rpms
/
nodejs
7
0
Fork 0
Code Issues Pull Requests Releases Activity
41 Commits 44 Branches 149 Tags 1.2 MiB
Commit Graph

41 Commits

Author SHA1 Message Date
Honza Horak 30f3643e07 Fix CVE-2024-22019 
Resolves: RHEL-25924

This is a combination of the upstream commit from v18:
911cb33cda

and necessary rebase of llhttp from 6.0.11 to 6.1.0 that has the needed
chunk features.
 2024-03-05 07:08:18 +01:00
Jan Staněk de11d6bcbe
Update nghttp2 version in spec file 
Related: RHEL-12606
 2023-10-13 11:25:18 +02:00
Jan Staněk 3cb8b0c43c
Update bundled nghttp2 to 1.57.0 
Resolves: RHEL-12606
 2023-10-12 17:33:43 +02:00
Zuzana Svetlikova d5f5f15a5c
Rebase to 16.20.2 
Resolves: CVE-2023-32002 CVE-2023-32006 CVE-2023-32559
 2023-10-12 13:47:44 +02:00
Honza Horak 6d1f346cb0 FIPS related options cause a segfault, let's end sooner 
Upstream report: https://github.com/nodejs/node/pull/48950
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2227796

This patch makes the part of the code that processes cmd-line options for
FIPS to end sooner before the code gets to the problematic part of the code.
 2023-07-31 16:34:28 +02:00
Jan Staněk 01be108fb0
Replace /usr/etc/npmrc symlink with builtin configuration 
We want to have the system-level npmrc located at /etc/npmrc.
By default, npm looks for it in /usr/etc/npmrc,
so we placed a symlink to /etc/npmrc there.
However, we are the only known package that has anything in /usr/etc,
which confuses and/or breaks various tooling (see related bug).

This gets rid of the symlink,
and instead uses "builtin"-level configuration of npm
to cause it to load the system-level configuration from /etc/npmrc.
 2023-07-13 14:38:48 +02:00
Jan Staněk b24a92e302
Rebase to 16.20.1 2023-07-13 14:38:48 +02:00
Jan Staněk 59aab539ea
deps(cares): update to 1.19.1 2023-05-31 15:07:05 +02:00
Zuzana Svetlikova c0fd38de1e Rebase to 16.19.1 2023-03-28 11:29:34 +02:00
Jan Staněk 07c6206905
Update bundled sources of undici to 5.10.0 
Resolves: rhbz#2151617
 2022-12-07 17:18:49 +01:00
Jan Staněk 66c5ba25aa
Check bundled WASM sources for version mismatch 
Related: rhbz#2151617
 2022-12-07 17:18:41 +01:00
Zuzana Svetlikova 342dd00fff Add back lib and v8-devel subpackages 
These were previously removed in error.
Related: rhbz#2121126

Record already fixed CVE
Resolves: CVE-2021-44906
 2022-12-06 16:04:56 +01:00
zsvetlik eaec3dd901 Rebase + CVEs 2022-11-16 18:16:28 +00:00
Jan Staněk ff9422b100
Rebase to version 16.17.1 2022-10-03 13:35:36 +02:00
Jan Staněk c2428cf90c
record resolving of CVE-2022-29244 2022-09-13 10:16:38 +02:00
Jan Staněk 630d92b40e
Rebase to 16.16.0 
Resolves: RHBZ#2106290
Resolves: CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215
 2022-08-23 13:29:47 +02:00
Jan Staněk 9014bf6071
Decouple dependency bundling from bootstrapping 
We probably should stop (ab)using the bootstrap macro for module builds
with bundled dependencies. This patch decouples one from the other;
use --with=bundled for just bundling
and --with=bootstrap for full bootstrapping.

Related: rhbz#2056969
 2022-04-21 15:33:06 +02:00
Jan Staněk 9e882e7dcf
Revert "workaround: do not attach ~bootstrap suffix to release" 
This reverts commit 39df61ea81.

