nodejs/nodejs18
SHA256
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Commit Graph

  • 504746daf4 - Update to 18.20.8: * async_hooks,inspector: implement inspector api without async_wrap * deps: update undici to v5.29.0 - Build with PIE (bsc#1239949) main Adam Majer 2025-04-08 13:11:25 +00:00
  • 4f1d302c47 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=86 Adam Majer 2025-01-22 12:02:57 +00:00
  • 8dada3c946 - Update to 18.20.6 * src: fix HTTP2 mem leak on premature close and ERR_PROTO (bsc#1236250, CVE-2025-23085) * deps: Use of Insufficiently Random Values in undici fetch() (bsc#1236258, CVE-2025-22150) Adam Majer 2025-01-22 11:29:41 +00:00
  • 6535b83f74 - nodejs.keyring: sync with upstream releaser list Adam Majer 2024-12-05 10:31:40 +00:00
  • d3334dffe8 - Update to 18.20.5 * esm: mark import attributes and JSON module as stable * deps: + upgrade npm to 10.8.2 + update simdutf to 5.6.0 + update brotli to 1.1.0 + update ada to 2.8.0 + update acorn to 8.13.0 + update acorn-walk to 8.3.4 + update c-ares to 1.29.0 - CVE-2024-21538.patch: fixes regular expression denial of service (bsc#1233856, CVE-2024-21538) - fix_ci_tests.patch, versioned.patch: refreshed Adam Majer 2024-12-04 16:19:46 +00:00
  • 21e084b8dc OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=82 Adam Majer 2024-11-04 15:01:00 +00:00
  • 97cbc66072 - openssl31.patch: fix unit tests with OpenSSL 3.1 (bsc#1232756) Adam Majer 2024-11-04 14:53:20 +00:00
  • 553ad0cd65 - Update to 18.20.4 * Bypass incomplete fix of CVE-2024-27980 (bsc#1227560, CVE-2024-36138) * Bypass network import restriction via data URL (bsc#1227554, CVE-2024-22020) Adam Majer 2024-07-12 13:42:15 +00:00
  • 6c3cb6b255 - Update to 18.20.3: * This release fixes a regression introduced in Node.js 18.19.0 where http.server.close() was incorrectly closing idle connections. * deps: + acorn updated to 8.11.3. + acorn-walk updated to 8.3.2. + ada updated to 2.7.8. + c-ares updated to 1.28.1. + corepack updated to 0.28.0. + nghttp2 updated to 1.61.0. + ngtcp2 updated to 1.3.0. + npm updated to 10.7.0. Includes a fix from npm@10.5.1 to limit the number of open connections npm/cli#7324. + simdutf updated to 5.2.4. - Changes in 18.20.2: * fixes bsc#1222665, CVE-2024-27980 - windows only bug - versioned.patch, npm_search_paths.patch: refreshed Adam Majer 2024-05-28 12:17:53 +00:00
  • 318ddc1bc1 - cares_sle12_capabilities.patch: no get_random() on sle12 Adam Majer 2024-04-10 12:47:26 +00:00
  • c6d7cd750d + undici version 5.28.4 (bsc#1222530, bsc#1222603, CVE-2024-30260, CVE-2024-30261) Adam Majer 2024-04-10 11:02:40 +00:00
  • 0235124643 - Update to 18.20.1: * CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High) (bsc#1222244) * CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation- (Medium) (bsc#1222384) * updated dependencies: + llhttp version 9.2.1 + undici version 5.28.4 (bsc#1222530, CVE-2024-30260) Adam Majer 2024-04-09 14:48:11 +00:00
  • 7390dfe047 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=75 Adam Majer 2024-04-03 14:49:35 +00:00
  • bb017bf45f - Update to 18.20.0: * Added support for import attributes * vm: fix V8 compilation cache support for vm.Script - versioned.patch: refreshed * libuv version 1.48.0 (CVE-2024-24806, bsc#1220053) Adam Majer 2024-04-02 15:06:47 +00:00
