Accepting request 1188691 from devel:languages:nodejs

Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/1188691
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nodejs20?expand=0&rev=24

CVE-2024-21538.patch

@@ -1,46 +0,0 @@
-Applied following patches,
-
-From 5ff3a07d9add449021d806e45c4168203aa833ff Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Andr=C3=A9=20Cruz?= <andremiguelcruz@msn.com>
-Date: Wed, 6 Nov 2024 22:02:49 +0000
-Subject: [PATCH] fix: disable regexp backtracking (#160)
-
----
- lib/util/escape.js | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-
-From 640d391fde65388548601d95abedccc12943374f Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Andr=C3=A9=20Cruz?= <andre.cruz@uphold.com>
-Date: Thu, 7 Nov 2024 12:50:38 +0000
-Subject: [PATCH] fix: fix escaping bug introduced by backtracking
-
----
- lib/util/escape.js | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-
-Index: node-v18.20.5/deps/npm/node_modules/cross-spawn/lib/util/escape.js
-===================================================================
---- node-v18.20.5.orig/deps/npm/node_modules/cross-spawn/lib/util/escape.js
-+++ node-v18.20.5/deps/npm/node_modules/cross-spawn/lib/util/escape.js
-@@ -15,15 +15,17 @@ function escapeArgument(arg, doubleEscap
-     arg = `${arg}`;
- 
-     // Algorithm below is based on https://qntm.org/cmd
-+    // It's slightly altered to disable JS backtracking to avoid hanging on specially crafted input
-+    // Please see https://github.com/moxystudio/node-cross-spawn/pull/160 for more information
- 
-     // Sequence of backslashes followed by a double quote:
-     // double up all the backslashes and escape the double quote
--    arg = arg.replace(/(\\*)"/g, '$1$1\\"');
-+    arg = arg.replace(/(?=(\\+?)?)\1"/g, '$1$1\\"');
- 
-     // Sequence of backslashes followed by the end of the string
-     // (which will become a double quote later):
-     // double up all the backslashes
--    arg = arg.replace(/(\\*)$/, '$1$1');
-+    arg = arg.replace(/(?=(\\+?)?)\1$/, '$1$1');
- 
-     // All other backslashes occur literally
- 

