nodejs20

adamm/nodejs20

SHA256

Fork 0

d521587d02 My changes for PR factory Adam Majer 2024-07-04 20:01:13 +0200
dda4532e99 Accepting request 1166624 from devel:languages:nodejs Ana Guerrero 2024-04-10 15:49:55 +0000
557e8b7ca6 - fix_ci_tests.patch: add benchmark fix devel Adam Majer 2024-04-10 10:58:43 +0000
a314d2f006 + undici version 5.28.4 (bsc#1222530, bsc#1222603, CVE-2024-30260, CVE-2024-30261) Adam Majer 2024-04-10 10:37:51 +0000
57bd3f7f08 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=76 Adam Majer 2024-04-10 10:31:14 +0000
3c2da24458 - Update to 20.12.1: * CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High) (bsc#1222244) * CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation- (Medium) (bsc#1222384) * updated dependencies: + llhttp version 9.2.1 + undici version 5.28.4 (bsc#1222530, CVE-2024-30260) Adam Majer 2024-04-09 14:43:25 +0000
5191972b49 - node-gyp-addon-gypi.patch: adapted for new unit test layouts Adam Majer 2024-04-09 13:22:15 +0000
61451c21f5 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=73 Adam Majer 2024-04-03 14:50:15 +0000
38a579f0dc OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=72 Adam Majer 2024-04-03 14:34:22 +0000
d8b9b394de OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=71 Adam Majer 2024-04-03 14:25:40 +0000
c90d6e09a2 - Update to 20.12.0: * crypto: implement crypto.hash() * util: add loading and parsing environment variables * new connection attempt events: connectionAttempt, connectionAttemptFailed, connectionAttemptTimeout * sea: support embedding assets * support configurable snapshot through --build-snapshot-config flag * util.styleText(format, text): This function returns a formatted text considering the format passed. * vm: support using the default loader to handle dynamic import() - c-ares-fixes.patch: removed, upstreamed - nodejs-libpath.patch, versioned.patch: refreshed * libuv version 1.48.0 (CVE-2024-24806, bsc#1220053) Adam Majer 2024-04-02 14:59:13 +0000
5c193640dd Accepting request 1147152 from devel:languages:nodejs Ana Guerrero 2024-02-18 19:22:33 +0000
96f27bdb92 - Update to 20.11.1: (security updates) * (CVE-2024-21892, bsc#1219992) - Code injection and privilege escalation through Linux capabilities- (High) * (CVE-2024-22019, bsc#1219993) - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High) * (CVE-2024-21896, bsc#1219994) - Path traversal by monkey-patching Buffer internals- (High) * (CVE-2024-22017, bsc#1219995) - setuid() does not drop all privileges due to io_uring - (High) * (CVE-2023-46809, bsc#1219997) - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium) * (CVE-2024-21891, bsc#1219998) - Multiple permission model bypasses due to improper path traversal sequence sanitization - (Medium) * (CVE-2024-21890, bsc#1219999) - Improper handling of wildcards in --allow-fs-read and --allow-fs-write (Medium) * (CVE-2024-22025, bsc#1220014) - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium) * undici version 5.28.3 (CVE-2024-24758, bsc#1220017) * libuv version 1.48.0 (CVE-2024-24806, bsc#1219724) Adam Majer 2024-02-16 16:24:14 +0000
cd623f2fc5 Accepting request 1146411 from devel:languages:nodejs Ana Guerrero 2024-02-14 22:18:47 +0000
afdd201fcd - c-ares-fixes.patch, fix_ci_tests.patch: refreshed Adam Majer 2024-02-13 13:45:22 +0000
363f60fdf8 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=65 Adam Majer 2024-02-13 13:11:48 +0000
e23d5ebf4b - update to 20.11.0: * esm: add import.meta.dirname and import.meta.filename * fs: add c++ fast path for writeFileSync utf8 * module: remove useCustomLoadersIfPresent flag * module: bootstrap module loaders in shadow realm * src: add --disable-warning option * src: create per isolate proxy env template * src: make process binding data weak * stream: use Array for Readable buffer * stream: optimize creation * test_runner: adds built in lcov reporter * test_runner: add Date to the supported mock APIs * test_runner, cli: add --test-timeout flag - c-ares-fixes.patch: refreshed Adam Majer 2024-02-12 14:47:36 +0000
9a6dfd12d6 Accepting request 1142218 from devel:languages:nodejs Ana Guerrero 2024-01-29 21:27:01 +0000
554218c800 to be fixed soon (bsc#1219152) Adam Majer 2024-01-29 10:23:35 +0000
