Compare commits
No commits in common. "c9-stream-20" and "c8-stream-10" have entirely different histories.
c9-stream-
...
c8-stream-
8
.gitignore
vendored
8
.gitignore
vendored
@ -1,6 +1,2 @@
|
||||
SOURCES/cjs-module-lexer-1.2.2.tar.gz
|
||||
SOURCES/icu4c-75_1-src.tgz
|
||||
SOURCES/node-v20.17.0-stripped.tar.gz
|
||||
SOURCES/undici-6.19.2.tar.gz
|
||||
SOURCES/wasi-sdk-11.0-linux.tar.gz
|
||||
SOURCES/wasi-sdk-16.0-linux.tar.gz
|
||||
SOURCES/icu4c-64_2-src.tgz
|
||||
SOURCES/node-v10.24.0-stripped.tar.gz
|
||||
|
||||
@ -1,6 +1,2 @@
|
||||
164f7f39841415284b0280a648c43bd7ea1615ac SOURCES/cjs-module-lexer-1.2.2.tar.gz
|
||||
da3614aa496c5f0fde12f7aa155f235b5e239f1b SOURCES/icu4c-75_1-src.tgz
|
||||
bb593ff803ffa80535fe65e97cc188c0ba7284f3 SOURCES/node-v20.17.0-stripped.tar.gz
|
||||
0653ac16ef498878fffefea0fa1f7e870cdfc249 SOURCES/undici-6.19.2.tar.gz
|
||||
ff114dd45b4efeeae7afe4621bfc6f886a475b4b SOURCES/wasi-sdk-11.0-linux.tar.gz
|
||||
fbe01909bf0e8260fcc3696ec37c9f731b5e356a SOURCES/wasi-sdk-16.0-linux.tar.gz
|
||||
3127155ecf2b75ab4835f501b7478e39c07bb852 SOURCES/icu4c-64_2-src.tgz
|
||||
be0e0b385a852c376f452b3d94727492e05407e4 SOURCES/node-v10.24.0-stripped.tar.gz
|
||||
|
||||
@ -1,55 +1,31 @@
|
||||
From 2da7f25d9311bdea702b4b435830c02ce78b3ab9 Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Tue, 30 May 2023 13:12:35 +0200
|
||||
From 2cd4c12776af3da588231d3eb498e6451c30eae5 Mon Sep 17 00:00:00 2001
|
||||
From: Zuzana Svetlikova <zsvetlik@redhat.com>
|
||||
Date: Thu, 27 Apr 2017 14:25:42 +0200
|
||||
Subject: [PATCH] Disable running gyp on shared deps
|
||||
|
||||
Signed-off-by: rpm-build <rpm-build>
|
||||
---
|
||||
Makefile | 2 +-
|
||||
node.gyp | 17 -----------------
|
||||
2 files changed, 1 insertion(+), 18 deletions(-)
|
||||
Makefile | 7 +++----
|
||||
1 file changed, 3 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/Makefile b/Makefile
|
||||
index 7bd80d0..c43a50f 100644
|
||||
index 73feb4c..45bbceb 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -169,7 +169,7 @@ with-code-cache test-code-cache:
|
||||
$(warning '$@' target is a noop)
|
||||
@@ -123,10 +123,9 @@ with-code-cache:
|
||||
test-code-cache: with-code-cache
|
||||
$(PYTHON) tools/test.py $(PARALLEL_ARGS) --mode=$(BUILDTYPE_LOWER) code-cache
|
||||
|
||||
out/Makefile: config.gypi common.gypi node.gyp \
|
||||
- deps/uv/uv.gyp deps/llhttp/llhttp.gyp deps/zlib/zlib.gyp \
|
||||
+ deps/llhttp/llhttp.gyp \
|
||||
deps/simdutf/simdutf.gyp deps/ada/ada.gyp \
|
||||
tools/v8_gypfiles/toolchain.gypi tools/v8_gypfiles/features.gypi \
|
||||
tools/v8_gypfiles/inspector.gypi tools/v8_gypfiles/v8.gyp
|
||||
diff --git a/node.gyp b/node.gyp
|
||||
index 4aac640..aa0ba88 100644
|
||||
--- a/node.gyp
|
||||
+++ b/node.gyp
|
||||
@@ -775,23 +775,6 @@
|
||||
],
|
||||
},
|
||||
],
|
||||
- }, {
|
||||
- 'variables': {
|
||||
- 'opensslconfig_internal': '<(obj_dir)/deps/openssl/openssl.cnf',
|
||||
- 'opensslconfig': './deps/openssl/nodejs-openssl.cnf',
|
||||
- },
|
||||
- 'actions': [
|
||||
- {
|
||||
- 'action_name': 'reset_openssl_cnf',
|
||||
- 'inputs': [ '<(opensslconfig)', ],
|
||||
- 'outputs': [ '<(opensslconfig_internal)', ],
|
||||
- 'action': [
|
||||
- '<(python)', 'tools/copyfile.py',
|
||||
- '<(opensslconfig)',
|
||||
- '<(opensslconfig_internal)',
|
||||
- ],
|
||||
- },
|
||||
- ],
|
||||
}],
|
||||
],
|
||||
}, # node_core_target_name
|
||||
-out/Makefile: common.gypi deps/uv/uv.gyp deps/http_parser/http_parser.gyp \
|
||||
- deps/zlib/zlib.gyp deps/v8/gypfiles/toolchain.gypi \
|
||||
- deps/v8/gypfiles/features.gypi deps/v8/gypfiles/v8.gyp node.gyp \
|
||||
- config.gypi
|
||||
+out/Makefile: common.gypi deps/http_parser/http_parser.gyp \
|
||||
+ deps/v8/gypfiles/toolchain.gypi deps/v8/gypfiles/features.gypi \
|
||||
+ deps/v8/gypfiles/v8.gyp node.gyp config.gypi
|
||||
$(PYTHON) tools/gyp_node.py -f make
|
||||
|
||||
config.gypi: configure configure.py
|
||||
--
|
||||
2.44.0
|
||||
2.26.2
|
||||
|
||||
|
||||
@ -1,83 +0,0 @@
|
||||
From 4caaf9c19d3c058f5b89ecd9fc721ee49370651a Mon Sep 17 00:00:00 2001
|
||||
From: Michael Dawson <midawson@redhat.com>
|
||||
Date: Fri, 23 Feb 2024 13:43:56 +0100
|
||||
Subject: [PATCH] Disable FIPS options
|
||||
|
||||
On RHEL, FIPS should be configured only on system level.
|
||||
Additionally, the related options may cause segfault when used on RHEL.
|
||||
|
||||
This patch causes the option processing to end sooner
|
||||
than the problematic code gets executed.
|
||||
Additionally, the JS-level options to mess with FIPS settings
|
||||
are similarly disabled.
|
||||
|
||||
Upstream report: https://github.com/nodejs/node/pull/48950
|
||||
RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2226726
|
||||
|
||||
Signed-off-by: rpm-build <rpm-build>
|
||||
---
|
||||
lib/crypto.js | 10 ++++++++++
|
||||
lib/internal/errors.js | 6 ++++++
|
||||
src/crypto/crypto_util.cc | 2 ++
|
||||
3 files changed, 18 insertions(+)
|
||||
|
||||
diff --git a/lib/crypto.js b/lib/crypto.js
|
||||
index 1216f3a..fbfcb26 100644
|
||||
--- a/lib/crypto.js
|
||||
+++ b/lib/crypto.js
|
||||
@@ -36,6 +36,9 @@ const {
|
||||
assertCrypto();
|
||||
|
||||
const {
|
||||
+ // RHEL specific error
|
||||
+ ERR_CRYPTO_FIPS_SYSTEM_CONTROLLED,
|
||||
+
|
||||
ERR_CRYPTO_FIPS_FORCED,
|
||||
ERR_WORKER_UNSUPPORTED_OPERATION,
|
||||
} = require('internal/errors').codes;
|
||||
@@ -253,6 +256,13 @@ function getFips() {
|
||||
}
|
||||
|
||||
function setFips(val) {
|
||||
+ // in RHEL FIPS enable/disable should only be done at system level
|
||||
+ if (getFips() != val) {
|
||||
+ throw new ERR_CRYPTO_FIPS_SYSTEM_CONTROLLED();
|
||||
+ } else {
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
if (getOptionValue('--force-fips')) {
|
||||
if (val) return;
|
||||
throw new ERR_CRYPTO_FIPS_FORCED();
|
||||
diff --git a/lib/internal/errors.js b/lib/internal/errors.js
|
||||
--- a/lib/internal/errors.js.patch0002 2024-08-07 15:29:09.366357433 +0200
|
||||
+++ b/lib/internal/errors.js 2024-08-07 15:29:14.392366591 +0200
|
||||
@@ -1112,6 +1112,12 @@ module.exports = {
|
||||
//
|
||||
// Note: Node.js specific errors must begin with the prefix ERR_
|
||||
|
||||
+// insert RHEL specific erro
|
||||
+E('ERR_CRYPTO_FIPS_SYSTEM_CONTROLLED',
|
||||
+ 'Cannot set FIPS mode. FIPS should be enabled/disabled at system level. See' +
|
||||
+ 'https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_installing-the-system-in-fips-mode_security-hardening for more details.\n',
|
||||
+ Error);
|
||||
+
|
||||
E('ERR_ACCESS_DENIED',
|
||||
function(msg, permission = '', resource = '') {
|
||||
this.permission = permission;
|
||||
diff --git a/src/crypto/crypto_util.cc b/src/crypto/crypto_util.cc
|
||||
index 5734d8f..ef9d1b1 100644
|
||||
--- a/src/crypto/crypto_util.cc
|
||||
+++ b/src/crypto/crypto_util.cc
|
||||
@@ -121,6 +121,8 @@ bool ProcessFipsOptions() {
|
||||
/* Override FIPS settings in configuration file, if needed. */
|
||||
if (per_process::cli_options->enable_fips_crypto ||
|
||||
per_process::cli_options->force_fips_crypto) {
|
||||
+ fprintf(stderr, "ERROR: Using options related to FIPS is not recommended, configure FIPS in openssl instead. See https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_installing-the-system-in-fips-mode_security-hardening for more details.\n");
|
||||
+ return false;
|
||||
#if OPENSSL_VERSION_MAJOR >= 3
|
||||
OSSL_PROVIDER* fips_provider = OSSL_PROVIDER_load(nullptr, "fips");
|
||||
if (fips_provider == nullptr)
|
||||
--
|
||||
2.44.0
|
||||
|
||||
84
SOURCES/0002-Suppress-NPM-message-to-run-global-update.patch
Normal file
84
SOURCES/0002-Suppress-NPM-message-to-run-global-update.patch
Normal file
@ -0,0 +1,84 @@
|
||||
From e7afb2d6e2a6c8f9c9c32e12a10c3c5c4902a251 Mon Sep 17 00:00:00 2001
|
||||
From: Stephen Gallagher <sgallagh@redhat.com>
|
||||
Date: Tue, 1 May 2018 08:05:30 -0400
|
||||
Subject: [PATCH] Suppress NPM message to run global update
|
||||
|
||||
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
|
||||
Signed-off-by: rpm-build <rpm-build>
|
||||
---
|
||||
deps/npm/bin/npm-cli.js | 54 -----------------------------------------
|
||||
1 file changed, 54 deletions(-)
|
||||
|
||||
diff --git a/deps/npm/bin/npm-cli.js b/deps/npm/bin/npm-cli.js
|
||||
index c0d9be0..0f0892e 100755
|
||||
--- a/deps/npm/bin/npm-cli.js
|
||||
+++ b/deps/npm/bin/npm-cli.js
|
||||
@@ -71,65 +71,11 @@
|
||||
npm.command = 'help'
|
||||
}
|
||||
|
||||
- var isGlobalNpmUpdate = conf.global && ['install', 'update'].includes(npm.command) && npm.argv.includes('npm')
|
||||
-
|
||||
// now actually fire up npm and run the command.
