SHA256
1
0
forked from pool/nodejs22

Update to 22.12.0

Also fix potential CVE-2024-21538 in npm
This commit is contained in:
Adam Majer 2024-12-04 18:12:37 +01:00
parent 6f7127ad49
commit 8800b2b09c
11 changed files with 164 additions and 131 deletions

46
CVE-2024-21538.patch Normal file
View File

@ -0,0 +1,46 @@
Applied following patches,
From 5ff3a07d9add449021d806e45c4168203aa833ff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9=20Cruz?= <andremiguelcruz@msn.com>
Date: Wed, 6 Nov 2024 22:02:49 +0000
Subject: [PATCH] fix: disable regexp backtracking (#160)
---
lib/util/escape.js | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
From 640d391fde65388548601d95abedccc12943374f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9=20Cruz?= <andre.cruz@uphold.com>
Date: Thu, 7 Nov 2024 12:50:38 +0000
Subject: [PATCH] fix: fix escaping bug introduced by backtracking
---
lib/util/escape.js | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Index: node-v18.20.5/deps/npm/node_modules/cross-spawn/lib/util/escape.js
===================================================================
--- node-v18.20.5.orig/deps/npm/node_modules/cross-spawn/lib/util/escape.js
+++ node-v18.20.5/deps/npm/node_modules/cross-spawn/lib/util/escape.js
@@ -15,15 +15,17 @@ function escapeArgument(arg, doubleEscap
arg = `${arg}`;
// Algorithm below is based on https://qntm.org/cmd
+ // It's slightly altered to disable JS backtracking to avoid hanging on specially crafted input
+ // Please see https://github.com/moxystudio/node-cross-spawn/pull/160 for more information
// Sequence of backslashes followed by a double quote:
// double up all the backslashes and escape the double quote
- arg = arg.replace(/(\\*)"/g, '$1$1\\"');
+ arg = arg.replace(/(?=(\\+?)?)\1"/g, '$1$1\\"');
// Sequence of backslashes followed by the end of the string
// (which will become a double quote later):
// double up all the backslashes
- arg = arg.replace(/(\\*)$/, '$1$1');
+ arg = arg.replace(/(?=(\\+?)?)\1$/, '$1$1');
// All other backslashes occur literally