SHASUMS256.txt

@@ -1,41 +1,41 @@
-4ba1a64cd4e2d1bdbc38afbf230c6171ed62fca7c38c83497f839c3911d8d13d  node-v20.19.2-aix-ppc64.tar.gz
+dd24c8b6fdaf46361e130c894fd7282266f944b54196636e6df583fdec1e836f  node-v20.15.1-aix-ppc64.tar.gz
-ceeb1753eb6bdaf0d5dada97e807a88ef29d0ce49fa989a84339bc39987956d4  node-v20.19.2-arm64.msi
+9cbfc9d496427893505f8cb81aa4c1554fe449881cb4a6c5410e494c5fc36674  node-v20.15.1-arm64.msi
-5f96c725cd2be1151f08b25c05bf5a21866a2dc7db3803d351a6ea19fcc53665  node-v20.19.2-darwin-arm64.tar.gz
+4743bc042f90ba5d9edf09403207290a9cdd2f6061bdccf7caaa0bbfd49f343e  node-v20.15.1-darwin-arm64.tar.gz
-51344f84c3867756a381d1f1ac437b9877ef7ee98683cd38aca32133a33e4986  node-v20.19.2-darwin-arm64.tar.xz
+106ad5288f1da94bf25cf9fba4a070b442e3213e25ce8af3ad35bf6e266213f6  node-v20.15.1-darwin-arm64.tar.xz
-29f91e05992a7d81498ab1d04938a184313cb4aaccab95bb4636e30e6424eae3  node-v20.19.2-darwin-x64.tar.gz
+f5379772ffae1404cfd1fcc8cf0c6c5971306b8fb2090d348019047306de39dc  node-v20.15.1-darwin-x64.tar.gz
-eee1053719e234060c39822cc7defcb9322e14a1e6e5046dbbf48dcf68750aa7  node-v20.19.2-darwin-x64.tar.xz
+34ad01b42025f72d486f9775a2f170913ad6b9fe2d4ceb67746a08de0e475b88  node-v20.15.1-darwin-x64.tar.xz
-37e920f860aaa3155bf8a276d20a5473fcea9eefa31f8b09eb18dc5e65c9abd7  node-v20.19.2-headers.tar.gz
+8c2305c6df5d14525e0711f0da38295600987df4c2710c738c01400862a176b4  node-v20.15.1-headers.tar.gz
-398d95ff730743659a596b9753c7e619501571ae2beedbe16077d3213cd91e0e  node-v20.19.2-headers.tar.xz
+d6e4f101f8734f96be558ad4b84a35a81f33decc050a7d2d8e5b39573b79bdf8  node-v20.15.1-headers.tar.xz
-24c3090d4e8c3667cd57482263291ca4f562c2e0773d5e618a0c6ba32d21b39f  node-v20.19.2-linux-arm64.tar.gz
+8554c91ccd32782351035d3a9b168ad01c6922480800a21870fc5d6d86c2bb70  node-v20.15.1-linux-arm64.tar.gz
-0d0c4a1c3a5aa657b76873eaa962936c7dc7a45047bd3957322544967713dc72  node-v20.19.2-linux-arm64.tar.xz
+10d47a46ef208b3e4b226e4d595a82659123b22397ed77b7975d989114ec317e  node-v20.15.1-linux-arm64.tar.xz
-aed2de774737d76a81254cbcd12ae5e9239f24efec0456b9608f150d27d58fe7  node-v20.19.2-linux-armv7l.tar.gz
+2c16717da7d2d7b00f6af146cdf436a0297cbcee52c85b754e4c9ed7cee34b51  node-v20.15.1-linux-armv7l.tar.gz
-43adc6c3f57582f0ed206b8401816d1846c39996793f02ccf61e905294bfdc58  node-v20.19.2-linux-armv7l.tar.xz
+7bc120efdd8018f6915471b963d9b80adf4ed406d6dc9edb4ae944b85f505c4c  node-v20.15.1-linux-armv7l.tar.xz
-9fced2e270fb0879709f7fa19b358551244b2d6c8cbf39d6a860221dcc12181b  node-v20.19.2-linux-ppc64le.tar.gz
+b91df4971b428f9cb2fbe427c919ad382c4cd206a85e5c918c60c15f1e3d2e32  node-v20.15.1-linux-ppc64le.tar.gz
-1391fe00183bef0da0b478f636527d8270e43563877312d251a468746d338c74  node-v20.19.2-linux-ppc64le.tar.xz
+b33e684802251397ad62ad3f8a1836267ee8b7723f87f669470018ad0035287b  node-v20.15.1-linux-ppc64le.tar.xz
-94023e739c98ce55a057fbf5e86589253458e92af1990a2712dab8c6421cfe2f  node-v20.19.2-linux-s390x.tar.gz
+393f511b5623c8a872e58203914a54bc7e086b8ca870d34833766d4f9c4e2448  node-v20.15.1-linux-s390x.tar.gz
-ffbf836e20738f283cbe342ce92881d81d3f14651cabd2cf93cdb91152bcae3c  node-v20.19.2-linux-s390x.tar.xz
+e2c36cdccc8a7c1000a349dd6fea8b0ce39884eae7b3dd1950d0105120f20848  node-v20.15.1-linux-s390x.tar.xz
-eec2c7b9c6ac72e42885a42edfc0503c0e4ee455f855c4a17a6cbcf026656dd5  node-v20.19.2-linux-x64.tar.gz
+a9db028c0a1c63e3aa0d97de24b0966bc507d8239b3aedc4e752eea6b0580665  node-v20.15.1-linux-x64.tar.gz
-cbe59620b21732313774df4428586f7222a84af29e556f848abf624ba41caf90  node-v20.19.2-linux-x64.tar.xz
+26700f8d3e78112ad4a2618a9c8e2816e38a49ecf0213ece80e54c38cb02563f  node-v20.15.1-linux-x64.tar.xz
-3a19f4949b422309a2806083580528c2c87e8169755f31fb7521d5f7b5fdba22  node-v20.19.2-win-arm64.7z
+4f437463e708c4c7faaa436bed46c3ea814ec3796cfe1e02515ab21d2038b4b1  node-v20.15.1-win-arm64.7z
-b155826b6abe8383b88f7de42bc7c2601cabd3b0d6e52cce1cf4cd4936e6441b  node-v20.19.2-win-arm64.zip
+6cc4f9ca826f5b3e0c555d156bc6adcc371bd96c2874ee748d0f97e2938d3c2b  node-v20.15.1-win-arm64.zip
-eb6bde3d812ee065a94fc81e39dc16a56ec41f3039e6a27022326b3b59ee895b  node-v20.19.2-win-x64.7z
+5dbaf27053a0566395f81ebe9e4660141de1bc7b0fe80583447bb36804643f75  node-v20.15.1-win-x64.7z
-8735c9940b97548f6d9d4dda7cf5fd4471c062f15f44c2b890c9b0b430460feb  node-v20.19.2-win-x64.zip
+ba6c3711e2c3d0638c5f7cea3c234553808a73c52a5962a6cdb47b5210b70b04  node-v20.15.1-win-x64.zip
-6e56ea449e6581e8d7251b1960585d4e4cd53d99df34363483099fe864de1023  node-v20.19.2-win-x86.7z
+2281b04df475efa64ef483529fc9cad1715d42d5766e68541b64970297247692  node-v20.15.1-win-x86.7z
-c052c2b4e7ed147f9714b4e81bef4a1c5e04b33162c7300100c547747a2a34f3  node-v20.19.2-win-x86.zip
+9a08021e4bcc4694bc72d00ce1ce0686e6de6a9a855678239625f96b09c70b07  node-v20.15.1-win-x86.zip
-fcc217f3af52f8ecab1e5d016df6f543cb2d903d57e26f53ac48f7ea837dfab2  node-v20.19.2-x64.msi
+b139ba1b82807918af40fbed49a5b529f67ba198e87bcabdac907b734ff83ab5  node-v20.15.1-x64.msi
-2a5c4f9a2a563ba73b866dbdade0157ab042568b49a8b8ec0efa72150843ed17  node-v20.19.2-x86.msi
+6079df4ab0d457180b4b730fab76d0b60b14342d797cc10a4f2d7c8b61fba584  node-v20.15.1-x86.msi
-87f1d17df2fbbd775a4813d8936ece9120135d942eae6d308d2328616eed3103  node-v20.19.2.pkg
+93b9549a65d459cc2e035c0d583101f827607f43376b5f23a3a2a900f5467321  node-v20.15.1.pkg
-eaf8800608ffbcae7665beb4776d8e9d8484055fbb840ef44e346044f9b08ad5  node-v20.19.2.tar.gz
+da228a0c27922f02001d9a781793696432096ab2da658eb77d7fc21693f4c5cb  node-v20.15.1.tar.gz
-4a7ff611d5180f4e420204fa6f22f9f9deb2ac5e98619dd9a4de87edf5b03b6e  node-v20.19.2.tar.xz
+fdd53a5729d936691a2a1151046fb4897721cb8b0fca2af957823a9b40fe0c34  node-v20.15.1.tar.xz
-c36cb4961a50d2ac05a72d78b6a5b21cb9ac31ca6545a4a438b287f9d0eea9ba  win-arm64/node.exe
+8e3f84e8ec7e41f98a048eb0c1365cfe54426a556ead98c4803df45d29e0335d  win-arm64/node.exe
-db56ef1b250e24a698ee3a21f4f055a1f60319f273fa7bcab84212cdf9498bf1  win-arm64/node.lib
+a4f01329c1c211082ac3ed387ff6651530040bbf7250ec419ce8f95b10d7804a  win-arm64/node.lib
-b754b00df640e352b663f7907f0e11240258aa5f5059d9c503ce455d2500d92f  win-arm64/node_pdb.7z
+493292505fd7a156b1e7b46c7f05001a0684fba6f734f83abfcf7fed88625453  win-arm64/node_pdb.7z
-2b6f70f82b6bbe178556f0b49290011e83c51e63584488d75e7dd9b94560345c  win-arm64/node_pdb.zip
+88d4af538deadf8fa2638df84a76bd7dd26f0aeac8dc584f213da736f322377c  win-arm64/node_pdb.zip
-5793a3bf18d75c2bc5cb2b65ba8975b30057d7bf443141db4cf970d54fd8ddc6  win-x64/node.exe
+229fb64aeb10d3cc18eaaa2f5a4c3f1c81792dd3647c5c4350e142db528d0f89  win-x64/node.exe
-21b9f76d6ec91f6510dc5adb891dbd52893c7d242549b5cf6084803d3be91665  win-x64/node.lib
+87056190b7cd06f40058f8e059efd328cdcc7600b825afa102c0aa5039865af5  win-x64/node.lib
-2b7de888145be4086c70866417a0742a87ec50472d8b04e1850701ca2f7bfe4e  win-x64/node_pdb.7z
+bb2198b381bb5d7bc08e2cdda3db911996e310b944b05cb8c7c271a5a7ab0901  win-x64/node_pdb.7z
-d5493643b36531bb02591c3f855c77e2070bb972be1a51ea313e6b25f3e29556  win-x64/node_pdb.zip
+316ee3fbbe976981e8ee0b81204aece9d3c2337c83f1644d90bb552c3068ca44  win-x64/node_pdb.zip
-c5505d7f22b1f6bfc56f4fe16f472c3b6428e74f48062028e6cc2a4b646a72cc  win-x86/node.exe
+6e7f3cbb46569a58babe99de2df8a69e98ad613674d4fed71b1dca866e1a72e8  win-x86/node.exe
-4f7899d5cf286aad56624539952c087088e6e90f010f55d1f9145deb45524152  win-x86/node.lib
+fa02ae7feca7eb6c4a0f1b929126df400719f5d18a2ec4b7d12c52fbe0b13814  win-x86/node.lib
-3b2de193ae323416b1c340777f9c2ff010f337d6dbdbd711a3de4a485315e1b5  win-x86/node_pdb.7z
+e8f6da56c9bc73add71a41c4d5ed92fc6cf9e7c5067d7a0d3f7b9fd6391f07c4  win-x86/node_pdb.7z
-79647764e20eb5002ca2a27e5d2f115cd5db462661521722a002a1eb0f79cd76  win-x86/node_pdb.zip
+1b4e9dbc5a8b0a5121d32351f9654c1ab451e88680982d487a4a6c40d50bd730  win-x86/node_pdb.zip

