Rebase to 16.20.1
This commit is contained in:
parent
4a85187e39
commit
c906dcbb97
@ -1,45 +0,0 @@
|
|||||||
From abe534dda44a10e1b80a206c996f2e0e42298f7f Mon Sep 17 00:00:00 2001
|
|
||||||
From: Kornel <kornel@geekhood.net>
|
|
||||||
Date: Fri, 27 Jan 2023 01:20:38 +0000
|
|
||||||
Subject: [PATCH] deps(http-cache-semantics): Don't use regex to trim
|
|
||||||
whitespace
|
|
||||||
|
|
||||||
Signed-off-by: rpm-build <rpm-build>
|
|
||||||
---
|
|
||||||
deps/npm/node_modules/http-cache-semantics/index.js | 6 +++---
|
|
||||||
deps/npm/node_modules/http-cache-semantics/package.json | 2 +-
|
|
||||||
2 files changed, 4 insertions(+), 4 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/deps/npm/node_modules/http-cache-semantics/index.js b/deps/npm/node_modules/http-cache-semantics/index.js
|
|
||||||
index 4f6c2f3..39d58a7 100644
|
|
||||||
--- a/deps/npm/node_modules/http-cache-semantics/index.js
|
|
||||||
+++ b/deps/npm/node_modules/http-cache-semantics/index.js
|
|
||||||
@@ -79,10 +79,10 @@ function parseCacheControl(header) {
|
|
||||||
|
|
||||||
// TODO: When there is more than one value present for a given directive (e.g., two Expires header fields, multiple Cache-Control: max-age directives),
|
|
||||||
// the directive's value is considered invalid. Caches are encouraged to consider responses that have invalid freshness information to be stale
|
|
||||||
- const parts = header.trim().split(/\s*,\s*/); // TODO: lame parsing
|
|
||||||
+ const parts = header.trim().split(/,/);
|
|
||||||
for (const part of parts) {
|
|
||||||
- const [k, v] = part.split(/\s*=\s*/, 2);
|
|
||||||
- cc[k] = v === undefined ? true : v.replace(/^"|"$/g, ''); // TODO: lame unquoting
|
|
||||||
+ const [k, v] = part.split(/=/, 2);
|
|
||||||
+ cc[k.trim()] = v === undefined ? true : v.trim().replace(/^"|"$/g, '');
|
|
||||||
}
|
|
||||||
|
|
||||||
return cc;
|
|
||||||
diff --git a/deps/npm/node_modules/http-cache-semantics/package.json b/deps/npm/node_modules/http-cache-semantics/package.json
|
|
||||||
index 897798d..79c020a 100644
|
|
||||||
--- a/deps/npm/node_modules/http-cache-semantics/package.json
|
|
||||||
+++ b/deps/npm/node_modules/http-cache-semantics/package.json
|
|
||||||
@@ -1,6 +1,6 @@
|
|
||||||
{
|
|
||||||
"name": "http-cache-semantics",
|
|
||||||
- "version": "4.1.0",
|
|
||||||
+ "version": "4.1.1",
|
|
||||||
"description": "Parses Cache-Control and other headers. Helps building correct HTTP caches and proxies",
