import nodejs-16.18.1-3.module+el8.7.0+17465+1a1abd74

This commit is contained in:
CentOS Sources 2023-03-28 12:17:33 +00:00 committed by Stepan Oksanichenko
parent 9c7cfbc581
commit bc3149b843
5 changed files with 143 additions and 40 deletions

8
.gitignore vendored
View File

@ -1,2 +1,6 @@
SOURCES/icu4c-70_1-src.tgz
SOURCES/node-v16.16.0-stripped.tar.gz
SOURCES/cjs-module-lexer-1.2.2.tar.gz
SOURCES/icu4c-71_1-src.tgz
SOURCES/node-v16.18.1-stripped.tar.gz
SOURCES/undici-5.10.0.tar.gz
SOURCES/wasi-sdk-wasi-sdk-11.tar.gz
SOURCES/wasi-sdk-wasi-sdk-14.tar.gz

View File

@ -1,2 +1,6 @@
f7c1363edee6be7de8b624ffbb801892b3417d4e SOURCES/icu4c-70_1-src.tgz
17d4c0f6337149c1171c478dbebc8c224ebd0778 SOURCES/node-v16.16.0-stripped.tar.gz
b0a91341ecf6c68a9d59a1c57d000fbbcc771679 SOURCES/cjs-module-lexer-1.2.2.tar.gz
406b0c8635288b772913b6ff646451e69748878a SOURCES/icu4c-71_1-src.tgz
0e8bf36bf0ed737011cc49026a1e7b82d7a1f638 SOURCES/node-v16.18.1-stripped.tar.gz
a2668423c8ed5321e39ce08e239141b084563bb5 SOURCES/undici-5.10.0.tar.gz
8979d177dd62e3b167a6fd7dc7185adb0128c439 SOURCES/wasi-sdk-wasi-sdk-11.tar.gz
900a50a32f0079d53c299db92b88bb3c5d2022b8 SOURCES/wasi-sdk-wasi-sdk-14.tar.gz

View File

@ -0,0 +1,31 @@
From 9872b897d6a9a39e3392c39bca70cfd9dd084558 Mon Sep 17 00:00:00 2001
From: rpm-build <rpm-build>
Date: Mon, 26 Sep 2022 16:02:39 +0200
Subject: [PATCH] install: keep installing dtrace and systemtap files
Partly reverts commit e27e709d3ca93b3e7036ddc4f4d28dfde228bfb6.
Signed-off-by: rpm-build <rpm-build>
---
tools/install.py | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tools/install.py b/tools/install.py
index 4b01d67..dc16797 100755
--- a/tools/install.py
+++ b/tools/install.py
@@ -178,6 +178,11 @@ def files(action):
output_lib = 'libnode.' + variables.get('shlib_suffix')
action([output_prefix + output_lib], variables.get('libdir') + '/' + output_lib)
+ if 'true' == variables.get('node_use_dtrace'):
+ action(['out/Release/node.d'], variables.get('libdir') + '/dtrace/node.d')
+
+ action(['src/node.stp'], 'share/systemtap/tapset/')
+
action(['deps/v8/tools/gdbinit'], 'share/doc/node/')
action(['deps/v8/tools/lldb_commands.py'], 'share/doc/node/')
--
2.37.3