  • 7ba0824280 - Update to 18.19.1: (security updates) * (CVE-2024-21892, bsc#1219992) - Code injection and privilege escalation through Linux capabilities- (High) * (CVE-2024-22019, bsc#1219993) - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High) * (CVE-2023-46809, bsc#1219997) - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium) * (CVE-2024-22025, bsc#1220014) - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium) * undici version 5.28.3 (CVE-2024-24758, bsc#1220017) * libuv version 1.48.0 (CVE-2024-24806, bsc#1219724) Adam Majer 2024-02-16 16:25:58 +00:00
  • 7cb40b70e6 typo Adam Majer 2023-12-19 15:02:47 +00:00
  • 3bf7ecbdc2 - sle12-node-gyp-addon-gypi.patch: added variant of node-gyp-addon-gypi.patch for SLE12 compatibility. node-gyp-addon-gypi.patch is for SLE15+ Adam Majer 2023-12-19 12:28:43 +00:00
  • de9309e0dd OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=70 Adam Majer 2023-12-18 10:43:15 +00:00
  • 3ee464da9b - Update to LTS version 18.19.0 * deps: npm updates to 10.x * esm: + Leverage loaders when resolving subsequent loaders + import.meta.resolve unflagged + --experimental-default-type flag to flip module defaults For details, see https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md - node-gyp-addon-gypi.patch, fix_ci_tests.patch, versioned.patch: refreshed Adam Majer 2023-12-18 10:30:14 +00:00
  • 7b091244b7 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=68 Adam Majer 2023-10-16 10:21:35 +00:00
  • ac408092d1 - Security update to version 18.18.2 * (CVE-2023-44487, bsc#1216190): nghttp2 Security Release * (CVE-2023-45143, bsc#1216205): undici Security Release * (CVE-2023-38552, bsc#1216272): Integrity checks according to policies can be circumvented * (CVE-2023-39333, bsc#1216273): Code injection via WebAssembly export names Adam Majer 2023-10-16 10:17:26 +00:00
  • 61ab794373 - Update to LTS version 18.18.1 * deps: libuv update in 18.18.0 broke webpack's thread-loader. This update should fix this. Adam Majer 2023-10-11 08:57:11 +00:00
  • 0e65c4c0ca - Update to LTS version 18.18.0 * build: sync libuv header change * deps: add missing thread-common.c in uv.gyp * deps: upgrade to libuv 1.46.0 * doc: add atlowChemi to collaborators * esm: add --import flag * events: allow safely adding listener to abortSignal * fs, stream: initial Symbol.dispose and Symbol.asyncDispose support * net: add autoSelectFamily global getter and setter * url: add value argument to has and delete methods - versioned.patch: refreshed Adam Majer 2023-09-19 15:56:51 +00:00
  • 3569013173 - Update to LTS version 18.17.1 (security fixes). The following CVE were fixed: * (CVE-2023-32002, bsc#1214150): Policies can be bypassed via Module._load (High) * (CVE-2023-32006, bsc#1214156): Policies can be bypassed by module.constructor.createRequire (Medium) * (CVE-2023-32559, bsc#1214154): Policies can be bypassed via process.binding (Medium) - Changes included in LTS version 18.17.0: * dns: expose getDefaultResultOrder * events: add getMaxListeners method * fs: + add support for mode flag to specify the copy behavior + add recursive option to readdir and opendir + add support for mode flag to specify the copy behavior + implement byob mode for readableWebStream() * http: + prevent writing to the body when not allowed by HTTP spec + remove internal error in assignSocket + add highWaterMark opt in http.createServer * lib: + add webstreams to Duplex.from() + implement AbortSignal.any() * module: + change default resolver to not throw on unknown scheme * node-api: + define version 9 + deprecate napi_module_register * stream: + preserve object mode in compose Adam Majer 2023-08-10 14:31:40 +00:00
  • 7f29cefa84 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=63 Adam Majer 2023-06-21 13:48:25 +00:00
