Input buildinfo: https://buildinfos.debian.net/buildinfo-pool/r/ruby-secure-headers/ruby-secure-headers_6.3.2-1_all.buildinfo Use metasnap for getting required timestamps New buildinfo file: /tmp/ruby-secure-headers-6.3.2-1y3gj7nkm/ruby-secure-headers_6.3.2-1_all.buildinfo Get source package info: ruby-secure-headers=6.3.2-1 Source URL: http://snapshot.notset.fr/mr/package/ruby-secure-headers/6.3.2-1/srcfiles?fileinfo=1 env -i PATH=/usr/sbin:/usr/bin:/sbin:/bin TMPDIR=/tmp mmdebstrap --arch=amd64 --include=adduser=3.118 autoconf=2.69-14 automake=1:1.16.3-2 autopoint=0.21-4 autotools-dev=20180224.1+nmu1 base-files=11.1 base-passwd=3.5.50 bash=5.1-3 binutils=2.35.2-2 binutils-common=2.35.2-2 binutils-x86-64-linux-gnu=2.35.2-2 bsdextrautils=2.36.1-7 bsdutils=1:2.36.1-7 build-essential=12.9 bzip2=1.0.8-4 ca-certificates=20210119 coreutils=8.32-4+b1 cpp=4:10.2.1-1 cpp-10=10.2.1-6 dash=0.5.11+git20210120+802ebd4-1 debconf=1.5.77 debhelper=13.3.4 debianutils=4.11.2 devscripts=2.21.2 dh-autoreconf=20 dh-strip-nondeterminism=1.12.0-1 diffutils=1:3.7-5 dirmngr=2.2.27-2 dpkg=1.20.9 dpkg-dev=1.20.9 dwz=0.14-1 fakeroot=1.25.3-1.1 file=1:5.39-3 findutils=4.8.0-1 g++=4:10.2.1-1 g++-10=10.2.1-6 gcc=4:10.2.1-1 gcc-10=10.2.1-6 gcc-10-base=10.2.1-6 gem2deb=1.4 gem2deb-test-runner=1.4 gettext=0.21-4 gettext-base=0.21-4 gnupg=2.2.27-2 gnupg-l10n=2.2.27-2 gnupg-utils=2.2.27-2 gpg=2.2.27-2 gpg-agent=2.2.27-2 gpg-wks-client=2.2.27-2 gpg-wks-server=2.2.27-2 gpgconf=2.2.27-2 gpgsm=2.2.27-2 gpgv=2.2.27-2 grep=3.6-1 groff-base=1.22.4-6 gzip=1.10-4 hostname=3.23 init-system-helpers=1.60 intltool-debian=0.35.0+20060710.5 javascript-common=11+nmu1 libacl1=2.2.53-10 libarchive-zip-perl=1.68-1 libasan6=10.2.1-6 libassuan0=2.5.4-1 libatomic1=10.2.1-6 libattr1=1:2.4.48-6 libaudit-common=1:3.0-2 libaudit1=1:3.0-2 libb-hooks-op-check-perl=0.22-1+b3 libbinutils=2.35.2-2 libblkid1=2.36.1-7 libbsd0=0.11.3-1 libbz2-1.0=1.0.8-4 libc-bin=2.31-12 libc-dev-bin=2.31-12 libc6=2.31-12 libc6-dev=2.31-12 libcap-ng0=0.7.9-2.2+b1 libcc1-0=10.2.1-6 libclass-method-modifiers-perl=2.13-1 libcom-err2=1.46.2-2 libcrypt-dev=1:4.4.18-4 libcrypt1=1:4.4.18-4 libctf-nobfd0=2.35.2-2 libctf0=2.35.2-2 libdb5.3=5.3.28+dfsg1-0.8 libdebconfclient0=0.259 libdebhelper-perl=13.3.4 libdevel-callchecker-perl=0.008-1+b2 libdpkg-perl=1.20.9 libdynaloader-functions-perl=0.003-1.1 libedit2=3.1-20191231-2+b1 libelf1=0.183-3 libencode-locale-perl=1.05-1.1 libexpat1=2.2.10-2 libfakeroot=1.25.3-1.1 libffi7=3.3-6 libfile-dirlist-perl=0.05-2 libfile-homedir-perl=1.006-1 libfile-listing-perl=6.14-1 libfile-stripnondeterminism-perl=1.12.0-1 libfile-touch-perl=0.11-1 libfile-which-perl=1.23-1 libgcc-10-dev=10.2.1-6 libgcc-s1=10.2.1-6 libgcrypt20=1.8.7-6 libgdbm-compat4=1.19-2 libgdbm6=1.19-2 libgmp-dev=2:6.2.1+dfsg-1 libgmp10=2:6.2.1+dfsg-1 libgmpxx4ldbl=2:6.2.1+dfsg-1 libgnutls30=3.7.1-5 libgomp1=10.2.1-6 libgpg-error0=1.38-2 libgssapi-krb5-2=1.18.3-5 libhogweed6=3.7.3-1 libhtml-parser-perl=3.76-1 libhtml-tagset-perl=3.20-4 libhtml-tree-perl=5.07-2 libhttp-cookies-perl=6.10-1 libhttp-date-perl=6.05-1 libhttp-message-perl=6.29-1 libhttp-negotiate-perl=6.01-1 libicu67=67.1-6 libidn2-0=2.3.0-5 libimport-into-perl=1.002005-1 libio-html-perl=1.004-2 libio-pty-perl=1:1.15-2 libio-socket-ssl-perl=2.069-1 libipc-run-perl=20200505.0-1 libisl23=0.23-1 libitm1=10.2.1-6 libjs-jquery=3.5.1+dfsg+~3.5.5-7 libjs-jquery-easing=12-3 libjs-jquery-fancybox=12-3 libjs-jquery-mousewheel=1:3.1.13-2 libjs-jquery-ui=1.12.1+dfsg-8 libk5crypto3=1.18.3-5 libkeyutils1=1.6.1-2 libkrb5-3=1.18.3-5 libkrb5support0=1.18.3-5 libksba8=1.5.0-3 libldap-2.4-2=2.4.57+dfsg-3 liblsan0=10.2.1-6 liblwp-mediatypes-perl=6.04-1 liblwp-protocol-https-perl=6.10-1 liblz4-1=1.9.3-2 liblzma5=5.2.5-2 libmagic-mgc=1:5.39-3 libmagic1=1:5.39-3 libmd0=1.0.3-3 libmodule-runtime-perl=0.016-1 libmoo-perl=2.004004-1 libmount1=2.36.1-7 libmpc3=1.2.0-1 libmpdec3=2.5.1-2 libmpfr6=4.1.0-3 libncursesw6=6.2+20201114-2 libnet-http-perl=6.20-1 libnet-ssleay-perl=1.88-3+b1 libnettle8=3.7.3-1 libnpth0=1.6-3 libnsl-dev=1.3.0-2 libnsl2=1.3.0-2 libp11-kit0=0.23.22-1 libpam-modules=1.4.0-7 libpam-modules-bin=1.4.0-7 libpam-runtime=1.4.0-7 libpam0g=1.4.0-7 libparams-classify-perl=0.015-1+b3 libpcre2-8-0=10.36-2 libpcre3=2:8.39-13 libperl5.32=5.32.1-4 libpipeline1=1.5.3-1 libpython3-stdlib=3.9.2-3 libpython3.9-minimal=3.9.2-1 libpython3.9-stdlib=3.9.2-1 libquadmath0=10.2.1-6 libreadline8=8.1-2 librole-tiny-perl=2.002004-1 libruby2.7=2.7.3-2 libsasl2-2=2.1.27+dfsg-2.1 libsasl2-modules-db=2.1.27+dfsg-2.1 libseccomp2=2.5.1-1 libselinux1=3.1-3 libsemanage-common=3.1-1 libsemanage1=3.1-1+b2 libsepol1=3.1-1 