View File

@ -1,41 +1,41 @@
1bbf7e632ea55eabf920e8e27bb3e73ca4923eca78a300e5767635e9b2c0c603 node-v22.11.0-aix-ppc64.tar.gz b4cb7707b22218154cdcf8cbc9bbb5c941dab09961a544cc7aba6ab50da99926 node-v22.12.0-aix-ppc64.tar.gz
de6cd4db461b6dc3b3eab31a36b58e30d8af074183bcb13ceca6fd162a579ba6 node-v22.11.0-arm64.msi 587e4f0fc2c27106e4e758a29db5726b337e660483dd554ea1610a4246fbf71b node-v22.12.0-arm64.msi
2e89afe6f4e3aa6c7e21c560d8a0453d84807e97850bbb819b998531a22bdfde node-v22.11.0-darwin-arm64.tar.gz 293dcc6c2408da21562d135b0412525e381bb6fe150d688edb58fe850d0f3e13 node-v22.12.0-darwin-arm64.tar.gz
c379a90c6aa605b74042a233ddcda4247b347ba5732007d280e44422cc8f9ecb node-v22.11.0-darwin-arm64.tar.xz 0047be0cfda922eb73876f9ef41de361c36b7654c884d13d9b783b0efd1db9aa node-v22.12.0-darwin-arm64.tar.xz
668d30b9512137b5f5baeef6c1bb4c46efff9a761ba990a034fb6b28b9da2465 node-v22.11.0-darwin-x64.tar.gz 52bc25dd026db7247c3c00439afdb83e95087248267f02d6c1a7250d1f896173 node-v22.12.0-darwin-x64.tar.gz
ab28d1784625d151e3f608a9412a009118f376118ed842ae643f8c2efdfb0af6 node-v22.11.0-darwin-x64.tar.xz d68ef0c4c19b3b3b88c0e7408668d0a539607c136a14668e079feed0c6ec8bec node-v22.12.0-darwin-x64.tar.xz
0d42dc3b3377f49e495976dc0e4f5c3a7ffb1d714050d2f247afdbbc0898dae5 node-v22.11.0-headers.tar.gz c0760383af3c23637f46959a53113490fefb84cb388ac71a08d28761527e7b1b node-v22.12.0-headers.tar.gz
7eddf759cd3d1a0113c1a0ac7c080e5c0e458bca34a064c62dc8ce613ff5efdd node-v22.11.0-headers.tar.xz 3cde28bb5820cf0f7593c7817c7a9ab1f15016dd85a6e5c240bbdf2a9c59130d node-v22.12.0-headers.tar.xz
27453f7a0dd6b9e6738f1f6ea6a09b102ec7aa484de1e39d6a1c3608ad47aa6a node-v22.11.0-linux-arm64.tar.gz 9e7905fdee722f9650a03ae644b51c4c6effd3b98ac93c588700072ab35c9ddb node-v22.12.0-linux-arm64.tar.gz
6031d04b98f59ff0f7cb98566f65b115ecd893d3b7870821171708cdbaf7ae6e node-v22.11.0-linux-arm64.tar.xz 8cfd5a8b9afae5a2e0bd86b0148ca31d2589c0ea669c2d0b11c132e35d90ed68 node-v22.12.0-linux-arm64.tar.xz
f85ced095b17e2535859fd2a5641370c3fca12dd72147f93d2696e2909fe1e9d node-v22.11.0-linux-armv7l.tar.gz f6f3dc6493befa7844e2f65024f857dc8fbbc0d86089b09f6e73d5eb7e2ce9ad node-v22.12.0-linux-armv7l.tar.gz
9de0fdcfb1cccbe03f72f939e4e6f03867aef3da8223f90606cd93757704dae0 node-v22.11.0-linux-armv7l.tar.xz afedb2695faacb22805adde9534f2a360f2b39cab622ebdfe5e7383a2b58ebb9 node-v22.12.0-linux-armv7l.tar.xz
0532965a717d3996302a111703c007dac2763e01795730d488dadbc2fcfac2fa node-v22.11.0-linux-ppc64le.tar.gz a01148778eb1e9c56413e6a69cfe8d4563524c914dc3f9c667948a0d7a1a151a node-v22.12.0-linux-ppc64le.tar.gz
d1d49d7d611b104b6d616e18ac439479d8296aa20e3741432de0e85f4735a81e node-v22.11.0-linux-ppc64le.tar.xz 199a606ba1ee86cce6d6b369c71f9d00873d2836a6662592afc3b6a5923e2004 node-v22.12.0-linux-ppc64le.tar.xz
64f691400ffe3a84be930e0cb03607d0b95bef122a679f7893d8e2972e90c521 node-v22.11.0-linux-s390x.tar.gz 63dd2e20cb50e2145c06f8f55b5682753691965b20fa08797a969a15b751ac8e node-v22.12.0-linux-s390x.tar.gz
f474ed77d6b13d66d07589aee1c2b9175be4c1b165483e608ac1674643064a99 node-v22.11.0-linux-s390x.tar.xz 9b517f8006eb4b451d40c461cbe64f93c6455566dbe2613387ab02412bc06d35 node-v22.12.0-linux-s390x.tar.xz
4f862bab52039835efbe613b532238b6e4dde98d139a34e6923193e073438b13 node-v22.11.0-linux-x64.tar.gz e05a4d65232ae2b27b3d77da2e368522fb46b923335b8e0d5f77624c32484044 node-v22.12.0-linux-x64.tar.gz
83bf07dd343002a26211cf1fcd46a9d9534219aad42ee02847816940bf610a72 node-v22.11.0-linux-x64.tar.xz 22982235e1b71fa8850f82edd09cdae7e3f32df1764a9ec298c72d25ef2c164f node-v22.12.0-linux-x64.tar.xz
8d658eda7699d580ccc268ca8a40ced5aeecef5bb4d19c4187e92eebac5d68ec node-v22.11.0.pkg 94068d6877faa376f0b00aa775b490d59ea9accc8dbc5616efaff400f670fee1 node-v22.12.0.pkg
