Disable webcrypto testing on s390

z13 and z15 tests differ. We do not have this problem in later
node versions

CVE-2024-21538.patch

@@ -0,0 +1,46 @@
+Applied following patches,
+
+From 5ff3a07d9add449021d806e45c4168203aa833ff Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Andr=C3=A9=20Cruz?= <andremiguelcruz@msn.com>
+Date: Wed, 6 Nov 2024 22:02:49 +0000
+Subject: [PATCH] fix: disable regexp backtracking (#160)
+
+---
+ lib/util/escape.js | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+
+From 640d391fde65388548601d95abedccc12943374f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Andr=C3=A9=20Cruz?= <andre.cruz@uphold.com>
+Date: Thu, 7 Nov 2024 12:50:38 +0000
+Subject: [PATCH] fix: fix escaping bug introduced by backtracking
+
+---
+ lib/util/escape.js | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+
+Index: node-v18.20.5/deps/npm/node_modules/cross-spawn/lib/util/escape.js
+===================================================================
+--- node-v18.20.5.orig/deps/npm/node_modules/cross-spawn/lib/util/escape.js
++++ node-v18.20.5/deps/npm/node_modules/cross-spawn/lib/util/escape.js
+@@ -15,15 +15,17 @@ function escapeArgument(arg, doubleEscap
+     arg = `${arg}`;
+ 
+     // Algorithm below is based on https://qntm.org/cmd
++    // It's slightly altered to disable JS backtracking to avoid hanging on specially crafted input
++    // Please see https://github.com/moxystudio/node-cross-spawn/pull/160 for more information
+ 
+     // Sequence of backslashes followed by a double quote:
+     // double up all the backslashes and escape the double quote
+-    arg = arg.replace(/(\\*)"/g, '$1$1\\"');
++    arg = arg.replace(/(?=(\\+?)?)\1"/g, '$1$1\\"');
+ 
+     // Sequence of backslashes followed by the end of the string
+     // (which will become a double quote later):
+     // double up all the backslashes
+-    arg = arg.replace(/(\\*)$/, '$1$1');
++    arg = arg.replace(/(?=(\\+?)?)\1$/, '$1$1');
+ 
+     // All other backslashes occur literally
+ 

README.md

@@ -0,0 +1,11 @@
+NodeJS 20.x
+===========
+
+Build results for Factory
+
+![Factory build status](https://br.opensuse.org/status/openSUSE:Factory/nodejs20/standard)
+
+Devel project build status
+
+![Devel build status](https://br.opensuse.org/status/devel:languages:nodejs/nodejs20)
+

