Commit Graph

42 Commits

Author SHA1 Message Date
Honza Horak
148312642d Update to 18.20.4
Resolves: RHEL-52503 RHEL-46710
Also fixes: CVE-2024-22020 CVE-2024-28863
2024-08-05 11:51:40 +02:00
Filip Janus
7a23f4024b Update to 18.20.2
Remove .ps1 files during the build. It prodeced
automatic requirement of /usr/bin/pwsh
Resolves: RHEL-26531
2024-06-10 21:02:00 +02:00
Lukas Javorsky
38455336c5 Fix FIPS disabling patch
This patch causes the option processing to end sooner than the problematic code gets executed.
Additionally, the JS-level options to mess with FIPS settings are similarly disabled.

Related: RHEL-25870 RHEL-25935 RHEL-25925
2024-03-05 12:40:12 +00:00
Lukas Javorsky
1d167a1632 Rebase to version 18.19.1
Resolves: RHEL-25870 RHEL-25935 RHEL-25925
2024-03-05 12:35:00 +00:00
Lukas Javorsky
e07f12b16a Allign version grepping with Fedora script
Fedora script doesn't grep few bundled packages in RHEL, so it won't be
exactly the same script
2024-02-12 08:23:33 +00:00
Jan Staněk
935a626b61
Rebase to version 18.19.0 2024-01-19 14:26:24 +01:00
Jan Staněk
f5e51c4044
Rebase to version 18.17.1 2023-08-24 17:29:16 +02:00
Honza Horak
707fa8b842 FIPS related options cause a segfault, let's end sooner
Upstream report: https://github.com/nodejs/node/pull/48950
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2226726

This patch makes the part of the code that processes cmd-line options for
FIPS to end sooner before the code gets to the problematic part of the code.
2023-07-31 16:31:00 +02:00
Jan Staněk
db3c62f675
Revert "Enable LTO during build"
There are still issues (coredump when linking) on s390x architecture.

This reverts commit 7815f44b24.

Related: rhbz#1990096
2023-07-13 18:21:15 +02:00
Jan Staněk
7815f44b24
Enable LTO during build 2023-07-13 11:24:57 +02:00
Jan Staněk
b243cf54dc
Replace /usr/etc/npmrc symlink with builtin configuration
We want to have the system-level npmrc located at /etc/npmrc.
By default, npm looks for it in /usr/etc/npmrc,
so we placed a symlink to /etc/npmrc there.
However, we are the only known package that has anything in /usr/etc,
which confuses and/or breaks various tooling (see related bug).

This gets rid of the symlink,
and instead uses "builtin"-level configuration of npm
to cause it to load the system-level configuration from /etc/npmrc.
2023-07-13 11:24:57 +02:00
Jan Staněk
7b6fda4224
Rebase to version 18.16.1 2023-07-13 11:24:56 +02:00
Jan Staněk
38537ff576
deps(cares): update to 1.19.1 2023-06-05 15:05:23 +02:00
Zuzana Svetlikova
f1ac163030 Rebase to 18.14.2, npm@9
Add simduft dependency
2023-03-27 14:51:06 +02:00
Zuzana Svetlikova
2f3db3db97 Rebase + CVEs
Resolves: #2142809
Resolves: #2142830, #2142856
2022-11-16 19:31:09 +01:00
Zuzana Svetlikova
2c95ca2931 Add proper sources for undici 2022-10-09 23:51:49 +02:00
Zuzana Svetlikova
14b9c2234b Resolves: CVE-2022-35255
Resolves: RHBZ#2111861
2022-10-09 23:19:55 +02:00
zsvetlik
298cc24caa Resolve CVE-2022-35255/6 2022-10-07 12:12:55 +00:00
zsvetlik
26a8c2a789 Update to latest release 2022-09-01 20:21:14 +00:00
Zuzana Svetlikova
266922ece2 Add right version of icu to sources 2022-08-09 12:26:12 +02:00
Zuzana Svetlikova
ea1df4bf30 Update to latest release
Resolves CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215
Resolves CVE-2022-29244
Resolves: RHBZ#211100
2022-08-08 16:23:19 +02:00
Zuzana Svetlikova
7d57949211 Disable LTO
Related: #1990096
Build without python3 fixup by default
2022-06-20 17:08:17 +02:00
Jan Staněk
fd354d0be2 rebase to 18.2.0
Resolves: rhbz#2083073
2022-06-08 12:19:59 +02:00
Jan Staněk
e3e4e27911 decouple dependency bundling from bootstrapping
We probably should stop (ab)using the bootstrap macro for module builds
with bundled dependencies. This patch decouples one from the other;
use --with=bundled for just bundling
and --with=bootstrap for full bootstrapping.

