.4.0 rc1 已发布" +author: "naruse" +translator: "GAO Jun" +date: 2024-12-12 00:00:00 +0000 +lang: zh_cn +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-rc1" | first %} +我们很高兴地宣布 Ruby {{ release.version }} 发布。 + +## Prism + +默认解析器由 parse.y 切换到 Prism。 [[Feature #20564]] + +## 模块化垃圾收集器 + +* 通过模块化垃圾收集功能,可以动态加载具体的垃圾收集器(GC)实现。 + 若要启用此功能,可以在构建 Ruby 时,使用 `--with-modular-gc` 参数。 + 运行时可以通过环境变量 `RUBY_GC_LIBRARY` 加载 GC 库。 + [[Feature #20351]] + +* Ruby 内置的垃圾收集器已被拆分到单独的文件 `gc/default/default.c` 并通过 `gc/gc_impl.h` 中定义的 API 与 Ruby 进行交互。 + 现在,内置的垃圾收集器也可以作为库进行构建:通过 `make modular-gc MODULAR_GC=default` 进行构建, + 并通过环境变量 `RUBY_GC_LIBRARY=default` 启用。 [[Feature #20470]] + +* 提供了一个基于 [MMTk](https://www.mmtk.io/) 的实验性 GC 库。此库可以通过 `make modular-gc MODULAR_GC=mmtk` 进行构建, + 并通过环境变量 `RUBY_GC_LIBRARY=mmtk` 启用。构建的计算机需要 Rust 工具链。 [[Feature #20860]] + + +## 语言变化 + +* 在没有 `frozen_string_literal` 注释的文件中,当字符串字面量被修改时会发出警告。 + 这些警告可以使用 `-W:deprecated` 或者通过设置 `Warning[:deprecated] = true` 来启用。 + 如要禁用此变化,您可以在运行 Ruby 时,使用 `--disable-frozen-string-literal` 命令行参数。 [[Feature #20205]] + +* 增加了 `it` 来引用块参数。 [[Feature #18980]] + +* 支持在调用方法时使用 `nil` 作为关键字展开参数。 + `**nil` 类似于 `**{}`,不传递关键字参数,也不调用任何转换方法。 [[Bug #20064]] + +* 索引不再接受块传递。 [[Bug #19918]] + +* 索引不再接受关键字参数。 [[Bug #20218]] + +## YJIT + +摘要: +* 在 x86-64 和 arm64 平台上的大多数基准测试中,都获得了更好的性能表现 +* 减少了编译元数据的内存使用 +* 修复了多个错误。YJIT 现在更健壮了,并被更好地测试 + +新功能: +* 新增命令行选项 `--yjit-mem-size` (默认值为 128 MiB),用于设置统一的内存选项,并跟踪 YJIT 总的内存使用情况, + 这比旧的 `--yjit-exec-mem-size` 更直观 +* 通过 `RubyVM::YJIT.runtime_stats` 可以获取更多的统计信息 +* 通过 `--yjit-log` 可以跟踪编译日志 + * 通过 `RubyVM::YJIT.log` 可以在运行时获取日志尾部信息 +* 在多 reactor 模式下,支持共享常量 +* 通过 `--yjit-trace-exits=COUNTER` 可以跟踪退出计数 + +新优化: +* 通过压缩上下文减少了存储 YJIT 元数据所需的内存 +* 改进分配器功能,允许为局部变量分配寄存器 +* 当 YJIT 启用时,使用更多 Ruby 编写的核心原型类型: + * 使用 Ruby 重写 `Array#each`, `Array#select`, `Array#map` 以提升性能 [[Feature #20182]]. +* 能够内联小型方法,诸如: + * 空方法 + * 返回常量的方法 + * 返回 `self` 的方法 + * 直接返回某个参数的方法 +* 为更多运行时方法生成专用代码 +* 优化 `String#getbyte`, `String#setbyte` 等字符串方法 +* 优化位运算,加速低级 位/字节 操作 +* 各种其他增量优化 + +## 核心类更新 + +注意:我们只列出了重要的类更新。 + +* Exception + + * Exception#set_backtrace 现在接受 `Thread::Backtrace::Location` 数组。 + `Kernel#raise`,`Thread#raise` 和 `Fiber#raise` 也接受这个新格式。 [[Feature #13557]] + +* Range + + * 当 range 不可枚举时,Range#size 将抛出 TypeError。 [[Misc #18984]] + + +## 兼容性问题 + +注意:不包括问题补丁。 + +* 修改了错误信息和错误栈的显示。 + * 使用单引号(`'`)代替反勾号(`` ` ``)作为错误消息的起始引号。 [[Feature #16495]] + * 在方法名前显示类名(仅当类具有永久名称时)。 [[Feature #19117]] + * `Kernel#caller`,`Thread::Backtrace::Location` 等的方法也进行了相应更改。 + + ``` + 此前: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + 现在: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in `
' + ``` + +## C API 更新 + +* 移除 `rb_newobj` 和 `rb_newobj_of` (以及相关的宏 `RB_NEWOBJ`,`RB_NEWOBJ_OF`,`NEWOBJ`,`NEWOBJ_OF`)。 [[Feature #20265]] +* 移除废除的函数 `rb_gc_force_recycle`。 [[Feature #18290]] + +## 其他变化 + +* 如果传递了一个块给不使用块的方法时,在详细模式(`-w`)中将显示警告。 [[Feature #15554]] + +* Ruby 对一些核心方法通过解释器和 JIT 进行了优化,诸如 `String.freeze`,`Integer#+`。 + 当这些方法被重定义时,解释器将发出性能警告(`-W:performance` 或 `Warning[:performance] = true`)。 [[Feature #20429]] + +有关默认 gems 和 绑定 gems 的细节,可以参考 GitHub 上的发布,例如 [logger gem](https://github.com/ruby/logger/releases) 或相应的变更日志。 +或 [提交日志](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }})。 + +自 Ruby 3.3.0 以来,这些变化共导致 [{{ release.stats.files_changed }} 个文件被更改,新增 {{ release.stats.insertions }} 行(+),删除 {{ release.stats.deletions }} 行(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket)! + + +## 下载 + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby 是什么 + +Ruby 最初由 Matz (松本行弘,Yukihiro Matsumoto) 于 1993 年开发,现在以开源软件的形式开发。它可以在多个平台上运行,并在全球得到广泛使用,尤其是 Web 开发领域。 + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20351]: https://bugs.ruby-lang.org/issues/20351 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20470]: https://bugs.ruby-lang.org/issues/20470 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Feature #20860]: https://bugs.ruby-lang.org/issues/20860 diff --git a/zh_cn/news/_posts/2024-12-25-ruby-3-4-0-released.md b/zh_cn/news/_posts/2024-12-25-ruby-3-4-0-released.md new file mode 100644 index 0000000000..5a9c123d34 --- /dev/null +++ b/zh_cn/news/_posts/2024-12-25-ruby-3-4-0-released.md @@ -0,0 +1,323 @@ +--- +layout: news_post +title: "Ruby 3.4.0 已发布" +author: "naruse" +translator: "GAO Jun" +date: 2024-12-25 00:00:00 +0000 +lang: zh_cn +--- + +{% assign release = site.data.releases | where: "version", "3.4.0" | first %} +我们很高兴地宣布 Ruby {{ release.version }} 发布。 +Ruby 3.4 增加了块参数引用变量 `it`,使用 Prism 作为默认解析器,为 socket 库提供了 Happy Eyeballs Version 2 支持, +改进了 YJIT,添加了模块化垃圾回收功能,及其他改进。 + +## 块中的 `it` 引用 + +当没有定义块参数名时,可以使用 `it` 引用块参数. [[Feature #18980]] + +```ruby +ary = ["foo", "bar", "baz"] + +p ary.map { it.upcase } #=> ["FOO", "BAR", "BAZ"] +``` + +`it` 与 `_1` 的功能类似。在块中使用 `_1` 时,读者可能会以为其他编号参数(`_2` 等)也会出现,这会给读者带来额外的阅读负担。 +因此,我们引入 `it` 作为一个便捷的别名。在简单的情况下(例如单行块),使用 `it` 可以显著提升可读性。 + +## Prism 现在是默认解析器 + +默认解析器从 parse.y 切换到 Prism。 [[Feature #20564]] + +这是一项内部改进,用户应该不会注意到任何变化。如果您发现了任何兼容性问题,请报告给我们。 + +如果需要使用原来的解析器,可以使用命令行参数 `--parser=parse.y`。 + +## socket 库现在支持 Happy Eyeballs Version 2 (RFC 8305) + +socket 库现在支持 [Happy Eyeballs Version 2 (RFC 8305)](https://datatracker.ietf.org/doc/html/rfc8305),许多编程语言都提供这个最新版本的支持来优化网络连接。 +socket 库在 `TCPSocket.new` (`TCPSocket.open`) 和 `Socket.tcp` 中添加了支持。 +此项改进使得 Ruby 能够提供更高效可靠的网络连接,更适应现代互联网环境。 + +直至 Ruby 3.3,上述的方法会依次执行域名解析和尝试连接。通过现在的算法,将按下面的方式执行: + +1. 并行执行 IPv6 和 IPv4 域名解析 +2. 尝试连接解析到的 IP 地址(IPv6 优先),以 250ms 的间隔进行并行尝试 +3. 返回第一个成功的连接,并取消其他连接 + +这样就保证了最小化网络延迟,即使特定的 IP 协议地址延迟或不可用。 +此功能默认启用,不需要额外的配置。如果要全局禁用此功能,可以设置环境变量 `RUBY_TCP_NO_FAST_FALLBACK=1` +或者调用 `Socket.tcp_fast_fallback=false`。如果要在特定连接中禁用此功能,可以使用关键字参数 `fast_fallback: false`。 + +## YJIT + +### 摘要 + +* 在 x86-64 和 arm64 平台上的大多数基准测试中,都获得了更好的性能表现。 +* 减少了编译元数据的内存使用并提供了统一的内存限制。 +* 修复了多个错误。YJIT 现在更健壮了,并被更好地测试。 + +### 新功能 + +* 命令行参数 + * `--yjit-mem-size` (默认值为 128 MiB),用于设置统一的内存限制选项,并跟踪 YJIT 总的内存使用情况, + 这比旧的 `--yjit-exec-mem-size` 更直观。 + * `--yjit-log` 可以启用编译日志来跟踪被编译的内容。 +* Ruby API + * `RubyVM::YJIT.log` 可以在运行时获取编译日志的尾部信息。 +* YJIT 统计信息 + * `RubyVM::YJIT.runtime_stats` 现在总是能在无效化、内联和元数据编码时提供额外的统计信息。 + +### 新优化 + +* 通过压缩上下文减少了存储 YJIT 元数据所需的内存 +* 为局部变量和方法参数分配寄存器 +* 当 YJIT 启用时,使用更多 Ruby 编写的核心原型类型: + * 使用 Ruby 重写 `Array#each`, `Array#select`, `Array#map` 以提升性能 [[Feature #20182]]。 +* 能够内联小型方法,诸如: + * 空方法 + * 返回常量的方法 + * 返回 `self` 的方法 + * 直接返回某个参数的方法 +* 为更多运行时方法生成专用代码 +* 优化 `String#getbyte`, `String#setbyte` 等字符串方法 +* 优化位运算,加速低级 位/字节 操作 +* 在 multi-ractor 模式中,支持共享常量 +* 各种其他增量优化 + +## 模块化垃圾收集器 + +* 通过模块化垃圾收集功能,可以动态加载具体的垃圾收集器(GC)实现。 + 若要启用此功能,可以在构建 Ruby 时,使用 `--with-modular-gc` 参数。 + 运行时可以通过环境变量 `RUBY_GC_LIBRARY` 加载 GC 库。 + [[Feature #20351]] + +* Ruby 内置的垃圾收集器已被拆分到单独的文件 `gc/default/default.c` 并通过 `gc/gc_impl.h` 中定义的 API 与 Ruby 进行交互。 + 现在,内置的垃圾收集器也可以作为库进行构建:通过 `make modular-gc MODULAR_GC=default` 进行构建, + 并通过环境变量 `RUBY_GC_LIBRARY=default` 启用。 [[Feature #20470]] + +* 提供了一个基于 [MMTk](https://www.mmtk.io/) 的实验性 GC 库。此库可以通过 `make modular-gc MODULAR_GC=mmtk` 进行构建, + 并通过环境变量 `RUBY_GC_LIBRARY=mmtk` 启用。构建的计算机需要 Rust 工具链。 [[Feature #20860]] + +## 语言变化 + +* 在没有 `frozen_string_literal` 注释的文件中,当字符串字面量被修改时会发出警告。 + 这些警告可以使用 `-W:deprecated` 或者通过设置 `Warning[:deprecated] = true` 来启用。 + 如要禁用此变化,您可以在运行 Ruby 时,使用 `--disable-frozen-string-literal` 命令行参数。 [[Feature #20205]] + +* 支持在调用方法时使用 `nil` 作为关键字展开参数。 + `**nil` 类似于 `**{}`,不传递关键字参数,也不调用任何转换方法。 [[Bug #20064]] + +* 索引不再接受块传递。 [[Bug #19918]] + +* 索引不再接受关键字参数。 [[Bug #20218]] + +* 顶级名 `::Ruby` 现在是保留的,当启用 `Warning[:deprecated]` 时,如果对其进行定义将会被警告。 [[Feature #20884]] + +## 核心类更新 + +注意:我们仅列出了核心类中值得注意的更新。 + +* Exception + + * `Exception#set_backtrace` 现在接受 `Thread::Backtrace::Location` 数组。 + `Kernel#raise`,`Thread#raise` 和 `Fiber#raise` 也接受这个新格式。 [[Feature #13557]] + +* GC + + * 新增 `GC.config`,可以为垃圾收集器设置配置变量。 [[Feature #20443]] + + * 新增 GC 配置参数 `rgengc_allow_full_mark` 。如果值为 `false`,GC 仅标记年轻对象。默认值为 `true`。 [[Feature #20443]] + +* Ractor + + * 允许在 Ractor 中使用 `require`。引入过程将在主 Ractor 中执行。 + 可以通过 `Ractor._require(feature)` 在主 Ractor 中执行引入过程。 [[Feature #20627]] + + * 新增 `Ractor.main?`。 [[Feature #20627]] + + * 新增 `Ractor.[]` 和 `Ractor.[]=` 来访问当前 Ractor 关联存储的内容。 [[Feature #20715]] + + * 新增 `Ractor.store_if_absent(key){ init }`,可以在进程安全的环境下初始化 ractor 关联的本地变量。 [[Feature #20875]] + +* Range + + * 当 range 不可枚举时,`Range#size` 将抛出 `TypeError`。 [[Misc #18984]] + + +## 标准库更新 + +注意:我们仅列出了标准库中值得注意的更新。 + +* RubyGems + * gem push 增加 `--attestation` 参数。此参数允许保存签名到 [sigstore.dev] + +* Bundler + * 新增 `lockfile_checksums` 参数,将校验和包含到新的 lockfiles 中 + * 新增 `--add-checksums` 向既有 lockfile 中增加校验和 + +* JSON + + * 性能改进,`JSON.parse` 现在比 json-2.7.x 快约 1.5 倍。 + +* Tempfile + + * `Tempfile.create` 新增关键字参数 `anonymous: true`。 + `Tempfile.create(anonymous: true)` 会立即移除创建的临时文件。应用程序无需显式地移除临时文件。 + [[Feature #20497]] + +* win32/sspi.rb + + * 此库现在从 Ruby 代码仓库抽取到独立的代码仓库 [ruby/net-http-sspi]。[[Feature #20775]] + +## 兼容性问题 + +注意:不包括问题补丁。 + +* 修改了错误信息和错误栈的显示。 + * 使用单引号(`'`)代替反勾号(`` ` ``)作为错误消息的起始引号。 [[Feature #16495]] + * 在方法名前显示类名(仅当类具有永久名称时)。 [[Feature #19117]] + * `Kernel#caller`,`Thread::Backtrace::Location` 等处也进行了相应更改。 + + ``` + 此前: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + 现在: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in `
' + ``` + +* Hash#inspect 的展示形式发生变化。 [[Bug #20433]] + + * 键是 Symbol 时,使用现代的语法形式: `"{user: 1}"` + * 其他类型的键值对在显示时,在 `=>` 前后加入空格:`'{"user" => 1}'`,此前显示时没有空格: `'{"user"=>1}'` + +* Kernel#Float() 现在接受省略小数部分的数字字符串。 [[Feature #20705]] + + ```rb + Float("1.") #=> 1.0 (此前会导致 ArgumentError) + Float("1.E-1") #=> 0.1 (此前会导致 ArgumentError) + ``` + +* String#to_f 现在接受省略小数部分的数字字符串。注意,当指定指数时,返回结果与此前不同。 [[Feature #20705]] + + ```rb + "1.".to_f #=> 1.0 + "1.E-1".to_f #=> 0.1 (此前会返回 1.0) + ``` + +* 移除 `Refinement#refined_class`。 [[Feature #19714]] + +## 标准库兼容性问题 + +* DidYouMean + + * 移除 `DidYouMean::SPELL_CHECKERS[]=` 和 `DidYouMean::SPELL_CHECKERS.merge!`。 + +* Net::HTTP + + * 移除下列已废弃常量: + * `Net::HTTP::ProxyMod` + * `Net::NetPrivate::HTTPRequest` + * `Net::HTTPInformationCode` + * `Net::HTTPSuccessCode` + * `Net::HTTPRedirectionCode` + * `Net::HTTPRetriableCode` + * `Net::HTTPClientErrorCode` + * `Net::HTTPFatalErrorCode` + * `Net::HTTPServerErrorCode` + * `Net::HTTPResponseReceiver` + * `Net::HTTPResponceReceiver` + + 这些变量从 2012 年起已废弃。 + +* Timeout + + * `Timeout.timeout` 的参数不允许负值。 [[Bug #20795]] + +* URI + + * 默认解析器从 RFC 2396 兼容切换到 RFC 3986 兼容。 [[Bug #19266]] + +## C API 更新 + +* 移除 `rb_newobj` 和 `rb_newobj_of` (以及相关的宏 `RB_NEWOBJ`,`RB_NEWOBJ_OF`,`NEWOBJ`,`NEWOBJ_OF`)。 [[Feature #20265]] +* 移除已废弃的函数 `rb_gc_force_recycle`。 [[Feature #18290]] + +## 其他变化 + +* 如果传递了一个块给不使用块的方法时,在详细模式(`-w`)中将显示警告。 [[Feature #15554]] + +* Ruby 对一些核心方法通过解释器和 JIT 进行了优化,诸如 `String.freeze`,`Integer#+`。 + 当这些方法被重定义时,解释器将发出性能警告(`-W:performance` 或 `Warning[:performance] = true`)。 [[Feature #20429]] + +更多详情,可参见 [NEWS](https://docs.ruby-lang.org/en/3.4/NEWS_md.html) +或 [提交日志](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }})。 + +自 Ruby 3.3.0 以来,这些变化共导致 [{{ release.stats.files_changed }} 个文件被更改,新增 {{ release.stats.insertions }} 行(+),删除 {{ release.stats.deletions }} 行(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket)! + +圣诞快乐,节日快乐,享受 Ruby 3.4 的编程乐趣! + +## 下载 + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby 是什么 + +Ruby 最初由 Matz (松本行弘,Yukihiro Matsumoto) 于 1993 年开发, +现在以开源软件的形式开发。它可以在多个平台上运行,并在全球得到广泛使用,尤其是 Web 开发领域。 + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19266]: https://bugs.ruby-lang.org/issues/19266 +[Feature #19714]: https://bugs.ruby-lang.org/issues/19714 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20351]: https://bugs.ruby-lang.org/issues/20351 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20443]: https://bugs.ruby-lang.org/issues/20443 +[Feature #20470]: https://bugs.ruby-lang.org/issues/20470 +[Feature #20497]: https://bugs.ruby-lang.org/issues/20497 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Bug #20620]: https://bugs.ruby-lang.org/issues/20620 +[Feature #20627]: https://bugs.ruby-lang.org/issues/20627 +[Feature #20705]: https://bugs.ruby-lang.org/issues/20705 +[Feature #20715]: https://bugs.ruby-lang.org/issues/20715 +[Feature #20775]: https://bugs.ruby-lang.org/issues/20775 +[Bug #20795]: https://bugs.ruby-lang.org/issues/20795 +[Bug #20433]: https://bugs.ruby-lang.org/issues/20433 +[Feature #20860]: https://bugs.ruby-lang.org/issues/20860 +[Feature #20875]: https://bugs.ruby-lang.org/issues/20875 +[Feature #20884]: https://bugs.ruby-lang.org/issues/20884 +[sigstore.dev]: https://www.sigstore.dev/ +[ruby/net-http-sspi]: https://github.com/ruby/net-http-sspi diff --git a/zh_cn/news/_posts/2024-12-25-ruby-3-4-1-released.md b/zh_cn/news/_posts/2024-12-25-ruby-3-4-1-released.md new file mode 100644 index 0000000000..ab82e2a565 --- /dev/null +++ b/zh_cn/news/_posts/2024-12-25-ruby-3-4-1-released.md @@ -0,0 +1,39 @@ +--- +layout: news_post +title: "Ruby 3.4.1 已发布" +author: "naruse" +translator: "GAO Jun" +date: 2024-12-25 00:00:00 +0000 +lang: zh_cn +--- + +Ruby 3.4.1 已发布。 + +此版本修正了版本的描述。 + +更多信息可以参考 [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_4_1)。