Related: rhbz#2056969
 2022-04-21 15:32:11 +02:00
Jan Staněk 6618048d4d
apply upstream fix for CVE-2021-43616 
Resolves: CVE-2021-43616
 2022-04-05 13:32:47 +02:00
Jan Staněk 39df61ea81
workaround: do not attach ~bootstrap suffix to release 
Related: rhbz#2070015
 2022-04-05 13:17:00 +02:00
Jan “Khardix” Staněk 4d58280f41 use single configure invocation 
- refactor configure- and bootstrap-related sections of the specfile

Resolves: rhbz#2056969
 2022-04-01 10:05:38 +00:00
zsvetlik b553ca163d Update to 16.14.0 
Resolves: #2042995, #2042970, #2042981, #2042989
Resolves: #2029936, #2024890, #2014499, #2014135
Resolves: #2013834, #1945299
 2022-02-14 08:29:39 +00:00
Zuzana Svetlikova dae20f2a4b Rebase to 16.10.0, add corepack, fix PowerShell dependency 
Resolves: RHBZ#2000539, #2000548, #2000549, #2002177

update sources
 2021-09-29 13:49:47 +02:00
Jan Staněk de0701411d
Rebase to 16.6.2 
Resolves: CVE-2021-22931 CVE-2021-22939 CVE-2021-22940
 2021-08-12 14:44:40 +02:00
Mohan Boddu 94ead171a1 Rebuilt for IMA sigs, glibc 2.34, aarch64 flags 
Related: rhbz#1991688
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
 2021-08-09 22:33:46 +00:00
Zuzana Svetlikova 303ca14023 Bump for gating 
Resolves: RHBZ#1979926
 2021-07-22 16:12:37 +02:00
Zuzana Svetlikova 8bd0f8a557 Add gating.yaml 2021-07-22 12:40:21 +02:00
zsvetlik 553a390d25 Rebase to 16.5.0 2021-07-21 14:19:35 +00:00
Mohan Boddu a324994ee1 Rebuilt for RHEL 9 BETA for openssl 3.0 
Related: rhbz#1971065
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
 2021-06-16 03:33:07 +00:00
Zuzana Svetlikova 1b735fbcab Resolves: RHBZ#1953491 
Rebase to v16.3.0
 2021-06-03 11:05:12 +02:00
Zuzana Svetlikova 6be529b23e Resolves: RHBZ#1953491 
Rebase patch
 2021-05-21 11:38:02 +02:00
Zuzana Svetlikova 2ee4eb77cd Resolves: RHBZ#1953491 
Support for OpenSSL 3.0.0
Rebase to v16.x
 2021-05-21 10:25:54 +02:00
Mohan Boddu cf14f3f995 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 
Signed-off-by: Mohan Boddu <mboddu@redhat.com>
 2021-04-16 02:27:41 +00:00
DistroBaker 6fb39160f9 Merged update from upstream sources 
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/nodejs.git#92241ac4b02450944546440fa2b5661b3637e4ec
 2021-04-04 21:56:13 +00:00
DistroBaker ea424393a6 Merged update from upstream sources 
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/nodejs.git#a630cd6af9c313edbebc198215cc87e4e96f9c24
 2021-03-11 20:10:06 +00:00
DistroBaker b8bae0722f Merged update from upstream sources 
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/nodejs.git#44f3bfe9c7a4919bd088aa95b52546960aa030fb
 2021-02-03 05:09:18 +00:00
DistroBaker 15921cdf7d Merged update from upstream sources 
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/nodejs.git#9f1a56347d44c7841a0d9615b0cdcbd7c17d66c1
 2021-01-04 23:51:11 +00:00
DistroBaker 0e6f0ad6ed Merged update from upstream sources 
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/nodejs.git#d4fae2de5af42fef0048e8ff5290f76df0e9e4ba
 2020-12-03 08:39:14 +00:00
DistroBaker b71eed848d Merged update from upstream sources 
This is an automated DistroBaker update from upstream sources.
If you do not know what this is about or would like to opt out,
contact the OSCI team.

Source: https://src.fedoraproject.org/rpms/nodejs.git#a042b795522128838140f15a3019f0cc42a63781
 2020-10-27 17:53:47 +01:00
Petr Šabata 1490ce34db RHEL 9.0.0 Alpha bootstrap 
The content of this branch was automatically imported from Fedora ELN
with the following as its source:
https://src.fedoraproject.org/rpms/nodejs#52d3230036dd6bdc1c3b16ab7df8007696af8eef
 2020-10-15 21:10:09 +02:00
Release Configuration Management 98b4422a84 New branch setup 2020-10-08 18:35:04 +00:00