- CVE-2019-13173.patch: fix potential file overwrite via hardlink

in fstream.DirWriter() function (bsc#1140290, CVE-2019-13173)

OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs11?expand=0&rev=18

CVE-2019-13173.patch

@@ -0,0 +1,28 @@
+CVE-2019-13173
+
+Backported from
+https://github.com/npm/fstream/commit/6a77d2fa6e1462693cf8e46f930da96ec1b0bb22
+
+From 6a77d2fa6e1462693cf8e46f930da96ec1b0bb22 Mon Sep 17 00:00:00 2001
+From: isaacs <i@izs.me>
+Date: Tue, 14 May 2019 17:37:57 -0700
+Subject: [PATCH] Clobber a Link if it's in the way of a File
+
+Fixes https://github.com/npm/node-tar/issues/212
+---
+ lib/writer.js | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/writer.js b/lib/writer.js
+index 140e449..3f10547 100644
+--- a/deps/npm/node_modules/fstream/lib/writer.js
++++ b/deps/npm/node_modules/fstream/lib/writer.js
+@@ -147,7 +147,7 @@ Writer.prototype._stat = function (current) {
+ 
+     // if it's a type change, then we need to clobber or error.
+     // if it's not a type change, then let the impl take care of it.
+-    if (currentType !== self.type) {
++    if (currentType !== self.type || self.type === 'File' && current.nlink > 1) {
+       return rimraf(self._path, function (er) {
+         if (er) return self.error(er)
+         self._old = null

