import CS nodejs22-22.22.2-1.el10

.fmf/version

@@ -1 +0,0 @@
-1

.gitignore

@@ -1,2 +1,3 @@
-/icu4c-*-data-bin-?.zip
-/node-*-stripped.tar.gz
+icu4c-78.2-data-bin-b.zip
+icu4c-78.2-data-bin-l.zip
+node-v22.22.2-stripped.tar.gz

0001-CVE-2026-25547-braces-expansion.patch

@@ -0,0 +1,102 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: tjuhasz <tjuhasz@redhat.com>
+Date: Tue, 25 Feb 2026 14:21:26 +0100
+Subject: [PATCH] CVE-2026-25547: Fix brace expansion vulnerability
+
+Add expansion limit to prevent DoS attacks through excessive
+brace expansion in the brace-expansion module.
+
+---
+ deps/npm/node_modules/brace-expansion/index.js | 20 ++++++++++++--------
+ 1 file changed, 12 insertions(+), 8 deletions(-)
+
+diff --git a/deps/npm/node_modules/brace-expansion/index.js b/deps/npm/node_modules/brace-expansion/index.js
+--- a/deps/npm/node_modules/brace-expansion/index.js	2026-01-12 23:55:24.000000000 +0100
++++ b/deps/npm/node_modules/brace-expansion/index.js	2026-02-25 14:21:26.829483831 +0100
+@@ -8,6 +8,8 @@
+ var escComma = '\0COMMA'+Math.random()+'\0';
+ var escPeriod = '\0PERIOD'+Math.random()+'\0';
+ 
++const EXPANSION_MAX = 100_000;
++
+ function numeric(str) {
+   return parseInt(str, 10) == str
+     ? parseInt(str, 10)
+@@ -61,9 +63,11 @@
+   return parts;
+ }
+ 
+-function expandTop(str) {
++function expandTop(str, options = {}) {
+   if (!str)
+     return [];
++  
++  const { max = EXPANSION_MAX } = options;
+ 
+   // I don't know why Bash 4.3 does this, but it does.
+   // Anything starting with {} will have the first two bytes preserved
+@@ -75,7 +79,7 @@
+     str = '\\{\\}' + str.substr(2);
+   }
+ 
+-  return expand(escapeBraces(str), true).map(unescapeBraces);
++  return expand(escapeBraces(str), max, true).map(unescapeBraces);
+ }
+ 
+ function embrace(str) {
+@@ -92,7 +96,7 @@
+   return i >= y;
+ }
+ 
+-function expand(str, isTop) {
++function expand(str, max, isTop) {
+   var expansions = [];
+ 
+   var m = balanced('{', '}', str);
+@@ -101,11 +105,11 @@
+   // no need to expand pre, since it is guaranteed to be free of brace-sets
+   var pre = m.pre;
+   var post = m.post.length
+-    ? expand(m.post, false)
++    ? expand(m.post, max, false)
+     : [''];
+ 
+   if (/\$$/.test(m.pre)) {
+-    for (var k = 0; k < post.length; k++) {
++    for (var k = 0; k < post.length && k < max; k++) {
+       var expansion = pre+ '{' + m.body + '}' + post[k];
+       expansions.push(expansion);
+     }
+@@ -118,7 +122,7 @@
+       // {a},b}
+       if (m.post.match(/,(?!,).*\}/)) {
+         str = m.pre + '{' + m.body + escClose + m.post;
+-        return expand(str);
++        return expand(str, max, true);
+       }
+       return [str];
+     }
+@@ -130,7 +134,7 @@
+       n = parseCommaParts(m.body);
+       if (n.length === 1) {
+         // x{{a,b}}y ==> x{a}y x{b}y
+-        n = expand(n[0], false).map(embrace);
++        n = expand(n[0], max, false).map(embrace);
+         if (n.length === 1) {
+           return post.map(function(p) {
+             return m.pre + n[0] + p;
+@@ -185,12 +189,12 @@
+       N = [];
+ 
+       for (var j = 0; j < n.length; j++) {
+-        N.push.apply(N, expand(n[j], false));
++        N.push.apply(N, expand(n[j], max, false));
+       }
+     }
+ 
+     for (var j = 0; j < N.length; j++) {
+-      for (var k = 0; k < post.length; k++) {
++      for (var k = 0; k < post.length && expansions.length < max; k++) {
+         var expansion = pre + N[j] + post[k];
+         if (!isTop || isSequence || expansion)
+           expansions.push(expansion);