View File

@ -17,14 +17,19 @@
#
# create bootstrapping build with bundled deps and extra release suffix
%bcond_with bootstrap
# bundle dependencies that are not available as Fedora modules
# bundle dependencies that are not available in CentOS
# currently hardcoded to bundle; see Fedora spec on how to make this dependent on bootstrap
%if %{with bootstrap}
%bcond_without bundled
%else
%bcond_with bundled
%endif
%if 0%{?rhel} && 0%{?rhel} < 9
%bcond_without python3_fixup
%else
%bcond_with python3_fixup
%endif
# == Master Relase ==
# This is used by both the nodejs package and the npm subpackage that
@ -41,8 +46,8 @@
# than a Fedora release lifecycle.
%global nodejs_epoch 1
%global nodejs_major 16
%global nodejs_minor 16
%global nodejs_patch 0
%global nodejs_minor 18
%global nodejs_patch 1
%global nodejs_abi %{nodejs_major}.%{nodejs_minor}
# nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
%global nodejs_soversion 93
@ -58,7 +63,7 @@
%global v8_major 9
%global v8_minor 4
%global v8_build 146
%global v8_patch 24
%global v8_patch 26
# V8 presently breaks ABI at least every x.y release while never bumping SONAME
%global v8_abi %{v8_major}.%{v8_minor}
%global v8_version %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch}
@ -74,7 +79,7 @@
# llhttp - from deps/llhttp/include/llhttp.h
%global llhttp_major 6
%global llhttp_minor 0
%global llhttp_patch 7
%global llhttp_patch 10
%global llhttp_version %{llhttp_major}.%{llhttp_minor}.%{llhttp_patch}
# libuv - from deps/uv/include/uv/version.h
@ -91,18 +96,18 @@
# nghttp3 - from deps/ngtcp2/nghttp3/lib/includes/nghttp3/version.h
%global nghttp3_major 0
%global nghttp3_minor 1
%global nghttp3_patch 0-DEV
%global nghttp3_minor 7
%global nghttp3_patch 0
%global nghttp3_version %{nghttp3_major}.%{nghttp3_minor}.%{nghttp3_patch}
# ngtcp2 from deps/ngtcp2/ngtcp2/lib/includes/ngtcp2/version.h
%global ngtcp2_major 0
%global ngtcp2_minor 1
%global ngtcp2_patch 0-DEV
%global ngtcp2_minor 8
%global ngtcp2_patch 1
%global ngtcp2_version %{ngtcp2_major}.%{ngtcp2_minor}.%{ngtcp2_patch}
# ICU - from tools/icu/current_ver.dep
%global icu_major 70
%global icu_major 71
%global icu_minor 1
%global icu_version %{icu_major}.%{icu_minor}
@ -134,20 +139,20 @@
# npm - from deps/npm/package.json
%global npm_epoch 1
%global npm_major 8
%global npm_minor 11
%global npm_patch 0
%global npm_minor 19
%global npm_patch 2
%global npm_version %{npm_major}.%{npm_minor}.%{npm_patch}
# uvwasi - from deps/uvwasi/include/uvwasi.h
%global uvwasi_major 0
%global uvwasi_minor 0
%global uvwasi_patch 12
%global uvwasi_patch 13
%global uvwasi_version %{uvwasi_major}.%{uvwasi_minor}.%{uvwasi_patch}
# histogram_c - assumed from timestamps
%global histogram_major 0
%global histogram_minor 9
%global histogram_patch 7
%global histogram_minor 11
%global histogram_patch 2
%global histogram_version %{histogram_major}.%{histogram_minor}.%{histogram_patch}
# In order to avoid needing to keep incrementing the release version for the
@ -182,15 +187,42 @@ Source100: %{name}-tarball.sh
# nodejs-packaging SRPM.
Source7: nodejs_native.attr
# These are full sources for dependencies included as WASM blobs in the source of Node itself.
# Note: These sources would also include pre-compiled WASM blobs… so they are adjusted not to.
# Recipes for creating these blobs are included in the sources.
# Version: jq '.version' deps/cjs-module-lexer/package.json
# Original: https://github.com/nodejs/cjs-module-lexer/archive/refs/tags/1.2.2.tar.gz
# Adjustments: rm -f cjs-module-lexer-1.2.2/lib/lexer.wasm
Source101: cjs-module-lexer-1.2.2.tar.gz
# The WASM blob was made using wasi-sdk v11; compiler libraries are linked in.
# Version source: Makefile
Source102: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-11/wasi-sdk-wasi-sdk-11.tar.gz
# Version: jq '.version' deps/undici/src/package.json
# Original: https://github.com/nodejs/undici/archive/refs/tags/v5.10.0.tar.gz
# Adjustments: rm -f undici-5.10.0/lib/llhttp/llhttp*.wasm*
Source111: undici-5.10.0.tar.gz
# The WASM blob was made using wasi-sdk v14; compiler libraries are linked in.
# Version source: build/Dockerfile
Source112: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-14/wasi-sdk-wasi-sdk-14.tar.gz
# Disable running gyp on bundled deps we don't use
Patch1: 0001-Disable-running-gyp-on-shared-deps.patch
Patch2: 0002-install-keep-installing-dtrace-and-systemtap-files.patch
BuildRequires: make
BuildRequires: python3-devel
