import CS nodejs22-22.13.1-4.el10

.fmf/version

@@ -1 +0,0 @@
-1

.gitignore

@@ -1,4 +1,3 @@
-/icu4c-*-data-bin-?.zip
-/node-*-stripped.tar.gz
-/SHASUM*
-/node*src.rpm
+icu4c-76_1-data-bin-b.zip
+icu4c-76_1-data-bin-l.zip
+node-v22.13.1-stripped.tar.gz

0001-CVE-2026-25547-braces-expansion.patch

@@ -1,102 +0,0 @@
-From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
-From: tjuhasz <tjuhasz@redhat.com>
-Date: Tue, 25 Feb 2026 14:21:26 +0100
-Subject: [PATCH] CVE-2026-25547: Fix brace expansion vulnerability
-
-Add expansion limit to prevent DoS attacks through excessive
-brace expansion in the brace-expansion module.
-
----
- deps/npm/node_modules/brace-expansion/index.js | 20 ++++++++++++--------
- 1 file changed, 12 insertions(+), 8 deletions(-)
-
-diff --git a/deps/npm/node_modules/brace-expansion/index.js b/deps/npm/node_modules/brace-expansion/index.js
---- a/deps/npm/node_modules/brace-expansion/index.js	2026-01-12 23:55:24.000000000 +0100
-+++ b/deps/npm/node_modules/brace-expansion/index.js	2026-02-25 14:21:26.829483831 +0100
-@@ -8,6 +8,8 @@
- var escComma = '\0COMMA'+Math.random()+'\0';
- var escPeriod = '\0PERIOD'+Math.random()+'\0';
- 
-+const EXPANSION_MAX = 100_000;
-+
- function numeric(str) {
-   return parseInt(str, 10) == str
-     ? parseInt(str, 10)
-@@ -61,9 +63,11 @@
-   return parts;
- }
- 
--function expandTop(str) {
-+function expandTop(str, options = {}) {
-   if (!str)
-     return [];
-+  
-+  const { max = EXPANSION_MAX } = options;
- 
-   // I don't know why Bash 4.3 does this, but it does.
-   // Anything starting with {} will have the first two bytes preserved
-@@ -75,7 +79,7 @@
-     str = '\\{\\}' + str.substr(2);
-   }
- 
--  return expand(escapeBraces(str), true).map(unescapeBraces);
-+  return expand(escapeBraces(str), max, true).map(unescapeBraces);
- }
- 
- function embrace(str) {
-@@ -92,7 +96,7 @@
-   return i >= y;
- }
- 
--function expand(str, isTop) {
-+function expand(str, max, isTop) {
-   var expansions = [];
- 
-   var m = balanced('{', '}', str);
-@@ -101,11 +105,11 @@
-   // no need to expand pre, since it is guaranteed to be free of brace-sets
-   var pre = m.pre;
-   var post = m.post.length
--    ? expand(m.post, false)
-+    ? expand(m.post, max, false)
-     : [''];
- 
-   if (/\$$/.test(m.pre)) {
--    for (var k = 0; k < post.length; k++) {
-+    for (var k = 0; k < post.length && k < max; k++) {
-       var expansion = pre+ '{' + m.body + '}' + post[k];
-       expansions.push(expansion);
-     }
-@@ -118,7 +122,7 @@
-       // {a},b}
-       if (m.post.match(/,(?!,).*\}/)) {
-         str = m.pre + '{' + m.body + escClose + m.post;
--        return expand(str);
-+        return expand(str, max, true);
-       }
-       return [str];
-     }
-@@ -130,7 +134,7 @@
-       n = parseCommaParts(m.body);
-       if (n.length === 1) {
-         // x{{a,b}}y ==> x{a}y x{b}y
--        n = expand(n[0], false).map(embrace);
-+        n = expand(n[0], max, false).map(embrace);
-         if (n.length === 1) {
-           return post.map(function(p) {
-             return m.pre + n[0] + p;
-@@ -185,12 +189,12 @@
-       N = [];
- 
-       for (var j = 0; j < n.length; j++) {
--        N.push.apply(N, expand(n[j], false));
-+        N.push.apply(N, expand(n[j], max, false));
-       }
-     }
- 
-     for (var j = 0; j < N.length; j++) {
--      for (var k = 0; k < post.length; k++) {
-+      for (var k = 0; k < post.length && expansions.length < max; k++) {
-         var expansion = pre + N[j] + post[k];
-         if (!isTop || isSequence || expansion)
-           expansions.push(expansion);

