AFAICT is now fixed
On Mon, 6 Jul 2020 at 21:17, sebb <seb...@gmail.com> wrote:
>
> On Mon, 6 Jul 2020 at 18:44, Craig Russell <apache....@gmail.com> wrote:
> >
> > I merged the roster-emeritus branch and tried out some of the new features.
> >
> > 1. Request emeritus fails on line 70 of memstat.json.rb [1]
> > template, err =
> > ASF::SVN.svn('cat', EMERITUS_TEMPLATE_URL, {env:env})
>
> AFAICT it must be env that is untainted, but not sure if so or where
> to fix this yet.
>
> >
> > 2. Move to emeritus status for a member with an outstanding request fails
> > on line 21 of memstat.json.rb [2]
> > ASF::SVN.multiUpdate_ members_txt, message, env, _ do |text|
>
> Should be fixed; whimsy4 is on an old Ruby which does not have URI::File
>
> > Any ideas?
> >
> > Craig
> >
> > [1] {
> > "exception": "#<SecurityError: Insecure operation - spawn>",
> > "backtrace": [
> > "/usr/local/rvm/rubies/ruby-2.4.1/lib/ruby/2.4.0/open3.rb:199:in
> > `spawn'",
> > "/usr/local/rvm/rubies/ruby-2.4.1/lib/ruby/2.4.0/open3.rb:199:in
> > `popen_run'",
> > "/usr/local/rvm/rubies/ruby-2.4.1/lib/ruby/2.4.0/open3.rb:95:in
> > `popen3'",
> > "/usr/local/rvm/rubies/ruby-2.4.1/lib/ruby/2.4.0/open3.rb:258:in
> > `capture3'",
> > "/x1/srv/whimsy/lib/whimsy/asf/svn.rb:387:in `svn'",
> > "/x1/srv/whimsy/www/roster/views/actions/memstat.json.rb:70:in
> > `_evaluate'",
> > "/x1/srv/whimsy/www/roster/main.rb:204:in `block in <top (required)>'",
> > "/x1/srv/whimsy/lib/whimsy/asf/rack.rb:223:in `call'",
> > "/x1/srv/whimsy/lib/whimsy/asf/rack.rb:48:in `call'",
> > "/x1/srv/whimsy/lib/whimsy/asf/rack.rb:200:in `call'",
> > "/x1/srv/whimsy/lib/whimsy/asf/rack.rb:254:in `call'",
> >
> > "/usr/local/rvm/gems/ruby-2.4.1/gems/passenger-6.0.2/src/ruby_supportlib/phusion_passenger/rack/thread_handler_extension.rb:97:in
> > `process_request'",
> >
> > "/usr/local/rvm/gems/ruby-2.4.1/gems/passenger-6.0.2/src/ruby_supportlib/phusion_passenger/request_handler/thread_handler.rb:157:in
> > `accept_and_process_next_request'",
> >
> > "/usr/local/rvm/gems/ruby-2.4.1/gems/passenger-6.0.2/src/ruby_supportlib/phusion_passenger/request_handler/thread_handler.rb:110:in
> > `main_loop'",
> >
> > "/usr/local/rvm/gems/ruby-2.4.1/gems/passenger-6.0.2/src/ruby_supportlib/phusion_passenger/request_handler.rb:415:in
> > `block (3 levels) in start_threads'",
> >
> > "/usr/local/rvm/gems/ruby-2.4.1/gems/passenger-6.0.2/src/ruby_supportlib/phusion_passenger/utils.rb:113:in
> > `block in create_thread_and_abort_on_exception'"
> > ]
> >
> > [2] {
> > "exception": "#<NameError: uninitialized constant URI::File\nDid you
> > mean? File>",
> > "backtrace": [
> > "/x1/srv/whimsy/lib/whimsy/asf/svn.rb:752:in `multiUpdate_'",
> > "/x1/srv/whimsy/www/roster/views/actions/memstat.json.rb:21:in
> > `_evaluate'",
> > "/x1/srv/whimsy/www/roster/main.rb:204:in `block in <top (required)>'",
> > "/x1/srv/whimsy/lib/whimsy/asf/rack.rb:223:in `call'",
> > "/x1/srv/whimsy/lib/whimsy/asf/rack.rb:48:in `call'",
> > "/x1/srv/whimsy/lib/whimsy/asf/rack.rb:200:in `call'",
> > "/x1/srv/whimsy/lib/whimsy/asf/rack.rb:254:in `call'",
> >
> > "/usr/local/rvm/gems/ruby-2.4.1/gems/passenger-6.0.2/src/ruby_supportlib/phusion_passenger/rack/thread_handler_extension.rb:97:in
> > `process_request'",
> >
> > "/usr/local/rvm/gems/ruby-2.4.1/gems/passenger-6.0.2/src/ruby_supportlib/phusion_passenger/request_handler/thread_handler.rb:157:in
> > `accept_and_process_next_request'",
> >
> > "/usr/local/rvm/gems/ruby-2.4.1/gems/passenger-6.0.2/src/ruby_supportlib/phusion_passenger/request_handler/thread_handler.rb:110:in
> > `main_loop'",
> >
> > "/usr/local/rvm/gems/ruby-2.4.1/gems/passenger-6.0.2/src/ruby_supportlib/phusion_passenger/request_handler.rb:415:in
> > `block (3 levels) in start_threads'",
> >
> > "/usr/local/rvm/gems/ruby-2.4.1/gems/passenger-6.0.2/src/ruby_supportlib/phusion_passenger/utils.rb:113:in
> > `block in create_thread_and_abort_on_exception'"
> > ]
> > }
> > }
> > Craig L Russell
> > c...@apache.org
> >