BuildRequires: python3-setuptools
BuildRequires: python3-jinja2
%if !%{with python3_fixup}
BuildRequires: python-unversioned-command
%endif
BuildRequires: zlib-devel
BuildRequires: brotli-devel
BuildRequires: gcc >= 8.3.0
BuildRequires: gcc-c++ >= 8.3.0
BuildRequires: jq
# needed to generate bundled provides for npm dependencies
# https://src.fedoraproject.org/rpms/nodejs/pull-request/2
# https://pagure.io/nodejs-packaging/pull-request/10
@ -206,7 +238,7 @@ BuildRequires: libuv-devel >= 1:%{libuv_version}
Requires: libuv >= 1:%{libuv_version}
%endif
%if %{with bundled}
%if %{with bundled} || !(0%{?fedora} || 0%{?rhel} >= 9)
Provides: bundled(nghttp2) = %{nghttp2_version}
%else
BuildRequires: libnghttp2-devel >= %{nghttp2_version}
@ -278,12 +310,7 @@ Provides: bundled(uvwasi) = %{uvwasi_version}
Provides: bundled(histogram) = %{histogram_version}
# Make sure we keep NPM up to date when we update Node.js
%if 0%{?rhel} < 8
# EPEL doesn't support Recommends, so make it strict
Requires: npm >= %{npm_epoch}:%{npm_version}-%{npm_release}%{?dist}
%else
Recommends: npm >= %{npm_epoch}:%{npm_version}-%{npm_release}%{?dist}
%endif
%description
Node.js is a platform built on Chrome's JavaScript runtime
@ -365,6 +392,24 @@ The API documentation for the Node.js JavaScript runtime.
# remove bundled dependencies that we aren't building
rm -rf deps/zlib
rm -rf deps/brotli
rm -rf deps/v8/third_party/jinja2
rm -rf tools/inspector_protocol/jinja2
# check for correct versions of dependencies we are bundling
check_wasm_dep() {
local -r name="$1" source="$2" packagejson="$3"
local -r expected_version="$(jq -r '.version' "${packagejson}")"
if ls "${source}"|grep -q --fixed-strings "${expected_version}"; then
printf '%s version matches\n' "${name}" >&2
else
printf '%s version MISMATCH: %s !~ %s\n' "${name}" "${expected_version}" "${source}" >&2
return 1
fi
}
check_wasm_dep cjs-module-lexer '%{SOURCE101}' deps/cjs-module-lexer/package.json
check_wasm_dep undici '%{SOURCE111}' deps/undici/src/package.json
# Replace any instances of unversioned python' with python3
%if %{with python3_fixup}
@ -663,9 +708,11 @@ end
%doc %{_mandir}/man5/package-lock-json.5*
%doc %{_mandir}/man5/npm-shrinkwrap-json.5*
%doc %{_mandir}/man7/config.7*
%doc %{_mandir}/man7/dependency-selectors.7*
%doc %{_mandir}/man7/developers.7*
%doc %{_mandir}/man7/orgs.7*
%doc %{_mandir}/man7/logging.7*
%doc %{_mandir}/man7/orgs.7*
%doc %{_mandir}/man7/package-spec.7*
%doc %{_mandir}/man7/registry.7*
%doc %{_mandir}/man7/removal.7*
%doc %{_mandir}/man7/scope.7*
@ -681,24 +728,41 @@ end
%changelog
* Fri Aug 05 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.16.0-3
- Fix build
- Resolves: RHBZ#2111416
* Wed Dec 07 2022 Jan Staněk <jstanek@redhat.com> - 1:16.18.1-3
- Update sources of undici WASM blobs
Resolves: rhbz#2151546
* Fri Aug 05 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.16.0-2
- Refactor spec
- Resolves: RHBZ#2111416
* Fri Dec 02 2022 Jan Staněk <jstanek@redhat.com> - 1:16.18.1-2
- Record CVE references already addressed in this or previous upstream versions
Resolves: CVE-2021-44531 CVE-2021-44532 CVE-2021-44533 CVE-2022-21824
* Tue Jul 26 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.16.0-1
- Rebase to latest version
- Resolves: RHBZ#2106369
- CVE fixes for CVE-2022-32212/3/4/5
- Resolves: #2109578, #2109581, #2109584, #2109588
* Wed Nov 16 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.18.1-1
- Rebase + CVE fixes
- Resolves: #2142806
- Resolves: #2142837, #2142851
* Fri Oct 07 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.17.1-1
- Rebase to version 16.17.1
- Resolves: CVE-2022-35255 CVE-2022-35256
- Resolves: #2130553
- Resolves #2132003
- Resolves #2121095
* Tue Aug 23 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.16.0-1
- Resolves: #2104754, #2108057, #2108062, #2108067, #2108072
- Resolves CVE-2022-29244, CVE-2022-32212/3/4/5
- Resolves: #2106285
- Rebase to latest release
* Mon Apr 25 2022 Jan Staněk <jstanek@redhat.com> - 1:16.14.0-5
- Unify configure calls into single command
- Refactor bootstrap-related parts
- Decouple dependency bundling from bootstrapping
* Mon Apr 11 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.14.0-4
- Apply lock file validation fixes
- Resolves CVE-2021-43616
- Resolves: RHBZ#2070012
- Resolves: CVE-2021-43616
- Resolves: RHBZ#2070013
* Mon Dec 06 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.13.1-3
- Resolves: RHBZ#2026329