SHASUMS256.txt

@@ -1,36 +1,36 @@
-b015a390703cf829c169016991c891c91807db50c76be8a73f39f1415efed462  node-v11.6.0-aix-ppc64.tar.gz
-c880063b112c48130dba8f7b058de61959ae46fddcfa363715571b22c1cbeb26  node-v11.6.0-darwin-x64.tar.gz
-55e0ac7a97711e91b720cb51733ac5f4739b66c0dd7daa727728656ca73928e3  node-v11.6.0-darwin-x64.tar.xz
-9c4e877b9f85ec6780656fa82adc53e50cbefdefa9c23d2248e8ac8b31630628  node-v11.6.0-headers.tar.gz
-b232ce0abb7f5d92e19441694cc3c65b81a8934ca23b7621b9a5e3a72cb2794f  node-v11.6.0-headers.tar.xz
-a112c89390965356036597e712ec3939c37090bbafd513b90ab2a524bd29190a  node-v11.6.0-linux-arm64.tar.gz
-956016db41f4f96f8e005d36c738d7c833442d09a970462552eb214027e0268a  node-v11.6.0-linux-arm64.tar.xz
-36e77daee70c7caf77977fafd5adaeb66b109f547e1e25c51f861f1528632297  node-v11.6.0-linux-armv6l.tar.gz
-d49e5544b22e41e615c04bf1e366800781f80abf9f04eda69a7ed16116729ab1  node-v11.6.0-linux-armv6l.tar.xz
-8386c32569e13fd7953736b20bfff9e9e1c1d1905bfea5bc317d34105c1e78c6  node-v11.6.0-linux-armv7l.tar.gz
-b6c3b4834b900c5152a8030f5d383669df4c2cc203064e69ae1b8189de6f0d0d  node-v11.6.0-linux-armv7l.tar.xz
-e09b92294ea7e39d0f188626bc75e47a5a52f01ca2c3e6f27a194f207a12ec0e  node-v11.6.0-linux-ppc64le.tar.gz
-304cd210686e4d743c2c132f4fda897bb36a8d5d1ee5591aa43c0cd21560a7ac  node-v11.6.0-linux-ppc64le.tar.xz
-20b6469d7d554bc80911450f3395f2bac2eb615c81d963dbffcd4c6b2bced22d  node-v11.6.0-linux-s390x.tar.gz
-4eb5cb5823d324819f32872be41e66d676c7792e05c0c4d4411b297a87cb6cab  node-v11.6.0-linux-s390x.tar.xz
-ee5b070caa8e812ee763b65e75c6f4f120a65e40fdef807b075e39dc8916fa9c  node-v11.6.0-linux-x64.tar.gz
-2251a6c5b332e7ea69bbefba11950cb6c27ba50fa700468711f729da6a6f5324  node-v11.6.0-linux-x64.tar.xz
-de17fb9f6fa41a2b35f46fbc9cb090db203d4d828d9c6004bb4063902377737c  node-v11.6.0.pkg
-10e380e751e6208d201b01dd1cc11a9b816c8013371f16362070c06d3d061444  node-v11.6.0-sunos-x64.tar.gz
-43e0753cb5dca2c3d874599e7ae029715d7645aeb912980d1e857e9a1bc37da3  node-v11.6.0-sunos-x64.tar.xz
-39ef4f1866f75786baff5959439483fafdc99d3ee3a0568a13cc635d64cf5e0b  node-v11.6.0.tar.gz
-94f2be389c80ab939114f67c824db7ebd12df602358b7481c55431336bbff9b3  node-v11.6.0.tar.xz
-92b25af01f6b6b9a5fd12142779fb9b3b3974f4506e11dd4a6b0c2ca022db954  node-v11.6.0-win-x64.7z
-d230828c1cc9863c9768106ffee0320ba42049b594bd2689e430b872e8f0b2dd  node-v11.6.0-win-x64.zip
-d6670c8d26a78e3b834da6efacd37dceff841645c2d475c642b4ddad84291427  node-v11.6.0-win-x86.7z
-176e7ced367cad8858fd62c858e23129556842c28ce1cb3d17729f51488fab55  node-v11.6.0-win-x86.zip
-b5a896741c8cc1f5ccf353d24577c5b78b11af9e52cb9969a70d27d311e3873c  node-v11.6.0-x64.msi
-5cdd2c590acc8d5d5c93c09bd61ab485c289168bbf732efeda7f83422f8b9691  node-v11.6.0-x86.msi
-862ab8a5e1a7b666b6462defa40dd7de16a5ea0afc407707fb7dd9aa804bf44b  win-x64/node.exe
-8a7f7821e9dd89600815e11df3906c1257ba9e465d1a9ba978d097038bb20b89  win-x64/node.lib
-80167ea916b04fb90fc9deebe5d77b3a15e4953cfa31eed2fa1541b6ee242e05  win-x64/node_pdb.7z
-613932345f90cedda29716b0798434734d7bc13230da4d2ae80f5e0a287b0ba9  win-x64/node_pdb.zip
-7318f417499fcfbe719957bd8be1257268d6e139563d3adc9e62f3677e99a3ec  win-x86/node.exe
-f4f8ebeccc3cb61ceea668bc22d9a03d7939c52a686d43441f82317dd6d10a5a  win-x86/node.lib
-504a17ab4e845a972c54d518d460c4fee82229b28596fd9f7b6b01f9dd706339  win-x86/node_pdb.7z
-331d5ff93cb83552e83082c9fbe0960c02bdcd3c2359223f997b905be637ff61  win-x86/node_pdb.zip
+f6cbaa83f176f7b267e8751c5b99b4d4f5cd43b3a441593a2e44287d733cc976  node-v11.15.0-aix-ppc64.tar.gz
+e953b657b1049e1de509a3fd0700cfeecd175f75a0d141d71393aa0d71fa29a9  node-v11.15.0-darwin-x64.tar.gz
+fef95bb4ed017dafc3cc61e140b10630ef30bd22468fd64740f948339b790f14  node-v11.15.0-darwin-x64.tar.xz
+e738ca0fa48e1b43a4edb8d3accb7ed6ce65aa27e74ccfd26989eb87a0add509  node-v11.15.0-headers.tar.gz
+e85fd7fbc63fe495f187d3df94667dbac740e91a0fd30e131cde3825ee5e9241  node-v11.15.0-headers.tar.xz
+78237456386d66ac2143a25530dd5b39326a874079ba7c0676a4639e894567c4  node-v11.15.0-linux-arm64.tar.gz
+e458aa4c69da9ca2ae566c8eb56dc8b36d573b415bfd8eebca4ff2229fc4983d  node-v11.15.0-linux-arm64.tar.xz
+d376ea6412859ed2e59739bd478219f832f11545e4f727e00e16d83a386960c0  node-v11.15.0-linux-armv6l.tar.gz
+167c944d08316e002e350647881e657a73d7c33a0d43b40f588bf3dc0b0615b1  node-v11.15.0-linux-armv6l.tar.xz
+ae6c41d78df4c5ef4032128eda9abd49a549bff5c8a20fd32d1072b6e5e8556b  node-v11.15.0-linux-armv7l.tar.gz
+7396062da8af802124440305ccb8f62b6db2345581682735703be1b4bf05b213  node-v11.15.0-linux-armv7l.tar.xz
+cfac98ac524f28e4a1283b8148f81fafde4d0cebfceadcb2609e4a4f8427e94c  node-v11.15.0-linux-ppc64le.tar.gz
+4f4913250a2baf091f81b35d60d61a81ce34bb8e3ed5168fcfd395f7fed04b67  node-v11.15.0-linux-ppc64le.tar.xz
+51fb61db4312ec72b015db11ad95f599d9c931b65d6a187430a54dd1ddc578da  node-v11.15.0-linux-s390x.tar.gz
+d1587187251be765415ea5a9cf7c7aeba034fe3d45093d2de2add53802f02a87  node-v11.15.0-linux-s390x.tar.xz
+98bd18051cbdb39bbcda1ab169ca3fd3935d87e9cfc36e1b6fd6f609d46856bb  node-v11.15.0-linux-x64.tar.gz
+17424aef198fa322b93c79217ce7e8cdd264fed40383abbbd3e63c305ce1d7d8  node-v11.15.0-linux-x64.tar.xz
+1f8502e6652ab5c90210eafc2a1573f5aa88697644dadd718a0a94c77c3fa736  node-v11.15.0.pkg
+e52a29d968d5d0c7176578840b3612329b4bfc3dab071b75f9a3256d09fd14ac  node-v11.15.0-sunos-x64.tar.gz
+057550a4b6e4c5ea8c30f222fe9071dc0ee4e1239e2f358166be37fcd29a4969  node-v11.15.0-sunos-x64.tar.xz
+2045ace2fcf130b0f18b82b027015dd31b262c2c97fe9bf2533227c52b59c01c  node-v11.15.0.tar.gz
+68a776c5d8b8b91a8f2adac2ca4ce4390ae1804883ec7ec9c0d6a6a64d306a76  node-v11.15.0.tar.xz
+9308998adc6a70a73647e426561ff5f05bda926675888cdf98bc71ab104c5989  node-v11.15.0-win-x64.7z
+f3cef50acf566724a5ec5df7697fb527d7339cafdae6c7c406a39358aee6cdf8  node-v11.15.0-win-x64.zip
+fef827207376d90712f3c805616519d6ef95bac42bc3625f0546d17fdf7e12f8  node-v11.15.0-win-x86.7z
+44265a6474561c9e34c2ec0cdfe3b60cbb0d1ece81b56d702f028f9249451a7a  node-v11.15.0-win-x86.zip
+d383c648f637aa672f425431d4b97d3fd921bdb86e8502bb245794ad4832b1eb  node-v11.15.0-x64.msi
+b2d824007bfaa20b2194830f53f9a58f48a029ec6c78e0820fea7927a78e9f48  node-v11.15.0-x86.msi
+3567c207637df8cfbc17ed9705db80f61eb33f25636c634747450d35bf3f0dbf  win-x64/node.exe
+5d3b7f0cfec81d8005443ff7c2dd9ea8c02b86856ea8c7c395342219c48a4a9b  win-x64/node.lib
+8b8d643081d0f499fc587509da10d4fe23dd74d0e46d4aa2dee3a07cdd80b77b  win-x64/node_pdb.7z
+27e7bf1d545066861aa12b32924880470ed939ee0e5438231e3a02221324a360  win-x64/node_pdb.zip
+70d09f36f31376d97bd7142717597def00cd481bf1eb10cef25a0861419a9c72  win-x86/node.exe
+f8e3ac52d04d170b3d697697fa442520a25f59e27d9d75bbcaa3addb8ee2125d  win-x86/node.lib
+e55446bd49f5a5de19008e7983b6dc7b0b3b7f72e58d3ac73ece34542c58ad3a  win-x86/node_pdb.7z
+4d9f45f557ea3b59b8459b70b74c1a688b83dbb922ca81171374181c68847775  win-x86/node_pdb.zip

_constraints

@@ -0,0 +1,11 @@
+<?xml version="1.0"?>
+<constraints>
+  <hardware>
+    <disk>
+      <size unit="G">5</size>
+    </disk>
+    <memory>
+    <size unit="M">4500</size>
+    </memory>
+  </hardware>
+</constraints>

fix_ci_tests.patch

@@ -2,10 +2,10 @@ Author: Adam Majer <amajer@suse.de>
 Date: Dec 20 09:18:49 UTC 2017
 Summary: Fix CI unit tests framework for OBS building
 
-Index: node-v11.6.0/test/parallel/test-module-loading-globalpaths.js
+Index: node-v11.13.0/test/parallel/test-module-loading-globalpaths.js
 ===================================================================
---- node-v11.6.0.orig/test/parallel/test-module-loading-globalpaths.js
-+++ node-v11.6.0/test/parallel/test-module-loading-globalpaths.js
+--- node-v11.13.0.orig/test/parallel/test-module-loading-globalpaths.js
++++ node-v11.13.0/test/parallel/test-module-loading-globalpaths.js
 @@ -11,6 +11,9 @@ const { addLibraryPath } = require('../c
  
  addLibraryPath(process.env);
@@ -16,10 +16,10 @@ Index: node-v11.6.0/test/parallel/test-module-loading-globalpaths.js
  if (process.argv[2] === 'child') {
    console.log(require(pkgName).string);
  } else {
-Index: node-v11.6.0/test/parallel/test-tls-env-bad-extra-ca.js
+Index: node-v11.13.0/test/parallel/test-tls-env-bad-extra-ca.js
 ===================================================================
---- node-v11.6.0.orig/test/parallel/test-tls-env-bad-extra-ca.js
-+++ node-v11.6.0/test/parallel/test-tls-env-bad-extra-ca.js
+--- node-v11.13.0.orig/test/parallel/test-tls-env-bad-extra-ca.js
++++ node-v11.13.0/test/parallel/test-tls-env-bad-extra-ca.js
 @@ -36,7 +36,7 @@ fork(__filename, opts)
      // TODO(addaleax): Make `SafeGetenv` work like `process.env`
      // encoding-wise
@@ -29,10 +29,10 @@ Index: node-v11.6.0/test/parallel/test-tls-env-bad-extra-ca.js
        assert(re.test(stderr), stderr);
      }
    }))
-Index: node-v11.6.0/test/parallel/test-tls-passphrase.js
+Index: node-v11.13.0/test/parallel/test-tls-passphrase.js
 ===================================================================
---- node-v11.6.0.orig/test/parallel/test-tls-passphrase.js
-+++ node-v11.6.0/test/parallel/test-tls-passphrase.js
+--- node-v11.13.0.orig/test/parallel/test-tls-passphrase.js
++++ node-v11.13.0/test/parallel/test-tls-passphrase.js
 @@ -221,7 +221,7 @@ server.listen(0, common.mustCall(functio
    }, common.mustCall());
  })).unref();
@@ -42,10 +42,10 @@ Index: node-v11.6.0/test/parallel/test-tls-passphrase.js
  
  // Missing passphrase
  assert.throws(function() {
-Index: node-v11.6.0/test/parallel/test-crypto-scrypt.js
+Index: node-v11.13.0/test/parallel/test-crypto-scrypt.js
 ===================================================================
---- node-v11.6.0.orig/test/parallel/test-crypto-scrypt.js
-+++ node-v11.6.0/test/parallel/test-crypto-scrypt.js
+--- node-v11.13.0.orig/test/parallel/test-crypto-scrypt.js
++++ node-v11.13.0/test/parallel/test-crypto-scrypt.js
 @@ -169,7 +169,7 @@ for (const options of bad) {
  
  for (const options of toobig) {
@@ -55,10 +55,10 @@ Index: node-v11.6.0/test/parallel/test-crypto-scrypt.js
      type: Error,
    };
    common.expectsError(() => crypto.scrypt('pass', 'salt', 1, options, () => {}),
-Index: node-v11.6.0/test/parallel/test-repl-envvars.js
+Index: node-v11.13.0/test/parallel/test-repl-envvars.js
 ===================================================================
---- node-v11.6.0.orig/test/parallel/test-repl-envvars.js
-+++ node-v11.6.0/test/parallel/test-repl-envvars.js
+--- node-v11.13.0.orig/test/parallel/test-repl-envvars.js
++++ node-v11.13.0/test/parallel/test-repl-envvars.js
 @@ -2,12 +2,14 @@
  
  // Flags: --expose-internals
@@ -75,11 +75,11 @@ Index: node-v11.6.0/test/parallel/test-repl-envvars.js
  const tests = [
    {
      env: {},
-Index: node-v11.6.0/test/common/index.mjs
+Index: node-v11.13.0/test/common/index.mjs
 ===================================================================
---- node-v11.6.0.orig/test/common/index.mjs
-+++ node-v11.6.0/test/common/index.mjs
-@@ -42,6 +42,7 @@ const {
+--- node-v11.13.0.orig/test/common/index.mjs
++++ node-v11.13.0/test/common/index.mjs
+@@ -41,6 +41,7 @@ const {
    expectsError,
    skipIfInspectorDisabled,
    skipIf32Bits,
@@ -87,7 +87,7 @@ Index: node-v11.6.0/test/common/index.mjs
    getArrayBufferViews,
    getBufferSources,
    disableCrashOnUnhandledRejection,
-@@ -89,6 +90,7 @@ export {
+@@ -87,6 +88,7 @@ export {
    expectsError,
    skipIfInspectorDisabled,
    skipIf32Bits,
@@ -95,11 +95,11 @@ Index: node-v11.6.0/test/common/index.mjs
    getArrayBufferViews,
    getBufferSources,
    disableCrashOnUnhandledRejection,
-Index: node-v11.6.0/test/parallel/test-crypto-keygen.js
+Index: node-v11.13.0/test/parallel/test-crypto-keygen.js
 ===================================================================
---- node-v11.6.0.orig/test/parallel/test-crypto-keygen.js
-+++ node-v11.6.0/test/parallel/test-crypto-keygen.js
-@@ -149,7 +149,7 @@ const sec1EncExp = (cipher) => getRegExp
+--- node-v11.13.0.orig/test/parallel/test-crypto-keygen.js
++++ node-v11.13.0/test/parallel/test-crypto-keygen.js
+@@ -168,7 +168,7 @@ const sec1EncExp = (cipher) => getRegExp
      const publicKey = { key: publicKeyDER, ...publicKeyEncoding };
      assert.throws(() => {
        testSignVerify(publicKey, privateKey);
@@ -108,7 +108,16 @@ Index: node-v11.6.0/test/parallel/test-crypto-keygen.js
  
      const key = { key: privateKey, passphrase: 'secret' };
      testEncryptDecrypt(publicKey, key);
-@@ -193,7 +193,7 @@ const sec1EncExp = (cipher) => getRegExp
+@@ -202,7 +202,7 @@ const sec1EncExp = (cipher) => getRegExp
+         format: 'der',
+         type: 'pkcs8'
+       });
+-    }, /bad decrypt|asn1 encoding routines/);
++    }, /bad decrypt|asn1 encoding routines|bad password read/);
+ 
+     const privateKey = {
+       key: privateKeyDER,
+@@ -279,7 +279,7 @@ const sec1EncExp = (cipher) => getRegExp
          key: privateKeyDER,
          ...privateKeyEncoding
        });
@@ -117,7 +126,7 @@ Index: node-v11.6.0/test/parallel/test-crypto-keygen.js
  
