import nodejs-12.18.4-2.module+el8.2.0+8361+192e434e

This commit is contained in:
CentOS Sources 2020-10-19 03:14:32 -04:00 committed by Andrew Lukoshko
commit 5a0ed320d2
9 changed files with 1633 additions and 0 deletions

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
SOURCES/icu4c-67_1-src.tgz
SOURCES/node-v12.18.4-stripped.tar.gz

2
.nodejs.metadata Normal file
View File

@ -0,0 +1,2 @@
6822a4a94324d1ba591b3e8ef084e4491af253c1 SOURCES/icu4c-67_1-src.tgz
31bb163dc0d11a30767ce9b71f1283d9b8d93903 SOURCES/node-v12.18.4-stripped.tar.gz

View File

@ -0,0 +1,26 @@
From 641730c7d1322dacd8e1020ec0753795d01200f0 Mon Sep 17 00:00:00 2001
From: Zuzana Svetlikova <zsvetlik@redhat.com>
Date: Thu, 27 Apr 2017 14:25:42 +0200
Subject: [PATCH] Disable running gyp on shared deps
Signed-off-by: rpm-build <rpm-build>
---
Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
index 32a8a6c..f44f88a 100644
--- a/Makefile
+++ b/Makefile
@@ -141,7 +141,7 @@ test-code-cache: with-code-cache
echo "'test-code-cache' target is a noop"
out/Makefile: config.gypi common.gypi node.gyp \
- deps/uv/uv.gyp deps/http_parser/http_parser.gyp deps/zlib/zlib.gyp \
+ deps/http_parser/http_parser.gyp \
tools/v8_gypfiles/toolchain.gypi tools/v8_gypfiles/features.gypi \
tools/v8_gypfiles/inspector.gypi tools/v8_gypfiles/v8.gyp
$(PYTHON) tools/gyp_node.py -f make
--
2.26.2

View File

@ -0,0 +1,106 @@
From 9473adba9cba6767e8e506f8f19e0ff8f66920be Mon Sep 17 00:00:00 2001
From: Marco Carini <cmdcarini@gmail.com>
Date: Mon, 3 Aug 2020 17:16:07 -0500
Subject: [PATCH] dot-prop: patch 4.2.0 with fixes for CVE-2020-8116
Adjusted from
https://github.com/sindresorhus/dot-prop/commit/c914124f418f55edea27928e89c94d931babe587.patch
Signed-off-by: rpm-build <rpm-build>
---
deps/npm/node_modules/dot-prop/index.js | 18 ++++++++++++++++++
deps/npm/node_modules/dot-prop/package.json | 6 +++---
deps/npm/node_modules/dot-prop/readme.md | 2 ++
3 files changed, 23 insertions(+), 3 deletions(-)
diff --git a/deps/npm/node_modules/dot-prop/index.js b/deps/npm/node_modules/dot-prop/index.js
index 15282bb..189831c 100644
--- a/deps/npm/node_modules/dot-prop/index.js
+++ b/deps/npm/node_modules/dot-prop/index.js
@@ -1,6 +1,14 @@
'use strict';
const isObj = require('is-obj');
+const disallowedKeys = [
+ '__proto__',
+ 'prototype',
+ 'constructor'
+];
+
+const isValidPath = pathSegments => !pathSegments.some(segment => disallowedKeys.includes(segment));
+
function getPathSegments(path) {
const pathArr = path.split('.');
const parts = [];
@@ -16,6 +24,10 @@ function getPathSegments(path) {
parts.push(p);
}
+ if (!isValidPath(parts)) {
+ return [];
+ }
+
return parts;
}
@@ -26,6 +38,9 @@ module.exports = {
}
const pathArr = getPathSegments(path);
+ if (pathArr.length === 0) {
+ return;
+ }
for (let i = 0; i < pathArr.length; i++) {
if (!Object.prototype.propertyIsEnumerable.call(obj, pathArr[i])) {
@@ -58,6 +73,9 @@ module.exports = {
const root = obj;
const pathArr = getPathSegments(path);
+ if (pathArr.length === 0) {
+ return;
+ }
for (let i = 0; i < pathArr.length; i++) {
const p = pathArr[i];
diff --git a/deps/npm/node_modules/dot-prop/package.json b/deps/npm/node_modules/dot-prop/package.json
index 40fefa3..93daf7d 100644
--- a/deps/npm/node_modules/dot-prop/package.json
+++ b/deps/npm/node_modules/dot-prop/package.json
@@ -37,9 +37,9 @@
"deprecated": false,
"description": "Get, set, or delete a property from a nested object using a dot path",
"devDependencies": {
- "ava": "*",
+ "ava": "1.4.1",
"matcha": "^0.7.0",
- "xo": "*"
+ "xo": "0.24.0"
},
"engines": {
"node": ">=4"
@@ -73,7 +73,7 @@
"bench": "matcha bench.js",
"test": "xo && ava"
},
- "version": "4.2.0",
+ "version": "4.2.1",
"xo": {
"esnext": true
}
diff --git a/deps/npm/node_modules/dot-prop/readme.md b/deps/npm/node_modules/dot-prop/readme.md
index fab3b7a..0e18f78 100644
--- a/deps/npm/node_modules/dot-prop/readme.md
+++ b/deps/npm/node_modules/dot-prop/readme.md
@@ -85,6 +85,8 @@ Path of the property in the object, using `.` to separate each nested key.
Use `\\.` if you have a `.` in the key.
+The following path components are invalid and results in `undefined` being returned: `__proto__`, `prototype`, `constructor`.
+
#### value
Type: `any`
--
2.26.2