b8697d5b0f - fix_ci_tests.patch: disable test_crypto_fips for openssl 3.x, to be fixed soon Adam Majer 2024-01-29 10:06:21 +0000
a51b61261c Accepting request 1137592 from devel:languages:nodejs Ana Guerrero 2024-01-10 20:50:41 +0000
ef09b2db99 - c-ares-fixes.patch: add additional backports for unit test fixes Adam Majer 2024-01-08 15:38:28 +0000
a6d260b353 Accepting request 1136241 from devel:languages:nodejs Dominique Leuenberger 2024-01-04 14:56:52 +0000
2e660ab888 - c-ares-fixes.patch: fixes unit tests for new c-ares Adam Majer 2024-01-02 16:16:09 +0000
e86b130c29 Accepting request 1133875 from devel:languages:nodejs Ana Guerrero 2023-12-19 22:15:27 +0000
ef7c1780f3 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=55 Adam Majer 2023-12-18 14:24:34 +0000
070a3cf32c OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=54 Adam Majer 2023-12-18 14:22:17 +0000
7b774df4e9 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=53 Adam Majer 2023-12-18 12:58:03 +0000
274e5bfd56 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=52 Adam Majer 2023-12-18 12:54:20 +0000
ef6ee8ed0c OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=51 Adam Majer 2023-11-23 10:52:12 +0000
5b4702fb97 - Update to 20.10.0: * --experimental-default-type flag to flip module defaults * The new flag --experimental-detect-module can be used to automatically run ES modules when their syntax can be detected. * Added flush option in file system functions for fs.writeFile functions * Added experimental WebSocket client * vm: fix V8 compilation cache support for vm.Script. This fixes performance regression since v16.x when support for importModuleDynamically was added to vm.Script For details, see https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V20.md#20.10.0 - nodejs20-zlib-1.3.patch: upstreamed, removed - fix_ci_tests.patch, node-gyp-addon-gypi.patch: refreshed Adam Majer 2023-11-23 10:43:36 +0000
276dbe71d8 Accepting request 1120765 from devel:languages:nodejs Ana Guerrero 2023-10-27 20:27:01 +0000
7da7de5798 - fix_ci_tests.patch: adapt for openssl 3.1.4 Adam Majer 2023-10-27 09:19:38 +0000
d6b1711aad Accepting request 1120018 from devel:languages:nodejs Ana Guerrero 2023-10-25 16:02:01 +0000
19b4cdb748 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=46 Adam Majer 2023-10-24 14:36:29 +0000
15b4fc8fc9 -------------------------------------------------------------------- - Add nodejs20-zlib-1.3.patch: Support zlib version with only major.minor versions, like zlib 1.3. ------------------------------------------------------------------ Adam Majer 2023-10-24 14:18:15 +0000
a2711d83a3 Accepting request 1118025 from devel:languages:nodejs Ana Guerrero 2023-10-17 18:22:28 +0000
6513469645 - fix_ci_tests.patch: refreshed Adam Majer 2023-10-16 13:01:28 +0000
e9beaf5fbb - Security fixes relase 20.8.1 * (CVE-2023-44487, bsc#1216190): nghttp2 Security Release * (CVE-2023-45143, bsc#1216205): undici Security Release * (CVE-2023-39332, bsc#1216271): Path traversal through path stored in Uint8Array * (CVE-2023-39331, bsc#1216270): Permission model improperly protects against path traversal * (CVE-2023-38552, bsc#1216272): Integrity checks according to policies can be circumvented * (CVE-2023-39333, bsc#1216273): Code injection via WebAssembly export names Adam Majer 2023-10-16 10:06:07 +0000
ea39387820 Accepting request 1116076 from devel:languages:nodejs Ana Guerrero 2023-10-08 10:17:12 +0000
64df2543c1 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=40 Adam Majer 2023-10-06 13:36:46 +0000
4144c6be62 - Update to 20.8.0: * Stream performance improvements * Rework of memory management in vm APIs with the importModuleDynamically option * test_runner: + accept testOnly in run + add junit reporter - fix_ci_tests.patch: refreshed Adam Majer 2023-10-05 14:56:50 +0000
9664beebd6 Accepting request 1112341 from devel:languages:nodejs Ana Guerrero 2023-09-21 20:13:24 +0000
00f89ea8df drop bundled libicu Adam Majer 2023-09-19 15:51:18 +0000
c4d0774e7e - Update to 20.7.0: * src: support multiple --env-file declarations * deps: upgrade npm to 10.1.0 * doc: move and rename loaders section * lib: add api to detect whether source-maps are enabled * src,permission: add multiple allow-fs-* flags * test_runner: expose location of tests - z13.patch: upstreamed Adam Majer 2023-09-19 15:37:59 +0000
75aee014df Accepting request 1109713 from devel:languages:nodejs Ana Guerrero 2023-09-10 11:09:33 +0000
00fd2cd946 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=34 Adam Majer 2023-09-08 10:49:49 +0000
7c228c7b21 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=33 Adam Majer 2023-09-08 10:49:08 +0000
0bdabb9a62 - f0ff63fbc32ea55f3d92c5c89fdb91ec47786859.patch: fixes issues with Angular and other software that tries to load ECM modules in somewhat circular fashion ending up with multiple executions. Adam Majer 2023-09-08 10:48:07 +0000
60097e3922 Accepting request 1109025 from devel:languages:nodejs Ana Guerrero 2023-09-06 16:56:01 +0000
c3676e0ebb - nodejs.keyring: updated to include current upstream releasers Adam Majer 2023-09-05 11:21:21 +0000
eed27191c2 - Update to 20.6.0: * add support for .env files to configure envrionment variables * import.meta.resolve unflagged * deps: npm updated to 9.8.1 Adam Majer 2023-09-05 09:57:08 +0000
ce0ced3bfb Accepting request 1105924 from devel:languages:nodejs Ana Guerrero 2023-08-30 08:19:00 +0000
1e061829fa - Temporarily bundle ICU for SLE15 SP6 (jsc#PED-4819) Adam Majer 2023-08-25 14:46:06 +0000
05903698a4 Accepting request 1103349 from devel:languages:nodejs Dominique Leuenberger 2023-08-11 13:55:15 +0000
548460a7f6 https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V20.md#20.5.1 versioned.patch: refreshed Adam Majer 2023-08-10 14:03:48 +0000
e0ade5d340 - Update to version 20.5.1: * (CVE-2023-32002, bsc#1214150): Policies can be bypassed via Module._load (High) * (CVE-2023-32558, bsc#1214155): process.binding() can bypass the permission model through path traversal (High) * (CVE-2023-32004, bsc#1214152): Permission model can be bypassed by specifying a path traversal sequence in a Buffer (High) * (CVE-2023-32006, bsc#1214156): Policies can be bypassed by module.constructor.createRequire (Medium) * (CVE-2023-32559, bsc#1214154): Policies can be bypassed via process.binding (Medium) * (CVE-2023-32005, bsc#1214153): fs.statfs can bypass the permission model (Low) * (CVE-2023-32003, bsc#1214151): fs.mkdtemp() and fs.mkdtempSync() can bypass the permission model (Low) - Changes in 20.5.0: * events: allow safely adding listener to abortSignal * fs: add a fast-path for readFileSync utf-8 * test_runner: add shards support - Changes in 20.4.0: * tls: add ALPNCallback server option for dynamic ALPN negotiation * adds support for ECMAScript Explicit Resource Management * adds Mock Timer support to test module For details see, https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V20.md#20.5.1 Adam Majer 2023-08-10 14:02:38 +0000
bac0238f0c Accepting request 1094364 from devel:languages:nodejs Dominique Leuenberger 2023-06-22 21:24:41 +0000
86bbf8af98 - Update to version 20.3.1 (security fixes only). The following CVEs are fixed in this release: * (CVE-2023-30581, bsc#1212574): mainModule.__proto__ Bypass Experimental Policy Mechanism (High) * (CVE-2023-30584, bsc#1212575): Path Traversal Bypass in Experimental Permission Model (High) * (CVE-2023-30587, bsc#1212576): Bypass of Experimental Permission Model via Node.js Inspector (High) * (CVE-2023-30582, bsc#1212577): Inadequate Permission Model Allows Unauthorized File Watching (Medium) * (CVE-2023-30583, bsc#1212578): Bypass of Experimental Permission Model via fs.openAsBlob() (Medium) * (CVE-2023-30585, bsc#1212579): Privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process (Medium) * (CVE-2023-30586, bsc#1212580): Bypass of Experimental Permission Model via Arbitrary OpenSSL Engines (Medium) * (CVE-2023-30588, bsc#1212581): Process interuption due to invalid Public Key information in x509 certificates (Medium) * (CVE-2023-30589, bsc#1212582): HTTP Request Smuggling via Empty headers separated by CR (Medium) * (CVE-2023-30590, bsc#1212583): DiffieHellman does not generate keys after setting a private key (Medium) Adam Majer 2023-06-21 12:07:38 +0000