      // Signing should work with the correct password.
      testSignVerify(publicKey, {
-@@ -254,7 +254,7 @@ const sec1EncExp = (cipher) => getRegExp
+@@ -340,7 +340,7 @@ const sec1EncExp = (cipher) => getRegExp
      // Since the private key is encrypted, signing shouldn't work anymore.
      assert.throws(() => {
        testSignVerify(publicKey, privateKey);
@@ -126,7 +135,7 @@ Index: node-v11.6.0/test/parallel/test-crypto-keygen.js
  
      testSignVerify(publicKey, { key: privateKey, passphrase: 'secret' });
    }));
-@@ -287,7 +287,7 @@ const sec1EncExp = (cipher) => getRegExp
+@@ -373,7 +373,7 @@ const sec1EncExp = (cipher) => getRegExp
      // Since the private key is encrypted, signing shouldn't work anymore.
      assert.throws(() => {
        testSignVerify(publicKey, privateKey);
@@ -135,11 +144,11 @@ Index: node-v11.6.0/test/parallel/test-crypto-keygen.js
  
      testSignVerify(publicKey, {
        key: privateKey,
-Index: node-v11.6.0/test/parallel/test-fs-utimes.js
+Index: node-v11.13.0/test/parallel/test-fs-utimes.js
 ===================================================================
---- node-v11.6.0.orig/test/parallel/test-fs-utimes.js
-+++ node-v11.6.0/test/parallel/test-fs-utimes.js
-@@ -187,7 +187,7 @@ const path = `${tmpdir.path}/test-utimes
+--- node-v11.13.0.orig/test/parallel/test-fs-utimes.js
++++ node-v11.13.0/test/parallel/test-fs-utimes.js
+@@ -145,7 +145,7 @@ const path = `${tmpdir.path}/test-utimes
  fs.writeFileSync(path, '');
  
  // Test Y2K38 for all platforms [except 'arm', 'OpenBSD' and 'SunOS']
@@ -148,11 +157,11 @@ Index: node-v11.6.0/test/parallel/test-fs-utimes.js
    const Y2K38_mtime = 2 ** 31;
    fs.utimesSync(path, Y2K38_mtime, Y2K38_mtime);
    const Y2K38_stats = fs.statSync(path);
-Index: node-v11.6.0/Makefile
+Index: node-v11.13.0/Makefile
 ===================================================================
---- node-v11.6.0.orig/Makefile
-+++ node-v11.6.0/Makefile
-@@ -486,7 +486,7 @@ test-ci-js: | clear-stalled
+--- node-v11.13.0.orig/Makefile
++++ node-v11.13.0/Makefile
+@@ -500,7 +500,7 @@ test-ci-js: | clear-stalled
  .PHONY: test-ci
  # Related CI jobs: most CI tests, excluding node-test-commit-arm-fanned
  test-ci: LOGLEVEL := info
@@ -161,7 +170,7 @@ Index: node-v11.6.0/Makefile
  	out/Release/cctest --gtest_output=tap:cctest.tap
  	$(PYTHON) tools/test.py $(PARALLEL_ARGS) -p tap --logfile test.tap \
  		--mode=$(BUILDTYPE_LOWER) --flaky-tests=$(FLAKY_TESTS) \
-@@ -657,11 +657,12 @@ apidocs_json = $(addprefix out/,$(apidoc
+@@ -671,11 +671,12 @@ apidocs_json = $(addprefix out/,$(apidoc
  apiassets = $(subst api_assets,api/assets,$(addprefix out/,$(wildcard doc/api_assets/*)))
  
  tools/doc/node_modules: tools/doc/package.json
@@ -179,3 +188,33 @@ Index: node-v11.6.0/Makefile
  
  .PHONY: doc-only
  doc-only: tools/doc/node_modules \
+Index: node-v11.13.0/test/parallel/test-child-process-spawnsync-args.js
+===================================================================
+--- node-v11.13.0.orig/test/parallel/test-child-process-spawnsync-args.js
++++ node-v11.13.0/test/parallel/test-child-process-spawnsync-args.js
+@@ -12,6 +12,8 @@ const { spawnSync } = require('child_pro
+ const common = require('../common');
+ const tmpdir = require('../common/tmpdir');
+ 
++tmpdir.refresh();
++
+ const command = common.isWindows ? 'cd' : 'pwd';
+ const options = { cwd: tmpdir.path };
+ 
+Index: node-v11.13.0/test/parallel/test-dns.js
+===================================================================
+--- node-v11.13.0.orig/test/parallel/test-dns.js
++++ node-v11.13.0/test/parallel/test-dns.js
+@@ -315,12 +315,3 @@ common.expectsError(() => {
+   type: TypeError
+ });
+ 
+-{
+-  dns.resolveMx('foo.onion', function(err) {
+-    assert.deepStrictEqual(err.errno, 'ENOTFOUND');
+-    assert.deepStrictEqual(err.code, 'ENOTFOUND');
+-    assert.deepStrictEqual(err.syscall, 'queryMx');
+-    assert.deepStrictEqual(err.hostname, 'foo.onion');
+-    assert.deepStrictEqual(err.message, 'queryMx ENOTFOUND foo.onion');
+-  });
+-}

flaky_test_rerun.patch

@@ -1,23 +1,21 @@
-diff --git a/tools/test.py b/tools/test.py
-index 67b8cb917e..51aaa3f8e0 100755
---- a/tools/test.py
-+++ b/tools/test.py
-@@ -512,11 +512,17 @@ class TestCase(object):
+Index: node-v10.15.3/tools/test.py
+===================================================================
+--- node-v10.15.3.orig/tools/test.py
++++ node-v10.15.3/tools/test.py
+@@ -539,6 +539,16 @@ class TestCase(object):
+                       self.context.store_unexpected_output)
  