  • 533b8ba978 - Update to version 18.16.1 (security fixes only). The following CVEs are fixed in this release: * (CVE-2023-30581, bsc#1212574): mainModule.__proto__ Bypass Experimental Policy Mechanism (High) * (CVE-2023-30585, bsc#1212579): Privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process (Medium) * (CVE-2023-30588, bsc#1212581): Process interuption due to invalid Public Key information in x509 certificates (Medium) * (CVE-2023-30589, bsc#1212582): HTTP Request Smuggling via Empty headers separated by CR (Medium) * (CVE-2023-30590, bsc#1212583): DiffieHellman does not generate keys after setting a private key (Medium) * c-ares security issues: + CVE-2023-32067. High. 0-byte UDP payload causes Denial of Service (bsc#1211604) + CVE-2023-31147 Moderate. Insufficient randomness in generation of DNS query IDs (bsc#1211605) + CVE-2023-31130. Moderate. Buffer Underwrite in ares_inet_net_pton() (bsc#1211606) + CVE-2023-31124. Low. AutoTools does not set CARES_RANDOM_FILE during cross compilation (bsc#1211607) - fix_ci_tests.patch: increase default timeout on unit tests to 20min from 2min. This seems to have lead to build failures on some platforms, like s390x in Factory. (bsc#1211407) Adam Majer 2023-06-21 12:25:26 +00:00
  • a0848d0ff4 * deps: upgrade npm to 9.5.0 (bsc#1208744, CVE-2022-25881) Adam Majer 2023-04-17 10:23:37 +00:00
  • bb44dc56de - Update to NodeJS 18.16.0 LTS version * Add initial support for single executable applications * Replace url parser with Ada * buffer: add Buffer.copyBytesFrom - refreshed patches: versioned.patch linker_lto_jobs.patch Adam Majer 2023-04-13 14:31:06 +00:00
  • 9c9268c584 unfix speccleaner Adam Majer 2023-03-13 16:48:13 +00:00
  • aeef25b81c - relax Requires to Suggests for alts on TW Adam Majer 2023-03-13 16:45:30 +00:00
  • 3f9f6fb843 - Update to NodeJS 18.15.0 LTS version: * test_runner: + add initial code coverate support + add reporters * fs: add statfs() * buffer: add isAscii() - s390.patch, sysctl.patch: upstreamed and removed Adam Majer 2023-03-08 13:17:36 +00:00
  • 0938ffe391 - node-gyp_7.1.2.tar.xz: added dependencies so they don't conflict with npm dependencies. Adam Majer 2023-02-23 10:44:42 +00:00
  • 511d505ae1 - sysctl.patch: unit test fixes Adam Majer 2023-02-22 15:54:13 +00:00
  • 2ef8e23c6d - versioned.patch: refreshed Adam Majer 2023-02-22 14:28:12 +00:00
  • 545556a689 - Update to NodeJS 18.14.2 LTS: * deps: upgrade npm to 9.5.0 * deps: update undici to 5.20.0 - Changes in version 18.14.1: * fixes permissions policies can be bypassed via process.mainModule (bsc#1208481, CVE-2023-23918) * fixes insecure loading of ICU data through ICU_DATA environment variable (bsc#1208487, CVE-2023-23920) * fixes OpenSSL error handling issues in nodejs crypto library (bsc#1208483, CVE-2023-23919) * updates undici to v5.19.1 + Fetch API in Node.js did not protect against CRLF injection in host headers + Regular Expression Denial of Service in Headers in Node.js fetch API (bsc#1208413, bsc#1208485, CVE-2023-24807, CVE-2023-23936) Adam Majer 2023-02-22 14:23:30 +00:00
  • 038f5be659 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=45 Adam Majer 2023-02-01 10:50:49 +00:00
  • 89946a890c - Do not use pkg_vcmp to decide BuildDependencies: this works based on 'installed packages' which is not interpreted correctly by the scheduler. Rather switch to boolean dependencies. ------------------------------------------------------------------ Adam Majer 2023-02-01 10:04:37 +00:00
  • cab4e3b7ea Added patch list Adam Majer 2023-01-31 13:07:44 +00:00
  • 3161391435 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=40 Adam Majer 2023-01-26 13:00:15 +00:00
