On Wed, Aug 4, 2021 at 7:38 PM sebb <seb...@gmail.com> wrote: > > On Thu, 5 Aug 2021 at 00:14, Sam Ruby <ru...@intertwingly.net> wrote: > > > > It looks like sebb disabled security updates on wunderbar, which seems > > unwise. > > Updates were *not* disabled, but updates are no longer automatically > installed. > > This was done because one of the previous updates to Wunderbar broke things. > > https://lists.apache.org/thread.html/r2d1a2e39bd92390e68efebc5bd53b4594271492468728c1ca45ab895%40%3Cdev.whimsical.apache.org%3E
Once whimsy updated to Ruby 2.7, Ruby safety checks were no longer something that could be trusted, and wunderbar was updated to require an opt in to retain the old (insecure) behavior. The version of wunderbar had been pinned before that change, whimsy would have had a security issue. If there is a choice between availability (up time) and security, we need to prioritize security. What you have implemented is unwise, and I therefore am now giving my -1 to that approach and am requesting that it be reverted. - Sam Ruby > > https://github.com/apache/whimsy/blob/f95c56af00e57ee51582b9a74961983b6dc85e6a/www/secretary/workbench/Gemfile#L19 > > > > - Sam Ruby > > > > On Wed, Aug 4, 2021 at 5:24 PM Sam Ruby <ru...@intertwingly.net> wrote: > > > > > > I pushed wunderbar 1.5.0 which should fix the problem. This will be > > > picked up the next time puppet runs. > > > > > > - Sam Ruby > > > > > > On Wed, Aug 4, 2021 at 2:00 PM Craig Russell <apache....@gmail.com> wrote: > > > > > > > > Anyone else seeing this on > > > > https://whimsy.apache.org/secretary/workbench/ ? > > > > > > > > Error starting web application > > > > > > > > The Phusion Passenger application server tried to start the web > > > > application. But the application itself (and not Passenger) encountered > > > > an internal error. > > > > > > > > Error details: > > > > > > > > cannot load such file -- nokogumbo (LoadError) > > > > /var/lib/gems/2.7.0/gems/wunderbar-1.4.5/lib/wunderbar/render.rb:9:in > > > > `require' > > > > /var/lib/gems/2.7.0/gems/wunderbar-1.4.5/lib/wunderbar/render.rb:9:in > > > > `<top (required)>' > > > > /var/lib/gems/2.7.0/gems/wunderbar-1.4.5/lib/wunderbar/vue.rb:1:in > > > > `require' > > > > /var/lib/gems/2.7.0/gems/wunderbar-1.4.5/lib/wunderbar/vue.rb:1:in > > > > `<top (required)>' > > > > /x1/srv/whimsy/www/secretary/workbench/server.rb:7:in `require' > > > > /x1/srv/whimsy/www/secretary/workbench/server.rb:7:in `<top > > > > (required)>' > > > > config.ru:1:in `require' > > > > config.ru:1:in `block in <main>' > > > > /var/lib/gems/2.7.0/gems/rack-2.2.3/lib/rack/builder.rb:125:in > > > > `instance_eval' > > > > /var/lib/gems/2.7.0/gems/rack-2.2.3/lib/rack/builder.rb:125:in > > > > `initialize' > > > > config.ru:1:in `new' > > > > config.ru:1:in `<main>' > > > > > > > > /var/lib/gems/2.7.0/gems/passenger-6.0.5/src/helper-scripts/rack-preloader.rb:101:in > > > > `eval' > > > > > > > > /var/lib/gems/2.7.0/gems/passenger-6.0.5/src/helper-scripts/rack-preloader.rb:101:in > > > > `preload_app' > > > > > > > > /var/lib/gems/2.7.0/gems/passenger-6.0.5/src/helper-scripts/rack-preloader.rb:189:in > > > > `block in <module:App>' > > > > > > > > /var/lib/gems/2.7.0/gems/passenger-6.0.5/src/ruby_supportlib/phusion_passenger/loader_shared_helpers.rb:378:in > > > > `run_block_and_record_step_progress' > > > > > > > > /var/lib/gems/2.7.0/gems/passenger-6.0.5/src/helper-scripts/rack-preloader.rb:188:in > > > > `<module:App>' > > > > > > > > /var/lib/gems/2.7.0/gems/passenger-6.0.5/src/helper-scripts/rack-preloader.rb:30:in > > > > `<module:PhusionPassenger>' > > > > > > > > /var/lib/gems/2.7.0/gems/passenger-6.0.5/src/helper-scripts/rack-preloader.rb:29:in > > > > `<main>' > > > > The stdout/stderr output of the subprocess so far is: > > > > > > > > Error: The application encountered the following error: cannot load > > > > such file -- nokogumbo (LoadError) > > > > > > > > /var/lib/gems/2.7.0/gems/wunderbar-1.4.5/lib/wunderbar/render.rb:9:in > > > > `require' > > > > > > > > /var/lib/gems/2.7.0/gems/wunderbar-1.4.5/lib/wunderbar/render.rb:9:in > > > > `<top (required)>' > > > > /var/lib/gems/2.7.0/gems/wunderbar-1.4.5/lib/wunderbar/vue.rb:1:in > > > > `require' > > > > /var/lib/gems/2.7.0/gems/wunderbar-1.4.5/lib/wunderbar/vue.rb:1:in > > > > `<top (required)>' > > > > /x1/srv/whimsy/www/secretary/workbench/server.rb:7:in `require' > > > > /x1/srv/whimsy/www/secretary/workbench/server.rb:7:in `<top > > > > (required)>' > > > > config.ru:1:in `require' > > > > config.ru:1:in `block in <main>' > > > > /var/lib/gems/2.7.0/gems/rack-2.2.3/lib/rack/builder.rb:125:in > > > > `instance_eval' > > > > /var/lib/gems/2.7.0/gems/rack-2.2.3/lib/rack/builder.rb:125:in > > > > `initialize' > > > > config.ru:1:in `new' > > > > config.ru:1:in `<main>' > > > > > > > > /var/lib/gems/2.7.0/gems/passenger-6.0.5/src/helper-scripts/rack-preloader.rb:101:in > > > > `eval' > > > > > > > > /var/lib/gems/2.7.0/gems/passenger-6.0.5/src/helper-scripts/rack-preloader.rb:101:in > > > > `preload_app' > > > > > > > > /var/lib/gems/2.7.0/gems/passenger-6.0.5/src/helper-scripts/rack-preloader.rb:189:in > > > > `block in <module:App>' > > > > > > > > /var/lib/gems/2.7.0/gems/passenger-6.0.5/src/ruby_supportlib/phusion_passenger/loader_shared_helpers.rb:378:in > > > > `run_block_and_record_step_progress' > > > > > > > > /var/lib/gems/2.7.0/gems/passenger-6.0.5/src/helper-scripts/rack-preloader.rb:188:in > > > > `<module:App>' > > > > > > > > /var/lib/gems/2.7.0/gems/passenger-6.0.5/src/helper-scripts/rack-preloader.rb:30:in > > > > `<module:PhusionPassenger>' > > > > > > > > /var/lib/gems/2.7.0/gems/passenger-6.0.5/src/helper-scripts/rack-preloader.rb:29:in > > > > `<main>' > > > > This website is powered by Phusion Passenger®, the smart application > > > > server built by Phusion®. > > > > Craig L Russell > > > > c...@apache.org > > > >