b31b0ec054 Accepting request 1093316 from devel:languages:nodejs Dominique Leuenberger 2023-06-17 20:20:06 +0000
5aa743f380 - Update to version 20.3.0: * deps: upgrade to libuv 1.45.0, including significant performance improvements to file system operations on Linux * module: change default resolver to not throw on unknown scheme * stream: deprecate asIndexedPairs - versioned.patch, fix_ci_tests.patch: refreshed - openssl3_1-adapt_tests.patch: upstreamed and removed For details see, https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V20.md#20.3.0 Adam Majer 2023-06-15 11:44:48 +0000
6f451f5f12 Accepting request 1089598 from devel:languages:nodejs Dominique Leuenberger 2023-05-30 20:01:35 +0000
9f995e9c9d - Fix build on SLE12SP5 Adam Majer 2023-05-22 14:46:32 +0000
85e4beb9cc Accepting request 1087954 from devel:languages:nodejs Dominique Leuenberger 2023-05-21 17:08:23 +0000
b97526a383 - Update to version 20.2.0: * http: prevent writing to the body when not allowed by HTTP spec * sea: add option to disable the experimental SEA warning * test_runner: add skip, todo, and only shorthands to test * url: add value argument to URLSearchParams has and delete methods For details see, https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V20.md#20.2.0 Adam Majer 2023-05-19 13:53:28 +0000
b7ddb77c7b Accepting request 1087356 from devel:languages:nodejs Dominique Leuenberger 2023-05-17 08:52:40 +0000
6e25888b27 on some platforms, like s390x in Factory. (bsc#1211407) Adam Majer 2023-05-15 14:34:43 +0000
a55e32eace - fix_ci_tests.patch: increase default timeout on unit tests to 20min from 2min. This seems to have lead to build failures on some platforms, like s390x in Factory. Adam Majer 2023-05-15 14:06:14 +0000
4f52292bee Accepting request 1086728 from devel:languages:nodejs Dominique Leuenberger 2023-05-12 18:38:43 +0000
b374aa8440 - z13.patch: fixes illegal instruction error on z13 and older s390 Adam Majer 2023-05-12 07:59:13 +0000
92c58cd8c7 - Adapt tests for OpenSSL 3.1 [bsc#1209430] * Add openssl3_1-adapt_tests.patch Adam Majer 2023-05-10 11:13:14 +0000
2a38fa7816 Accepting request 1085759 from devel:languages:nodejs Dominique Leuenberger 2023-05-10 14:17:54 +0000
9325f22edc OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=8 Adam Majer 2023-05-09 14:21:07 +0000
a51f2e1115 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=7 Adam Majer 2023-05-05 11:14:52 +0000
9bdafd0eed OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=6 Adam Majer 2023-05-05 11:12:45 +0000
6978a0940b - Update to version 20.1.0 assert: deprecate CallTracker dns: expose getDefaultResultOrder doc: add KhafraDev to collaborators fs: add recursive option to readdir and opendir fs: add support for mode flag to specify the copy behavior of the cp methods http: add highWaterMark option http.createServer stream: preserve object mode in compose test_runner: add testNamePatterns to run API test_runner: execute before hook on test test_runner: support combining coverage reports wasi: make returnOnExit true by default Adam Majer 2023-05-04 13:34:39 +0000
629a73de59 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=4 Adam Majer 2023-04-20 12:41:12 +0000
54ffea50d7 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=3 Adam Majer 2023-04-20 12:38:23 +0000
2f8b4c5a39 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs20?expand=0&rev=2 Adam Majer 2023-04-19 13:49:00 +0000
940720b49f - Package new version 20.0.0 For overview of changes and details since 19.x and earlier see https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V20.md#20.0.0 - imported the following patches from prior patches: + cares_public_headers.patch + fix_ci_tests.patch + flaky_test_rerun.patch + legacy_python.patch + linker_lto_jobs.patch + manual_configure.patch + node-gyp-addon-gypi.patch + node-gyp-config.patch + nodejs-libpath.patch + npm_search_paths.patch + openssl_binary_detection.patch + qemu_timeouts_arches.patch + skip_no_console.patch + sle12_python3_compat.patch + test-skip-y2038-on-32bit-time_t.patch + versioned.patch Adam Majer 2023-04-19 13:34:21 +0000

Commit Graph Select branches Hide Pull Requests devel factory Mono Color

Commit Graph

Select branches

Hide Pull Requests

devel

factory