diff --git a/0001-Disable-running-gyp-on-shared-deps.patch b/0001-Disable-running-gyp-on-shared-deps.patch index 90d5b8f589f7037b0c1c9dd3f75dd7dd7db3646d..046a7e3ac8e8055441570e92873ccb6d77ea7e0f 100644 --- a/0001-Disable-running-gyp-on-shared-deps.patch +++ b/0001-Disable-running-gyp-on-shared-deps.patch @@ -1,29 +1,18 @@ -From 2abb9e98751595936ac1c867b3f08695f5bcf22c Mon Sep 17 00:00:00 2001 -From: Zuzana Svetlikova -Date: Fri, 17 Apr 2020 12:59:44 +0200 -Subject: [PATCH] Disable running gyp on shared deps - -Signed-off-by: rpm-build ---- - Makefile | 2 +- - node.gyp | 17 ----------------- - 2 files changed, 1 insertion(+), 18 deletions(-) - diff --git a/Makefile b/Makefile -index 9c01f8f..133a3d0 100644 +index 9401346623..c9d3da24c5 100644 --- a/Makefile +++ b/Makefile -@@ -148,7 +148,7 @@ with-code-cache test-code-cache: +@@ -169,7 +169,7 @@ with-code-cache test-code-cache: $(warning '$@' target is a noop) out/Makefile: config.gypi common.gypi node.gyp \ - deps/uv/uv.gyp deps/llhttp/llhttp.gyp deps/zlib/zlib.gyp \ + deps/llhttp/llhttp.gyp \ + deps/simdutf/simdutf.gyp \ tools/v8_gypfiles/toolchain.gypi tools/v8_gypfiles/features.gypi \ tools/v8_gypfiles/inspector.gypi tools/v8_gypfiles/v8.gyp - $(PYTHON) tools/gyp_node.py -f make diff --git a/node.gyp b/node.gyp -index 8f131ac..dce5fdc 100644 +index cec24aed03..13af00f40d 100644 --- a/node.gyp +++ b/node.gyp @@ -429,23 +429,6 @@ @@ -41,7 +30,7 @@ index 8f131ac..dce5fdc 100644 - 'inputs': [ '<(opensslconfig)', ], - 'outputs': [ '<(opensslconfig_internal)', ], - 'action': [ -- 'python', 'tools/copyfile.py', +- '<(python)', 'tools/copyfile.py', - '<(opensslconfig)', - '<(opensslconfig_internal)', - ], @@ -50,6 +39,3 @@ index 8f131ac..dce5fdc 100644 }], ], }, # node_core_target_name --- -2.37.3 - diff --git a/download b/download index d94bbfa09a85c292247958bdb1609de5c3d9cc1c..f8448763c5e20c0a2537080af976e7a0839c1e60 100644 --- a/download +++ b/download @@ -1,5 +1,5 @@ 8d30ae61833be02b1a9baa0f4c485fd2 cjs-module-lexer-1.2.2.tar.gz -0b905695f4f1e6ba33185760deee93c9 node-v18.12.1-stripped.tar.gz -e933976c6d90245761a4631c70dd9112 undici-5.11.0.tar.gz +e0226a5e5cf38e3d2c5a12510d8b589a node-v18.14.2-stripped.tar.gz +fcdc8333481ea68c070ef703d651ec42 undici-5.20.0.tar.gz 7b6ec4e1c3e39397bdd09087e2437bfd wasi-sdk-wasi-sdk-11.tar.gz 4dfce15eff429925893eb9102b9b8b2e wasi-sdk-wasi-sdk-14.tar.gz diff --git a/icu4c-72_1-src.tgz b/icu4c-72_1-src.tgz new file mode 100644 index 0000000000000000000000000000000000000000..60190dfb689190b962f917ab7bfb1f2d9f592d99 Binary files /dev/null and b/icu4c-72_1-src.tgz differ diff --git a/nodejs.spec b/nodejs.spec index fc9afa8b9f7c3d8072e9e667efa19885406ed528..549f2fd815906476d5b60a15e8e4dcd55c558f4f 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -17,7 +17,7 @@ # # create bootstrapping build with bundled deps and extra release suffix %bcond_with bootstrap -# bundle dependencies that are not available as Fedora modules +# bundle dependencies that are not available in CentOS %if %{with bootstrap} %bcond_without bundled %else @@ -41,8 +41,8 @@ # than a Fedora release lifecycle. %global nodejs_epoch 1 %global nodejs_major 18 -%global nodejs_minor 12 -%global nodejs_patch 1 +%global nodejs_minor 14 +%global nodejs_patch 2 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h %global nodejs_soversion 108 @@ -58,7 +58,7 @@ %global v8_major 10 %global v8_minor 2 %global v8_build 154 -%global v8_patch 15 +%global v8_patch 26 # V8 presently breaks ABI at least every x.y release while never bumping SONAME %global v8_abi %{v8_major}.%{v8_minor} %global v8_version %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch} @@ -79,13 +79,13 @@ # libuv - from deps/uv/include/uv/version.h %global libuv_major 1 -%global libuv_minor 43 -%global libuv_patch 0 +%global libuv_minor 44 +%global libuv_patch 2 %global libuv_version %{libuv_major}.