libsigsegv2=2.13-1 libsmartcols1=2.36.1-7 libsqlite3-0=3.34.1-3 libssl1.1=1.1.1k-1 libstdc++-10-dev=10.2.1-6 libstdc++6=10.2.1-6 libstrictures-perl=2.000006-1 libsub-override-perl=0.09-2 libsub-quote-perl=2.006006-1 libsystemd0=247.3-5 libtasn1-6=4.16.0-2 libtimedate-perl=2.3300-2 libtinfo6=6.2+20201114-2 libtirpc-common=1.3.1-1 libtirpc-dev=1.3.1-1 libtirpc3=1.3.1-1 libtool=2.4.6-15 libtry-tiny-perl=0.30-1 libtsan0=10.2.1-6 libubsan1=10.2.1-6 libuchardet0=0.0.7-1 libudev1=247.3-5 libunistring2=0.9.10-4 liburi-perl=5.08-1 libuuid1=2.36.1-7 libwww-perl=6.53-1 libwww-robotrules-perl=6.02-1 libxml2=2.9.10+dfsg-6.7 libyaml-0-2=0.2.2-1 libzstd1=1.4.8+dfsg-2.1 linux-libc-dev=5.10.40-1 login=1:4.8.1-1 lsb-base=11.1.0 m4=1.4.18-5 make=4.3-4.1 man-db=2.9.4-2 mawk=1.3.4.20200120-2 media-types=4.0.0 ncurses-base=6.2+20201114-2 ncurses-bin=6.2+20201114-2 netbase=6.3 openssl=1.1.1k-1 passwd=1:4.8.1-1 patch=2.7.6-7 patchutils=0.4.2-1 perl=5.32.1-4 perl-base=5.32.1-4 perl-modules-5.32=5.32.1-4 perl-openssl-defaults=5 pinentry-curses=1.1.0-4 po-debconf=1.0.21+nmu1 python3=3.9.2-3 python3-minimal=3.9.2-3 python3.9=3.9.2-1 python3.9-minimal=3.9.2-1 rake=13.0.3-1 readline-common=8.1-2 ruby=1:2.7+2 ruby-all-dev=1:2.7+2 ruby-coveralls=0.8.23-2 ruby-diff-lcs=1.4.4-1 ruby-docile=1.1.5-2 ruby-domain-name=0.5.20190701-1 ruby-http-accept=1.7.0-2 ruby-http-cookie=1.0.3-1 ruby-mime-types=3.3.1-1 ruby-mime-types-data=3.2015.1120-1.1 ruby-minitest=5.13.0-1 ruby-multi-json=1.14.1-1 ruby-net-telnet=0.1.1-2 ruby-netrc=0.11.0-3 ruby-power-assert=1.1.7-2 ruby-rack=2.1.4-3 ruby-rest-client=2.1.0-1 ruby-rspec=3.9.0c2e2m1s3-2 ruby-rspec-core=3.9.0c2e2m1s3-2 ruby-rspec-expectations=3.9.0c2e2m1s3-2 ruby-rspec-mocks=3.9.0c2e2m1s3-2 ruby-rspec-support=3.9.0c2e2m1s3-2 ruby-rubygems=3.2.5-2 ruby-simplecov=0.19.1-1 ruby-simplecov-html=0.12.3-1 ruby-sync=0.5.0-2 ruby-term-ansicolor=1.3.0-1.1 ruby-test-unit=3.3.9-1 ruby-thor=1.0.1-1 ruby-tins=1.1.0-2 ruby-unf=0.1.4-2 ruby-unf-ext=0.0.7.6-1+b3 ruby-useragent=0.16.8-1.1 ruby-xmlrpc=0.3.0-2 ruby2.7=2.7.3-2 ruby2.7-dev=2.7.3-2 rubygems-integration=1.18 sed=4.7-1 sensible-utils=0.0.14 sysvinit-utils=2.96-7 tar=1.34+dfsg-1 tzdata=2021a-1 util-linux=2.36.1-7 wdiff=1.2.2-2+b1 xz-utils=5.2.5-2 zlib1g=1:1.2.11.dfsg-2 --variant=apt --aptopt=Acquire::Check-Valid-Until "false" --aptopt=Acquire::http::Dl-Limit "1000"; --aptopt=Acquire::https::Dl-Limit "1000"; --aptopt=Acquire::Retries "5"; --aptopt=APT::Get::allow-downgrades "true"; --keyring=/usr/share/keyrings/ --essential-hook=chroot "$1" sh -c "apt-get --yes install fakeroot util-linux" --essential-hook=copy-in /usr/share/keyrings/debian-archive-bullseye-automatic.gpg /usr/share/keyrings/debian-archive-bullseye-security-automatic.gpg /usr/share/keyrings/debian-archive-bullseye-stable.gpg /usr/share/keyrings/debian-archive-buster-automatic.gpg /usr/share/keyrings/debian-archive-buster-security-automatic.gpg /usr/share/keyrings/debian-archive-buster-stable.gpg /usr/share/keyrings/debian-archive-keyring.gpg /usr/share/keyrings/debian-archive-removed-keys.gpg /usr/share/keyrings/debian-archive-stretch-automatic.gpg /usr/share/keyrings/debian-archive-stretch-security-automatic.gpg /usr/share/keyrings/debian-archive-stretch-stable.gpg /usr/share/keyrings/debian-ports-archive-keyring-removed.gpg /usr/share/keyrings/debian-ports-archive-keyring.gpg /usr/share/keyrings/debian-keyring.gpg /etc/apt/trusted.gpg.d/ --essential-hook=chroot "$1" sh -c "rm /etc/apt/sources.list && echo 'deb http://snapshot.notset.fr/archive/debian/20210814T212851Z/ bookworm main deb-src http://snapshot.notset.fr/archive/debian/20210814T212851Z/ bookworm main deb http://snapshot.notset.fr/archive/debian/20210624T142826Z/ unstable main' >> /etc/apt/sources.list && apt-get update" --customize-hook=chroot "$1" useradd --no-create-home -d /nonexistent -p "" builduser -s /bin/bash --customize-hook=chroot "$1" env sh -c "apt-get source --only-source -d ruby-secure-headers=6.3.2-1 && mkdir -p /build/ruby-secure-headers-7O7tqM && dpkg-source --no-check -x /*.dsc /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2 && chown -R builduser:builduser /build/ruby-secure-headers-7O7tqM" --customize-hook=chroot "$1" env --unset=TMPDIR runuser builduser -c "cd /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2 && env DEB_BUILD_OPTIONS="parallel=4" LANG="C.UTF-8" LC_ALL="C.UTF-8" SOURCE_DATE_EPOCH="1624650829" dpkg-buildpackage -uc -a amd64 --build=all" --customize-hook=sync-out /build/ruby-secure-headers-7O7tqM /tmp/ruby-secure-headers-6.3.2-1y3gj7nkm bullseye /dev/null deb http://snapshot.notset.fr/archive/debian/20210624T142826Z unstable main I: automatically chosen mode: root I: chroot architecture amd64 is equal to the host's architecture I: automatically chosen format: tar I: using /tmp/mmdebstrap.Fw2rl1oBLi as tempdir I: running apt-get update... I: downloading packages with apt... I: extracting archives... I: installing essential packages... I: running --essential-hook in shell: sh -c 'chroot "$1" sh -c "apt-get --yes install fakeroot util-linux"' exec /tmp/mmdebstrap.Fw2rl1oBLi Reading package lists... Building dependency tree... util-linux is already the newest version (2.36.1-7). The following NEW packages will be installed: fakeroot libfakeroot 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. Need to get 134 kB of archives. After this operation, 397 kB of additional disk space will be used. Get:1 http://snapshot.notset.fr/archive/debian/20210624T142826Z unstable/main amd64 libfakeroot amd64 1.25.3-1.1 [47.0 kB] Get:2 http://snapshot.notset.fr/archive/debian/20210624T142826Z unstable/main amd64 fakeroot amd64 1.25.3-1.1 [87.0 kB] debconf: delaying package configuration, since apt-utils is not installed Fetched 134 kB in 0s (815 kB/s) Selecting previously unselected package libfakeroot:amd64. (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 4667 files and directories currently installed.) Preparing to unpack .../libfakeroot_1.25.3-1.1_amd64.deb ... Unpacking libfakeroot:amd64 (1.25.3-1.1) ... Selecting previously unselected package fakeroot. Preparing to unpack .../fakeroot_1.25.3-1.1_amd64.deb ... Unpacking fakeroot (1.25.3-1.1) ... Setting up libfakeroot:amd64 (1.25.3-1.1) ... Setting up fakeroot (1.25.3-1.1) ... update-alternatives: using /usr/bin/fakeroot-sysv to provide /usr/bin/fakeroot (fakeroot) in auto mode Processing triggers for libc-bin (2.31-12) ... I: running special hook: copy-in /usr/share/keyrings/debian-archive-bullseye-automatic.gpg /usr/share/keyrings/debian-archive-bullseye-security-automatic.gpg /usr/share/keyrings/debian-archive-bullseye-stable.gpg /usr/share/keyrings/debian-archive-buster-automatic.gpg /usr/share/keyrings/debian-archive-buster-security-automatic.gpg /usr/share/keyrings/debian-archive-buster-stable.gpg /usr/share/keyrings/debian-archive-keyring.gpg /usr/share/keyrings/debian-archive-removed-keys.gpg /usr/share/keyrings/debian-archive-stretch-automatic.gpg /usr/share/keyrings/debian-archive-stretch-security-automatic.gpg /usr/share/keyrings/debian-archive-stretch-stable.gpg /usr/share/keyrings/debian-ports-archive-keyring-removed.gpg /usr/share/keyrings/debian-ports-archive-keyring.gpg /usr/share/keyrings/debian-keyring.gpg /etc/apt/trusted.gpg.d/ I: running --essential-hook in shell: sh -c 'chroot "$1" sh -c "rm /etc/apt/sources.list && echo 'deb http://snapshot.notset.fr/archive/debian/20210814T212851Z/ bookworm main deb-src http://snapshot.notset.fr/archive/debian/20210814T212851Z/ bookworm main deb http://snapshot.notset.fr/archive/debian/20210624T142826Z/ unstable main' >> /etc/apt/sources.list && apt-get update"' exec /tmp/mmdebstrap.Fw2rl1oBLi Get:1 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm InRelease [81.6 kB] Hit:2 http://snapshot.notset.fr/archive/debian/20210624T142826Z unstable InRelease Ign:3 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main Sources Ign:4 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main amd64 Packages Ign:3 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main Sources Ign:4 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main amd64 Packages Ign:3 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main Sources Ign:4 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main amd64 Packages Get:3 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main Sources [11.4 MB] Get:4 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main amd64 Packages [11.1 MB] Fetched 22.6 MB in 20s (1135 kB/s) Reading package lists... I: installing remaining packages inside the chroot... I: running --customize-hook in shell: sh -c 'chroot "$1" useradd --no-create-home -d /nonexistent -p "" builduser -s /bin/bash' exec /tmp/mmdebstrap.Fw2rl1oBLi I: running --customize-hook in shell: sh -c 'chroot "$1" env sh -c "apt-get source --only-source -d ruby-secure-headers=6.3.2-1 && mkdir -p /build/ruby-secure-headers-7O7tqM && dpkg-source --no-check -x /*.dsc /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2 && chown -R builduser:builduser /build/ruby-secure-headers-7O7tqM"' exec /tmp/mmdebstrap.Fw2rl1oBLi Reading package lists... NOTICE: 'ruby-secure-headers' packaging is maintained in the 'Git' version control system at: https://salsa.debian.org/ruby-team/ruby-secure-headers.git Please use: git clone https://salsa.debian.org/ruby-team/ruby-secure-headers.git to retrieve the latest (possibly unreleased) updates to the package. Need to get 59.9 kB of source archives. Get:1 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main ruby-secure-headers 6.3.2-1 (dsc) [2166 B] Get:2 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main ruby-secure-headers 6.3.2-1 (tar) [54.9 kB] Get:3 http://snapshot.notset.fr/archive/debian/20210814T212851Z bookworm/main ruby-secure-headers 6.3.2-1 (diff) [2872 B] Fetched 59.9 kB in 0s (927 kB/s) Download complete and in download only mode W: Download is performed unsandboxed as root as file 'ruby-secure-headers_6.3.2-1.dsc' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied) dpkg-source: info: extracting ruby-secure-headers in /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2 dpkg-source: info: unpacking ruby-secure-headers_6.3.2.orig.tar.gz dpkg-source: info: unpacking ruby-secure-headers_6.3.2-1.debian.tar.xz dpkg-source: info: using patch list from debian/patches/series dpkg-source: info: applying 01-require-securerandom.patch dpkg-source: info: applying 03-fix-library-path.patch I: running --customize-hook in shell: sh -c 'chroot "$1" env --unset=TMPDIR runuser builduser -c "cd /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2 && env DEB_BUILD_OPTIONS="parallel=4" LANG="C.UTF-8" LC_ALL="C.UTF-8" SOURCE_DATE_EPOCH="1624650829" dpkg-buildpackage -uc -a amd64 --build=all"' exec /tmp/mmdebstrap.Fw2rl1oBLi dpkg-buildpackage: info: source package ruby-secure-headers dpkg-buildpackage: info: source version 6.3.2-1 dpkg-buildpackage: info: source distribution unstable dpkg-buildpackage: info: source changed by Pirate Praveen dpkg-source --before-build . debian/rules clean dh clean --buildsystem=ruby --with ruby dh_auto_clean -O--buildsystem=ruby dh_ruby --clean dh_ruby --clean dh_autoreconf_clean -O--buildsystem=ruby dh_clean -O--buildsystem=ruby debian/rules binary-indep dh binary-indep --buildsystem=ruby --with ruby dh_update_autotools_config -i -O--buildsystem=ruby dh_autoreconf -i -O--buildsystem=ruby dh_auto_configure -i -O--buildsystem=ruby dh_ruby --configure dh_auto_build -i -O--buildsystem=ruby dh_ruby --build dh_ruby --build dh_auto_test -i -O--buildsystem=ruby dh_ruby --test create-stamp debian/debhelper-build-stamp dh_testroot -i -O--buildsystem=ruby dh_prep -i -O--buildsystem=ruby dh_auto_install -i -O--buildsystem=ruby dh_ruby --install /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers dh_ruby --install /usr/bin/ruby2.7 -S gem build --config-file /dev/null --verbose /tmp/d20211011-1428326-n1210c/gemspec Failed to load /dev/null because it doesn't contain valid YAML hash WARNING: license value 'Apache Public License 2.0' is invalid. Use a license identifier from http://spdx.org/licenses or 'Nonstandard' for a nonstandard license. Did you mean 'Apache-2.0'? WARNING: open-ended dependency on rake (>= 0, development) is not recommended use a bounded requirement, such as '~> x.y' WARNING: See https://guides.rubygems.org/specification-reference/ for help Successfully built RubyGem Name: secure_headers Version: 6.3.2 File: secure_headers-6.3.2.gem /usr/bin/ruby2.7 -S gem install --config-file /dev/null --verbose --local --verbose --no-document --ignore-dependencies --install-dir debian/ruby-secure-headers/usr/share/rubygems-integration/all /tmp/d20211011-1428326-n1210c/secure_headers-6.3.2.gem Failed to load /dev/null because it doesn't contain valid YAML hash /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/configuration.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/hash_helper.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/headers/clear_site_data.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/headers/content_security_policy.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/headers/content_security_policy_config.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/headers/cookie.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/headers/expect_certificate_transparency.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/headers/policy_management.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/headers/referrer_policy.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/headers/strict_transport_security.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/headers/x_content_type_options.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/headers/x_download_options.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/headers/x_frame_options.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/headers/x_permitted_cross_domain_policies.