Related: rhbz#2056971
Signed-off-by: Jan Staněk <jstanek@redhat.com>
2022-06-08 12:19:42 +02:00
Jan Staněk
95028d5f44 refactor boostrapping sections
- split sections per topic
- do not nest if macros
- use %without where appropriate

Related: rhbz#2056971
Signed-off-by: Jan Staněk <jstanek@redhat.com>
2022-06-08 12:19:15 +02:00
Jan Staněk
415fcd5efe unify configure.py calls into single command
This should fix and prevent bugs resulting from only adding a configure
option to either bootstrap or non-bootstrap variant when the intention
was to add it to both.

Resolves: rhbz#2056971
Signed-off-by: Jan Staněk <jstanek@redhat.com>
2022-06-08 12:19:03 +02:00
Jan Staněk
fb63ea87bb prepare new release
Related: rhbz#2056971
2022-06-08 12:18:51 +02:00
Zuzana Svetlikova
285790d63c Apply lock file validation fixes
Resolves: CVE-2021-43616
Resolves: RHBZ#2070013
2022-06-08 12:18:36 +02:00
Zuzana Svetlikova
252867830e Resolves CVE-2021-32803, CVE-2021-32804, CVE-2021-37701, CVE-2021-37712
Resolves: RHBZ#1993948, RHBZ#1993941, RHBZ#2000151, RHBZ#2002176

Resolves: RHBZ#2014132, RHBZ#2014126, RHBZ#2013828, RHBZ#2024920
Resolves: RHBZ#2026329
Rebase to LTS release and to fix multiple low and medium CVEs
Update npm version test
Add corepack to spec
2022-06-08 12:18:11 +02:00
Zuzana Svetlikova
437fa5324c Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939,
CVE-2021-22940, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
Resolves: RHBZ#1988608, RHBZ#1993816, RHBZ#1993810
Resolves: RHBZ#1993097, RHBZ#1993948, RHBZ#1993941, RHBZ#1994963
fix python3 in gyp
2022-06-08 12:17:58 +02:00
Zuzana Svetlikova
2909bab199 Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939,
CVE-2021-22940, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672

Resolves: RHBZ#1988608, RHBZ#1993816, RHBZ#1993810
Resolves: RHBZ#1993097, RHBZ#1993948, RHBZ#1993941, RHBZ#1994963
2022-06-08 12:17:43 +02:00
Zuzana Svetlikova
5309b84257 Resolves: RHBZ#1979847
Resolves CVE-2021-22918(libuv)
Use system cipher list(1842826, 1952915)
2022-06-08 12:17:11 +02:00
Zuzana Svetlikova
6a4405c771 Resolves: RHBZ#1953991
Rebase to v16.x
Update version of gcc and gcc-c++ needed
Remove libs conditionals
Remove unused patches
Bundle nghttp3 and ngtcp2
2022-06-08 12:16:55 +02:00
Zuzana Svetlikova
8ae1d83ebf Resolves CVE-2021-22883 CVE-2021-22884
Rebase, remove ini patch

Resolves RHBZ#1930775
remove --debug-nghttp2 option
Resolves: RHBZ#1934566, RHBZ#1934599
2022-06-08 12:16:39 +02:00
Zuzana Svetlikova
d86a7d7568 Add yarn patch
Resolves: RHBZ#1915296
2022-06-08 12:16:24 +02:00
Zuzana Svetlikova
d42a973b5a Security rebase to 14.15.4
Resolves: RHBZ#1913001, RHBZ#1912953
Resolves: RHBZ#1912636, RHBZ#1898602, RHBZ#1898768, RHBZ#1893987, RHBZ#1893184
2022-06-08 12:15:58 +02:00
Zuzana Svetlikova
4f913cec19 Resolves: RHBZ#1858864, Rebase to LTS v14.15.0 2022-06-08 12:15:45 +02:00
Jan Staněk
4e28334eca Security update to 14.11.0
Resolves: rhbz#1878549
2022-06-08 12:15:30 +02:00
Zuzana Svetlikova
a3cb03650f Resolves: RHBZ#1815402, Security update to 14.4.0 2022-06-08 12:10:41 +02:00
Zuzana Svetlikova
561eab4d37 Resolves: RHBZ#1815402, Fix optflags to save memory, update to 14.3.0 2022-06-08 12:09:45 +02:00
Zuzana Svetlikova
8528c9f7e8 Resolves: RHBZ#1815402, Update to 14.2.0 2022-06-08 12:08:55 +02:00
Release Configuration Management
65911ee416 New branch setup 2022-05-23 13:06:52 +00:00