0001-fips-disable-options.patch

@@ -0,0 +1,84 @@
+From 98738d27288bd9ca634e29181ef665e812e7bbd3 Mon Sep 17 00:00:00 2001
+From: Michael Dawson <midawson@redhat.com>
+Date: Fri, 23 Feb 2024 13:43:56 +0100
+Subject: [PATCH] Disable FIPS options
+
+On RHEL, FIPS should be configured only on system level.
+Additionally, the related options may cause segfault when used on RHEL.
+
+This patch causes the option processing to end sooner
+than the problematic code gets executed.
+Additionally, the JS-level options to mess with FIPS settings
+are similarly disabled.
+
+Upstream report: https://github.com/nodejs/node/pull/48950
+RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2226726
+---
+ lib/crypto.js             | 10 ++++++++++
+ lib/internal/errors.js    |  6 ++++++
+ src/crypto/crypto_util.cc |  2 ++
+ 3 files changed, 18 insertions(+)
+
+diff --git a/lib/crypto.js b/lib/crypto.js
+index 41adecc..b2627ac 100644
+--- a/lib/crypto.js
++++ b/lib/crypto.js
+@@ -36,7 +36,10 @@ const {
+ assertCrypto();
+
+ const {
++  // RHEL specific error
++  ERR_CRYPTO_FIPS_SYSTEM_CONTROLLED,
++
+   ERR_CRYPTO_FIPS_FORCED,
+   ERR_WORKER_UNSUPPORTED_OPERATION,
+ } = require('internal/errors').codes;
+ const constants = internalBinding('constants').crypto;
+@@ -251,6 +254,13 @@ function getFips() {
+ }
+ 
+ function setFips(val) {
++  // in RHEL FIPS enable/disable should only be done at system level
++  if (getFips() != val) {
++    throw new ERR_CRYPTO_FIPS_SYSTEM_CONTROLLED();
++  } else {
++    return;
++  }
++
+   if (getOptionValue('--force-fips')) {
+     if (val) return;
+     throw new ERR_CRYPTO_FIPS_FORCED();
+diff --git a/lib/internal/errors.js b/lib/internal/errors.js
+index a722360..04d8a53 100644
+--- a/lib/internal/errors.js
++++ b/lib/internal/errors.js
+@@ -1111,6 +1111,12 @@ module.exports = {
+ //
+ // Note: Node.js specific errors must begin with the prefix ERR_
+ 
++// insert RHEL specific erro
++E('ERR_CRYPTO_FIPS_SYSTEM_CONTROLLED',
++  'Cannot set FIPS mode. FIPS should be enabled/disabled at system level. See' +
++  'https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_installing-the-system-in-fips-mode_security-hardening for more details.\n',
++  Error);
++
+ E('ERR_ACCESS_DENIED',
+   function(msg, permission = '', resource = '') {
+     this.permission = permission;
+diff --git a/src/crypto/crypto_util.cc b/src/crypto/crypto_util.cc
+index 5734d8f..ef9d1b1 100644
+--- a/src/crypto/crypto_util.cc
++++ b/src/crypto/crypto_util.cc
+@@ -121,6 +121,8 @@ bool ProcessFipsOptions() {
+   /* Override FIPS settings in configuration file, if needed. */
+   if (per_process::cli_options->enable_fips_crypto ||
+       per_process::cli_options->force_fips_crypto) {
++      fprintf(stderr, "ERROR: Using options related to FIPS is not recommended, configure FIPS in openssl instead. See https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_installing-the-system-in-fips-mode_security-hardening for more details.\n");
++      return false;
+ #if OPENSSL_VERSION_MAJOR >= 3
+     OSSL_PROVIDER* fips_provider = OSSL_PROVIDER_load(nullptr, "fips");
+     if (fips_provider == nullptr)
+-- 
+2.43.2
+
+