SHASUMS256.txt

@@ -1,41 +1,41 @@
-dd24c8b6fdaf46361e130c894fd7282266f944b54196636e6df583fdec1e836f  node-v20.15.1-aix-ppc64.tar.gz
+7ae62921fc80ee47ae4e2519661e927b3fa7abf75cdb50458490ef2f0da633e5  node-v20.20.0-aix-ppc64.tar.gz
-9cbfc9d496427893505f8cb81aa4c1554fe449881cb4a6c5410e494c5fc36674  node-v20.15.1-arm64.msi
+988d0f965918d1ff75b125b36ea5866c1000a48389e0d33875602a58c60b409f  node-v20.20.0-arm64.msi
-4743bc042f90ba5d9edf09403207290a9cdd2f6061bdccf7caaa0bbfd49f343e  node-v20.15.1-darwin-arm64.tar.gz
+69b98aa4662032ab06bd92216f0aebb2727d7ee4e1eb79ea5787bbbb38af4801  node-v20.20.0-darwin-arm64.tar.gz
-106ad5288f1da94bf25cf9fba4a070b442e3213e25ce8af3ad35bf6e266213f6  node-v20.15.1-darwin-arm64.tar.xz
+2edefda1cdebc210b27d85698354a2a4c247af0a6fb91d9414ce6251a638e364  node-v20.20.0-darwin-arm64.tar.xz
-f5379772ffae1404cfd1fcc8cf0c6c5971306b8fb2090d348019047306de39dc  node-v20.15.1-darwin-x64.tar.gz
+69bf9b294dc04e3b97c3d5e4f16b3c634201b7f5f617fb65d93a9a9ac4bec0f0  node-v20.20.0-darwin-x64.tar.gz
-34ad01b42025f72d486f9775a2f170913ad6b9fe2d4ceb67746a08de0e475b88  node-v20.15.1-darwin-x64.tar.xz
+37f82f0718199626056e3694e9f00a5e30c4d1115c0c8649d04a4924a6b95a6f  node-v20.20.0-darwin-x64.tar.xz
-8c2305c6df5d14525e0711f0da38295600987df4c2710c738c01400862a176b4  node-v20.15.1-headers.tar.gz
+fc74b79dcc07df4b9c3ecf8d214aea5908b408f9653e918e6df163683a0e33ce  node-v20.20.0-headers.tar.gz
-d6e4f101f8734f96be558ad4b84a35a81f33decc050a7d2d8e5b39573b79bdf8  node-v20.15.1-headers.tar.xz
+96c31e0a07b37b0af25e5b02f679149fe1f169c153477192a59884a320b943d5  node-v20.20.0-headers.tar.xz
-8554c91ccd32782351035d3a9b168ad01c6922480800a21870fc5d6d86c2bb70  node-v20.15.1-linux-arm64.tar.gz
+2b640b7fc19a1d2f12a226d7dfba9baff2de87cc15db5a3e58bcdb15582ac604  node-v20.20.0-linux-arm64.tar.gz
-10d47a46ef208b3e4b226e4d595a82659123b22397ed77b7975d989114ec317e  node-v20.15.1-linux-arm64.tar.xz
+752113754a7dddf0622b3740a2b2bec3dbaf1792a18711b55871d76444d8892a  node-v20.20.0-linux-arm64.tar.xz
-2c16717da7d2d7b00f6af146cdf436a0297cbcee52c85b754e4c9ed7cee34b51  node-v20.15.1-linux-armv7l.tar.gz
+2fc5f715c05c7a2662044fbfac5edfcb85d419045ecb2dff53b68f3dc4ec81fb  node-v20.20.0-linux-armv7l.tar.gz
-7bc120efdd8018f6915471b963d9b80adf4ed406d6dc9edb4ae944b85f505c4c  node-v20.15.1-linux-armv7l.tar.xz
+68f1945036de7738cb9f46d161ae778a9f96f18f5f5fc2827755f7925d399246  node-v20.20.0-linux-armv7l.tar.xz
-b91df4971b428f9cb2fbe427c919ad382c4cd206a85e5c918c60c15f1e3d2e32  node-v20.15.1-linux-ppc64le.tar.gz
+8b02c9b00b551d59bd550e6d92e8131f23668fcc71b0937ac2256ee0754e39a7  node-v20.20.0-linux-ppc64le.tar.gz
-b33e684802251397ad62ad3f8a1836267ee8b7723f87f669470018ad0035287b  node-v20.15.1-linux-ppc64le.tar.xz
+5ec524a988d71f3f265d218f0f1b71d37ddc2864369508e95d32ac7e6c81a781  node-v20.20.0-linux-ppc64le.tar.xz
-393f511b5623c8a872e58203914a54bc7e086b8ca870d34833766d4f9c4e2448  node-v20.15.1-linux-s390x.tar.gz
+154dd8885646253a12532099ccf9485660bc42e4a56bb1483f4e161fb7f10bb9  node-v20.20.0-linux-s390x.tar.gz
-e2c36cdccc8a7c1000a349dd6fea8b0ce39884eae7b3dd1950d0105120f20848  node-v20.15.1-linux-s390x.tar.xz
+908d4bbeb33eb576a132be6c6cb209ebf0e646da0e71ea42b9d481c778a1117f  node-v20.20.0-linux-s390x.tar.xz
-a9db028c0a1c63e3aa0d97de24b0966bc507d8239b3aedc4e752eea6b0580665  node-v20.15.1-linux-x64.tar.gz
+92dfd59fb4837230abba5d6dd717b882ca897e22fde2f9268e1aac2c4bde0f5b  node-v20.20.0-linux-x64.tar.gz
-26700f8d3e78112ad4a2618a9c8e2816e38a49ecf0213ece80e54c38cb02563f  node-v20.15.1-linux-x64.tar.xz
+4f48b52acf42130844a3a75e94da0e9629009d09e4101b2304895c24f3fbe609  node-v20.20.0-linux-x64.tar.xz
-4f437463e708c4c7faaa436bed46c3ea814ec3796cfe1e02515ab21d2038b4b1  node-v20.15.1-win-arm64.7z
+8dae9c0d296e86150f9138c0077ef020fb384fd913d1a671baa3663e14367ec0  node-v20.20.0.pkg
-6cc4f9ca826f5b3e0c555d156bc6adcc371bd96c2874ee748d0f97e2938d3c2b  node-v20.15.1-win-arm64.zip
