import UBI nodejs-16.20.1-1.module+el8.8.0+19440+ee8dbee5
This commit is contained in:
parent
8cea0c713f
commit
81f29cb90c
4
.gitignore
vendored
4
.gitignore
vendored
@ -1,6 +1,6 @@
|
||||
SOURCES/cjs-module-lexer-1.2.2.tar.gz
|
||||
SOURCES/icu4c-71_1-src.tgz
|
||||
SOURCES/node-v16.19.1-stripped.tar.gz
|
||||
SOURCES/undici-5.19.1.tar.gz
|
||||
SOURCES/node-v16.20.1-stripped.tar.gz
|
||||
SOURCES/undici-5.20.0.tar.gz
|
||||
SOURCES/wasi-sdk-wasi-sdk-11.tar.gz
|
||||
SOURCES/wasi-sdk-wasi-sdk-14.tar.gz
|
||||
|
@ -1,6 +1,6 @@
|
||||
b0a91341ecf6c68a9d59a1c57d000fbbcc771679 SOURCES/cjs-module-lexer-1.2.2.tar.gz
|
||||
406b0c8635288b772913b6ff646451e69748878a SOURCES/icu4c-71_1-src.tgz
|
||||
bd54c70441a0d8933e6e78378e47501ef5639038 SOURCES/node-v16.19.1-stripped.tar.gz
|
||||
4ba08daec56f2571fc8af493b3a2628d290f9390 SOURCES/undici-5.19.1.tar.gz
|
||||
dd58f4942a016f232a06e36fae6cc43c387e2f66 SOURCES/node-v16.20.1-stripped.tar.gz
|
||||
a96c780a67c578c31e9c8d291e357b2ae98a0ce5 SOURCES/undici-5.20.0.tar.gz
|
||||
8979d177dd62e3b167a6fd7dc7185adb0128c439 SOURCES/wasi-sdk-wasi-sdk-11.tar.gz
|
||||
900a50a32f0079d53c299db92b88bb3c5d2022b8 SOURCES/wasi-sdk-wasi-sdk-14.tar.gz
|
||||
|
@ -1,45 +0,0 @@
|
||||
From abe534dda44a10e1b80a206c996f2e0e42298f7f Mon Sep 17 00:00:00 2001
|
||||
From: Kornel <kornel@geekhood.net>
|
||||
Date: Fri, 27 Jan 2023 01:20:38 +0000
|
||||
Subject: [PATCH] deps(http-cache-semantics): Don't use regex to trim
|
||||
whitespace
|
||||
|
||||
Signed-off-by: rpm-build <rpm-build>
|
||||
---
|
||||
deps/npm/node_modules/http-cache-semantics/index.js | 6 +++---
|
||||
deps/npm/node_modules/http-cache-semantics/package.json | 2 +-
|
||||
2 files changed, 4 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/deps/npm/node_modules/http-cache-semantics/index.js b/deps/npm/node_modules/http-cache-semantics/index.js
|
||||
index 4f6c2f3..39d58a7 100644
|
||||
--- a/deps/npm/node_modules/http-cache-semantics/index.js
|
||||
+++ b/deps/npm/node_modules/http-cache-semantics/index.js
|
||||
@@ -79,10 +79,10 @@ function parseCacheControl(header) {
|
||||
|
||||
// TODO: When there is more than one value present for a given directive (e.g., two Expires header fields, multiple Cache-Control: max-age directives),
|
||||
// the directive's value is considered invalid. Caches are encouraged to consider responses that have invalid freshness information to be stale
|
||||
- const parts = header.trim().split(/\s*,\s*/); // TODO: lame parsing
|
||||
+ const parts = header.trim().split(/,/);
|
||||
for (const part of parts) {
|
||||
- const [k, v] = part.split(/\s*=\s*/, 2);
|
||||
- cc[k] = v === undefined ? true : v.replace(/^"|"$/g, ''); // TODO: lame unquoting
|
||||
+ const [k, v] = part.split(/=/, 2);
|
||||
+ cc[k.trim()] = v === undefined ? true : v.trim().replace(/^"|"$/g, '');
|
||||
}
|
||||
|
||||
return cc;
|
||||
diff --git a/deps/npm/node_modules/http-cache-semantics/package.json b/deps/npm/node_modules/http-cache-semantics/package.json
|
||||
index 897798d..79c020a 100644
|
||||
--- a/deps/npm/node_modules/http-cache-semantics/package.json
|
||||
+++ b/deps/npm/node_modules/http-cache-semantics/package.json
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "http-cache-semantics",
|
||||
- "version": "4.1.0",
|
||||
+ "version": "4.1.1",
|
||||
"description": "Parses Cache-Control and other headers. Helps building correct HTTP caches and proxies",