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.4.1" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} diff --git a/zh_cn/news/_posts/2025-01-15-ruby-3-3-7-released.md b/zh_cn/news/_posts/2025-01-15-ruby-3-3-7-released.md new file mode 100644 index 0000000000..3ad19507df --- /dev/null +++ b/zh_cn/news/_posts/2025-01-15-ruby-3-3-7-released.md @@ -0,0 +1,43 @@ +--- +layout: news_post +title: "Ruby 3.3.7 已发布" +author: k0kubun +translator: "GAO Jun" +date: 2025-01-15 07:51:59 +0000 +lang: zh_cn +--- + +Ruby 3.3.7 已发布。 + +这是例行更新,修正了一些较小的程序问题。 +更多信息可以参考 [GitHub 发布说明](https://github.com/ruby/ruby/releases/tag/v3_3_7)。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.3.7" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2025-02-04-ruby-3-2-7-released.md b/zh_cn/news/_posts/2025-02-04-ruby-3-2-7-released.md new file mode 100644 index 0000000000..2ad8034460 --- /dev/null +++ b/zh_cn/news/_posts/2025-02-04-ruby-3-2-7-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 3.2.7 已发布" +author: nagachika +translator: "GAO Jun" +date: 2025-02-04 12:00:00 +0000 +lang: zh_cn +--- + +Ruby 3.2.7 已发布。 + +更多信息可以参考 [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_2_7)。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.2.7" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md b/zh_cn/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md new file mode 100644 index 0000000000..f07bf86f31 --- /dev/null +++ b/zh_cn/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md @@ -0,0 +1,30 @@ +--- +layout: news_post +title: "CVE-2025-25186: net-imap 中的 DoS 漏洞" +author: "nevans" +translator: "GAO Jun" +date: 2025-02-10 03:00:00 +0000 +tags: security +lang: zh_cn +--- + +在 net-imap gem 中存在一个可能造成 DoS 的漏洞。此漏洞的 CVE 编号为[CVE-2025-25186](https://www.cve.org/CVERecord?id=CVE-2025-25186)。 +我们建议您更新 net-imap gem。 + +## 详情 + +恶意服务器可以发送高度压缩的 uid-set 数据,这些数据会由客户端的接收线程自动读取。响应解析器会使用 Range#to_a 将 uid-set 数据转换为整数数组,但不会对 Range 实例展开后的大小进行任何限制。 + +请更新 net-imap gem 至 0.3.8,0.4.19,0.5.6,或更高版本。 + +## 受影响版本 + +* net-imap gem 版本 0.3.2 至 0.3.7, 0.4.0 至 0.4.18,以及 0.5.0 至 0.5.5。 + +## 致谢 + +感谢 [manun](https://hackerone.com/manun) 发现此问题。 + +## 历史 + +* 最初发布于 2025-02-10 03:00:00 (UTC) diff --git a/zh_cn/news/_posts/2025-02-14-ruby-3-4-2-released.md b/zh_cn/news/_posts/2025-02-14-ruby-3-4-2-released.md new file mode 100644 index 0000000000..19b2830ded --- /dev/null +++ b/zh_cn/news/_posts/2025-02-14-ruby-3-4-2-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.4.2 已发布" +author: k0kubun +translator: "GAO Jun" +date: 2025-02-14 21:55:17 +0000 +lang: zh_cn +--- + +Ruby 3.4.2 已发布。 + +此版本是包含了若干问题修正的定期更新版本。 +详细信息可参考 [GitHub 发布说明](https://github.com/ruby/ruby/releases/tag/v3_4_2) 。 + +## Release Schedule + +我们计划每2个月发布最新的 Ruby 版本(目前是 Ruby 3.4)。 +Ruby 3.4.3 将发布于四月,3.4.4 将发布于六月,3.4.5 将发布于八月,3.4.6 将发布于十月,3.4.7 将发布于十二月。 + +如果存在会影响到大量用户的更改,我们可能会提前发布一个版本。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.4.2" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2025-02-26-security-advisories.md b/zh_cn/news/_posts/2025-02-26-security-advisories.md new file mode 100644 index 0000000000..f9422f9da0 --- /dev/null +++ b/zh_cn/news/_posts/2025-02-26-security-advisories.md @@ -0,0 +1,71 @@ +--- +layout: news_post +title: "安全建议: CVE-2025-27219,CVE-2025-27220 和 CVE-2025-27221" +author: "hsbt" +translator: "GAO Jun" +date: 2025-02-26 07:00:00 +0000 +tags: security +lang: zh_cn +--- + +针对 CVE-2025-27219,CVE-2025-27220 和 CVE-2025-27221,我们发布下列安全建议。 + +## CVE-2025-27219: `CGI::Cookie.parse` 中的拒绝服务(Denial of Service,DoS)。 + +`cgi` gem 中存在 DoS 可能。此漏洞的 CVE 编号为 [CVE-2025-27219](https://www.cve.org/CVERecord?id=CVE-2025-27219)。我们建议您更新 `cgi` gem。 + +### 详情 + +在某些情况下,`CGI::Cookie.parse` 解析 cookie 字符串的时间超过线性增长。向该方法传入恶意构造的 cookie 字符串可能会导致拒绝服务(DoS)。 + +请更新 `cgi` gem 至 0.3.5.1,0.3.7,0.4.2 或更新版本。 + +### 受影响版本 + +* `cgi` gem 版本 <= 0.3.5,0.3.6,0.4.0 和 0.4.1。 + +### 致谢 + +感谢 [lio346](https://hackerone.com/lio346) 发现此漏洞。同样感谢 [mame](https://github.com/mame) 修补此漏洞。 + +## CVE-2025-27220: `CGI::Util#escapeElement` 中的正则表达式拒绝服务(Regular Expression Denail of Service, ReDoS)漏洞。 + +`cgi` gem 中存在 ReDoS 可能。此漏洞的 CVE 编号为 [CVE-2025-27220](https://www.cve.org/CVERecord?id=CVE-2025-27220)。我们建议您更新 `cgi` gem。 + +### 详情 + +`CGI::Util#escapeElement` 中使用的正则表达式可能受到 ReDoS 攻击。特定的输入可能会导致 CPU 高负载。 + +此漏洞仅影响 Ruby 3.1 和 3.2。如果您正在使用这些版本,请更新 `cgi` gem 至 0.3.5.1,0.3.7,0.4.2 或更新版本。 + +### 受影响版本 + +* `cgi` gem 版本 <= 0.3.5,0.3.6,0.4.0 和 0.4.1。 + +### 致谢 + +感谢 [svalkanov](https://hackerone.com/svalkanov) 发现此漏洞。同样感谢 [nobu](https://github.com/nobu) 修补此漏洞。 + + +## CVE-2025-27221: `URI#join`, `URI#merge` 和 `URI#+` 中的用户信息泄漏。 + +`uri` gem 可能会泄漏用户信息。此漏洞的 CVE 编号为 [CVE-2025-27221](https://www.cve.org/CVERecord?id=CVE-2025-27221)。我们建议您更新 `uri` gem。 + +### 详情 + +`URI#join`,`URI#merge` 和 `URI#+` 方法会保留用户信息,如 `user:password`。即使替换了主机也会保留。 +当基于用户隐私信息,使用了这些方法生成了一个指向恶意主机的 URL 后,如果有人访问了该 URL,可能会发生用户信息泄漏。 + +请更新 `uri` gem 至 0.11.3,0.12.4,0.13.2,1.0.3 或更新版本。 + +### 受影响版本 + +* `uri` gem 版本 < 0.11.3,0.12.0 至 0.12.3,0.13.0,0.13.1,1.0.0 至 1.0.2。 + +### 致谢 + +感谢 [Tsubasa Irisawa (lambdasawa)](https://hackerone.com/lambdasawa) 发现此漏洞。同样感谢 [nobu](https://github.com/nobu) 修补此漏洞。 + +## 历史 + +* 最初发布于 2025-02-26 7:00:00 (UTC) diff --git a/zh_cn/news/_posts/2025-03-26-ruby-3-1-7-released.md b/zh_cn/news/_posts/2025-03-26-ruby-3-1-7-released.md new file mode 100644 index 0000000000..869d7a996d --- /dev/null +++ b/zh_cn/news/_posts/2025-03-26-ruby-3-1-7-released.md @@ -0,0 +1,47 @@ +--- +layout: news_post +title: "Ruby 3.1.7 已发布" +author: hsbt +translator: "GAO Jun" +date: 2025-03-26 04:44:27 +0000 +lang: zh_cn +--- + +Ruby 3.1.7 已发布。此版本包括 [CVE-2025-27219,CVE-2025-27220 和 CVE-2025-27221 的补丁](https://www.ruby-lang.org/zh_cn/news/2025/02/26/security-advisories/) +并更新了绑定的 REXML 和 RSS gems. + +详细信息可参考 [GitHub 发布说明](https://github.com/ruby/ruby/releases/tag/v3_1_7)。 + +此版本是 Ruby 3.1 系列的最终版本。我们不会再发布 Ruby 3.1 系列的后续版本,包括安全补丁。 + +我们建议您更新到 Ruby 3.3 或 3.4 系列版本。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.1.7" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2025-03-26-ruby-3-2-8-released.md b/zh_cn/news/_posts/2025-03-26-ruby-3-2-8-released.md new file mode 100644 index 0000000000..bf40ff3f58 --- /dev/null +++ b/zh_cn/news/_posts/2025-03-26-ruby-3-2-8-released.md @@ -0,0 +1,46 @@ +--- +layout: news_post +title: "Ruby 3.2.8 已发布" +author: hsbt +translator: "GAO Jun" +date: 2025-03-26 04:45:01 +0000 +lang: zh_cn +--- + +Ruby 3.2.8已发布。此版本包括 [CVE-2025-27219,CVE-2025-27220 和 CVE-2025-27221 的补丁](https://www.ruby-lang.org/zh_cn/news/2025/02/26/security-advisories/)。 + +详细信息可参考 [GitHub 发布说明](https://github.com/ruby/ruby/releases/tag/v3_2_8)。 + +此版本是 Ruby 3.2 系列的最后普通维护版本。今后,直到 2026 年 3 月,我们仅会为 Ruby 3.2 系列提供安全补丁。 + +请考虑更新到 Ruby 3.3 或 3.4 系列版本。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.2.8" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2025-04-09-ruby-3-3-8-released.md b/zh_cn/news/_posts/2025-04-09-ruby-3-3-8-released.md new file mode 100644 index 0000000000..8be944d49f --- /dev/null +++ b/zh_cn/news/_posts/2025-04-09-ruby-3-3-8-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 3.3.8 已发布" +author: nagachika +translator: "GAO Jun" +date: 2025-04-09 11:00:00 +0000 +lang: zh_cn +--- + +Ruby 3.3.8 已发布。 + +更多信息可以参考 [GitHub 发布说明](https://github.com/ruby/ruby/releases/tag/v3_3_8)。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.3.8" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2025-04-14-ruby-3-4-3-released.md b/zh_cn/news/_posts/2025-04-14-ruby-3-4-3-released.md new file mode 100644 index 0000000000..9e51564afb --- /dev/null +++ b/zh_cn/news/_posts/2025-04-14-ruby-3-4-3-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.4.3 已发布" +author: k0kubun +translator: "GAO Jun" +date: 2025-04-14 08:06:57 +0000 +lang: zh_cn +--- + +Ruby 3.4.3 已发布。 + +此版本是包含了若干问题修正的定期更新版本。 +详细信息可参考 [GitHub 发布说明](https://github.com/ruby/ruby/releases/tag/v3_4_3)。 + +## 发布计划 + +我们计划每2个月发布最新的 Ruby 版本(目前是 Ruby 3.4)。 +Ruby 3.4.4 将发布于六月,3.4.5 将发布于八月,3.4.6 将发布于十月,3.4.7 将发布于十二月。 + +如果存在会影响到大量用户的更改,我们可能会提前发布新版本。 + +## 下载 + +{% assign release = site.data.releases | where: "version", "3.4.3" | first %} + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 发布说明 + +许多提交者、开发人员以及用户提供了问题报告,帮助我们完成了此版本。 +感谢他们的贡献。 diff --git a/zh_cn/news/_posts/2025-04-18-ruby-3-5-0-preview1-released.md b/zh_cn/news/_posts/2025-04-18-ruby-3-5-0-preview1-released.md new file mode 100644 index 0000000000..34a017c404 --- /dev/null +++ b/zh_cn/news/_posts/2025-04-18-ruby-3-5-0-preview1-released.md @@ -0,0 +1,106 @@ +--- +layout: news_post +title: "Ruby 3.5.0 preview1 已发布" +author: "naruse" +translator: "GAO Jun" +date: 2025-04-18 00:00:00 +0000 +lang: zh_cn +--- + +{% assign release = site.data.releases | where: "version", "3.5.0-preview1" | first %} +我们很高兴地宣布 Ruby {{ release.version }} 已发布。Ruby 3.5 除了将 Unicode 版本更新到 15.1.0外,还有一些其他变更。 + +## 语言变化 + +* `*nil` 不再调用 `nil.to_a`,就像 `**nil` 不再调用 `nil.to_hash`。 [[Feature #21047]] + +## 核心类更新 + +注意:我们只列出了重要的核心类更新。 + +* Binding + + * `Binding#local_variables` 不再包含引用数字参数(如 `_1`, `_2`)。 + 同样, `Binding#local_variable_get` 和 `Binding#local_variable_set` 也会拒绝处理引用数字参数。 + [[Bug #21049]] + +* IO + + * `IO.select` 允许使用 `Float::INFINITY` 作为超时参数。 + [[Feature #20610]] + +* String + + * 更新 Unicode 版本至 15.1.0,更新 Emoji 版本至 15.1。 [[Feature #19908]] + (同样适用于 Regexp) + + +## 标准库更新 + +注意:我们只列出了重要的标准库更新。 + +* ostruct 0.6.1 +* pstore 0.2.0 +* benchmark 0.4.0 +* logger 1.7.0 +* rdoc 6.13.1 +* win32ole 1.9.2 +* irb 1.15.2 +* reline 0.6.1 +* readline 0.0.4 +* fiddle 1.1.6 + +## 兼容性问题 + +注意:不包括错误问题修正。 + + + +## 标准库兼容性问题 + + +## C API 更新 + + + +## 其他变化 + + + +更多详情,可参见 [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +或 [提交日志](https://github.com/ruby/ruby/compare/v3_4_0...{{ release.tag }})。 + +自 Ruby 3.4.0 以来,这些变化共导致 [{{ release.stats.files_changed }} 个文件被更改,新增 {{ release.stats.insertions }} 行(+),删除 {{ release.stats.deletions }} deletions(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket)! + +## 下载 + +* <{{ release.url.gz }}> + + 文件大小: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + 文件大小: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + 文件大小: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby 是什么 + +Ruby 最初由 Matz (松本行弘,Yukihiro Matsumoto) 于 1993 年开发, +现在以开源软件的形式开发。它可以在多个平台上运行,并在全球得到广泛使用,尤其是 Web 开发领域。 + +[Feature #21047]: https://bugs.ruby-lang.org/issues/21047 +[Bug #21049]: https://bugs.ruby-lang.org/issues/21049 +[Feature #20610]: https://bugs.ruby-lang.org/issues/20610 +[Feature #19908]: https://bugs.ruby-lang.org/issues/19908 diff --git a/zh_cn/news/_posts/2025-04-28-dos-net-imap-cve-2025-43857.md b/zh_cn/news/_posts/2025-04-28-dos-net-imap-cve-2025-43857.md new file mode 100644 index 0000000000..9b1444e69c --- /dev/null +++ b/zh_cn/news/_posts/2025-04-28-dos-net-imap-cve-2025-43857.md @@ -0,0 +1,38 @@ +--- +layout: news_post +title: "CVE-2025-43857: net-imap 中的 DoS 漏洞" +author: "nevans" +translator: "GAO Jun" +date: 2025-04-28 16:02:04 +0000 +tags: security +lang: zh_cn +--- + +在 `net-imap` gem 中存在一个可能造成 DoS 的漏洞。此漏洞的 CVE 编号为 [CVE-2025-43857]。我们建议您更新 `net-imap` gem。 + +## 详情 + +恶意服务器可以发送一个 “特定的” 字节数信息,这个数字会被客户端的接收线程自动读取。 +读取后,客户端会立即根据服务器告知的这个字节数分配内存。在安全地连接可信 IMAP 服务器时,这不是一个问题。 +但当使用不安全连接,或连接到有缺陷、不可信或已被入侵的服务器(例如,连接到用户提供的主机名)时,就可能导致 DoS。 + +请将 `net-imap` gem 更新到 0.2.5、0.3.9、0.4.20、0.5.7 或更高版本。 + +当连接不可信的服务器或使用不安全连接时,必须适当设置 `max_response_size` 参数,并在响应处理中进行适当调整以限制内存消耗。 +更多详细信息请参阅 [GHSA-j3g3-5qv5-52mj]。 + +## 受影响版本 + +`net-imap` gem 版本 <= 0.2.4,0.3.0 至 0.3.8,0.4.0 至 0.4.19,以及 0.5.0 至 0.5.6。 + +## 致谢 + +感谢 [Masamune] 发现此问题。 + +## 历史 + +* 最初发布于 2025-04-28 16:02:04 (UTC) + +[CVE-2025-43857]: https://www.cve.org/CVERecord?id=CVE-2025-43857 +[GHSA-j3g3-5qv5-52mj]: https://github.com/ruby/net-imap/security/advisories/GHSA-j3g3-5qv5-52mj +[Masamune]: https://hackerone.com/masamune_ diff --git a/zh_tw/about/website/index.md b/zh_tw/about/website/index.md index d72cc7c1fe..a1c931e0e5 100644 --- a/zh_tw/about/website/index.md +++ b/zh_tw/about/website/index.md @@ -31,11 +31,37 @@ lang: zh_tw 此外感謝下列機構提供支持: - * [Ruby Association][rubyassociation] (網站托管) - * [AWS][aws] (網站托管) - * [Heroku][heroku] (網站托管) - * [Fastly][fastly] (CDN) +[Ruby Association][rubyassociation] (網站托管) +Ruby Association + +[Ruby no Kai][rubynokai] (建置伺服器) + +Ruby no Kai + +[AWS][aws] (網站托管) + +AWS + +[Heroku][heroku] (網站托管) + +Heroku + +[Fastly][fastly] (CDN) + +Fastly + +[Hatena][hatena] ([Mackerel][mackerel], 伺服器監控) + +mackerel + +[Datadog][datadog] (伺服器監控) + +Datadog + +[1Password][1password] (密碼管理器) + +1password [logo]: /zh_tw/about/logo/ [webmaster]: mailto:webmaster@ruby-lang.org @@ -47,4 +73,9 @@ lang: zh_tw [rubyassociation]: http://www.ruby.or.jp [heroku]: https://www.heroku.com/ [fastly]: http://www.fastly.com +[hatena]: http://hatenacorp.jp/ +[mackerel]: https://mackerel.io/ +[rubynokai]: http://ruby-no-kai.org/ [aws]: https://aws.amazon.com/ +[datadog]: https://www.datadoghq.com/ +[1password]: https://1password.com/ diff --git a/zh_tw/community/index.md b/zh_tw/community/index.md index 579cc8b191..00cbbb8392 100644 --- a/zh_tw/community/index.md +++ b/zh_tw/community/index.md @@ -9,7 +9,7 @@ lang: zh_tw 如果你有興趣參與,可以從這幾個地方開始: -[Ruby Taiwan 社群][1] +[Ruby Taiwan Discord 伺服器 (邀請連結)][ruby-tw-discord] : Ruby Taiwan 社群成立於 2008 年 10 月,主要是針對 Ruby 程式語言及軟體開發,進行業界的交流及分享,提昇開發人員的技術深度與廣度。 @@ -18,34 +18,36 @@ lang: zh_tw 使用者群組都是自發性的,通常會有每月的聚會、郵件論壇以及一個社群網站。運氣好的話,也許還會有編程節 (codefests)。 [Ruby 郵件論壇和新聞群組](/zh_tw/community/mailing-lists/) -: Ruby 擁有各種不同主題及語言的郵件論壇。如果你有 Ruby 的問題,透過論壇發問是個不錯的方式。台灣的 Ruby 論壇則有 - [RailsFun][railsfun] 以及 [PTT](telnet://ptt.cc) Ruby 版。 +: Ruby 擁有各種不同主題及語言的郵件論壇。如果你有 Ruby 的問題,透過論壇發問是個不錯的方式。 -[Ruby 的 IRC (#ruby)](https://web.libera.chat/#ruby) +[Ruby Discord 伺服器 (邀請連結)][ruby-discord] +: Ruby 語言 Discord 伺服器是一個你可以與其他 Rubyists 聊天、互助的地方。 + Discord 對於新開發者是一個很好的進入點,而且很容易加入。 + +[Ruby 的 IRC (#ruby)][ruby-irc] : 您可以在 Ruby 的 IRC 頻道上與其他 Ruby 愛好者聊天。 [Ruby 核心](/zh_tw/community/ruby-core) : 現在正是加入開發 Ruby 行列的好時機。如果您有興趣幫忙,可以從這裡開始。 -[關於 Ruby 的部落格](/zh_tw/community/weblogs/) -: Ruby 社群中有著各式各樣的部落格。這裡是一份推薦清單。 +[關於 Ruby 的部落格與電子報](/zh_tw/community/weblogs/) +: Ruby 社群中的大多數活動和更新都是透過部落格和電子報進行討論。這裡是一份推薦清單可協助你了解最新情況。 [Ruby 研討會](/zh_tw/community/conferences/) : 全世界有越來越多的研討會讓 Ruby 程式設計師可以參與,分享他們的工作經驗、討論 Ruby 的未來,同時也歡迎新成員的加入。台灣的 Ruby 年度研討會為 [RubyConf Taiwan](http://rubyconf.tw)。 + 你也可以在 [rubyvideo.dev][rubyvideo] 找到 Ruby 研討會與演講的影片。 + [Podcasts](/zh_tw/community/podcasts/) : 比起閱讀,如果你更喜歡用聆聽的方式接收 Ruby 的資訊,你可以收聽這些 Podcasts。 內容包括 Ruby 或是 gem 的新發佈消息,還有 Ruby 使用者、貢獻者和維護者之間的討論與訪談。 -Ruby 的一般消息 -: * [Ruby Central][ruby-central] - * [Ruby at Open Directory Project][ruby-opendir] - * [Rails at Open Directory Project][rails-opendir] - -[1]: http://ruby.tw -[railsfun]: http://railsfun.tw/index.php +[Ruby Central][ruby-central] +: Ruby Central 是一個非營利組織,致力於支持全球 Ruby 社群。 +[ruby-tw-discord]: https://discord.gg/yaYHWQsmcz +[ruby-irc]: https://web.libera.chat/#ruby [ruby-central]: http://rubycentral.org/ -[ruby-opendir]: https://dmoztools.net/Computers/Programming/Languages/Ruby/ -[rails-opendir]: https://dmoztools.net/Computers/Programming/Languages/Ruby/Software/Frameworks/Rails/ +[ruby-discord]: https://discord.gg/ad2acQFtkh +[rubyvideo]: https://rubyvideo.dev diff --git a/zh_tw/community/mailing-lists/index.md b/zh_tw/community/mailing-lists/index.md index 3cddcab32c..3ee9c23057 100644 --- a/zh_tw/community/mailing-lists/index.md +++ b/zh_tw/community/mailing-lists/index.md @@ -27,11 +27,11 @@ The comp.lang.ruby 新聞組 ## 立即訂閱或是取消訂閱 -[立即訂閱或是取消訂閱](https://ml.ruby-lang.org/mailman3/postorius/lists/) +[立即訂閱或是取消訂閱](https://ml.ruby-lang.org/mailman3/lists/) [1]: https://www.ruby-forum.com/ -[3]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-talk@ml.ruby-lang.org/ -[4]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-core@ml.ruby-lang.org/ -[5]: https://ml.ruby-lang.org/mailman3/hyperkitty/list/ruby-doc@ml.ruby-lang.org/ +[3]: https://ml.ruby-lang.org/archives/list/ruby-talk@ml.ruby-lang.org/ +[4]: https://ml.ruby-lang.org/archives/list/ruby-core@ml.ruby-lang.org/ +[5]: https://ml.ruby-lang.org/archives/list/ruby-doc@ml.ruby-lang.org/ diff --git a/zh_tw/community/weblogs/index.md b/zh_tw/community/weblogs/index.md index 1935fcb279..46a774a5b9 100644 --- a/zh_tw/community/weblogs/index.md +++ b/zh_tw/community/weblogs/index.md @@ -1,7 +1,33 @@ --- layout: page -title: "部落格" +title: "部落格與電子報" lang: zh_tw --- -{% include out-of-date.html %} +Ruby 部落格與電子報在過去幾年成爆炸性成長,你可以在網路上搜索到數百個部落格分享 Ruby 程式碼、描述新技術、或是推測 Ruby 的未來。 + +{: .summary} + +### 電子報 + +* [**Ruby Weekly**][ruby-weekly]: 每週精選最有趣的 Ruby 文章和新聞的電子報。 +* [**Short Ruby Newsletter**][short-ruby-newsletter]: 每週摘要 Ruby 社群的文章、討論、和新聞。 + +### 挖掘 Ruby 部落格 + +* [**RubyFlow**][rubyflow]: Ruby 與 Rails 社群的連結日誌。包含函式庫、部落格文章、教學、和其他 Ruby 資源的新聞網站。 +* [**Rubyland**][rubyland]: 從 RSS 整合關於 Ruby 的新聞與部落格文章。 + +### 著名的部落格 + +時常更新的著名部落格 + +* [**DEV Ruby Tag**][dev-ruby-tag]: 在 DEV 社群中標記為 Ruby 的文章列表。 DEV 有上千名軟體開發人員發布與討論程式碼文章。 +* [**Ruby on Rails Blog**][ruby-on-rails-blog]: Ruby on Rails 團隊的官方部落格。如果你正在使用 Rails,這個部落格可以獲得安全更新通知與 Rails 社群的發展願景。 + +[short-ruby-newsletter]: https://newsletter.shortruby.com/ +[ruby-weekly]: https://rubyweekly.com/ +[rubyflow]: https://rubyflow.com/ +[rubyland]: http://rubyland.news/ +[dev-ruby-tag]: https://dev.to/t/ruby +[ruby-on-rails-blog]: https://rubyonrails.org/blog/ diff --git a/zh_tw/documentation/index.md b/zh_tw/documentation/index.md index 8a4ec1553b..7300b3df55 100644 --- a/zh_tw/documentation/index.md +++ b/zh_tw/documentation/index.md @@ -11,136 +11,252 @@ lang: zh_tw 儘管可以輕鬆的[在瀏覽器試玩 Ruby ][1],你還是可以閱讀[安裝指南](installation/)來幫助你安裝 Ruby。 +### 官方 Ruby 文件 + +[docs.ruby-lang.org/en][docs-rlo]: 包含所有 Ruby 2.1 版本之後的文件。 + +[docs.ruby-lang.org/en/3.4][docs-rlo-3.4]: Ruby 3.4 版本文件。 + +[docs.ruby-lang.org/en/master][docs-rlo-master]: Ruby master 分支版本文件。 + +[C Extension Guide][docs-rlo-extension]: 為 Ruby 建立 C 延伸套件的深度指南。 + ### 入門 [官方 FAQ](/en/documentation/faq/) : 官方常見問題與解答。 -[Ruby Koans][2] -: Ruby Koans 導引你走上學習 Ruby 的啟蒙之路。可以學到 Ruby 語言、語法、結構、常用函數與函式庫。 - 當然也少不了 Ruby 的文化。 - -[Why’s (Poignant) Guide to Ruby][5] -: 非比尋常但玩味無窮的書,透過故事、幽默與漫畫來教會你 Ruby。由 *why the lucky - stiff* 創作,本書是學習 Ruby 的經典大作。 - -[Ruby Essentials][7] -: 免費的線上電子書,讓你可以一步步地學習 Ruby。 +[Try Ruby][1] +: 您可以在您的瀏覽器上體驗 Ruby。 [Learn to Program][8] : 由 Chris Pine 撰寫的程式語言入門。適合完全沒有程式設計經驗的朋友。 -[Learn Ruby the Hard Way][38] -: 一系列說明完善的練習,導引你從完全零基礎一直介紹到物件導向程式設計與 Web 開發, +[Ruby in Twenty Minutes][rubyin20] +: 少於 20 分鐘就能完成的 Ruby 小型教學。 -### 學習手冊 +[The Odin Project][odin] +: 開源的全端課程。 -[Programming Ruby][9] -: 這是 Ruby 的第一本英文書,第一版開放線上免費閱讀 [Pragmatic Programmers' book][10] 。 +[excercism][exercism] +: 包含 120 個題目、自動分析與個人指導。 -[The Ruby Programming Wikibook][12] -: 給初學者到中等程度的線上手冊以及語言參考。 +[Codecademy][codecademy] +: 包含多種主題的線上教學網站。 -### 參考文件 +### 手冊 / 書籍 -[Official API Documentation][docs-rlo-en] -: 各種版本的 Ruby 官方 API 文件,包含當前未釋出的版本(trunk)。 +#### 初學者 -[Ruby Core Reference][13] -: 直接從原始碼拉出來的 [RDoc][14] 文件,包括所有的核心類別和模組(例如 String、Array、Symbol 等)。 +[Programming Ruby 3.3][pickaxe] +: 這是 Ruby 的第一本英文書,最近更新到了 Ruby 3.3 。 -[Ruby Standard Library Reference][15] -: 也是從從原始碼拉出來的 RDoc 文件,記載了 Ruby 的標準函式庫。 +[The Well-Grounded Rubyist][grounded] +: 本教學從您的第一個 Ruby 程式開始,並帶您逐步了解反射、執行緒和遞迴等複雜主題。 -[Ruby C API Reference][extensions] -: 官方 Ruby 的 C API 介紹文件,有助於你撰寫 C 擴充程式或是貢獻到 Ruby 的開發。 +#### 進階者 -[RubyDoc.info][16] -: 一站式站點,擁有 RubyGems 與 GitHub 上托管的 Ruby 專案的文件。 +[Practical OOD in Ruby (POODR)][poodr] +: 關於一個程式設計師如何撰寫物件導向程式碼的故事。 -[Ruby & Rails Searchable API Docs][17] -: 可以聰明搜索 Ruby 與 Rails 的文件。 +#### 專家 -[APIdock][18] -: Ruby、Rails 與 RSpec 的文件,具有使用者的評論。 +[Metaprogramming][meta] +: 用簡單易懂的方式解釋 metaprogramming。 + +[Ruby Under a Microscope (RUM)][microscope] +: Ruby 內部結構的圖解指南。 + +### 社群文件 + +這些文件網站由 Ruby 社群維護。 + +[RubyDoc.info][16] +: 一站式站點,擁有 RubyGems 與 GitHub 上托管的 Ruby 專案的文件。 [RubyAPI.org][rubyapi-org] : 簡單搜尋瀏覽 Ruby 類別、模組及方法。 +[ruby-doc.org][39] +: 線上 API 文件。 + +[DevDocs.io][40] +: 線上 API 文件。 + +[Ruby QuickRef][42] +: Ruby 快速參考文件。 + +[rubyreferences][43] +: 參考文件 + 版本變更細節。 + +### 程式碼風格指南 + +[rubystyle.guide][44] +: RuboCop 的 Ruby 程式碼風格指南。 + +[RuboCop][45] +: 自動化檢查與執行程式碼風格指南。 + +[Shopify][46] +: Shopify 的 Ruby 程式碼風格指南。 + +[GitLab][47] +: GitLab 的 Ruby 程式碼風格指南。 + +[Airbnb][48] +: Airbnb 的 Ruby 程式碼風格指南。 + +[w3resource][49] +: W3 的 Ruby 程式碼風格指南。 + +# 工具 + +[IRB][50] +: 互動式 Ruby Read-Eval-Print-Loop (REPL)。 + +[Pry][51] +: Ruby REPL 的替代方案。 + +[Rake][52] +: make-like 的 Ruby 建置工具。 + +[RI][53] +: (Ruby Information) 是 Ruby 命令列工具,可以快速、輕鬆地線上存取 Ruby 文件。 + +[RBS][54] +: Ruby 的類型簽名。 + +[TypeProf][55] +: 一種實驗性的類型級 Ruby 解釋器,用於測試和理解 Ruby 程式碼。 + +[Steep][56] +: Ruby 靜態類型檢查器。 + ### 編輯器與整合開發環境 -您可以用操作系統內建的編輯器來撰寫 Ruby。為了更有效的寫程式,值得選個 Ruby 基本特性支援良好的編輯器(如:語法高亮、檔案瀏覽)或是有更進階功能的整合開發環境(如:程式碼補全、重構、支持測試等。) +您可以用作業系統內建的編輯器來撰寫 Ruby。為了更有效的寫程式,值得選個 Ruby 基本特性支援良好的編輯器(如:語法高亮、檔案瀏覽)或是有更進階功能的整合開發環境(如:程式碼補齊、重構、支持測試等。) 以下是 Ruby 程式設計師(Rubyist)間流行使用的開發工具清單: * Linux 與跨平台: * [Aptana Studio][19] - * [Emacs][20] 用 [Ruby mode][21] 配 [Rsense][22] + * [Emacs][20] 用 [Ruby mode][21] 或 [Enhanced Ruby mode][enh-ruby-mode] * [Geany][23] * [gedit][24] - * [Vim][25] 用 [vim-ruby][26] 插件與 [Rsense][22] + * [Vim][25] 用 [vim-ruby][26] 插件 + * [NeoVim][neovim] * [RubyMine][27] * [SciTe][28] * [NetBeans][36] * [Sublime Text][37] - * [Atom][atom] * [Visual Studio Code][vscode] + * [Zed][zed] * Windows 作業系統: * [Notepad++][29] - * [E-TextEditor][30] - * [Ruby In Steel][31] * macOS 作業系統: * [TextMate][32] * [BBEdit][33] - * [Dash][39] (瀏覽文件用) + * [Dash][dash] (瀏覽文件用) + +部分編輯器支援 Language Server Protocol (LSP),Shopify 的 [ruby-lsp][ruby-lsp] 是最受歡的的 Ruby LSP 之一。 ### 進階閱讀 [Ruby-Doc.org][34] 維護了一份簡單易懂的英文文件列表。如有任何 Ruby 相關的問題,[郵件論壇](/en/community/mailing-lists/)是個問問題的好地方。 +### 較舊的閱讀資源 +這些連結內容也很突出,但已經很久沒有更新了。 + +[Ruby Koans][2] +: Ruby Koans 導引你走上學習 Ruby 的啟蒙之路。可以學到 Ruby 語言、語法、結構、常用函數與函式庫。 + 當然也少不了 Ruby 的文化。 + +[Ruby Essentials][7] +: 免費的線上電子書,讓你可以一步步地學習 Ruby。 + +[Why’s (Poignant) Guide to Ruby][5] +: 非比尋常但玩味無窮的書,透過故事、幽默與漫畫來教會你 Ruby。由 *why the lucky + stiff* 創作,本書是學習 Ruby 的經典大作。 + +[Learn Ruby the Hard Way][38] +: 一系列說明完善的練習,導引你從完全零基礎一直介紹到物件導向程式設計與 Web 開發, + +[Programming Ruby][9] +: 這是 Ruby 的第一本英文書,第一版開放線上免費閱讀 [Pragmatic Programmers' book][10] 。 + +[The Ruby Programming Wikibook][12] +: 給初學者到中等程度的線上手冊以及語言參考。 [1]: https://try.ruby-lang.org/ [2]: https://rubykoans.com/ [5]: https://poignant.guide [7]: http://www.techotopia.com/index.php/Ruby_Essentials [8]: http://pine.fm/LearnToProgram/ -[9]: http://www.ruby-doc.org/docs/ProgrammingRuby/ -[10]: http://pragmaticprogrammer.com/titles/ruby/index.html +[9]: https://www.ruby-doc.org/docs/ProgrammingRuby/ +[10]: https://pragprog.com/titles/ruby5/programming-ruby-3-3-5th-edition/ [12]: http://en.wikibooks.org/wiki/Ruby_programming_language [13]: http://www.ruby-doc.org/core [14]: https://ruby.github.io/rdoc/ [15]: http://www.ruby-doc.org/stdlib [extensions]: https://docs.ruby-lang.org/en/master/extension_rdoc.html [16]: http://www.rubydoc.info/ -[17]: http://rubydocs.org/ -[18]: http://apidock.com/ [rubyapi-org]: https://rubyapi.org/ [19]: http://www.aptana.com/ [20]: http://www.gnu.org/software/emacs/ [21]: http://www.emacswiki.org/emacs/RubyMode -[22]: http://rsense.github.io/ [23]: http://www.geany.org/ -[24]: http://projects.gnome.org/gedit/screenshots.html +[24]: https://gedit-text-editor.org/ [25]: http://www.vim.org/ [26]: https://github.com/vim-ruby/vim-ruby [27]: http://www.jetbrains.com/ruby/ [28]: http://www.scintilla.org/SciTE.html [29]: http://notepad-plus-plus.org/ -[30]: http://www.e-texteditor.com/ -[31]: http://www.sapphiresteel.com/ [32]: http://macromates.com/ [33]: https://www.barebones.com/products/bbedit/ [34]: http://ruby-doc.org [36]: https://netbeans.org/ [37]: http://www.sublimetext.com/ [38]: https://learncodethehardway.org/ruby/ -[39]: http://kapeli.com/dash -[docs-rlo-en]: https://docs.ruby-lang.org/en/ -[atom]: https://atom.io/ +[39]: https://www.ruby-doc.org/ +[40]: https://devdocs.io/ruby/ +[42]: https://www.zenspider.com/ruby/quickref.html +[43]: https://rubyreferences.github.io/ +[44]: https://rubystyle.guide/ +[45]: https://github.com/rubocop/ruby-style-guide +[46]: https://ruby-style-guide.shopify.dev/ +[47]: https://docs.gitlab.com/ee/development/backend/ruby_style_guide.html +[48]: https://github.com/airbnb/ruby +[49]: https://www.w3resource.com/ruby/ruby-style-guide.php +[50]: https://github.com/ruby/irb +[51]: https://github.com/pry/pry +[52]: https://github.com/ruby/rake +[53]: https://ruby.github.io/rdoc/RI_md.html +[54]: https://github.com/ruby/rbs +[55]: https://github.com/ruby/typeprof +[56]: https://github.com/soutaro/steep + +[docs-rlo]: https://docs.ruby-lang.org/en/ +[docs-rlo-3.4]: https://docs.ruby-lang.org/en/3.4 +[docs-rlo-master]: https://docs.ruby-lang.org/en/master +[docs-rlo-extension]: https://docs.ruby-lang.org/en/master/extension_rdoc.html + +[rubyin20]: https://www.ruby-lang.org/en/documentation/quickstart/ +[odin]: https://www.theodinproject.com/paths/full-stack-ruby-on-rails/courses/ruby +[exercism]: https://exercism.org/tracks/ruby +[codecademy]: https://www.codecademy.com/learn/learn-ruby + +[pickaxe]: https://pragprog.com/titles/ruby5/programming-ruby-3-3-5th-edition/ +[grounded]: https://www.manning.com/books/the-well-grounded-rubyist-third-edition +[poodr]: https://www.poodr.com/ +[meta]: https://pragprog.com/titles/ppmetr2/metaprogramming-ruby-2/ +[microscope]: https://patshaughnessy.net/ruby-under-a-microscope + +[enh-ruby-mode]: https://github.com/zenspider/enhanced-ruby-mode/ +[neovim]: https://neovim.io/ [vscode]: https://code.visualstudio.com/ - -[rubytw]: http://ruby.tw -[ruby-user-guide-zh_tw]: http://guides.ruby.tw/ruby/ +[zed]: https://zed.dev/ +[dash]: http://kapeli.com/dash +[ruby-lsp]: https://github.com/Shopify/ruby-lsp diff --git a/zh_tw/documentation/installation/index.md b/zh_tw/documentation/installation/index.md index e5d50b5ca7..fd0e2bcff7 100644 --- a/zh_tw/documentation/installation/index.md +++ b/zh_tw/documentation/installation/index.md @@ -325,7 +325,7 @@ $ sudo make install [rvm]: http://rvm.io/ [rbenv]: https://github.com/rbenv/rbenv -[rbenv-for-windows]: https://github.com/ccmywish/rbenv-for-windows#readme +[rbenv-for-windows]: https://github.com/RubyMetric/rbenv-for-windows#readme [ruby-build]: https://github.com/rbenv/ruby-build#readme [ruby-install]: https://github.com/postmodern/ruby-install#readme [chruby]: https://github.com/postmodern/chruby diff --git a/zh_tw/documentation/quickstart/3/index.md b/zh_tw/documentation/quickstart/3/index.md index 76715bfe28..55260f7df3 100644 --- a/zh_tw/documentation/quickstart/3/index.md +++ b/zh_tw/documentation/quickstart/3/index.md @@ -92,7 +92,7 @@ irb(main):043:0> g.respond_to?