+cafc92e90917c17869d982fdff10104c2eb328437ed9bbf03fdda78ebc0accdd  node-v20.20.0.tar.gz
-5dbaf27053a0566395f81ebe9e4660141de1bc7b0fe80583447bb36804643f75  node-v20.15.1-win-x64.7z
+5294d9d2915620e819e6892fd7e545b98d650bad36dae54e6527eaac482add98  node-v20.20.0.tar.xz
-ba6c3711e2c3d0638c5f7cea3c234553808a73c52a5962a6cdb47b5210b70b04  node-v20.15.1-win-x64.zip
+8eb9846f62581364f877109808c7df953d3393022f33f128f954bc4a857366b2  node-v20.20.0-win-arm64.7z
-2281b04df475efa64ef483529fc9cad1715d42d5766e68541b64970297247692  node-v20.15.1-win-x86.7z
+870693b496d152519af14b30fb1adef47e62233b90aea5e887ea728cd29c037d  node-v20.20.0-win-arm64.zip
-9a08021e4bcc4694bc72d00ce1ce0686e6de6a9a855678239625f96b09c70b07  node-v20.15.1-win-x86.zip
+5e48cd18cc5dc6cda23b8ad2467223f3f82b0f03b941b7088578ecb7afbda8d4  node-v20.20.0-win-x64.7z
-b139ba1b82807918af40fbed49a5b529f67ba198e87bcabdac907b734ff83ab5  node-v20.15.1-x64.msi
+32f24e1405b113d4e01ad2585c92024df673b6156ef6f43a5469a75bf52c0a5a  node-v20.20.0-win-x64.zip
-6079df4ab0d457180b4b730fab76d0b60b14342d797cc10a4f2d7c8b61fba584  node-v20.15.1-x86.msi
+0af709b32e1ee7d7ce07c87fc64b216afcee3867cc4982ef95cbfa8010ac0e11  node-v20.20.0-win-x86.7z
-93b9549a65d459cc2e035c0d583101f827607f43376b5f23a3a2a900f5467321  node-v20.15.1.pkg
+d72d2a5b7d944a28eb59e0477bdc0c40b7b0a817bca057d5e882c0e0013590f3  node-v20.20.0-win-x86.zip
-da228a0c27922f02001d9a781793696432096ab2da658eb77d7fc21693f4c5cb  node-v20.15.1.tar.gz
+8b8f5cbf7f1800c74e19cef0182bb6b9144e154e57fc01dd945bd36edaf32c65  node-v20.20.0-x64.msi
-fdd53a5729d936691a2a1151046fb4897721cb8b0fca2af957823a9b40fe0c34  node-v20.15.1.tar.xz
+93698ab6cca1cbff4ffb545f15078509ae706cfbb9a646449ccfe1c8d7abad4b  node-v20.20.0-x86.msi
-8e3f84e8ec7e41f98a048eb0c1365cfe54426a556ead98c4803df45d29e0335d  win-arm64/node.exe
+9d8337f4cfdfe39383b7eecbda2b84c5997507962d489988fd61f176c14d652c  win-arm64/node.exe
-a4f01329c1c211082ac3ed387ff6651530040bbf7250ec419ce8f95b10d7804a  win-arm64/node.lib
+cc64d1a9d5189e05c3f7ca3e3351aa38e0454573d533b636415dacf495f96291  win-arm64/node.lib
-493292505fd7a156b1e7b46c7f05001a0684fba6f734f83abfcf7fed88625453  win-arm64/node_pdb.7z
+2fa932df38d6f1612154153a9c8c2048596518d5a46c34490f2c3603fc836d94  win-arm64/node_pdb.7z
-88d4af538deadf8fa2638df84a76bd7dd26f0aeac8dc584f213da736f322377c  win-arm64/node_pdb.zip
+cda800fafb789404acbe98548fe1f4e71fbc3889a747eb3fef67155e67b29513  win-arm64/node_pdb.zip
-229fb64aeb10d3cc18eaaa2f5a4c3f1c81792dd3647c5c4350e142db528d0f89  win-x64/node.exe
+fda2b2a8857735f7958ba9771a2b24734ff36434e85ae606bcf7744d41d7adc0  win-x64/node.exe
-87056190b7cd06f40058f8e059efd328cdcc7600b825afa102c0aa5039865af5  win-x64/node.lib
+919d900bb9d589ebbcfda17e6f6e8f6b49d8d6a8d782b6f5efd6b6c6c5f0d1b1  win-x64/node.lib
-bb2198b381bb5d7bc08e2cdda3db911996e310b944b05cb8c7c271a5a7ab0901  win-x64/node_pdb.7z
+922b251451eb2aeb51848e0e67c5aa6d70c47b86d8ac22afcf4240fd445443a5  win-x64/node_pdb.7z
-316ee3fbbe976981e8ee0b81204aece9d3c2337c83f1644d90bb552c3068ca44  win-x64/node_pdb.zip
+d9751fb70d3f7af85c0485e841de3645f43b69fc954cc231d9a16d96690c1ba1  win-x64/node_pdb.zip
-6e7f3cbb46569a58babe99de2df8a69e98ad613674d4fed71b1dca866e1a72e8  win-x86/node.exe
+9ffb141325064dcd1febc09752bc3ab7b407b25a0483ebcb1e3cacb7906f4c7f  win-x86/node.exe
-fa02ae7feca7eb6c4a0f1b929126df400719f5d18a2ec4b7d12c52fbe0b13814  win-x86/node.lib
+4e14d97fd24bf99dc322553d817194cc3b956482ee76e073945e82e5d343740a  win-x86/node.lib
-e8f6da56c9bc73add71a41c4d5ed92fc6cf9e7c5067d7a0d3f7b9fd6391f07c4  win-x86/node_pdb.7z
+06b506294604c0806f09d5aa7b7a10a99d4bf62e2484bba74a7e1fb1499f0944  win-x86/node_pdb.7z
-1b4e9dbc5a8b0a5121d32351f9654c1ab451e88680982d487a4a6c40d50bd730  win-x86/node_pdb.zip
+080cbc5ed5800da6e0e3087176525d29c21020e212bda31fe1bedb9b3a325876  win-x86/node_pdb.zip