|
||||
// this is how to use npm programmatically:
|
||||
conf._exit = true
|
||||
npm.load(conf, function (er) {
|
||||
if (er) return errorHandler(er)
|
||||
- if (
|
||||
- !isGlobalNpmUpdate &&
|
||||
- npm.config.get('update-notifier') &&
|
||||
- !unsupported.checkVersion(process.version).unsupported
|
||||
- ) {
|
||||
- const pkg = require('../package.json')
|
||||
- let notifier = require('update-notifier')({pkg})
|
||||
- const isCI = require('ci-info').isCI
|
||||
- if (
|
||||
- notifier.update &&
|
||||
- notifier.update.latest !== pkg.version &&
|
||||
- !isCI
|
||||
- ) {
|
||||
- const color = require('ansicolors')
|
||||
- const useColor = npm.config.get('color')
|
||||
- const useUnicode = npm.config.get('unicode')
|
||||
- const old = notifier.update.current
|
||||
- const latest = notifier.update.latest
|
||||
- let type = notifier.update.type
|
||||
- if (useColor) {
|
||||
- switch (type) {
|
||||
- case 'major':
|
||||
- type = color.red(type)
|
||||
- break
|
||||
- case 'minor':
|
||||
- type = color.yellow(type)
|
||||
- break
|
||||
- case 'patch':
|
||||
- type = color.green(type)
|
||||
- break
|
||||
- }
|
||||
- }
|
||||
- const changelog = `https://github.com/npm/cli/releases/tag/v${latest}`
|
||||
- notifier.notify({
|
||||
- message: `New ${type} version of ${pkg.name} available! ${
|
||||
- useColor ? color.red(old) : old
|
||||
- } ${useUnicode ? '→' : '->'} ${
|
||||
- useColor ? color.green(latest) : latest
|
||||
- }\n` +
|
||||
- `${
|
||||
- useColor ? color.yellow('Changelog:') : 'Changelog:'
|
||||
- } ${
|
||||
- useColor ? color.cyan(changelog) : changelog
|
||||
- }\n` +
|
||||
- `Run ${
|
||||
- useColor
|
||||
- ? color.green(`npm install -g ${pkg.name}`)
|
||||
- : `npm i -g ${pkg.name}`
|
||||
- } to update!`
|
||||
- })
|
||||
- }
|
||||
- }
|
||||
npm.commands[npm.command](npm.argv, function (err) {
|
||||
// https://genius.com/Lin-manuel-miranda-your-obedient-servant-lyrics
|
||||
if (
|
||||
--
|
||||
2.26.2
|
||||
|
||||
@ -0,0 +1,122 @@
|
||||
From 0028cc74dac4dd24b8599ade85cb49fdafa9f559 Mon Sep 17 00:00:00 2001
|
||||
From: Stephen Gallagher <sgallagh@redhat.com>
|
||||
Date: Fri, 6 Dec 2019 16:40:25 -0500
|
||||
Subject: [PATCH] build: auto-load ICU data from --with-icu-default-data-dir
|
||||
|
||||
When compiled with `--with-intl=small` and
|
||||
`--with-icu-default-data-dir=PATH`, Node.js will use PATH as a
|
||||
fallback location for the ICU data.
|
||||
|
||||
We will first perform an access check using fopen(PATH, 'r') to
|
||||
ensure that the file is readable. If it is, we'll set the
|
||||
icu_data_directory and proceed. There's a slight overhead for the
|
||||
fopen() check, but it should be barely measurable.
|
||||
|
||||
This will be useful for Linux distribution packagers who want to
|
||||
be able to ship a minimal node binary in a container image but
|
||||
also be able to add on the full i18n support where needed. With
|
||||
this patch, it becomes possible to ship the interpreter as
|
||||
/usr/bin/node in one package for the distribution and to ship the
|
||||
data files in another package (without a strict dependency
|
||||
between the two). This means that users of the distribution will
|
||||
not need to explicitly direct Node.js to locate the ICU data. It
|
||||
also means that in environments where full internationalization is
|
||||
not required, they do not need to carry the extra content (with
|
||||
the associated storage costs).
|
||||
|
||||
Refs: https://github.com/nodejs/node/issues/3460
|
||||
|
||||
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
|
||||
Signed-off-by: rpm-build <rpm-build>
|
||||
---
|
||||
configure.py | 9 +++++++++
|
||||
node.gypi | 7 +++++++
|
||||
src/node.cc | 20 ++++++++++++++++++++
|
||||
3 files changed, 36 insertions(+)
|
||||
|
||||
diff --git a/configure.py b/configure.py
|
||||
index 89f7bf5..d611a88 100755
|
||||
--- a/configure.py
|
||||
+++ b/configure.py
|
||||
@@ -433,6 +433,14 @@ intl_optgroup.add_option('--with-icu-source',
|
||||
'the icu4c source archive. '
|
||||
'v%d.x or later recommended.' % icu_versions['minimum_icu'])
|
||||
|
||||
+intl_optgroup.add_option('--with-icu-default-data-dir',
|
||||
+ action='store',
|
||||
+ dest='with_icu_default_data_dir',
|
||||
+ help='Path to the icuXXdt{lb}.dat file. If unspecified, ICU data will '
|
||||
+ 'only be read if the NODE_ICU_DATA environment variable or the '
|
||||
+ '--icu-data-dir runtime argument is used. This option has effect '
|
||||
+ 'only when Node.js is built with --with-intl=small-icu.')
|
||||
+
|
||||
parser.add_option('--with-ltcg',
|
||||
action='store_true',
|
||||
dest='with_ltcg',
|
||||
@@ -1359,6 +1367,7 @@ def configure_intl(o):
|
||||
locs.add('root') # must have root
|
||||
o['variables']['icu_locales'] = string.join(locs,',')
|
||||
# We will check a bit later if we can use the canned deps/icu-small
|
||||
+ o['variables']['icu_default_data'] = options.with_icu_default_data_dir or ''
|
||||
elif with_intl == 'full-icu':
|
||||
# full ICU
|
||||
o['variables']['v8_enable_i18n_support'] = 1
|
||||
diff --git a/node.gypi b/node.gypi
|
||||
index 466a174..65b97d6 100644
|
||||
--- a/node.gypi
|
||||
+++ b/node.gypi
|
||||
@@ -113,6 +113,13 @@
|
||||
'conditions': [
|
||||
[ 'icu_small=="true"', {
|
||||
'defines': [ 'NODE_HAVE_SMALL_ICU=1' ],
|
||||
+ 'conditions': [
|
||||
+ [ 'icu_default_data!=""', {
|
||||
+ 'defines': [
|
||||
+ 'NODE_ICU_DEFAULT_DATA_DIR="<(icu_default_data)"',
|
||||
+ ],
|
||||
+ }],
|
||||
+ ],
|
||||
}]],
|
||||
}],
|
||||
[ 'node_use_bundled_v8=="true" and \
|
||||
diff --git a/src/node.cc b/src/node.cc
|
||||
index 7c01187..c9840e3 100644
|
||||
--- a/src/node.cc
|
||||
+++ b/src/node.cc
|
||||
@@ -92,6 +92,7 @@
|
||||
|
||||
#if defined(NODE_HAVE_I18N_SUPPORT)
|
||||
#include <unicode/uvernum.h>
|
||||
+#include <unicode/utypes.h>
|
||||
#endif
|
||||
|
||||
#if defined(LEAK_SANITIZER)
|
||||
@@ -2643,6 +2644,25 @@ void Init(std::vector<std::string>* argv,
|
||||
// If the parameter isn't given, use the env variable.
|
||||
if (per_process_opts->icu_data_dir.empty())
|
||||
SafeGetenv("NODE_ICU_DATA", &per_process_opts->icu_data_dir);
|
||||
+
|
||||
+#ifdef NODE_ICU_DEFAULT_DATA_DIR
|
||||
+ // If neither the CLI option nor the environment variable was specified,
|
||||
+ // fall back to the configured default
|
||||
+ if (per_process_opts->icu_data_dir.empty()) {
|
||||
+ // Check whether the NODE_ICU_DEFAULT_DATA_DIR contains the right data
|
||||
+ // file and can be read.