|
|
||||||
"repository": "https://github.com/kornelski/http-cache-semantics.git",
|
|
||||||
"main": "index.js",
|
|
||||||
--
|
|
||||||
2.40.1
|
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
40
nodejs.spec
40
nodejs.spec
@ -35,7 +35,7 @@
|
|||||||
# This is used by both the nodejs package and the npm subpackage that
|
# This is used by both the nodejs package and the npm subpackage that
|
||||||
# has a separate version - the name is special so that rpmdev-bumpspec
|
# has a separate version - the name is special so that rpmdev-bumpspec
|
||||||
# will bump this rather than adding .1 to the end.
|
# will bump this rather than adding .1 to the end.
|
||||||
%global baserelease 2
|
%global baserelease 1
|
||||||
|
|
||||||
%{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
|
%{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
|
||||||
|
|
||||||
@ -46,7 +46,7 @@
|
|||||||
# than a Fedora release lifecycle.
|
# than a Fedora release lifecycle.
|
||||||
%global nodejs_epoch 1
|
%global nodejs_epoch 1
|
||||||
%global nodejs_major 16
|
%global nodejs_major 16
|
||||||
%global nodejs_minor 19
|
%global nodejs_minor 20
|
||||||
%global nodejs_patch 1
|
%global nodejs_patch 1
|
||||||
%global nodejs_abi %{nodejs_major}.%{nodejs_minor}
|
%global nodejs_abi %{nodejs_major}.%{nodejs_minor}
|
||||||
# nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
|
# nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
|
||||||
@ -74,10 +74,7 @@
|
|||||||
%global c_ares_version 1.19.1
|
%global c_ares_version 1.19.1
|
||||||
|
|
||||||
# llhttp - from deps/llhttp/include/llhttp.h
|
# llhttp - from deps/llhttp/include/llhttp.h
|
||||||
%global llhttp_major 6
|
%global llhttp_version 6.0.11
|
||||||
%global llhttp_minor 0
|
|
||||||
%global llhttp_patch 10
|
|
||||||
%global llhttp_version %{llhttp_major}.%{llhttp_minor}.%{llhttp_patch}
|
|
||||||
|
|
||||||
# libuv - from deps/uv/include/uv/version.h
|
# libuv - from deps/uv/include/uv/version.h
|
||||||
%global libuv_major 1
|
%global libuv_major 1
|
||||||
@ -135,10 +132,13 @@
|
|||||||
|
|
||||||
# npm - from deps/npm/package.json
|
# npm - from deps/npm/package.json
|
||||||
%global npm_epoch 1
|
%global npm_epoch 1
|
||||||
%global npm_major 8
|
%global npm_version 8.19.4
|
||||||
%global npm_minor 19
|
|
||||||
%global npm_patch 3
|
# In order to avoid needing to keep incrementing the release version for the
|
||||||
%global npm_version %{npm_major}.%{npm_minor}.%{npm_patch}
|
# main package forever, we will just construct one for npm that is guaranteed
|
||||||
|
# to increment safely. Changing this can only be done during an update when the
|
||||||
|
# base npm version number is increasing.
|
||||||
|
%global npm_release %{nodejs_epoch}.%{nodejs_major}.%{nodejs_minor}.%{nodejs_patch}.%{nodejs_release}
|
||||||
|
|
||||||
# uvwasi - from deps/uvwasi/include/uvwasi.h
|
# uvwasi - from deps/uvwasi/include/uvwasi.h
|
||||||
%global uvwasi_major 0
|
%global uvwasi_major 0
|
||||||
@ -152,12 +152,6 @@
|
|||||||
%global histogram_patch 2
|
%global histogram_patch 2
|
||||||
%global histogram_version %{histogram_major}.%{histogram_minor}.%{histogram_patch}
|
%global histogram_version %{histogram_major}.%{histogram_minor}.%{histogram_patch}
|
||||||
|
|
||||||
# In order to avoid needing to keep incrementing the release version for the
|
|
||||||
# main package forever, we will just construct one for npm that is guaranteed
|
|
||||||
# to increment safely. Changing this can only be done during an update when the
|
|
||||||
# base npm version number is increasing.
|
|
||||||
%global npm_release %{nodejs_epoch}.%{nodejs_major}.%{nodejs_minor}.%{nodejs_patch}.%{nodejs_release}
|
|
||||||
|
|
||||||
|
|
||||||
Name: nodejs
|
Name: nodejs
|
||||||
Epoch: %{nodejs_epoch}
|
Epoch: %{nodejs_epoch}
|
||||||
@ -197,18 +191,15 @@ Source101: cjs-module-lexer-1.2.2.tar.gz
|
|||||||
Source102: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-11/wasi-sdk-wasi-sdk-11.tar.gz
|
Source102: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-11/wasi-sdk-wasi-sdk-11.tar.gz