0001-fips-disable-options.patch

@@ -1,84 +0,0 @@
-From 98738d27288bd9ca634e29181ef665e812e7bbd3 Mon Sep 17 00:00:00 2001
-From: Michael Dawson <midawson@redhat.com>
-Date: Fri, 23 Feb 2024 13:43:56 +0100
-Subject: [PATCH] Disable FIPS options
-
-On RHEL, FIPS should be configured only on system level.
-Additionally, the related options may cause segfault when used on RHEL.
-
-This patch causes the option processing to end sooner
-than the problematic code gets executed.
-Additionally, the JS-level options to mess with FIPS settings
-are similarly disabled.
-
-Upstream report: https://github.com/nodejs/node/pull/48950
-RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=2226726
----
- lib/crypto.js             | 10 ++++++++++
- lib/internal/errors.js    |  6 ++++++
- src/crypto/crypto_util.cc |  2 ++
- 3 files changed, 18 insertions(+)
-
-diff --git a/lib/crypto.js b/lib/crypto.js
-index 41adecc..b2627ac 100644
---- a/lib/crypto.js
-+++ b/lib/crypto.js
-@@ -36,7 +36,10 @@ const {
- assertCrypto();
-
- const {
-+  // RHEL specific error
-+  ERR_CRYPTO_FIPS_SYSTEM_CONTROLLED,
-+
-   ERR_CRYPTO_FIPS_FORCED,
-   ERR_WORKER_UNSUPPORTED_OPERATION,
- } = require('internal/errors').codes;
- const constants = internalBinding('constants').crypto;
-@@ -251,6 +254,13 @@ function getFips() {
- }
- 
- function setFips(val) {
-+  // in RHEL FIPS enable/disable should only be done at system level
-+  if (getFips() != val) {
-+    throw new ERR_CRYPTO_FIPS_SYSTEM_CONTROLLED();
-+  } else {
-+    return;
-+  }
-+
-   if (getOptionValue('--force-fips')) {
-     if (val) return;
-     throw new ERR_CRYPTO_FIPS_FORCED();
-diff --git a/lib/internal/errors.js b/lib/internal/errors.js
-index a722360..04d8a53 100644
---- a/lib/internal/errors.js
-+++ b/lib/internal/errors.js
-@@ -1111,6 +1111,12 @@ module.exports = {
- //
- // Note: Node.js specific errors must begin with the prefix ERR_
- 
-+// insert RHEL specific erro
-+E('ERR_CRYPTO_FIPS_SYSTEM_CONTROLLED',
-+  'Cannot set FIPS mode. FIPS should be enabled/disabled at system level. See' +
-+  'https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_installing-the-system-in-fips-mode_security-hardening for more details.\n',
-+  Error);
-+
- E('ERR_ACCESS_DENIED',
-   function(msg, permission = '', resource = '') {
-     this.permission = permission;
-diff --git a/src/crypto/crypto_util.cc b/src/crypto/crypto_util.cc
-index 5734d8f..ef9d1b1 100644
---- a/src/crypto/crypto_util.cc
-+++ b/src/crypto/crypto_util.cc
-@@ -121,6 +121,8 @@ bool ProcessFipsOptions() {
-   /* Override FIPS settings in configuration file, if needed. */
-   if (per_process::cli_options->enable_fips_crypto ||
-       per_process::cli_options->force_fips_crypto) {
-+      fprintf(stderr, "ERROR: Using options related to FIPS is not recommended, configure FIPS in openssl instead. See https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_installing-the-system-in-fips-mode_security-hardening for more details.\n");
-+      return false;
- #if OPENSSL_VERSION_MAJOR >= 3
-     OSSL_PROVIDER* fips_provider = OSSL_PROVIDER_load(nullptr, "fips");
-     if (fips_provider == nullptr)
--- 
-2.43.2
-
-

gating.yaml

@@ -1,6 +0,0 @@
---- !Policy
-product_versions:
-  - rhel-10
-decision_context: osci_compose_gate
-rules:
-  - !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}

nodejs-tarball.sh

@@ -108,7 +108,7 @@ echo $_arg_version
 if [ x$_arg_version != x ]; then
     version=$_arg_version
 else
-    version=$(rpm -q --specfile --qf='%{version}\n' nodejs*.spec | head -n1)
+    version=$(rpm -q --specfile --qf='%{version}\n' nodejs.spec | head -n1)
 fi
 
 rm -f node-v${version}.tar.gz node-v${version}-stripped.tar.gz
@@ -120,11 +120,11 @@ rm -rf node-v${version}/deps/openssl
 tar -zcf node-v${version}-stripped.tar.gz node-v${version}
 
