Update to latest release

.gitignore

@@ -26,3 +26,8 @@
 /node-v18.2.0-stripped.tar.gz
 /icu4c-71_1-src.tgz
 /node-v18.7.0-stripped.tar.gz
+/node-v18.8.0-stripped.tar.gz
+/undici-5.8.2.tar.gz
+/cjs-module-lexer-1.2.2.tar.gz
+/wasi-sdk-11.0-linux.tar.gz
+/wasi-sdk-14.0-linux.tar.gz

nodejs.spec

@@ -40,7 +40,7 @@
 # than a Fedora release lifecycle.
 %global nodejs_epoch 1
 %global nodejs_major 18
-%global nodejs_minor 7
+%global nodejs_minor 8
 %global nodejs_patch 0
 %global nodejs_abi %{nodejs_major}.%{nodejs_minor}
 # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
@@ -117,7 +117,7 @@
 
 # npm - from deps/npm/package.json
 %global npm_epoch 1
-%global npm_version 8.15.0
+%global npm_version 8.18.0
 
 # In order to avoid needing to keep incrementing the release version for the
 # main package forever, we will just construct one for npm that is guaranteed
@@ -156,6 +156,25 @@ Source100: %{name}-tarball.sh
 # nodejs-packaging SRPM.
 Source7: nodejs_native.attr
 
+# These are full sources for dependencies included as WASM blobs int he source of Node itself.
+# Recipes for creating these blobs are included in the sources.
+
+# Version: jq '.version' deps/cjs-module-lexer/package.json
+# Original: https://github.com/nodejs/cjs-module-lexer/archive/refs/tags/1.2.2.tar.gz
+# Adjustments: rm -f cjs-module-lexer-1.2.2/lib/lexer.wasm
+# wasi-sdk version can be found in Makefile
+# https://github.com/nodejs/undici/blob/v5.8.2/build/Dockerfile
+Source101: cjs-module-lexer-1.2.2.tar.gz
+Source111: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-11/wasi-sdk-11.0-linux.tar.gz
+
+# Version: jq '.version' deps/undici/src/package.json
+# Original: https://github.com/nodejs/undici/archive/refs/tags/v5.7.0.tar.gz
+# Adjustments: rm -f undici-5.7.0/lib/llhttp/llhttp*.wasm
+# wasi-sdk version can be found in Dockerfile
+# https://github.com/nodejs/cjs-module-lexer/blob/1.2.2/Makefile
+Source102: undici-5.8.2.tar.gz
+Source112: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-14/wasi-sdk-14.0-linux.tar.gz
+
 # Disable running gyp on bundled deps we don't use
 Patch1: 0001-Disable-running-gyp-on-shared-deps.patch
 
@@ -578,6 +597,12 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/nod
 
 
 %changelog
+* Fri Aug 26 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:18.8.0-1
+- Update to latest release
+- Resolves: RHBZ#2111009
+- Provide undici and cjs-module-lexer + wasi-sdk sources
+- Resolves: RBHZ#2111861
+
 * Mon Aug 08 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:18.7.0-1
 - Update to latest release
 - Resolves CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215

sources

@@ -1,2 +1,6 @@
+SHA512 (node-v18.8.0-stripped.tar.gz) = 7bf8020c62a838a0ad987b2e7a27bb47e965221f40ec81b5550fd4c960bbdc14aabf5c3bb3290edd03b8a4352026f56974714ae8a8d7a365aee83c21f094e4de
 SHA512 (icu4c-71_1-src.tgz) = 1fd2a20aef48369d1f06e2bb74584877b8ad0eb529320b976264ec2db87420bae242715795f372dbc513ea80047bc49077a064e78205cd5e8b33d746fd2a2912
-SHA512 (node-v18.7.0-stripped.tar.gz) = b5aafe4292c41ef79c27826a4bc2195e9cb8a9de7733c5feb8078d4c3765474c44a2c806cfc9583db9d236fe1fbd536f6fc1c5f4d708c98870db202fa4a22689
+SHA512 (undici-5.8.2.tar.gz) = 60553b6ea6b1af8e1c9184b9f8db16813ebe8ce9904e1029afbbd8a60f0f2b8ee67467031375169fa53d9b946a2ccc1f45d7000fbc06716354b22396cc542341
+SHA512 (cjs-module-lexer-1.2.2.tar.gz) = 2c8e9caf2231ca7d61e71936305389774859aca9b5c86c63489c9a62a81f4736f99477c3f0cbb41077bb7924fdd23e0f24b7bce858e42fb0f87e7c0ffc87afeb
+SHA512 (wasi-sdk-11.0-linux.tar.gz) = e3ed4597f7f2290967eef6238e9046f60abbcb8633a4a2a51525d00e7393df8df637a98a5b668217d332dd44fcbf2442ec7efd5e65724e888d90611164451e20
+SHA512 (wasi-sdk-14.0-linux.tar.gz) = 288a367e051f5b3f5853de97fabaedd3acf2255819d50c24f48f573897518500ea808342fd9aea832b2a5717089807bf1cbcf6d46b156b4eb60cc6b3c02ee997