fix_ci_tests.patch

@@ -2,10 +2,10 @@ Author: Adam Majer <amajer@suse.de>
 Date: Dec 20 09:18:49 UTC 2017
 Summary: Fix CI unit tests framework for OBS building
 
-Index: node-v20.15.1/test/parallel/test-module-loading-globalpaths.js
+Index: node-v20.19.2/test/parallel/test-module-loading-globalpaths.js
 ===================================================================
---- node-v20.15.1.orig/test/parallel/test-module-loading-globalpaths.js
+--- node-v20.19.2.orig/test/parallel/test-module-loading-globalpaths.js
-+++ node-v20.15.1/test/parallel/test-module-loading-globalpaths.js
++++ node-v20.19.2/test/parallel/test-module-loading-globalpaths.js
 @@ -11,6 +11,9 @@ const { addLibraryPath } = require('../c
  
  addLibraryPath(process.env);
@@ -16,10 +16,10 @@ Index: node-v20.15.1/test/parallel/test-module-loading-globalpaths.js
  if (process.argv[2] === 'child') {
    console.log(require(pkgName).string);
  } else {
-Index: node-v20.15.1/test/parallel/test-tls-passphrase.js
+Index: node-v20.19.2/test/parallel/test-tls-passphrase.js
 ===================================================================
---- node-v20.15.1.orig/test/parallel/test-tls-passphrase.js
+--- node-v20.19.2.orig/test/parallel/test-tls-passphrase.js
-+++ node-v20.15.1/test/parallel/test-tls-passphrase.js
++++ node-v20.19.2/test/parallel/test-tls-passphrase.js
 @@ -223,7 +223,7 @@ server.listen(0, common.mustCall(functio
    }, onSecureConnect());
  })).unref();
@@ -29,10 +29,10 @@ Index: node-v20.15.1/test/parallel/test-tls-passphrase.js
  
  // Missing passphrase
  assert.throws(function() {
-Index: node-v20.15.1/test/parallel/test-repl-envvars.js
+Index: node-v20.19.2/test/parallel/test-repl-envvars.js
 ===================================================================
---- node-v20.15.1.orig/test/parallel/test-repl-envvars.js
+--- node-v20.19.2.orig/test/parallel/test-repl-envvars.js
-+++ node-v20.15.1/test/parallel/test-repl-envvars.js
++++ node-v20.19.2/test/parallel/test-repl-envvars.js
 @@ -2,7 +2,9 @@
  
  // Flags: --expose-internals
@@ -44,11 +44,11 @@ Index: node-v20.15.1/test/parallel/test-repl-envvars.js
  const stream = require('stream');
  const { describe, test } = require('node:test');
  const REPL = require('internal/repl');
-Index: node-v20.15.1/Makefile
+Index: node-v20.19.2/Makefile
 ===================================================================
---- node-v20.15.1.orig/Makefile
+--- node-v20.19.2.orig/Makefile
-+++ node-v20.15.1/Makefile
++++ node-v20.19.2/Makefile
-@@ -392,7 +392,6 @@ ADDONS_HEADERS_PREREQS := tools/install.
+@@ -396,7 +396,6 @@ ADDONS_HEADERS_PREREQS := tools/install.
  	$(wildcard deps/uv/include/*/*.h) \
  	$(wildcard deps/v8/include/*.h) \
  	$(wildcard deps/v8/include/*/*.h) \
@@ -56,7 +56,7 @@ Index: node-v20.15.1/Makefile
  	src/node.h src/node_api.h src/js_native_api.h src/js_native_api_types.h \
  	src/node_api_types.h src/node_buffer.h src/node_object_wrap.h \
  	src/node_version.h
-@@ -563,7 +562,8 @@ test-ci-js: | clear-stalled
+@@ -568,7 +567,8 @@ test-ci-js: | clear-stalled
  .PHONY: test-ci
  # Related CI jobs: most CI tests, excluding node-test-commit-arm-fanned
  test-ci: LOGLEVEL := info
@@ -66,7 +66,7 @@ Index: node-v20.15.1/Makefile
  	out/Release/cctest --gtest_output=xml:out/junit/cctest.xml
  	$(PYTHON) tools/test.py $(PARALLEL_ARGS) -p tap --logfile test.tap \
  		--mode=$(BUILDTYPE_LOWER) --flaky-tests=$(FLAKY_TESTS) \
-@@ -745,7 +745,8 @@ apidocs_json = $(addprefix out/,$(apidoc
+@@ -754,7 +754,8 @@ apidocs_json = $(addprefix out/,$(apidoc
  apiassets = $(subst api_assets,api/assets,$(addprefix out/,$(wildcard doc/api_assets/*)))
  