|
||||||
|
|
||||||
# Version: jq '.version' deps/undici/src/package.json
|
# Version: jq '.version' deps/undici/src/package.json
|
||||||
# Original: https://github.com/nodejs/undici/archive/refs/tags/v5.19.1.tar.gz
|
# Original: https://github.com/nodejs/undici/archive/refs/tags/v5.20.0.tar.gz
|
||||||
# Adjustments: rm -f undici-5.19.1/lib/llhttp/llhttp*.wasm*
|
# Adjustments: rm -f undici-5.20.0/lib/llhttp/llhttp*.wasm*
|
||||||
Source111: undici-5.19.1.tar.gz
|
Source111: undici-5.20.0.tar.gz
|
||||||
# The WASM blob was made using wasi-sdk v14; compiler libraries are linked in.
|
# The WASM blob was made using wasi-sdk v14; compiler libraries are linked in.
|
||||||
# Version source: build/Dockerfile
|
# Version source: build/Dockerfile
|
||||||
Source112: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-14/wasi-sdk-wasi-sdk-14.tar.gz
|
Source112: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-14/wasi-sdk-wasi-sdk-14.tar.gz
|
||||||
|
|
||||||
# Disable running gyp on bundled deps we don't use
|
# Disable running gyp on bundled deps we don't use
|
||||||
Patch1: 0001-Disable-running-gyp-on-shared-deps.patch
|
Patch1: 0001-Disable-running-gyp-on-shared-deps.patch
|
||||||
# CVE-2022-25881
|
|
||||||
Patch2: 0002-deps-http-cache-semantics-Don-t-use-regex-to-trim-wh.patch
|
|
||||||
Patch3: 0003-deps-update-c-ares-to-1.19.1.patch
|
|
||||||
|
|
||||||
BuildRequires: make
|
BuildRequires: make
|
||||||
BuildRequires: python3-devel
|
BuildRequires: python3-devel
|
||||||
@ -729,6 +720,11 @@ end
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Thu Jul 13 2023 Jan Staněk <jstanek@redhat.com> - 1:16.20.1-1
|
||||||
|
- Rebase to 16.20.1
|
||||||
|
Resolves: rhbz#2188289
|
||||||
|
Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590
|
||||||
|
|
||||||
* Wed May 31 2023 Jan Staněk <jstanek@redhat.com> - 1:16.19.1-2
|
* Wed May 31 2023 Jan Staněk <jstanek@redhat.com> - 1:16.19.1-2
|
||||||
- Update bundled c-ares to 1.19.1
|
- Update bundled c-ares to 1.19.1
|
||||||
Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067
|
Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067
|
||||||
|
4
sources
4
sources
@ -1,6 +1,6 @@
|
|||||||
SHA512 (node-v16.19.1-stripped.tar.gz) = e3aeeb26b34e2a2d429852969507566b78212d4128cc4516c9d6ef74f187c35124874ca5d2a2824f074030fcc727a311dce0d0757ab2b4bbb01a343d2697b2b7
|
SHA512 (node-v16.20.1-stripped.tar.gz) = ea33b6301be6c24ad631c0fc5b6df5af41a3047db8557421062561c5e0da7f67c9837a330098235a8a160f2b680fccd80931f5887745db0e6f9dbf366f1ed4f6
|
||||||
SHA512 (icu4c-71_1-src.tgz) = 1fd2a20aef48369d1f06e2bb74584877b8ad0eb529320b976264ec2db87420bae242715795f372dbc513ea80047bc49077a064e78205cd5e8b33d746fd2a2912
|
SHA512 (icu4c-71_1-src.tgz) = 1fd2a20aef48369d1f06e2bb74584877b8ad0eb529320b976264ec2db87420bae242715795f372dbc513ea80047bc49077a064e78205cd5e8b33d746fd2a2912
|
||||||
SHA512 (cjs-module-lexer-1.2.2.tar.gz) = 2c8e9caf2231ca7d61e71936305389774859aca9b5c86c63489c9a62a81f4736f99477c3f0cbb41077bb7924fdd23e0f24b7bce858e42fb0f87e7c0ffc87afeb
|
SHA512 (cjs-module-lexer-1.2.2.tar.gz) = 2c8e9caf2231ca7d61e71936305389774859aca9b5c86c63489c9a62a81f4736f99477c3f0cbb41077bb7924fdd23e0f24b7bce858e42fb0f87e7c0ffc87afeb
|
||||||
SHA512 (undici-5.19.1.tar.gz) = 71ca06acac25e0ef4d44bf9e523b6068d6906ee5ed926befa224c312335f471d1f6c1eec10c0a275b1212c72fd6f8b13a3a47c3a1ca51777a062ad8ea7193a7e
|
SHA512 (undici-5.20.0.tar.gz) = 49fd4d9f73bd44232612963ca51e54da9e94a64504f7cbf426b3c04ec8ddcc1c4a060d7f713d9345452094039ae1b8938224bfd49bb32d0be723963b3db31edc
|
||||||
SHA512 (wasi-sdk-wasi-sdk-11.tar.gz) = cb37f357b09431a3efad26141d83dce63232a35b536d9a7bd341d4d9627a0a3d4bd4d57504b6e3dab421942d2c168a96da2a6be889aab3f9a2852fc5a3200d3c
|
SHA512 (wasi-sdk-wasi-sdk-11.tar.gz) = cb37f357b09431a3efad26141d83dce63232a35b536d9a7bd341d4d9627a0a3d4bd4d57504b6e3dab421942d2c168a96da2a6be889aab3f9a2852fc5a3200d3c
|
||||||
SHA512 (wasi-sdk-wasi-sdk-14.tar.gz) = 4fecb3d9c04b91eb2388a9e51d49fbff6f22b81f9945a07ecdbfe479c96dad1e3b673b8bee24842b0dae5294129a9cb35dcf8e5ecf45437a6d01fb6e0fd13645
|
SHA512 (wasi-sdk-wasi-sdk-14.tar.gz) = 4fecb3d9c04b91eb2388a9e51d49fbff6f22b81f9945a07ecdbfe479c96dad1e3b673b8bee24842b0dae5294129a9cb35dcf8e5ecf45437a6d01fb6e0fd13645
|
||||||
|
Loading…
Reference in New Issue
Block a user