|
||||
+ static const char full_path[] =
|
||||
+ NODE_ICU_DEFAULT_DATA_DIR "/" U_ICUDATA_NAME ".dat";
|
||||
+
|
||||
+ FILE* f = fopen(full_path, "rb");
|
||||
+
|
||||
+ if (f != nullptr) {
|
||||
+ fclose(f);
|
||||
+ per_process_opts->icu_data_dir = NODE_ICU_DEFAULT_DATA_DIR;
|
||||
+ }
|
||||
+ }
|
||||
+#endif // NODE_ICU_DEFAULT_DATA_DIR
|
||||
+
|
||||
// Initialize ICU.
|
||||
// If icu_data_dir is empty here, it will load the 'minimal' data.
|
||||
if (!i18n::InitializeICUDirectory(per_process_opts->icu_data_dir)) {
|
||||
--
|
||||
2.26.2
|
||||
|
||||
@ -0,0 +1,13 @@
|
||||
diff --git a/deps/npm/node_modules/y18n/index.js b/deps/npm/node_modules/y18n/index.js
|
||||
index d720681628..727362aac0 100644
|
||||
--- a/deps/npm/node_modules/y18n/index.js
|
||||
+++ b/deps/npm/node_modules/y18n/index.js
|
||||
@@ -11,7 +11,7 @@ function Y18N (opts) {
|
||||
this.fallbackToLanguage = typeof opts.fallbackToLanguage === 'boolean' ? opts.fallbackToLanguage : true
|
||||
|
||||
// internal stuff.
|
||||
- this.cache = {}
|
||||
+ this.cache = Object.create(null)
|
||||
this.writeQueue = []
|
||||
}
|
||||
|
||||
@ -128,116 +128,60 @@ echo "$ICUMD5 $ICUTARBALL" > icu.md5
|
||||
md5sum -c icu.md5
|
||||
rm -f icu.md5 SHASUMS256.txt
|
||||
|
||||
#fedpkg new-sources node-v${version}-stripped.tar.gz icu4c*-src.tgz
|
||||
rhpkg new-sources node-v${version}-stripped.tar.gz icu4c*-src.tgz
|
||||
|
||||
rm -f node-v${version}.tar.gz
|
||||
|
||||
set +e
|
||||
|
||||
# Determine the bundled versions of the various packages
|
||||
echo "Included software versions"
|
||||
echo "-------------------------"
|
||||
echo
|
||||
echo "Node.js version"
|
||||
echo "========================="
|
||||
echo "${version}"
|
||||
echo
|
||||
echo "Bundled software versions"
|
||||
echo "-------------------------"
|
||||
echo
|
||||
echo "libnode shared object version (nodejs_soversion)"
|
||||
echo "libnode shared object version"
|
||||
echo "========================="
|
||||
NODE_SOVERSION=$(grep -oP '(?<=#define NODE_MODULE_VERSION )\d+' node-v${version}/src/node_version.h)
|
||||
echo "${NODE_SOVERSION}"
|
||||
grep "define NODE_MODULE_VERSION" node-v${version}/src/node_version.h
|
||||
echo
|
||||
echo "V8"
|
||||
echo "========================="
|
||||
V8_MAJOR=$(grep -oP '(?<=#define V8_MAJOR_VERSION )\d+' node-v${version}/deps/v8/include/v8-version.h)
|
||||
V8_MINOR=$(grep -oP '(?<=#define V8_MINOR_VERSION )\d+' node-v${version}/deps/v8/include/v8-version.h)
|
||||
V8_BUILD=$(grep -oP '(?<=#define V8_BUILD_NUMBER )\d+' node-v${version}/deps/v8/include/v8-version.h)
|
||||
V8_PATCH=$(grep -oP '(?<=#define V8_PATCH_LEVEL )\d+' node-v${version}/deps/v8/include/v8-version.h)
|
||||
echo "${V8_MAJOR}.${V8_MINOR}.${V8_BUILD}.${V8_PATCH}"
|
||||
grep "define V8_MAJOR_VERSION" node-v${version}/deps/v8/include/v8-version.h
|
||||
grep "define V8_MINOR_VERSION" node-v${version}/deps/v8/include/v8-version.h
|
||||
grep "define V8_BUILD_NUMBER" node-v${version}/deps/v8/include/v8-version.h
|
||||
grep "define V8_PATCH_LEVEL" node-v${version}/deps/v8/include/v8-version.h
|
||||
echo
|
||||
echo "c-ares"
|
||||
echo "========================="
|
||||
C_ARES_VERSION=$(grep -oP '(?<=#define ARES_VERSION_STR ).*\"' node-v${version}/deps/cares/include/ares_version.h |sed -e 's/^"//' -e 's/"$//')
|
||||
echo $C_ARES_VERSION
|
||||
grep "define ARES_VERSION_MAJOR" node-v${version}/deps/cares/include/ares_version.h
|
||||
grep "define ARES_VERSION_MINOR" node-v${version}/deps/cares/include/ares_version.h
|
||||
grep "define ARES_VERSION_PATCH" node-v${version}/deps/cares/include/ares_version.h
|
||||
echo
|
||||
echo "llhttp"
|
||||
echo "http-parser"
|
||||
echo "========================="
|
||||
LLHTTP_MAJOR=$(grep -oP '(?<=#define LLHTTP_VERSION_MAJOR )\d+' node-v${version}/deps/llhttp/include/llhttp.h)
|
||||
LLHTTP_MINOR=$(grep -oP '(?<=#define LLHTTP_VERSION_MINOR )\d+' node-v${version}/deps/llhttp/include/llhttp.h)
|
||||
LLHTTP_PATCH=$(grep -oP '(?<=#define LLHTTP_VERSION_PATCH )\d+' node-v${version}/deps/llhttp/include/llhttp.h)
|
||||
LLHTTP_VERSION="${LLHTTP_MAJOR}.${LLHTTP_MINOR}.${LLHTTP_PATCH}"
|
||||
echo $LLHTTP_VERSION
|
||||
grep "define HTTP_PARSER_VERSION_MAJOR" node-v${version}/deps/http_parser/http_parser.h
|
||||
grep "define HTTP_PARSER_VERSION_MINOR" node-v${version}/deps/http_parser/http_parser.h
|
||||
grep "define HTTP_PARSER_VERSION_PATCH" node-v${version}/deps/http_parser/http_parser.h
|
||||
echo
|
||||
echo "libuv"
|
||||
echo "========================="
|
||||
UV_MAJOR=$(grep -oP '(?<=#define UV_VERSION_MAJOR )\d+' node-v${version}/deps/uv/include/uv/version.h)
|
||||
UV_MINOR=$(grep -oP '(?<=#define UV_VERSION_MINOR )\d+' node-v${version}/deps/uv/include/uv/version.h)
|
||||
UV_PATCH=$(grep -oP '(?<=#define UV_VERSION_PATCH )\d+' node-v${version}/deps/uv/include/uv/version.h)
|
||||
LIBUV_VERSION="${UV_MAJOR}.${UV_MINOR}.${UV_PATCH}"
|
||||
echo $LIBUV_VERSION
|
||||
grep "define UV_VERSION_MAJOR" node-v${version}/deps/uv/include/uv/version.h
|
||||
grep "define UV_VERSION_MINOR" node-v${version}/deps/uv/include/uv/version.h
|
||||
grep "define UV_VERSION_PATCH" node-v${version}/deps/uv/include/uv/version.h
|
||||
echo
|
||||
echo "nghttp2"
|
||||
echo "========================="
|
||||
NGHTTP2_VERSION=$(grep -oP '(?<=#define NGHTTP2_VERSION ).*\"' node-v${version}/deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h |sed -e 's/^"//' -e 's/"$//')
|
||||
echo $NGHTTP2_VERSION
|
||||
echo
|
||||
echo "nghttp3"
|
||||
echo "========================="
|
||||
NGHTTP3_VERSION=$(grep -oP '(?<=#define NGHTTP3_VERSION ).*\"' node-v${version}/deps/ngtcp2/nghttp3/lib/includes/nghttp3/version.h |sed -e 's/^"//' -e 's/"$//')
|
||||
echo $NGHTTP3_VERSION
|
||||
echo
|
||||
echo "ngtcp2"
|
||||
echo "========================="
|
||||
NGTCP2_VERSION=$(grep -oP '(?<=#define NGTCP2_VERSION ).*\"' node-v${version}/deps/ngtcp2/ngtcp2/lib/includes/ngtcp2/version.h |sed -e 's/^"//' -e 's/"$//')
|
||||
echo $NGTCP2_VERSION
|
||||
grep "define NGHTTP2_VERSION " node-v${version}/deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
|
||||
echo
|
||||
echo "ICU"
|
||||
echo "========================="
|
||||
ICU_MAJOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\)-\([[:digit:]]\+\).*/\1/g')
|
||||
ICU_MINOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\)-\([[:digit:]]\+\).*/\2/g')
|
||||
echo "${ICU_MAJOR}.${ICU_MINOR}"
|
||||
echo
|
||||
echo "simdutf"
|
||||
echo "========================="
|
||||
SIMDUTF_VERSION=$(grep -oP '(?<=#define SIMDUTF_VERSION ).*\"' node-v${version}/deps/simdutf/simdutf.h |sed -e 's/^"//' -e 's/"$//')
|
||||
echo $SIMDUTF_VERSION
|
||||
echo
|
||||
echo "ada"
|
||||
echo "========================="
|
||||
ADA_VERSION=$(grep -osP '(?<=#define ADA_VERSION ).*\"' node-v${version}/deps/ada/ada.h |sed -e 's/^"//' -e 's/"$//')
|
||||
ADA_VERSION=${ADA_VERSION:-0}
|
||||
echo "${ADA_VERSION}"
|
||||
grep "url" node-v${version}/tools/icu/current_ver.dep
|
||||
echo
|
||||
echo "punycode"
|
||||
echo "========================="
|
||||
PUNYCODE_VERSION=$(grep -oP "'version': '\K[^']+" ./node-v${version}/lib/punycode.js)
|
||||
echo $PUNYCODE_VERSION
|
||||
grep "'version'" node-v${version}/lib/punycode.js
|
||||
echo
|
||||
echo "npm"
|
||||
echo "========================="
|
||||
NPM_VERSION=$(jq -r .version ./node-v${version}/deps/npm/package.json)
|
||||
echo $NPM_VERSION
|
||||
echo
|
||||
echo "corepack"
|
||||
echo "========================="
|
||||
COREPACK_VERSION=$(jq -r .version ./node-v${version}/deps/corepack/package.json)
|
||||
echo $COREPACK_VERSION
|
||||
echo
|
||||
echo "uvwasi"
|
||||
echo "========================="
|
||||
UVWASI_MAJOR=$(grep -oP '(?<=#define UVWASI_VERSION_MAJOR )\d+' node-v${version}/deps/uvwasi/include/uvwasi.h)
|
||||
UVWASI_MINOR=$(grep -oP '(?<=#define UVWASI_VERSION_MINOR )\d+' node-v${version}/deps/uvwasi/include/uvwasi.h)
|
||||
UVWASI_PATCH=$(grep -oP '(?<=#define UVWASI_VERSION_PATCH )\d+' node-v${version}/deps/uvwasi/include/uvwasi.h)
|
||||
UVWASI_VERSION="${UVWASI_MAJOR}.${UVWASI_MINOR}.${UVWASI_PATCH}"
|
||||
echo $UVWASI_VERSION
|
||||
echo
|
||||
echo "histogram_c"
|
||||
echo "========================="
|
||||
HISTOGRAM_VERSION=$(grep -oP '(?<=#define HDR_HISTOGRAM_VERSION ).*\"' node-v${version}/deps/histogram/include/hdr/hdr_histogram_version.h|sed -e 's/^"//' -e 's/"$//')
|
||||
echo $HISTOGRAM_VERSION
|
||||
grep "\"version\":" node-v${version}/deps/npm/package.json
|
||||
echo
|
||||
echo "Make sure these versions match what is in the RPM spec file"
|
||||
|
||||
|
||||
@ -1,2 +1 @@
|
||||
prefix=/usr/local
|
||||
python=/usr/bin/python3
|
||||
|
||||
@ -1,5 +0,0 @@
|
||||
# This is the distibution-level configuration file for npm.
|
||||
# To configure NPM on a system level, use the globalconfig below (defaults to @SYSCONFDIR@/npmrc).
|
||||
# vim:set filetype=dosini:
|
||||
|
||||
globalconfig=@SYSCONFDIR@/npmrc
|
||||
@ -1,32 +1,13 @@
|
||||
# The following macros control the usage of dependencies bundled from upstream.
|
||||
#
|
||||
# When to use what:
|
||||
# - Regular (presumably non-modular) build: use neither (the default in Fedora)
|
||||
# - Early bootstrapping build that is not intended to be shipped:
|
||||
# use --with=bootstrap; this will bundle deps and add `~bootstrap` release suffix
|
||||
# - Build with some dependencies not avalaible in necessary versions (i.e. module build):
|
||||
# use --with=bundled; will bundle deps, but do not add the suffix
|
||||
#
|
||||
# create bootstrapping build with bundled deps and extra release suffix
|
||||
%bcond_with bootstrap
|
||||
# bundle dependencies that are not available in CentOS
|
||||
%if %{with bootstrap}
|
||||
%bcond_without bundled
|
||||
%else
|
||||
%bcond_with bundled
|
||||
%global with_debug 0
|
||||
|
||||
# PowerPC, s390x and aarch64 segfault during Debug builds
|
||||
# https://github.com/nodejs/node/issues/20642
|
||||
%ifarch %{power64} s390x aarch64
|
||||
%global with_debug 0
|
||||
%endif
|
||||
|
||||
%bcond_with python3_fixup
|
||||
|
||||
# LTO is currently broken on Node.js builds
|
||||
%define _lto_cflags %{nil}
|
||||
|
||||
# Heavy-handed approach to avoiding issues with python
|
||||
# bytecompiling files in the node_modules/ directory
|
||||
%global __python %{__python3}
|
||||
|
||||
# This macro serves to provide corepack, which is not provided for now, but might be in the future
|
||||
%bcond_with corepack
|
||||
# bundle dependencies that are not available as Fedora modules
|
||||
%bcond_with bootstrap
|
||||
|
||||
# == Master Relase ==
|
||||
# This is used by both the nodejs package and the npm subpackage that
|
||||
@ -42,12 +23,12 @@
|
||||
# feature releases that are only supported for nine months, which is shorter
|
||||
# than a Fedora release lifecycle.
|
||||
%global nodejs_epoch 1
|
||||
%global nodejs_major 20
|
||||
%global nodejs_minor 17
|
||||
%global nodejs_major 10
|
||||
%global nodejs_minor 24
|
||||
%global nodejs_patch 0
|
||||
%global nodejs_abi %{nodejs_major}.%{nodejs_minor}
|
||||
# nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
|
||||
%global nodejs_soversion 115
|
||||
%global nodejs_soversion 64
|
||||
%global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch}
|
||||
%global nodejs_release %{baserelease}
|
||||
|
||||
@ -56,11 +37,11 @@
|
||||
# == Bundled Dependency Versions ==
|
||||
# v8 - from deps/v8/include/v8-version.h
|
||||
# Epoch is set to ensure clean upgrades from the old v8 package
|
||||
%global v8_epoch 2
|
||||
%global v8_major 11
|
||||
%global v8_minor 3
|
||||
%global v8_build 244
|
||||
%global v8_patch 8
|
||||
%global v8_epoch 1
|
||||
%global v8_major 6
|
||||
%global v8_minor 8
|
||||
%global v8_build 275
|
||||
%global v8_patch 32
|
||||
# V8 presently breaks ABI at least every x.y release while never bumping SONAME
|
||||
%global v8_abi %{v8_major}.%{v8_minor}
|
||||
%global v8_version %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch}
|
||||
@ -68,60 +49,53 @@
|
||||
|
||||
# c-ares - from deps/cares/include/ares_version.h
|
||||
# https://github.com/nodejs/node/pull/9332
|
||||
%global c_ares_version 1.32.3
|
||||
%global c_ares_major 1
|
||||
%global c_ares_minor 15
|
||||
%global c_ares_patch 0
|
||||
%global c_ares_version %{c_ares_major}.%{c_ares_minor}.%{c_ares_patch}
|
||||
|
||||
# llhttp - from deps/llhttp/include/llhttp.h
|
||||
%global llhttp_version 8.1.2
|
||||
# http-parser - from deps/http_parser/http_parser.h
|
||||
%global http_parser_major 2
|
||||
%global http_parser_minor 9
|
||||
%global http_parser_patch 4
|
||||
%global http_parser_version %{http_parser_major}.%{http_parser_minor}.%{http_parser_patch}
|
||||
|
||||
# libuv - from deps/uv/include/uv/version.h
|
||||
%global libuv_version 1.46.0
|
||||
%global libuv_major 1
|
||||
%global libuv_minor 34
|
||||
%global libuv_patch 2
|
||||
%global libuv_version %{libuv_major}.%{libuv_minor}.%{libuv_patch}
|
||||
|
||||
# nghttp2 - from deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
|
||||
%global nghttp2_version 1.61.0
|
||||
|
||||
# nghttp3 - from deps/ngtcp2/nghttp3/lib/includes/nghttp3/version.h
|
||||
%global nghttp3_version 0.7.0
|
||||
|
||||
# ngtcp2 from deps/ngtcp2/ngtcp2/lib/includes/ngtcp2/version.h
|
||||
%global ngtcp2_version 1.1.0
|
||||
%global nghttp2_major 1
|
||||
%global nghttp2_minor 41
|
||||
%global nghttp2_patch 0
|
||||
%global nghttp2_version %{nghttp2_major}.%{nghttp2_minor}.%{nghttp2_patch}
|
||||
|
||||
# ICU - from tools/icu/current_ver.dep
|
||||
%global icu_major 75
|
||||
%global icu_minor 1
|
||||
%global icu_major 64
|
||||
%global icu_minor 2
|
||||
%global icu_version %{icu_major}.%{icu_minor}
|
||||
|
||||
%global icudatadir %{nodejs_datadir}/icudata
|
||||
%{!?little_endian: %global little_endian %(%{__python3} -c "import sys;print (0 if sys.byteorder=='big' else 1)")}
|
||||
# " this line just fixes syntax highlighting for vim that is confused by the above and continues literal
|
||||
|
||||
%global sys_icu_version %(/usr/bin/icu-config --version)
|
||||
|
||||
%if "%{sys_icu_version}" >= "%{icu_version}"
