Indicate whether a gem will build extensions #486

Open
postmodern opened this Issue Nov 5, 2012 · 13 comments

Comments

Projects
None yet
10 participants
Contributor

postmodern commented Nov 5, 2012

Indicate whether a gem has extensions set in it's gemspec. This will help users distinguish between native or FFI bindings from C/Java extensions. Additionally, malicious code could be executed via extensions at install time. Indicating the presence of such extensions would help the user be more suspicious of strange new gems.

Contributor

cmeiklejohn commented Nov 5, 2012

+1 to this idea... want to take a pass at implementing it?

Contributor

postmodern commented Nov 5, 2012

@cmeiklejohn I have no idea how this would be implemented, and am nearing the end of a contract.

Owner

qrush commented Nov 7, 2012

I don't see why this is necessary. Bundler isn't going to show this info anyway. 👎 so far.

Contributor

postmodern commented Nov 7, 2012

@qrush a user should know before they install a Gem, if it will execute additional code during installation. Also, Bundler does indicate a gem is about to build extensions upon first installation:

Installing nokogiri (1.5.5) with native extensions .....
.........................................................................................................................................................................................................................................
Using bundler (1.2.1) 

However, I fail to see how this issue relates to Bundler at all.

Now that JRuby 1.7.0 no longer supports C extensions, it would be helpful to JRuby users to know if a library contains a C extension. Many C extensions are abandoned or fail to compile against their library. JRuby developers could query rubygems.org for the most popular abandoned/broken C extensions, and rewrite them using FFI. This would benefit all Ruby implementations.

@qrush qrush added the feature label Nov 28, 2014

This is important. I would actually like to be able to tell if a gem builds an extension the sooner the better.

What if the gem page shows icons like #️⃣ (with tooltip) next to gem versions if they build extensions?
On gem list page, display the icon next to gem name if its most recent version builds an extension.

+1 Very important for isolated systems without internet access, because we need to provide compiled way for them.

Member

arthurnn commented Jun 16, 2015

I am ok with this. Should not be that hard to build, if anyone interested in taking this task, go ahead.

Will look into it.

+1 from me too. Perhaps it could also be shown on the gem-page on rubygems.org, something small, an indicator or a small icon. Most gems are pure ruby probably, the few that require extensions to be compiled, could perhaps have a big C or C++ letter or something somewhere on the right side or so. :)

jc00ke commented Jul 29, 2016

Going a bit further, there could be a global gem setting that would force a prompt Y|n before a C-ext is compiled. By default the prompt should be off, but if set could show user a link or open C-ext dir in $EDITOR.

Contributor

simi commented Jul 29, 2016

Just to mention: rubygem extension != C compiled extension every time.

What else could it be?

Contributor

simi commented Jul 30, 2016

When you provide

spec.extensions  = ["extconf.rb"]

in gemspec, when gem is running extensions compilation, it just run that script and expects also Makefile with install section. You can do whatever you want in extconf.rb if you provide fake empty Makefile for extension builder.

To mention some real usage: travis.rb was installing shell completion in this way before.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment