Ruby

I created a pull request about this.

Thanks for the reply! I'm sorry -- this pull request #note-1 currently fails CI, and I'm still investigating why. It's not ready for review yet, so it would be appreciated if you could revisit when it is.

i think the main question is:

Why is mkmf.log file is included in the files generated by gem install?

Shouldn't it be okay to skip these files?
Especially for distributions/package-managers?

@hsbt (Hiroshi SHIBATA)

Could you clarify what you mean by "distributions/package-managers"?

"distributions/package-managers" in the issue description refers, broadly, to systems that allow software packages to cooperate -- automatically tracking dependencies, locating files, and managing environment variables -- while making them easily installable, upgradable, and removable. Here, however, I specifically mean systems with stricter reproducibility guarantees, such as the Guix or Nix package managers.

For those unfamiliar with such systems, these are conceptually similar to Bundler. For example, running guix shell ruby ruby-nokogiri drops you into a shell with Ruby and Nokogiri installed and the environment fully set up. The key difference is that these guarantee that installing the same package on the same architecture always produces bit-for-bit identical results.

Also, do they actually include the RubyGems log files (like mkmf.log) in their packages?

Yes, at least with Guix, some packages do include the log files.

results of guix locate commandresults of guix locate command

$ guix locate mkmf.log
ruby-json@2.1.0      /gnu/store/...-ruby-json-2.1.0/lib/ruby/vendor_ruby/extensions/x86_64-linux/3.3.0/json-2.1.0/mkmf.log
ruby-racc@1.5.2      /gnu/store/...-ruby-racc-1.5.2/lib/ruby/vendor_ruby/extensions/x86_64-linux/3.3.0/racc-1.5.2/mkmf.log
ruby-sqlite3@2.5.0   /gnu/store/...-ruby-sqlite3-2.5.0/lib/ruby/vendor_ruby/extensions/x86_64-linux/3.3.0/sqlite3-2.5.0/mkmf.log
ruby@3.3.9           /gnu/store/...-ruby-3.3.9/lib/ruby/gems/3.3.0/gems/rbs-3.4.0/ext/rbs_extension/mkmf.log
ruby@3.3.9           /gnu/store/...-ruby-3.3.9/lib/ruby/gems/3.3.0/gems/debug-1.9.2/ext/debug/mkmf.log
ruby@3.4.7           /gnu/store/...-ruby-3.4.7/lib/ruby/gems/3.4.0/gems/syslog-0.2.0/ext/syslog/mkmf.log
ruby@3.4.7           /gnu/store/...-ruby-3.4.7/lib/ruby/gems/3.4.0/gems/rbs-3.8.0/ext/rbs_extension/mkmf.log
ruby@3.4.7           /gnu/store/...-ruby-3.4.7/lib/ruby/gems/3.4.0/gems/nkf-0.2.0/ext/nkf/mkmf.log
ruby@3.4.7           /gnu/store/...-ruby-3.4.7/lib/ruby/gems/3.4.0/gems/debug-1.11.0/ext/debug/mkmf.log
ruby@3.4.6           /gnu/store/...-ruby-3.4.6/lib/ruby/gems/3.4.0/gems/syslog-0.2.0/ext/syslog/mkmf.log
ruby@3.4.6           /gnu/store/...-ruby-3.4.6/lib/ruby/gems/3.4.0/gems/rbs-3.8.0/ext/rbs_extension/mkmf.log
ruby@3.4.6           /gnu/store/...-ruby-3.4.6/lib/ruby/gems/3.4.0/gems/nkf-0.2.0/ext/nkf/mkmf.log
ruby@3.4.6           /gnu/store/...-ruby-3.4.6/lib/ruby/gems/3.4.0/gems/debug-1.11.0/ext/debug/mkmf.log

That said, as these files are increasingly being identified as a source of reproducibility check failures, existing packages may also start applying workarounds in their recipes, such as explicitly deleting these log files.

As I described in the issue, based on my research into the history of this topic, I had assumed that including log files such as mkmf.log in the files generated by gem install was intended behavior. That said, if gem install were changed to skip these files, I would consider that a step in the right direction (for reproducibility-aware package managers).