fix_ci_tests.patch

@@ -2,10 +2,10 @@ Author: Adam Majer <amajer@suse.de>
 Date: Dec 20 09:18:49 UTC 2017
 Summary: Fix CI unit tests framework for OBS building
 
-Index: node-v20.19.2/test/parallel/test-module-loading-globalpaths.js
+Index: node-v20.15.1/test/parallel/test-module-loading-globalpaths.js
 ===================================================================
---- node-v20.19.2.orig/test/parallel/test-module-loading-globalpaths.js
+--- node-v20.15.1.orig/test/parallel/test-module-loading-globalpaths.js
-+++ node-v20.19.2/test/parallel/test-module-loading-globalpaths.js
++++ node-v20.15.1/test/parallel/test-module-loading-globalpaths.js
 @@ -11,6 +11,9 @@ const { addLibraryPath } = require('../c
  
  addLibraryPath(process.env);
@@ -16,10 +16,10 @@ Index: node-v20.19.2/test/parallel/test-module-loading-globalpaths.js
  if (process.argv[2] === 'child') {
    console.log(require(pkgName).string);
  } else {
-Index: node-v20.19.2/test/parallel/test-tls-passphrase.js
+Index: node-v20.15.1/test/parallel/test-tls-passphrase.js
 ===================================================================
---- node-v20.19.2.orig/test/parallel/test-tls-passphrase.js
+--- node-v20.15.1.orig/test/parallel/test-tls-passphrase.js
-+++ node-v20.19.2/test/parallel/test-tls-passphrase.js
++++ node-v20.15.1/test/parallel/test-tls-passphrase.js
 @@ -223,7 +223,7 @@ server.listen(0, common.mustCall(functio
    }, onSecureConnect());
  })).unref();
@@ -29,10 +29,10 @@ Index: node-v20.19.2/test/parallel/test-tls-passphrase.js
  
  // Missing passphrase
  assert.throws(function() {
-Index: node-v20.19.2/test/parallel/test-repl-envvars.js
+Index: node-v20.15.1/test/parallel/test-repl-envvars.js
 ===================================================================
---- node-v20.19.2.orig/test/parallel/test-repl-envvars.js
+--- node-v20.15.1.orig/test/parallel/test-repl-envvars.js
-+++ node-v20.19.2/test/parallel/test-repl-envvars.js
++++ node-v20.15.1/test/parallel/test-repl-envvars.js
 @@ -2,7 +2,9 @@
  
  // Flags: --expose-internals
@@ -44,11 +44,11 @@ Index: node-v20.19.2/test/parallel/test-repl-envvars.js
  const stream = require('stream');
  const { describe, test } = require('node:test');
  const REPL = require('internal/repl');
-Index: node-v20.19.2/Makefile
+Index: node-v20.15.1/Makefile
 ===================================================================
---- node-v20.19.2.orig/Makefile
+--- node-v20.15.1.orig/Makefile
-+++ node-v20.19.2/Makefile
++++ node-v20.15.1/Makefile
-@@ -396,7 +396,6 @@ ADDONS_HEADERS_PREREQS := tools/install.
+@@ -392,7 +392,6 @@ ADDONS_HEADERS_PREREQS := tools/install.
  	$(wildcard deps/uv/include/*/*.h) \
  	$(wildcard deps/v8/include/*.h) \
  	$(wildcard deps/v8/include/*/*.h) \
@@ -56,7 +56,7 @@ Index: node-v20.19.2/Makefile
  	src/node.h src/node_api.h src/js_native_api.h src/js_native_api_types.h \
  	src/node_api_types.h src/node_buffer.h src/node_object_wrap.h \
  	src/node_version.h
-@@ -568,7 +567,8 @@ test-ci-js: | clear-stalled
+@@ -563,7 +562,8 @@ test-ci-js: | clear-stalled
  .PHONY: test-ci
  # Related CI jobs: most CI tests, excluding node-test-commit-arm-fanned
  test-ci: LOGLEVEL := info
@@ -66,7 +66,7 @@ Index: node-v20.19.2/Makefile
  	out/Release/cctest --gtest_output=xml:out/junit/cctest.xml
  	$(PYTHON) tools/test.py $(PARALLEL_ARGS) -p tap --logfile test.tap \
  		--mode=$(BUILDTYPE_LOWER) --flaky-tests=$(FLAKY_TESTS) \
-@@ -754,7 +754,8 @@ apidocs_json = $(addprefix out/,$(apidoc
+@@ -745,7 +745,8 @@ apidocs_json = $(addprefix out/,$(apidoc
  apiassets = $(subst api_assets,api/assets,$(addprefix out/,$(wildcard doc/api_assets/*)))
  
  tools/doc/node_modules: tools/doc/package.json
@@ -76,10 +76,10 @@ Index: node-v20.19.2/Makefile
  		echo "Skipping tools/doc/node_modules (no crypto)"; \
  	else \
  		cd tools/doc && $(call available-node,$(run-npm-ci)) \
-Index: node-v20.19.2/tools/test.py
+Index: node-v20.15.1/tools/test.py
 ===================================================================
---- node-v20.19.2.orig/tools/test.py
+--- node-v20.15.1.orig/tools/test.py
-+++ node-v20.19.2/tools/test.py
++++ node-v20.15.1/tools/test.py
 @@ -1386,7 +1386,7 @@ def BuildOptions():
    result.add_option("-s", "--suite", help="A test suite",
        default=[], action="append")
@@ -89,12 +89,12 @@ Index: node-v20.19.2/tools/test.py
    result.add_option("--arch", help='The architecture to run tests for',
        default='none')
    result.add_option("--snapshot", help="Run the tests with snapshot turned on",
-Index: node-v20.19.2/test/parallel/test-crypto-dh.js
+Index: node-v20.15.1/test/parallel/test-crypto-dh.js
 ===================================================================
---- node-v20.19.2.orig/test/parallel/test-crypto-dh.js
+--- node-v20.15.1.orig/test/parallel/test-crypto-dh.js
-+++ node-v20.19.2/test/parallel/test-crypto-dh.js
++++ node-v20.15.1/test/parallel/test-crypto-dh.js
-@@ -91,9 +91,7 @@ const crypto = require('crypto');
+@@ -90,9 +90,7 @@ const crypto = require('crypto');
-                                            (common.hasOpenSSL(3, 1, 4));
+     const hasOpenSSL3WithNewErrorMessage = (v >= 0x300000c0 && v <= 0x30100000) || (v >= 0x30100040 && v <= 0x30200000);
      assert.throws(() => {
        dh3.computeSecret('');
 -    }, { message: common.hasOpenSSL3 && !hasOpenSSL3WithNewErrorMessage ?
@@ -104,10 +104,22 @@ Index: node-v20.19.2/test/parallel/test-crypto-dh.js
    }
  }
  
-Index: node-v20.19.2/test/parallel/test-crypto-fips.js
+Index: node-v20.15.1/test/parallel/test-node-output-errors.mjs
 ===================================================================
---- node-v20.19.2.orig/test/parallel/test-crypto-fips.js
+--- node-v20.15.1.orig/test/parallel/test-node-output-errors.mjs
-+++ node-v20.19.2/test/parallel/test-crypto-fips.js
++++ node-v20.15.1/test/parallel/test-node-output-errors.mjs
+@@ -28,6 +28,7 @@ describe('errors output', { concurrency:
+       .replaceAll(/\/(\w)/g, '*$1')
+       .replaceAll('*test*', '*')
+       .replaceAll('*fixtures*errors*', '*')
++      .replace(/`node\d+ --/, '`node --')
+       .replaceAll('file:**', 'file:*/');
+   }
+ 
+Index: node-v20.15.1/test/parallel/test-crypto-fips.js
+===================================================================
+--- node-v20.15.1.orig/test/parallel/test-crypto-fips.js
++++ node-v20.15.1/test/parallel/test-crypto-fips.js
 @@ -3,6 +3,8 @@
  const common = require('../common');
  if (!common.hasCrypto)
@@ -117,10 +129,10 @@ Index: node-v20.19.2/test/parallel/test-crypto-fips.js
  
  const assert = require('assert');
  const spawnSync = require('child_process').spawnSync;
-Index: node-v20.19.2/test/parallel/test-node-output-v8-warning.mjs
+Index: node-v20.15.1/test/parallel/test-node-output-v8-warning.mjs
 ===================================================================
---- node-v20.19.2.orig/test/parallel/test-node-output-v8-warning.mjs
+--- node-v20.15.1.orig/test/parallel/test-node-output-v8-warning.mjs
-+++ node-v20.19.2/test/parallel/test-node-output-v8-warning.mjs
++++ node-v20.15.1/test/parallel/test-node-output-v8-warning.mjs
 @@ -15,7 +15,7 @@ describe('v8 output', { concurrency: tru
      .replaceAll('*test*', '*')
      .replaceAll(/.*?\*fixtures\*v8\*/g, '(node:*) V8: *') // Replace entire path before fixtures/v8
@@ -130,16 +142,3 @@ Index: node-v20.19.2/test/parallel/test-node-output-v8-warning.mjs
    }
    const common = snapshot
      .transform(snapshot.replaceWindowsLineEndings, snapshot.replaceWindowsPaths, replaceNodeVersion);
-Index: node-v20.19.2/test/parallel/test-dns.js
-===================================================================
---- node-v20.19.2.orig/test/parallel/test-dns.js
-+++ node-v20.19.2/test/parallel/test-dns.js
-@@ -403,7 +403,7 @@ assert.throws(() => {
- 
-   const server = dgram.createSocket('udp4');
- 
--  server.on('message', common.mustCall((msg, { address, port }) => {
-+  server.on('message', common.mustCallAtLeast((msg, { address, port }) => {
-     const parsed = dnstools.parseDNSPacket(msg);
-     const domain = parsed.questions[0].domain;
-     assert.strictEqual(domain, 'example.org');

linker_lto_jobs.patch

@@ -3,11 +3,11 @@ is run serially over these binaries instead of in parallel.
 OBS workers run out of memory as each executable seems to require
 upward of 5G RAM
 
-Index: node-v20.18.1/node.gyp
+Index: node-v19.7.0/node.gyp
 ===================================================================
---- node-v20.18.1.orig/node.gyp
+--- node-v19.7.0.orig/node.gyp
-+++ node-v20.18.1/node.gyp
++++ node-v19.7.0/node.gyp
-@@ -1155,6 +1155,7 @@
+@@ -951,6 +951,7 @@
          'deps/uvwasi/uvwasi.gyp:uvwasi',
          'deps/simdutf/simdutf.gyp:simdutf',
          'deps/ada/ada.gyp:ada',
@@ -15,9 +15,9 @@ Index: node-v20.18.1/node.gyp
        ],
  
        'includes': [
-@@ -1229,6 +1230,7 @@
+@@ -1047,6 +1048,7 @@
-         '<(node_lib_target_name)',
          'deps/histogram/histogram.gyp:histogram',
+         'deps/uvwasi/uvwasi.gyp:uvwasi',
          'deps/ada/ada.gyp:ada',
 +        'cctest'
        ],

node-v20.15.1.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:fdd53a5729d936691a2a1151046fb4897721cb8b0fca2af957823a9b40fe0c34
+size 41880412

node-v20.19.2.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:4a7ff611d5180f4e420204fa6f22f9f9deb2ac5e98619dd9a4de87edf5b03b6e
-size 42289480

nodejs-libpath.patch

@@ -1,16 +1,16 @@
-Index: node-v20.19.0/tools/install.py
+Index: node-v20.12.0/tools/install.py
 ===================================================================
---- node-v20.19.0.orig/tools/install.py
+--- node-v20.12.0.orig/tools/install.py
-+++ node-v20.19.0/tools/install.py
++++ node-v20.12.0/tools/install.py
-@@ -7,6 +7,7 @@ import os
+@@ -6,6 +6,7 @@ import errno
- import platform
+ import os
  import shutil
  import sys
 +from distutils import sysconfig
  import re
  
- current_system = platform.system()
+ def abspath(*args):
-@@ -72,6 +73,10 @@ def try_copy(options, path, dest):
+@@ -66,6 +67,10 @@ def try_copy(options, path, dest):
    try_unlink(target_path) # prevent ETXTBSY errors
    return shutil.copy2(source_path, target_path)
  
@@ -21,7 +21,7 @@ Index: node-v20.19.0/tools/install.py
  def try_remove(options, path, dest):
    source_path, target_path = mkpaths(options, path, dest)
    if not options.silent:
-@@ -88,7 +93,7 @@ def uninstall(options, paths, dest):
+@@ -82,7 +87,7 @@ def uninstall(options, paths, dest):
      try_remove(options, path, dest)
  
  def package_files(options, action, name, bins):
@@ -30,7 +30,7 @@ Index: node-v20.19.0/tools/install.py
  
    # don't install npm if the target path is a symlink, it probably means
    # that a dev version of npm is installed there
-@@ -109,7 +114,7 @@ def package_files(options, action, name,
+@@ -103,7 +108,7 @@ def package_files(options, action, name,
      if action == uninstall:
        action(options, [link_path], os.path.join('bin', bin_name))
      elif action == install:
@@ -39,11 +39,11 @@ Index: node-v20.19.0/tools/install.py
      else:
        assert 0  # unhandled action type
  
-Index: node-v20.19.0/lib/internal/modules/cjs/loader.js
+Index: node-v20.12.0/lib/internal/modules/cjs/loader.js
 ===================================================================
---- node-v20.19.0.orig/lib/internal/modules/cjs/loader.js
+--- node-v20.12.0.orig/lib/internal/modules/cjs/loader.js
-+++ node-v20.19.0/lib/internal/modules/cjs/loader.js
++++ node-v20.12.0/lib/internal/modules/cjs/loader.js
-@@ -1730,7 +1730,7 @@ Module._initPaths = function() {
+@@ -1529,7 +1529,7 @@ Module._initPaths = function() {
      path.resolve(process.execPath, '..') :
      path.resolve(process.execPath, '..', '..');
  

nodejs20.changes

@@ -1,64 +1,3 @@
--------------------------------------------------------------------
-Thu Jun 12 08:44:09 UTC 2025 - Adam Majer <adam.majer@suse.de>
-
-- Update to 20.19.2:
-  * fix error handling on async crypto operation (bsc#1243218, CVE-2025-23166)
-  * add missing call to uv_fs_req_cleanup (bsc#1243217, CVE-2025-23165)
-  * update llhttp to 9.2.0 (bsc#1243220, CVE-2025-23167)
-- Changes in 20.19.1:
-  * deps: update undici to 6.21.2
-  * dns: restore dns query cache ttl
-
-- fix_ci_tests.patch: refreshed
-
--------------------------------------------------------------------
-Tue Apr  8 13:11:37 UTC 2025 - Adam Majer <adam.majer@suse.de>
-
-- Update to 20.19.0:
-  * esm: mark import attributes and JSON module as stable
-  * module:
-    + require(esm) is now enabled by default
-    + Module syntax detection is now enabled by default
-  * worker: add postMessageToThread
-
-- Build with PIE (bsc#1239949)
-- nodejs-libpath.patch: refreshed
-
--------------------------------------------------------------------
-Wed Jan 22 11:23:00 UTC 2025 - Adam Majer <adam.majer@suse.de>
-
-- Update to 20.18.2:
-  * src,loader,permission: throw on InternalWorker use when
-    permission model is enabled (bsc#1236251, CVE-2025-23083)
-  * src: fix HTTP2 mem leak on premature close and ERR_PROTO
-    (bsc#1236250, CVE-2025-23085)
-  * deps: Use of Insufficiently Random Values in undici fetch()
-    (bsc#1236258, CVE-2025-22150)
-
--------------------------------------------------------------------
-Wed Dec  4 16:32:55 UTC 2024 - Adam Majer <adam.majer@suse.de>
-
-- Update to 20.18.1
-  * Experimental Network Inspection Support in Node.js
-  * Exposes X509_V_FLAG_PARTIAL_CHAIN to tls.createSecureContext
-  * New option for vm.createContext() to create a context with a
-    freezable globalThis
-  * buffer: optimize createFromString
-- Changes in 20.17.0:
-  * module: support require()ing synchronous ESM graphs
-  * path: add matchesGlob method
-  * stream: expose DuplexPair API
-- Changes in 20.16.0:
-  * process: add process.getBuiltinModule(id)
-  * inspector: fix disable async hooks on Debugger.setAsyncCallStackDepth
-  * buffer: add .bytes() method to Blob
-
-- CVE-2024-21538.patch: fixes regular expression denial of service
-  (bsc#1233856, CVE-2024-21538)
-- linker_lto_jobs.patch: refreshed
-- fix_ci_tests.patch: fix dns test vs. older c-ares
-- nodejs.keyring: sync keys with upstream
-
 -------------------------------------------------------------------
 Fri Jul 12 13:21:02 UTC 2024 - Adam Majer <adam.majer@suse.de>
 

nodejs20.spec

@@ -31,7 +31,7 @@
 %endif
 
 Name:           nodejs20
-Version:        20.19.2
+Version:        20.15.1
 Release:        0
 
 # Double DWZ memory limits
@@ -93,7 +93,7 @@ ExclusiveArch do_not_build
 %bcond_without intree_openssl
 %endif
 
-%if 0%{?suse_version} >= 1530 || 0%{?fedora_version} >= 35
+%if 0%{?suse_version} >= 1330 || 0%{?fedora_version} >= 35
 %bcond_with    intree_cares
 %else
 %bcond_without intree_cares
@@ -152,7 +152,6 @@ Patch7:         manual_configure.patch
 Patch13:        openssl_binary_detection.patch
 
 
-Patch82:        CVE-2024-21538.patch
 
 ## Patches specific to SUSE and openSUSE
 Patch100:       linker_lto_jobs.patch
@@ -200,10 +199,10 @@ BuildRequires:  config(netcfg)
 %if 0%{?suse_version} == 1110
 # GCC 5 is only available in the SUSE:SLE-11:SP4:Update repository (SDK).
 %if %node_version_number >= 8
-BuildRequires:  gcc5-c++
+BuildRequires:   gcc5-c++
 %define forced_gcc_version 5
 %else
-BuildRequires:  gcc48-c++
+BuildRequires:   gcc48-c++
 %define forced_gcc_version 4.8
 %endif
 %endif
@@ -213,16 +212,15 @@ BuildRequires:  gcc48-c++
 # for SLE-12:Update targets
 %if 0%{?suse_version} == 1315
 %if %node_version_number >= 17
-BuildRequires:  gcc12-c++
+BuildRequires:   gcc12-c++
-BuildRequires:  gcc12-PIE
 %define forced_gcc_version 12
 %else
 %if %node_version_number >= 14
-BuildRequires:  gcc9-c++
+BuildRequires:   gcc9-c++
 %define forced_gcc_version 9
 %else
 %if %node_version_number >= 8
-BuildRequires:  gcc7-c++
+BuildRequires:   gcc7-c++
 %define forced_gcc_version 7
 %endif
 %endif
@@ -231,8 +229,7 @@ BuildRequires:  gcc7-c++
 