24e5130fa7bc1eaab218a0c9cb05e03168fa381bb9e3babddc6a11f655799222 node-v22.11.0.tar.gz 3157e7c002b6e964bdbefb331ec38db1e2dceb064ab11c038275155461b22ce3 node-v22.12.0.tar.gz
bbf0297761d53aefda9d7855c57c7d2c272b83a7b5bad4fea9cb29006d8e1d35 node-v22.11.0.tar.xz fe1bc4be004dc12721ea2cb671b08a21de01c6976960ef8a1248798589679e16 node-v22.12.0.tar.xz
55b491f3d73fdacf8cf43a2199e824abadda2c43a94780310baa526dc1d679e2 node-v22.11.0-win-arm64.7z 9c8e8fc0e409dc0cf32f159f9ccf11e95f1be5bb26e1a9b34f40bb9a6da3f0e2 node-v22.12.0-win-arm64.7z
b9ff5a6b6ffb68a0ffec82cc5664ed48247dabbd25ee6d129facd2f65a8ca80d node-v22.11.0-win-arm64.zip 17401720af48976e3f67c41e8968a135fb49ca1f88103a92e0e8c70605763854 node-v22.12.0-win-arm64.zip
d2a4fadb1f5e4abc634b6ac16c44cae7c73ffc3dbfe8b92b011d85f2df90f6c1 node-v22.11.0-win-x64.7z 922285593360adbe1fcd16d4e0049a13552dcad085fa53768c21c8d17089a134 node-v22.12.0-win-x64.7z
905373a059aecaf7f48c1ce10ffbd5334457ca00f678747f19db5ea7d256c236 node-v22.11.0-win-x64.zip 2b8f2256382f97ad51e29ff71f702961af466c4616393f767455501e6aece9b8 node-v22.12.0-win-x64.zip
ca0a274f1edc90005b1dc7ec22ec55dad1acc21320bc0be853065d69db2a5152 node-v22.11.0-win-x86.7z 6fa5480413f3bacc170f94e7aa332e5e8d8c3f9a03f05f802c6cbf6b1a265eef node-v22.12.0-win-x86.7z
700e0b1bcaca8b1a04c929ce29b0f07e099b4a34a7facab74fda71764d16f71c node-v22.11.0-win-x86.zip b52129972529f22f1c8a726655842ca1fc13e0b4c37cd4d397270ba772032d43 node-v22.12.0-win-x86.zip
9eea480bd30c98ae11a97cb89a9278235cbbbd03c171ee5e5198bd86b7965b4b node-v22.11.0-x64.msi 5fa43604523be95f8e73c4c98337a5c2bf02450a6525ad25ec2926e464e6bcef node-v22.12.0-x64.msi
ab19f02c4b0d9f578928b67d2a652496aa31729a8cc9771ffc9cc6d3b8afe7e3 node-v22.11.0-x86.msi 97fd52500c6947d5886c616ce37c93d40f5b0b811a1f87f89783c25e0de345e3 node-v22.12.0-x86.msi
b4e5e2821aeb518c0c55f02d4fcd9182c57f97bcce50341998333dba38e34ea4 win-arm64/node.exe cfd2e0d9a708cf37acfecfd11ff237bb141893dc057080b4edb23af6a45d3f55 win-arm64/node.exe
ad65afe5b192644fec9d599c77f0e38a8421d0d7ad2389679882a288c8df444b win-arm64/node.lib 423502a56ef7f7dd087df41b518f53104ce321ef2ab3031fe4ca22b965382d86 win-arm64/node.lib
0861cf0f1ff6135a21eb26279fc6a6f7dc9d9c0ac926a17553f387c32945eea5 win-arm64/node_pdb.7z 739c03416daf8d2f2efc0bf48a8c2e53e0c14438b8a5889cc2995c5012ae7824 win-arm64/node_pdb.7z
f35c2d1a967080b0a1e288b891cb9300a04d0b90042bac8c965c9ebcfc3749bf win-arm64/node_pdb.zip 70f9745e3380cf452d3a8fd156d5ed7ead92a30fdead78ea703afe5331f77e35 win-arm64/node_pdb.zip
7447c4ece014aa41fb2ff866c993c708e5a8213a00913cc2ac5049ea3ffc230d win-x64/node.exe b3b117a08ee61efee09e6fd523ab33c0c018da1b570bde08e4fd914dc1170ed6 win-x64/node.exe
3581a06b68c4584d146372113eaa8c4d102127222e5041195ba38f185eef419c win-x64/node.lib 7980a34112c38a9b269226bcd3a9148bf101411d794750f18dc15c5026b92b30 win-x64/node.lib
171d80aeedbe43bd70b3539de6f845a359d8dd97a684df2cbb4f49d8946f4991 win-x64/node_pdb.7z e9fc26cea58f8e1520a5a930c7fc40ac99f22c8470f5617d3e3f09dcd1feb7ef win-x64/node_pdb.7z
7c3fa0149b17d9ff4b5af2f3e19e768b6ab684a9dd8dcf35ea204a90d3f56903 win-x64/node_pdb.zip 6a9417c99259f5d15a3c11dbe7a011a1484532b33bb84e5e8f8e3c733af74064 win-x64/node_pdb.zip
e54a4559dafd56562a45b50000831d28ee2f7f1ac4ff98b38165871f31f64ab8 win-x86/node.exe ab2390e667e9abfa16b97a27adf84cd9f08a4788816db54f56bc25893f76e9d1 win-x86/node.exe
45399070d1d247cf223d12e80d3e638635af24d2f7a4714bc8e38a6a918f162a win-x86/node.lib 289e832c5ff6ebb6be1644bf06d7078638447947cc6e314122e7f17b30ba268a win-x86/node.lib
a78040dbb0e7296eebe90c235091ee46a8a01587a226bf4e5a01f5b399e153d7 win-x86/node_pdb.7z 525560e7fe53036a1caaf63ec3d4e508ea59079111c0f18b4de2bbf1069537ff win-x86/node_pdb.7z
9fb300178536e8243ad55207ee85990731e77299c9e670cec0b54e10dc971713 win-x86/node_pdb.zip 82150928ab3f6bc3f50b4cc540b987b3c41ea7f3f93f790e4acf58553572faea win-x86/node_pdb.zip

Binary file not shown.

View File

@ -2,23 +2,10 @@ Author: Adam Majer <amajer@suse.de>
Date: Dec 20 09:18:49 UTC 2017 Date: Dec 20 09:18:49 UTC 2017
Summary: Fix CI unit tests framework for OBS building Summary: Fix CI unit tests framework for OBS building
Index: node-v22.10.0/test/parallel/test-node-output-v8-warning.mjs Index: node-v22.12.0/test/parallel/test-module-loading-globalpaths.js
=================================================================== ===================================================================
--- node-v22.10.0.orig/test/parallel/test-node-output-v8-warning.mjs --- node-v22.12.0.orig/test/parallel/test-module-loading-globalpaths.js
+++ node-v22.10.0/test/parallel/test-node-output-v8-warning.mjs +++ node-v22.12.0/test/parallel/test-module-loading-globalpaths.js
@@ -15,7 +15,7 @@ describe('v8 output', { concurrency: !pr
.replaceAll('*test*', '*')
.replaceAll(/.*?\*fixtures\*v8\*/g, '(node:*) V8: *') // Replace entire path before fixtures/v8
.replaceAll('*fixtures*v8*', '*')
- .replaceAll('node --', '* --');
+ .replace(/node\d+ --/, '* --');
}
const common = snapshot
.transform(snapshot.replaceWindowsLineEndings, snapshot.replaceWindowsPaths, replaceNodeVersion);
Index: node-v22.10.0/test/parallel/test-module-loading-globalpaths.js
===================================================================
--- node-v22.10.0.orig/test/parallel/test-module-loading-globalpaths.js
+++ node-v22.10.0/test/parallel/test-module-loading-globalpaths.js
@@ -11,6 +11,9 @@ const { addLibraryPath } = require('../c @@ -11,6 +11,9 @@ const { addLibraryPath } = require('../c
addLibraryPath(process.env); addLibraryPath(process.env);
@ -29,10 +16,10 @@ Index: node-v22.10.0/test/parallel/test-module-loading-globalpaths.js
if (process.argv[2] === 'child') { if (process.argv[2] === 'child') {
console.log(require(pkgName).string); console.log(require(pkgName).string);
} else { } else {
Index: node-v22.10.0/test/parallel/test-tls-passphrase.js Index: node-v22.12.0/test/parallel/test-tls-passphrase.js
=================================================================== ===================================================================
--- node-v22.10.0.orig/test/parallel/test-tls-passphrase.js --- node-v22.12.0.orig/test/parallel/test-tls-passphrase.js
+++ node-v22.10.0/test/parallel/test-tls-passphrase.js +++ node-v22.12.0/test/parallel/test-tls-passphrase.js
@@ -223,7 +223,7 @@ server.listen(0, common.mustCall(functio @@ -223,7 +223,7 @@ server.listen(0, common.mustCall(functio
}, onSecureConnect()); }, onSecureConnect());
})).unref(); })).unref();
@ -42,10 +29,10 @@ Index: node-v22.10.0/test/parallel/test-tls-passphrase.js
// Missing passphrase // Missing passphrase
assert.throws(function() { assert.throws(function() {
Index: node-v22.10.0/test/parallel/test-repl-envvars.js Index: node-v22.12.0/test/parallel/test-repl-envvars.js
=================================================================== ===================================================================
--- node-v22.10.0.orig/test/parallel/test-repl-envvars.js --- node-v22.12.0.orig/test/parallel/test-repl-envvars.js
+++ node-v22.10.0/test/parallel/test-repl-envvars.js +++ node-v22.12.0/test/parallel/test-repl-envvars.js
@@ -2,7 +2,9 @@ @@ -2,7 +2,9 @@
// Flags: --expose-internals // Flags: --expose-internals
@ -57,11 +44,11 @@ Index: node-v22.10.0/test/parallel/test-repl-envvars.js
const stream = require('stream'); const stream = require('stream');
const { describe, test } = require('node:test'); const { describe, test } = require('node:test');
const REPL = require('internal/repl'); const REPL = require('internal/repl');
Index: node-v22.10.0/Makefile Index: node-v22.12.0/Makefile
=================================================================== ===================================================================
--- node-v22.10.0.orig/Makefile --- node-v22.12.0.orig/Makefile
+++ node-v22.10.0/Makefile +++ node-v22.12.0/Makefile
@@ -399,7 +399,6 @@ ADDONS_HEADERS_PREREQS := tools/install. @@ -397,7 +397,6 @@ ADDONS_HEADERS_PREREQS := tools/install.
$(wildcard deps/uv/include/*/*.h) \ $(wildcard deps/uv/include/*/*.h) \
$(wildcard deps/v8/include/*.h) \ $(wildcard deps/v8/include/*.h) \
$(wildcard deps/v8/include/*/*.h) \ $(wildcard deps/v8/include/*/*.h) \
@ -69,7 +56,7 @@ Index: node-v22.10.0/Makefile
src/node.h src/node_api.h src/js_native_api.h src/js_native_api_types.h \ src/node.h src/node_api.h src/js_native_api.h src/js_native_api_types.h \
src/node_api_types.h src/node_buffer.h src/node_object_wrap.h \ src/node_api_types.h src/node_buffer.h src/node_object_wrap.h \
src/node_version.h src/node_version.h
@@ -572,6 +571,7 @@ test-ci-js: | clear-stalled ## Build and @@ -570,6 +569,7 @@ test-ci-js: | clear-stalled ## Build and
# Related CI jobs: most CI tests, excluding node-test-commit-arm-fanned # Related CI jobs: most CI tests, excluding node-test-commit-arm-fanned
test-ci: LOGLEVEL := info ## Build and test everything (CI). test-ci: LOGLEVEL := info ## Build and test everything (CI).
test-ci: | clear-stalled bench-addons-build build-addons build-js-native-api-tests build-node-api-tests doc-only test-ci: | clear-stalled bench-addons-build build-addons build-js-native-api-tests build-node-api-tests doc-only
@ -77,7 +64,7 @@ Index: node-v22.10.0/Makefile
out/Release/cctest --gtest_output=xml:out/junit/cctest.xml out/Release/cctest --gtest_output=xml:out/junit/cctest.xml
$(PYTHON) tools/test.py $(PARALLEL_ARGS) -p tap --logfile test.tap \ $(PYTHON) tools/test.py $(PARALLEL_ARGS) -p tap --logfile test.tap \
--mode=$(BUILDTYPE_LOWER) --flaky-tests=$(FLAKY_TESTS) \ --mode=$(BUILDTYPE_LOWER) --flaky-tests=$(FLAKY_TESTS) \
@@ -752,7 +752,8 @@ apidocs_json = $(addprefix out/,$(apidoc @@ -750,7 +750,8 @@ apidocs_json = $(addprefix out/,$(apidoc
apiassets = $(subst api_assets,api/assets,$(addprefix out/,$(wildcard doc/api_assets/*))) apiassets = $(subst api_assets,api/assets,$(addprefix out/,$(wildcard doc/api_assets/*)))
tools/doc/node_modules: tools/doc/package.json tools/doc/node_modules: tools/doc/package.json
@ -87,10 +74,10 @@ Index: node-v22.10.0/Makefile
echo "Skipping tools/doc/node_modules (no crypto)"; \ echo "Skipping tools/doc/node_modules (no crypto)"; \
else \ else \
cd tools/doc && $(call available-node,$(run-npm-ci)) \ cd tools/doc && $(call available-node,$(run-npm-ci)) \
Index: node-v22.10.0/tools/test.py Index: node-v22.12.0/tools/test.py
=================================================================== ===================================================================
--- node-v22.10.0.orig/tools/test.py --- node-v22.12.0.orig/tools/test.py
+++ node-v22.10.0/tools/test.py +++ node-v22.12.0/tools/test.py
@@ -1386,7 +1386,7 @@ def BuildOptions(): @@ -1386,7 +1386,7 @@ def BuildOptions():
result.add_option("-s", "--suite", help="A test suite", result.add_option("-s", "--suite", help="A test suite",
default=[], action="append") default=[], action="append")
@ -100,10 +87,10 @@ Index: node-v22.10.0/tools/test.py
result.add_option("--arch", help='The architecture to run tests for', result.add_option("--arch", help='The architecture to run tests for',
default='none') default='none')
result.add_option("--snapshot", help="Run the tests with snapshot turned on", result.add_option("--snapshot", help="Run the tests with snapshot turned on",
Index: node-v22.10.0/test/parallel/test-crypto-dh.js Index: node-v22.12.0/test/parallel/test-crypto-dh.js
=================================================================== ===================================================================
--- node-v22.10.0.orig/test/parallel/test-crypto-dh.js --- node-v22.12.0.orig/test/parallel/test-crypto-dh.js
+++ node-v22.10.0/test/parallel/test-crypto-dh.js +++ node-v22.12.0/test/parallel/test-crypto-dh.js
@@ -93,7 +93,7 @@ const crypto = require('crypto'); @@ -93,7 +93,7 @@ const crypto = require('crypto');
dh3.computeSecret(''); dh3.computeSecret('');
}, { message: common.hasOpenSSL3 && !hasOpenSSL3WithNewErrorMessage ? }, { message: common.hasOpenSSL3 && !hasOpenSSL3WithNewErrorMessage ?
@ -113,10 +100,10 @@ Index: node-v22.10.0/test/parallel/test-crypto-dh.js
} }
} }
Index: node-v22.10.0/test/parallel/test-dns.js Index: node-v22.12.0/test/parallel/test-dns.js
=================================================================== ===================================================================
--- node-v22.10.0.orig/test/parallel/test-dns.js --- node-v22.12.0.orig/test/parallel/test-dns.js
+++ node-v22.10.0/test/parallel/test-dns.js +++ node-v22.12.0/test/parallel/test-dns.js
@@ -403,7 +403,7 @@ assert.throws(() => { @@ -403,7 +403,7 @@ assert.throws(() => {
const server = dgram.createSocket('udp4'); const server = dgram.createSocket('udp4');