-   def RunCommand(self, command, env):
-     full_command = self.context.processor(command)
--    output = Execute(full_command,
+   def Run(self):
 +    reruns = 0
 +    while (reruns < 5):
 +        reruns += 1
-+      output = Execute(full_command,
-                      self.context,
-                      self.context.GetTimeout(self.mode),
-                      env,
-                      disable_core_files = self.disable_core_files)
-+      if output.exit_code == 0:
-+        break;
-+      print("FLAKY rerun: ", command)
-     return TestOutput(self,
-                       full_command,
-                       output,
++        result = self.OriginalRun()
++        if (not result.HasFailed()):
++            break
++        print("FLAKY TEST rerun: ", self.GetCommand())
++    return result
++
++  def OriginalRun(self):
+     try:
+       result = self.RunCommand(self.GetCommand(), {
+         "TEST_THREAD_ID": "%d" % self.thread_id,

node-gyp-addon-gypi.patch

@@ -1,7 +1,5 @@
-Index: node-v9.1.0/addon-rpm.gypi
-===================================================================
 --- /dev/null
-+++ node-v9.1.0/addon-rpm.gypi
++++ b/addon-rpm.gypi
 @@ -0,0 +1,35 @@
 +{
 +  'target_defaults': {
@@ -38,10 +36,8 @@ Index: node-v9.1.0/addon-rpm.gypi
 +    ]
 +  }
 +}
-Index: node-v9.1.0/deps/npm/node_modules/node-gyp/lib/configure.js
-===================================================================
---- node-v9.1.0.orig/deps/npm/node_modules/node-gyp/lib/configure.js
-+++ node-v9.1.0/deps/npm/node_modules/node-gyp/lib/configure.js
+--- a/deps/npm/node_modules/node-gyp/lib/configure.js
++++ b/deps/npm/node_modules/node-gyp/lib/configure.js
 @@ -62,10 +62,6 @@ function configure (gyp, argv, callback)
        if ('v' + release.version !== process.version) {
          // if --target was given, then determine a target version to compile for
@@ -53,7 +49,7 @@ Index: node-v9.1.0/deps/npm/node_modules/node-gyp/lib/configure.js
  
        if (!release.semver) {
          // could not parse the version string with semver
-@@ -80,6 +76,12 @@ function configure (gyp, argv, callback)
+@@ -82,6 +78,12 @@ function configure (gyp, argv, callback)
          nodeDir = path.resolve(gyp.devDir, release.versionDir)
          createBuildDir()
        })
@@ -66,7 +62,7 @@ Index: node-v9.1.0/deps/npm/node_modules/node-gyp/lib/configure.js
      }
    }
  
-@@ -271,7 +273,8 @@ function configure (gyp, argv, callback)
+@@ -280,7 +282,8 @@ function configure (gyp, argv, callback)
  
      // this logic ported from the old `gyp_addon` python file
      var gyp_script = path.resolve(__dirname, '..', 'gyp', 'gyp_main.py')

node-v11.15.0.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:68a776c5d8b8b91a8f2adac2ca4ce4390ae1804883ec7ec9c0d6a6a64d306a76
+size 22115480

node-v11.6.0.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:94f2be389c80ab939114f67c824db7ebd12df602358b7481c55431336bbff9b3
-size 20410716

nodejs-libpath.patch

@@ -1,8 +1,8 @@
-Index: node-v9.11.1/tools/install.py
+Index: node-v11.15.0/tools/install.py
 ===================================================================
---- node-v9.11.1.orig/tools/install.py
-+++ node-v9.11.1/tools/install.py
-@@ -6,6 +6,7 @@ import os
+--- node-v11.15.0.orig/tools/install.py
++++ node-v11.15.0/tools/install.py
+@@ -7,6 +7,7 @@ import os
  import re
  import shutil
  import sys
@@ -10,8 +10,8 @@ Index: node-v9.11.1/tools/install.py
  from getmoduleversion import get_version
  
  # set at init time
-@@ -77,7 +78,7 @@ def install(paths, dst): map(lambda path
- def uninstall(paths, dst): map(lambda path: try_remove(path, dst), paths)
+@@ -81,7 +82,7 @@ def uninstall(paths, dst):
+     try_remove(path, dst)
  
  def npm_files(action):
 -  target_path = 'lib/node_modules/npm/'
@@ -19,7 +19,7 @@ Index: node-v9.11.1/tools/install.py
  
    # don't install npm if the target path is a symlink, it probably means
    # that a dev version of npm is installed there
-@@ -95,7 +96,7 @@ def npm_files(action):
+@@ -99,7 +100,7 @@ def npm_files(action):
    if action == uninstall:
      action([link_path], 'bin/npm')
    elif action == install:
@@ -28,7 +28,16 @@ Index: node-v9.11.1/tools/install.py
    else:
      assert(0) # unhandled action type
  
-@@ -140,7 +141,7 @@ def files(action):
+@@ -108,7 +109,7 @@ def npm_files(action):
+   if action == uninstall:
+     action([link_path], 'bin/npx')
+   elif action == install:
+-    try_symlink('../lib/node_modules/npm/bin/npx-cli.js', link_path)
++    try_symlink('../' + sysconfig.get_config_var("LIB") + '/node_modules/npm/bin/npx-cli.js', link_path)
+   else:
+     assert(0) # unhandled action type
+ 
+@@ -144,7 +145,7 @@ def files(action):
      action([output_prefix + output_file], 'lib/' + output_file)
  
    if 'true' == variables.get('node_use_dtrace'):
@@ -37,11 +46,11 @@ Index: node-v9.11.1/tools/install.py
  
    # behave similarly for systemtap
    action(['src/node.stp'], 'share/systemtap/tapset/')
-Index: node-v9.11.1/lib/internal/modules/cjs/loader.js
+Index: node-v11.15.0/lib/internal/modules/cjs/loader.js
 ===================================================================
---- node-v9.11.1.orig/lib/internal/modules/cjs/loader.js
-+++ node-v9.11.1/lib/internal/modules/cjs/loader.js
-@@ -716,7 +716,7 @@ Module._initPaths = function() {
+--- node-v11.15.0.orig/lib/internal/modules/cjs/loader.js
++++ node-v11.15.0/lib/internal/modules/cjs/loader.js
+@@ -907,7 +907,7 @@ Module._initPaths = function() {
    } else {
      prefixDir = path.resolve(process.execPath, '..', '..');
    }