  tools/doc/node_modules: tools/doc/package.json
@@ -76,10 +76,10 @@ Index: node-v20.15.1/Makefile
  		echo "Skipping tools/doc/node_modules (no crypto)"; \
  	else \
  		cd tools/doc && $(call available-node,$(run-npm-ci)) \
-Index: node-v20.15.1/tools/test.py
+Index: node-v20.19.2/tools/test.py
 ===================================================================
---- node-v20.15.1.orig/tools/test.py
+--- node-v20.19.2.orig/tools/test.py
-+++ node-v20.15.1/tools/test.py
++++ node-v20.19.2/tools/test.py
 @@ -1386,7 +1386,7 @@ def BuildOptions():
    result.add_option("-s", "--suite", help="A test suite",
        default=[], action="append")
@@ -89,12 +89,12 @@ Index: node-v20.15.1/tools/test.py
    result.add_option("--arch", help='The architecture to run tests for',
        default='none')
    result.add_option("--snapshot", help="Run the tests with snapshot turned on",
-Index: node-v20.15.1/test/parallel/test-crypto-dh.js
+Index: node-v20.19.2/test/parallel/test-crypto-dh.js
 ===================================================================
---- node-v20.15.1.orig/test/parallel/test-crypto-dh.js
+--- node-v20.19.2.orig/test/parallel/test-crypto-dh.js
-+++ node-v20.15.1/test/parallel/test-crypto-dh.js
++++ node-v20.19.2/test/parallel/test-crypto-dh.js
-@@ -90,9 +90,7 @@ const crypto = require('crypto');
+@@ -91,9 +91,7 @@ const crypto = require('crypto');
-     const hasOpenSSL3WithNewErrorMessage = (v >= 0x300000c0 && v <= 0x30100000) || (v >= 0x30100040 && v <= 0x30200000);
+                                            (common.hasOpenSSL(3, 1, 4));
      assert.throws(() => {
        dh3.computeSecret('');
 -    }, { message: common.hasOpenSSL3 && !hasOpenSSL3WithNewErrorMessage ?
@@ -104,22 +104,10 @@ Index: node-v20.15.1/test/parallel/test-crypto-dh.js
    }
  }
  
-Index: node-v20.15.1/test/parallel/test-node-output-errors.mjs
+Index: node-v20.19.2/test/parallel/test-crypto-fips.js
 ===================================================================
---- node-v20.15.1.orig/test/parallel/test-node-output-errors.mjs
+--- node-v20.19.2.orig/test/parallel/test-crypto-fips.js
-+++ node-v20.15.1/test/parallel/test-node-output-errors.mjs
++++ node-v20.19.2/test/parallel/test-crypto-fips.js
-@@ -28,6 +28,7 @@ describe('errors output', { concurrency:
-       .replaceAll(/\/(\w)/g, '*$1')
-       .replaceAll('*test*', '*')
-       .replaceAll('*fixtures*errors*', '*')
-+      .replace(/`node\d+ --/, '`node --')
-       .replaceAll('file:**', 'file:*/');
-   }
- 
-Index: node-v20.15.1/test/parallel/test-crypto-fips.js
-===================================================================
---- node-v20.15.1.orig/test/parallel/test-crypto-fips.js
-+++ node-v20.15.1/test/parallel/test-crypto-fips.js
 @@ -3,6 +3,8 @@
  const common = require('../common');
  if (!common.hasCrypto)
@@ -129,10 +117,10 @@ Index: node-v20.15.1/test/parallel/test-crypto-fips.js
  
  const assert = require('assert');
  const spawnSync = require('child_process').spawnSync;
-Index: node-v20.15.1/test/parallel/test-node-output-v8-warning.mjs
+Index: node-v20.19.2/test/parallel/test-node-output-v8-warning.mjs
 ===================================================================
---- node-v20.15.1.orig/test/parallel/test-node-output-v8-warning.mjs
+--- node-v20.19.2.orig/test/parallel/test-node-output-v8-warning.mjs
-+++ node-v20.15.1/test/parallel/test-node-output-v8-warning.mjs
++++ node-v20.19.2/test/parallel/test-node-output-v8-warning.mjs
 @@ -15,7 +15,7 @@ describe('v8 output', { concurrency: tru
      .replaceAll('*test*', '*')
      .replaceAll(/.*?\*fixtures\*v8\*/g, '(node:*) V8: *') // Replace entire path before fixtures/v8
@@ -142,3 +130,16 @@ Index: node-v20.15.1/test/parallel/test-node-output-v8-warning.mjs
    }
    const common = snapshot
      .transform(snapshot.replaceWindowsLineEndings, snapshot.replaceWindowsPaths, replaceNodeVersion);
+Index: node-v20.19.2/test/parallel/test-dns.js
+===================================================================
+--- node-v20.19.2.orig/test/parallel/test-dns.js
++++ node-v20.19.2/test/parallel/test-dns.js
+@@ -403,7 +403,7 @@ assert.throws(() => {
+ 
+   const server = dgram.createSocket('udp4');
+ 
+-  server.on('message', common.mustCall((msg, { address, port }) => {
++  server.on('message', common.mustCallAtLeast((msg, { address, port }) => {
+     const parsed = dnstools.parseDNSPacket(msg);
+     const domain = parsed.questions[0].domain;
+     assert.strictEqual(domain, 'example.org');

linker_lto_jobs.patch

@@ -3,11 +3,11 @@ is run serially over these binaries instead of in parallel.
 OBS workers run out of memory as each executable seems to require
 upward of 5G RAM
 
-Index: node-v19.7.0/node.gyp
+Index: node-v20.18.1/node.gyp
 ===================================================================
---- node-v19.7.0.orig/node.gyp
+--- node-v20.18.1.orig/node.gyp
-+++ node-v19.7.0/node.gyp
++++ node-v20.18.1/node.gyp
-@@ -951,6 +951,7 @@
+@@ -1155,6 +1155,7 @@
          'deps/uvwasi/uvwasi.gyp:uvwasi',
          'deps/simdutf/simdutf.gyp:simdutf',
          'deps/ada/ada.gyp:ada',
@@ -15,9 +15,9 @@ Index: node-v19.7.0/node.gyp
        ],
  
