rpms
/
nodejs
7
0
Fork 0
Code Issues Pull Requests Releases Activity
40 Commits 44 Branches 149 Tags 1.2 MiB
Commit Graph

40 Commits

Author SHA1 Message Date
Lukas Javorsky 38455336c5 Fix FIPS disabling patch 
This patch causes the option processing to end sooner than the problematic code gets executed.
Additionally, the JS-level options to mess with FIPS settings are similarly disabled.

Related: RHEL-25870 RHEL-25935 RHEL-25925
 2024-03-05 12:40:12 +00:00
Lukas Javorsky 1d167a1632 Rebase to version 18.19.1 
Resolves: RHEL-25870 RHEL-25935 RHEL-25925
 2024-03-05 12:35:00 +00:00
Lukas Javorsky e07f12b16a Allign version grepping with Fedora script 
Fedora script doesn't grep few bundled packages in RHEL, so it won't be
exactly the same script
 2024-02-12 08:23:33 +00:00
Jan Staněk 935a626b61
Rebase to version 18.19.0 2024-01-19 14:26:24 +01:00
Jan Staněk f5e51c4044
Rebase to version 18.17.1 2023-08-24 17:29:16 +02:00
Honza Horak 707fa8b842 FIPS related options cause a segfault, let's end sooner 
Upstream report: https://github.com/nodejs/node/pull/48950
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2226726

This patch makes the part of the code that processes cmd-line options for
FIPS to end sooner before the code gets to the problematic part of the code.
 2023-07-31 16:31:00 +02:00
Jan Staněk db3c62f675
Revert "Enable LTO during build" 
There are still issues (coredump when linking) on s390x architecture.

This reverts commit 7815f44b24.

Related: rhbz#1990096
 2023-07-13 18:21:15 +02:00
Jan Staněk 7815f44b24
Enable LTO during build 2023-07-13 11:24:57 +02:00
Jan Staněk b243cf54dc
Replace /usr/etc/npmrc symlink with builtin configuration 
We want to have the system-level npmrc located at /etc/npmrc.
By default, npm looks for it in /usr/etc/npmrc,
so we placed a symlink to /etc/npmrc there.
However, we are the only known package that has anything in /usr/etc,
which confuses and/or breaks various tooling (see related bug).

This gets rid of the symlink,
and instead uses "builtin"-level configuration of npm
to cause it to load the system-level configuration from /etc/npmrc.
 2023-07-13 11:24:57 +02:00
Jan Staněk 7b6fda4224
Rebase to version 18.16.1 2023-07-13 11:24:56 +02:00
Jan Staněk 38537ff576
deps(cares): update to 1.19.1 2023-06-05 15:05:23 +02:00
Zuzana Svetlikova f1ac163030 Rebase to 18.14.2, npm@9 
Add simduft dependency
 2023-03-27 14:51:06 +02:00
Zuzana Svetlikova 2f3db3db97 Rebase + CVEs 
Resolves: #2142809
Resolves: #2142830, #2142856
 2022-11-16 19:31:09 +01:00
Zuzana Svetlikova 2c95ca2931 Add proper sources for undici 2022-10-09 23:51:49 +02:00
Zuzana Svetlikova 14b9c2234b Resolves: CVE-2022-35255 
Resolves: RHBZ#2111861
 2022-10-09 23:19:55 +02:00
zsvetlik 298cc24caa Resolve CVE-2022-35255/6 2022-10-07 12:12:55 +00:00
zsvetlik 26a8c2a789 Update to latest release 2022-09-01 20:21:14 +00:00
Zuzana Svetlikova 266922ece2 Add right version of icu to sources 2022-08-09 12:26:12 +02:00
Zuzana Svetlikova ea1df4bf30 Update to latest release 
Resolves CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215
Resolves CVE-2022-29244
Resolves: RHBZ#211100
 2022-08-08 16:23:19 +02:00
Zuzana Svetlikova 7d57949211 Disable LTO 
Related: #1990096
Build without python3 fixup by default
 2022-06-20 17:08:17 +02:00
Jan Staněk fd354d0be2 rebase to 18.2.0 
Resolves: rhbz#2083073
 2022-06-08 12:19:59 +02:00
Jan Staněk e3e4e27911 decouple dependency bundling from bootstrapping 
We probably should stop (ab)using the bootstrap macro for module builds
with bundled dependencies. This patch decouples one from the other;
use --with=bundled for just bundling
and --with=bootstrap for full bootstrapping.