nodejs11.changes

@@ -1,3 +1,164 @@
+-------------------------------------------------------------------
+Mon Jul 29 09:00:19 UTC 2019 - Adam Majer <adam.majer@suse.de>
+
+- CVE-2019-13173.patch: fix potential file overwrite via hardlink
+  in fstream.DirWriter() function (bsc#1140290, CVE-2019-13173)
+
+-------------------------------------------------------------------
+Fri May  3 12:32:00 UTC 2019 - Adam Majer <adam.majer@suse.de>
+
+- New upstream release 11.15.0:
+  * tls:
+    + add --tls-min-v1.2 CLI switch
+    + supported shared openssl 1.1.0
+    + revert default max toTLSv1.2
+    + revert change to invalid protocol error type
+    + support TLSv1.3
+    + add code for ERR_TLS_INVALID_PROTOCOL_METHOD
+
+- Changes in release 11.14.0:
+  * child_process: doc deprecate ChildProcess._channel
+  * deps: update bundled nghttp2 to 1.37.0
+  * dns:
+    + make dns.promises enumerable
+    + remove dns.promises experimental warning
+  * fs: remove experimental warning for fs.promises
+  * stream: make Symbol.asyncIterator support stable
+  * worker: use copy of process.env
+
+-------------------------------------------------------------------
+Sun Apr  7 18:16:21 UTC 2019 - Guillaume GARDET <guillaume.gardet@opensuse.org>
+
+- Add _constraints file to avoid OOM errors
+
+-------------------------------------------------------------------
+Fri Apr  5 12:59:05 UTC 2019 - Adam Majer <adam.majer@suse.de>
+
+- New upstream release 11.13.0:
+  * crypto: Allow deriving public from private keys
+  * events: Added a once function to use EventEmitter with promises
+  * tty:
+    + Added a hasColors method to WriteStream
+    + Added NO_COLOR and FORCE_COLOR support
+  * v8: Added v8.getHeapSnapshot and v8.writeHeapSnapshot to
+    generate snapshots in the format used by tools such as Chrome
+  * worker: Added worker.moveMessagePortToContext
+  * C++ API:
+    + AddPromiseHook is now deprecated.
+    + Added a Stop API to shut down Node.js while it is running
+
+- Changes in release 11.12.0:
+  * bootstrap: Add experimental --frozen-intrinsics flag
+  * deps: Upgrade openssl to 1.1.1b
+  * process: Make process[Symbol.toStringTag] writable again
+  * repl: Add util.inspect.replDefaults to customize the writer
+  * report: Rename triggerReport() to writeReport()
+
+- fix_ci_tests.patch: add another exception for our OpenSSL library
+- versioned.patch: refresh
+
+-------------------------------------------------------------------
+Thu Mar  7 16:14:11 UTC 2019 - Adam Majer <adam.majer@suse.de>
+
+- New upstream release 11.11.0:
+  * n-api: Implement date object
+  * util: Add compact depth mode for util.inspect()
+  * worker:
+    + Improve integration with native addons
+    + MessagePort.prototype.onmessage takes arguments closer to
+      the Web specification now
+
+-------------------------------------------------------------------
+Thu Feb 28 13:23:03 UTC 2019 - Adam Majer <adam.majer@suse.de>
+
+- New upstream release 11.10.1:
+  * http: Further prevention of "Slowloris" attacks on HTTP and HTTPS
+  connections by consistently applying the receive timeout set by
+  server.headersTimeout to connections in keep-alive mode.
+  (CVE-2019-5737, bsc#1127532)
+
+-------------------------------------------------------------------
+Fri Feb 15 13:00:06 UTC 2019 - adam.majer@suse.de
+
+- New upstream release 11.10.0:
+  * child_process: close pipe ends that are re-piped
+  * crypto:
+    + don't crash X509ToObject on error
+    + fix public key encoding name in comment
+  * deps: npm updated to 6.7.0
+  * http:
+    + improve performance for incoming headers
+    + makes response.writeHead return the response
+    + make timeout event work with agent timeout
+  * http2: makes response.writeHead return the response
+  * perf_hooks: implement histogram based api
+  * process:
+    + normalize process.argv before user code execution
+    + expose process.features.inspector
+  * repl: add repl.setupHistory for programmatic repl
+  * tls: introduce client 'session' event
+
+- fix_ci_tests.patch: remove part of parallel/test-dns
+- versioned.patch: refreshed
+
+-------------------------------------------------------------------
+Fri Feb  1 12:40:17 UTC 2019 - adam.majer@suse.de
+
+- nodejs.keyring: update keyring to today's list as per
+  https://github.com/nodejs/node
+
+-------------------------------------------------------------------
+Fri Feb  1 11:42:30 UTC 2019 - adam.majer@suse.de
+
+- New upstream release 11.9.0:
+  * internal changes to ship OpenSSL 1.1.1, which has already been
+    used on all openSUSE platforms.
+
+- test-brotli.patch: removed, upstreamed
+
+-------------------------------------------------------------------
+Mon Jan 28 14:18:16 UTC 2019 - adam.majer@suse.de
+
+- New upstream releases 11.8.0:
+  * events: For unhandled error events with an argument that is not
+    an Error object, the resulting exeption will have more information
+    about the argument.
+  * child_process: When the maxBuffer option is passed, stdout and
+    stderr will be truncated rather than unavailable in case of an error.
+  * policy: Experimental support for module integrity checks through
+    a manifest file is implemented now.
+  * n-api: The napi_threadsafe_function feature is now stable.
+  * report: An experimental diagnostic API for capturing process state
+    is available as process.report and through command line flags.
+  * tls: tls.connect() takes a timeout option analogous to
+    the net.connect() one.
+  * worker:
+    + process.umask() is available as a read-only function inside
+      Worker threads
+    + An execArgv option that supports a subset of Node.js command
+      line options is now supported.
+
+- Changes in version 11.7.0:
+  * compression / zlib: Added brotli support
+  * console: Added inspectOptions option
+  * crypto: Always accept private keys as public keys
+  * deps: Upgrade npm to v6.5.0
+  * fs: Use internalBinding('fs') internally instead of
+    process.binding('fs')
+  * http(s): Support overriding http(s).globalAgent
+  * util: Inspect ArrayBuffers contents closely
+  * worker: Expose workers and remove --experimental-worker flag
+
+- test-brotli.patch: fixes assumption about compression
+- versioned.patch: refreshed
+- nodejs-libpath.patch: refreshed
+
+-------------------------------------------------------------------
+Thu Jan 10 15:57:15 UTC 2019 - adam.majer@suse.de
+
+- versioned.patch: set correct node version in environment
+  (bsc#1121188)
+
 -------------------------------------------------------------------
 Mon Jan  7 13:31:31 UTC 2019 - adam.majer@suse.de
 
