https://bugzilla.redhat.com/show_bug.cgi?id=1586295 --- Comment #7 from Pavel Valena <pvalena@xxxxxxxxxx> --- > I am fine to skip the test failure this time for armv7hl. I'll file a bug when the component is created. In the meantime I'll exclude the armv7hl arch, as it does not work at all. > You can move CODE_OF_CONDUCT.md to %files doc? Sure, I somehow overlooked it... > Other things look okay! I do not think wee need to do anything with the `call-to-mktemp` - see below. Reading the code: * On C level [1] - expects atomic access to a file (used for caching only, reasonable hashing method is used); and * On Ruby level [2] - Mutex is used for synchronizing the Threads Furthermore, reading CAPEC[3], as suggested by rpmlint, none of the Attack Prerequisites are not met AFAICT. This gem is also heavily used and developed at Shopify (and now enabled by default in any Rails app). Concluding that any security concerns one might have have been very probably already investigated. [1] https://github.com/Shopify/bootsnap/blob/684acfd9b8c1298a026dd6b9c2ffeb173d11e949/ext/bootsnap/bootsnap.c#L466 [2] https://github.com/Shopify/bootsnap/blob/684acfd9b8c1298a026dd6b9c2ffeb173d11e949/lib/bootsnap/load_path_cache/cache.rb#L11 [3] http://capec.mitre.org/data/definitions/29.html Additionally, I've commented out any $CFLAGS modification in `extconf.rb` file to use the default Fedora ones. I've updated the links again, Scratch-build: https://koji.fedoraproject.org/koji/taskinfo?taskID=27490538 Thanks for the review! -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx/message/E4GUMXFHL4SGC3MXAOBYVU2WUTJOJBTN/
