4d5220c1f5
Rebase to 20.11.0
2024-01-16 14:59:51 +01:00
716f551bac
Rebase to LTS
2023-11-09 15:49:37 +01:00
315bcef101
Resolves: RHEL-12611
...
Update version of undici
2023-10-19 19:35:13 +02:00
04e906c947
Resolves: RHEL-12611
...
Update node and nghttp
Add FIPS patch
2023-10-19 17:46:25 +02:00
27fc3aecc6
Rebase to new security release
...
Address CVE-2023-32002, CVE-2023-32004, CVE-2023-32558 (high)
Address CVE-2023-32006, CVE-2023-32559 (medium)
Address CVE-2023-32005, CVE-2023-32003 (low)
Resolves : #2186717
Resolves RHELPLAN-155639
2023-08-10 10:42:29 +02:00
7e273fa763
Update to v20.5.0
...
Remove dtrace support
bcond corepack, so we don't provide it by default
Decrease debuginfo verbosity for all arches
Resolves : #2186717
Resolves RHELPLAN-155639
2023-07-28 15:16:28 +02:00
db3c62f675
Revert "Enable LTO during build"
...
There are still issues (coredump when linking) on s390x architecture.
This reverts commit 7815f44b24
2023-07-13 18:21:15 +02:00
7815f44b24
Enable LTO during build
2023-07-13 11:24:57 +02:00
b243cf54dc
Replace /usr/etc/npmrc symlink with builtin configuration
...
We want to have the system-level npmrc located at /etc/npmrc.
By default, npm looks for it in /usr/etc/npmrc,
so we placed a symlink to /etc/npmrc there.
However, we are the only known package that has anything in /usr/etc,
which confuses and/or breaks various tooling (see related bug).
This gets rid of the symlink,
and instead uses "builtin"-level configuration of npm
to cause it to load the system-level configuration from /etc/npmrc.
2023-07-13 11:24:57 +02:00
7b6fda4224
Rebase to version 18.16.1
2023-07-13 11:24:56 +02:00
38537ff576
deps(cares): update to 1.19.1
2023-06-05 15:05:23 +02:00
f1ac163030
Rebase to 18.14.2, npm@9
...
Add simduft dependency
2023-03-27 14:51:06 +02:00
2f3db3db97
Rebase + CVEs
...
Resolves : #2142809
Resolves : #2142830 , #2142856
2022-11-16 19:31:09 +01:00
2c95ca2931
Add proper sources for undici
2022-10-09 23:51:49 +02:00
298cc24caa
Resolve CVE-2022-35255/6
2022-10-07 12:12:55 +00:00
26a8c2a789
Update to latest release
2022-09-01 20:21:14 +00:00
ea1df4bf30
Update to latest release
...
Resolves CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215
Resolves CVE-2022-29244
Resolves: RHBZ#211100
2022-08-08 16:23:19 +02:00
7d57949211
Disable LTO
...
Related: #1990096
Build without python3 fixup by default
2022-06-20 17:08:17 +02:00
fd354d0be2
rebase to 18.2.0
...
Resolves: rhbz#2083073
2022-06-08 12:19:59 +02:00
e3e4e27911
decouple dependency bundling from bootstrapping
...
We probably should stop (ab)using the bootstrap macro for module builds
with bundled dependencies. This patch decouples one from the other;
use --with=bundled for just bundling
and --with=bootstrap for full bootstrapping.
Related: rhbz#2056971
Signed-off-by: Jan Staněk <jstanek@redhat.com>
2022-06-08 12:19:42 +02:00
95028d5f44
refactor boostrapping sections
...
- split sections per topic
- do not nest if macros
- use %without where appropriate
Related: rhbz#2056971
Signed-off-by: Jan Staněk <jstanek@redhat.com>
2022-06-08 12:19:15 +02:00
415fcd5efe
unify configure.py calls into single command
...
This should fix and prevent bugs resulting from only adding a configure
option to either bootstrap or non-bootstrap variant when the intention
was to add it to both.
Resolves: rhbz#2056971
Signed-off-by: Jan Staněk <jstanek@redhat.com>
2022-06-08 12:19:03 +02:00
fb63ea87bb
prepare new release
...
Related: rhbz#2056971
2022-06-08 12:18:51 +02:00
285790d63c
Apply lock file validation fixes
...
Resolves: CVE-2021-43616
Resolves: RHBZ#2070013
2022-06-08 12:18:36 +02:00
252867830e
Resolves CVE-2021-32803, CVE-2021-32804, CVE-2021-37701, CVE-2021-37712
...
Resolves: RHBZ#1993948, RHBZ#1993941, RHBZ#2000151, RHBZ#2002176
Resolves: RHBZ#2014132, RHBZ#2014126, RHBZ#2013828, RHBZ#2024920
Resolves: RHBZ#2026329
Rebase to LTS release and to fix multiple low and medium CVEs
Update npm version test
Add corepack to spec
2022-06-08 12:18:11 +02:00
437fa5324c
Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939,
...
CVE-2021-22940, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
Resolves: RHBZ#1988608, RHBZ#1993816, RHBZ#1993810
Resolves: RHBZ#1993097, RHBZ#1993948, RHBZ#1993941, RHBZ#1994963
fix python3 in gyp
2022-06-08 12:17:58 +02:00
2909bab199
Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939,
...
CVE-2021-22940, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
Resolves: RHBZ#1988608, RHBZ#1993816, RHBZ#1993810
Resolves: RHBZ#1993097, RHBZ#1993948, RHBZ#1993941, RHBZ#1994963
2022-06-08 12:17:43 +02:00
5309b84257
Resolves: RHBZ#1979847
...
Resolves CVE-2021-22918(libuv)
Use system cipher list(1842826, 1952915)
2022-06-08 12:17:11 +02:00
6a4405c771
Resolves: RHBZ#1953991
...
Rebase to v16.x
Update version of gcc and gcc-c++ needed
Remove libs conditionals
Remove unused patches
Bundle nghttp3 and ngtcp2
2022-06-08 12:16:55 +02:00
8ae1d83ebf
Resolves CVE-2021-22883 CVE-2021-22884
...
Rebase, remove ini patch
Resolves RHBZ#1930775
remove --debug-nghttp2 option
Resolves: RHBZ#1934566, RHBZ#1934599
2022-06-08 12:16:39 +02:00
d86a7d7568
Add yarn patch
...
Resolves: RHBZ#1915296
2022-06-08 12:16:24 +02:00
d42a973b5a
Security rebase to 14.15.4
...
Resolves: RHBZ#1913001, RHBZ#1912953
Resolves: RHBZ#1912636, RHBZ#1898602, RHBZ#1898768, RHBZ#1893987, RHBZ#1893184
2022-06-08 12:15:58 +02:00
4f913cec19
Resolves: RHBZ#1858864, Rebase to LTS v14.15.0
2022-06-08 12:15:45 +02:00
4e28334eca
Security update to 14.11.0
...
Resolves: rhbz#1878549
2022-06-08 12:15:30 +02:00
a3cb03650f
Resolves: RHBZ#1815402, Security update to 14.4.0
2022-06-08 12:10:41 +02:00
561eab4d37
Resolves: RHBZ#1815402, Fix optflags to save memory, update to 14.3.0
2022-06-08 12:09:45 +02:00
8528c9f7e8
Resolves: RHBZ#1815402, Update to 14.2.0
2022-06-08 12:08:55 +02:00
Jan Staněk
Zuzana Svetlikova