Stephen Gallagher
33646235dc
Update to 18.20.2
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2024-04-10 17:39:56 -04:00
Stephen Gallagher
a290f7bc54
Update to 18.20.1
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2024-04-09 13:19:27 -04:00
Fedora Release Engineering
bac0aa8624
Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
2024-01-25 09:11:07 +00:00
Fedora Release Engineering
e7b0814332
Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
2024-01-21 09:49:12 +00:00
Stephen Gallagher
c72aa25eda
Update to 18.19.0
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-11-30 09:22:33 -05:00
Stephen Gallagher
c51880f29b
Bump release to rebuild with newer nodejs-packaging
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-10-26 10:42:28 -04:00
Stephen Gallagher
7b25c0fa39
Rebuild to fix autoprovides
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-10-25 14:57:41 -04:00
Stephen Gallagher
7252990188
Update to 18.18.2
...
This is a security release.
The following CVEs are fixed in this release:
* [CVE-2023-44487](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487 ): `nghttp2` Security Release (High)
* [CVE-2023-45143](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45143 ): `undici` Security Release (High)
* [CVE-2023-38552](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38552 ): Integrity checks according to policies can be circumvented (Medium)
* [CVE-2023-39333](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39333 ): Code injection via WebAssembly export names (Low)
More detailed information on each of the vulnerabilities can be found in [October 2023 Security Releases](https://nodejs.org/en/blog/vulnerability/october-2023-security-releases/ ) blog post.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-10-16 13:11:30 -04:00
Stephen Gallagher
01f499c7e2
Update to 18.18.0
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-09-20 13:48:16 -04:00
Stephen Gallagher
0fedb845a0
Fix variable substitution
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-09-07 16:31:03 -04:00
Stephen Gallagher
6b01995d39
Add default Obsoletes: for nodejsXX
...
This takes its cue from the Python 3.X approach
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-09-07 14:53:33 -04:00
Stephen Gallagher
2e680f9011
Add version note to packaging readme
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-08-28 18:53:11 -04:00
Jan Staněk
d5900da637
Specify openssl configuration section
...
By default, node does not use the common openssl configuration section,
relying instead on node-specific `nodejs_conf` section.
Since we want node to use the system configuration, the section name
should be changed (back) to `openssl_conf`.
See discussion in https://github.com/nodejs/node/pull/48950
for the reason this change is suggested.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-08-28 18:51:36 -04:00
Stephen Gallagher
7d157a9ac8
Update to 18.17.1
...
** 2023-08-09, Version 18.17.1 'Hydrogen' (LTS), @RafaelGSS
This is a security release.
*** Notable Changes
The following CVEs are fixed in this release:
* [CVE-2023-32002](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32002 ): Policies can be bypassed via Module.\_load (High)
* [CVE-2023-32006](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32006 ): Policies can be bypassed by module.constructor.createRequire (Medium)
* [CVE-2023-32559](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32559 ): Policies can be bypassed via process.binding (Medium)
* OpenSSL Security Releases
* [OpenSSL security advisory 14th July](https://mta.openssl.org/pipermail/openssl-announce/2023-July/000264.html ).
* [OpenSSL security advisory 19th July](https://mta.openssl.org/pipermail/openssl-announce/2023-July/000265.html ).
* [OpenSSL security advisory 31st July](https://mta.openssl.org/pipermail/openssl-announce/2023-July/000267.html )
More detailed information on each of the vulnerabilities can be found in [August 2023 Security Releases](https://nodejs.org/en/blog/vulnerability/august-2023-security-releases/ ) blog post.
** 2023-07-18, Version 18.17.0 'Hydrogen' (LTS), @danielleadams
*** Notable Changes
**** Ada 2.0
Node.js v18.17.0 comes with the latest version of the URL parser, Ada. This update brings significant performance improvements
to URL parsing, including enhancements to the url.domainToASCII and url.domainToUnicode functions in node:url.
Ada 2.0 has been integrated into the Node.js codebase, ensuring that all parts of the application can benefit from the
improved performance. Additionally, Ada 2.0 features a significant performance boost over its predecessor, Ada 1.0.4,
while also eliminating the need for the ICU requirement for URL hostname parsing.
Contributed by Yagiz Nizipli and Daniel Lemire in [#47339 ](https://github.com/nodejs/node/pull/47339 )
**** Web Crypto API
Web Crypto API functions' arguments are now coerced and validated as per their WebIDL definitions like in other Web Crypto API implementations.
This further improves interoperability with other implementations of Web Crypto API.