%{libuv_minor}.%{libuv_patch} # nghttp2 - from deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h %global nghttp2_major 1 -%global nghttp2_minor 47 +%global nghttp2_minor 51 %global nghttp2_patch 0 %global nghttp2_version %{nghttp2_major}.%{nghttp2_minor}.%{nghttp2_patch} @@ -102,7 +102,7 @@ %global ngtcp2_version %{ngtcp2_major}.%{ngtcp2_minor}.%{ngtcp2_patch} # ICU - from tools/icu/current_ver.dep -%global icu_major 71 +%global icu_major 72 %global icu_minor 1 %global icu_version %{icu_major}.%{icu_minor} @@ -120,6 +120,12 @@ %global icu_flag full-icu %endif +# simduft from deps/simdutf/simdutf.h +%global simduft_major 2 +%global simduft_minor 0 +%global simduft_patch 7 +%global simduft_version %{simduft_major}.%{simduft_minor}.%{simduft_patch} + # OpenSSL minimum version %global openssl_minimum 1:1.1.1 @@ -133,9 +139,9 @@ # npm - from deps/npm/package.json %global npm_epoch 1 -%global npm_major 8 -%global npm_minor 19 -%global npm_patch 2 +%global npm_major 9 +%global npm_minor 5 +%global npm_patch 0 %global npm_version %{npm_major}.%{npm_minor}.%{npm_patch} # uvwasi - from deps/uvwasi/include/uvwasi.h @@ -197,9 +203,9 @@ Source101: cjs-module-lexer-1.2.2.tar.gz Source102: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-11/wasi-sdk-wasi-sdk-11.tar.gz # Version: jq '.version' deps/undici/src/package.json -# Original: https://github.com/nodejs/undici/archive/refs/tags/v5.11.0.tar.gz -# Adjustments: rm -f undici-5.11.0/lib/llhttp/llhttp*.wasm* -Source111: undici-5.11.0.tar.gz +# Original: https://github.com/nodejs/undici/archive/refs/tags/v5.20.0.tar.gz +# Adjustments: rm -f undici-5.20.0/lib/llhttp/llhttp*.wasm* +Source111: undici-5.20.0.tar.gz # The WASM blob was made using wasi-sdk v14; compiler libraries are linked in. # Version source: build/Dockerfile Source112: https://github.com/WebAssembly/wasi-sdk/archive/wasi-sdk-14/wasi-sdk-wasi-sdk-14.tar.gz @@ -209,10 +215,16 @@ Patch1: 0001-Disable-running-gyp-on-shared-deps.patch BuildRequires: make BuildRequires: python3-devel +BuildRequires: python3-setuptools +BuildRequires: python3-jinja2 +%if !%{with python3_fixup} +BuildRequires: python-unversioned-command +%endif BuildRequires: zlib-devel BuildRequires: brotli-devel BuildRequires: gcc >= 8.3.0 BuildRequires: gcc-c++ >= 8.3.0 +BuildRequires: jq # needed to generate bundled provides for npm dependencies # https://src.fedoraproject.org/rpms/nodejs/pull-request/2 # https://pagure.io/nodejs-packaging/pull-request/10 @@ -299,6 +311,7 @@ Provides: bundled(icu) = %{icu_version} Provides: bundled(uvwasi) = %{uvwasi_version} Provides: bundled(histogram) = %{histogram_version} Provides: bundled(corepack) = %{corepack_version} +Provides: bundled(simduft) = %{simduft_version} # Make sure we keep NPM up to date when we update Node.js %if 0%{?rhel} < 8 @@ -388,6 +401,8 @@ The API documentation for the Node.js JavaScript runtime. # remove bundled dependencies that we aren't building rm -rf deps/zlib rm -rf deps/brotli +rm -rf deps/v8/third_party/jinja2 +rm -rf tools/inspector_protocol/jinja2 # Replace any instances of unversioned python' with python3 %if %{with python3_fixup} @@ -693,6 +708,8 @@ end %doc %{_mandir}/man5/package-json.5* %doc %{_mandir}/man5/package-lock-json.5* %doc %{_mandir}/man5/npm-shrinkwrap-json.5* +%doc %{_mandir}/man5/npm-global.5.* +%doc %{_mandir}/man5/npm-json.5.* %doc %{_mandir}/man7/config.7* %doc %{_mandir}/man7/dependency-selectors.7* %doc %{_mandir}/man7/developers.7* @@ -714,6 +731,15 @@ end %changelog +* Tue Mar 21 2023 Zuzana Svetlikova - 1:18.14.2-2 +- Provide simduft + +* Tue Mar 21 2023 Zuzana Svetlikova - 1:18.14.2-1 +- Rebase to 18.14.2 +- Resolves: #2178087 +- Resolves: CVE-2022-25881, CVE-2022-4904, CVE-2023-23936, CVE-2023-24807 +- Resolves: CVE-2023-23918, CVE-2023-23919, CVE-2023-23920 + * Fri Nov 18 2022 Jan Staněk - 1:18.12.1-2 - Update version of bundled histogram