 # Download the ICU binary data files
-ICU_MAJOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\).\([[:digit:]]\+\).*/\1/g')
-ICU_MINOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\).\([[:digit:]]\+\).*/\2/g')
-rm -Rf icu4c-${ICU_MAJOR}.${ICU_MINOR}-data-bin-*.zip
-wget $(grep -w 'Source3' nodejs22.spec | sed --expression="s/.*http/http/g" --expression="s/\(\%{icu_major}\)/${ICU_MAJOR}/g" --expression="s/\(\%{icu_minor}\)/${ICU_MINOR}/g")
-wget $(grep -w 'Source4' nodejs22.spec | sed --expression="s/.*http/http/g" --expression="s/\(\%{icu_major}\)/${ICU_MAJOR}/g" --expression="s/\(\%{icu_minor}\)/${ICU_MINOR}/g")
+ICU_MAJOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\)-\([[:digit:]]\+\).*/\1/g')
+ICU_MINOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\)-\([[:digit:]]\+\).*/\2/g')
+rm -Rf icu4c-${ICU_MAJOR}_${ICU_MINOR}-data-bin-*.zip
+wget $(grep Source3 nodejs.spec | sed --expression="s/.*http/http/g" --expression="s/\(\%{icu_major}\)/${ICU_MAJOR}/g" --expression="s/\(\%{icu_minor}\)/${ICU_MINOR}/g")
+wget $(grep Source4 nodejs.spec | sed --expression="s/.*http/http/g" --expression="s/\(\%{icu_major}\)/${ICU_MAJOR}/g" --expression="s/\(\%{icu_minor}\)/${ICU_MINOR}/g")
 
 #fedpkg new-sources node-v${version}-stripped.tar.gz icu4c*-src.tgz
 
@@ -194,8 +194,8 @@ echo $NGTCP2_VERSION
 echo
 echo "ICU"
 echo "========================="
-ICU_MAJOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\).\([[:digit:]]\+\).*/\1/g')
-ICU_MINOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\).\([[:digit:]]\+\).*/\2/g')
+ICU_MAJOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\)-\([[:digit:]]\+\).*/\1/g')
+ICU_MINOR=$(jq -r '.[0].url' node-v${version}/tools/icu/current_ver.dep | sed --expression='s/.*release-\([[:digit:]]\+\)-\([[:digit:]]\+\).*/\2/g')
 echo "${ICU_MAJOR}.${ICU_MINOR}"
 echo
 echo "simdutf"

nodejs22.spec

@@ -1,11 +1,17 @@
+## START: Set by rpmautospec
+## (rpmautospec version 0.6.5)
+## RPMAUTOSPEC: autorelease, autochangelog
+%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
+    release_number = 4;
+    base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
+    print(release_number + base_release_number - 1);
+}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
+## END: Set by rpmautospec
+
 # Determine if this should be the default version for this Fedora release
 # The default version will own /usr/bin/node and friends
 %global nodejs_pkg_major 22
 
-%if 0%{?fedora} == 41 || 0%{?fedora} == 42 || 0%{?rhel} == 10
-%global nodejs_default %{nodejs_pkg_major}
-%endif
-
 %global nodejs_default_sitelib %{_prefix}/lib/node_modules
 %global nodejs_private_sitelib %{nodejs_default_sitelib}_%{nodejs_pkg_major}
 
@@ -52,8 +58,8 @@
 # than a Fedora release lifecycle.
 %global nodejs_epoch 1
 %global nodejs_major 22
-%global nodejs_minor 22
-%global nodejs_patch 2
+%global nodejs_minor 13
+%global nodejs_patch 1
 # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
 %global nodejs_soversion 127
 %global nodejs_abi %{nodejs_soversion}
@@ -80,26 +86,26 @@
 
 # c-ares - from deps/cares/include/ares_version.h
 # https://github.com/nodejs/node/pull/9332
-%global c_ares_version 1.34.6
+%global c_ares_version 1.34.4
 
 # llhttp - from deps/llhttp/include/llhttp.h
-%global llhttp_version 9.3.0
+%global llhttp_version 9.2.1
 
 # libuv - from deps/uv/include/uv/version.h
-%global libuv_version 1.51.0
+%global libuv_version 1.49.2
 
 # nghttp2 - from deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
-%global nghttp2_version 1.68.1
+%global nghttp2_version 1.64.0
 
 # nghttp3 - from deps/ngtcp2/nghttp3/lib/includes/nghttp3/version.h
 %global nghttp3_version 1.6.0
 
 # ngtcp2 from deps/ngtcp2/ngtcp2/lib/includes/ngtcp2/version.h
-%global ngtcp2_version 1.11.0
+%global ngtcp2_version 1.9.1
 
 # ICU - from tools/icu/current_ver.dep
-%global icu_major 78
-%global icu_minor 2
+%global icu_major 76
+%global icu_minor 1
 %global icu_version %{icu_major}.%{icu_minor}
 
 %global icudatadir %{nodejs_datadir}/icudata
@@ -107,7 +113,7 @@
 # " this line just fixes syntax highlighting for vim that is confused by the above and continues literal
 
 # simdutf from deps/simdutf/simdutf.h
-%global simdutf_version 6.4.2
+%global simdutf_version 5.6.4
 
 # OpenSSL minimum version
 %global openssl11_minimum 1:1.1.1
@@ -120,7 +126,7 @@
 
 # npm - from deps/npm/package.json
 %global npm_epoch 1
-%global npm_version 10.9.7
+%global npm_version 10.9.2
 
 # In order to avoid needing to keep incrementing the release version for the
 # main package forever, we will just construct one for npm that is guaranteed
@@ -131,13 +137,13 @@
 %global npm_envr %{npm_epoch}:%{npm_version}-%{npm_release}
 
 # uvwasi - from deps/uvwasi/include/uvwasi.h
-%global uvwasi_version 0.0.23
+%global uvwasi_version 0.0.21
 
 # histogram_c - assumed from timestamps
-%global histogram_version 0.11.9
+%global histogram_version 0.9.7
 
 # sqlite – from deps/sqlite/sqlite3.h
-%global sqlite_version 3.51.2
+%global sqlite_version 3.47.2
 
 
 Name: nodejs%{nodejs_pkg_major}
@@ -159,21 +165,16 @@ Source0: node-v%{nodejs_version}-stripped.tar.gz
 Source1: npmrc
 Source2: btest402.js
 # The binary data that icu-small can use to get icu-full capability
-Source3: https://github.com/unicode-org/icu/releases/download/release-%{icu_major}.%{icu_minor}/icu4c-%{icu_major}.%{icu_minor}-data-bin-b.zip
-Source4: https://github.com/unicode-org/icu/releases/download/release-%{icu_major}.%{icu_minor}/icu4c-%{icu_major}.%{icu_minor}-data-bin-l.zip
+Source3: https://github.com/unicode-org/icu/releases/download/release-%{icu_major}-%{icu_minor}/icu4c-%{icu_major}_%{icu_minor}-data-bin-b.zip
+Source4: https://github.com/unicode-org/icu/releases/download/release-%{icu_major}-%{icu_minor}/icu4c-%{icu_major}_%{icu_minor}-data-bin-l.zip
 Source200: nodejs-tarball.sh
 Source201: npmrc.builtin.in
 Source202: nodejs.pc.in
 Source203: v8.pc.in
 Source204: nodejs22_abi.req
 Source205: nodejs22_abi.attr
-Source300: test-runner.sh
-Source301: test-should-pass.txt
 
 Patch: 0001-Remove-unused-OpenSSL-config.patch
-Patch: 0001-fips-disable-options.patch
-Patch: 0001-deps-update-nghttp2-to-1.68.1.patch
-Patch: 0001-CVE-2026-25547-braces-expansion.patch
 
 %if 0%{?nodejs_default}
 %global pkgname nodejs
@@ -227,20 +228,15 @@ BuildRequires:  pkgconfig(sqlite3) >= 3.45.0
 
 %if 0%{?nodejs_default}
 Provides: nodejs = %{nodejs_envr}
-# To keep the upgrade path clean, we Obsolete nodejsXX from the nodejs
-# package and nodejsXX-foo from individual subpackages.
-# Note that using Obsoletes without package version is not standard practice.
-# Here we assert that *any* version of the system's default interpreter is
-# preferable to an "extra" interpreter. For example, nodejs-20.5.0 will
-# replace nodejs20-20.6.0.
-%define unversioned_obsoletes_of_nodejsXX_if_default() %{expand:\
-Obsoletes: nodejs%{nodejs_pkg_major}%{?1:-%{1}} < %{nodejs_envr}\
-Provides: nodejs%{nodejs_pkg_major}%{?1:-%{1}} = %{nodejs_envr}\
-}
-%else
-%define unversioned_obsoletes_of_nodejsXX_if_default() %{nil}
 %endif
 
+# RHEL-10: obsolete packages with the unversioned names;
+# we do not want a default stream at all.
+# The default version is set to the last version shipped in default stream
+%define obsolete_default_stream_package() %{expand:\
+Obsoletes: nodejs%{?1:-%{1}} < %{?2}%{!?2:22.13.1-2}
+}
+
 %if %{with bundled}
 Provides:      bundled(libuv) = %{libuv_version}
 %else
@@ -350,21 +346,21 @@ Provides: bundled(ada) = 2.9.2
 
 # undici and cjs-module-lexer ship with pre-built WASM binaries.
 %if %{with bundled_cjs_module_lexer}
-Provides: bundled(nodejs-cjs-module-lexer) = 2.2.0
+Provides: bundled(nodejs-cjs-module-lexer) = 1.4.1
 %else
 BuildRequires: nodejs-cjs-module-lexer
 Requires: nodejs-cjs-module-lexer
 %endif
 
 %if %{with bundled_undici}
-Provides: bundled(nodejs-undici) = 6.24.1
+Provides: bundled(nodejs-undici) = 6.21.1
 %else
 BuildRequires: nodejs-undici
 Requires: nodejs-undici
 %endif
 
 
-%unversioned_obsoletes_of_nodejsXX_if_default
+%obsolete_default_stream_package
 
 
 %description
@@ -375,16 +371,6 @@ makes it lightweight and efficient, perfect for data-intensive \
 real-time applications that run across distributed devices.}
 
 
-%if 0%{?nodejs_default}
-%description -n %{pkgname}
-Node.js is a platform built on Chrome's JavaScript runtime \
-for easily building fast, scalable network applications. \
-Node.js uses an event-driven, non-blocking I/O model that \
-makes it lightweight and efficient, perfect for data-intensive \
-real-time applications that run across distributed devices.}
-%endif
-
-
 %package -n %{pkgname}-devel
 Summary: JavaScript runtime - development headers
 Group: Development/Languages
@@ -404,12 +390,10 @@ Requires: libuv-devel%{?_isa}
 %if 0%{?nodejs_default}
 Provides: nodejs-devel = %{nodejs_envr}
 %endif
-%unversioned_obsoletes_of_nodejsXX_if_default devel
+%obsolete_default_stream_package devel
 
-Provides: alternative-for(nodejs-devel) = %{nodejs_envr}
-Conflicts: alternative-for(nodejs-devel)
+Provides: nodejs-devel-pkg = %{nodejs_envr}
 Conflicts: nodejs-devel-pkg
- # previously VP used for the same reason as alternative-for() above
 
 
 %description -n %{pkgname}-devel
@@ -436,7 +420,7 @@ Provides: v8%{?_isa} = %{v8_epoch}:%{v8_version}-%{nodejs_release}
 Obsoletes: v8 < 1:6.7.17-10
 
 Provides: nodejs-libs = %{nodejs_envr}
-%unversioned_obsoletes_of_nodejsXX_if_default libs
+%obsolete_default_stream_package libs
 
 %description -n %{pkgname}-libs
 Libraries to support Node.js and provide stable v8 interfaces.
@@ -446,7 +430,7 @@ Libraries to support Node.js and provide stable v8 interfaces.
 Summary: Non-English locale data for Node.js
 Requires: %{pkgname}%{?_isa} = %{nodejs_envr}
 
-%unversioned_obsoletes_of_nodejsXX_if_default full-i18n
+%obsolete_default_stream_package full-i18n
 
 
 %description -n %{pkgname}-full-i18n
@@ -495,13 +479,11 @@ Provides: npm = %{npm_envr}
 
 # Obsolete the old 'npm' package
 Obsoletes: npm < 1:9
-
-# Obsolete others. We can't use %%unversioned_obsoletes_of_nodejsXX_if_default
-# here because the Provides: needs its own version
-Obsoletes: nodejs%{nodejs_pkg_major}-npm < %{npm_envr}
-Provides: nodejs%{nodejs_pkg_major}-npm = %{npm_envr}
 %endif
 
+# Obsolete latest version of default stream package.
+%obsolete_default_stream_package npm 10.9.2-1.22.13.1.2
+
 
 %description -n %{pkgname}-npm
 npm is a package manager for node.js. You can use it to install and publish
@@ -515,7 +497,7 @@ BuildArch: noarch
 Requires(meta): %{pkgname} = %{nodejs_envr}
 
 Provides: nodejs-docs = %{nodejs_envr}
-%unversioned_obsoletes_of_nodejsXX_if_default docs
+%obsolete_default_stream_package docs
 
 
 %description -n %{pkgname}-docs
@@ -599,7 +581,6 @@ export PATH="${cwd}/.bin:$PATH"
            --ninja \
            --enable-lto \
            --prefix=%{_prefix} \
-           --use-prefix-to-find-headers \
            --shared \
            --libdir=%{_lib} \
            %{ssl_configure} \
@@ -651,16 +632,12 @@ chrpath --delete %{buildroot}%{_bindir}/node
 # Rename the node binary
 mv %{buildroot}%{_bindir}/node %{buildroot}%{_bindir}/node-%{nodejs_pkg_major}
 
-# Adjust npm binaries
-# 1. Replace all hashbangs with versioned ones
-readonly NPM_DIR="%{buildroot}%{nodejs_private_sitelib}/npm"
-readonly SHEBANG_ERE='^#!/usr/bin/(env\s+)?node\b'
-readonly SHEBANG_FIX='#!%{_bindir}/node-%{nodejs_pkg_major}'
-readonly -a npm_bin_dirs=("${NPM_DIR}/bin" "${NPM_DIR}/node_modules")
-
-find "${npm_bin_dirs[@]}" -type f \
-| xargs grep --extended-regexp --files-with-matches "${SHEBANG_ERE}" \
-| xargs sed --regexp-extended --in-place "s;${SHEBANG_ERE};${SHEBANG_FIX};"
+# Adjust the npm binaries
+# 1. Replace all hasbangs with versioned ones
+grep --extended-regexp --files-with-matches --recursive \
+    '^#!/usr/bin/(env )?node($|[[:space:]])+' '%{buildroot}%{nodejs_private_sitelib}/npm/bin' \
+| xargs sed --in-place --regexp-extended \
+    's;^#!/usr/bin/(env )?node($|[[:space:]])+;#!/usr/bin/node-%{nodejs_pkg_major};'
 
 # 2. Replace original links with the adjusted ones
 for bin in npm npx; do
@@ -681,13 +658,6 @@ ln -srf %{buildroot}%{_bindir}/npx-%{nodejs_pkg_major} \
         %{buildroot}%{_bindir}/npx
 %endif
 
-# Fix shell scripts that call 'node' as command
-readonly -a known_shell_scripts=(
-    "${NPM_DIR}/bin/node-gyp-bin/node-gyp"
-    "${NPM_DIR}/node_modules/@npmcli/run-script/lib/node-gyp-bin/node-gyp"
-)
-sed --regexp-extended --in-place 's;\bnode(\s);%{_bindir}/node-%{nodejs_pkg_major}\1;' "${known_shell_scripts[@]}"
-
 # Install library symlink
 ln -srf %{buildroot}%{_libdir}/libnode.so.%{nodejs_soversion} \
         %{buildroot}%{_libdir}/libnode.so
@@ -781,6 +751,11 @@ find %{buildroot}%{nodejs_private_sitelib}/npm \
 chmod 0755 %{buildroot}%{nodejs_private_sitelib}/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin/node-gyp
 chmod 0755 %{buildroot}%{nodejs_private_sitelib}/npm/node_modules/node-gyp/bin/node-gyp.js
 
+# Set the hashbang to use the matching Node.js interpreter
+sed --in-place --regexp-extended \
+    's;^#!/usr/bin/env node($|\ |\t)+;#!/usr/bin/node-%{nodejs_pkg_major};g' \
+    %{buildroot}%{nodejs_private_sitelib}/npm/node_modules/node-gyp/bin/node-gyp.js
+
 # Drop the NPM builtin configuration in place
 sed -e 's#@SYSCONFDIR@#%{_sysconfdir}#g' \
     %{SOURCE201} > %{buildroot}%{nodejs_private_sitelib}/npm/npmrc
@@ -821,13 +796,6 @@ install -Dpm0644 %{SOURCE204} %{buildroot}%{_rpmconfigdir}/fileattrs/nodejs%{nod
 