|
||||
%global bundled_icu 0
|
||||
%global icu_flag system-icu
|
||||
%else
|
||||
%global bundled_icu 1
|
||||
%global icu_flag full-icu
|
||||
%endif
|
||||
|
||||
# simduft from deps/simdutf/simdutf.h
|
||||
%global simduft_version 5.3.0
|
||||
|
||||
# ada from deps/ada/ada.h
|
||||
%global ada_version 2.9.0
|
||||
|
||||
# OpenSSL minimum version
|
||||
%global openssl_minimum 1:1.1.1
|
||||
|
||||
# punycode - from lib/punycode.js
|
||||
# Note: this was merged into the mainline since 0.6.x
|
||||
# Note: this will be unmerged in an upcoming major release
|
||||
# Note: Marked as pending deprecation since 18.16.0
|
||||
%global punycode_version 2.1.0
|
||||
%global punycode_major 2
|
||||
%global punycode_minor 1
|
||||
%global punycode_patch 0
|
||||
%global punycode_version %{punycode_major}.%{punycode_minor}.%{punycode_patch}
|
||||
|
||||
# npm - from deps/npm/package.json
|
||||
%global npm_epoch 1
|
||||
%global npm_version 10.8.2
|
||||
%global npm_major 6
|
||||
%global npm_minor 14
|
||||
%global npm_patch 11
|
||||
%global npm_version %{npm_major}.%{npm_minor}.%{npm_patch}
|
||||
|
||||
# In order to avoid needing to keep incrementing the release version for the
|
||||
# main package forever, we will just construct one for npm that is guaranteed
|
||||
@ -129,15 +103,12 @@
|
||||
# base npm version number is increasing.
|
||||
%global npm_release %{nodejs_epoch}.%{nodejs_major}.%{nodejs_minor}.%{nodejs_patch}.%{nodejs_release}
|
||||
|
||||
# Node.js 16.9.1 and later comes with an experimental package management tool
|
||||
# corepack - from deps/corepack/package.json
|
||||
%global corepack_version 0.28.1
|
||||
|
||||
# uvwasi - from deps/uvwasi/include/uvwasi.h
|
||||
%global uvwasi_version 0.0.21
|
||||
|
||||
# histogram_c - from deps/histogram/include/hdr/hdr_histogram_version.h
|
||||
%global histogram_version 0.11.8
|
||||
# brotli - from deps/brotli/c/common/version.h
|
||||
# v10.x doesn't have --shared-brotli configure option, so we have to bundle it
|
||||
%global brotli_major 1
|
||||
%global brotli_minor 0
|
||||
%global brotli_patch 7
|
||||
%global brotli_version %{brotli_major}.%{brotli_minor}.%{brotli_patch}
|
||||
|
||||
Name: nodejs
|
||||
Epoch: %{nodejs_epoch}
|
||||
@ -164,44 +135,26 @@ Source100: %{name}-tarball.sh
|
||||
# nodejs-packaging SRPM.
|
||||
Source7: nodejs_native.attr
|
||||
|
||||
# Configure npm to look into /etc for configuration
|
||||
Source8: npmrc.builtin.in
|
||||
|
||||
# These are full sources for dependencies included as WASM blobs in the source of Node itself.
|
||||
# Note: These sources would also include pre-compiled WASM blobs… so they are adjusted not to.
|
||||
# Recipes for creating these blobs are included in the sources.
|
||||
|
||||
# Version: jq '.version' deps/cjs-module-lexer/package.json
|
||||
# Original: https://github.com/nodejs/cjs-module-lexer/archive/refs/tags/1.2.2.tar.gz
|
||||
# Adjustments: rm -f cjs-module-lexer-1.2.2/lib/lexer.wasm
|
||||
# wasi-sdk version can be found in Makefile
|
||||
# https://github.com/nodejs/cjs-module-lexer/blob/1.2.2/Makefile
|
||||
Source101: cjs-module-lexer-1.2.2.tar.gz
|
||||
Source111: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-11/wasi-sdk-11.0-linux.tar.gz
|
||||
|
||||
# Version: jq '.version' deps/undici/src/package.json
|
||||
# Original: https://github.com/nodejs/undici/archive/refs/tags/v6.13.0.tar.gz
|
||||
# Adjustments: rm -f undici-6.13.0/lib/llhttp/llhttp*.wasm
|
||||
# wasi-sdk version can be found in lib/llhttp/wasm_build_env.txt
|
||||
Source102: undici-6.19.2.tar.gz
|
||||
Source112: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-16/wasi-sdk-16.0-linux.tar.gz
|
||||
|
||||
# Disable running gyp on bundled deps we don't use
|
||||
Patch1: 0001-Disable-running-gyp-on-shared-deps.patch
|
||||
Patch2: 0002-Disable-FIPS-options.patch
|
||||
|
||||
# Suppress the message from npm to run `npm -g update npm`
|
||||
# This does bad things on an RPM-managed npm.
|
||||
Patch2: 0002-Suppress-NPM-message-to-run-global-update.patch
|
||||
|
||||
# Upstream patch to enable auto-detection of full ICU data
|
||||
# https://github.com/nodejs/node/pull/30825
|
||||
Patch3: 0003-build-auto-load-ICU-data-from-with-icu-default-data-.patch
|
||||
|
||||
# CVE-2020-7774
|
||||
Patch4: 0004-CVE-2020-7774-nodejs-y18n-prototype-pollution-vulnerability.patch
|
||||
|
||||
BuildRequires: make
|
||||
BuildRequires: python2-devel
|
||||
BuildRequires: python3-devel
|
||||
BuildRequires: python3-setuptools
|
||||
BuildRequires: python3-jinja2
|
||||
%if !%{with python3_fixup}
|
||||
BuildRequires: python-unversioned-command
|
||||
%endif
|
||||
BuildRequires: zlib-devel
|
||||
BuildRequires: brotli-devel
|
||||
BuildRequires: gcc >= 8.3.0
|
||||
BuildRequires: gcc-c++ >= 8.3.0
|
||||
BuildRequires: jq
|
||||
BuildRequires: gcc >= 6.3.0
|
||||
BuildRequires: gcc-c++ >= 6.3.0
|
||||
# needed to generate bundled provides for npm dependencies
|
||||
# https://src.fedoraproject.org/rpms/nodejs/pull-request/2
|
||||
# https://pagure.io/nodejs-packaging/pull-request/10
|
||||
@ -209,28 +162,22 @@ BuildRequires: nodejs-packaging
|
||||
BuildRequires: chrpath
|
||||
BuildRequires: libatomic
|
||||
|
||||
%if %{with bundled}
|
||||
Provides: bundled(libuv) = %{libuv_version}
|
||||
%if %{with bootstrap}
|
||||
Provides: bundled(http-parser) = %{http_parser_version}
|
||||
Provides: bundled(libuv) = %{libuv_version}
|
||||
Provides: bundled(nghttp2) = %{nghttp2_version}
|
||||
%else
|
||||
BuildRequires: systemtap-sdt-devel
|
||||
BuildRequires: libuv-devel >= 1:%{libuv_version}
|
||||
Requires: libuv >= 1:%{libuv_version}
|
||||
%endif
|
||||
|
||||
%if %{with bundled}
|
||||
Provides: bundled(nghttp2) = %{nghttp2_version}
|
||||
%else
|
||||
Requires: libuv >= 1:%{libuv_version}
|
||||
BuildRequires: libnghttp2-devel >= %{nghttp2_version}
|
||||
Requires: libnghttp2 >= %{nghttp2_version}
|
||||
Requires: libnghttp2 >= %{nghttp2_version}
|
||||
BuildRequires: http-parser-devel >= %{http_parser_version}
|
||||
Requires: http-parser >= %{http_parser_version}
|
||||
|
||||
%endif
|
||||
|
||||
# Temporarily bundle llhttp because the upstream doesn't
|
||||
# provide releases for it.
|
||||
Provides: bundled(llhttp) = %{llhttp_version}
|
||||
Provides: bundled(nghttp3) = %{nghttp3_version}
|
||||
Provides: bundled(ngtcp2) = %{ngtcp2_version}
|
||||
|
||||
BuildRequires: openssl-devel >= %{openssl_minimum}
|
||||
Requires: openssl >= %{openssl_minimum}
|
||||
BuildRequires: openssl-devel
|
||||
|
||||
# we need the system certificate store
|
||||
Requires: ca-certificates
|
||||
@ -282,18 +229,16 @@ Provides: bundled(v8) = %{v8_version}
|
||||
# an ABI-break, so we'll use the bundled copy.
|
||||
Provides: bundled(icu) = %{icu_version}
|
||||
|
||||
# Upstream added new dependencies, but so far they are not available in Fedora
|
||||
# or there's no option to built it as a shared dependency, so we bundle them
|
||||
Provides: bundled(uvwasi) = %{uvwasi_version}
|
||||
Provides: bundled(histogram) = %{histogram_version}
|
||||
%if %{with corepack}
|
||||
Provides: bundled(corepack) = %{corepack_version}
|
||||
%endif
|
||||
Provides: bundled(simduft) = %{simduft_version}
|
||||
Provides: bundled(ada) = %{ada_version}
|
||||
|
||||
# Make sure we keep NPM up to date when we update Node.js
|
||||
Recommends: npm >= %{npm_epoch}:%{npm_version}-%{npm_release}%{?dist}
|
||||
%if 0%{?rhel}
|
||||
# EPEL doesn't support Recommends, so make it strict
|
||||
Requires: npm = %{npm_epoch}:%{npm_version}-%{npm_release}%{?dist}
|
||||
%else
|
||||
Recommends: npm = %{npm_epoch}:%{npm_version}-%{npm_release}%{?dist}
|
||||
%endif
|
||||
|
||||
# Provide bundled brotli until we can build it with system package
|
||||
Provides: bundled(brotli) = %{brotli_version}
|
||||
|
||||
%description
|
||||
Node.js is a platform built on Chrome's JavaScript runtime
|
||||
@ -309,10 +254,12 @@ Group: Development/Languages
|
||||
Requires: %{name}%{?_isa} = %{epoch}:%{nodejs_version}-%{nodejs_release}%{?dist}
|
||||
Requires: openssl-devel%{?_isa}
|
||||
Requires: zlib-devel%{?_isa}
|
||||
Requires: brotli-devel%{?_isa}
|
||||
Requires: nodejs-packaging
|
||||
|
||||
%if %{without bundled}
|
||||
%if %{with bootstrap}
|
||||
# deps are bundled
|
||||
%else
|
||||
Requires: http-parser-devel%{?_isa}
|
||||
Requires: libuv-devel%{?_isa}
|
||||
%endif
|
||||
|
||||
@ -341,7 +288,6 @@ Release: %{npm_release}%{?dist}
|
||||
Obsoletes: npm < 0:3.5.4-6
|
||||
Provides: npm = %{npm_epoch}:%{npm_version}
|
||||
Requires: nodejs = %{nodejs_epoch}:%{nodejs_version}-%{nodejs_release}%{?dist}
|
||||
Recommends: nodejs-docs = %{nodejs_epoch}:%{nodejs_version}-%{nodejs_release}%{?dist}
|
||||
|
||||
# Do not add epoch to the virtual NPM provides or it will break
|
||||
# the automatic dependency-generation script.
|
||||
@ -372,74 +318,79 @@ The API documentation for the Node.js JavaScript runtime.