  • 1abff45f74 - s390.patch: fix unit test on s390 with patched zlib Adam Majer 2023-01-26 12:59:22 +00:00
  • a64d62f72a - _constraints: reset aarch64 memory requirements back to original otherwise some unit tests can fail Adam Majer 2023-01-25 12:41:48 +00:00
  • 2bd60e6d33 - Again use openssl-3, if available. Adam Majer 2023-01-25 12:03:50 +00:00
  • b1d3799a70 - Update _constraints: * Less RAM for aarch64 and 32-bit arm * Use 'asimdrdm' cpu flag to use aarch64 workers where tests are more stable Adam Majer 2023-01-16 15:43:36 +00:00
  • 9f74102a9b - Update to NodejJS 18.13.0 LTS: * build: disable v8 snapshot compression by default * crypto: update root certificates * deps: update ICU to 72.1 * doc: + add doc-only deprecation for headers/trailers setters + add Rafael to the tsc + deprecate use of invalid ports in url.parse + deprecate url.parse() * lib: drop fetch experimental warning * net: add autoSelectFamily and autoSelectFamilyAttemptTimeout options * src: + add uvwasi version + add initial shadow realm support * test_runner: + add t.after() hook + don't use a symbol for runHook() * tls: + add "ca" property to certificate object * util: + add fast path for utf8 encoding + improve textdecoder decode performance + add MIME utilities - new_python3.patch, icu721_fixes.patch: upstreamed, removed Adam Majer 2023-01-16 15:07:36 +00:00
  • b6cd064c87 - icu721_fixes.patch: fixes compatibility with ICU 72.1 (bsc#1205236) Adam Majer 2022-11-10 09:15:16 +00:00
  • 24cecf60b0 - Fix migration to openssl-3 (bsc#1205042) Adam Majer 2022-11-07 14:17:05 +00:00
  • fdff30c9af OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=29 Adam Majer 2022-11-07 10:38:20 +00:00
  • 438aeafd12 - Update to NodeJS 18.12.1 LTS: * inspector: DNS rebinding in --inspect via invalid octal IP (bsc#1205119, CVE-2022-43548) Adam Majer 2022-11-07 10:03:11 +00:00
  • b310397cca - Update to NodeJS 18.12.0 LTS: * Running in 'watch' mode using node --watch restarts the process when an imported file is changed. * fs: add FileHandle.prototype.readLines * http: add writeEarlyHints function to ServerResponse * http2: make early hints generic * util: add default value option to parsearg Adam Majer 2022-10-28 10:36:54 +00:00
  • c9689270a0 - Update to NodeJS 18.11.0: * added experimental watch mode -- running in 'watch' mode using node --watch restarts the process when an imported file is changed * fs: add FileHandle.prototype.readLines * http: add writeEarlyHints function to ServerResponse * http2: make early hints generic * lib: refactor transferable AbortSignal * src: add detailed embedder process initialization API * util: add default value option to parsearg - legacy_python.patch, versioned.patch: updated Adam Majer 2022-10-17 13:14:57 +00:00
  • 46fba43c7b - qemu_timeouts_arches.patch: set timeouts on riscv5 to 7x normal Adam Majer 2022-10-12 08:16:07 +00:00
  • 854959b43b - skip more tests for riscv64/qemu emulation Adam Majer 2022-10-12 07:44:02 +00:00
  • 8a07cf1ca5 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=19 Adam Majer 2022-09-29 14:55:28 +00:00
  • 823267b888 - Update to NodeJS 18.10.0: * deps: upgrade npm to 8.19.2 * http: throw error on content-length mismatch * stream: add ReadableByteStream.tee() - openssl3_fixups.patch: upstreamed and removed Adam Majer 2022-09-29 14:02:32 +00:00
  • d12cbd6aa8 + CVE-2022-32213 bypass via obs-fold mechanic (bsc#1201325) (CVE-2022-32215, bsc#1201327) + Incorrect Parsing of Header Fields (CVE-2022-35256, bsc#1203832) (CVE-2022-35255, bsc#1203831) Adam Majer 2022-09-28 12:09:30 +00:00
