(Update links to the official news and release announcement) |
(Updated detailed description from release announcement.) |
||
(One intermediate revision by the same user not shown) | |||
Line 47: | Line 47: | ||
Ruby 3.2 is upstream's new major release of Ruby. Many new features and improvements are included. | Ruby 3.2 is upstream's new major release of Ruby. Many new features and improvements are included. | ||
=== | === Production-ready YJIT === | ||
* YJIT is no longer experimental | |||
** Has been tested on production workloads for over a year and proven to be quite stable. | |||
* The YJIT 3.2 release is faster than 3.1, and has about 1/3 as much memory overhead. | |||
** Overall YJIT is 41% faster (geometric mean) than the Ruby interpreter on [https://github.com/Shopify/yjit-bench yjit-bench]. | |||
** Physical memory for JIT code is lazily allocated. | |||
** Introduce Code GC that frees all code pages when the memory consumption by JIT code reaches `--yjit-exec-mem-size`. | |||
** `RubyVM::YJIT.runtime_stats` returns Code GC metrics in addition to existing `inline_code_size` and `outlined_code_size` keys: `code_gc_count`, `live_page_count`, `freed_page_count`, and `freed_code_size`. | |||
* Most of the statistics produced by `RubyVM::YJIT.runtime_stats` are now available in release builds. | |||
** Simply run ruby with `--yjit-stats` to compute and dump stats (incurs some run-time overhead). | |||
* YJIT is now optimized to take advantage of object shapes. | |||
* Take advantage of finer-grained constant invalidation to invalidate less code when defining new constants. | |||
=== Regexp improvements against ReDoS === | |||
It is known that Regexp matching may take unexpectedly long. If your code attempts to match a possibly inefficient Regexp against an untrusted input, an attacker may exploit it for efficient Denial of Service (so-called Regular expression DoS, or ReDoS). | |||
Ruby 3.2 introduces two improvements that significantly mitigate ReDoS. | |||
==== Improved Regexp matching algorithm ==== | |||
Since Ruby 3.2, Regexp's matching algorithm has been greatly improved by using a memoization technique. | |||
The improved matching algorithm allows most Regexp matching (about 90% in our experiments) to be completed in linear time. | |||
This optimization may consume memory proportional to the input length for each match. No practical problems are expected to arise because this memory allocation is usually delayed, and a normal Regexp match should consume at most 10 times as much memory as the input length. | |||
==== Regexp timeout ==== | |||
The optimization above cannot be applied to some kind of regular expressions, such as those including advanced features (e.g., back-references or look-around), or with a huge fixed number of repetitions. As a fallback measure, a timeout feature for Regexp matches is also introduced. | |||
Note that `Regexp.timeout` is a global configuration. If you want to use different timeout settings for some special Regexps, you may want to use the `timeout` keyword for `Regexp.new`. | |||
=== Other Notable New Features === | === Other Notable New Features === | ||
Line 70: | Line 96: | ||
=== Other notable changes since 3.1 === | === Other notable changes since 3.1 === | ||
* Data | |||
** New core class to represent simple immutable value object. The class is similar to Struct and partially shares an implementation, but has more lean and strict API. | |||
* Hash | * Hash | ||
** Hash#shift now always returns nil if the hash is empty, instead of returning the default value or calling the default proc. | ** Hash#shift now always returns nil if the hash is empty, instead of returning the default value or calling the default proc. | ||
Line 247: | Line 275: | ||
* The Ruby 3.2 bumps soname, therefore Ruby packages, which use binary extensions, should be rebuilt. Nevertheless, since upstream paid great attention to source compatibility, no changes to your code are needed. | * The Ruby 3.2 bumps soname, therefore Ruby packages, which use binary extensions, should be rebuilt. Nevertheless, since upstream paid great attention to source compatibility, no changes to your code are needed. | ||
https://github.com/ruby/ruby/blob/ | https://github.com/ruby/ruby/blob/ruby_3_2/NEWS.md |
Latest revision as of 14:21, 4 January 2023
Ruby 3.2
Summary
Ruby 3.2 is the latest stable version of Ruby. Many new features and improvements are included for the increasingly diverse and expanding demands for Ruby. With this major update from Ruby 3.1 in Fedora 37 to Ruby 3.2 in Fedora 38, Fedora becomes the superior Ruby development platform.
Owner
- Name: Vít Ondruch
- Email: vondruch@redhat.com
Current status
- Targeted release: Fedora Linux 38
- Last updated: 2023-01-04
- devel thread
- FESCo issue: #2893
- Tracker bug: #2144054
- Release notes tracker: #925
Detailed Description
Ruby 3.2 is upstream's new major release of Ruby. Many new features and improvements are included.
Production-ready YJIT
- YJIT is no longer experimental
- Has been tested on production workloads for over a year and proven to be quite stable.
- The YJIT 3.2 release is faster than 3.1, and has about 1/3 as much memory overhead.
- Overall YJIT is 41% faster (geometric mean) than the Ruby interpreter on yjit-bench.
- Physical memory for JIT code is lazily allocated.
- Introduce Code GC that frees all code pages when the memory consumption by JIT code reaches
--yjit-exec-mem-size
. RubyVM::YJIT.runtime_stats
returns Code GC metrics in addition to existinginline_code_size
andoutlined_code_size
keys:code_gc_count
,live_page_count
,freed_page_count
, andfreed_code_size
.
- Most of the statistics produced by
RubyVM::YJIT.runtime_stats
are now available in release builds.- Simply run ruby with
--yjit-stats
to compute and dump stats (incurs some run-time overhead).
- Simply run ruby with
- YJIT is now optimized to take advantage of object shapes.
