Backport PR #15369 to 8.11: deps: downgrade jruby, keep updated default-gem dependencies (forward-port #15283) #15370

github-actions · 2023-10-03T21:35:32Z

Backport PR #15369 to 8.11 branch, original message:

forward-ports non-release-branch components of #15283 to main

deps: downgrade jruby, keep updated default-gem dependencies

By downgrading JRuby to 9.4.2.0 we avoid the silent global crash of the scheduler backing Concurrent::TimerTask that occurs when Jruby 9.4.3.0's invokedynamic promotes a method to run natively, incorrectly.

Upstream bug: jruby/jruby#7904

Along with the downgrade of JRuby itself to 9.4.2.0, we cherry-pick the updates to gems that were included in the latest JRuby 9.4.3.0 to ensure we don't back out relevant fixes to stdlib.

We also remove a pinned-dependency on racc that is no longer relevant.

Resolves: #15282

Imported the licenses for some gems

cgi
date
ffi-binary-libfixposix
io-console
net-http
net-protocol
reline
time
timeout
uri

specs: avoid mocking global ::Gem::Dependency::new
build: remove redundanct dependsOn declaration
deps: notice use of ffi-binary-libfixposix via Ruby license

this gem is tri-licensed Ruby / EPL-2.0 / LGPL-2.1-or-later and the Ruby license is preferred to EPL when available

Release notes

[rn:skip]: no change from 8.10

What does this PR do?

Forward-ports the pinning of Jruby from 8.10 to main; the bugs have been fixed upstream but no released artifact is available yet.

Why is it important/What is the impact to the user?

Prevents us from releasing a broken Logstash

Checklist

My code follows the style guidelines of this project
I have commented my code, particularly in hard-to-understand areas
~~[ ] I have made corresponding changes to the documentation~~
~~[ ] I have made corresponding change to the default configuration files (and/or docker env variables)~~
~~[ ] I have added tests that prove my fix is effective or that my feature works~~

How to test this PR locally

Same as #15283:

With a long-running pipeline and logging in debug mode, it is easy to see that the scheduled work keeps working when this patch is applied, or silently stops without this patch:
bin/logstash --log.level debug -e 'input { heartbeat {} }'

Related issues

#15283

…-port #15283) (#15369) * deps: downgrade jruby, keep updated default-gem dependencies (#15283) forward-ports non-release-branch components of #15283 to `main` * deps: downgrade jruby, keep updated default-gem dependencies By downgrading JRuby to 9.4.2.0 we avoid the silent global crash of the scheduler backing `Concurrent::TimerTask` that occurs when Jruby 9.4.3.0's invokedynamic promotes a method to run natively, incorrectly. Upstream bug: jruby/jruby#7904 Along with the downgrade of JRuby itself to 9.4.2.0, we cherry-pick the updates to gems that were included in the latest JRuby 9.4.3.0 to ensure we don't back out relevant fixes to stdlib. We also remove a pinned-dependency on `racc` that is no longer relevant. Resolves: #15282 * Imported the licenses for some gems - cgi - date - ffi-binary-libfixposix - io-console - net-http - net-protocol - reline - time - timeout - uri * specs: avoid mocking global ::Gem::Dependency::new * build: remove redundanct dependsOn declaration * deps: notice use of ffi-binary-libfixposix via Ruby license this gem is tri-licensed `Ruby` / `EPL-2.0` / `LGPL-2.1-or-later` and the Ruby license is preferred to EPL when available --------- Co-authored-by: andsel <[email protected]> * deps: add license notices for gems moved from default to bundled --------- Co-authored-by: andsel <[email protected]> (cherry picked from commit 70081bb)