gating.yaml

@@ -1,6 +0,0 @@
---- !Policy
-product_versions:
-  - rhel-10
-decision_context: osci_compose_gate
-rules:
-  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}

nodejs-tarball.sh

@@ -108,7 +108,7 @@ echo $_arg_version
 if [ x$_arg_version != x ]; then
     version=$_arg_version
 else
-    version=$(rpm -q --specfile --qf='%{version}\n' nodejs.spec | head -n1)
+    version=$(rpm -q --specfile --qf='%{version}\n' nodejs*.spec | head -n1)
 fi
 
 rm -f node-v${version}.tar.gz node-v${version}-stripped.tar.gz
@@ -120,11 +120,11 @@ rm -rf node-v${version}/deps/openssl
 tar -zcf node-v${version}-stripped.tar.gz node-v${version}
 
 # Download the ICU binary data files
-ICU_MAJOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\)-\([[:digit:]]\+\).*/\1/g')
-ICU_MINOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\)-\([[:digit:]]\+\).*/\2/g')
-rm -Rf icu4c-${ICU_MAJOR}_${ICU_MINOR}-data-bin-*.zip
-wget $(grep Source3 nodejs.spec | sed --expression="s/.*http/http/g" --expression="s/\(\%{icu_major}\)/${ICU_MAJOR}/g" --expression="s/\(\%{icu_minor}\)/${ICU_MINOR}/g")
-wget $(grep Source4 nodejs.spec | sed --expression="s/.*http/http/g" --expression="s/\(\%{icu_major}\)/${ICU_MAJOR}/g" --expression="s/\(\%{icu_minor}\)/${ICU_MINOR}/g")
+ICU_MAJOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\).\([[:digit:]]\+\).*/\1/g')
+ICU_MINOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\).\([[:digit:]]\+\).*/\2/g')
+rm -Rf icu4c-${ICU_MAJOR}.${ICU_MINOR}-data-bin-*.zip
+wget $(grep -w 'Source3' nodejs22.spec | sed --expression="s/.*http/http/g" --expression="s/\(\%{icu_major}\)/${ICU_MAJOR}/g" --expression="s/\(\%{icu_minor}\)/${ICU_MINOR}/g")
+wget $(grep -w 'Source4' nodejs22.spec | sed --expression="s/.*http/http/g" --expression="s/\(\%{icu_major}\)/${ICU_MAJOR}/g" --expression="s/\(\%{icu_minor}\)/${ICU_MINOR}/g")
 
 #fedpkg new-sources node-v${version}-stripped.tar.gz icu4c*-src.tgz
 
@@ -194,8 +194,8 @@ echo $NGTCP2_VERSION
 echo
 echo "ICU"
 echo "========================="
-ICU_MAJOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\)-\([[:digit:]]\+\).*/\1/g')
-ICU_MINOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\)-\([[:digit:]]\+\).*/\2/g')
+ICU_MAJOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\).\([[:digit:]]\+\).*/\1/g')
+ICU_MINOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\).\([[:digit:]]\+\).*/\2/g')
 echo "${ICU_MAJOR}.${ICU_MINOR}"
 echo
 echo "simdutf"

nodejs22.spec

@@ -1,3 +1,13 @@
+## START: Set by rpmautospec
+## (rpmautospec version 0.6.5)
+## RPMAUTOSPEC: autorelease, autochangelog
+%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
+    release_number = 1;
+    base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
+    print(release_number + base_release_number - 1);
+}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
+## END: Set by rpmautospec
+
 # Determine if this should be the default version for this Fedora release
 # The default version will own /usr/bin/node and friends
 %global nodejs_pkg_major 22
@@ -52,8 +62,8 @@
 # than a Fedora release lifecycle.
 %global nodejs_epoch 1
 %global nodejs_major 22
-%global nodejs_minor 13
-%global nodejs_patch 1
+%global nodejs_minor 22
+%global nodejs_patch 2
 # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
 %global nodejs_soversion 127
 %global nodejs_abi %{nodejs_soversion}
@@ -80,26 +90,26 @@
 