 %if 0%{?suse_version} == 1500
 %if %node_version_number >= 17
-BuildRequires:  gcc12-c++
+BuildRequires:   gcc12-c++
-BuildRequires:  gcc12-PIE
 %define forced_gcc_version 12
 %endif
 %endif
@@ -247,19 +244,11 @@ BuildRequires:  gcc-c++
 # Python dependencies
 %if %node_version_number >= 14
 
-%if 0%{?suse_version}
+%if 0%{?suse_version} && 0%{?suse_version} < 1500
-%if 0%{?suse_version} < 1500
 BuildRequires:  python36
 %define forced_python_version 3.6m
-%endif
+%else
-%if %{?suse_version} == 1500
-BuildRequires:  python311
-%define forced_python_version 3.11
-%endif
-%if %{?suse_version} > 1500
 BuildRequires:  python3
-BuildRequires:  python3-setuptools
-%endif
 %endif
 
 %else
@@ -308,7 +297,7 @@ BuildRequires:  openssl >= %{openssl_req_ver}
 %else
 # bundled openssl
 %if %node_version_number <= 12 && 0%{?suse_version} == 1315 && 0%{?sle_version} < 120400
-Provides:       bundled(openssl) = 3.0.15
+Provides:       bundled(openssl) = 3.0.13
 %else
 BuildRequires:  bundled_openssl_should_not_be_required
 %endif
@@ -319,17 +308,13 @@ BuildRequires:  bundled_openssl_should_not_be_required
 %if ! 0%{with intree_cares}
 BuildRequires:  pkgconfig(libcares) >= 1.17.0
 %else
-Provides:       bundled(libcares2) = 1.34.5
+Provides:       bundled(libcares2) = 1.28.1
-%endif
-
-%if %node_version_number >= 22 && 0%{?suse_version} > 1500
-BuildRequires:  sqlite3-devel
 %endif
 
 %if ! 0%{with intree_icu}
 BuildRequires:  pkgconfig(icu-i18n) >= 71
 %else
-Provides:       bundled(icu) = 76.1
+Provides:       bundled(icu) = 75.1
 %endif
 
 %if ! 0%{with intree_nghttp2}
@@ -394,20 +379,20 @@ BuildRequires:  pkgconfig(libbrotlidec)
 %endif
 
 
-Provides:       bundled(llhttp) = 9.2.1
+Provides:       bundled(llhttp) = 8.1.2
 Provides:       bundled(ngtcp2) = 1.1.0
-
+Provides:       bundled(base64) = 0.5.2
-Provides:       bundled(simdutf) = 6.0.3
+Provides:       bundled(simdutf) = 5.2.8
 
 # bundled url-ada parser, not ada
-Provides:       bundled(ada) = 2.9.2
+Provides:       bundled(ada) = 2.7.8
 
-Provides:       bundled(node-acorn) = 8.14.0
+Provides:       bundled(node-acorn) = 8.11.3
-Provides:       bundled(node-acorn-walk) = 8.3.4
+Provides:       bundled(node-acorn-walk) = 8.3.2
-Provides:       bundled(node-cjs-module-lexer) = 1.4.1
+Provides:       bundled(node-cjs-module-lexer) = 1.2.2
-Provides:       bundled(node-corepack) = 0.31.0
+Provides:       bundled(node-corepack) = 0.28.1
-Provides:       bundled(node-minimatch) = 10.0.1
+Provides:       bundled(node-minimatch) = 9.0.4
-Provides:       bundled(node-undici) = 6.21.2
+Provides:       bundled(node-undici) = 6.13.0
 