|
||||
"repository": "https://github.com/kornelski/http-cache-semantics.git",
|
||||
"main": "index.js",
|
||||
--
|
||||
2.40.1
|
||||
|
File diff suppressed because it is too large
Load Diff
5
SOURCES/npmrc.builtin.in
Normal file
5
SOURCES/npmrc.builtin.in
Normal file
@ -0,0 +1,5 @@
|
||||
# This is the distibution-level configuration file for npm.
|
||||
# To configure NPM on a system level, use the globalconfig below (defaults to @SYSCONFDIR@/npmrc).
|
||||
# vim:set filetype=dosini:
|
||||
|
||||
globalconfig=@SYSCONFDIR@/npmrc
|
@ -35,7 +35,7 @@
|
||||
# This is used by both the nodejs package and the npm subpackage that
|
||||
# has a separate version - the name is special so that rpmdev-bumpspec
|
||||
# will bump this rather than adding .1 to the end.
|
||||
%global baserelease 2
|
||||
%global baserelease 1
|
||||
|
||||
%{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
|
||||
|
||||
@ -46,7 +46,7 @@
|
||||
# than a Fedora release lifecycle.
|
||||
%global nodejs_epoch 1
|
||||
%global nodejs_major 16
|
||||
%global nodejs_minor 19
|
||||
%global nodejs_minor 20
|
||||
%global nodejs_patch 1
|
||||
%global nodejs_abi %{nodejs_major}.%{nodejs_minor}
|
||||
# nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
|
||||
@ -74,10 +74,7 @@
|
||||
%global c_ares_version 1.19.1
|
||||
|
||||
# llhttp - from deps/llhttp/include/llhttp.h
|
||||
%global llhttp_major 6
|
||||
%global llhttp_minor 0
|
||||
%global llhttp_patch 10
|
||||
%global llhttp_version %{llhttp_major}.%{llhttp_minor}.%{llhttp_patch}
|
||||
%global llhttp_version 6.0.11
|
||||
|
||||
# libuv - from deps/uv/include/uv/version.h
|
||||
%global libuv_major 1
|
||||
@ -135,10 +132,13 @@
|
||||
|
||||
# npm - from deps/npm/package.json
|
||||
%global npm_epoch 1
|
||||
%global npm_major 8
|
||||
%global npm_minor 19
|
||||
%global npm_patch 3
|
||||
%global npm_version %{npm_major}.%{npm_minor}.%{npm_patch}
|
||||
%global npm_version 8.19.4
|
||||
|
||||
# In order to avoid needing to keep incrementing the release version for the
|
||||
# main package forever, we will just construct one for npm that is guaranteed
|
||||
# to increment safely. Changing this can only be done during an update when the
|
||||
# base npm version number is increasing.
|
||||
%global npm_release %{nodejs_epoch}.%{nodejs_major}.%{nodejs_minor}.%{nodejs_patch}.%{nodejs_release}
|
||||
|
||||
# uvwasi - from deps/uvwasi/include/uvwasi.h
|
||||
%global uvwasi_major 0
|
||||
@ -152,12 +152,6 @@
|
||||
%global histogram_patch 2
|
||||
%global histogram_version %{histogram_major}.%{histogram_minor}.%{histogram_patch}
|
||||
|
||||
# In order to avoid needing to keep incrementing the release version for the
|
||||
# main package forever, we will just construct one for npm that is guaranteed
|
||||
# to increment safely. Changing this can only be done during an update when the
|
||||
# base npm version number is increasing.
|
||||
%global npm_release %{nodejs_epoch}.%{nodejs_major}.%{nodejs_minor}.%{nodejs_patch}.%{nodejs_release}