 # c-ares - from deps/cares/include/ares_version.h
 # https://github.com/nodejs/node/pull/9332
-%global c_ares_version 1.34.4
+%global c_ares_version 1.34.6
 
 # llhttp - from deps/llhttp/include/llhttp.h
-%global llhttp_version 9.2.1
+%global llhttp_version 9.3.0
 
 # libuv - from deps/uv/include/uv/version.h
-%global libuv_version 1.49.2
+%global libuv_version 1.51.0
 
 # nghttp2 - from deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
-%global nghttp2_version 1.64.0
+%global nghttp2_version 1.68.1
 
 # nghttp3 - from deps/ngtcp2/nghttp3/lib/includes/nghttp3/version.h
 %global nghttp3_version 1.6.0
 
 # ngtcp2 from deps/ngtcp2/ngtcp2/lib/includes/ngtcp2/version.h
-%global ngtcp2_version 1.9.1
+%global ngtcp2_version 1.11.0
 
 # ICU - from tools/icu/current_ver.dep
-%global icu_major 76
-%global icu_minor 1
+%global icu_major 78
+%global icu_minor 2
 %global icu_version %{icu_major}.%{icu_minor}
 
 %global icudatadir %{nodejs_datadir}/icudata
@@ -107,7 +117,7 @@
 # " this line just fixes syntax highlighting for vim that is confused by the above and continues literal
 
 # simdutf from deps/simdutf/simdutf.h
-%global simdutf_version 5.6.4
+%global simdutf_version 6.4.2
 
 # OpenSSL minimum version
 %global openssl11_minimum 1:1.1.1
@@ -120,7 +130,7 @@
 
 # npm - from deps/npm/package.json
 %global npm_epoch 1
-%global npm_version 10.9.2
+%global npm_version 10.9.7
 
 # In order to avoid needing to keep incrementing the release version for the
 # main package forever, we will just construct one for npm that is guaranteed
@@ -131,13 +141,13 @@
 %global npm_envr %{npm_epoch}:%{npm_version}-%{npm_release}
 
 # uvwasi - from deps/uvwasi/include/uvwasi.h
-%global uvwasi_version 0.0.21
+%global uvwasi_version 0.0.23
 
 # histogram_c - assumed from timestamps
-%global histogram_version 0.9.7
+%global histogram_version 0.11.9
 
 # sqlite – from deps/sqlite/sqlite3.h
-%global sqlite_version 3.47.2
+%global sqlite_version 3.51.2
 
 
 Name: nodejs%{nodejs_pkg_major}
@@ -159,16 +169,21 @@ Source0: node-v%{nodejs_version}-stripped.tar.gz
 Source1: npmrc
 Source2: btest402.js
 # The binary data that icu-small can use to get icu-full capability
-Source3: https://github.com/unicode-org/icu/releases/download/release-%{icu_major}-%{icu_minor}/icu4c-%{icu_major}_%{icu_minor}-data-bin-b.zip
-Source4: https://github.com/unicode-org/icu/releases/download/release-%{icu_major}-%{icu_minor}/icu4c-%{icu_major}_%{icu_minor}-data-bin-l.zip
+Source3: https://github.com/unicode-org/icu/releases/download/release-%{icu_major}.%{icu_minor}/icu4c-%{icu_major}.%{icu_minor}-data-bin-b.zip
+Source4: https://github.com/unicode-org/icu/releases/download/release-%{icu_major}.%{icu_minor}/icu4c-%{icu_major}.%{icu_minor}-data-bin-l.zip
 Source200: nodejs-tarball.sh
 Source201: npmrc.builtin.in
 Source202: nodejs.pc.in
 Source203: v8.pc.in
 Source204: nodejs22_abi.req
 Source205: nodejs22_abi.attr
+Source300: test-runner.sh
+Source301: test-should-pass.txt
 