View File

@ -1,13 +0,0 @@
Index: node-v22.11.0/configure.py
===================================================================
--- node-v22.11.0.orig/configure.py
+++ node-v22.11.0/configure.py
@@ -1876,7 +1876,7 @@ def configure_intl(o):
elif with_intl == 'system-icu':
# ICU from pkg-config.
o['variables']['v8_enable_i18n_support'] = 1
- pkgicu = pkg_config('icu-i18n')
+ pkgicu = pkg_config('icu-i18n icu-uc')
if not pkgicu[0]:
error('''Could not load pkg-config data for "icu-i18n".
See above errors or the README.md.''')

View File

@ -3,11 +3,11 @@ is run serially over these binaries instead of in parallel.
OBS workers run out of memory as each executable seems to require OBS workers run out of memory as each executable seems to require
upward of 5G RAM upward of 5G RAM
Index: node-v22.10.0/node.gyp Index: node-v22.12.0/node.gyp
=================================================================== ===================================================================
--- node-v22.10.0.orig/node.gyp --- node-v22.12.0.orig/node.gyp
+++ node-v22.10.0/node.gyp +++ node-v22.12.0/node.gyp
@@ -1193,6 +1193,7 @@ @@ -1186,6 +1186,7 @@
'deps/simdutf/simdutf.gyp:simdutf', 'deps/simdutf/simdutf.gyp:simdutf',
'deps/ada/ada.gyp:ada', 'deps/ada/ada.gyp:ada',
'deps/nbytes/nbytes.gyp:nbytes', 'deps/nbytes/nbytes.gyp:nbytes',
@ -15,8 +15,8 @@ Index: node-v22.10.0/node.gyp
], ],
'includes': [ 'includes': [
@@ -1273,6 +1274,7 @@ @@ -1264,6 +1265,7 @@
'deps/sqlite/sqlite.gyp:sqlite', 'deps/histogram/histogram.gyp:histogram',
'deps/ada/ada.gyp:ada', 'deps/ada/ada.gyp:ada',
'deps/nbytes/nbytes.gyp:nbytes', 'deps/nbytes/nbytes.gyp:nbytes',
+ 'cctest' + 'cctest'

BIN
node-v22.11.0.tar.xz (Stored with Git LFS)

Binary file not shown.

BIN
node-v22.12.0.tar.xz (Stored with Git LFS) Normal file

Binary file not shown.