        'includes': [
-@@ -1047,6 +1048,7 @@
+@@ -1229,6 +1230,7 @@
+         '<(node_lib_target_name)',
          'deps/histogram/histogram.gyp:histogram',
-         'deps/uvwasi/uvwasi.gyp:uvwasi',
          'deps/ada/ada.gyp:ada',
 +        'cctest'
        ],

node-v20.15.1.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:fdd53a5729d936691a2a1151046fb4897721cb8b0fca2af957823a9b40fe0c34
-size 41880412

nodejs-libpath.patch

@@ -1,16 +1,16 @@
-Index: node-v20.12.0/tools/install.py
+Index: node-v20.19.0/tools/install.py
 ===================================================================
---- node-v20.12.0.orig/tools/install.py
+--- node-v20.19.0.orig/tools/install.py
-+++ node-v20.12.0/tools/install.py
++++ node-v20.19.0/tools/install.py
-@@ -6,6 +6,7 @@ import errno
+@@ -7,6 +7,7 @@ import os
- import os
+ import platform
  import shutil
  import sys
 +from distutils import sysconfig
  import re
  
- def abspath(*args):
+ current_system = platform.system()
-@@ -66,6 +67,10 @@ def try_copy(options, path, dest):
+@@ -72,6 +73,10 @@ def try_copy(options, path, dest):
    try_unlink(target_path) # prevent ETXTBSY errors
    return shutil.copy2(source_path, target_path)
  
@@ -21,7 +21,7 @@ Index: node-v20.12.0/tools/install.py
  def try_remove(options, path, dest):
    source_path, target_path = mkpaths(options, path, dest)
    if not options.silent:
-@@ -82,7 +87,7 @@ def uninstall(options, paths, dest):
+@@ -88,7 +93,7 @@ def uninstall(options, paths, dest):
      try_remove(options, path, dest)
  
  def package_files(options, action, name, bins):
@@ -30,7 +30,7 @@ Index: node-v20.12.0/tools/install.py
  
    # don't install npm if the target path is a symlink, it probably means
    # that a dev version of npm is installed there
-@@ -103,7 +108,7 @@ def package_files(options, action, name,
+@@ -109,7 +114,7 @@ def package_files(options, action, name,
      if action == uninstall:
        action(options, [link_path], os.path.join('bin', bin_name))
      elif action == install:
@@ -39,11 +39,11 @@ Index: node-v20.12.0/tools/install.py
      else:
        assert 0  # unhandled action type
  
-Index: node-v20.12.0/lib/internal/modules/cjs/loader.js
+Index: node-v20.19.0/lib/internal/modules/cjs/loader.js
 ===================================================================
---- node-v20.12.0.orig/lib/internal/modules/cjs/loader.js
+--- node-v20.19.0.orig/lib/internal/modules/cjs/loader.js
-+++ node-v20.12.0/lib/internal/modules/cjs/loader.js
++++ node-v20.19.0/lib/internal/modules/cjs/loader.js
-@@ -1529,7 +1529,7 @@ Module._initPaths = function() {
+@@ -1730,7 +1730,7 @@ Module._initPaths = function() {
      path.resolve(process.execPath, '..') :
      path.resolve(process.execPath, '..', '..');
  