 %description
 Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine. Node.js
@@ -436,7 +421,7 @@ Requires:       nodejs-common
 Requires:       nodejs20 = %{version}
 Provides:       nodejs-npm = %{version}
 Obsoletes:      nodejs-npm < 4.0.0
-Provides:       npm(npm) = 10.8.2
+Provides:       npm(npm) = 10.7.0
 Provides:       npm = %{version}
 %if 0%{?suse_version} >= 1500
 %if %{node_version_number} >= 10
@@ -454,23 +439,24 @@ Provides:       bundled(node-ansi-styles) = 6.2.1
 Provides:       bundled(node-aproba) = 2.0.0
 Provides:       bundled(node-archy) = 1.0.0
 Provides:       bundled(node-balanced-match) = 1.0.2
-Provides:       bundled(node-bin-links) = 4.0.4
+Provides:       bundled(node-bin-links) = 4.0.3
 Provides:       bundled(node-binary-extensions) = 2.3.0
 Provides:       bundled(node-brace-expansion) = 2.0.1
-Provides:       bundled(node-cacache) = 18.0.3
+Provides:       bundled(node-builtins) = 5.1.0
+Provides:       bundled(node-cacache) = 18.0.2
 Provides:       bundled(node-chalk) = 5.3.0
 Provides:       bundled(node-chownr) = 2.0.0
 Provides:       bundled(node-ci-info) = 4.0.0
-Provides:       bundled(node-cidr-regex) = 4.1.1
+Provides:       bundled(node-cidr-regex) = 4.0.5
 Provides:       bundled(node-clean-stack) = 2.2.0
 Provides:       bundled(node-cli-columns) = 4.0.0
-Provides:       bundled(node-cmd-shim) = 6.0.3
+Provides:       bundled(node-cmd-shim) = 6.0.2
 Provides:       bundled(node-color-convert) = 2.0.1
 Provides:       bundled(node-color-name) = 1.1.4
 Provides:       bundled(node-common-ancestor-path) = 1.0.1
 Provides:       bundled(node-cross-spawn) = 7.0.3
 Provides:       bundled(node-cssesc) = 3.0.0
-Provides:       bundled(node-debug) = 4.3.5
+Provides:       bundled(node-debug) = 4.3.4
 Provides:       bundled(node-diff) = 5.2.0
 Provides:       bundled(node-eastasianwidth) = 0.2.0
 Provides:       bundled(node-emoji-regex) = 8.0.0
@@ -480,55 +466,60 @@ Provides:       bundled(node-env-paths) = 2.2.1
 Provides:       bundled(node-err-code) = 2.0.3
 Provides:       bundled(node-exponential-backoff) = 3.1.1
 Provides:       bundled(node-fastest-levenshtein) = 1.0.16
-Provides:       bundled(node-foreground-child) = 3.2.1
+Provides:       bundled(node-foreground-child) = 3.1.1
 Provides:       bundled(node-fs-minipass) = 2.1.0
 Provides:       bundled(node-fs-minipass) = 3.0.3
-Provides:       bundled(node-glob) = 10.4.2
+Provides:       bundled(node-function-bind) = 1.1.2
+Provides:       bundled(node-glob) = 10.3.12
 Provides:       bundled(node-graceful-fs) = 4.2.11
-Provides:       bundled(node-hosted-git-info) = 7.0.2
+Provides:       bundled(node-hasown) = 2.0.2
+Provides:       bundled(node-hosted-git-info) = 7.0.1
 Provides:       bundled(node-http-cache-semantics) = 4.1.1
 Provides:       bundled(node-http-proxy-agent) = 7.0.2
-Provides:       bundled(node-https-proxy-agent) = 7.0.5
+Provides:       bundled(node-https-proxy-agent) = 7.0.4
 Provides:       bundled(node-iconv-lite) = 0.6.3
-Provides:       bundled(node-ignore-walk) = 6.0.5
+Provides:       bundled(node-ignore-walk) = 6.0.4
 Provides:       bundled(node-imurmurhash) = 0.1.4
 Provides:       bundled(node-indent-string) = 4.0.0
-Provides:       bundled(node-ini) = 4.1.3
+Provides:       bundled(node-ini) = 4.1.2
-Provides:       bundled(node-init-package-json) = 6.0.3
+Provides:       bundled(node-init-package-json) = 6.0.2
 Provides:       bundled(node-ip-address) = 9.0.5
 Provides:       bundled(node-ip-regex) = 5.0.0
-Provides:       bundled(node-is-cidr) = 5.1.0
+Provides:       bundled(node-is-cidr) = 5.0.5
+Provides:       bundled(node-is-core-module) = 2.13.1
 Provides:       bundled(node-is-fullwidth-code-point) = 3.0.0
 Provides:       bundled(node-is-lambda) = 1.0.1
 Provides:       bundled(node-isexe) = 2.0.0
 Provides:       bundled(node-isexe) = 3.1.1
-Provides:       bundled(node-jackspeak) = 3.4.0
+Provides:       bundled(node-jackspeak) = 2.3.6
 Provides:       bundled(node-jsbn) = 1.1.0
-Provides:       bundled(node-json-parse-even-better-errors) = 3.0.2
+Provides:       bundled(node-json-parse-even-better-errors) = 3.0.1
 Provides:       bundled(node-json-stringify-nice) = 1.1.4
 Provides:       bundled(node-jsonparse) = 1.3.1
 Provides:       bundled(node-just-diff) = 6.0.2
 Provides:       bundled(node-just-diff-apply) = 5.5.0
-Provides:       bundled(node-libnpmaccess) = 8.0.6
+Provides:       bundled(node-libnpmaccess) = 8.0.5
-Provides:       bundled(node-libnpmdiff) = 6.1.4
+Provides:       bundled(node-libnpmdiff) = 6.1.1
-Provides:       bundled(node-libnpmexec) = 8.1.3
+Provides:       bundled(node-libnpmexec) = 8.1.0
-Provides:       bundled(node-libnpmfund) = 5.0.12
+Provides:       bundled(node-libnpmfund) = 5.0.9
-Provides:       bundled(node-libnpmhook) = 10.0.5
+Provides:       bundled(node-libnpmhook) = 10.0.4
-Provides:       bundled(node-libnpmorg) = 6.0.6
+Provides:       bundled(node-libnpmorg) = 6.0.5
-Provides:       bundled(node-libnpmpack) = 7.0.4
+Provides:       bundled(node-libnpmpack) = 7.0.1
-Provides:       bundled(node-libnpmpublish) = 9.0.9
+Provides:       bundled(node-libnpmpublish) = 9.0.7
-Provides:       bundled(node-libnpmsearch) = 7.0.6
+Provides:       bundled(node-libnpmsearch) = 7.0.4
-Provides:       bundled(node-libnpmteam) = 6.0.5
+Provides:       bundled(node-libnpmteam) = 6.0.4
-Provides:       bundled(node-libnpmversion) = 6.0.3
+Provides:       bundled(node-libnpmversion) = 6.0.1
 Provides:       bundled(node-lru-cache) = 10.2.2
+Provides:       bundled(node-lru-cache) = 6.0.0
 Provides:       bundled(node-make-fetch-happen) = 13.0.1
-Provides:       bundled(node-minimatch) = 9.0.5
+Provides:       bundled(node-minimatch) = 9.0.4
 Provides:       bundled(node-minipass) = 3.3.6
 Provides:       bundled(node-minipass) = 5.0.0
-Provides:       bundled(node-minipass) = 7.1.2
+Provides:       bundled(node-minipass) = 7.0.4
 Provides:       bundled(node-minipass-collect) = 2.0.1
-Provides:       bundled(node-minipass-fetch) = 3.0.5
+Provides:       bundled(node-minipass-fetch) = 3.0.4
 Provides:       bundled(node-minipass-flush) = 1.0.5
+Provides:       bundled(node-minipass-json-stream) = 1.0.1
 Provides:       bundled(node-minipass-pipeline) = 1.2.4
 Provides:       bundled(node-minipass-sized) = 1.0.3
 Provides:       bundled(node-minizlib) = 2.1.2
@@ -538,25 +529,24 @@ Provides:       bundled(node-ms) = 2.1.3
 Provides:       bundled(node-mute-stream) = 1.0.0
 Provides:       bundled(node-negotiator) = 0.6.3
 Provides:       bundled(node-node-gyp) = 10.1.0
-Provides:       bundled(node-nopt) = 7.2.1
+Provides:       bundled(node-nopt) = 7.2.0
-Provides:       bundled(node-normalize-package-data) = 6.0.2
+Provides:       bundled(node-normalize-package-data) = 6.0.0
 Provides:       bundled(node-npm-audit-report) = 5.0.0
-Provides:       bundled(node-npm-bundled) = 3.0.1
+Provides:       bundled(node-npm-bundled) = 3.0.0
 Provides:       bundled(node-npm-install-checks) = 6.3.0
 Provides:       bundled(node-npm-normalize-package-bin) = 3.0.1
 Provides:       bundled(node-npm-package-arg) = 11.0.2
 Provides:       bundled(node-npm-packlist) = 8.0.2
-Provides:       bundled(node-npm-pick-manifest) = 9.1.0
+Provides:       bundled(node-npm-pick-manifest) = 9.0.0
-Provides:       bundled(node-npm-profile) = 10.0.0
+Provides:       bundled(node-npm-profile) = 9.0.2
-Provides:       bundled(node-npm-registry-fetch) = 17.1.0
+Provides:       bundled(node-npm-registry-fetch) = 17.0.0
-Provides:       bundled(node-npm-user-validate) = 2.0.1
+Provides:       bundled(node-npm-user-validate) = 2.0.0
 Provides:       bundled(node-p-map) = 4.0.0
-Provides:       bundled(node-package-json-from-dist) = 1.0.0
+Provides:       bundled(node-pacote) = 18.0.3
-Provides:       bundled(node-pacote) = 18.0.6
 Provides:       bundled(node-parse-conflict-json) = 3.0.1
 Provides:       bundled(node-path-key) = 3.1.1
-Provides:       bundled(node-path-scurry) = 1.11.1
+Provides:       bundled(node-path-scurry) = 1.10.2
-Provides:       bundled(node-postcss-selector-parser) = 6.1.0
+Provides:       bundled(node-postcss-selector-parser) = 6.0.16
 Provides:       bundled(node-proc-log) = 3.0.0
 Provides:       bundled(node-proc-log) = 4.2.0
 Provides:       bundled(node-proggy) = 2.0.0
@@ -564,28 +554,28 @@ Provides:       bundled(node-promise-all-reject-late) = 1.0.1
 Provides:       bundled(node-promise-call-limit) = 3.0.1
 Provides:       bundled(node-promise-inflight) = 1.0.1
 Provides:       bundled(node-promise-retry) = 2.0.1
-Provides:       bundled(node-promzard) = 1.0.2
+Provides:       bundled(node-promzard) = 1.0.1
 Provides:       bundled(node-qrcode-terminal) = 0.12.0
 Provides:       bundled(node-read) = 3.0.1
 Provides:       bundled(node-read-cmd-shim) = 4.0.0
 Provides:       bundled(node-read-package-json-fast) = 3.0.2
 Provides:       bundled(node-retry) = 0.12.0
 Provides:       bundled(node-safer-buffer) = 2.1.2
-Provides:       bundled(node-semver) = 7.6.2
+Provides:       bundled(node-semver) = 7.6.0
 Provides:       bundled(node-shebang-command) = 2.0.0
 Provides:       bundled(node-shebang-regex) = 3.0.0
 Provides:       bundled(node-signal-exit) = 4.1.0
-Provides:       bundled(node-sigstore) = 2.3.1
+Provides:       bundled(node-sigstore) = 2.3.0
 Provides:       bundled(node-smart-buffer) = 4.2.0
 Provides:       bundled(node-socks) = 2.8.3
-Provides:       bundled(node-socks-proxy-agent) = 8.0.4
+Provides:       bundled(node-socks-proxy-agent) = 8.0.3
 Provides:       bundled(node-spdx-correct) = 3.2.0
 Provides:       bundled(node-spdx-exceptions) = 2.5.0
 Provides:       bundled(node-spdx-expression-parse) = 3.0.1
 Provides:       bundled(node-spdx-expression-parse) = 4.0.0
-Provides:       bundled(node-spdx-license-ids) = 3.0.18
+Provides:       bundled(node-spdx-license-ids) = 3.0.17
 Provides:       bundled(node-sprintf-js) = 1.1.3
-Provides:       bundled(node-ssri) = 10.0.6
+Provides:       bundled(node-ssri) = 10.0.5
 Provides:       bundled(node-string-width) = 4.2.3
 Provides:       bundled(node-string-width) = 5.1.2
 Provides:       bundled(node-strip-ansi) = 6.0.1
@@ -595,12 +585,12 @@ Provides:       bundled(node-tar) = 6.2.1
 Provides:       bundled(node-text-table) = 0.2.0
 Provides:       bundled(node-tiny-relative-date) = 1.3.0
 Provides:       bundled(node-treeverse) = 3.0.0
-Provides:       bundled(node-tuf-js) = 2.2.1
+Provides:       bundled(node-tuf-js) = 2.2.0
 Provides:       bundled(node-unique-filename) = 3.0.0
 Provides:       bundled(node-unique-slug) = 4.0.0
 Provides:       bundled(node-util-deprecate) = 1.0.2
 Provides:       bundled(node-validate-npm-package-license) = 3.0.4
-Provides:       bundled(node-validate-npm-package-name) = 5.0.1
+Provides:       bundled(node-validate-npm-package-name) = 5.0.0
 Provides:       bundled(node-walk-up-path) = 3.0.1
 Provides:       bundled(node-which) = 2.0.2
 Provides:       bundled(node-which) = 4.0.0
@@ -683,7 +673,6 @@ popd
 %if 0%{with valgrind_tests}
 %endif
 %patch -P 13 -p1
-%patch -P 82 -p1
 %patch -P 100 -p1
 %patch -P 101 -p1
 %if 0%{?suse_version} >= 1500 || 0%{?suse_version} == 0
@@ -800,9 +789,6 @@ EOF
 %if %{node_version_number} < 19
     --without-dtrace \
 %endif
-%if %{node_version_number} >= 22 && 0%{?suse_version} > 1500
-    --shared-sqlite \
-%endif
 %if %{node_version_number} >= 16 && (0%{?suse_version} > 1550 || 0%{?sle_version} >= 150400)
     --openssl-default-cipher-list=PROFILE=SYSTEM \
 %endif
@@ -931,15 +917,11 @@ export CI_JS_SUITES=default
 export NODE_TEST_NO_INTERNET=1
 