Related: rhbz#2056971
Signed-off-by: Jan Staněk <jstanek@redhat.com>
 2022-06-08 12:19:42 +02:00
Jan Staněk 95028d5f44 refactor boostrapping sections 
- split sections per topic
- do not nest if macros
- use %without where appropriate

Related: rhbz#2056971
Signed-off-by: Jan Staněk <jstanek@redhat.com>
 2022-06-08 12:19:15 +02:00
Jan Staněk 415fcd5efe unify configure.py calls into single command 
This should fix and prevent bugs resulting from only adding a configure
option to either bootstrap or non-bootstrap variant when the intention
was to add it to both.

Resolves: rhbz#2056971
Signed-off-by: Jan Staněk <jstanek@redhat.com>
 2022-06-08 12:19:03 +02:00
Jan Staněk fb63ea87bb prepare new release 
Related: rhbz#2056971
 2022-06-08 12:18:51 +02:00
Zuzana Svetlikova 285790d63c Apply lock file validation fixes 
Resolves: CVE-2021-43616
Resolves: RHBZ#2070013
 2022-06-08 12:18:36 +02:00
Zuzana Svetlikova 252867830e Resolves CVE-2021-32803, CVE-2021-32804, CVE-2021-37701, CVE-2021-37712 
Resolves: RHBZ#1993948, RHBZ#1993941, RHBZ#2000151, RHBZ#2002176

Resolves: RHBZ#2014132, RHBZ#2014126, RHBZ#2013828, RHBZ#2024920
Resolves: RHBZ#2026329
Rebase to LTS release and to fix multiple low and medium CVEs
Update npm version test
Add corepack to spec
 2022-06-08 12:18:11 +02:00
Zuzana Svetlikova 437fa5324c Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, 
CVE-2021-22940, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
Resolves: RHBZ#1988608, RHBZ#1993816, RHBZ#1993810
Resolves: RHBZ#1993097, RHBZ#1993948, RHBZ#1993941, RHBZ#1994963
fix python3 in gyp
 2022-06-08 12:17:58 +02:00
Zuzana Svetlikova 2909bab199 Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939, 
CVE-2021-22940, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672

Resolves: RHBZ#1988608, RHBZ#1993816, RHBZ#1993810
Resolves: RHBZ#1993097, RHBZ#1993948, RHBZ#1993941, RHBZ#1994963
 2022-06-08 12:17:43 +02:00
Zuzana Svetlikova 5309b84257 Resolves: RHBZ#1979847 
Resolves CVE-2021-22918(libuv)
Use system cipher list(1842826, 1952915)
 2022-06-08 12:17:11 +02:00
Zuzana Svetlikova 6a4405c771 Resolves: RHBZ#1953991 
Rebase to v16.x
Update version of gcc and gcc-c++ needed
Remove libs conditionals
Remove unused patches
Bundle nghttp3 and ngtcp2
 2022-06-08 12:16:55 +02:00
Zuzana Svetlikova 8ae1d83ebf Resolves CVE-2021-22883 CVE-2021-22884 
Rebase, remove ini patch

Resolves RHBZ#1930775
remove --debug-nghttp2 option
Resolves: RHBZ#1934566, RHBZ#1934599
 2022-06-08 12:16:39 +02:00
Zuzana Svetlikova d86a7d7568 Add yarn patch 
Resolves: RHBZ#1915296
 2022-06-08 12:16:24 +02:00
Zuzana Svetlikova d42a973b5a Security rebase to 14.15.4 
Resolves: RHBZ#1913001, RHBZ#1912953
Resolves: RHBZ#1912636, RHBZ#1898602, RHBZ#1898768, RHBZ#1893987, RHBZ#1893184
 2022-06-08 12:15:58 +02:00
Zuzana Svetlikova 4f913cec19 Resolves: RHBZ#1858864, Rebase to LTS v14.15.0 2022-06-08 12:15:45 +02:00
Jan Staněk 4e28334eca Security update to 14.11.0 
Resolves: rhbz#1878549
 2022-06-08 12:15:30 +02:00
Zuzana Svetlikova a3cb03650f Resolves: RHBZ#1815402, Security update to 14.4.0 2022-06-08 12:10:41 +02:00
Zuzana Svetlikova 561eab4d37 Resolves: RHBZ#1815402, Fix optflags to save memory, update to 14.3.0 2022-06-08 12:09:45 +02:00
Zuzana Svetlikova 8528c9f7e8 Resolves: RHBZ#1815402, Update to 14.2.0 2022-06-08 12:08:55 +02:00
Release Configuration Management 65911ee416 New branch setup 2022-05-23 13:06:52 +00:00