Contributed by Filip Skokan in [#46067 ](https://github.com/nodejs/node/pull/46067 )
* **crypto**:
* update root certificates to NSS 3.89 (Node.js GitHub Bot) [#47659 ](https://github.com/nodejs/node/pull/47659 )
* **dns**:
* **(SEMVER-MINOR)** expose getDefaultResultOrder (btea) [#46973 ](https://github.com/nodejs/node/pull/46973 )
* **doc**:
* add ovflowd to collaborators (Claudio Wunder) [#47844 ](https://github.com/nodejs/node/pull/47844 )
* add KhafraDev to collaborators (Matthew Aitken) [#47510 ](https://github.com/nodejs/node/pull/47510 )
* **events**:
* **(SEMVER-MINOR)** add getMaxListeners method (Matthew Aitken) [#47039 ](https://github.com/nodejs/node/pull/47039 )
* **fs**:
* **(SEMVER-MINOR)** add support for mode flag to specify the copy behavior (Tetsuharu Ohzeki) [#47084 ](https://github.com/nodejs/node/pull/47084 )
* **(SEMVER-MINOR)** add recursive option to readdir and opendir (Ethan Arrowood) [#41439 ](https://github.com/nodejs/node/pull/41439 )
* **(SEMVER-MINOR)** add support for mode flag to specify the copy behavior (Tetsuharu Ohzeki) [#47084 ](https://github.com/nodejs/node/pull/47084 )
* **(SEMVER-MINOR)** implement byob mode for readableWebStream() (Debadree Chatterjee) [#46933 ](https://github.com/nodejs/node/pull/46933 )
* **http**:
* **(SEMVER-MINOR)** prevent writing to the body when not allowed by HTTP spec (Gerrard Lindsay) [#47732 ](https://github.com/nodejs/node/pull/47732 )
* **(SEMVER-MINOR)** remove internal error in assignSocket (Matteo Collina) [#47723 ](https://github.com/nodejs/node/pull/47723 )
* **(SEMVER-MINOR)** add highWaterMark opt in http.createServer (HinataKah0) [#47405 ](https://github.com/nodejs/node/pull/47405 )
* **lib**:
* **(SEMVER-MINOR)** add webstreams to Duplex.from() (Debadree Chatterjee) [#46190 ](https://github.com/nodejs/node/pull/46190 )
* **(SEMVER-MINOR)** implement AbortSignal.any() (Chemi Atlow) [#47821 ](https://github.com/nodejs/node/pull/47821 )
* **module**:
* change default resolver to not throw on unknown scheme (Gil Tayar) [#47824 ](https://github.com/nodejs/node/pull/47824 )
* **node-api**:
* **(SEMVER-MINOR)** define version 9 (Chengzhong Wu) [#48151 ](https://github.com/nodejs/node/pull/48151 )
* **(SEMVER-MINOR)** deprecate napi\_module\_register (Vladimir Morozov) [#46319 ](https://github.com/nodejs/node/pull/46319 )
* **stream**:
* **(SEMVER-MINOR)** preserve object mode in compose (Raz Luvaton) [#47413 ](https://github.com/nodejs/node/pull/47413 )
* **(SEMVER-MINOR)** add setter & getter for default highWaterMark (#46929 ) (Robert Nagy) [#46929 ](https://github.com/nodejs/node/pull/46929 )
* **test**:
* unflake test-vm-timeout-escape-nexttick (Santiago Gimeno) [#48078 ](https://github.com/nodejs/node/pull/48078 )
* **test\_runner**:
* **(SEMVER-MINOR)** add shorthands to `test` (Chemi Atlow) [#47909 ](https://github.com/nodejs/node/pull/47909 )
* **(SEMVER-MINOR)** support combining coverage reports (Colin Ihrig) [#47686 ](https://github.com/nodejs/node/pull/47686 )
* **(SEMVER-MINOR)** execute before hook on test (Chemi Atlow) [#47586 ](https://github.com/nodejs/node/pull/47586 )
* **(SEMVER-MINOR)** expose reporter for use in run api (Chemi Atlow) [#47238 ](https://github.com/nodejs/node/pull/47238 )
* **tools**:
* update LICENSE and license-builder.sh (Santiago Gimeno) [#48078 ](https://github.com/nodejs/node/pull/48078 )
* **url**:
* **(SEMVER-MINOR)** implement URL.canParse (Matthew Aitken) [#47179 ](https://github.com/nodejs/node/pull/47179 )
* **wasi**:
* **(SEMVER-MINOR)** no longer require flag to enable wasi (Michael Dawson) [#47286 ](https://github.com/nodejs/node/pull/47286 )
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-08-09 16:33:19 -04:00
Fedora Release Engineering
544f76d98b
Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2023-07-20 16:47:35 +00:00
Stephen Gallagher
d1beeb0f81
Sync to latest nodejs-sources.sh
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-07-12 13:36:15 -04:00
Stephen Gallagher
a955794775
Update to security release 18.16.1
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-06-21 10:02:16 -04:00
Stephen Gallagher
8feb3e5509
sources: install jinja2 if needed
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-06-21 09:19:01 -04:00
Stephen Gallagher
dfeab1ea3d
Fix NPM Obsoletes
...