 
 %check
-#run unit test that should pass from list
-LD_LIBRARY_PATH=%{buildroot}%{_libdir} \
-  bash %{SOURCE300} \
-       %{buildroot}/%{_bindir}/node-%{nodejs_pkg_major} \
-       %{_builddir}/node-v%{nodejs_version}/test/ \
-       %{SOURCE301}
-
 # Fail the build if the versions don't match
 LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}/%{_bindir}/node-%{nodejs_pkg_major} -e "require('assert').equal(process.versions.node, '%{nodejs_version}')"
 LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}/%{_bindir}/node-%{nodejs_pkg_major} -e "require('assert').equal(process.versions.v8.replace(/-node\.\d+$/, ''), '%{v8_version}')"
@@ -963,4 +931,34 @@ end
 
 
 %changelog
-%autochangelog
+## START: Generated by rpmautospec
+* Tue Feb 25 2025 Jan Staněk <jstanek@redhat.com> - 1:22.13.1-4
+- Use stream-specific ABI dependency generator
+
+* Tue Feb 18 2025 Jan Staněk <jstanek@redhat.com> - 1:22.13.1-3
+- Generate only versioned rpms
+
+* Thu Feb 13 2025 Jan Staněk <jstanek@redhat.com> - 1:22.13.1-2
+- Add upper bound to unversioned obsoletes
+
+* Mon Jan 27 2025 Tomas Juhasz <tjuhasz@redhat.com> - 1:22.13.1-1
+- Updated to version 22.13.1
+
+* Mon Jan 27 2025 Jan Staněk <jstanek@redhat.com> - 1:22.11.0-2
+- Fix npm hashbang replacement
+
+* Tue Nov 19 2024 Jan Staněk <jstanek@redhat.com> - 1:22.11.0-1
+- Update to version 22.11.0 (LTS)
+
+* Tue Oct 29 2024 Troy Dawson <tdawson@redhat.com> - 1:22.4.1-4
+- Bump release for October 2024 mass rebuild:
+
+* Wed Aug 14 2024 Jan Staněk <jstanek@redhat.com> - 1:22.4.1-3
+- make this stream the default for RHEL 10
+
+* Wed Aug 07 2024 Jakub Heger <jheger@redhat.com> - 1:22.4.1-2
+- enable gating
+
+* Tue Aug 06 2024 Jan Staněk <jstanek@redhat.com> - 1:22.4.1-1
+- Import SRPM from Fedora
+## END: Generated by rpmautospec

plans/centos-stream.fmf

@@ -1,23 +0,0 @@
----
-summary: Package test suite
-discover:
-  how: fmf
-  url: https://gitlab.com/redhat/centos-stream/tests/nodejs
-  filter: "component:nodejs22"
-environment:
-  NODEJS_MAIN_PACKAGE: nodejs22
-  NODEJS_DEVEL_PACKAGE: nodejs22-devel
-  NODEJS_BIN_PACKAGE: nodejs22-bin
-  NPM_BIN_PACKAGE: nodejs22-npm-bin
-  NODE_BIN: /usr/bin/node-22
-  NPM_BIN: /usr/bin/npm-22
-  NODE_INCLUDE_PATH: /usr/include/node
-prepare:
-  - name: install tested packages
-    how: install
-    package:
-        - ${NODEJS_MAIN_PACKAGE}
-        - ${NODEJS_DEVEL_PACKAGE}
-execute:
-  how: tmt
-...

plans/tier1-internal.fmf

@@ -1,10 +0,0 @@
-summary: Internal Tier1 tests plan
-discover:
-    how: fmf
-    filter: 'tier: 1 & component: nodejs:22'
-    url: https://pkgs.devel.redhat.com/git/tests/nodejs
-execute:
-    how: tmt
-adjust:
-    enabled: false
-    when: distro == centos-stream or distro == fedora

rpminspect.yaml

@@ -1,28 +0,0 @@
-# This check is disabled because rpminspect has issues with 
-# macro nesting and autorelease macro
-# which led to continuous need to waive or ignore the failure of the test
-# e.g:https://artifacts.dev.testing-farm.io/07049d23-04ed-451c-99f6-eed73e369d28/
-inspections:
-  disttag: off
-  
-# Multiple annochecks are disabled because they are creating Verify type failures
-annocheck:
-  extra_opts:
-    # Issue: https://github.com/nodejs/node/issues/40368
-    # skip test for link time optimalization 
-    # test fails because nodejs is compiled without LTO. 
-    # This is on purpose as it creates issues.
-    hardened: --skip-lto
-    #  Temporarily disabled
-    #  skip test for GNU Property notes formatting
-    #  test fails because it's missing CET notes
-    #  feature is unsopported by upstream
-    #  See RHEL-85793 for details
-    hardened: --skip-property-note
-    hardened: --skip-cf-protection
-    #  Temporarily disabled
-    # skip test for dynamic tags
-    # BTI_PLT protection feature is missing from dynamic tags
-    # libnode.so.127 lacks this feature
-    # See RHEL-85837 for details
-    hardened: --skip-dynamic-tags