|
||||
|
||||
|
||||
Name: nodejs
|
||||
Epoch: %{nodejs_epoch}
|
||||
@ -184,6 +178,9 @@ Source100: %{name}-tarball.sh
|
||||
# nodejs-packaging SRPM.
|
||||
Source7: nodejs_native.attr
|
||||
|
||||
# Configure npm to look into /etc for configuration
|
||||
Source8: npmrc.builtin.in
|
||||
|
||||
# These are full sources for dependencies included as WASM blobs in the source of Node itself.
|
||||
# Note: These sources would also include pre-compiled WASM blobs… so they are adjusted not to.
|
||||
# Recipes for creating these blobs are included in the sources.
|
||||
@ -197,18 +194,15 @@ Source101: cjs-module-lexer-1.2.2.tar.gz
|
||||
Source102: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-11/wasi-sdk-wasi-sdk-11.tar.gz
|
||||
|
||||
# Version: jq '.version' deps/undici/src/package.json
|
||||
# Original: https://github.com/nodejs/undici/archive/refs/tags/v5.19.1.tar.gz
|
||||
# Adjustments: rm -f undici-5.19.1/lib/llhttp/llhttp*.wasm*
|
||||
Source111: undici-5.19.1.tar.gz
|
||||
# Original: https://github.com/nodejs/undici/archive/refs/tags/v5.20.0.tar.gz
|
||||
# Adjustments: rm -f undici-5.20.0/lib/llhttp/llhttp*.wasm*
|
||||
Source111: undici-5.20.0.tar.gz
|
||||
# The WASM blob was made using wasi-sdk v14; compiler libraries are linked in.
|
||||
# Version source: build/Dockerfile
|
||||
Source112: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-14/wasi-sdk-wasi-sdk-14.tar.gz
|
||||
|
||||
# Disable running gyp on bundled deps we don't use
|
||||
Patch1: 0001-Disable-running-gyp-on-shared-deps.patch
|
||||
# CVE-2022-25881
|
||||
Patch2: 0002-deps-http-cache-semantics-Don-t-use-regex-to-trim-wh.patch
|
||||
Patch3: 0003-deps-update-c-ares-to-1.19.1.patch
|
||||
|
||||
BuildRequires: make
|
||||
BuildRequires: python3-devel
|
||||
@ -566,15 +560,14 @@ find %{buildroot}%{_prefix}/lib/node_modules/npm \
|
||||
chmod 0755 %{buildroot}%{_prefix}/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin/node-gyp
|
||||
chmod 0755 %{buildroot}%{_prefix}/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
|
||||
|
||||
# Drop the NPM builtin configuration in place
|
||||
sed -e 's#@SYSCONFDIR@#%{_sysconfdir}#g' \
|
||||
%{SOURCE8} > %{buildroot}%{_prefix}/lib/node_modules/npm/npmrc
|
||||
|
||||
# Drop the NPM default configuration in place
|
||||
mkdir -p %{buildroot}%{_sysconfdir}
|
||||
cp %{SOURCE1} %{buildroot}%{_sysconfdir}/npmrc
|
||||
|
||||
# NPM upstream expects it to be in /usr/etc/npmrc, so we'll put a symlink here
|
||||
# This is done in the interests of keeping /usr read-only.
|
||||
mkdir -p %{buildroot}%{_prefix}/etc
|
||||
ln -s %{_sysconfdir}/npmrc %{buildroot}%{_prefix}/etc/npmrc
|
||||
|
||||
# Install the full-icu data files
|
||||
install -Dpm0644 -t %{buildroot}%{icudatadir} deps/icu/source/converted/*
|
||||
|
||||
@ -696,7 +689,6 @@ end
|
||||
%{_bindir}/npx
|
||||
%{_prefix}/lib/node_modules/npm
|
||||
%config(noreplace) %{_sysconfdir}/npmrc
|
||||
%{_prefix}/etc/npmrc
|
||||
%ghost %{_sysconfdir}/npmignore
|
||||
%doc %{_mandir}/man1/npm*.1*
|
||||
%doc %{_mandir}/man1/npx.1*
|
||||
@ -729,6 +721,13 @@ end
|
||||
|
||||
|
||||
%changelog
|
||||
* Thu Jul 13 2023 Jan Staněk <jstanek@redhat.com> - 1:16.20.1-1
|
||||
- Rebase to 16.20.1
|
||||
Resolves: rhbz#2188289
|
||||
Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590
|
||||
- Replace /usr/etc/npmrc symlink with builtin configuration
|
||||
Resolves: rhbz#2222288
|
||||
|
||||
* Wed May 31 2023 Jan Staněk <jstanek@redhat.com> - 1:16.19.1-2
|
||||
- Update bundled c-ares to 1.19.1
|
||||
Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067
|
||||
|
Loading…
Reference in New Issue
Block a user