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/headers/x_xss_protection.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/middleware.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/railtie.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/utils/cookies_config.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/version.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/secure_headers/view_helper.rb /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all/gems/secure_headers-6.3.2/lib/tasks/tasks.rake Successfully installed secure_headers-6.3.2 1 gem installed cd debian/ruby-secure-headers/usr/share/rubygems-integration/all rm -rf bin rm -rf build_info rm -rf cache rm -rf doc rm -rf extensions cd gems/secure_headers-6.3.2 rm -f chmod 644 lib/secure_headers.rb lib/secure_headers/configuration.rb lib/secure_headers/hash_helper.rb lib/secure_headers/version.rb lib/secure_headers/railtie.rb lib/secure_headers/utils/cookies_config.rb lib/secure_headers/headers/clear_site_data.rb lib/secure_headers/headers/strict_transport_security.rb lib/secure_headers/headers/content_security_policy.rb lib/secure_headers/headers/x_xss_protection.rb lib/secure_headers/headers/policy_management.rb lib/secure_headers/headers/x_permitted_cross_domain_policies.rb lib/secure_headers/headers/cookie.rb lib/secure_headers/headers/expect_certificate_transparency.rb lib/secure_headers/headers/x_download_options.rb lib/secure_headers/headers/referrer_policy.rb lib/secure_headers/headers/x_frame_options.rb lib/secure_headers/headers/x_content_type_options.rb lib/secure_headers/headers/content_security_policy_config.rb lib/secure_headers/middleware.rb lib/secure_headers/view_helper.rb find lib/ -type d -empty -delete cd - cd - dh_installchangelogs -pruby-secure-headers /build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/CHANGELOG.md upstream /usr/bin/ruby2.7 /usr/bin/gem2deb-test-runner ┌──────────────────────────────────────────────────────────────────────────────┐ │ Checking Rubygems dependency resolution on ruby2.7 │ └──────────────────────────────────────────────────────────────────────────────┘ GEM_PATH=/build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all:/build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/.debhelper/generated/_source/home/.local/share/gem/ruby/2.7.0:/var/lib/gems/2.7.0:/usr/local/lib/ruby/gems/2.7.0:/usr/lib/ruby/gems/2.7.0:/usr/lib/x86_64-linux-gnu/ruby/gems/2.7.0:/usr/share/rubygems-integration/2.7.0:/usr/share/rubygems-integration/all:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.7.0 ruby2.7 -e gem\ \"secure_headers\" ┌──────────────────────────────────────────────────────────────────────────────┐ │ Run tests for ruby2.7 from debian/ruby-tests.rake │ └──────────────────────────────────────────────────────────────────────────────┘ RUBYLIB=. GEM_PATH=/build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/ruby-secure-headers/usr/share/rubygems-integration/all:/build/ruby-secure-headers-7O7tqM/ruby-secure-headers-6.3.2/debian/.debhelper/generated/_source/home/.local/share/gem/ruby/2.7.0:/var/lib/gems/2.7.0:/usr/local/lib/ruby/gems/2.7.0:/usr/lib/ruby/gems/2.7.0:/usr/lib/x86_64-linux-gnu/ruby/gems/2.7.0:/usr/share/rubygems-integration/2.7.0:/usr/share/rubygems-integration/all:/usr/lib/x86_64-linux-gnu/rubygems-integration/2.7.0 ruby2.7 -S rake -f debian/ruby-tests.rake /usr/bin/ruby2.7 -I/usr/share/rubygems-integration/all/gems/rspec-support-3.9.3/lib:/usr/share/rubygems-integration/all/gems/rspec-core-3.9.2/lib /usr/share/rubygems-integration/all/gems/rspec-core-3.9.2/exe/rspec --pattern ./spec/\*\*/\*_spec.rb --format documentation [Coveralls] Set up the SimpleCov formatter. [Coveralls] Using SimpleCov's default settings. Randomized with seed 63569 SecureHeaders::PolicyManagement #combine_policies does not combine the default-src value for directives that don't fall back to default sources overrides the report_only flag overrides the :block_all_mixed_content flag raises an error if appending to a OPT_OUT policy combines the default-src value with the override if the directive was unconfigured combines directives where the original value is nil and the hash is frozen #validate_config! requires :upgrade_insecure_requests to be a boolean value performs light validation on source lists requires :preserve_schemes to be a truthy value allows report_only to be set in a report-only config accepts all keys rejects anything not of the form type/subtype as a plugin-type value accepts anything of the form type/subtype as a plugin-type value doesn't allow