151
SOURCES/btest402.js Normal file
View File

@ -0,0 +1,151 @@
// Copyright (C) 2014 IBM Corporation and Others. All Rights Reserved.
// This file is part of the Node.JS ICU enablement work
// https://github.com/joyent/node/pull/7719
// and is under the same license.
//
// This is a very, very, very basic test of es402
//
// URL: https://github.com/srl295/btest402
// Author: Steven R. Loomis <srl@icu-project.org>
//
// for a complete test, see http://test262.ecmascript.org
//
// Usage: node btest402.js
try {
console.log("You have console.log.");
} catch(e) {
// this works on d8
console = { log: print };
console.log("Now you have console.log.");
}
function runbtest() {
var summary = {};
try {
var i = Intl;
summary.haveIntl = true;
console.log("+ Congrats, you have the Intl object.");
} catch(e) {
console.log("You don't have the Intl object: " + e);
}
if(summary.haveIntl) {
var locs = [ "en", "mt", "ja","tlh"];
var d = new Date(196400000);
for ( var n=0; n<locs.length; n++ ) {
var loc = locs[n];
var lsummary = summary[loc] = {};
console.log(loc+":");
var sl=null;
try {
sl = Intl.DateTimeFormat.supportedLocalesOf([loc]);
if( sl.length > 0 ) {
lsummary.haveSlo = true;
}
} catch (e) {
console.log("SLO err: " + e);
}
var dstr = "ERR";
try {
lsummary.dstr = d.toLocaleString(loc,{month: "long",day:"numeric",weekday:"long",year:"numeric"});
console.log(" date: (supported:"+sl+") " + lsummary.dstr);
} catch (e) {
console.log(" Date Format err: " + e);
}
try {
new Intl.v8BreakIterator();
console.log(" Intl.v8BreakIterator:" +
Intl.v8BreakIterator.supportedLocalesOf(loc) + " Supported, first()==" +
new Intl.v8BreakIterator(loc).first() );
lsummary.brkOk = true;
} catch ( e) {
console.log(" Intl.v8BreakIterator error (NOT part of EcmaScript402): " + e);
}
console.log();
}
}
// print summary
console.log();
console.log("--------- Analysis ---------");
stxt = "";
if( summary.haveIntl ) {
console.log("* You have the 'Intl' object. Congratulations! You have the possibility of being EcmaScript 402 compliant.");
stxt += "Have Intl, ";
if ( !summary.en.haveSlo ) {
stxt += "Date:no EN, ";
console.log("* English isn't a supported language by the date formatter. Perhaps the data isn't installed properly?");
}
if ( !summary.tlh.haveSlo ) {
stxt += "Date:no 'tlh', ";
console.log("* Klingon isn't a supported language by the date formatter. It is without honor!");
}
// now, what is it actually saying
if( summary.en.dstr.indexOf("1970") == -1) {
stxt += "Date:bad 'en', ";
console.log("* the English date format text looks bad to me. Doesn't even have the year.");
} else {
if( summary.en.dstr.indexOf("Jan") == -1) {
stxt += "Date:bad 'en', ";
console.log("* The English date format text looks bad to me. Doesn't have the right month.");
}
}
if( summary.mt.dstr == summary.en.dstr ) {
stxt += "Date:'mt'=='en', ";
console.log("* The English and Maltese look the same to me. Probably a 'small' build.");
} else if( summary.mt.dstr.indexOf("1970") == -1) {
stxt += "Date:bad 'mt', ";
console.log("* the Maltese date format text looks bad to me. Doesn't even have the year. (This data is missing from the Chromium ICU build)");
} else {
if( summary.mt.dstr.indexOf("Jann") == -1) {
stxt += "Date:bad 'mt', ";
console.log("* The Maltese date format text looks bad to me. Doesn't have the right month. (This data is missing from the Chromium ICU build)");
}
}
if ( !summary.ja.haveSlo ) {
stxt += "Date:no 'ja', ";
console.log("* Japanese isn't a supported language by the date formatter. Could be a 'small' build.");
} else {
if( summary.ja.dstr.indexOf("1970") == -1) {
stxt += "Date:bad 'ja', ";
console.log("* the Japanese date format text looks bad to me. Doesn't even have the year.");
} else {
if( summary.ja.dstr.indexOf("日") == -1) {
stxt += "Date:bad 'ja', ";
console.log("* The Japanese date format text looks bad to me.");
}
}
}
if ( summary.en.brkOk ) {
stxt += "FYI: v8Brk:have 'en', ";
console.log("* You have Intl.v8BreakIterator support. (Note: not part of ES402.)");
}
} else {
console.log("* You don't have the 'Intl' object. You aren't EcmaScript 402 compliant.");
stxt += " NO Intl. ";
}
// 1-liner.
console.log();
console.log("----------------");
console.log( "SUMMARY:" + stxt );
}
var dorun = true;
try {
if(btest402_noautorun) {
dorun = false;
}
} catch(e) {}
if(dorun) {
console.log("Running btest..");
runbtest();
}