sources

@@ -1,3 +1,3 @@
-SHA512 (node-v22.22.2-stripped.tar.gz) = 82c3357cce10a3fe89373ec4e3460af5992d853f28a7339358a3f910959e7b17987c8eb1748d9c3033d4c642701d321e2265cc0ac004a218860da4eda2971226
-SHA512 (icu4c-78.2-data-bin-b.zip) = 032a1e519bf92dfa7936ef85ebed697550dbcb4e32c6ecd28ffecb158a403eeff6c0a3545b2551eba73f288e31693be6880e202a38cd86c129dffa395e8ab625
-SHA512 (icu4c-78.2-data-bin-l.zip) = c0b46de115332940d3276763904caa6257eb516edce4382632f4b96a5b010fee4cb06a5e10ef5eee2f881515c1ee8277d9ae59015f6de6fe1d175b9d00dbb1ca
+SHA512 (icu4c-76_1-data-bin-b.zip) = 098326fbb0f4a1b70a314985cbe6918f3fec94feb17236dcf8efbc516e139294ec96ae49210e11ee40f4de1ac6977e939cbfd6087009be057b8a60d3ad01daad
+SHA512 (icu4c-76_1-data-bin-l.zip) = 1359ff28bad54f73fe29cc5c4fffb4c11c64399ddcc39bea2ee60b5d3672e7f79546a2255d604474cbd861791c11e62eb50bcecc0cf2cf9a7ece59180e8520fc
+SHA512 (node-v22.13.1-stripped.tar.gz) = 0e38b017a4dbc2532287e582d0492eaef6971db987722f5497e1d0875e83f1d0ab00c5d31b6842692f07538e49bdaada8cd997af2b200f4b7f47378fcb81c4ee

test-runner.sh

@@ -1,59 +0,0 @@
-#!/bin/bash
-	
-NODE_BIN="$1"
-PARENT_TEST_FOLDER="$2"
-TEST_LIST_FILE="$3"
-
-# At most 10 min per test
-TIMEOUT_DURATION=600
-# Exit code
-FINAL_RESULT=0 	
-ARCH=$(uname -m)
-
-echo "Started test run:"
-# Run the list of test
-while IFS= read -r test_line; do
-  # ignore commented lines
-  if [[ "$test_line" =~ ^# ]]; then
-    continue
-  fi
-  # If test has specified ARCH which it should be skipped
-  # Extract it
-  TEST_PATH=$(echo "$test_line" | awk '{print $1}')
-  IGNORE_ARCHES=$(echo "$test_line" |\
-    awk '{for (i=2; i<=NF; i++) printf "%s ", $i; print ""}')
-  
-  # Skip test for specified ARCH
-  for ARCH_IGNORE in $IGNORE_ARCHES; do
-    if [[ "$ARCH_IGNORE" == "$ARCH" ]]; then
-      continue 2  
-    fi
-  done
-  
-  # Construct test path
-  TEST_SCRIPT="$PARENT_TEST_FOLDER/$TEST_PATH"
-
-  if [ ! -f "$TEST_SCRIPT" ]; then
-    continue
-  fi
-
-  TEST_OUTPUT=$(timeout "$TIMEOUT_DURATION" "$NODE_BIN" "$TEST_SCRIPT" 2>&1)
-  TEST_RESULT=$?
-
-  # Handle test result
-  if [ $TEST_RESULT -ne 0 ]; then
-    FINAL_RESULT=1
-    if [ $TEST_RESULT -eq 124 ]; then
-      echo "Test timed out: $TEST_SCRIPT"
-    else
-      echo "Test failed: $TEST_SCRIPT"
-    fi
-    echo "Test failure message:"
-    echo "$TEST_OUTPUT"
-  fi
-done < "$TEST_LIST_FILE"
-
-if [ $FINAL_RESULT -eq 0 ]; then
-    echo "All tests succesfully passed."
-fi
-exit $FINAL_RESULT