nodejs20.changes

@@ -1,3 +1,95 @@
+-------------------------------------------------------------------
+Mon Jan 19 17:34:43 UTC 2026 - Adam Majer <adam.majer@suse.de>
+
+- Update to 20.20.0:
+  * deps: updated undici to 6.23.0 (bsc#1256848, CVE-2026-22036)
+  * deps: updated bundled c-ares to 1.34.6 (if used)
+  * add TLSSocket default error handler (bsc#1256573, CVE-2025-59465)
+  * disable futimes when permission model is enabled (bsc#1256571, CVE-2025-55132)
+  * require full read and write to symlink APIs (bsc#1256569, CVE-2025-55130)
+  * rethrow stack overflow exceptions in async_hooks (bsc#1256574, CVE-2025-59466)
+  * refactor unsafe buffer creation to remove zero-fill toggle (bsc#1256570, CVE-2025-55131)
+  * route callback exceptions through error handlers (bsc#1256576, CVE-2026-21637)
+
+-------------------------------------------------------------------
+Mon Dec 15 13:07:49 UTC 2025 - Adam Majer <adam.majer@suse.de>
+
+- Update to 20.19.6:
+  * see https://nodejs.org/en/blog/release/v20.19.6
+
+-------------------------------------------------------------------
+Tue Oct 14 16:32:22 UTC 2025 - Adam Majer <adam.majer@suse.de>
+
+- Changes in 20.19.5:
+   * see https://nodejs.org/en/blog/release/v20.19.5
+
+- Changes in 20.19.3:
+  * crypto: graduate WebCryptoAPI Ed25519 and X25519 algorithms as stable
+  * crypto: update root certificates to NSS 3.108
+  * deps: update timezone to 2025b
+  * doc: add dario-piotrowicz to collaborators
+
+-------------------------------------------------------------------
+Thu Jun 12 08:44:09 UTC 2025 - Adam Majer <adam.majer@suse.de>
+
+- Update to 20.19.2:
+  * fix error handling on async crypto operation (bsc#1243218, CVE-2025-23166)
+  * add missing call to uv_fs_req_cleanup (bsc#1243217, CVE-2025-23165)
+  * update llhttp to 9.2.0 (bsc#1243220, CVE-2025-23167)
+- Changes in 20.19.1:
+  * deps: update undici to 6.21.2
+  * dns: restore dns query cache ttl
+
+- fix_ci_tests.patch: refreshed
+
+-------------------------------------------------------------------
+Tue Apr  8 13:11:37 UTC 2025 - Adam Majer <adam.majer@suse.de>
+
+- Update to 20.19.0:
+  * esm: mark import attributes and JSON module as stable
+  * module:
+    + require(esm) is now enabled by default
+    + Module syntax detection is now enabled by default
+  * worker: add postMessageToThread
+
+- Build with PIE (bsc#1239949)
+- nodejs-libpath.patch: refreshed
+
+-------------------------------------------------------------------
+Wed Jan 22 11:23:00 UTC 2025 - Adam Majer <adam.majer@suse.de>
+
+- Update to 20.18.2:
+  * src,loader,permission: throw on InternalWorker use when
+    permission model is enabled (bsc#1236251, CVE-2025-23083)
+  * src: fix HTTP2 mem leak on premature close and ERR_PROTO
+    (bsc#1236250, CVE-2025-23085)
+  * deps: Use of Insufficiently Random Values in undici fetch()
+    (bsc#1236258, CVE-2025-22150)
+
+-------------------------------------------------------------------
+Wed Dec  4 16:32:55 UTC 2024 - Adam Majer <adam.majer@suse.de>
+
+- Update to 20.18.1
+  * Experimental Network Inspection Support in Node.js
+  * Exposes X509_V_FLAG_PARTIAL_CHAIN to tls.createSecureContext
+  * New option for vm.createContext() to create a context with a
+    freezable globalThis
+  * buffer: optimize createFromString
+- Changes in 20.17.0:
+  * module: support require()ing synchronous ESM graphs
+  * path: add matchesGlob method
+  * stream: expose DuplexPair API
+- Changes in 20.16.0:
+  * process: add process.getBuiltinModule(id)
+  * inspector: fix disable async hooks on Debugger.setAsyncCallStackDepth
+  * buffer: add .bytes() method to Blob
+
+- CVE-2024-21538.patch: fixes regular expression denial of service
+  (bsc#1233856, CVE-2024-21538)
+- linker_lto_jobs.patch: refreshed
+- fix_ci_tests.patch: fix dns test vs. older c-ares
+- nodejs.keyring: sync keys with upstream
+
 -------------------------------------------------------------------
 Fri Jul 12 13:21:02 UTC 2024 - Adam Majer <adam.majer@suse.de>
 

nodejs20.spec

@@ -31,7 +31,7 @@
 %endif
 
 Name:           nodejs20
-Version:        20.15.1
+Version:        20.20.0
 Release:        0
 
 # Double DWZ memory limits
@@ -93,7 +93,7 @@ ExclusiveArch do_not_build
 %bcond_without intree_openssl
 %endif
 
-%if 0%{?suse_version} >= 1330 || 0%{?fedora_version} >= 35
+%if 0%{?suse_version} >= 1530 || 0%{?fedora_version} >= 35
 %bcond_with    intree_cares
 %else
 %bcond_without intree_cares
@@ -142,6 +142,7 @@ Source5:        node-gyp_7.1.2.tar.xz
 Source10:       update_npm_tarball.sh 
 Source11:       node_modules.tar.xz
 Source20:       bash_output_helper.bash
+Source21:       README.md
 
 ## Patches not distribution specific
 Patch1:         cares_public_headers.patch
@@ -152,6 +153,7 @@ Patch7:         manual_configure.patch
 Patch13:        openssl_binary_detection.patch
 
 
+Patch82:        CVE-2024-21538.patch
 
 ## Patches specific to SUSE and openSUSE
 Patch100:       linker_lto_jobs.patch
@@ -213,6 +215,7 @@ BuildRequires:   gcc48-c++
 %if 0%{?suse_version} == 1315
 %if %node_version_number >= 17
 BuildRequires:  gcc12-c++
+BuildRequires:  gcc12-PIE
 %define forced_gcc_version 12
 %else
 %if %node_version_number >= 14
@@ -230,6 +233,7 @@ BuildRequires:   gcc7-c++
 %if 0%{?suse_version} == 1500
 %if %node_version_number >= 17
 BuildRequires:  gcc12-c++
+BuildRequires:  gcc12-PIE
 %define forced_gcc_version 12
 %endif
 %endif
@@ -244,11 +248,19 @@ BuildRequires:  gcc-c++
 # Python dependencies
 %if %node_version_number >= 14
 
