* remove EOL ruby versions for security and maintenance reasons.
* only expose ruby_MAJOR_MINOR to the top-level. we don't provide
guarantees for the TINY version.
* mark all related packages as broken
* switch the default ruby version from 2.3.x to 2.4.x
Fixes a number of CVEs:
- a DNS request hijacking vulnerability. (CVE-2017-0902)
- an ANSI escape sequence vulnerability. (CVE-2017-0899)
- a DoS vulnerability in the query command. (CVE-2017-0900)
- a vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files. (CVE-2017-0901)
* Manage patches in git
* Fixes the hook invocation to be more safe. Thanks @Mic92
* Install gems as user by default
* Install gem binaries with the /usr/bin/env shebang
* Fixes a bug where the passthru.libPath and passthru.gemPath would
point to the wrong directory
* Overhaul ruby version heuristics
In the tarball job:
````
checking find-tarballs.nix
error: while evaluating anonymous function at /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/maintainers/scripts/find-tarballs.nix:6:1, called from undefined position:
while evaluating ‘operator’ at /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/maintainers/scripts/find-tarballs.nix:27:16, called from undefined position:
while evaluating ‘immediateDependenciesOf’ at /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/maintainers/scripts/find-tarballs.nix:39:29, called from /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/maintainers/scripts/find-tarballs.nix:27:44:
while evaluating anonymous function at /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/lib/attrsets.nix:224:10, called from undefined position:
while evaluating anonymous function at /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/maintainers/scripts/find-tarballs.nix:40:37, called from /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/lib/attrsets.nix:224:16:
while evaluating ‘derivationsIn’ at /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/maintainers/scripts/find-tarballs.nix:42:19, called from /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/maintainers/scripts/find-tarballs.nix:40:40:
while evaluating ‘optional’ at /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/lib/lists.nix:175:20, called from /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/maintainers/scripts/find-tarballs.nix:44:33:
while evaluating ‘canEval’ at /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/maintainers/scripts/find-tarballs.nix:48:13, called from /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/maintainers/scripts/find-tarballs.nix:44:43:
while evaluating the attribute ‘pkgs’ of the derivation ‘ruby-dev-2.3.1-p0’ at /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/pkgs/build-support/trivial-builders.nix:10:14:
while evaluating ‘override’ at /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/lib/customisation.nix:60:22, called from /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/pkgs/development/interpreters/ruby/dev.nix:10:13:
while evaluating ‘makeOverridable’ at /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/lib/customisation.nix:54:24, called from /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/lib/customisation.nix:60:31:
anonymous function at /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/pkgs/development/ruby-modules/bundix/default.nix:1:1 called with unexpected argument ‘ruby’, at /tmp/nix-build-nixpkgs-tarball-16.09pre1234.abcdef.drv-0/nixpkgs/lib/customisation.nix:56:12
````
Setting the GEM_PATH after ruby is started is not reliable enough. In
some cases rubygems would have already loaded and ignore these settings.
Fixes#14048