report_only to be set in a non-report-only config rejects anything not of the form allow-* as a sandbox value requires a :script_src value accepts anything of the form allow-* as a sandbox value requires all source lists to be an array of strings requires :block_all_mixed_content to be a boolean value requires a :default_src value accepts true as a sandbox policy requires :report_only to be a truthy value allows nil values accepts OPT_OUT as a script-src value rejects unknown directives / config SecureHeaders::ContentSecurityPolicy #name when in enforce mode is expected to eq "Content-Security-Policy" when in report-only mode is expected to eq "Content-Security-Policy-Report-Only" #value creates maximally strict sandbox policy when passed no sandbox token values creates sandbox policy when passed valid sandbox token values minifies source expressions based on overlapping wildcards does not emit a warning when using frame-src discards 'none' values if any other source expressions are present includes navigate-to allows script as a require-sri-src allows style as a require-sri-src supports strict-dynamic and opting out of the appended 'unsafe-inline' supports script-src-attr directive creates maximally strict sandbox policy when passed true does not remove schemes from report-uri values does not add a boolean directive if the value is false deprecates and escapes semicolons in directive source lists supports style-src-elem directive deduplicates any source expressions supports strict-dynamic removes http/s schemes from hosts discards source expressions (besides unsafe-* and non-host source values) when * is present does not remove schemes when :preserve_schemes is true does add a boolean directive if the value is true supports style-src-attr directive supports script-src-elem directive uses a safe but non-breaking default value deprecates and escapes semicolons in directive source lists does not add a directive if the value is nil does not add a directive if the value is an empty array (or all nil) removes nil from source lists does not build directives with a value of OPT_OUT (and bypasses directive requirements) includes prefetch-src allows script and style as a require-sri-src SecureHeaders::XXssProtection is expected to eq ["X-XSS-Protection", "1; mode=block; report=https://www.secure.com/reports"] is expected to eq ["X-XSS-Protection", "1; mode=block"] with invalid configuration should raise an error when providing a string that is not valid when using a hash value should raise an error if no value key is supplied should raise an error if an invalid key is supplied should raise an error if mode != block should allow string values ('1' or '0' are the only valid strings) SecureHeaders::XContentTypeOptions #value is expected to eq ["X-Content-Type-Options", "nosniff"] is expected to eq ["X-Content-Type-Options", "nosniff"] invalid configuration values accepts nil doesn't accept anything besides no-sniff accepts nosniff SecureHeaders::ReferrerPolicy is expected to eq ["Referrer-Policy", "origin-when-cross-origin"] is expected to eq ["Referrer-Policy", "origin-when-cross-origin, strict-origin-when-cross-origin"] is expected to eq ["Referrer-Policy", "no-referrer"] invalid configuration values doesn't accept invalid values doesn't accept invalid types valid configuration values accepts 'no-referrer' accepts 'unsafe-url' accepts nil accepts 'strict-origin' accepts array of policy values accepts 'strict-origin-when-cross-origin' accepts 'origin' accepts 'no-referrer-when-downgrade' accepts 'origin-when-cross-origin' accepts 'same-origin' SecureHeaders::XFrameOptions #value is expected to eq ["X-Frame-Options", "sameorigin"] is expected to eq ["X-Frame-Options", "DENY"] with invalid configuration does not allow garbage allows SAMEORIGIN allows DENY allows ALLOW-FROM* SecureHeaders::XDownloadOptions is expected to eq ["X-Download-Options", "noopen"] is expected to eq ["X-Download-Options", "noopen"] invalid configuration values accepts noopen doesn't accept anything besides noopen accepts nil SecureHeaders::ViewHelpers raises an error when using previously unknown hashed content with precomputed hashes for a given file raises an error when using hashed content with precomputed hashes, but none for the given file adds known hash values to the corresponding headers when the helper is used avoids calling content_security_policy_nonce internally raises an error when using hashed content without precomputed hashes SecureHeaders::StrictTransportSecurity #value is expected to eq ["Strict-Transport-Security", "max-age=631138519"] is expected to eq ["Strict-Transport-Security", "max-age=1234; includeSubdomains; preload"] with an invalid configuration with a string argument raises an exception with an invalid format raises an exception if max-age is not supplied raises an exception with an invalid max-age SecureHeaders::Cookie preserves existing attributes prevents duplicate flagging of attributes applies httponly, secure, and samesite by default does not tamper with cookies when using OPT_OUT is used HttpOnly cookies when configured with a Hash flags cookies as HttpOnly when whitelisted does not flag cookies as HttpOnly when excluded when configured with a boolean flags cookies as HttpOnly Secure cookies when configured with a Hash does not flag cookies as Secure when excluded flags cookies as Secure when whitelisted when configured with a boolean flags cookies as Secure SameSite cookies flags SameSite=Strict when configured with a boolean flags properly when both lax and strict are configured does not flag cookies as SameSite=None when excluded samesite: true sets all cookies to samesite=lax flags SameSite=Lax does not flag cookies as SameSite=Strict when excluded flags SameSite=None ignores configuration if the cookie is already flagged flags SameSite=Lax when configured with a boolean flags SameSite=Strict does not flag cookies as SameSite=Lax when excluded flags SameSite=None when configured with a boolean flags SameSite=Strict when configured with a boolean SecureHeaders::Middleware sets the headers respects overrides uses named overrides cookies allows opting out of cookie protection with OPT_OUT alone cookies should not be flagged does not flags cookies as secure cookies should be flagged flags cookies as secure cookies flags cookies from configuration sets the secure cookie flag correctly on interleaved http/https requests disables secure cookies for non-https requests flags cookies with a combination of SameSite configurations SecureHeaders raises and ArgumentError when referencing an override that has not been set raises a NotYetConfiguredError if default has not been set raises a AlreadyConfiguredError if trying to configure and default has already been set raises a NotYetConfiguredError if trying to opt-out of unconfigured headers validation raises errors for unknown directives validates your x_permitted_cross_domain_policies config upon configuration validates your xcto config upon configuration validates your hsts config upon configuration validates your csp config upon configuration validates your cookies config upon configuration validates your x_xss config upon configuration validates your referrer_policy config upon configuration validates your xfo config upon configuration validates your clear site data config upon configuration validates your xdo config upon configuration #header_hash_for allows you to override X-Frame-Options settings allows you to opt out entirely produces a hash of headers with default config Overrides the current default config if default config changes during request allows you to opt out of individual headers via API Carries options over when using overrides does not set the HSTS header if request is over HTTP allows you to override opting out content security policy appends a nonce to a missing script-src value appends a value to csp directive supports named appends appends a nonce to the script-src when used appends a hash to a missing script-src value does not support the deprecated `report_only: true` format Raises an error if csp_report_only is used with `report_only: false` overrides individual directives overrides non-existant directives setting two headers allows appending to both policies allows appending to the enforced policy allows overriding both policies sets identical values when the configs are the same allows appending to the report only policy allows overriding the report only policy allows you to opt-out of enforced CSP sets different headers when the configs are different allows overriding the enforced policy when inferring which config to modify updates the report only header when configured updates the enforced header when configured updates both headers if both are configured SecureHeaders::ClearSiteData validate_config! succeeds for empty config succeeds for opt-out config succeeds for Array of Strings config succeeds for `nil` config fails for Array of non-String config fails for other types of config succeeds for `true` config make_header returns nil with empty config returns all types with `true` config returns nil with nil config returns specified types returns nil with opt-out config make_header_value returns a string