@@ -33,6 +194,7 @@ Mon Jan  7 13:31:31 UTC 2019 - adam.majer@suse.de
 - fix_ci_tests.patch: refreshed
 - versioned.patch: refreshed
 - skip_test_on_lowmem.patch: skip test on low-memory build machine
+- env_shebang.patch: dropped in favour of programmatic update
 
 -------------------------------------------------------------------
 Thu Dec  6 12:57:45 UTC 2018 - adam.majer@suse.de

nodejs11.spec

@@ -25,16 +25,20 @@
 ###########################################################
 
 Name:           nodejs11
-Version:        11.6.0
+Version:        11.15.0
 Release:        0
 
 %define node_version_number 11
 
+%if %node_version_number >= 12
+%define openssl_req_ver 1.1.1
+%else
 %if %node_version_number >= 10
 %define openssl_req_ver 1.1.0
 %else # node8 or older
 %define openssl_req_ver 1.0.2
 %endif
+%endif
 
 %bcond_with    valgrind_tests
 
@@ -115,9 +119,12 @@ Source20:       bash_output_helper.bash
 
 ## Patches not distribution specific
 Patch3:         fix_ci_tests.patch
+Patch7:         manual_configure.patch
 Patch9:         dont_return_garbage.patch
 
 
+Patch31:        CVE-2019-13173.patch
+
 ## Patches specific to SUSE and openSUSE
 # PATCH-FIX-OPENSUSE -- set correct path for dtrace if it is built
 Patch101:       nodejs-libpath.patch
@@ -270,9 +277,13 @@ Group:          Development/Languages/NodeJS
 Requires:       %{name}-devel = %{version}
 Provides:       nodejs-npm = %{version}
 Obsoletes:      nodejs-npm < 4.0.0
-Provides:       npm(npm) = 6.5.0
+Provides:       npm(npm) = 6.7.0
 Provides:       npm = %{version}
 %if 0%{?suse_version} >= 1500
+%if %{node_version_number} >= 10
+Requires:       user(nobody)
+Requires:       group(nobody)
+%endif
 Recommends:     python2
 %else
 Recommends:     python
@@ -308,9 +319,11 @@ tar Jxvf %{SOURCE11}
 %patch3 -p1
 %if ! 0%{with intree_openssl}
 %endif
+%patch7 -p1
 %patch9 -p1
 %if 0%{with valgrind_tests}
 %endif
+%patch31 -p1
 %patch101 -p1
 %patch102 -p1
 # Add check_output to configure script (not part of Python 2.6 in SLE11).
@@ -356,7 +369,7 @@ find -name *.md.orig -delete
 # percent-configure pulls in something that confuses node's configure
 # script, so we'll do it thus:
 export CFLAGS="%{optflags}"
-export CXXFLAGS="%{optflags}"
+export CXXFLAGS="%{optflags} -Wno-class-memaccess"
 
 %if 0%{?cc_exec:1}
 export CC=%{?cc_exec}
@@ -368,6 +381,9 @@ export CXX=%{?cpp_exec}
 
 ./configure \
     --prefix=%{_prefix} \
+%if %{node_version_number} >= 12
+    --enable-lto \
+%endif
 %if ! 0%{with intree_openssl}
     --shared-openssl \
 %endif

versioned.patch

@@ -8,11 +8,11 @@ management via update_alternatives.
 
 This is also important for generation of binary
 modules for multiple versions of NodeJS
-Index: node-v11.6.0/Makefile
+Index: node-v11.15.0/Makefile
 ===================================================================
---- node-v11.6.0.orig/Makefile
-+++ node-v11.6.0/Makefile
-@@ -43,7 +43,7 @@ BUILDTYPE_LOWER := $(shell echo $(BUILDT
+--- node-v11.15.0.orig/Makefile
++++ node-v11.15.0/Makefile
+@@ -44,7 +44,7 @@ BUILDTYPE_LOWER := $(shell echo $(BUILDT
  EXEEXT := $(shell $(PYTHON) -c \
  		"import sys; print('.exe' if sys.platform == 'win32' else '')")
  
@@ -21,12 +21,12 @@ Index: node-v11.6.0/Makefile
  NODE ?= ./$(NODE_EXE)
  NODE_G_EXE = node_g$(EXEEXT)
  NPM ?= ./deps/npm/bin/npm-cli.js
-Index: node-v11.6.0/tools/install.py
+Index: node-v11.15.0/tools/install.py
 ===================================================================
---- node-v11.6.0.orig/tools/install.py
-+++ node-v11.6.0/tools/install.py
-@@ -77,7 +77,7 @@ def install(paths, dst): map(lambda path
- def uninstall(paths, dst): map(lambda path: try_remove(path, dst), paths)
+--- node-v11.15.0.orig/tools/install.py
++++ node-v11.15.0/tools/install.py
+@@ -82,7 +82,7 @@ def uninstall(paths, dst):
+     try_remove(path, dst)
  
  def npm_files(action):
 -  target_path = sysconfig.get_config_var("LIB") + '/node_modules/npm/'
@@ -34,7 +34,7 @@ Index: node-v11.6.0/tools/install.py
  
    # don't install npm if the target path is a symlink, it probably means
    # that a dev version of npm is installed there
-@@ -91,20 +91,20 @@ def npm_files(action):
+@@ -96,20 +96,20 @@ def npm_files(action):
      action(paths, target_path + dirname[9:] + '/')
  
    # create/remove symlink
@@ -56,12 +56,12 @@ Index: node-v11.6.0/tools/install.py
 -    action([link_path], 'bin/npx')
 +    action([link_path], 'bin/npx11')
    elif action == install:
--    try_symlink('../lib/node_modules/npm/bin/npx-cli.js', link_path)
-+    try_symlink("../" + sysconfig.get_config_var("LIB") + '/node_modules/npm11/bin/npx-cli.js', link_path)
+-    try_symlink('../' + sysconfig.get_config_var("LIB") + '/node_modules/npm/bin/npx-cli.js', link_path)
++    try_symlink('../' + sysconfig.get_config_var("LIB") + '/node_modules/npm11/bin/npx-cli.js', link_path)
    else:
      assert(0) # unhandled action type
  
-@@ -118,7 +118,7 @@ def subdir_files(path, dest, action):
+@@ -123,7 +123,7 @@ def subdir_files(path, dest, action):
  
  def files(action):
    is_windows = sys.platform == 'win32'
@@ -70,7 +70,7 @@ Index: node-v11.6.0/tools/install.py
    output_prefix = 'out/Release/'
  
    if 'false' == variables.get('node_shared'):
-@@ -143,7 +143,7 @@ def files(action):
+@@ -148,7 +148,7 @@ def files(action):
      action(['out/Release/node.d'], sysconfig.get_config_var("LIB") + '/dtrace/node.d')
  