201
SOURCES/nodejs-tarball.sh Executable file
View File

@ -0,0 +1,201 @@
#!/bin/sh
# Uses Argbash to generate command argument parsing. To update
# arguments, make sure to call
# `argbash nodejs-tarball.sh -o nodejs-tarball.sh`
# ARG_POSITIONAL_SINGLE([version],[Node.js release version],[""])
# ARG_DEFAULTS_POS([])
# ARG_HELP([Tool to aid in Node.js packaging of new releases])
# ARGBASH_GO()
# needed because of Argbash --> m4_ignore([
### START OF CODE GENERATED BY Argbash v2.8.1 one line above ###
# Argbash is a bash code generator used to get arguments parsing right.
# Argbash is FREE SOFTWARE, see https://argbash.io for more info
die()
{
local _ret=$2
test -n "$_ret" || _ret=1
test "$_PRINT_HELP" = yes && print_help >&2
echo "$1" >&2
exit ${_ret}
}
begins_with_short_option()
{
local first_option all_short_options='h'
first_option="${1:0:1}"
test "$all_short_options" = "${all_short_options/$first_option/}" && return 1 || return 0
}
# THE DEFAULTS INITIALIZATION - POSITIONALS
_positionals=()
_arg_version=""
# THE DEFAULTS INITIALIZATION - OPTIONALS
print_help()
{
printf '%s\n' "Tool to aid in Node.js packaging of new releases"
printf 'Usage: %s [-h|--help] [<version>]\n' "$0"
printf '\t%s\n' "<version>: Node.js release version (default: '""')"
printf '\t%s\n' "-h, --help: Prints help"
}
parse_commandline()
{
_positionals_count=0
while test $# -gt 0
do
_key="$1"
case "$_key" in
-h|--help)
print_help
exit 0
;;
-h*)
print_help
exit 0
;;
*)
_last_positional="$1"
_positionals+=("$_last_positional")
_positionals_count=$((_positionals_count + 1))
;;
esac
shift
done
}
handle_passed_args_count()
{
test "${_positionals_count}" -le 1 || _PRINT_HELP=yes die "FATAL ERROR: There were spurious positional arguments --- we expect between 0 and 1, but got ${_positionals_count} (the last one was: '${_last_positional}')." 1
}
assign_positional_args()
{
local _positional_name _shift_for=$1
_positional_names="_arg_version "
shift "$_shift_for"
for _positional_name in ${_positional_names}
do
test $# -gt 0 || break
eval "$_positional_name=\${1}" || die "Error during argument parsing, possibly an Argbash bug." 1
shift
done
}
parse_commandline "$@"
handle_passed_args_count
assign_positional_args 1 "${_positionals[@]}"
# OTHER STUFF GENERATED BY Argbash
### END OF CODE GENERATED BY Argbash (sortof) ### ])
# [ <-- needed because of Argbash
set -e
echo $_arg_version
if [ x$_arg_version != x ]; then
version=$_arg_version
else
version=$(rpm -q --specfile --qf='%{version}\n' nodejs.spec | head -n1)
fi
rm -f node-v${version}.tar.gz node-v${version}-stripped.tar.gz
wget http://nodejs.org/dist/v${version}/node-v${version}.tar.gz \
http://nodejs.org/dist/v${version}/SHASUMS256.txt
sha256sum -c SHASUMS256.txt --ignore-missing
tar -zxf node-v${version}.tar.gz
rm -rf node-v${version}/deps/openssl
tar -zcf node-v${version}-stripped.tar.gz node-v${version}
# Download the matching version of ICU
rm -f icu4c*-src.tgz icu.md5
ICUMD5=$(cat node-v${version}/tools/icu/current_ver.dep |jq -r '.[0].md5')
wget $(cat node-v${version}/tools/icu/current_ver.dep |jq -r '.[0].url')
ICUTARBALL=$(ls -1 icu4c*-src.tgz)
echo "$ICUMD5 $ICUTARBALL" > icu.md5
md5sum -c icu.md5