 %if %{node_version_number} >= 12
-find test \( -name \*.out -or -name \*.js -or -name \*.snapshot \) -exec sed -i 's,Use `node ,Use `node%{node_version_number} ,' {} \;
+find test \( -name \*.out -or -name \*.js \) -exec sed -i 's,Use `node ,Use `node%{node_version_number} ,' {} \;
 %endif
 
 %if %{node_version_number} >= 20
 rm test/parallel/test-strace-openat-openssl.js
-
-# https://github.com/nodejs/node/pull/57269 -- nghttp2 dropped priority support
-rm test/parallel/test-http2-client-set-priority.js
-rm test/parallel/test-http2-priority-event.js
 %endif
 
 # Update the python3 executable name to point at forced python version
@@ -947,7 +929,6 @@ rm test/parallel/test-http2-priority-event.js
 %if 0%{?forced_python_version:1}
 sed -i -e "s,'python3','python%{forced_python_version}'," test/parallel/test-child-process-set-blocking.js
 test -e tools/pseudo-tty.py && sed -i -e "s,^#!/usr/bin/env python3$,#!/usr/bin/python%{forced_python_version}," tools/pseudo-tty.py ||:
-export PYTHON="/usr/bin/python%{forced_python_version}"
 %endif
 
 ln addon-rpm.gypi deps/npm/node_modules/node-gyp/addon-rpm.gypi
@@ -962,10 +943,6 @@ rm test/parallel/test-dns-cancel-reverse-lookup.js \
    test/parallel/test-dns-resolveany.js
 # multicast test fail since no socket?
 rm test/parallel/test-dgram-membership.js
-%if %{node_version_number} > 20
-# missing ICU test data for 15.6/15.7/SLFO
-ln test/fixtures/icu/localizationData-v74.2.json test/fixtures/icu/localizationData-v73.2.json
-%endif
 
 %if %{node_version_number} >= 18
 # OBS broken /etc/hosts -- https://github.com/openSUSE/open-build-service/issues/13104