nikhil/fixing-resolv-windows: Upgrade resolv gem with cross-platform support #3472
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: nikhil2611 <nikhilgupta2102@gmail.com>
- Remove resolv 0.2.1 default gemspec from all gem paths before installing 0.2.3 - Handles Windows multiple Ruby gem locations (user + embedded) - Cross-platform compatible (Linux, macOS, Windows) - Prevents gem conflict issues in final chef-workstation package Signed-off-by: nikhil2611 <nikhilgupta2102@gmail.com>
- Use chef's simpler regex pattern to extract default gem path - Remove platform-specific Windows/Linux branches - Remove explicit --install-dir flag (relies on gem_home) - Keep resolv 0.2.3 installation as specified - Add CVE-2025-24294 documentation comment - Proven to work on Windows per chef PR #15459 Signed-off-by: nikhil2611 <nikhilgupta2102@gmail.com>
Signed-off-by: nikhil2611 <nikhilgupta2102@gmail.com>
…atform support - Add platform-specific handling for Windows vs Linux/macOS - Windows: Check all gem paths (omnibus-toolchain and embedded) for removal - Linux/macOS: Extract default gem path from gem info output via regex - Remove resolv 0.2.1 default gemspec from all locations - Install resolv 0.2.3 to embedded path with --install-dir flag - Add --no-document flag to optimize build time - Fixes CVE-2025-24294 security vulnerability in resolv 0.2.1 Signed-off-by: nikhil2611 <nikhilgupta2102@gmail.com>
👷 Deploy Preview for chef-workstation processing.
|
Contributor
There was a problem hiding this comment.
Pull request overview
This PR upgrades the resolv gem from version 0.2.1 to 0.2.3 to address CVE-2025-24294 by implementing a cross-platform solution that removes the default gemspec and installs the newer version during the omnibus build process.
Key changes:
- Refactored hardcoded resolv gem handling into a configurable hash structure for managing default gem conflicts
- Implemented platform-specific gemspec removal logic (Windows uses Gem.path iteration, Linux/macOS uses regex extraction)
- Added --install-dir and --no-document flags to optimize installation
Signed-off-by: nikhil2611 <nikhilgupta2102@gmail.com>
- Remove trailing whitespace - Replace 'or' with '||' operator - Use raise() method call instead of raise string Signed-off-by: nikhil2611 <nikhilgupta2102@gmail.com>
sanghinitin
approved these changes
Dec 10, 2025
|
ashiqueps
approved these changes
Dec 10, 2025
sanjain-progress
approved these changes
Dec 10, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR implements a cross-platform solution to upgrade the resolv gem from version 0.2.1 to 0.2.3 during the omnibus build process by removing the default gemspec and installing the newer version.
Changes Made
Testing
Files Modified