|
||||
|
||||
# remove bundled dependencies that we aren't building
|
||||
rm -rf deps/zlib
|
||||
rm -rf deps/brotli
|
||||
rm -rf deps/v8/third_party/jinja2
|
||||
rm -rf tools/inspector_protocol/jinja2
|
||||
|
||||
# Replace any instances of unversioned python' with python3
|
||||
# check for correct versions of dependencies we are bundling
|
||||
check_wasm_dep() {
|
||||
local -r name="$1" source="$2" packagejson="$3"
|
||||
local -r expected_version="$(jq -r '.version' "${packagejson}")"
|
||||
|
||||
if ls "${source}"|grep -q --fixed-strings "${expected_version}"; then
|
||||
printf '%s version matches\n' "${name}" >&2
|
||||
else
|
||||
printf '%s version MISMATCH: %s !~ %s\n' "${name}" "${expected_version}" "${source}" >&2
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
check_wasm_dep cjs-module-lexer '%{SOURCE101}' deps/cjs-module-lexer/package.json
|
||||
check_wasm_dep undici '%{SOURCE102}' deps/undici/src/package.json
|
||||
|
||||
%if %{with python3_fixup}
|
||||
pathfix.py -i %{__python3} -pn $(find -type f ! -name "*.js")
|
||||
find . -type f -exec sed -i "s~/usr\/bin\/env python~/usr/bin/python3~" {} \;
|
||||
find . -type f -exec sed -i "s~/usr\/bin\/python\W~/usr/bin/python3~" {} \;
|
||||
# Replace any instances of unversioned python' with python2
|
||||
pathfix.py -i %{__python2} -pn $(find -type f ! -name "*.js")
|
||||
find . -type f -exec sed -i "s~/usr\/bin\/env python~/usr/bin/python2~" {} \;
|
||||
find . -type f -exec sed -i "s~/usr\/bin\/python\W~/usr/bin/python2~" {} \;
|
||||
sed -i "s~python~python2~" $(find . -type f | grep "gyp$")
|
||||
sed -i "s~usr\/bin\/python2~usr\/bin\/python3~" ./deps/v8/tools/gen-inlining-tests.py
|
||||
sed -i "s~usr\/bin\/python.*$~usr\/bin\/python3~" ./deps/v8/tools/mb/mb_test.py
|
||||
find . -type f -exec sed -i "s~python -c~python3 -c~" {} \;
|
||||
%endif
|
||||
sed -i "s~usr\/bin\/python.*$~usr\/bin\/python2~" ./deps/v8/tools/mb/mb_unittest.py
|
||||
find . -type f -exec sed -i "s~python -c~python2 -c~" {} \;
|
||||
sed -i "s~which('python')~which('python2')~" configure
|
||||
|
||||
%build
|
||||
|
||||
%ifarch s390 s390x %{arm} %ix86
|
||||
# Decrease debuginfo verbosity to reduce memory consumption during final
|
||||
# library linking
|
||||
%global optflags %(echo %{optflags} | sed 's/-g /-g1 /')
|
||||
%endif
|
||||
|
||||
export RHEL_ALLOW_PYTHON2_FOR_BUILD=1
|
||||
export CC='%{__cc}'
|
||||
export CXX='%{__cxx}'
|
||||
%{?with_python3_fixup:export NODE_GYP_FORCE_PYTHON=%{__python3}}
|
||||
|
||||
# build with debugging symbols and add defines from libuv (#892601)
|
||||
# Node's v8 breaks with GCC 6 because of incorrect usage of methods on
|
||||
# NULL objects. We need to pass -fno-delete-null-pointer-checks
|
||||
extra_cflags=(
|
||||
-D_LARGEFILE_SOURCE
|
||||
-D_FILE_OFFSET_BITS=64
|
||||
-DZLIB_CONST
|
||||
-fno-delete-null-pointer-checks
|
||||
)
|
||||
export CFLAGS="%{optflags} ${extra_cflags[*]}" CXXFLAGS="%{optflags} ${extra_cflags[*]}"
|
||||
export CFLAGS='%{optflags} \
|
||||
-D_LARGEFILE_SOURCE \
|
||||
-D_FILE_OFFSET_BITS=64 \
|
||||
-DZLIB_CONST \
|
||||
-fno-delete-null-pointer-checks'
|
||||
export CXXFLAGS='%{optflags} \
|
||||
-D_LARGEFILE_SOURCE \
|
||||
-D_FILE_OFFSET_BITS=64 \
|
||||
-DZLIB_CONST \
|
||||
-fno-delete-null-pointer-checks'
|
||||
|
||||
# Explicit new lines in C(XX)FLAGS can break naive build scripts
|
||||
export CFLAGS="$(echo ${CFLAGS} | tr '\n\\' ' ')"
|
||||
export CXXFLAGS="$(echo ${CXXFLAGS} | tr '\n\\' ' ')"
|
||||
|
||||
export LDFLAGS="%{build_ldflags}"
|
||||
|
||||
%{__python3} configure.py --prefix=%{_prefix} --verbose \
|
||||
--shared-openssl --openssl-conf-name=openssl_conf \
|
||||
%if %{with bootstrap}
|
||||
./configure --prefix=%{_prefix} \
|
||||
--shared-openssl \
|
||||
--shared-zlib \
|
||||
--shared-brotli \
|
||||
%{!?with_bundled:--shared-libuv} \
|
||||
%{!?with_bundled:--shared-nghttp2} \
|
||||
--without-dtrace \
|
||||
--with-intl=small-icu \
|
||||
--openssl-use-def-ca-store
|
||||
%else
|
||||
./configure --prefix=%{_prefix} \
|
||||
--shared-openssl \
|
||||
--shared-zlib \
|
||||
--shared-libuv \
|
||||
--shared-http-parser \
|
||||
--shared-nghttp2 \
|
||||
--with-dtrace \
|
||||
--with-intl=small-icu \
|
||||
--with-icu-default-data-dir=%{icudatadir} \
|
||||
%{!?with_corepack:--without-corepack} \
|
||||
--openssl-use-def-ca-store \
|
||||
--openssl-default-cipher-list=PROFILE=SYSTEM
|
||||
--openssl-use-def-ca-store
|
||||
%endif
|
||||
|
||||
%if %{?with_debug} == 1
|
||||
# Setting BUILDTYPE=Debug builds both release and debug binaries
|
||||
make BUILDTYPE=Debug %{?_smp_mflags}
|
||||
%else
|
||||
make BUILDTYPE=Release %{?_smp_mflags}
|
||||
%endif
|
||||
|
||||
# Extract the ICU data and convert it to the appropriate endianness
|
||||
pushd deps/
|
||||
tar xfz %{SOURCE3}
|
||||
tar xfz %SOURCE3
|
||||
|
||||
pushd icu/source
|
||||
|
||||
@ -468,14 +419,21 @@ popd # deps
|
||||
|
||||
|
||||
%install
|
||||
export RHEL_ALLOW_PYTHON2_FOR_BUILD=1
|
||||
|
||||
rm -rf %{buildroot}
|
||||
|
||||
./tools/install.py install --dest-dir=%{buildroot} --prefix=%{_prefix}
|
||||
./tools/install.py install %{buildroot} %{_prefix}
|
||||
|
||||
# Set the binary permissions properly
|
||||
chmod 0755 %{buildroot}/%{_bindir}/node
|
||||
chrpath --delete %{buildroot}%{_bindir}/node
|
||||
|
||||
%if %{?with_debug} == 1
|
||||
# Install the debug binary and set its permissions
|
||||
install -Dpm0755 out/Debug/node %{buildroot}/%{_bindir}/node_g
|
||||
%endif
|
||||
|
||||
# own the sitelib directory
|
||||
mkdir -p %{buildroot}%{_prefix}/lib/node_modules
|
||||
|
||||
@ -509,10 +467,9 @@ cp -pr deps/npm/man/* %{buildroot}%{_mandir}/
|
||||
rm -rf %{buildroot}%{_prefix}/lib/node_modules/npm/man
|
||||
ln -sf %{_mandir} %{buildroot}%{_prefix}/lib/node_modules/npm/man
|
||||
|
||||
# Install Gatsby HTML documentation to %%{_pkgdocdir}
|
||||
# Install Gatsby HTML documentation to %{_pkgdocdir}
|
||||
cp -pr deps/npm/docs %{buildroot}%{_pkgdocdir}/npm/
|
||||
rm -rf %{buildroot}%{_prefix}/lib/node_modules/npm/docs
|
||||
|
||||
ln -sf %{_pkgdocdir}/npm %{buildroot}%{_prefix}/lib/node_modules/npm/docs
|
||||
|
||||
# Node tries to install some python files into a documentation directory
|
||||
@ -530,24 +487,18 @@ find %{buildroot}%{_prefix}/lib/node_modules/npm \
|
||||
-exec chmod -x {} \;
|
||||
|
||||
# The above command is a little overzealous. Add a few permissions back.
|
||||
chmod 0755 %{buildroot}%{_prefix}/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin/node-gyp
|
||||
chmod 0755 %{buildroot}%{_prefix}/lib/node_modules/npm/node_modules/npm-lifecycle/node-gyp-bin/node-gyp
|
||||
chmod 0755 %{buildroot}%{_prefix}/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