  • b0a2be4610 - Update to Nodejs 18.9.1: * deps: llhttp updated to 6.0.10 + CVE-2022-32213 bypass via obs-fold mechanic + Incorrect Parsing of Multi-line Transfer-Encoding (CVE-2022-32215) + Incorrect Parsing of Header Fields (CVE-35256) * crypto: fix weak randomness in WebCrypto keygen (CVE-2022-35255) Adam Majer 2022-09-26 14:46:24 +00:00
  • 5ddec5b5eb Update keyring Adam Majer 2022-09-20 15:14:58 +00:00
  • 142d4448b1 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=13 Adam Majer 2022-09-20 14:33:47 +00:00
  • e12f2a4492 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=12 Adam Majer 2022-09-20 14:28:42 +00:00
  • 6c7463cb0c Workaround unit tests in staging Really remove unused patch Adam Majer 2022-09-20 14:19:40 +00:00
  • a64fe3c90e - new_python3.patch: enable python 3.11 as valid interpreter Adam Majer 2022-09-19 15:01:15 +00:00
  • 7e7557ae96 more fixes for Fedora in spec file Adam Majer 2022-09-19 13:12:44 +00:00
  • 1bab9f5072 Enable compilation for Fedora Adam Majer 2022-09-19 13:08:25 +00:00
  • 9d74e823ed - Update to Nodejs 18.9.0: * lib - add diagnostics channel for process and worker * os - add machine method * report - expose report public native apis * src - expose environment RequestInterrupt api * vm - include vm context in the embedded snapshot - Changes in 18.8.0: * bootstrap: implement run-time user-land snapshots via --build-snapshot and --snapshot-blob. See * crypto: + allow zero-length IKM in HKDF and in webcrypto PBKDF2 + allow zero-length secret KeyObject * deps: upgrade npm to 8.18.0 * http: make idle http parser count configurable * net: add local family * src: print source map error source on demand * tls: pass a valid socket on tlsClientError - dns.patch: upstreamed, removed - nodejs-libpath.patch, versioned.patch: refreshed - fix_ci_tests.patch: partially upstreamed - openssl3_fixups.patch: fix unit tests with openssl 1.1.1 Adam Majer 2022-09-19 12:47:08 +00:00
  • 60ed4b0fec - Update to Nodejs 18.7.0: * events: add CustomEvent * http: add drop request event for http server * lib: improved diagnostics_channel subscribe/unsubscribe * util: add tokens to parseArgs - enable crypto policy ciphers for TW and SLE15 SP4+ (bsc#1200303) Adam Majer 2022-08-18 10:54:04 +00:00
  • 4da88248e0 OBS-URL: https://build.opensuse.org/package/show/devel:languages:nodejs/nodejs18?expand=0&rev=5 Adam Majer 2022-08-01 10:17:34 +00:00
  • 97b1030023 - dns.patch: fix regression https://github.com/nodejs/node/issues/44003 Adam Majer 2022-07-31 15:40:20 +00:00
  • ae008afcb7 - Update to Nodejs 18.6.0: * Experimental ESM Loader Hooks API. For details see, https://nodejs.org/api/esm.html * dns: export error code constants from dns/promises * esm: add chaining to loaders * http: add diagnostics channel for http client * http: add perf_hooks detail for http request and client * module: add isBuiltIn method * net: add drop event for net server * test_runner: expose describe and it * v8: add v8.startupSnapshot utils For details, see https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18.6.0 Adam Majer 2022-07-26 21:38:39 +00:00
  • f6550607df - Update to Nodejs 18.4.0. For detailed changes see, https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18.4.0 - refreshed: versioned.patch, linker_lto_jobs.patch, nodejs-libpath.patch Adam Majer 2022-06-28 14:02:30 +00:00
  • a3129cf18c - Initial packaging of Nodejs 18.2.0. For detailed changes since previous versions, see https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V18.md#18.2.0 Adam Majer 2022-05-19 15:11:22 +00:00