View File

@ -1,16 +1,16 @@
Index: node-v20.12.0/tools/install.py Index: node-v22.12.0/tools/install.py
=================================================================== ===================================================================
--- node-v20.12.0.orig/tools/install.py --- node-v22.12.0.orig/tools/install.py
+++ node-v20.12.0/tools/install.py +++ node-v22.12.0/tools/install.py
@@ -6,6 +6,7 @@ import errno @@ -7,6 +7,7 @@ import os
import os import platform
import shutil import shutil
import sys import sys
+from distutils import sysconfig +from distutils import sysconfig
import re import re
def abspath(*args): current_system = platform.system()
@@ -66,6 +67,10 @@ def try_copy(options, path, dest): @@ -72,6 +73,10 @@ def try_copy(options, path, dest):
try_unlink(target_path) # prevent ETXTBSY errors try_unlink(target_path) # prevent ETXTBSY errors
return shutil.copy2(source_path, target_path) return shutil.copy2(source_path, target_path)
@ -21,7 +21,7 @@ Index: node-v20.12.0/tools/install.py
def try_remove(options, path, dest): def try_remove(options, path, dest):
source_path, target_path = mkpaths(options, path, dest) source_path, target_path = mkpaths(options, path, dest)
if not options.silent: if not options.silent:
@@ -82,7 +87,7 @@ def uninstall(options, paths, dest): @@ -88,7 +93,7 @@ def uninstall(options, paths, dest):
try_remove(options, path, dest) try_remove(options, path, dest)
def package_files(options, action, name, bins): def package_files(options, action, name, bins):
@ -30,7 +30,7 @@ Index: node-v20.12.0/tools/install.py
# don't install npm if the target path is a symlink, it probably means # don't install npm if the target path is a symlink, it probably means
# that a dev version of npm is installed there # that a dev version of npm is installed there
@@ -103,7 +108,7 @@ def package_files(options, action, name, @@ -109,7 +114,7 @@ def package_files(options, action, name,
if action == uninstall: if action == uninstall:
action(options, [link_path], os.path.join('bin', bin_name)) action(options, [link_path], os.path.join('bin', bin_name))
elif action == install: elif action == install:
@ -39,11 +39,11 @@ Index: node-v20.12.0/tools/install.py
else: else:
assert 0 # unhandled action type assert 0 # unhandled action type
Index: node-v20.12.0/lib/internal/modules/cjs/loader.js Index: node-v22.12.0/lib/internal/modules/cjs/loader.js
=================================================================== ===================================================================
--- node-v20.12.0.orig/lib/internal/modules/cjs/loader.js --- node-v22.12.0.orig/lib/internal/modules/cjs/loader.js
+++ node-v20.12.0/lib/internal/modules/cjs/loader.js +++ node-v22.12.0/lib/internal/modules/cjs/loader.js
@@ -1529,7 +1529,7 @@ Module._initPaths = function() { @@ -1798,7 +1798,7 @@ Module._initPaths = function() {
path.resolve(process.execPath, '..') : path.resolve(process.execPath, '..') :
path.resolve(process.execPath, '..', '..'); path.resolve(process.execPath, '..', '..');

View File

@ -1,3 +1,15 @@
-------------------------------------------------------------------
Wed Dec 4 16:59:08 UTC 2024 - Adam Majer <adam.majer@suse.de>
- Update to 22.12.0:
* require(esm) is now enabled by default
* Added resizable ArrayBuffer support in Buffer
- CVE-2024-21538.patch: fixes regular expression denial of service
(bsc#1233856, CVE-2024-21538)
- icu76.1.patch: upstreamed, dropped
- linker_lto_jobs.patch, nodejs-libpath.patch, fix_ci_tests.patch: refreshed
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Nov 20 10:04:23 UTC 2024 - Adam Majer <adam.majer@suse.de> Wed Nov 20 10:04:23 UTC 2024 - Adam Majer <adam.majer@suse.de>