|
||||
|
||||
%if %{with corepack}
|
||||
# Corepack contains a number of executable"shims", including some for Windows
|
||||
# PowerShell. Drop the executable bit for those so we don't pick up an
|
||||
# automatic dependency on /usr/bin/pwsh that we cannot satisfy.
|
||||
chmod -x %{buildroot}%{_prefix}/lib/node_modules/corepack/shims/*.ps1
|
||||
%endif
|
||||
|
||||
# Drop the NPM builtin configuration in place
|
||||
sed -e 's#@SYSCONFDIR@#%{_sysconfdir}#g' \
|
||||
%{SOURCE8} > %{buildroot}%{_prefix}/lib/node_modules/npm/npmrc
|
||||
|
||||
# Drop the NPM default configuration in place
|
||||
mkdir -p %{buildroot}%{_sysconfdir}
|
||||
cp %{SOURCE1} %{buildroot}%{_sysconfdir}/npmrc
|
||||
|
||||
# NPM upstream expects it to be in /usr/etc/npmrc, so we'll put a symlink here
|
||||
# This is done in the interests of keeping /usr read-only.
|
||||
mkdir -p %{buildroot}%{_prefix}/etc
|
||||
ln -s %{_sysconfdir}/npmrc %{buildroot}%{_prefix}/etc/npmrc
|
||||
|
||||
# Install the full-icu data files
|
||||
install -Dpm0644 -t %{buildroot}%{icudatadir} deps/icu/source/converted/*
|
||||
|
||||
@ -562,31 +513,70 @@ install -Dpm0644 -t %{buildroot}%{icudatadir} deps/icu/source/converted/*
|
||||
%{buildroot}/%{_bindir}/node -e "require(\"assert\").equal(require(\"punycode\").version, '%{punycode_version}')"
|
||||
|
||||
# Ensure we have npm and that the version matches
|
||||
NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/node_modules/npm/node_modules %{buildroot}/%{_bindir}/node -e "require(\"assert\").equal(JSON.parse(require(\"fs\").readFileSync(\"%{buildroot}%{_prefix}/lib/node_modules/npm/package.json\")).version, '%{npm_version}')"
|
||||
NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/node_modules/npm/node_modules %{buildroot}/%{_bindir}/node -e "require(\"assert\").equal(require(\"npm\").version, '%{npm_version}')"
|
||||
|
||||
# Make sure i18n support is working
|
||||
NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/node_modules/npm/node_modules LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}/%{_bindir}/node --icu-data-dir=%{buildroot}%{icudatadir} %{SOURCE2}
|
||||
NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/node_modules/npm/node_modules %{buildroot}/%{_bindir}/node --icu-data-dir=%{buildroot}%{icudatadir} %{SOURCE2}
|
||||
|
||||
|
||||
%pretrans -n npm -p <lua>
|
||||
-- Remove all of the symlinks from the bundled npm node_modules directory
|
||||
-- This scriptlet can be removed in Fedora 31
|
||||
base_path = "%{_prefix}/lib/node_modules/npm/node_modules/"
|
||||
d_st = posix.stat(base_path)
|
||||
if d_st then
|
||||
for f in posix.files(base_path) do
|
||||
path = base_path..f
|
||||
st = posix.stat(path)
|
||||
if st and st.type == "link" then
|
||||
os.remove(path)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
-- Replace the npm man directory with a symlink
|
||||
-- Drop this scriptlet when F31 is EOL
|
||||
path = "%{_prefix}/lib/node_modules/npm/man"
|
||||
st = posix.stat(path)
|
||||
if st and st.type == "directory" then
|
||||
status = os.rename(path, path .. ".rpmmoved")
|
||||
if not status then
|
||||
suffix = 0
|
||||
while not status do
|
||||
suffix = suffix + 1
|
||||
status = os.rename(path .. ".rpmmoved", path .. ".rpmmoved." .. suffix)
|
||||
end
|
||||
os.rename(path, path .. ".rpmmoved")
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
%files
|
||||
%{_bindir}/node
|
||||
%dir %{_prefix}/lib/node_modules
|
||||
%dir %{_datadir}/node
|
||||
%dir %{_datadir}/systemtap
|
||||
%dir %{_datadir}/systemtap/tapset
|
||||
%{_datadir}/systemtap/tapset/node.stp
|
||||
|
||||
%if %{with corepack}
|
||||
# corepack
|
||||
%{_bindir}/corepack
|
||||
%{_prefix}/lib/node_modules/corepack
|
||||
%if %{with bootstrap}
|
||||
# no dtrace
|
||||
%else
|
||||
%dir %{_usr}/lib/dtrace
|
||||
%{_usr}/lib/dtrace/node.d
|
||||
%endif
|
||||
|
||||
%{_rpmconfigdir}/fileattrs/nodejs_native.attr
|
||||
%{_rpmconfigdir}/nodejs_native.req
|
||||
%license LICENSE
|
||||
%doc CHANGELOG.md onboarding.md GOVERNANCE.md README.md
|
||||
%doc AUTHORS CHANGELOG.md COLLABORATOR_GUIDE.md GOVERNANCE.md README.md
|
||||
%doc %{_mandir}/man1/node.1*
|
||||
|
||||
|
||||
%files devel
|
||||
%if %{?with_debug} == 1
|
||||
%{_bindir}/node_g
|
||||
%endif
|
||||
%{_includedir}/node
|
||||
%{_datadir}/node/common.gypi
|
||||
%{_pkgdocdir}/gdbinit
|
||||
@ -602,6 +592,7 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/nod
|
||||
%{_bindir}/npx
|
||||
%{_prefix}/lib/node_modules/npm
|
||||
%config(noreplace) %{_sysconfdir}/npmrc
|
||||
%{_prefix}/etc/npmrc
|
||||
%ghost %{_sysconfdir}/npmignore
|
||||
%doc %{_mandir}/man1/npm*.1*
|
||||
%doc %{_mandir}/man1/npx.1*
|
||||
@ -610,258 +601,73 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/nod
|
||||
%doc %{_mandir}/man5/npmrc.5*
|
||||
%doc %{_mandir}/man5/package-json.5*
|
||||
%doc %{_mandir}/man5/package-lock-json.5*
|
||||
%doc %{_mandir}/man5/npm-shrinkwrap-json.5*
|
||||
%doc %{_mandir}/man5/npm-global.5.*
|
||||
%doc %{_mandir}/man5/npm-json.5.*
|
||||
%doc %{_mandir}/man5/package-locks.5*
|
||||
%doc %{_mandir}/man5/shrinkwrap-json.5*
|
||||
%doc %{_mandir}/man7/config.7*
|
||||
%doc %{_mandir}/man7/dependency-selectors.7*
|
||||
%doc %{_mandir}/man7/developers.7*
|
||||
%doc %{_mandir}/man7/logging.7*
|
||||
%doc %{_mandir}/man7/disputes.7*
|
||||
%doc %{_mandir}/man7/orgs.7*
|
||||
%doc %{_mandir}/man7/package-spec.7*
|
||||
%doc %{_mandir}/man7/registry.7*
|
||||
%doc %{_mandir}/man7/removal.7*
|
||||
%doc %{_mandir}/man7/scope.7*
|
||||
%doc %{_mandir}/man7/scripts.7*
|
||||
%doc %{_mandir}/man7/workspaces.7*
|
||||
%doc %{_mandir}/man7/semver.7*
|
||||
|
||||
|
||||
%files docs
|
||||
%doc doc
|
||||
%dir %{_pkgdocdir}
|
||||
%{_pkgdocdir}/html
|
||||
%{_pkgdocdir}/npm/docs
|
||||
|
||||
|
||||
%changelog
|
||||
* Mon Aug 05 2024 Honza Horak <hhorak@redhat.com> - 1:20.16.0-1
|
||||
- Update to 20.16.0
|
||||
Fixes: CVE-2024-36137 CVE-2024-22018 CVE-2024-22020
|
||||
* Wed Feb 24 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:10.24.0-1
|
||||
- Resolves: RHBZ#1932373, RHBZ#1932426
|
||||
- Resolves CVE-2021-22883 and CVE-2021-22884
|
||||
- remove -debug-nghttp2 flag (1930775)
|
||||
- remove ini patch merged upstream
|
||||
|
||||
* Tue Jun 11 2024 Jan Staněk <jstanek@redhat.com> - 1:20.14.0-1
|
||||
- Update to version 20.14.0
|
||||
|
||||
* Tue Apr 16 2024 Jan Staněk <jstanek@redhat.com> - 1:20.12.2-2
|
||||
- Backport nghttp2 patch for CVE-2024-28182
|
||||
|
||||
* Tue Apr 16 2024 Jan Staněk <jstanek@redhat.com> - 1:20.12.2-1
|
||||
- Rebase to version 20.12.0
|
||||
Fixes CVE-2024-27983 CVE-2024-27982 CVE-2024-22025 (node)
|
||||
Fixes CVE-2024-25629 (c-ares)
|
||||
|
||||
* Tue Mar 05 2024 Lukas Javorsky <ljavorsk@redhat.com> - 1:20.11.1-1
|
||||
- Rebase to version 20.11.1
|
||||
- Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 (high)
|
||||
- Fixes: CVE-2023-46809 CVE-2024-21890 CVE-2024-21891 (medium)
|
||||
|
||||
* Fri Jan 12 2024 Jan Staněk <jstanek@redhat.com> - 1:20.11.0-1
|
||||
- Rebase to version 20.11.0
|
||||
Resolves: RHEL-21188
|
||||
|
||||
* Thu Nov 09 2023 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:20.9.0-1
|
||||
- Rebase to LTS
|
||||
- Resolves: RHEL-16161
|
||||
|
||||
* Wed Oct 18 2023 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:20.8.1-1
|
||||
- Update node and nghttp
|
||||
- Add fips patch
|
||||
- Fixes CVE-2023-44487 (nghttp)
|
||||
- Fixes CVE-2023-45143, CVE-2023-39331, CVE-2023-39332, CVE-2023-38552, CVE-2023-39333
|
||||
|
||||
* Thu Aug 10 2023 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:20.5.1-1
|
||||
- Rebase to new security release
|
||||
- Address CVE-2023-32002, CVE-2023-32004, CVE-2023-32558 (high)
|
||||
- Address CVE-2023-32006, CVE-2023-32559 (medium)
|
||||
- Address CVE-2023-32005, CVE-2023-32003 (low)
|
||||
- Resolves: #2186717
|
||||
- Resolves RHELPLAN-155639
|
||||
|
||||
* Thu Jul 27 2023 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:20.5.0-1
|
||||
- Update to v20.5.0
|
||||
- Remove dtrace support
|
||||
- bcond corepack, so we don't provide it by default
|
||||
- Decrease debuginfo verbosity for all arches
|
||||
- Resolves: #2186717
|
||||
- Resolves RHELPLAN-155639
|
||||
|
||||
* Wed Jul 12 2023 Jan Staněk <jstanek@redhat.com> - 1:18.16.1-1
|
||||
- Rebase to 18.16.1
|
||||
Resolves: rhbz#2188292 rhbz#2187683
|
||||
Resolves: CVE-2023-30581 CVE-2023-30588 CVE-2023-30589 CVE-2023-30590
|
||||
- Replace /usr/etc/npmrc symlink with builtin configuration
|
||||
Resolves: rhbz#2222285
|
||||
|
||||
* Tue May 30 2023 Jan Staněk <jstanek@redhat.com> - 1:18.14.2-3
|
||||
- Update bundled c-ares to 1.19.1
|
||||
Resolves: CVE-2023-31124 CVE-2023-31130 CVE-2023-31147 CVE-2023-32067
|
||||
|
||||
* Tue Mar 21 2023 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:18.14.2-2