rm -f icu.md5 SHASUMS256.txt
rhpkg new-sources node-v${version}-stripped.tar.gz icu4c*-src.tgz
rm -f node-v${version}.tar.gz
set +e
# Determine the bundled versions of the various packages
echo "Bundled software versions"
echo "-------------------------"
echo
echo "libnode shared object version"
echo "========================="
grep "define NODE_MODULE_VERSION" node-v${version}/src/node_version.h
echo
echo "V8"
echo "========================="
grep "define V8_MAJOR_VERSION" node-v${version}/deps/v8/include/v8-version.h
grep "define V8_MINOR_VERSION" node-v${version}/deps/v8/include/v8-version.h
grep "define V8_BUILD_NUMBER" node-v${version}/deps/v8/include/v8-version.h
grep "define V8_PATCH_LEVEL" node-v${version}/deps/v8/include/v8-version.h
echo
echo "c-ares"
echo "========================="
grep "define ARES_VERSION_MAJOR" node-v${version}/deps/cares/include/ares_version.h
grep "define ARES_VERSION_MINOR" node-v${version}/deps/cares/include/ares_version.h
grep "define ARES_VERSION_PATCH" node-v${version}/deps/cares/include/ares_version.h
echo
echo "http-parser"
echo "========================="
grep "define HTTP_PARSER_VERSION_MAJOR" node-v${version}/deps/http_parser/http_parser.h
grep "define HTTP_PARSER_VERSION_MINOR" node-v${version}/deps/http_parser/http_parser.h
grep "define HTTP_PARSER_VERSION_PATCH" node-v${version}/deps/http_parser/http_parser.h
echo
echo "llhttp"
echo "========================="
grep "define LLHTTP_VERSION_MAJOR" node-v${version}/deps/llhttp/include/llhttp.h
grep "define LLHTTP_VERSION_MINOR" node-v${version}/deps/llhttp/include/llhttp.h
grep "define LLHTTP_VERSION_PATCH" node-v${version}/deps/llhttp/include/llhttp.h
echo
echo "libuv"
echo "========================="
grep "define UV_VERSION_MAJOR" node-v${version}/deps/uv/include/uv/version.h
grep "define UV_VERSION_MINOR" node-v${version}/deps/uv/include/uv/version.h
grep "define UV_VERSION_PATCH" node-v${version}/deps/uv/include/uv/version.h
echo
echo "nghttp2"
echo "========================="
grep "define NGHTTP2_VERSION " node-v${version}/deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
echo
echo "ICU"
echo "========================="
grep "url" node-v${version}/tools/icu/current_ver.dep
echo
echo "punycode"
echo "========================="
grep "'version'" node-v${version}/lib/punycode.js
echo
echo "uvwasi"
echo "========================="
grep "define UVWASI_VERSION_MAJOR" node-v${version}/deps/uvwasi/include/uvwasi.h
grep "define UVWASI_VERSION_MINOR" node-v${version}/deps/uvwasi/include/uvwasi.h
grep "define UVWASI_VERSION_PATCH" node-v${version}/deps/uvwasi/include/uvwasi.h
echo
echo "npm"
echo "========================="
grep "\"version\":" node-v${version}/deps/npm/package.json
echo
echo "Make sure these versions match what is in the RPM spec file"
rm -rf node-v${version}
# ] <-- needed because of Argbash

View File

@ -0,0 +1,2 @@
%__nodejs_native_requires %{_rpmconfigdir}/nodejs_native.req
%__nodejs_native_path ^/usr/lib.*/node_modules/.*\\.node$

2
SOURCES/npmrc Normal file
View File

@ -0,0 +1,2 @@
prefix=/usr/local
python=/usr/bin/python3

1141
SPECS/nodejs.spec Normal file

File diff suppressed because it is too large Load Diff