 Patch: 0001-Remove-unused-OpenSSL-config.patch
+Patch: 0001-fips-disable-options.patch
+Patch: 0001-deps-update-nghttp2-to-1.68.1.patch
+Patch: 0001-CVE-2026-25547-braces-expansion.patch
 
 %if 0%{?nodejs_default}
 %global pkgname nodejs
@@ -345,14 +360,14 @@ Provides: bundled(ada) = 2.9.2
 
 # undici and cjs-module-lexer ship with pre-built WASM binaries.
 %if %{with bundled_cjs_module_lexer}
-Provides: bundled(nodejs-cjs-module-lexer) = 1.4.1
+Provides: bundled(nodejs-cjs-module-lexer) = 2.2.0
 %else
 BuildRequires: nodejs-cjs-module-lexer
 Requires: nodejs-cjs-module-lexer
 %endif
 
 %if %{with bundled_undici}
-Provides: bundled(nodejs-undici) = 6.21.1
+Provides: bundled(nodejs-undici) = 6.24.1
 %else
 BuildRequires: nodejs-undici
 Requires: nodejs-undici
@@ -401,8 +416,10 @@ Provides: nodejs-devel = %{nodejs_envr}
 %endif
 %unversioned_obsoletes_of_nodejsXX_if_default devel
 
-Provides: nodejs-devel-pkg = %{nodejs_envr}
+Provides: alternative-for(nodejs-devel) = %{nodejs_envr}
+Conflicts: alternative-for(nodejs-devel)
 Conflicts: nodejs-devel-pkg
+ # previously VP used for the same reason as alternative-for() above
 
 
 %description -n %{pkgname}-devel
@@ -592,6 +609,7 @@ export PATH="${cwd}/.bin:$PATH"
            --ninja \
            --enable-lto \
            --prefix=%{_prefix} \
+           --use-prefix-to-find-headers \
            --shared \
            --libdir=%{_lib} \
            %{ssl_configure} \
@@ -643,12 +661,16 @@ chrpath --delete %{buildroot}%{_bindir}/node
 # Rename the node binary
 mv %{buildroot}%{_bindir}/node %{buildroot}%{_bindir}/node-%{nodejs_pkg_major}
 
-# Adjust the npm binaries
-# 1. Replace all hasbangs with versioned ones
-grep --extended-regexp --files-with-matches --recursive \
-    '^#!/usr/bin/(env )?node($|[[:space:]])+' '%{buildroot}%{nodejs_private_sitelib}/npm/bin' \
-| xargs sed --in-place --regexp-extended \
-    's;^#!/usr/bin/(env )?node($|[[:space:]])+;#!/usr/bin/node-%{nodejs_pkg_major};'
+# Adjust npm binaries
+# 1. Replace all hashbangs with versioned ones
+readonly NPM_DIR="%{buildroot}%{nodejs_private_sitelib}/npm"
+readonly SHEBANG_ERE='^#!/usr/bin/(env\s+)?node\b'
+readonly SHEBANG_FIX='#!%{_bindir}/node-%{nodejs_pkg_major}'
+readonly -a npm_bin_dirs=("${NPM_DIR}/bin" "${NPM_DIR}/node_modules")
+
+find "${npm_bin_dirs[@]}" -type f \
+| xargs grep --extended-regexp --files-with-matches "${SHEBANG_ERE}" \
+| xargs sed --regexp-extended --in-place "s;${SHEBANG_ERE};${SHEBANG_FIX};"
 
 # 2. Replace original links with the adjusted ones
 for bin in npm npx; do
@@ -669,6 +691,13 @@ ln -srf %{buildroot}%{_bindir}/npx-%{nodejs_pkg_major} \
         %{buildroot}%{_bindir}/npx
 %endif
 