- Take advantage of finer-grained constant invalidation to invalidate less code when defining new constants.
Regexp improvements against ReDoS
It is known that Regexp matching may take unexpectedly long. If your code attempts to match a possibly inefficient Regexp against an untrusted input, an attacker may exploit it for efficient Denial of Service (so-called Regular expression DoS, or ReDoS).
Ruby 3.2 introduces two improvements that significantly mitigate ReDoS.
Improved Regexp matching algorithm
Since Ruby 3.2, Regexp's matching algorithm has been greatly improved by using a memoization technique.
The improved matching algorithm allows most Regexp matching (about 90% in our experiments) to be completed in linear time.
This optimization may consume memory proportional to the input length for each match. No practical problems are expected to arise because this memory allocation is usually delayed, and a normal Regexp match should consume at most 10 times as much memory as the input length.
Regexp timeout
The optimization above cannot be applied to some kind of regular expressions, such as those including advanced features (e.g., back-references or look-around), or with a huge fixed number of repetitions. As a fallback measure, a timeout feature for Regexp matches is also introduced.
Note that Regexp.timeout
is a global configuration. If you want to use different timeout settings for some special Regexps, you may want to use the timeout
keyword for Regexp.new
.
Other Notable New Features
- Language
- Anonymous rest and keyword rest arguments can now be passed as arguments, instead of just used in method parameters.
- A proc that accepts a single positional argument and keywords will no longer autosplat.
- Constant assignment evaluation order for constants set on explicit objects has been made consistent with single attribute assignment evaluation order.
- Find pattern is no longer experimental.
- Methods taking a rest parameter and wishing to delegate keyword arguments through
foo(*args)
must now be marked withruby2_keywords
- Performance improvements
- YJIT
- Support arm64 / aarch64 on UNIX platforms.
- Building YJIT requires Rust 1.58.1+.
- YJIT
Other notable changes since 3.1
- Data
- New core class to represent simple immutable value object. The class is similar to Struct and partially shares an implementation, but has more lean and strict API.
- Hash
- Hash#shift now always returns nil if the hash is empty, instead of returning the default value or calling the default proc.
- MatchData
- MatchData#byteoffset has been added.
- Module
- Module.used_refinements has been added.
- Module#refinements has been added.
- Module#const_added has been added.
- Proc
- Proc#dup returns an instance of subclass.
- Proc#parameters now accepts lambda keyword.
- Refinement
- Refinement#refined_class has been added.
- Set
- Set is now available as a builtin class without the need for
require "set"
. It is currently autoloaded via theSet
constant or a call toEnumerable#to_set
.
- Set is now available as a builtin class without the need for
- String
- String#byteindex and String#byterindex have been added.
- Update Unicode to Version 14.0.0 and Emoji Version 14.0. (also applies to Regexp)
- String#bytesplice has been added.
- Struct
- A Struct class can also be initialized with keyword arguments without
keyword_init: true
onStruct.new
- A Struct class can also be initialized with keyword arguments without
Compatibility issues
- Removed constants
Fixnum
andBignum
Random::DEFAULT
Struct::Group
Struct::Passwd
- Removed methods
Dir.exists?
File.exists?
Kernel#=~
Kernel#taint
,Kernel#untaint
,Kernel#tainted?
Kernel#trust
,Kernel#untrust
,Kernel#untrusted?
C API updates
- Removed C APIs
rb_cData
variable.- "taintedness" and "trustedness" functions.
Feedback
Benefit to Fedora
With a latest release, Ruby language is supporting the newest language features, which enables even faster and easier development of Ruby applications.
Scope
- Proposal owners:
- Finish packaging of Ruby 3.2. Current changes available in PR https://src.fedoraproject.org/rpms/ruby/pull-request/134
- Rebuilding of Ruby packages providing native extensions (i.e. packages which depends on libruby).
- Other developers:
- Rebuild of packages with binary extensions (i.e. packages which depends on libruby) will be handled automatically, but some packages might need fixes/updates to support Ruby 3.2 properly.
- Release engineering: #11115
- The packages are going to be rebuild in side-tag, but that does not need releng involvement nowadays.
- Policies and guidelines: N/A (not needed for this Change)
- Trademark approval: N/A (not needed for this Change)
- Alignment with Objectives:
Upgrade/compatibility impact
- User specific Ruby binary extensions need to be rebuild.
- Ruby packages/application dependencies might need to be adjusted if newly bundled gems are used.
How To Test
- No special hardware is needed.
- To test, install Ruby 3.2. The test builds are published in PR or on Ruby-SIG ML
- Try to locally rebuild your packages using Ruby 3.2.
- Use the packages with your applications previously written in Ruby.
- If something doesn't work as it should, let us know.
User Experience
The Ruby programs/scripts should behave as they were used to.
Dependencies
$ dnf repoquery --disablerepo=* --enablerepo=rawhide --enablerepo=rawhide-source --arch=src --whatrequires 'ruby-devel' | sort | uniq | wc -l 130
Contingency Plan
- Contingency mechanism: We would like to get a special buildroot tag to be able to rebuild necessary the packages with Ruby 3.2. If anything goes wrong, the tag could be easily dropped and previous version of Ruby 3.1 and its dependencies stays intact. The tag would be merged into F38 after everything is rebuild.
- Contingency deadline: Mass Rebuild
- Blocks release? No
Documentation
- Help and documentation for the Ruby programming language
- Ruby 3.2.0 NEWS
- Ruby 3.2 release announcement
Release Notes
- The Ruby 3.2 bumps soname, therefore Ruby packages, which use binary extensions, should be rebuilt. Nevertheless, since upstream paid great attention to source compatibility, no changes to your code are needed.