View File

@ -31,7 +31,7 @@
%endif %endif
Name: nodejs22 Name: nodejs22
Version: 22.11.0 Version: 22.12.0
Release: 0 Release: 0
# Double DWZ memory limits # Double DWZ memory limits
@ -147,6 +147,7 @@ Patch7: manual_configure.patch
Patch13: openssl_binary_detection.patch Patch13: openssl_binary_detection.patch
Patch82: CVE-2024-21538.patch
## Patches specific to SUSE and openSUSE ## Patches specific to SUSE and openSUSE
Patch100: linker_lto_jobs.patch Patch100: linker_lto_jobs.patch
@ -172,7 +173,6 @@ Patch200: versioned.patch
Patch305: qemu_timeouts_arches.patch Patch305: qemu_timeouts_arches.patch
Patch307: v8-i586.patch Patch307: v8-i586.patch
Patch309: gcc13.patch Patch309: gcc13.patch
Patch311: icu76.1.patch
BuildRequires: pkg-config BuildRequires: pkg-config
BuildRequires: fdupes BuildRequires: fdupes
@ -251,6 +251,7 @@ BuildRequires: python311
%endif %endif
%if %{?suse_version} > 1500 %if %{?suse_version} > 1500
BuildRequires: python3 BuildRequires: python3
BuildRequires: python3-setuptools
%endif %endif
%endif %endif
@ -311,7 +312,7 @@ BuildRequires: bundled_openssl_should_not_be_required
%if ! 0%{with intree_cares} %if ! 0%{with intree_cares}
BuildRequires: pkgconfig(libcares) >= 1.17.0 BuildRequires: pkgconfig(libcares) >= 1.17.0
%else %else
Provides: bundled(libcares2) = 1.33.1 Provides: bundled(libcares2) = 1.34.3
%endif %endif
%if %node_version_number >= 22 %if %node_version_number >= 22
@ -321,13 +322,13 @@ BuildRequires: sqlite3-devel
%if ! 0%{with intree_icu} %if ! 0%{with intree_icu}
BuildRequires: pkgconfig(icu-i18n) >= 71 BuildRequires: pkgconfig(icu-i18n) >= 71
%else %else
Provides: bundled(icu) = 75.1 Provides: bundled(icu) = 76.1
%endif %endif
%if ! 0%{with intree_nghttp2} %if ! 0%{with intree_nghttp2}
BuildRequires: libnghttp2-devel >= 1.41.0 BuildRequires: libnghttp2-devel >= 1.41.0
%else %else
Provides: bundled(nghttp2) = 1.63.0 Provides: bundled(nghttp2) = 1.64.0
%endif %endif
%if 0%{with valgrind_tests} %if 0%{with valgrind_tests}
@ -377,7 +378,7 @@ ExclusiveArch: not_buildable
%endif %endif
Provides: bundled(uvwasi) = 0.0.21 Provides: bundled(uvwasi) = 0.0.21
Provides: bundled(libuv) = 1.48.0 Provides: bundled(libuv) = 1.49.1
Provides: bundled(v8) = 12.4.254.21 Provides: bundled(v8) = 12.4.254.21
%if %{with intree_brotli} %if %{with intree_brotli}
Provides: bundled(brotli) = 1.1.0 Provides: bundled(brotli) = 1.1.0
@ -389,18 +390,18 @@ BuildRequires: pkgconfig(libbrotlidec)
Provides: bundled(llhttp) = 9.2.1 Provides: bundled(llhttp) = 9.2.1
Provides: bundled(ngtcp2) = 1.3.0 Provides: bundled(ngtcp2) = 1.3.0
Provides: bundled(simdutf) = 5.5.0 Provides: bundled(simdutf) = 5.6.1
Provides: bundled(simdjson) = 3.10.0 Provides: bundled(simdjson) = 3.10.0
# bundled url-ada parser, not ada # bundled url-ada parser, not ada
Provides: bundled(ada) = 2.9.0 Provides: bundled(ada) = 2.9.2
Provides: bundled(node-acorn) = 8.12.1 Provides: bundled(node-acorn) = 8.14.0
Provides: bundled(node-acorn-walk) = 8.3.4 Provides: bundled(node-acorn-walk) = 8.3.4
Provides: bundled(node-amaro) = 0.1.8 Provides: bundled(node-amaro) = 0.2.0
Provides: bundled(node-cjs-module-lexer) = 1.4.1 Provides: bundled(node-cjs-module-lexer) = 1.4.1
Provides: bundled(node-corepack) = 0.29.4 Provides: bundled(node-corepack) = 0.29.4
Provides: bundled(node-minimatch) = 10.0.1 Provides: bundled(node-minimatch) = 10.0.1
Provides: bundled(node-undici) = 6.20.0 Provides: bundled(node-undici) = 6.21.0
%description %description
Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine. Node.js Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine. Node.js
@ -690,6 +691,7 @@ popd
%if 0%{with valgrind_tests} %if 0%{with valgrind_tests}
%endif %endif
%patch -P 13 -p1 %patch -P 13 -p1
%patch -P 82 -p1
%patch -P 100 -p1 %patch -P 100 -p1
%patch -P 101 -p1 %patch -P 101 -p1
%if 0%{?suse_version} >= 1500 || 0%{?suse_version} == 0 %if 0%{?suse_version} >= 1500 || 0%{?suse_version} == 0
@ -709,7 +711,6 @@ popd
%patch -P 305 -p1 %patch -P 305 -p1
%patch -P 307 -p1 %patch -P 307 -p1
%patch -P 309 -p1 %patch -P 309 -p1
%patch -P 311 -p1
%if %{node_version_number} == 12 %if %{node_version_number} == 12