The version of npm shipped by nodejs20 in the frozen F38 repo is
higher than the version provided by the default nodejs18. This
works around that.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-05-15 09:37:29 -04:00
Stephen Gallagher
14431056f7
Fix up shebangs for npm and npx
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-04-28 10:46:32 -04:00
Stephen Gallagher
00573643f6
Add README for packagers
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-04-27 13:51:35 -04:00
Stephen Gallagher
7fac550d3e
nodejs-sources.sh: Add --debug flag
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-04-27 08:58:13 -04:00
Stephen Gallagher
4e9436a835
Replace /usr/etc/npmrc symlink with builtin configuration
...
We want to have the system-level npmrc located at /etc/npmrc.
By default, npm looks for it in /usr/etc/npmrc,
so we placed a symlink to /etc/npmrc there.
However, we are the only known package that has anything in /usr/etc,
which confuses and/or breaks various tooling (see related bug).
This gets rid of the symlink,
and instead uses "builtin"-level configuration of npm
to cause it to load the system-level configuration from /etc/npmrc.
Related: rhbz#2177776
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-04-27 08:50:37 -04:00
Stephen Gallagher
7559b10a65
Apply to spec also
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-04-26 15:14:32 -04:00
Stephen Gallagher
bca6ea5ea2
Fix manpage symlinks
...
Resolves: rhbz#2187978
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-04-26 15:13:29 -04:00
Stephen Gallagher
a7bb99ba07
Rebase Fedora patches
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-04-26 12:37:19 -04:00
Stephen Gallagher
a98d03435c
Update to 18.16.0
...
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18.16.0
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-04-26 12:31:13 -04:00
Stephen Gallagher
0362f42fb0
Don't 'Provides: npm' on non-default
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-04-11 15:23:07 -04:00
Stephen Gallagher
7000efe305
Adjust nodejs-devel Provides
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-04-03 09:07:15 -04:00
Stephen Gallagher
4ffd58b121
Pull in changes from nodejs20
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-03-30 08:50:27 -04:00
Stephen Gallagher
4aadc166bf
Fix build issue on non-default releases
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-03-27 19:10:34 -04:00
Stephen Gallagher
c2b89a7006
Fix libv8 packaging issue
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-03-27 14:55:11 -04:00
Stephen Gallagher
580f45bab6
Namespace the v8 compat libraries
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-03-16 15:37:40 -04:00
Stephen Gallagher
6e5a66a778
Update to 18.15.0
...
- https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18.15.0
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-03-09 10:28:50 -05:00
Stephen Gallagher
b77028c109
template: Re-sync from nodejs20
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-03-01 15:08:30 -05:00
Stephen Gallagher
dc374d2c11
Also drop patch from specfile
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-02-23 15:17:55 -05:00
Stephen Gallagher
18c023f26e
Drop unneeded patch
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-02-23 15:16:26 -05:00
Stephen Gallagher
b1efdc3f55
Update to latest version of nodejs-sources.sh
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-02-21 14:59:23 -05:00
Stephen Gallagher
2193e314cf
Update to 18.14.2
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-02-21 14:47:39 -05:00
Stephen Gallagher
2ec1a0503b
Update to v18.14.1
...
- https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18.14.1
- packaging: Drop vestigial package.cfg file.
- packaging: Fix spec template
- packaging: Make nodejs-sources.sh clean up after itself
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-02-17 11:10:30 -05:00
Stephen Gallagher
c541b7e256
Set Node.js 18.x as the default for RHEL 10
...
This will likely change to 20.x closer to release, but we need a
default in place for the time being.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-01-27 13:36:00 -05:00
Stephen Gallagher
8cfad4cd12
sources: Fix typo preventing upload
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-01-23 17:18:47 -05:00
Stephen Gallagher
148cb7de34
sources: Use spec template for ICU URL
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-01-23 16:53:27 -05:00
Stephen Gallagher
99e9cbbbe5
Fix important typo
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-01-23 15:41:05 -05:00
Stephen Gallagher
443d608e13
Fix v8 symlinks
...
Resolves: rhbz#2163346
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-01-23 15:32:31 -05:00
Stephen Gallagher
bd35f75e9f
Rework nodejs-sources.sh
...
This will now automatically update the specfile from the
.packaging/nodejs.spec.in template.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-01-23 15:27:59 -05:00
Fedora Release Engineering
c2526cc511
Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
...
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2023-01-19 21:42:59 +00:00
Stephen Gallagher
679308e617
Update to 18.13.0
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2023-01-16 11:29:51 -05:00
Stephen Gallagher
35ce6bd08e
Disable gating for now
...
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2022-12-13 14:26:58 -05:00
Stephen Gallagher
2851ac84ca
Use requires instead of conflicts for -docs
...
Conflicts causes issues with parallel-installation of non-default
Node.js versions.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2022-12-12 15:11:19 -05:00