    # behave similarly for systemtap
@@ -79,7 +79,7 @@ Index: node-v11.6.0/tools/install.py
  
    action(['deps/v8/tools/gdbinit'], 'share/doc/node/')
    action(['deps/v8/tools/lldb_commands.py'], 'share/doc/node/')
-@@ -151,7 +151,7 @@ def files(action):
+@@ -156,7 +156,7 @@ def files(action):
    if 'freebsd' in sys.platform or 'openbsd' in sys.platform:
      action(['doc/node.1'], 'man/man1/')
    else:
@@ -88,7 +88,7 @@ Index: node-v11.6.0/tools/install.py
  
    if 'true' == variables.get('node_install_npm'): npm_files(action)
  
-@@ -177,28 +177,28 @@ def headers(action):
+@@ -182,28 +182,28 @@ def headers(action):
      'src/node_buffer.h',
      'src/node_object_wrap.h',
      'src/node_version.h',
@@ -125,10 +125,10 @@ Index: node-v11.6.0/tools/install.py
  
  def run(args):
    global node_prefix, install_path, target_defaults, variables
-Index: node-v11.6.0/doc/node.1
+Index: node-v11.15.0/doc/node.1
 ===================================================================
---- node-v11.6.0.orig/doc/node.1
-+++ node-v11.6.0/doc/node.1
+--- node-v11.15.0.orig/doc/node.1
++++ node-v11.15.0/doc/node.1
 @@ -30,24 +30,24 @@
  .Dt NODE 1
  .
@@ -158,10 +158,10 @@ Index: node-v11.6.0/doc/node.1
  .Op Fl -v8-options
  .
  .\"======================================================================
-Index: node-v11.6.0/src/node.stp
+Index: node-v11.15.0/src/node.stp
 ===================================================================
---- node-v11.6.0.orig/src/node.stp
-+++ node-v11.6.0/src/node.stp
+--- node-v11.15.0.orig/src/node.stp
++++ node-v11.15.0/src/node.stp
 @@ -19,7 +19,7 @@
  // OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
  // USE OR OTHER DEALINGS IN THE SOFTWARE.
@@ -234,12 +234,12 @@ Index: node-v11.6.0/src/node.stp
  {
    scavenge = 1 << 0;
    compact = 1 << 1;
-Index: node-v11.6.0/deps/npm/man/man1/npm.1
+Index: node-v11.15.0/deps/npm/man/man1/npm.1
 ===================================================================
---- node-v11.6.0.orig/deps/npm/man/man1/npm.1
-+++ node-v11.6.0/deps/npm/man/man1/npm.1
+--- node-v11.15.0.orig/deps/npm/man/man1/npm.1
++++ node-v11.15.0/deps/npm/man/man1/npm.1
 @@ -1,11 +1,11 @@
- .TH "NPM" "1" "November 2018" "" ""
+ .TH "NPM" "1" "January 2019" "" ""
  .SH "NAME"
 -\fBnpm\fR \- javascript package manager
 +\fBnpm11\fR \- javascript package manager
@@ -347,11 +347,11 @@ Index: node-v11.6.0/deps/npm/man/man1/npm.1
  
  .RE
  
-Index: node-v11.6.0/node.gyp
+Index: node-v11.15.0/node.gyp
 ===================================================================
---- node-v11.6.0.orig/node.gyp
-+++ node-v11.6.0/node.gyp
-@@ -21,8 +21,8 @@
+--- node-v11.15.0.orig/node.gyp
++++ node-v11.15.0/node.gyp
+@@ -23,8 +23,8 @@
      'node_shared_openssl%': 'false',
      'node_v8_options%': '',
      'node_enable_v8_vtunejit%': 'false',
@@ -361,23 +361,23 @@ Index: node-v11.6.0/node.gyp
 +    'node_lib_target_name%': 'node11_lib',
      'node_intermediate_lib_type%': 'static_library',
      'library_files': [
-       'lib/internal/per_context.js',
-Index: node-v11.6.0/src/node_main.cc
+       'lib/internal/bootstrap/primordials.js',
+Index: node-v11.15.0/src/node_main.cc
 ===================================================================
---- node-v11.6.0.orig/src/node_main.cc
-+++ node-v11.6.0/src/node_main.cc
-@@ -119,6 +119,7 @@ int main(int argc, char* argv[]) {
+--- node-v11.15.0.orig/src/node_main.cc
++++ node-v11.15.0/src/node_main.cc
+@@ -121,6 +121,7 @@ int main(int argc, char* argv[]) {
  #endif
    // Disable stdio buffering, it interacts poorly with printf()
    // calls elsewhere in the program (e.g., any logging from V8.)
-+  setenv("NODE_VERSION", "10", 0);
++  setenv("NODE_VERSION", "11", 0);
    setvbuf(stdout, nullptr, _IONBF, 0);
    setvbuf(stderr, nullptr, _IONBF, 0);
    return node::Start(argc, argv);
-Index: node-v11.6.0/deps/npm/man/man1/npx.1
+Index: node-v11.15.0/deps/npm/man/man1/npx.1
 ===================================================================
---- node-v11.6.0.orig/deps/npm/man/man1/npx.1
-+++ node-v11.6.0/deps/npm/man/man1/npx.1
+--- node-v11.15.0.orig/deps/npm/man/man1/npx.1
++++ node-v11.15.0/deps/npm/man/man1/npx.1
 @@ -1,32 +1,32 @@
  .TH "NPX" "1" "April 2018" "npx@10.1.1" "User Commands"
  .SH "NAME"
@@ -461,13 +461,13 @@ Index: node-v11.6.0/deps/npm/man/man1/npx.1
 +\fBnpm11\-config(7)\fP
  
  .RE
-Index: node-v11.6.0/tools/test.py
+Index: node-v11.15.0/tools/test.py
 ===================================================================
---- node-v11.6.0.orig/tools/test.py
-+++ node-v11.6.0/tools/test.py
-@@ -933,7 +933,7 @@ class Context(object):
- 
-   def GetVm(self, arch, mode):
+--- node-v11.15.0.orig/tools/test.py
++++ node-v11.15.0/tools/test.py
+@@ -949,7 +949,7 @@ class Context(object):
+     if self.vm is not None:
+       return self.vm
      if arch == 'none':
 -      name = 'out/Debug/node' if mode == 'debug' else 'out/Release/node'
 +      name = 'out/Debug/node' if mode == 'debug' else 'out/Release/node11'