("to_s") irb(main):044:0> class Greeter irb(main):045:1> attr_accessor :name irb(main):046:1> end -=> nil +=> [:name, :name=] {% endhighlight %} 在 Ruby diff --git a/zh_tw/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md b/zh_tw/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md index e884233201..ec023a2b3b 100644 --- a/zh_tw/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md +++ b/zh_tw/news/_posts/2014-08-19-ruby-1-9-2-p330-released.md @@ -24,19 +24,19 @@ ruby -v -ruri -e'URI.decode_www_form_component "A string that causes catastrophi ## 下載 -* +* SIZE: 9081661 bytes MD5: 8ba4aaf707023e76f80fc8f455c99858 SHA256: 6d3487ea8a86ad0fa78a8535078ff3c7a91ca9f99eff0a6a08e66c6e6bf2040f -* +* SIZE: 11416473 bytes MD5: 4b9330730491f96b402adc4a561e859a SHA256: 23ef45fdaecc5d6c7b4e9e2d51b23817fc6aa8225a20f123f7fa98760e8b5ca9 -* +* SIZE: 12732739 bytes MD5: 42d261b28d1b7e500dd3bdbdbfba7fa5 diff --git a/zh_tw/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md b/zh_tw/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md index f9d6e0c6d4..e0f80a5ac8 100644 --- a/zh_tw/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md +++ b/zh_tw/news/_posts/2023-11-12-ruby-3-3-0-preview3-released.md @@ -19,7 +19,7 @@ lang: zh_tw * Prism 是 CRuby 內部使用的 C 函式庫,同時也是任何需要解析 Ruby 程式碼的工具鏈可以使用的 Ruby gem。 * Prism API 中值得注意的方法為: * `Prism.parse(source)` 回傳 AST 作為 ParseResult 的一部分。 - * `Prism.dump(source, filepath)` 回傳字串型別的序列化的 AST。 + * `Prism.dump(source)` 回傳字串型別的序列化的 AST。 * `Prism.parse_comments(source)` 回傳註解。 * 如果您有興趣貢獻,您可以直接在 [the Prism repository](https://github.com/ruby/prism) 上建立 pull requests 或 issues。 diff --git a/zh_tw/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md b/zh_tw/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md index 82d7304331..71987abe53 100644 --- a/zh_tw/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md +++ b/zh_tw/news/_posts/2023-12-11-ruby-3-3-0-rc1-released.md @@ -21,7 +21,7 @@ RC1 版本發布後,我們會盡可能避免加入 ABI 不相容的功能。 * Prism 是 CRuby 內部使用的 C 函式庫,同時也是任何需要解析 Ruby 程式碼的工具鏈可以使用的 Ruby gem。 * Prism API 中值得注意的方法為: * `Prism.parse(source)` 回傳 AST 作為 ParseResult 的一部分。 - * `Prism.dump(source, filepath)` 回傳字串型別的序列化的 AST。 + * `Prism.dump(source)` 回傳字串型別的序列化的 AST。 * `Prism.parse_comments(source)` 回傳註解。 * 如果您有興趣貢獻,您可以直接在 [the Prism repository](https://github.com/ruby/prism) 上建立 pull requests 或 issues。 diff --git a/zh_tw/news/_posts/2023-12-25-ruby-3-3-0-released.md b/zh_tw/news/_posts/2023-12-25-ruby-3-3-0-released.md new file mode 100644 index 0000000000..8e037e0c4e --- /dev/null +++ b/zh_tw/news/_posts/2023-12-25-ruby-3-3-0-released.md @@ -0,0 +1,283 @@ +--- +layout: news_post +title: "Ruby 3.3.0 發布" +author: "naruse" +translator: "Bear Su" +date: 2023-12-25 00:00:00 +0000 +lang: zh_tw +--- + +{% assign release = site.data.releases | where: "version", "3.3.0" | first %} +我們很高興宣布 Ruby {{ release.version }} 發佈了。 Ruby 3.3 新增了名為 Prism 的 Parser,使用了 Lrama 做為 Parser 產生器,新增了名為 RJIT,純 Ruby 開發的 JIT 編譯器,以及更多效能提升,尤其是 YJIT。 + +## Prism + +* 導入 [the Prism parser](https://github.com/ruby/prism) 為預設 gem。 + * Prism 是可移植、可容錯、且可維護的 Ruby 語言遞迴下降解析器。 +* Prism 已可用於生產環境,並積極維護,您可以用來替代 Ripper。 + * 有關如何使用 Prism 的 [詳細文件](https://ruby.github.io/prism/)。 + * Prism 是 CRuby 內部使用的 C 函式庫,同時也是任何需要解析 Ruby 程式碼的工具鏈可以使用的 Ruby gem。 + * Prism API 中值得注意的方法為: + * `Prism.parse(source)` 回傳 AST 作為解析結果的一部分。 + * `Prism.parse_comments(source)` 回傳註解。 + * `Prism.parse_success?(source)` 如果沒有發生錯誤回傳 true。 +* 如果您有興趣貢獻,您可以直接在 [the Prism repository](https://github.com/ruby/prism) 上建立 pull requests 或 issues。 +* 您現在可以使用 `ruby --parser=prism` 或 `RUBYOPT="--parser=prism"` 體驗 Prism 編譯器。請注意這個指令列參數只用來除錯。 + +## 使用 Lrama 取代 Bison + +* 使用 [Lrama LALR parser generator](https://github.com/ruby/lrama) [[Feature #19637]](https://bugs.ruby-lang.org/issues/19637) 取代 Bison。 + * 如果您感興趣,請參閱 [The future vision of Ruby Parser](https://rubykaigi.org/2023/presentations/spikeolaf.html)。 + * 為了維護性,Lrama internal parser 改用 Racc 產生的 LR parser。 + * 支援 Parameterizing Rules `(?, *, +)`,能夠在 Ruby parse.y 中被使用。 + +## YJIT + +* 自 3.2 主要效能提升 + * 改善 splat 和 rest arguments 的支援。 + * 虛擬機器分配了暫存器,用於堆疊操作。 + * 更多帶有可選參數的呼叫會被編譯。 錯誤處理也會被編譯。 + * 不支援的呼叫類型不再返回給直譯器。 + * 基本方法如 Rails `#blank?` 與 [specialized `#present?`](https://github.com/rails/rails/pull/49909) 變為內聯(inlined)。 + * 特別改善了 `Integer#*`、`Integer#!=`、`String#!=`、`String#getbyte`、`Kernel#block_given?`、`Kernel#is_a?`、`Kernel#instance_of?`、`Module#===`。 + * 編譯速度比 3.2 稍快一些。 + * 目前比 optcarrot 的直譯器快上 3 倍! +* 自 3.2 以來顯著提高了記憶體使用率 + * 已編譯的程式碼的元資料使用更少的記憶體。 + * 當應用程式有超過 40,000 ISEQs 時,`--yjit-call-threshold` 會自動從 30 提高到 120。 + * 新增 `--yjit-cold-threshold` 以略過編譯 cold ISEQs。 + * 在 ARM64 產生更緊湊的程式碼。 +* 預設停用程式碼 GC + * `--yjit-exec-mem-size` 作為新程式碼編譯停止的硬限制。 + * 不會因為程式碼 GC 導致效能突然下降。 + 使用 [Pitchfork](https://github.com/shopify/pitchfork) 在伺服器 reforking 有更好的 copy-on-write 行為。 + * 如果需要,您仍然可以使用 `--yjit-code-gc` 啟用程式碼 GC。 +* 新增 `RubyVM::YJIT.enable`,可以在 run-time 中啟用 YJIT。 + * 您可以在不修改指令列參數或環境變數的情況下啟動 YJIT。 + Rails 7.2 將透過此方法 [預設啟用 YJIT](https://github.com/rails/rails/pull/49947)。 + * 可用於僅在您的應用程式完成啟動後啟用 YJIT。 如果您在啟動程式時停用了 YJIT,可以使用 `--yjit-disable` 來使用其他 YJIT 選項。 +* 預設提供更多 YJIT 統計數據 + * 現在預設提供 `yjit_alloc_size` 和幾個更多與元資料相關的統計。 + * 發布版本現在提供透過 `--yjit-stats` 產生的 `ratio_in_yjit` 統計資訊,不再需要特殊的統計資訊或是開 +* 新增更多性能分析功能 + * 新增 `--yjit-perf` 以便於使用 Linux perf 進行性能分析。 + * `--yjit-trace-exits` 現在支援透過 `--yjit-trace-exits-sample-rate=N` 抽樣。 +* 更多測試與錯誤修復 + +## RJIT + +* 導入純 Ruby 開發的 JIT 編譯器 RJIT 並取代 MJIT。 + * RJIT 僅支援 x86\_64 架構的 Unix 平台。 + * 不同於 MJIT,RJIT 在執行時不需要 C 編譯器。 +* RJIT 目前還在實驗階段。 + * 您在生產環境應繼續使用 YJIT。 +* 如果您有興趣為 Ruby 開發 JIT,請參閱 [k0kubun's 在 RubyKaigi 第 3 天的演講](https://rubykaigi.org/2023/presentations/k0kubun.html#day3)。 + +## M:N thread scheduler + +* 導入 M:N thread scheduler。 [[Feature #19842]](https://bugs.ruby-lang.org/issues/19842) + * M 個 Ruby 執行緒由 N 個原生執行緒(OS 執行緒)管理,所以能減少執行緒建立與管理的成本。 + * 由於會破壞 C-extension 的相容性,所以預設在主 Ractor 上停用 M:N thread scheduler。 + * 透過 `RUBY_MN_THREADS=1` 環境變數在主 Ractor 啟用 M:N threads。 + * 在非主 Ractors 上總是啟用 M:N threads。 + * 可使用 `RUBY_MAX_CPU=n` 環境變數設定 `N` 的最大值 (原生執行緒的最大數量)。預設值為 8。 + * 由於每一個 Ractor 同時只能執行一個 Ruby 執行緒,所以將使用原生執行緒的數量,即 `RUBY_MAX_CPU` 和執行 Ractor 數量中較小的值,因此單一 Ractor 應用程式 (大多數應用程式) 只會使用一個原生執行緒。 + * 為支援阻塞操作,可以使用多餘 `N` 個原生執行緒。 + +## 效能提升 + +* `defined?(@ivar)` 透過 Object Shapes 提升效能。 +* 像是 `Socket.getaddrinfo` 的域名解析現在可以被中斷 (在可用 pthreads 的環境下)。 [[Feature #19965]](https://bugs.ruby-lang.org/issues/19965) +* 垃圾收集器的一些效能提升 + * 被舊物件參考的年輕物件不再立即提升為舊世代。這顯著降低了 major GC 收集的頻率。 [[Feature #19678]](https://bugs.ruby-lang.org/issues/19678) + * 新增調整變數 `RUBY_GC_HEAP_REMEMBERED_WB_UNPROTECTED_OBJECTS_LIMIT_RATIO` 用來控制導致觸發 major GC 收集的未受保護物件的數量。預設為 `0.01` (1%)。這顯著降低了 major GC 收集的頻率。 [Feature #19571](https://bugs.ruby-lang.org/issues/19571) + * 為幾個缺少寫入屏障(Write Barriers)的核心類型進行實作,特別是 `Time`, `Enumerator`, `MatchData`, `Method`, `File::Stat`, `BigDecimal` 等。這顯著地減少 minor GC 收集時間與 major GC 收集頻率。 + * 大部分核心類別現在使用可變寬度分配,特別是 `Hash`, `Time`, `Thread::Backtrace`, `Thread::Backtrace::Location`, `File::Stat`, `Method`。 + 這使得這些類別更快被分配與釋放,使用更少的記憶體與減少堆疊碎片。 + * 垃圾收集器加入弱參考的支援。 [Feature #19783](https://bugs.ruby-lang.org/issues/19783) + + +## 自 3.2 以來其他值得注意的變更 + +### IRB + +IRB 進行了數項改善,包括但不限於: + +- 加強 `irb:rdbg` 整合以提供與 `pry-byebug` 相同的除錯體驗 ([文件](https://github.com/ruby/irb#debugging-with-irb))。 +- Pager 支援指令,例如 `ls` 和 `show_cmds`。 +- `ls` 和 `show_source` 指令提供了更準確和有幫助的資訊。 +- 使用 type 分析的實驗係自動補齊 ([doc](https://github.com/ruby/irb#type-based-completion))。 +- 透過新導入的類別 Reline::Face,可以更改補齊視窗中的字體顏色與字體樣式 ([doc](https://github.com/ruby/ruby/blob/master/doc/reline/face.md))。 + +此外,IRB 還進行了大量重構和修復了許多錯誤,以方便未來強化功能。 + +請參見 [Unveiling the big leap in Ruby 3.3's IRB](https://railsatscale.com/2023-12-19-irb-for-ruby-3-3/) 來了解更多。 + +## 相容性問題 + +注意:不包含功能問題的修正。 + +* 棄用在沒有普通參數的區塊中不帶參數呼叫 `it`。 在 Ruby 3.4 中 `it` 將會參考 block 的第一個參數。 + [[Feature #18980]](https://bugs.ruby-lang.org/issues/18980) + +### 被移除的環境變數 + +下列廢棄的環境變數已被移除。 + +* 環境變數 `RUBY_GC_HEAP_INIT_SLOTS` 已經被廢棄且無法使用。請使用環境變數 `RUBY_GC_HEAP_{0,1,2,3,4}_INIT_SLOTS` 作為替代。 [[Feature #19785]](https://bugs.ruby-lang.org/issues/19785) + +## Stdlib 相容性問題 + +### `ext/readline` 已被淘汰 + +* 我們使用純 Ruby 實作並相容於 `ext/readline` API 的 `reline`。未來我們將依賴 `reline`。如果您需要使用 `ext/readline`,您可以使用 `gem install readline-ext` 透過 rubygems.org 安裝 `ext/readline`。 +* 我們將不再需要安裝函式庫例如 `libreadline` 或 `libedit`。 + +## 標準函式庫更新 + +如果使用者 `require` 以下 gems 卻沒有將其加入到 Gemfile 或 gemspec,RubyGems 和 Bundler 將會顯示警告。 +因為它們將在 Ruby 未來版本中變為 bundled gem。 + +如果您使用 bootsnap gem,這個警告將會被抑制。我們建議至少使用環境變數 `DISABLE_BOOTSNAP=1` 執行您的應用程式一次。這是目前版本的限制。 + +這些函式庫包括: + * abbrev + * base64 + * bigdecimal + * csv + * drb + * getoptlong + * mutex_m + * nkf + * observer + * racc + * resolv-replace + * rinda + * syslog + +加入了以下的預設 gem。 + +* prism 0.19.0 + +更新了以下的 bundled gem。 + +* RubyGems 3.5.3 +* abbrev 0.1.2 +* base64 0.2.0 +* benchmark 0.3.0 +* bigdecimal 3.1.5 +* bundler 2.5.3 +* cgi 0.4.1 +* csv 3.2.8 +* date 3.3.4 +* delegate 0.3.1 +* drb 2.2.0 +* english 0.8.0 +* erb 4.0.3 +* error_highlight 0.6.0 +* etc 1.4.3 +* fcntl 1.1.0 +* fiddle 1.1.2 +* fileutils 1.7.2 +* find 0.2.0 +* getoptlong 0.2.1 +* io-console 0.7.1 +* io-nonblock 0.3.0 +* io-wait 0.3.1 +* ipaddr 1.2.6 +* irb 1.11.0 +* json 2.7.1 +* logger 1.6.0 +* mutex_m 0.2.0 +* net-http 0.4.0 +* net-protocol 0.2.2 +* nkf 0.1.3 +* observer 0.1.2 +* open-uri 0.4.1 +* open3 0.2.1 +* openssl 3.2.0 +* optparse 0.4.0 +* ostruct 0.6.0 +* pathname 0.3.0 +* pp 0.5.0 +* prettyprint 0.2.0 +* pstore 0.1.3 +* psych 5.1.2 +* rdoc 6.6.2 +* readline 0.0.4 +* reline 0.4.1 +* resolv 0.3.0 +* rinda 0.2.0 +* securerandom 0.3.1 +* set 1.1.0 +* shellwords 0.2.0 +* singleton 0.2.0 +* stringio 3.1.0 +* strscan 3.0.7 +* syntax_suggest 2.0.0 +* syslog 0.1.2 +* tempfile 0.2.1 +* time 0.3.0 +* timeout 0.4.1 +* tmpdir 0.2.0 +* tsort 0.2.0 +* un 0.3.0 +* uri 0.13.0 +* weakref 0.1.3 +* win32ole 1.8.10 +* yaml 0.3.0 +* zlib 3.1.0 + +下列的預設 gem 現在是 bundled gems。 + +* racc 1.7.3 + +更新了以下的 bundled gem。 + +* minitest 5.20.0 +* rake 13.1.0 +* test-unit 3.6.1 +* rexml 3.2.6 +* rss 0.3.0 +* net-ftp 0.3.3 +* net-imap 0.4.9 +* net-smtp 0.4.0 +* rbs 3.4.0 +* typeprof 0.21.9 +* debug 1.9.1 + +請參閱 GitHub 發布如 [Logger](https://github.com/ruby/logger/releases) 和變更紀錄來了解更多關於預設 gems 與 bundled gems 的資訊。 + +參見 [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +和 [commit logs](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }}) 來了解更多。 + +自 Ruby 3.2.0 以來,計[{{ release.stats.files_changed }} 檔案變更,{{ release.stats.insertions }} 行新增(+),{{ release.stats.deletions }} 行刪減(-)](https://github.com/ruby/ruby/compare/v3_2_0...{{ release.tag }}#file_bucket)。 + +耶誕快樂、佳節愉快,享受與 Ruby 3.3 一起寫程式的時光! + +## 下載 + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby 是什麼 + +Ruby 最初由 Matz(Yukihiro Matsumoto)於 1993 年開發的開源軟體。可以在許多平台上執行。使用者來自世界各地,特別活躍於網路開發領域。 diff --git a/zh_tw/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md b/zh_tw/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md new file mode 100644 index 0000000000..46dc266d43 --- /dev/null +++ b/zh_tw/news/_posts/2024-03-21-buffer-overread-cve-2024-27280.md @@ -0,0 +1,46 @@ +--- +layout: news_post +title: "CVE-2024-27280: StringIO 中的緩衝區 overread 漏洞" +author: "hsbt" +translator: "Bear Su" +date: 2024-03-21 4:00:00 +0000 +tags: security +lang: zh_tw +--- + +我們發布了 StringIO gem 版本 3.0.1.1 和 3.0.1.2,對緩衝區 overread 漏洞進行了安全性修復。 +該漏洞的 CVE 編號為 [CVE-2024-27280](https://www.cve.org/CVERecord?id=CVE-2024-27280)。 + +## 風險細節 + +在 StringIO 3.0.1 中發現了一個問題,Ruby 影響版本為 3.0.x 至 3.0.6 和 3.1.x 至 3.1.4。 + +StringIO 中的 `ungetbyte` 和 `ungetc` 方法能夠讀取超過字串結尾的內容,如果繼續呼叫 `StringIO.gets` 會回傳記憶體中的資料。 + +此漏洞不影響 StringIO 3.0.3 及更新版本,和 Ruby 3.2.x 及更新版本。 + +## 建議行動 + +我們建議升級 StringIO gem 至 3.0.3 或更新版本。為了確保相容於 Ruby 舊版本,您可以按照以下方式進行升級: + +* Ruby 3.0: 升級至 `stringio` 3.0.1.1 +* Ruby 3.1: 升級至 `stringio` 3.0.1.2 + +注意: StringIO 3.0.1.2 除了漏洞修復之外,也包含了錯誤修復 [[Bug #19389]](https://github.com/ruby/ruby/commit/1d24a931c458c93463da1d5885f33edef3677cc2)。 + +您可以使用 `gem update stringio` 進行更新。如果您使用 bundler,請將 `gem "stringio", ">= 3.0.1.2"` 加入到您的 `Gemfile` 中。 + +## 受影響版本 + +* Ruby 3.0.6 及更早版本 +* Ruby 3.1.4 及更早版本 +* StringIO gem 3.0.1 及更早版本 + +## 致謝 + +感謝 [david_h1](https://hackerone.com/david_h1?type=user) 發現此問題。 + +## 歷史 + +* 修復 StringIO 影響版本 (3.0.2 -> 3.0.1) 於 2024-04-11 12:50:00 (UTC) +* 最初發佈於 2024-03-21 4:00:00 (UTC) diff --git a/zh_tw/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md b/zh_tw/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md new file mode 100644 index 0000000000..3ef4b21f32 --- /dev/null +++ b/zh_tw/news/_posts/2024-03-21-rce-rdoc-cve-2024-27281.md @@ -0,0 +1,47 @@ +--- +layout: news_post +title: "CVE-2024-27281: RDoc 中 .rdoc_options 的 RCE 漏洞" +author: "hsbt" +translator: "Bear Su" +date: 2024-03-21 4:00:00 +0000 +tags: security +lang: zh_tw +--- + +我們發布了 RDoc gem 版本 6.3.4.1、6.4.1.1、6.5.1.1 和 6.6.3.1 對 RCE 漏洞進行了安全性修復。 +該漏洞的 CVE 編號為 [CVE-2024-27281](https://www.cve.org/CVERecord?id=CVE-2024-27281)。 + +## 風險細節 + +在 RDoc 6.3.3 至 6.6.2 中發現了一個問題,Ruby 影響版本為 3.x 至 3.3.0。 + +當解析 YAML 格式的 `.rdoc_options` 檔案時 (用於 RDoc 設定),由於沒有限制恢復的類別,可能導致執行物件注入與遠端程式碼進行攻擊。 +當載入文件快取時,如果有特製的快取存在,則可能執行物件注入與遠端程式碼進行攻擊。 + +## 建議行動 + +我們建議升級 RDoc gem 至 6.6.3.1 或更新版本。為了確保相容於 Ruby 舊版本,您可以按照以下方式進行升級: + +* Ruby 3.0: 升級至 `rdoc` 6.3.4.1 +* Ruby 3.1: 升級至 `rdoc` 6.4.1.1 +* Ruby 3.2: 升級至 `rdoc` 6.5.1.1 + +您可以使用 `gem update rdoc` 進行更新。如果您使用 bundler,請將 `gem "rdoc", ">= 6.6.3.1"` 加入到您的 `Gemfile` 中。 + +注意: 6.3.4、6.4.1、6.5.1 和 6.6.3 有不正確的修復。我們建議升級至 6.3.4.1、6.4.1.1、6.5.1.1 和 6.6.3.1。 + +## 受影響版本 + +* Ruby 3.0.6 及更早版本 +* Ruby 3.1.4 及更早版本 +* Ruby 3.2.3 及更早版本 +* Ruby 3.3.0 +* RDoc gem 6.3.3 及更早版本,6.4.0 至 6.6.2 中未修補版本 (6.3.4, 6.4.1, 6.5.1) + +## 致謝 + +感謝 [ooooooo_q](https://hackerone.com/ooooooo_q?type=user) 發現此問題。 + +## 歷史 + +* 最初發佈於 2024-03-21 4:00:00 (UTC) diff --git a/zh_tw/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md b/zh_tw/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md new file mode 100644 index 0000000000..76d71a6a18 --- /dev/null +++ b/zh_tw/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "CVE-2024-27282: Regex 搜尋的任意記憶體位址讀取漏洞" +author: "hsbt" +translator: "Bear Su" +date: 2024-04-23 10:00:00 +0000 +tags: security +lang: zh_tw +--- + +我們發布了 Ruby 版本 3.0.7、3.1.5、3.2.4 和 3.3.1,對 Regex 搜尋中的任意記憶體位址讀取漏洞進行了安全性修復。 +該漏洞的 CVE 編號為 [CVE-2024-27282](https://www.cve.org/CVERecord?id=CVE-2024-27282)。 + +## 風險細節 + +在 Ruby 3.x 至 3.3.0 中發現了一個問題。 + +如果將攻擊者提供的資料給 Ruby 的 Regex 編譯器,可能會被提取出相對於文字開頭的任意堆疊中的資料,包括指標與機敏字串。 + +## 建議行動 + +我們建議升級 Ruby 至 3.3.1 或更新版本。為了確保相容於 Ruby 舊版本,您可以按照以下方式進行升級: + +* Ruby 3.0: 升級至 3.0.7 +* Ruby 3.1: 升級至 3.1.5 +* Ruby 3.2: 升級至 3.2.4 +* Ruby 3.3: 升級至 3.3.1 + +## 受影響版本 + +* Ruby 3.0.6 及更早版本 +* Ruby 3.1.4 及更早版本 +* Ruby 3.2.3 及更早版本 +* Ruby 3.3.0 + +## 致謝 + +感謝 [sp2ip](https://hackerone.com/sp2ip?type=user) 發現此問題。 + +## 歷史 + +* 最初發佈於 2024-04-23 10:00:00 (UTC) diff --git a/zh_tw/news/_posts/2024-04-23-ruby-3-0-7-released.md b/zh_tw/news/_posts/2024-04-23-ruby-3-0-7-released.md new file mode 100644 index 0000000000..c95984ca73 --- /dev/null +++ b/zh_tw/news/_posts/2024-04-23-ruby-3-0-7-released.md @@ -0,0 +1,52 @@ +--- +layout: news_post +title: "Ruby 3.0.7 發布" +author: "hsbt" +translator: "Bear Su" +date: 2024-04-23 10:00:00 +0000 +lang: zh_tw +--- + +Ruby 3.0.7 已經發布了。 + +本次發布版本包含安全性修正。 +細節請參考下列內容。 + +* [CVE-2024-27282: Regex 搜尋的任意記憶體位址讀取漏洞]({%link zh_tw/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RDoc 中 .rdoc_options 的 RCE 漏洞](https://www.ruby-lang.org/zh_tw/news/2024/03/21/rce-rdoc-cve-2024-27281/) +* [CVE-2024-27280: StringIO 中的緩衝區 overread 漏洞](https://www.ruby-lang.org/zh_tw/news/2024/03/21/buffer-overread-cve-2024-27280/) + +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_0_7)。 + +隨著這個版本的發佈,Ruby 3.0 進入了終了階段(EOL)。這意味著此為 Ruby 3.0 系列的最後版本。 +之後即使發現安全性漏洞,我們也不會發布 Ruby 3.0.8 (除非發現有嚴重的回歸問題)。 +我們建議所有 Ruby 3.0 使用者盡快遷移至 Ruby 3.3、3.2、或是 3.1。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.0.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發佈,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2024-04-23-ruby-3-1-5-released.md b/zh_tw/news/_posts/2024-04-23-ruby-3-1-5-released.md new file mode 100644 index 0000000000..5471843e9a --- /dev/null +++ b/zh_tw/news/_posts/2024-04-23-ruby-3-1-5-released.md @@ -0,0 +1,48 @@ +--- +layout: news_post +title: "Ruby 3.1.5 發布" +author: "hsbt" +translator: "Bear Su" +date: 2024-04-23 10:00:00 +0000 +lang: zh_tw +--- + +Ruby 3.1.5 已經發布了。 + +本次發布版本包含安全性修正。 +細節請參考下列內容。 + +* [CVE-2024-27282: Regex 搜尋的任意記憶體位址讀取漏洞]({%link zh_tw/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RDoc 中 .rdoc_options 的 RCE 漏洞](https://www.ruby-lang.org/zh_tw/news/2024/03/21/rce-rdoc-cve-2024-27281/) +* [CVE-2024-27280: StringIO 中的緩衝區 overread 漏洞](https://www.ruby-lang.org/zh_tw/news/2024/03/21/buffer-overread-cve-2024-27280/) + +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_1_5)。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.1.5" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發佈,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2024-04-23-ruby-3-2-4-released.md b/zh_tw/news/_posts/2024-04-23-ruby-3-2-4-released.md new file mode 100644 index 0000000000..c55e7c0866 --- /dev/null +++ b/zh_tw/news/_posts/2024-04-23-ruby-3-2-4-released.md @@ -0,0 +1,47 @@ +--- +layout: news_post +title: "Ruby 3.2.4 發布" +author: "nagachika" +translator: "Bear Su" +date: 2024-04-23 10:00:00 +0000 +lang: zh_tw +--- + +Ruby 3.2.4 已經發布了。 + +本次發布版本包含安全性修正。 +細節請參考下列內容。 + +* [CVE-2024-27282: Regex 搜尋的任意記憶體位址讀取漏洞]({%link zh_tw/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RDoc 中 .rdoc_options 的 RCE 漏洞](https://www.ruby-lang.org/zh_tw/news/2024/03/21/rce-rdoc-cve-2024-27281/) + +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_2_4)。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.2.4" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發佈,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2024-04-23-ruby-3-3-1-released.md b/zh_tw/news/_posts/2024-04-23-ruby-3-3-1-released.md new file mode 100644 index 0000000000..602a74100e --- /dev/null +++ b/zh_tw/news/_posts/2024-04-23-ruby-3-3-1-released.md @@ -0,0 +1,47 @@ +--- +layout: news_post +title: "Ruby 3.3.1 發布" +author: "naruse" +translator: "Bear Su" +date: 2024-04-23 10:00:00 +0000 +lang: zh_tw +--- + +Ruby 3.3.1 已經發布了。 + +本次發布版本包含安全性修正。 +細節請參考下列內容。 + +* [CVE-2024-27282: Regex 搜尋的任意記憶體位址讀取漏洞]({%link zh_tw/news/_posts/2024-04-23-arbitrary-memory-address-read-regexp-cve-2024-27282.md %}) +* [CVE-2024-27281: RDoc 中 .rdoc_options 的 RCE 漏洞](https://www.ruby-lang.org/zh_tw/news/2024/03/21/rce-rdoc-cve-2024-27281/) + +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_3_1)。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.3.1" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發佈,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md b/zh_tw/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md new file mode 100644 index 0000000000..18f1afaade --- /dev/null +++ b/zh_tw/news/_posts/2024-05-16-dos-rexml-cve-2024-35176.md @@ -0,0 +1,31 @@ +--- +layout: news_post +title: "CVE-2024-35176: REXML DoS 漏洞" +author: "kou" +translator: "Bear Su" +date: 2024-05-16 05:00:00 +0000 +tags: security +lang: zh_tw +--- + +在 REXML gem 發現了一個 DoS 漏洞。 +該漏洞的 CVE 編號為 [CVE-2024-35176](https://www.cve.org/CVERecord?id=CVE-2024-35176)。 +我們強烈建議您升級 REXML gem。 + +## 風險細節 + +當解析 attribute value 中包含許多 `<` 的 XML 文件時,REXML gem 可能會需要很長的處理時間。 + +請更新 REXML gem 至 3.2.7 或更新的版本。 + +## 受影響版本 + +* REXML gem 3.2.6 及更早版本 + +## 致謝 + +感謝 [mprogrammer](https://hackerone.com/mprogrammer) 發現此問題。 + +## 歷史 + +* 最初發佈於 2024-05-16 05:00:00 (UTC) diff --git a/zh_tw/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md b/zh_tw/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md new file mode 100644 index 0000000000..8d9ccb0b1f --- /dev/null +++ b/zh_tw/news/_posts/2024-05-16-ruby-3-4-0-preview1-released.md @@ -0,0 +1,126 @@ +--- +layout: news_post +title: "Ruby 3.4.0 preview1 發布" +author: "naruse" +translator: "Bear Su" +date: 2024-05-16 00:00:00 +0000 +lang: zh_tw +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-preview1" | first %} +我們很高興宣布 Ruby {{ release.version }} 發布了。 + +## 語法變更 + +* 沒有 `frozen_string_literal` 註解的檔案中的字串文字,現在行為會跟被凍結一樣。如果它們被修改則會發出棄用警告。 + 這些警告可以透過 `-W:deprecated` 或 `Warning[:deprecated] = true` 啟用。 + 若要停用此變更,您可以在執行 Ruby 時加上參數 `--disable-frozen-string-literal`。 [[Feature #20205]] + +* 新增 `it` 來引用 block 的傳入參數。 [[Feature #18980]] + +* 現在呼叫方法支援使用 Keyword splatting `nil`。 + `**nil` 的處理方式與 `**{}` 類似,不會傳遞 keywords,也不會呼叫任何轉換方法。 [[Bug #20064]] + +* Block passing 不再允許作為索引。 [[Bug #19918]] + +* 不定長度參數不再允許作為索引。 [[Bug #20218]] + +## 核心類別更新 + +注意:我們只列出特別的類別更新。 + +* Exception + + * Exception#set_backtrace 現在可接受 `Thread::Backtrace::Location` 陣列。 + `Kernel#raise`、`Thread#raise` 和 `Fiber#raise` 也接受同樣的新格式。 [[Feature #13557]] + +* Range + + * Range#size 如果 range 無法迭代的話,現在會拋出 TypeError。 [[Misc #18984]] + +## 相容性問題 + +注意:不包含功能問題的修正。 + +* 錯誤訊息與 backtrace 的顯示改變。 + * 使用單引號 (`'`) 取代反引號 (`` ` ``) 作為起始引號。 [[Feature #16495]] + * 在方法名稱前顯示類別名稱 (僅當類別有固定名稱時)。 [[Feature #19117]] + * `Kernel#caller`、`Thread::Backtrace::Location` 的方法等等,也做了對應的改變。 + + ``` + 舊: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + 新: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + + +## C API 更新 + +* `rb_newobj` 和 `rb_newobj_of` (和相對應的巨集 `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`) 已經被移除。 [[Feature #20265]] +* 移除已廢棄的函式 `rb_gc_force_recycle`。 [[Feature #18290]] + +## 實作改善 + +* `Array#each` 用 Ruby 重寫並有更好的效能 [[Feature #20182]]。 + +## Miscellaneous changes + +* 將 block 傳遞給不使用傳入 block 的方法,會在 verbose 模式 (`-w`) 下顯示警告。 + [[Feature #15554]] + +* 當重新定義一些由直譯器與 JIT 特別最佳化的核心方法,例如 `String.freeze` 和 `Integer#+`,現在會發出效能類型警告 (`-W:performance` or `Warning[:performance] = true`)。 + [[Feature #20429]] + +請參閱 GitHub 發布如 [Logger](https://github.com/ruby/logger/releases) 和變更紀錄來了解更多關於預設 gems 與 bundled gems 的資訊。 + +參見 [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +和 [commit logs](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}) +來了解更多。 + +自 Ruby 3.3.0 以來,計 [{{ release.stats.files_changed }} 檔案變更,{{ release.stats.insertions }} 行新增(+),{{ release.stats.deletions }} 行刪減(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket)。 + +## 下載 + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby 是什麼 + +Ruby 最初由 Matz(Yukihiro Matsumoto)於 1993 年開發的開源軟體。可以在許多平台上執行。使用者來自世界各地,特別活躍於網路開發領域。 + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 diff --git a/zh_tw/news/_posts/2024-05-29-ruby-3-1-6-released.md b/zh_tw/news/_posts/2024-05-29-ruby-3-1-6-released.md new file mode 100644 index 0000000000..4c39a76fb4 --- /dev/null +++ b/zh_tw/news/_posts/2024-05-29-ruby-3-1-6-released.md @@ -0,0 +1,50 @@ +--- +layout: news_post +title: "Ruby 3.1.6 發布" +author: "hsbt" +translator: "Bear Su" +date: 2024-05-29 9:00:00 +0000 +lang: zh_tw +--- + +Ruby 3.1.6 已經發布了。 + +Ruby 3.1 已經進入安全性維護週期,在此週期通常我們只會修復安全性問題。但在發布 Ruby 3.1.5 後我們發現有一些建置失敗的問題。 +所以我們決定發布 Ruby 3.1.6 來修復這些問題。 + +細節請參考下列內容。 + +* [Bug #20151: Can't build Ruby 3.1 on FreeBSD 14.0](https://bugs.ruby-lang.org/issues/20151) +* [Bug #20451: Bad Ruby 3.1.5 backport causes fiddle to fail to build](https://bugs.ruby-lang.org/issues/20451) +* [Bug #20431: Ruby 3.3.0 build fail with make: *** \[io_buffer.o\] Error 1](https://bugs.ruby-lang.org/issues/20431) + +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_1_6)。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.1.6" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發佈,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2024-05-30-datadog-oss-program.md b/zh_tw/news/_posts/2024-05-30-datadog-oss-program.md new file mode 100644 index 0000000000..57624957e6 --- /dev/null +++ b/zh_tw/news/_posts/2024-05-30-datadog-oss-program.md @@ -0,0 +1,28 @@ +--- +layout: news_post +title: "Datadog 為 ruby-lang.org 提供開源社群支援" +author: "hsbt" +translator: "Bear Su" +date: 2024-05-30 00:00:00 +0000 +lang: zh_tw +--- + +我們很高興宣佈 Ruby 官方網站 ruby-lang.org 透過 [Datadog 開源社群支援](https://opensource.datadoghq.com/projects/oss-program/) 建立了 Datadog 監控。 + +這使得我們能夠為 Ruby 使用者有效地即時監控網站的效能與可用性。使用 Datadog 的主要好處包含如下: + +## CDN 可見性 + +透過 Fastly 提供的 cache.ruby-lang.org 是 Ruby 生態系最重要的基礎建設。Datadog 可以監控 Content Delivery Network (CDN) 效能。追蹤快取覆蓋率、錯誤率,以增強使用者體驗。 + +## 統一資料視覺化 + +我們為 ruby-lang.org 建立了多種網路服務。Datadog 可以在相同的儀表板中視覺化日誌分析資料、監控指標和 application performance monitoring (APM) 資料。 + +## JIT Trace 可見性 + +借助 Datadog 的 tracing 功能,我們可以抓取請求執行過程中經過網頁伺服器與資料庫的 trace 資料。這有助於識別效能瓶頸和有問題的請求。 + +我們為主要監控指標發布了[公開儀表板](https://p.ap1.datadoghq.com/sb/1271b83e-af90-11ee-9072-da7ad0900009-01633a8fa8c0b0c0051f1889afdf55dc)。我們將會持續更新儀表板以改善監控,特別是 YJIT 效能。 + +我們希望採用 Datadog 將有助於提高 Ruby 社群的網站效能。請繼續使用 ruby​​-lang.org 並享受增強的用戶體驗。 diff --git a/zh_tw/news/_posts/2024-05-30-ruby-3-3-2-released.md b/zh_tw/news/_posts/2024-05-30-ruby-3-3-2-released.md new file mode 100644 index 0000000000..b461e283e0 --- /dev/null +++ b/zh_tw/news/_posts/2024-05-30-ruby-3-3-2-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 3.3.2 發布" +author: "k0kubun" +translator: "Bear Su" +date: 2024-05-30 03:50:00 +0000 +lang: zh_tw +--- + +Ruby 3.3.2 已經發布了。 + +本次發布版本包含許多問題修正。 +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_3_2)。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.3.2" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發佈,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2024-06-12-ruby-3-3-3-released.md b/zh_tw/news/_posts/2024-06-12-ruby-3-3-3-released.md new file mode 100644 index 0000000000..77918ba8ee --- /dev/null +++ b/zh_tw/news/_posts/2024-06-12-ruby-3-3-3-released.md @@ -0,0 +1,52 @@ +--- +layout: news_post +title: "Ruby 3.3.3 發布" +author: "k0kubun" +translator: "Bear Su" +date: 2024-06-12 00:30:00 +0000 +lang: zh_tw +--- + +Ruby 3.3.3 已經發布了。 + +本次發布版本包含: + +* RubyGems 3.5.11 +* Bundler 2.5.11 +* REXML 3.2.8 +* strscan 3.0.9 +* `--dump=prism_parsetree` 已被 `--parser=prism --dump=parsetree` 取代 +* 不合法的 encoding symbols 會拋出 `SyntaxError` 而不是 `EncodingError` +* 修復 Ripper parsing 的 Memory leak +* 修復 YJIT, `**{}`、`Ripper.tokenize`、`RubyVM::InstructionSequence#to_binary`、`--with-gmp`、和一些建置環境中的錯誤 + +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_3_3)。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.3.3" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發佈,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2024-07-09-ruby-3-3-4-released.md b/zh_tw/news/_posts/2024-07-09-ruby-3-3-4-released.md new file mode 100644 index 0000000000..d5e272549e --- /dev/null +++ b/zh_tw/news/_posts/2024-07-09-ruby-3-3-4-released.md @@ -0,0 +1,55 @@ +--- +layout: news_post +title: "Ruby 3.3.4 發布" +author: "k0kubun" +translator: "Bear Su" +date: 2024-07-09 00:30:00 +0000 +lang: zh_tw +--- + +Ruby 3.3.4 已經發布了。 + +本次發佈版本修復在 Ruby 3.3.3 一些 bundled gems 的 gemspec 缺少依賴套件:`net-pop`、`net-ftp`、`net-imap`、和 `prime` [[Bug #20581]](https://bugs.ruby-lang.org/issues/20581)。 + +此修復允許 Bundler 在 Heroku 等平台上成功安裝這些 gems。 +如果您的 `bundle install` 現在運作正常,則可能不會遇到這個問題。 + +其他變更主要是修復小型錯誤。 +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_3_4)。 + +## 發布時程 + +在未來,我們打算在「.1」版本發布後每 2 個月發布一次最新的穩定 Ruby 版本(目前為 Ruby 3.3)。 +對於 Ruby 3.3,3.3.5 預計於 9 月 3 日發布,3.3.6 於 11 月 5 日發布,3.3.7 於 1 月 7 日發布。 + +如果有任何變更影響到相當多的人,例如本次發布版本提到的在 Heroku 上使用 Ruby 3.3.3 的使用者。 +我們可能會比預期更早發佈新版本。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.3.4" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發布,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md b/zh_tw/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md new file mode 100644 index 0000000000..2fbb84fe4d --- /dev/null +++ b/zh_tw/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md @@ -0,0 +1,31 @@ +--- +layout: news_post +title: "CVE-2024-39908: REXML DoS 漏洞" +author: "watson1978" +translator: "Bear Su" +date: 2024-07-16 03:00:00 +0000 +tags: security +lang: zh_tw +--- + +在 REXML gem 發現了一個 DoS 漏洞。 +該漏洞的 CVE 編號為 [CVE-2024-39908](https://www.cve.org/CVERecord?id=CVE-2024-39908)。 +我們強烈建議您升級 REXML gem。 + +## 風險細節 + +當解析包含許多特定字元如 `<`、`0` 和 `%>` 的 XML 文件時,REXML gem 可能會需要很長的處理時間。 + +請更新 REXML gem 至 3.3.2 或更新的版本。 + +## 受影響版本 + +* REXML gem 3.3.1 及更早版本 + +## 致謝 + +感謝 [mprogrammer](https://hackerone.com/mprogrammer) 發現此問題。 + +## 歷史 + +* 最初發布於 2024-07-16 03:00:00 (UTC) diff --git a/zh_tw/news/_posts/2024-07-26-ruby-3-2-5-released.md b/zh_tw/news/_posts/2024-07-26-ruby-3-2-5-released.md new file mode 100644 index 0000000000..60f730b4b2 --- /dev/null +++ b/zh_tw/news/_posts/2024-07-26-ruby-3-2-5-released.md @@ -0,0 +1,45 @@ +--- +layout: news_post +title: "Ruby 3.2.5 發布" +author: "nagachika" +translator: "Bear Su" +date: 2024-07-26 10:00:00 +0000 +lang: zh_tw +--- + +Ruby 3.2.5 已經發布了。 + +本次發布版本包含許多問題修正。 +我們也更新了 bundled gem `rexml` 的版本以包含下列安全性修正: +[CVE-2024-39908 : DoS in REXML]({%link zh_tw/news/_posts/2024-07-16-dos-rexml-cve-2024-39908.md %}). + +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_2_5)。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.2.5" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發布,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md b/zh_tw/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md new file mode 100644 index 0000000000..5812649f1d --- /dev/null +++ b/zh_tw/news/_posts/2024-08-01-dos-rexml-cve-2024-41123.md @@ -0,0 +1,31 @@ +--- +layout: news_post +title: "CVE-2024-41123: REXML DoS 漏洞" +author: "kou" +translator: "Bear Su" +date: 2024-08-01 03:00:00 +0000 +tags: security +lang: zh_tw +--- + +在 REXML gem 發現了一些 DoS 漏洞。 +該漏洞的 CVE 編號為 [CVE-2024-41123](https://www.cve.org/CVERecord?id=CVE-2024-41123)。 +我們強烈建議您升級 REXML gem。 + +## 風險細節 + +當解析包含許多特定字元如空白字元、`>]`、和 `]>` 的 XML 文件時,REXML gem 可能會需要很長的處理時間。 + +請更新 REXML gem 至 3.3.3 或更新的版本。 + +## 受影響版本 + +* REXML gem 3.3.2 及更早版本 + +## 致謝 + +感謝 [mprogrammer](https://hackerone.com/mprogrammer) 和 [scyoon](https://hackerone.com/scyoon) 發現這些問題。 + +## 歷史 + +* 最初發布於 2024-08-01 03:00:00 (UTC) diff --git a/zh_tw/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md b/zh_tw/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md new file mode 100644 index 0000000000..d95af5701c --- /dev/null +++ b/zh_tw/news/_posts/2024-08-01-dos-rexml-cve-2024-41946.md @@ -0,0 +1,31 @@ +--- +layout: news_post +title: "CVE-2024-41946: REXML DoS 漏洞" +author: "kou" +translator: "Bear Su" +date: 2024-08-01 03:00:00 +0000 +tags: security +lang: zh_tw +--- + +在 REXML gem 發現了一個 DoS 漏洞。 +該漏洞的 CVE 編號為 [CVE-2024-41946](https://www.cve.org/CVERecord?id=CVE-2024-41946)。 +我們強烈建議您升級 REXML gem。 + +## 風險細節 + +當使用 SAX2 或是 pull parser API 解析包含許多 entity expansion 的 XML 時,REXML gem 可能會需要很長的處理時間。 + +請更新 REXML gem 至 3.3.3 或更新的版本。 + +## 受影響版本 + +* REXML gem 3.3.2 及更早版本 + +## 致謝 + +感謝 [NAITOH Jun](https://github.com/naitoh) 發現並修復此問題。 + +## 歷史 + +* 最初發布於 2024-08-01 03:00:00 (UTC) diff --git a/zh_tw/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md b/zh_tw/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md new file mode 100644 index 0000000000..ba8679272b --- /dev/null +++ b/zh_tw/news/_posts/2024-08-22-dos-rexml-cve-2024-43398.md @@ -0,0 +1,33 @@ +--- +layout: news_post +title: "CVE-2024-43398: REXML DoS 漏洞" +author: "kou" +translator: "Bear Su" +date: 2024-08-22 03:00:00 +0000 +tags: security +lang: zh_tw +--- + +在 REXML gem 發現了一個 DoS 漏洞。 +該漏洞的 CVE 編號為 [CVE-2024-43398](https://www.cve.org/CVERecord?id=CVE-2024-43398)。 +我們強烈建議您升級 REXML gem。 + +## 風險細節 + +當解析的 XML 擁有許多深層級的元素,並且這些元素有相同的名稱屬性時,REXML gem 可能會需要很長的處理時間。 + +此風險只有影響到 Tree 解析 API。如果您正在使用 `REXML::Document.new` 解析 XML,您可能會受到影響。 + +請更新 REXML gem 至 3.3.6 或更新的版本。 + +## 受影響版本 + +* REXML gem 3.3.5 及更早版本 + +## 致謝 + +感謝 [l33thaxor](https://hackerone.com/l33thaxor) 發現此問題。 + +## 歷史 + +* 最初發布於 2024-08-22 03:00:00 (UTC) diff --git a/zh_tw/news/_posts/2024-09-03-3-3-5-released.md b/zh_tw/news/_posts/2024-09-03-3-3-5-released.md new file mode 100644 index 0000000000..a10fbc3aa2 --- /dev/null +++ b/zh_tw/news/_posts/2024-09-03-3-3-5-released.md @@ -0,0 +1,49 @@ +--- +layout: news_post +title: "Ruby 3.3.5 發布" +author: k0kubun +translator: "Bear Su" +date: 2024-09-03 06:40:00 +0000 +lang: zh_tw +--- + +Ruby 3.3.5 已經發布了。 + +這是包括修復小型錯誤的例行更新。 +我們建議您儘早升級您的 Ruby 版本。 +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_3_5)。 + +## 發布時程 + +如同之前[公布](https://www.ruby-lang.org/zh_tw/news/2024/07/09/ruby-3-3-4-released/),我們打算在「.1」版本發布後每 2 個月發布一次最新的穩定 Ruby 版本(目前為 Ruby 3.3)。 + +我們預計 Ruby 3.3.6 於 11 月 5 日發布,Ruby 3.3.7 於 1 月 7 日發布。如果有任何變更影響到相當多的人,我們可能會比預期更早發佈新版本。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.3.5" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發布,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md b/zh_tw/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md new file mode 100644 index 0000000000..92ef60440c --- /dev/null +++ b/zh_tw/news/_posts/2024-10-07-ruby-3-4-0-preview2-released.md @@ -0,0 +1,136 @@ +--- +layout: news_post +title: "Ruby 3.4.0 preview2 發布" +author: "naruse" +translator: "Bear Su" +date: 2024-10-07 00:00:00 +0000 +lang: zh_tw +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-preview2" | first %} +我們很高興宣布 Ruby {{ release.version }} 發布了。 + +## Prism + +預設的解析器從 parse.y 切換為 Prism。 [[Feature #20564]] + +## 語法變更 + +* 沒有 `frozen_string_literal` 註解的檔案中的字串文字,現在行為會跟被凍結一樣。如果它們被修改則會發出棄用警告。 + 這些警告可以透過 `-W:deprecated` 或 `Warning[:deprecated] = true` 啟用。 + 若要停用此變更,您可以在執行 Ruby 時加上參數 `--disable-frozen-string-literal`。 [[Feature #20205]] + +* 新增 `it` 來引用 block 的傳入參數。 [[Feature #18980]] + +* 現在呼叫方法支援使用 Keyword splatting `nil`。 + `**nil` 的處理方式與 `**{}` 類似,不會傳遞 keywords,也不會呼叫任何轉換方法。 [[Bug #20064]] + +* Block passing 不再允許作為索引。 [[Bug #19918]] + +* 不定長度參數不再允許作為索引。 [[Bug #20218]] + +## 核心類別更新 + +注意:我們只列出特別的類別更新。 + +* Exception + + * Exception#set_backtrace 現在可接受 `Thread::Backtrace::Location` 陣列。 + `Kernel#raise`、`Thread#raise` 和 `Fiber#raise` 也接受同樣的新格式。 [[Feature #13557]] + +* Range + + * Range#size 如果 range 無法迭代的話,現在會拋出 TypeError。 [[Misc #18984]] + +## 相容性問題 + +注意:不包含功能問題的修正。 + +* 錯誤訊息與 backtrace 的顯示改變。 + * 使用單引號 (`'`) 取代反引號 (`` ` ``) 作為起始引號。 [[Feature #16495]] + * 在方法名稱前顯示類別名稱 (僅當類別有固定名稱時)。 [[Feature #19117]] + * `Kernel#caller`、`Thread::Backtrace::Location` 的方法等等,也做了對應的改變。 + + ``` + 舊: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + 新: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +* `Hash#inspect` 渲染變更。 [[Bug #20433]] + * Symbol keys 會使用現代 symbol key 語法顯示: `"{user: 1}"` + * 其他 keys 現在會在 `=>` 前後加上空白: `'{"user" => 1}'`,在之前不會添加: `'{"user"=>1}'` + +## C API 更新 + +* `rb_newobj` 和 `rb_newobj_of` (和相對應的巨集 `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`) 已經被移除。 [[Feature #20265]] +* 移除已廢棄的函式 `rb_gc_force_recycle`。 [[Feature #18290]] + +## 實作改善 + +* `Array#each` 用 Ruby 重寫並有更好的效能 [[Feature #20182]]。 + +## 其他變更 + +* 將 block 傳遞給不使用傳入 block 的方法,會在 verbose 模式 (`-w`) 下顯示警告。 + [[Feature #15554]] + +* 當重新定義一些由直譯器與 JIT 特別最佳化的核心方法,例如 `String.freeze` 和 `Integer#+`,現在會發出效能類型警告 (`-W:performance` or `Warning[:performance] = true`)。 + [[Feature #20429]] + +請參閱 GitHub 發布如 [Logger](https://github.com/ruby/logger/releases) 和變更紀錄來了解更多關於預設 gems 與 bundled gems 的資訊。 + +參見 [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +和 [commit logs](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}) +來了解更多。 + +自 Ruby 3.3.0 以來,計 [{{ release.stats.files_changed }} 檔案變更,{{ release.stats.insertions }} 行新增(+),{{ release.stats.deletions }} 行刪減(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket)。 + + +## 下載 + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby 是什麼 + +Ruby 最初由 Matz(Yukihiro Matsumoto)於 1993 年開發的開源軟體。可以在許多平台上執行。使用者來自世界各地,特別活躍於網路開發領域。 + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Bug #20433]: https://bugs.ruby-lang.org/issues/20433 diff --git a/zh_tw/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md b/zh_tw/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md new file mode 100644 index 0000000000..847aad7890 --- /dev/null +++ b/zh_tw/news/_posts/2024-10-28-redos-rexml-cve-2024-49761.md @@ -0,0 +1,34 @@ +--- +layout: news_post +title: "CVE-2024-49761: REXML ReDoS 漏洞" +author: "kou" +translator: "Bear Su" +date: 2024-10-28 03:00:00 +0000 +tags: security +lang: zh_tw +--- + +在 REXML gem 發現了一個 ReDoS 漏洞。 +該漏洞的 CVE 編號為 [CVE-2024-43398](https://www.cve.org/CVERecord?id=CVE-2024-43398)。 +我們強烈建議您升級 REXML gem。 + +該漏洞不會在 Ruby 3.2 或之後發生。Ruby 3.1 是唯一受到影響的版本。 +注意 Ruby 3.1 將會在 2025-03 結束生命週期。 + +## 風險細節 + +當解析的 XML 裡十六進位數字字元參考 (`&#x...;`) 中的 `&#` 和 `x...;` 之間有許多數字。 + +請更新 REXML gem 至 3.3.9 或更新的版本。 + +## 受影響版本 + +* REXML gem 3.3.8 或 Ruby 3.1 較早的版本或更早的版本。 + +## 致謝 + +感謝 [manun](https://hackerone.com/manun) 發現此問題。 + +## 歷史 + +* 最初發布於 2024-10-28 03:00:00 (UTC) diff --git a/zh_tw/news/_posts/2024-10-30-ruby-3-2-6-released.md b/zh_tw/news/_posts/2024-10-30-ruby-3-2-6-released.md new file mode 100644 index 0000000000..5131652d3b --- /dev/null +++ b/zh_tw/news/_posts/2024-10-30-ruby-3-2-6-released.md @@ -0,0 +1,41 @@ +--- +layout: news_post +title: "Ruby 3.2.6 發布" +author: nagachika +translator: "Bear Su" +date: 2024-10-30 10:00:00 +0000 +lang: zh_tw +--- + +Ruby 3.2.6 已經發布了。 + +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_2_6)。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.2.6" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發布,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2024-11-05-ruby-3-3-6-released.md b/zh_tw/news/_posts/2024-11-05-ruby-3-3-6-released.md new file mode 100644 index 0000000000..b200155d0f --- /dev/null +++ b/zh_tw/news/_posts/2024-11-05-ruby-3-3-6-released.md @@ -0,0 +1,49 @@ +--- +layout: news_post +title: "Ruby 3.3.6 發布" +author: k0kubun +translator: "Bear Su" +date: 2024-11-05 04:25:00 +0000 +lang: zh_tw +--- + +Ruby 3.3.6 已經發布了。 + +這是包括修復小型錯誤的例行更新。 +此版本也停止有關缺少預設 gem 依賴項目的警告,這些 gems 將在 Ruby 3.5 成為 bundled gems。 +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_3_6)。 + +## 發布時程 + +如同之前[公布](https://www.ruby-lang.org/zh_tw/news/2024/07/09/ruby-3-3-4-released/),我們打算在「.1」版本發布後每 2 個月發布一次最新的穩定 Ruby 版本(目前為 Ruby 3.3)。 + +我們預計 Ruby 3.3.7 於 1 月 7 日發布。如果有任何變更影響到相當多的人,我們可能會比預期更早發佈新版本。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.3.6" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發布,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md b/zh_tw/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md new file mode 100644 index 0000000000..17583feb5a --- /dev/null +++ b/zh_tw/news/_posts/2024-12-12-ruby-3-4-0-rc1-released.md @@ -0,0 +1,176 @@ +--- +layout: news_post +title: "Ruby 3.4.0 rc1 發布" +author: "naruse" +translator: "Bear Su" +date: 2024-12-12 00:00:00 +0000 +lang: zh_tw +--- + +{% assign release = site.data.releases | where: "version", "3.4.0-rc1" | first %} +我們很高興宣布 Ruby {{ release.version }} 發佈了。 + +## Prism + +預設的解析器從 parse.y 切換為 Prism。 [[Feature #20564]] + +## 模組化垃圾收集器 + +* 模組化垃圾收集器功能可以動態載入替代垃圾收集器實作。 + 要啟用該功能,在建置 Ruby 時設定 `--with-modular-gc`。 + 垃圾收集器函式庫可以在運行環境使用環境變數 `RUBY_GC_LIBRARY` 載入。 + [[Feature #20351]] + +* Ruby 內建的垃圾收集器已經切分成不同的檔案 `gc/default/default.c`,並使用在 `gc/gc_impl.h` 定義的 API 與 Ruby 互動。 + 內建的垃圾收集器現在也可以用 `make modular-gc MODULAR_GC=default` 建置為函式庫,並使用環境變數 `RUBY_GC_LIBRARY=default` 啟用。[[Feature #20470]] + +* 基於 [MMTk](https://www.mmtk.io/) 提供了一個實驗性的垃圾收集器函式庫。 + 該垃圾收集器函式庫可以使用 `make modular-gc MODULAR_GC=mmtk` 建置,並使用環境變數 `RUBY_GC_LIBRARY=mmtk` 啟用。 + 建置主機上需要有 Rust 工具鏈。[[Feature #20860]] + +## 語法變更 + +* 沒有 `frozen_string_literal` 註解的檔案中的字串文字,現在行為會跟被凍結一樣。如果它們被修改則會發出棄用警告。 + 這些警告可以透過 `-W:deprecated` 或 `Warning[:deprecated] = true` 啟用。 + 若要停用此變更,您可以在執行 Ruby 時加上參數 `--disable-frozen-string-literal`。 [[Feature #20205]] + +* 新增 `it` 來引用 block 的傳入參數。 [[Feature #18980]] + +* 現在呼叫方法支援使用 Keyword splatting `nil`。 + `**nil` 的處理方式與 `**{}` 類似,不會傳遞 keywords,也不會呼叫任何轉換方法。 [[Bug #20064]] + +* Block passing 不再允許作為索引。 [[Bug #19918]] + +* 不定長度參數不再允許作為索引。 [[Bug #20218]] + +## YJIT + +TL;DR: +* 在 x86-64 與 arn64 平台上的大多數基準測試都有更好的效能 +* 減少編輯後設資料的的記憶體用量 +* 修復多個錯誤。YJIT 現在更加勇健且有更好的測試。 + +新功能: +* 透過 `--yjit-mem-size` 指令選項新增統一記憶體限制 (預設 128MiB),該功能追蹤總 YJIT 記憶體用量,而且比舊的 `--yjit-exec-mem-size` 更為直觀 +* 現在總是可以透過 `RubyVM::YJIT.runtime_stats` 取得更多統計數據 +* 透過 `--yjit-log` 加入編譯紀錄來追蹤哪些被編譯 + * 可以在運行環境透過 `RubyVM::YJIT.log` 取得紀錄結尾 +* 在 multi-ractor 模式中支援分享常數 +* 現在可以使用 `--yjit-trace-exits=COUNTER` 來追蹤已計數的 exits + +新的改善: +* 透過壓縮上下文來減少儲存 YJIT 後設資料所需的記憶體空間 +* 改善後的分配器能為本地變數分配暫存器 +* 當啟用 YJIT 時,使用更多用 Ruby 邊寫的核心程式: + * 使用 Ruby 改寫`Array#each`、`Array#select`、`Array#map` 提高效能 [[Feature #20182]]. +* 能夠內聯小型/簡單的方法,例如: + * 空方法 + * 回傳常數的方法 + * 回傳 `self` 的方法 + * 直接回傳參數的方法 +* 適用於更多執行環境方法的程式碼產生器 +* 改善 `String#getbyte`、`String#setbyte` 和其他字串方法 +* 改善位元計算來加速低階位元/位元組操作 +* 各種其他的增量改善 + +## 核心類別更新 + +注意:我們只列出特別的類別更新。 + +* Exception + + * `Exception#set_backtrace` 現在可接受 `Thread::Backtrace::Location` 陣列。 + `Kernel#raise`、`Thread#raise` 和 `Fiber#raise` 也接受同樣的新格式。 [[Feature #13557]] + +* Range + + * `Range#size` 如果 range 無法迭代的話,現在會拋出 `TypeError`。 [[Misc #18984]] + + + +## 相容性問題 + +注意:不包含功能問題的修正。 + +* 錯誤訊息與 backtrace 的顯示改變。 + * 使用單引號 (`'`) 取代反引號 (`` ` ``) 作為起始引號。 [[Feature #16495]] + * 在方法名稱前顯示類別名稱 (僅當類別有固定名稱時)。 [[Feature #19117]] + * `Kernel#caller`、`Thread::Backtrace::Location` 的方法等等,也做了對應的改變。 + + ``` + 舊: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + 新: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +## 更新的 C API + +* `rb_newobj` 和 `rb_newobj_of` (和相對應的巨集 `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`) 已經被移除。 [[Feature #20265]] +* 移除已廢棄的函式 `rb_gc_force_recycle`。 [[Feature #18290]] + +## 其他變更 + +* 將 block 傳遞給不使用傳入 block 的方法,會在 verbose 模式 (`-w`) 下顯示警告。 + [[Feature #15554]] + +* 當重新定義一些由直譯器與 JIT 特別最佳化的核心方法,例如 `String.freeze` 和 `Integer#+`,現在會發出效能類型警告 (`-W:performance` or `Warning[:performance] = true`)。 + [[Feature #20429]] + +請參閱 GitHub 發布如 [Logger](https://github.com/ruby/logger/releases) 和變更紀錄來了解更多關於預設 gems 與 bundled gems 的資訊。 + +參見 [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +和 [commit logs](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}) +來了解更多。 + +自 Ruby 3.3.0 以來,計 [{{ release.stats.files_changed }} 檔案變更,{{ release.stats.insertions }} 行新增(+),{{ release.stats.deletions }} 行刪減(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket)。 + + +## 下載 + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby 是什麼 + +Ruby 最初由 Matz(Yukihiro Matsumoto)於 1993 年開發的開源軟體。可以在許多平台上執行。使用者來自世界各地,特別活躍於網路開發領域。 + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20351]: https://bugs.ruby-lang.org/issues/20351 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20470]: https://bugs.ruby-lang.org/issues/20470 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Feature #20860]: https://bugs.ruby-lang.org/issues/20860 diff --git a/zh_tw/news/_posts/2024-12-25-ruby-3-4-0-released.md b/zh_tw/news/_posts/2024-12-25-ruby-3-4-0-released.md new file mode 100644 index 0000000000..cc3d72b5e5 --- /dev/null +++ b/zh_tw/news/_posts/2024-12-25-ruby-3-4-0-released.md @@ -0,0 +1,323 @@ +--- +layout: news_post +title: "Ruby 3.4.0 發布" +author: "naruse" +translator: "Bear Su" +date: 2024-12-25 00:00:00 +0000 +lang: zh_tw +--- + +{% assign release = site.data.releases | where: "version", "3.4.0" | first %} +我們很高興宣布 Ruby {{ release.version }} 發佈了。 Ruby 3.4 加入了 `it` 區塊參數參考變數, +將 Prism 作為預設的解析器,為 socket 函式庫加入 Happy Eyeballs Version 2 支援,改進 YJIT,加入 Modular GC,與其他更多。 + +## 導入 `it` + +加入 `it` 參考沒有變數名稱的區塊參數。 [[Feature #18980]] + +```ruby +ary = ["foo", "bar", "baz"] + +p ary.map { it.upcase } #=> ["FOO", "BAR", "BAZ"] +``` + +`it` 行為與 `_1` 類似。當意圖在區塊中只想使用 `_1` 時,其他編號的參數例如 `_2` 也可能會出現,這會對讀者造成額外的認知負擔。因此 `it` 被導入作為一個方便的別名。在使用 `it` 能表示自身的簡單情境下使用 `it`,例如在單行區塊中。 + +## Prism 先在是預設解析器 + +預設的解析器從 parse.y 切換為 Prism。 [[Feature #20564]] + +這是一項內部改進,使用者應該看不到什麼變化。如果您發現任何相容性問題,請向我們回報。 + +若要使用傳統的解析器,請使用指令列參數 `--parser=parse.y`。 + +## socket 函式庫新功能 Happy Eyeballs Version 2 (RFC 8305) + +socket 函式庫引入新功能[Happy Eyeballs 版本2 (RFC 8305)](https://datatracker.ietf.org/doc/html/rfc8305),這是在許多程式語言廣泛採用實現更好連接的最新標準化版本,在 `TCPSocket.new`(`TCPSocket.open`)和 `Socket.tcp`。 +這項改進使 Ruby 能夠提供高效、可靠的網路連接,適應現代網路環境。 + +在 Ruby 3.3 之前,這些方法會連續執行名稱解析和連接。透過該演算法,它們現在的運作方式如下: + +1. 同時執行 IPv6 和 IPv4 名稱解析 +2. 嘗試連接已解析的 IP 位址,優先考慮 IPv6,並以 250 毫秒間隔錯開平行連線嘗試。 +3. 回傳第一個成功的連接,同時取消任何其他連接 + +這樣可確保即使特定協定或 IP 位址發生延遲或不可用,也能將連線延遲降至最低。 + +此功能預設為啟用,因此無需額外設定即可使用。若要全域停用此功能,請設定環境變數 `RUBY_TCP_NO_FAST_FALLBACK=1` 或呼叫 `Socket.tcp_fast_fallback=false`。或者,若要針對單一方法停用此功能,請使用關鍵字引數 `fast_fallback: false`。 + +## YJIT + +### TL;DR + +* 在 x86-64 與 arn64 平台上的大多數基準測試都有更好的效能 +* 減少編輯後設資料的的記憶體用量 +* 修復多個錯誤。YJIT 現在更加勇健且有更好的測試。 + +### 新功能 + +* 指令列選項 + * 透過 `--yjit-mem-size` 指令選項新增統一記憶體限制 (預設 128MiB),該功能追蹤總 YJIT 記憶體用量,而且比舊的 `--yjit-exec-mem-size` 更為直觀 + * 透過 `--yjit-log` 加入編譯紀錄來追蹤哪些被編譯 +* Ruby API + * 可以在運行環境透過 `RubyVM::YJIT.log` 取得紀錄結尾 +* YJIT stats + * 現在總是可以透過 `RubyVM::YJIT.runtime_stats` 取得更多統計數據: + invalidation、inlining、和 metadata encoding。 + +### 新的改善 + +* 透過壓縮上下文來減少儲存 YJIT 後設資料所需的記憶體空間 +* 改善後的分配器能為本地變數分配暫存器 +* 當啟用 YJIT 時,使用更多用 Ruby 邊寫的核心程式: + * 使用 Ruby 改寫`Array#each`、`Array#select`、`Array#map` 提高效能 [[Feature #20182]]. +* 能夠內聯小型/簡單的方法,例如: + * 空方法 + * 回傳常數的方法 + * 回傳 `self` 的方法 + * 直接回傳參數的方法 +* 適用於更多執行環境方法的程式碼產生器 +* 改善 `String#getbyte`、`String#setbyte` 和其他字串方法 +* 改善位元計算來加速低階位元/位元組操作 +* 各種其他的增量改善 + +## 模組化垃圾收集器 + +* 模組化垃圾收集器功能可以動態載入替代垃圾收集器實作。 + 要啟用該功能,在建置 Ruby 時設定 `--with-modular-gc`。 + 垃圾收集器函式庫可以在運行環境使用環境變數 `RUBY_GC_LIBRARY` 載入。 + [[Feature #20351]] + +* Ruby 內建的垃圾收集器已經切分成不同的檔案 `gc/default/default.c`,並使用在 `gc/gc_impl.h` 定義的 API 與 Ruby 互動。 + 內建的垃圾收集器現在也可以用 `make modular-gc MODULAR_GC=default` 建置為函式庫,並使用環境變數 `RUBY_GC_LIBRARY=default` 啟用。[[Feature #20470]] + +* 基於 [MMTk](https://www.mmtk.io/) 提供了一個實驗性的垃圾收集器函式庫。 + 該垃圾收集器函式庫可以使用 `make modular-gc MODULAR_GC=mmtk` 建置,並使用環境變數 `RUBY_GC_LIBRARY=mmtk` 啟用。 + 建置主機上需要有 Rust 工具鏈。[[Feature #20860]] + +## 語法變更 + +* 沒有 `frozen_string_literal` 註解的檔案中的字串文字,現在行為會跟被凍結一樣。如果它們被修改則會發出棄用警告。 + 這些警告可以透過 `-W:deprecated` 或 `Warning[:deprecated] = true` 啟用。 + 若要停用此變更,您可以在執行 Ruby 時加上參數 `--disable-frozen-string-literal`。 [[Feature #20205]] + +* 現在呼叫方法支援使用 Keyword splatting `nil`。 + `**nil` 的處理方式與 `**{}` 類似,不會傳遞 keywords,也不會呼叫任何轉換方法。 [[Bug #20064]] + +* Block passing 不再允許作為索引。 [[Bug #19918]] + +* 不定長度參數不再允許作為索引。 [[Bug #20218]] + +* 頂級名稱 `::Ruby` 現在被保留,且會在 `Warning[:deprecated]` 時警告。 [[Feature #20884]] + +## 核心類別更新 + +注意:我們只列出特別的類別更新。 + +* Exception + + * `Exception#set_backtrace` 現在可接受 `Thread::Backtrace::Location` 陣列。 + `Kernel#raise`、`Thread#raise` 和 `Fiber#raise` 也接受同樣的新格式。 [[Feature #13557]] + +* GC + + * 加入 `GC.config` 允許在垃圾收集器中指定設定變數。[[Feature #20443]] + + * 引入 GC 設定參數 `rgengc_allow_full_mark`。當 `false` GC 只會標記年輕的物件。預設為 `true`。[[Feature #20443]] + +* Ractor + + * 在 Ractor 中允許使用 `require`。該 requiring 程序會在主要 Ractor 執行。 + 加入 `Ractor._require(feature)` 在主要 Ractor 執行 requiring 程序。[[Feature #20627]] + + * 加入 `Ractor.main?`。 [[Feature #20627]] + + * 加入 `Ractor.[]` 和 `Ractor.[]=` 存取目前 Ractor 的 ractor local storage。[[Feature #20715]] + + * 加入 `Ractor.store_if_absent(key){ init }` 在執行緒安全下初始化 ractor 本地變數。[[Feature #20875]] + +* Range + + * `Range#size` 如果 range 無法迭代的話,現在會拋出 `TypeError`。 [[Misc #18984]] + + +## 標準函式庫更新 + +注意:我們只列出特別的標準函式庫更新。 + +* RubyGems + * gem push 新增 `--attestation` 選項。它允許將簽章儲存到 [sigstore.dev] + +* Bundler + * 新增 `lockfile_checksums` 設定,可以在新的 lockfiles 包含 checksums。 + * bundle lock 新增 `--add-checksums` 選項將 checksums 加入到現有的 lockfile + +* JSON + + * `JSON.parse` 比 json-2.7.x 相比效能提升約 1.5 倍。 + +* Tempfile + + * Tempfile.create 實作了關鍵字參數 `anonymous: true`。 + `Tempfile.create(anonymous: true)` 會立即刪除該建立的暫存檔案。 + 因此應用程式不需要自行刪除該檔案。 + [[Feature #20497]] + +* win32/sspi.rb + + * 這個函式庫已從 Ruby 儲存庫分離至 [ruby/net-http-sspi]。 + [[Feature #20775]] + +## 相容性問題 + +注意:不包含功能問題的修正。 + +* 錯誤訊息與 backtrace 的顯示改變。 + * 使用單引號 (`'`) 取代反引號 (`` ` ``) 作為起始引號。 [[Feature #16495]] + * 在方法名稱前顯示類別名稱 (僅當類別有固定名稱時)。 [[Feature #19117]] + * `Kernel#caller`、`Thread::Backtrace::Location` 的方法等等,也做了對應的改變。 + + ``` + 舊: + test.rb:1:in `foo': undefined method `time' for an instance of Integer + from test.rb:2:in `
' + + 新: + test.rb:1:in 'Object#foo': undefined method 'time' for an instance of Integer + from test.rb:2:in '
' + ``` + +* Hash#inspect 渲染變更。 [[Bug #20433]] + + * 符號鍵將會以現代符號鍵語法顯示: `"{user: 1}"` + * 其他鍵現在會在 `=>` 周圍加上空白:`'{"user" => 1}'`,之前沒有將上空白:`'{"user"=>1}'` + +* Kernel#Float() 現在接受忽略小數位數的數值字串。 [[Feature #20705]] + + ```rb + Float("1.") #=> 1.0 (之前,拋出 ArgumentError) + Float("1.E-1") #=> 0.1 (之前,拋出 ArgumentError) + ``` + +* String#to_f 現在接受忽略小數位數的數值字串。注意指定指數後結果將會改變。[[Feature #20705]] + + ```rb + "1.".to_f #=> 1.0 + "1.E-1".to_f #=> 0.1 (之前,回傳 1.0) + ``` + +* Refinement#refined_class 已被移除。 [[Feature #19714]] + +## 標準函式庫相容性問題 + +* DidYouMean + + * `DidYouMean::SPELL_CHECKERS[]=` 和 `DidYouMean::SPELL_CHECKERS.merge!` 已被移除。 + +* Net::HTTP + + * 移除以下已廢棄的常數: + * `Net::HTTP::ProxyMod` + * `Net::NetPrivate::HTTPRequest` + * `Net::HTTPInformationCode` + * `Net::HTTPSuccessCode` + * `Net::HTTPRedirectionCode` + * `Net::HTTPRetriableCode` + * `Net::HTTPClientErrorCode` + * `Net::HTTPFatalErrorCode` + * `Net::HTTPServerErrorCode` + * `Net::HTTPResponseReceiver` + * `Net::HTTPResponceReceiver` + + 這些常數在 2012 年被廢棄。 + +* Timeout + + * Timeout.timeout 拒絕負數值。 [[Bug #20795]] + +* URI + + * 將預設解析器從 RFC 2396 標準改成 RFC 3986 標準。 + [[Bug #19266]] + +## 更新的 C API + +* `rb_newobj` 和 `rb_newobj_of` (和相對應的巨集 `RB_NEWOBJ`, `RB_NEWOBJ_OF`, `NEWOBJ`, `NEWOBJ_OF`) 已經被移除。 [[Feature #20265]] +* 移除已廢棄的函式 `rb_gc_force_recycle`。 [[Feature #18290]] + +## 其他變更 + +* 將 block 傳遞給不使用傳入 block 的方法,會在 verbose 模式 (`-w`) 下顯示警告。 + [[Feature #15554]] + +* 當重新定義一些由直譯器與 JIT 特別最佳化的核心方法,例如 `String.freeze` 和 `Integer#+`,現在會發出效能類型警告 (`-W:performance` or `Warning[:performance] = true`)。 + [[Feature #20429]] + +參見 [NEWS](https://docs.ruby-lang.org/en/3.4/NEWS_md.html) +和 [commit logs](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}) +來了解更多。 + +自 Ruby 3.3.0 以來,計 [{{ release.stats.files_changed }} 檔案變更,{{ release.stats.insertions }} 行新增(+),{{ release.stats.deletions }} 行刪減(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket)。 + +耶誕快樂、佳節愉快,享受與 Ruby 3.4 一起寫程式的時光! + +## 下載 + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby 是什麼 + +Ruby 最初由 Matz(Yukihiro Matsumoto)於 1993 年開發的開源軟體。可以在許多平台上執行。使用者來自世界各地,特別活躍於網路開發領域。 + +[Feature #13557]: https://bugs.ruby-lang.org/issues/13557 +[Feature #15554]: https://bugs.ruby-lang.org/issues/15554 +[Feature #16495]: https://bugs.ruby-lang.org/issues/16495 +[Feature #18290]: https://bugs.ruby-lang.org/issues/18290 +[Feature #18980]: https://bugs.ruby-lang.org/issues/18980 +[Misc #18984]: https://bugs.ruby-lang.org/issues/18984 +[Feature #19117]: https://bugs.ruby-lang.org/issues/19117 +[Bug #19266]: https://bugs.ruby-lang.org/issues/19266 +[Feature #19714]: https://bugs.ruby-lang.org/issues/19714 +[Bug #19918]: https://bugs.ruby-lang.org/issues/19918 +[Bug #20064]: https://bugs.ruby-lang.org/issues/20064 +[Feature #20182]: https://bugs.ruby-lang.org/issues/20182 +[Feature #20205]: https://bugs.ruby-lang.org/issues/20205 +[Bug #20218]: https://bugs.ruby-lang.org/issues/20218 +[Feature #20265]: https://bugs.ruby-lang.org/issues/20265 +[Feature #20351]: https://bugs.ruby-lang.org/issues/20351 +[Feature #20429]: https://bugs.ruby-lang.org/issues/20429 +[Feature #20443]: https://bugs.ruby-lang.org/issues/20443 +[Feature #20470]: https://bugs.ruby-lang.org/issues/20470 +[Feature #20497]: https://bugs.ruby-lang.org/issues/20497 +[Feature #20564]: https://bugs.ruby-lang.org/issues/20564 +[Bug #20620]: https://bugs.ruby-lang.org/issues/20620 +[Feature #20627]: https://bugs.ruby-lang.org/issues/20627 +[Feature #20705]: https://bugs.ruby-lang.org/issues/20705 +[Feature #20715]: https://bugs.ruby-lang.org/issues/20715 +[Feature #20775]: https://bugs.ruby-lang.org/issues/20775 +[Bug #20795]: https://bugs.ruby-lang.org/issues/20795 +[Bug #20433]: https://bugs.ruby-lang.org/issues/20433 +[Feature #20860]: https://bugs.ruby-lang.org/issues/20860 +[Feature #20875]: https://bugs.ruby-lang.org/issues/20875 +[Feature #20884]: https://bugs.ruby-lang.org/issues/20884 +[sigstore.dev]: https://www.sigstore.dev +[ruby/net-http-sspi]: https://github.com/ruby/net-http-sspi diff --git a/zh_tw/news/_posts/2024-12-25-ruby-3-4-1-released.md b/zh_tw/news/_posts/2024-12-25-ruby-3-4-1-released.md new file mode 100644 index 0000000000..541c09fd16 --- /dev/null +++ b/zh_tw/news/_posts/2024-12-25-ruby-3-4-1-released.md @@ -0,0 +1,39 @@ +--- +layout: news_post +title: "Ruby 3.4.1 發布" +author: "naruse" +translator: "Bear Su" +date: 2024-12-25 00:00:00 +0000 +lang: zh_tw +--- + +Ruby 3.4.1 已經發布了。 + +修復了版本描述。 + +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_4_1)。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.4.1" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} diff --git a/zh_tw/news/_posts/2025-01-15-ruby-3-3-7-released.md b/zh_tw/news/_posts/2025-01-15-ruby-3-3-7-released.md new file mode 100644 index 0000000000..5124edc500 --- /dev/null +++ b/zh_tw/news/_posts/2025-01-15-ruby-3-3-7-released.md @@ -0,0 +1,42 @@ +--- +layout: news_post +title: "Ruby 3.3.7 發布" +author: k0kubun +translator: "Bear Su" +date: 2025-01-15 07:51:59 +0000 +lang: zh_tw +--- + +Ruby 3.3.7 已經發布了。 + +這是包括修復小型錯誤的例行更新。 +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_3_7)。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.3.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發布,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2025-02-04-ruby-3-2-7-released.md b/zh_tw/news/_posts/2025-02-04-ruby-3-2-7-released.md new file mode 100644 index 0000000000..30ad3d5add --- /dev/null +++ b/zh_tw/news/_posts/2025-02-04-ruby-3-2-7-released.md @@ -0,0 +1,41 @@ +--- +layout: news_post +title: "Ruby 3.2.7 發布" +author: nagachika +translator: "Bear Su" +date: 2025-02-04 12:00:00 +0000 +lang: zh_tw +--- + +Ruby 3.2.7 已經發布了。 + +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_2_7)。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.2.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發布,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md b/zh_tw/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md new file mode 100644 index 0000000000..2c019ba8db --- /dev/null +++ b/zh_tw/news/_posts/2025-02-10-dos-net-imap-cve-2025-25186.md @@ -0,0 +1,33 @@ +--- +layout: news_post +title: "CVE-2025-25186: net-imap DoS 漏洞" +author: "nevans" +translator: "Bear Su" +date: 2025-02-10 03:00:00 +0000 +tags: security +lang: zh_tw +--- + +在 net-imap gem 發現可能會造成 DoS 的漏洞。 +該漏洞的 CVE 編號為 [CVE-2025-25186](https://www.cve.org/CVERecord?id=CVE-2025-25186)。 + +我們建議您升級 net-imap gem。 + +## 風險細節 + +惡意伺服器可以發送高度壓縮的 uid-set 資料,該資料會自動被客戶端的接收者執行緒讀取。 +回應解析器使用 Range#to_a 會將 uid-set 資料轉換為整數陣列,但對範圍的擴展大小沒有限制。 + +請更新 net-imap gem 至 0.3.8、0.4.19、0.5.6、或更新版本。 + +## 受影響版本 + +* net-imap gem 版本介於 0.3.2 至 0.3.7、0.4.0 至 0.4.18、或 0.5.0 至 0.5.5 + +## 致謝 + +感謝 [manun](https://hackerone.com/manun) 發現此問題。 + +## 歷史 + +* 最初發布於 2025-02-10 03:00:00 (UTC) diff --git a/zh_tw/news/_posts/2025-02-14-ruby-3-4-2-released.md b/zh_tw/news/_posts/2025-02-14-ruby-3-4-2-released.md new file mode 100644 index 0000000000..24c84e54f4 --- /dev/null +++ b/zh_tw/news/_posts/2025-02-14-ruby-3-4-2-released.md @@ -0,0 +1,48 @@ +--- +layout: news_post +title: "Ruby 3.4.2 發布" +author: k0kubun +translator: "Bear Su" +date: 2025-02-14 21:55:17 +0000 +lang: zh_tw +--- + +Ruby 3.4.2 已經發布了。 + +這是包括修復小型錯誤的例行更新。 +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_4_2)。 + +## 發布時程 + +我們打算每 2 個月發布一次最新的穩定 Ruby 版本(目前為 Ruby 3.4)。 + +我們預計 Ruby 3.4.3 於 4 月發布、Ruby 3.4.4 於 6 月發布、Ruby 3.4.5 於 8 月發布、Ruby 3.4.6 於 10 月發布、Ruby 3.4.7 於 12 月發布。如果有任何變更影響到相當多的人,我們可能會比預期更早發布新版本。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.4.2" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發布,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2025-02-26-security-advisories.md b/zh_tw/news/_posts/2025-02-26-security-advisories.md new file mode 100644 index 0000000000..9a19bc83bc --- /dev/null +++ b/zh_tw/news/_posts/2025-02-26-security-advisories.md @@ -0,0 +1,79 @@ +--- +layout: news_post +title: "安全性公告:CVE-2025-27219、CVE-2025-27220 和 CVE-2025-27221" +author: "hsbt" +translator: "Bear Su" +date: 2025-02-26 07:00:00 +0000 +tags: security +lang: zh_tw +--- + +我們發布了安全性公告 CVE-2025-27219、CVE-2025-27220 和 CVE-2025-27221。 +請閱讀以下風險細節。 + +## CVE-2025-27219:`CGI::Cookie.parse` 中發生服務阻斷。 + +在 cgi gem 中可能會發生服務阻斷。該漏洞的 CVE 編號為 [CVE-2025-27219](https://www.cve.org/CVERecord?id=CVE-2025-27219)。 +我們強烈建議您升級 cgi gem。 + +### 風險細節 + +在某些情況下 `CGI::Cookie.parse` 解析 cookie 字串會花費超級線性時間。 +將刻意的 cookie 字串傳入該方法可能會導致服務阻斷。 + +請更新 CGI gem 至 0.3.5.1、0.3.7、0.4.2 或較新版本。 + +### 受影響版本 + +* cgi gem 版本 <= 0.3.5、0.3.6、0.4.0 和 0.4.1。 + +### 致謝 + +感謝 [lio346](https://hackerone.com/lio346) 發現此問題。同樣感謝 [mame](https://github.com/mame) 修復此漏洞。 + +## CVE-2025-27220:`CGI::Util#escapeElement` 中發生正規表示式服務阻斷(ReDoS)。 + +在 cgi gem 中可能會發生正規表示式服務阻斷(ReDoS)。 +該漏洞的 CVE 編號為 [CVE-2025-27220](https://www.cve.org/CVERecord?id=CVE-2025-27220)。 +我們強烈建議您升級 cgi gem。 + +### 風險細節 + +`CGI::Util#escapeElement` 使用的正規表示式容易受到 ReDos 的攻擊。 +特別設計的輸入資料可能會導致高 CPU 用量。 + +此漏洞只影響 Ruby 3.1 和 3.2。如果您使用這些版本,請更新 CGI gem 至 0.3.5.1、0.3.7、0.4.2 或較新版本。 + +### 受影響版本 + +* cgi gem 版本 <= 0.3.5、0.3.6、0.4.0 和 0.4.1。 + +### 致謝 + +感謝 [svalkanov](https://hackerone.com/svalkanov) 發現此問題。同樣感謝 [nobu](https://github.com/nobu) 修復此漏洞。 + + +## CVE-2025-27221:`URI#join`、`URI#merge` 和 `URI#+` 中發生使用者資訊外洩。 + +在 uri gem 中可能會發生使用者資訊外洩。 +該漏洞的 CVE 編號為 [CVE-2025-27221](https://www.cve.org/CVERecord?id=CVE-2025-27221)。 +我們強烈建議您升級 uri gem。 + +### 風險細節 + +`URI#join`、`URI#merge`、和 `URI#+` 方法會保留使用者資訊,例如 `user:password`,即使替換掉主機位址也仍保留著。 +當使用這些方法從包含機敏使用者資訊的 URL 產生指向惡意主機的 URL 時,並讓某些使用者存取該 URL,就會導致非預期的使用者資訊外洩。 + +請更新 URI gem 至 0.11.3、0.12.4、0.13.2、1.0.3 或較新版本。 + +### 受影響版本 + +* uri gem 版本 < 0.11.3、0.12.0 至 0.12.3、0.13.0、0.13.1 和 1.0.0 至 1.0.2。 + +### 致謝 + +感謝 [Tsubasa Irisawa (lambdasawa)](https://hackerone.com/lambdasawa) 發現此問題。同樣感謝 [nobu](https://github.com/nobu) 修復此漏洞。 + +## 歷史 + +* 最初發布於 2025-02-26 7:00:00 (UTC) diff --git a/zh_tw/news/_posts/2025-03-26-ruby-3-1-7-released.md b/zh_tw/news/_posts/2025-03-26-ruby-3-1-7-released.md new file mode 100644 index 0000000000..8908ec8434 --- /dev/null +++ b/zh_tw/news/_posts/2025-03-26-ruby-3-1-7-released.md @@ -0,0 +1,47 @@ +--- +layout: news_post +title: "Ruby 3.1.7 發布" +author: hsbt +translator: "Bear Su" +date: 2025-03-26 04:44:27 +0000 +lang: zh_tw +--- + +Ruby 3.1.7 已經發布了。 本次發布版本包含 [CVE-2025-27219、CVE-2025-27220 和 CVE-2025-27221 修復](https://www.ruby-lang.org/en/news/2025/02/26/security-advisories/) 以及更新 bundled REXML 和 RSS gems。 + +詳細的變動請參閱 [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_1_7)。 + +此為 Ruby 3.1 系列的最後版本。 +我們將不會為 Ruby 3.1 系列發布任何包含安全性修復的更新。 + +我們建議升級至 Ruby 3.3 或 3.4 系列。 + + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.1.7" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發布,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2025-03-26-ruby-3-2-8-released.md b/zh_tw/news/_posts/2025-03-26-ruby-3-2-8-released.md new file mode 100644 index 0000000000..9f7f486c92 --- /dev/null +++ b/zh_tw/news/_posts/2025-03-26-ruby-3-2-8-released.md @@ -0,0 +1,46 @@ +--- +layout: news_post +title: "Ruby 3.2.8 發布" +author: hsbt +translator: "Bear Su" +date: 2025-03-26 04:45:01 +0000 +lang: zh_tw +--- + +Ruby 3.2.8 已經發布了。 本次發布版本包含 [CVE-2025-27219、CVE-2025-27220 和 CVE-2025-27221 修復](https://www.ruby-lang.org/en/news/2025/02/26/security-advisories/)。 + +詳細的變動請參閱 [GitHub releases](https://github.com/ruby/ruby/releases/tag/v3_2_8)。 + +此為 Ruby 3.2 系列最後的常規維護版本。 +我們將只修復 Ruby 3.2 系列的安全性漏洞直到 2026 年 3 月底。 + +請考慮升級至 Ruby 3.3 或 3.4 系列。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.2.8" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發布,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2025-04-09-ruby-3-3-8-released.md b/zh_tw/news/_posts/2025-04-09-ruby-3-3-8-released.md new file mode 100644 index 0000000000..a3f3be68e0 --- /dev/null +++ b/zh_tw/news/_posts/2025-04-09-ruby-3-3-8-released.md @@ -0,0 +1,41 @@ +--- +layout: news_post +title: "Ruby 3.3.8 發布" +author: nagachika +translator: "Bear Su" +date: 2025-04-09 11:00:00 +0000 +lang: zh_tw +--- + +Ruby 3.3.8 已經發布了。 + +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_3_8)。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.3.8" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發布,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2025-04-14-ruby-3-4-3-released.md b/zh_tw/news/_posts/2025-04-14-ruby-3-4-3-released.md new file mode 100644 index 0000000000..cbc4f782f6 --- /dev/null +++ b/zh_tw/news/_posts/2025-04-14-ruby-3-4-3-released.md @@ -0,0 +1,49 @@ +--- +layout: news_post +title: "Ruby 3.4.3 發布" +author: k0kubun +translator: "Bear Su" +date: 2025-04-14 08:06:57 +0000 +lang: zh_tw +--- + +Ruby 3.4.3 已經發布了。 + +這是包括修復小型錯誤的例行更新。 +詳細的變動請參閱 [GitHub 發布](https://github.com/ruby/ruby/releases/tag/v3_4_3)。 + +## 發布時程 + +我們打算每 2 個月發布一次最新的穩定 Ruby 版本(目前為 Ruby 3.4)。 +我們預計 Ruby 3.4.4 於 6 月發布、Ruby 3.4.5 於 8 月發布、Ruby 3.4.6 於 10 月發布、Ruby 3.4.7 於 12 月發布。 + +如果有任何變更影響到相當多的人,我們可能會比預期更早發布新版本。 + +## 下載 + +{% assign release = site.data.releases | where: "version", "3.4.3" | first %} + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## 發布紀錄 + +許多提交者、開發者和漏洞回報者幫助了此版本的發布,在此感謝所有人的貢獻。 diff --git a/zh_tw/news/_posts/2025-04-18-ruby-3-5-0-preview1-released.md b/zh_tw/news/_posts/2025-04-18-ruby-3-5-0-preview1-released.md new file mode 100644 index 0000000000..f2c1ee8aab --- /dev/null +++ b/zh_tw/news/_posts/2025-04-18-ruby-3-5-0-preview1-released.md @@ -0,0 +1,100 @@ +--- +layout: news_post +title: "Ruby 3.5.0 preview1 發布" +author: "naruse" +translator: "Bear Su" +date: 2025-04-18 00:00:00 +0000 +lang: zh_tw +--- + +{% assign release = site.data.releases | where: "version", "3.5.0-preview1" | first %} +我們很高興宣布 Ruby {{ release.version }} 發布了。 +Ruby 3.5 的 Unicode 版本升級為 15.1.0 與其他更新。 + +## 語法變更 + +* `*nil` 不再呼叫 `nil.to_a`,就跟 `**nil` 不呼叫 `nil.to_hash` 一樣。[[Feature #21047]] + +## 核心類別更新 + +注意:我們只列出特別的類別更新。 + +* Binding + + * `Binding#local_variables` 不再包含編號參數。 + 並且,`Binding#local_variable_get` 和 `Binding#local_variable_set` 拒絕處理編號參數。 + [[Bug #21049]] + +* IO + + * `IO.select` 同意 +Float::INFINITY+ 作為逾時參數。 + [[Feature #20610]] + +* String + + * 更新 Unicode 至版本 15.1.0 和 Emoji 版本 15.1. [[Feature #19908]] + (也套用至 Regexp) + + +## 標準函式庫更新 + +注意:我們只列出特別的標準函式庫更新。 + +* ostruct 0.6.1 +* pstore 0.2.0 +* benchmark 0.4.0 +* logger 1.7.0 +* rdoc 6.13.1 +* win32ole 1.9.2 +* irb 1.15.2 +* reline 0.6.1 +* readline 0.0.4 +* fiddle 1.1.6 + +## 相容性問題 + +注意:不包含功能問題的修正。 + +## 標準函式庫相容性問題 + +## C API 更新 + +## 其他變更 + +參見 [NEWS](https://github.com/ruby/ruby/blob/{{ release.tag }}/NEWS.md) +和 [commit logs](https://github.com/ruby/ruby/compare/v3_4_0...{{ release.tag }}) +來了解更多。 + +自 Ruby 3.4.0 以來,計 [{{ release.stats.files_changed }} 檔案變更,{{ release.stats.insertions }} 行新增(+),{{ release.stats.deletions }} 行刪減(-)](https://github.com/ruby/ruby/compare/v3_3_0...{{ release.tag }}#file_bucket)! + +## 下載 + +* <{{ release.url.gz }}> + + SIZE: {{ release.size.gz }} + SHA1: {{ release.sha1.gz }} + SHA256: {{ release.sha256.gz }} + SHA512: {{ release.sha512.gz }} + +* <{{ release.url.xz }}> + + SIZE: {{ release.size.xz }} + SHA1: {{ release.sha1.xz }} + SHA256: {{ release.sha256.xz }} + SHA512: {{ release.sha512.xz }} + +* <{{ release.url.zip }}> + + SIZE: {{ release.size.zip }} + SHA1: {{ release.sha1.zip }} + SHA256: {{ release.sha256.zip }} + SHA512: {{ release.sha512.zip }} + +## Ruby 是什麼 + +Ruby 最初由 Matz(Yukihiro Matsumoto)於 1993 年開發的開源軟體。可以在許多平台上執行。使用者來自世界各地,特別活躍於網路開發領域。 + +[Feature #21047]: https://bugs.ruby-lang.org/issues/21047 +[Bug #21049]: https://bugs.ruby-lang.org/issues/21049 +[Feature #20610]: https://bugs.ruby-lang.org/issues/20610 +[Feature #19908]: https://bugs.ruby-lang.org/issues/19908 diff --git a/zh_tw/news/_posts/2025-04-28-dos-net-imap-cve-2025-43857.md b/zh_tw/news/_posts/2025-04-28-dos-net-imap-cve-2025-43857.md new file mode 100644 index 0000000000..e9b9f091da --- /dev/null +++ b/zh_tw/news/_posts/2025-04-28-dos-net-imap-cve-2025-43857.md @@ -0,0 +1,45 @@ +--- +layout: news_post +title: "CVE-2025-43857: net-imap DoS 漏洞" +author: "nevans" +translator: "Bear Su" +date: 2025-04-28 16:02:04 +0000 +tags: security +lang: zh_tw +--- + +在 net-imap gem 發現可能會造成 DoS 的漏洞。 + +該漏洞的 CVE 編號為 [CVE-2025-43857]。 + +我們建議您升級 net-imap gem。 + +## 風險細節 + +一個惡意伺服器可以發送一個會自動被客戶端的接收者執行緒讀取的 "literal" 位元組大小。 + +客戶端的接收者會立即為伺服器回應中指示的位元組大小分配記憶體。 + +在正確使用安全連接到受信任的 IMAP 伺服器時不會造成問題。 + +這只會影響到不安全的連接和有錯誤的、不受信任的或被攻擊的伺服器(例如,連接到使用者提供的主機名稱)。 + +請升級 net-imap gem 至版本 0.2.5、0.3.9、0.4.20、0.5.7、或更新版本。 + +當連接至不受信任的伺服器或使用不安全的連接時,`max_response_size` 和回應處理必須適當配置以限制記憶體使用量。請參見 [GHSA-j3g3-5qv5-52mj] 來了解更多。 + +## 受影響版本 + +net-imap gem 版本 <= 0.2.4、0.3.0 至 0.3.8、0.4.0 至 0.4.19、和 0.5.0 至 0.5.6。 + +## 致謝 + +感謝 [Masamune] 發現此問題。 + +## 歷史 + +* 最初發布於 2025-04-28 16:02:04 (UTC) + +[CVE-2025-43857]: https://www.cve.org/CVERecord?id=CVE-2025-43857 +[GHSA-j3g3-5qv5-52mj]: https://github.com/ruby/net-imap/security/advisories/GHSA-j3g3-5qv5-52mj +[Masamune]: https://hackerone.com/masamune_