|
||||
- Provide simduft
|
||||
- Resolves: #2159389
|
||||
|
||||
* Mon Mar 20 2023 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:18.14.2-1
|
||||
- Rebase to 18.14.2
|
||||
- Resolves: #2159389
|
||||
- Resolves: CVE-2022-25881, CVE-2022-4904, CVE-2023-23936, CVE-2023-24807
|
||||
- Resolves: CVE-2023-23918, CVE-2023-23919, CVE-2023-23920
|
||||
|
||||
* Wed Nov 16 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:18.12.1-1
|
||||
- Rebase + CVEs
|
||||
- Resolves: #2142809
|
||||
- Resolves: #2142830, #2142856
|
||||
|
||||
* Sun Oct 09 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:18.10.0-3
|
||||
- Resolves: #2111861
|
||||
- Add proper sources for undici
|
||||
|
||||
* Fri Oct 07 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:18.10.0-2
|
||||
- Resolves: #2130565
|
||||
- Add missing file
|
||||
|
||||
* Thu Oct 06 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:18.10.0-1
|
||||
- Update to latest release
|
||||
- Resolves: #2130565
|
||||
- Resolves #2111009, #2111861, #2132732
|
||||
|
||||
* Fri Aug 26 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:18.8.0-1
|
||||
- Update to latest release
|
||||
- Resolves: RHBZ#2111009
|
||||
- Provide undici and cjs-module-lexer + wasi-sdk sources
|
||||
- Resolves: RBHZ#2111861
|
||||
|
||||
* Mon Aug 08 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:18.7.0-1
|
||||
- Update to latest release
|
||||
- Resolves CVE-2022-32212 CVE-2022-32213 CVE-2022-32214 CVE-2022-32215
|
||||
- Resolves CVE-2022-29244
|
||||
- Resolves: RHBZ#2111009
|
||||
|
||||
* Mon Jun 20 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:18.2.0-2
|
||||
- Disable LTO
|
||||
- Related: #1990096
|
||||
- Build without python3 fixup by default
|
||||
|
||||
* Tue May 31 2022 Jan Staněk <jstanek@redhat.com> - 1:18.2.0-1
|
||||
- Rebase to version 18.2.0
|
||||
|
||||
* Mon Apr 25 2022 Jan Staněk <jstanek@redhat.com> - 1:16.14.0-5
|
||||
- Unify configure calls into single command
|
||||
- Refactor bootstrap-related parts
|
||||
- Decouple dependency bundling from bootstrapping
|
||||
|
||||
* Mon Apr 11 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.14.0-4
|
||||
- Apply lock file validation fixes
|
||||
- Resolves: CVE-2021-43616
|
||||
- Resolves: RHBZ#2070013
|
||||
|
||||
* Mon Dec 06 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.13.1-3
|
||||
- Resolves: RHBZ#2026329
|
||||
- Add corepack to spec
|
||||
|
||||
* Mon Dec 06 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.13.1-2
|
||||
- Resolves: RHBZ#2026329
|
||||
- Update npm version test
|
||||
|
||||
* Thu Dec 02 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.13.1-1
|
||||
- Resolves: RHBZ#2014132, RHBZ#2014126, RHBZ#2013828, RHBZ#2024920
|
||||
- Resolves: RHBZ#2026329
|
||||
- Rebase to LTS release and to fix multiple low and medium CVEs
|
||||
|
||||
* Mon Sep 13 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.8.0-1
|
||||
- Resolves CVE-2021-32803, CVE-2021-32804, CVE-2021-37701, CVE-2021-37712
|
||||
- Resolves: RHBZ#1993948, RHBZ#1993941, RHBZ#2000151, RHBZ#2002176
|
||||
|
||||
* Mon Aug 30 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.7.0-2
|
||||
- Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939,
|
||||
- CVE-2021-22940, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
|
||||
- Resolves: RHBZ#1988608, RHBZ#1993816, RHBZ#1993810
|
||||
- Resolves: RHBZ#1993097, RHBZ#1993948, RHBZ#1993941, RHBZ#1994963
|
||||
- fix python3 in gyp
|
||||
|
||||
* Wed Aug 18 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.7.0-1
|
||||
- Resolves CVE-2021-22930, CVE-2021-22931, CVE-2021-22939,
|
||||
- CVE-2021-22940, CVE-2021-32803, CVE-2021-32804, CVE-2021-3672
|
||||
- Resolves: RHBZ#1988608, RHBZ#1993816, RHBZ#1993810
|
||||
- Resolves: RHBZ#1993097, RHBZ#1993948, RHBZ#1993941, RHBZ#1994963
|
||||
|
||||
* Fri Jul 09 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.4.2-1
|
||||
- Resolves: RHBZ#1979847
|
||||
- Resolves CVE-2021-22918(libuv)
|
||||
- Use system cipher list(1842826, 1952915)
|
||||
|
||||
* Tue May 11 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.1.0-1
|
||||
- Resolves: RHBZ#1953991
|
||||
- Rebase to v16.x
|
||||
- Update version of gcc and gcc-c++ needed
|
||||
- Remove libs conditionals
|
||||
- Remove unused patches
|
||||
- Bundle nghttp3 and ngtcp2
|
||||
|
||||
* Mon Mar 01 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.16.0-2
|
||||
- Resolves RHBZ#1930775
|
||||
- remove --debug-nghttp2 option
|
||||
|
||||
* Mon Mar 01 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.16.0-1
|
||||
- Resolves CVE-2021-22883 CVE-2021-22884
|
||||
- Resolves: RHBZ#1934566, RHBZ#1934599
|
||||
- Rebase, remove ini patch
|
||||
|
||||
* Tue Jan 26 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.15.4-2
|
||||
- Add patch for yarn crash
|
||||
- Resolves: RHBZ#1915296
|
||||
|
||||
* Tue Jan 19 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.15.4-1
|
||||
- Security rebase to 14.15.4
|
||||
* Mon Jan 18 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:10.23.1-1
|
||||
- January Security release
|
||||
- https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/
|
||||
- Resolves: RHBZ#1913001, RHBZ#1912953
|
||||
- Resolves: RHBZ#1912636, RHBZ#1898602, RHBZ#1898768, RHBZ#1893987, RHBZ#1893184
|
||||
- Rebase to 10.23.1
|
||||
- Resolves: RHBZ#1916461, RHBZ#1914789
|
||||
- Resolves: RHBZ#1914783, RHBZ#1916462, RHBZ#1916395, RHBZ#1916459
|
||||
- Resolves: RHBZ#1916691, RHBZ#1916689, RHBZ#1916388
|
||||
- Remove dot-prop patch, as it is fixed by npm rebase
|
||||
|
||||
* Thu Oct 29 2020 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.15.0-1
|
||||
- Resolves: RHBZ#1858864
|
||||
- Update to LTS release
|
||||
* Tue Sep 22 2020 Jan Staněk <jstanek@redhat.com> - 1:10.22.1-1
|
||||
- Security rebase to 10.22.1
|
||||
|
||||
* Mon Sep 21 2020 Jan Staněk <jstanek@redhat.com> - 1:14.11.0-1
|
||||
- Security update to 14.11.0
|
||||
* Wed Jun 17 2020 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:10.21.0-3
|
||||
- Resolves: RHBZ#1845307
|
||||
- Remove brotli-devel requires from nodejs-devel
|
||||
|
||||
* Wed Jun 03 2020 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.4.0-1
|
||||
- Security update to 14.4.0
|
||||
- Resolves: RHBZ#1815402
|
||||
* Tue Jun 16 2020 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:10.21.0-2
|
||||
- Resolves: RHBZ#1845307
|
||||
- Turn off debug builds
|
||||
|
||||
* Thu May 21 2020 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.3.0-1
|
||||
- Update to 14.3.0
|
||||
- Fix optflags to save memory
|
||||
- Resolves: RHBZ#1815402
|
||||
* Mon Jun 15 2020 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:10.21.0-1
|
||||
- Security update to 10.21.0
|
||||
- Resolves: RHBZ#1845307
|
||||
- Fixes CVE-2020-11080, CVE-2020-8174, CVE-2020-10531
|
||||
- Bundle brotli, because --shared-brotli configure option is missing
|
||||
- Add i18n subpackage
|
||||
|
||||
* Wed May 06 2020 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:14.2.0-1
|
||||
- Update to 14.2.0
|
||||
- build with python3 only
|
||||
- some clean up
|
||||
* Wed Mar 18 2020 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:10.19.0-2
|
||||
- Resolves: RHBZ#1811499
|
||||
|
||||
* Tue Mar 17 2020 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:12.16.1-2
|
||||
- Fix CVE-2020-10531
|
||||
* Mon Feb 10 2020 Jan Staněk <jstanek@redhat.com> - 1:10.19.0-1
|
||||
- Rebase to 10.19.0 to fix CVE-2019-15604 to CVE-2019-15606
|
||||
|
||||
* Thu Feb 20 2020 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:12.16.1-1
|
||||
- Rebase to 12.16.1
|
||||
|
||||
* Wed Jan 15 2020 Jan Staněk <jstanek@redhat.com> - 1:12.14.1-1
|
||||
- Rebase to 12.14.1
|
||||
|
||||
* Fri Nov 29 2019 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:12.13.1-1
|
||||
- Resolves: RHBZ# 1773503, update to 12.13.1
|
||||
- minor clean up and sync with Fedora spec
|
||||
- turn off debug builds
|
||||
|
||||
* Thu Aug 01 2019 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:12.4.0-2
|
||||
- Add condition to libs
|
||||
|
||||
* Wed Jun 12 2019 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:12.4.0-1
|
||||
- Update to v12.x
|
||||
- Add v8-devel and libs subpackages from fedora
|
||||
* Tue Sep 10 2019 Jan Staněk <jstanek@redhat.com> - 1:10.16.3-1
|
||||
- Rebase to 10.16.3 to fix CVE-2019-9511 to CVE-2019-9518
|
||||
|
||||
* Thu Mar 14 2019 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:10.14.1-2
|
||||
- move nodejs-packaging BR out of conditional
|
||||
|
||||
* Tue Dec 11 2018 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:10.14.1-1
|
||||
- Resolves RHBZ#1644207
|
||||
- Resolves: RHBZ#1644207
|
||||
- fixes node-gyp permissions
|
||||
- rebase
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user