+# Fix shell scripts that call 'node' as command
+readonly -a known_shell_scripts=(
+    "${NPM_DIR}/bin/node-gyp-bin/node-gyp"
+    "${NPM_DIR}/node_modules/@npmcli/run-script/lib/node-gyp-bin/node-gyp"
+)
+sed --regexp-extended --in-place 's;\bnode(\s);%{_bindir}/node-%{nodejs_pkg_major}\1;' "${known_shell_scripts[@]}"
+
 # Install library symlink
 ln -srf %{buildroot}%{_libdir}/libnode.so.%{nodejs_soversion} \
         %{buildroot}%{_libdir}/libnode.so
@@ -762,11 +791,6 @@ find %{buildroot}%{nodejs_private_sitelib}/npm \
 chmod 0755 %{buildroot}%{nodejs_private_sitelib}/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin/node-gyp
 chmod 0755 %{buildroot}%{nodejs_private_sitelib}/npm/node_modules/node-gyp/bin/node-gyp.js
 
-# Set the hashbang to use the matching Node.js interpreter
-sed --in-place --regexp-extended \
-    's;^#!/usr/bin/env node($|\ |\t)+;#!/usr/bin/node-%{nodejs_pkg_major};g' \
-    %{buildroot}%{nodejs_private_sitelib}/npm/node_modules/node-gyp/bin/node-gyp.js
-
 # Drop the NPM builtin configuration in place
 sed -e 's#@SYSCONFDIR@#%{_sysconfdir}#g' \
     %{SOURCE201} > %{buildroot}%{nodejs_private_sitelib}/npm/npmrc
@@ -807,6 +831,13 @@ install -Dpm0644 %{SOURCE204} %{buildroot}%{_rpmconfigdir}/fileattrs/nodejs%{nod
 
 
 %check
+#run unit test that should pass from list
+LD_LIBRARY_PATH=%{buildroot}%{_libdir} \
+  bash %{SOURCE300} \
+       %{buildroot}/%{_bindir}/node-%{nodejs_pkg_major} \
+       %{_builddir}/node-v%{nodejs_version}/test/ \
+       %{SOURCE301}
+
 # Fail the build if the versions don't match
 LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}/%{_bindir}/node-%{nodejs_pkg_major} -e "require('assert').equal(process.versions.node, '%{nodejs_version}')"
 LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}/%{_bindir}/node-%{nodejs_pkg_major} -e "require('assert').equal(process.versions.v8.replace(/-node\.\d+$/, ''), '%{v8_version}')"
@@ -942,4 +973,94 @@ end
 
 
 %changelog
-%autochangelog
+## START: Generated by rpmautospec
+* Mon Mar 30 2026 Andrei Radchenko <aradchen@redhat.com> - 1:22.22.2-1
+- Update to version 22.22.2
+- introduced patch updating deps/nghttp2 to v 1.68.1 for CVE-2026-27135
+- disabled failing tests in nghttp2 due to newer version
+- patch for npm/braces CVE-2026-25547
+
+* Wed Mar 25 2026 Andrei Radchenko <aradchen@redhat.com> - 1:22.22.0-4
+- sources: changed ICU version syntax
+
+* Tue Jan 20 2026 Andrei Radchenko <aradchen@redhat.com> - 1:22.22.0-3
+- Bump release to get correct RHEL build
+
+* Fri Jan 16 2026 tjuhasz <tjuhasz@redhat.com> - 1:22.22.0-2
+- Filter for nodejs22.fmf in gating plan
+
+* Wed Jan 14 2026 tjuhasz <tjuhasz@redhat.com> - 1:22.22.0-1
+- Update to 22.22.0
+
+* Thu Dec 04 2025 tjuhasz <tjuhasz@redhat.com> - 1:22.19.0-3
+- Unit-tests adjustment - disable internet/test-dgram-membership
+
+* Wed Sep 03 2025 tjuhasz <tjuhasz@redhat.com> - 1:22.19.0-2
+- Add patch to prevent fips usage segfault
+
+* Fri Aug 29 2025 Andrei Radchenko <aradchen@redhat.com> - 1:22.19.0-1
+- Update to version 22.19.0
+
+* Fri Aug 29 2025 Andrei Radchenko <aradchen@redhat.com> - 1:22.16.0-6
+- configure.py: use local headers for building native addons when available
+
+* Fri Aug 29 2025 Andrei Radchenko <aradchen@redhat.com> - 1:22.16.0-5
+- spec: fix node binary calls to use versioned binary
+
+* Wed Aug 20 2025 Andrei Radchenko <aradchen@redhat.com> - 1:22.16.0-4
+- Test plan adjustments
+
+* Thu Jul 31 2025 Andrei Radchenko <aradchen@redhat.com> - 1:22.16.0-3
+- spec: devel packages explicitly conflicts
+
+* Fri Jun 20 2025 tjuhasz <tjuhasz@redhat.com> - 1:22.16.0-2
+- Add rpminspect config to repo
+
+* Tue May 27 2025 Andrei Radchenko <aradchen@redhat.com> - 1:22.16.0-1
+- Update to version 22.16.0
+
+* Tue May 20 2025 tjuhasz <tjuhasz@redhat.com> - 1:22.15.0-3
+- Make grep Source stricter in nodejs-tarball
+
+* Tue May 20 2025 tjuhasz <tjuhasz@redhat.com> - 1:22.15.0-2
+- Add unit-test during build for nodejs22
+
+* Thu Apr 24 2025 tjuhasz <tjuhasz@redhat.com> - 1:22.15.0-1
+- Update to version 22.15.0
+
+* Tue Apr 22 2025 tjuhasz <tjuhasz@redhat.com> - 1:22.13.1-6
+- Update c-ares with fix for CVE-2025-31498
+
+* Thu Mar 06 2025 Jan Staněk <jstanek@redhat.com> - 1:22.13.1-5
+- Revert "Generate only versioned rpms"
+
+* Tue Feb 25 2025 Jan Staněk <jstanek@redhat.com> - 1:22.13.1-4
+- Use stream-specific ABI dependency generator
+
+* Tue Feb 18 2025 Jan Staněk <jstanek@redhat.com> - 1:22.13.1-3
+- Generate only versioned rpms
+
+* Thu Feb 13 2025 Jan Staněk <jstanek@redhat.com> - 1:22.13.1-2
+- Add upper bound to unversioned obsoletes
+
+* Mon Jan 27 2025 Tomas Juhasz <tjuhasz@redhat.com> - 1:22.13.1-1
+- Updated to version 22.13.1
+
+* Mon Jan 27 2025 Jan Staněk <jstanek@redhat.com> - 1:22.11.0-2
+- Fix npm hashbang replacement
+
+* Tue Nov 19 2024 Jan Staněk <jstanek@redhat.com> - 1:22.11.0-1
+- Update to version 22.11.0 (LTS)
+
+* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1:22.4.1-4
+- Bump release for October 2024 mass rebuild:
+
+* Wed Aug 14 2024 Jan Staněk <jstanek@redhat.com> - 1:22.4.1-3
+- make this stream the default for RHEL 10
+
+* Wed Aug 07 2024 Jakub Heger <jheger@redhat.com> - 1:22.4.1-2
+- enable gating
+
+* Tue Aug 06 2024 Jan Staněk <jstanek@redhat.com> - 1:22.4.1-1
+- Import SRPM from Fedora
+## END: Generated by rpmautospec

plans/centos-stream.fmf

@@ -1,15 +0,0 @@
----
-summary: Package test suite
-discover:
-  how: fmf
-  url: https://gitlab.com/redhat/centos-stream/tests/nodejs
-environment:
-  NODEJS_MAIN_PACKAGE: nodejs22
-  NODEJS_BIN: /usr/bin/node-22
-prepare:
-  - name: install tested package
-    how: install
-    package: '${NODEJS_MAIN_PACKAGE}'
-execute:
-  how: tmt
-...