of quoted values that are comma separated SecureHeaders::ExpectCertificateTransparency is expected to eq "enforce, max-age=1234, report-uri=\"https://report-uri.io/expect-ct\"" is expected to eq "max-age=1234" is expected to eq "max-age=1234" is expected to eq "max-age=1234, report-uri=\"https://report-uri.io/expect-ct\"" is expected to eq "enforce, max-age=1234" with an invalid configuration raises an exception when max-age is not provided raises an exception with an invalid max-age raises an exception when configuration isn't a hash raises an exception with an invalid enforce value with an invalid configuration raises an exception when SameSite lax and strict enforcement modes are configured with booleans raises an exception when SameSite strict and lax enforcement modes are configured with booleans raises an exception when both lax and strict only filters are provided to SameSite configurations raises an exception when both lax and strict only filters are provided to SameSite configurations raises an exception when not configured with a Hash raises an exception when SameSite none and strict enforcement modes are configured with booleans raises an exception when SameSite none and lax enforcement modes are configured with booleans raises an exception when SameSite lax and none enforcement modes are configured with booleans raises an exception when SameSite is not configured with a Hash raises an exception when both only and except filters are provided raises an exception when configured with false raises an exception when configured without a boolean(true or OPT_OUT)/Hash raises an exception when SameSite lax and strict enforcement modes are configured with booleans raises an exception when both only and except filters are provided to SameSite configurations raises an exception when SameSite strict and none enforcement modes are configured with booleans SecureHeaders::XPermittedCrossDomainPolicies is expected to eq ["X-Permitted-Cross-Domain-Policies", "master-only"] is expected to eq ["X-Permitted-Cross-Domain-Policies", "none"] invlaid configuration values doesn't accept invalid values valid configuration values accepts nil accepts 'by-content-type' accepts 'all' accepts 'master-only' accepts 'by-ftp-filename' SecureHeaders::Configuration stores an override dup results in a copy of the default config allows me to be explicit too deprecates the secure_cookies configuration has an 'noop' override allows OPT_OUT gives cookies a default config has a default config #named_append raises when an override with the given name exists raises on configuring an existing append #override raises on configuring an existing override raises when a named append with the given name exists Finished in 0.16124 seconds (files took 0.59587 seconds to load) 240 examples, 0 failures Randomized with seed 63569 [Coveralls] Outside the CI environment, not sending data. ┌──────────────────────────────────────────────────────────────────────────────┐ │ dh_ruby --install finished │ └──────────────────────────────────────────────────────────────────────────────┘ dh_installdocs -i -O--buildsystem=ruby dh_ruby_fixdocs -i -O--buildsystem=ruby dh_installchangelogs -i -O--buildsystem=ruby dh_installsystemduser -i -O--buildsystem=ruby dh_perl -i -O--buildsystem=ruby dh_link -i -O--buildsystem=ruby dh_strip_nondeterminism -i -O--buildsystem=ruby dh_compress -X.rb -i -O--buildsystem=ruby dh_fixperms -i -O--buildsystem=ruby dh_missing -i -O--buildsystem=ruby dh_ruby_fixdepends -i -O--buildsystem=ruby dh_installdeb -i -O--buildsystem=ruby dh_gencontrol -i -O--buildsystem=ruby dpkg-gencontrol: warning: Depends field of package ruby-secure-headers: substitution variable ${shlibs:Depends} used, but is not defined dh_md5sums -i -O--buildsystem=ruby dh_builddeb -i -O--buildsystem=ruby dpkg-deb: building package 'ruby-secure-headers' in '../ruby-secure-headers_6.3.2-1_all.deb'. dpkg-genbuildinfo --build=all dpkg-genchanges --build=all >../ruby-secure-headers_6.3.2-1_all.changes dpkg-genchanges: info: binary-only arch-indep upload (source code and arch-specific packages not included) dpkg-source --after-build . dpkg-buildpackage: info: binary-only upload (no source included) I: running special hook: sync-out /build/ruby-secure-headers-7O7tqM /tmp/ruby-secure-headers-6.3.2-1y3gj7nkm I: cleaning package lists and apt cache... I: creating tarball... I: done I: removing tempdir /tmp/mmdebstrap.Fw2rl1oBLi... I: success in 302.0760 seconds md5: ruby-secure-headers_6.3.2-1_all.deb: OK sha1: ruby-secure-headers_6.3.2-1_all.deb: OK sha256: ruby-secure-headers_6.3.2-1_all.deb: OK Checksums: OK