plans/tier1-internal.fmf

@@ -1,10 +0,0 @@
-summary: Internal Tier1 tests plan
-discover:
-    how: fmf
-    filter: 'tier: 1'
-    url: https://pkgs.devel.redhat.com/git/tests/nodejs
-execute:
-    how: tmt
-adjust:
-    enabled: false
-    when: distro == centos-stream or distro == fedora

sources

@@ -1,3 +1,3 @@
-SHA512 (node-v22.13.1-stripped.tar.gz) = 0e38b017a4dbc2532287e582d0492eaef6971db987722f5497e1d0875e83f1d0ab00c5d31b6842692f07538e49bdaada8cd997af2b200f4b7f47378fcb81c4ee
-SHA512 (icu4c-76_1-data-bin-b.zip) = 098326fbb0f4a1b70a314985cbe6918f3fec94feb17236dcf8efbc516e139294ec96ae49210e11ee40f4de1ac6977e939cbfd6087009be057b8a60d3ad01daad
-SHA512 (icu4c-76_1-data-bin-l.zip) = 1359ff28bad54f73fe29cc5c4fffb4c11c64399ddcc39bea2ee60b5d3672e7f79546a2255d604474cbd861791c11e62eb50bcecc0cf2cf9a7ece59180e8520fc
+SHA512 (icu4c-78.2-data-bin-b.zip) = 032a1e519bf92dfa7936ef85ebed697550dbcb4e32c6ecd28ffecb158a403eeff6c0a3545b2551eba73f288e31693be6880e202a38cd86c129dffa395e8ab625
+SHA512 (icu4c-78.2-data-bin-l.zip) = c0b46de115332940d3276763904caa6257eb516edce4382632f4b96a5b010fee4cb06a5e10ef5eee2f881515c1ee8277d9ae59015f6de6fe1d175b9d00dbb1ca
+SHA512 (node-v22.22.2-stripped.tar.gz) = 82c3357cce10a3fe89373ec4e3460af5992d853f28a7339358a3f910959e7b17987c8eb1748d9c3033d4c642701d321e2265cc0ac004a218860da4eda2971226

test-runner.sh

@@ -0,0 +1,59 @@
+#!/bin/bash
+	
+NODE_BIN="$1"
+PARENT_TEST_FOLDER="$2"
+TEST_LIST_FILE="$3"
+
+# At most 10 min per test
+TIMEOUT_DURATION=600
+# Exit code
+FINAL_RESULT=0 	
+ARCH=$(uname -m)
+
+echo "Started test run:"
+# Run the list of test
+while IFS= read -r test_line; do
+  # ignore commented lines
+  if [[ "$test_line" =~ ^# ]]; then
+    continue
+  fi
+  # If test has specified ARCH which it should be skipped
+  # Extract it
+  TEST_PATH=$(echo "$test_line" | awk '{print $1}')
+  IGNORE_ARCHES=$(echo "$test_line" |\
+    awk '{for (i=2; i<=NF; i++) printf "%s ", $i; print ""}')
+  
+  # Skip test for specified ARCH
+  for ARCH_IGNORE in $IGNORE_ARCHES; do
+    if [[ "$ARCH_IGNORE" == "$ARCH" ]]; then
+      continue 2  
+    fi
+  done
+  
+  # Construct test path
+  TEST_SCRIPT="$PARENT_TEST_FOLDER/$TEST_PATH"
+
+  if [ ! -f "$TEST_SCRIPT" ]; then
+    continue
+  fi
+
+  TEST_OUTPUT=$(timeout "$TIMEOUT_DURATION" "$NODE_BIN" "$TEST_SCRIPT" 2>&1)
+  TEST_RESULT=$?
+
+  # Handle test result
+  if [ $TEST_RESULT -ne 0 ]; then
+    FINAL_RESULT=1
+    if [ $TEST_RESULT -eq 124 ]; then
+      echo "Test timed out: $TEST_SCRIPT"
+    else
+      echo "Test failed: $TEST_SCRIPT"
+    fi
+    echo "Test failure message:"
+    echo "$TEST_OUTPUT"
+  fi
+done < "$TEST_LIST_FILE"
+
+if [ $FINAL_RESULT -eq 0 ]; then
+    echo "All tests succesfully passed."
+fi
+exit $FINAL_RESULT