-%if 0%{?suse_version} && 0%{?suse_version} < 1500
+%if 0%{?suse_version}
+%if 0%{?suse_version} < 1500
 BuildRequires:  python36
 %define forced_python_version 3.6m
-%else
+%endif
+%if %{?suse_version} == 1500
+BuildRequires:  python311
+%define forced_python_version 3.11
+%endif
+%if %{?suse_version} > 1500
 BuildRequires:  python3
+BuildRequires:  python3-setuptools
+%endif
 %endif
 
 %else
@@ -297,7 +309,7 @@ BuildRequires:  openssl >= %{openssl_req_ver}
 %else
 # bundled openssl
 %if %node_version_number <= 12 && 0%{?suse_version} == 1315 && 0%{?sle_version} < 120400
-Provides:       bundled(openssl) = 3.0.13
+Provides:       bundled(openssl) = 3.0.17
 %else
 BuildRequires:  bundled_openssl_should_not_be_required
 %endif
@@ -308,13 +320,20 @@ BuildRequires:  bundled_openssl_should_not_be_required
 %if ! 0%{with intree_cares}
 BuildRequires:  pkgconfig(libcares) >= 1.17.0
 %else
-Provides:       bundled(libcares2) = 1.28.1
+Provides:       bundled(libcares2) = 1.34.6
+%endif
+
+%if %node_version_number >= 22
+BuildRequires:  libzstd-devel
+%if 0%{?suse_version} > 1500
+BuildRequires:  sqlite3-devel
+%endif
 %endif
 
 %if ! 0%{with intree_icu}
 BuildRequires:  pkgconfig(icu-i18n) >= 71
 %else
-Provides:       bundled(icu) = 75.1
+Provides:       bundled(icu) = 77.1
 %endif
 
 %if ! 0%{with intree_nghttp2}
@@ -369,7 +388,7 @@ ExclusiveArch:  not_buildable
 %endif
 %endif
 
-Provides:       bundled(uvwasi) = 0.0.21
+Provides:       bundled(uvwasi) = 0.0.23
 Provides:       bundled(libuv) = 1.46.0
 Provides:       bundled(v8) = 11.3.244.8
 %if %{with intree_brotli}
@@ -379,20 +398,20 @@ BuildRequires:  pkgconfig(libbrotlidec)
 %endif
 
 
-Provides:       bundled(llhttp) = 8.1.2
+Provides:       bundled(llhttp) = 9.3.0
 Provides:       bundled(ngtcp2) = 1.1.0
-Provides:       bundled(base64) = 0.5.2
+
-Provides:       bundled(simdutf) = 5.2.8
+Provides:       bundled(simdutf) = 6.4.2
 
 # bundled url-ada parser, not ada
-Provides:       bundled(ada) = 2.7.8
+Provides:       bundled(ada) = 2.9.2
 
-Provides:       bundled(node-acorn) = 8.11.3
+Provides:       bundled(node-acorn) = 8.15.0
-Provides:       bundled(node-acorn-walk) = 8.3.2
+Provides:       bundled(node-acorn-walk) = 8.3.4
-Provides:       bundled(node-cjs-module-lexer) = 1.2.2
+Provides:       bundled(node-cjs-module-lexer) = 2.1.0
-Provides:       bundled(node-corepack) = 0.28.1
+Provides:       bundled(node-corepack) = 0.34.1
-Provides:       bundled(node-minimatch) = 9.0.4
+Provides:       bundled(node-minimatch) = 10.0.3
-Provides:       bundled(node-undici) = 6.13.0
+Provides:       bundled(node-undici) = 6.23.0
 
 %description
 Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine. Node.js
@@ -421,7 +440,7 @@ Requires:       nodejs-common
 Requires:       nodejs20 = %{version}
 Provides:       nodejs-npm = %{version}
 Obsoletes:      nodejs-npm < 4.0.0
-Provides:       npm(npm) = 10.7.0
+Provides:       npm(npm) = 10.8.2
 Provides:       npm = %{version}
 %if 0%{?suse_version} >= 1500
 %if %{node_version_number} >= 10
@@ -439,24 +458,23 @@ Provides:       bundled(node-ansi-styles) = 6.2.1
 Provides:       bundled(node-aproba) = 2.0.0
 Provides:       bundled(node-archy) = 1.0.0
 Provides:       bundled(node-balanced-match) = 1.0.2
-Provides:       bundled(node-bin-links) = 4.0.3
+Provides:       bundled(node-bin-links) = 4.0.4
 Provides:       bundled(node-binary-extensions) = 2.3.0
 Provides:       bundled(node-brace-expansion) = 2.0.1
-Provides:       bundled(node-builtins) = 5.1.0
+Provides:       bundled(node-cacache) = 18.0.3
-Provides:       bundled(node-cacache) = 18.0.2
 Provides:       bundled(node-chalk) = 5.3.0
 Provides:       bundled(node-chownr) = 2.0.0
 Provides:       bundled(node-ci-info) = 4.0.0
-Provides:       bundled(node-cidr-regex) = 4.0.5
+Provides:       bundled(node-cidr-regex) = 4.1.1
 Provides:       bundled(node-clean-stack) = 2.2.0
 Provides:       bundled(node-cli-columns) = 4.0.0
-Provides:       bundled(node-cmd-shim) = 6.0.2
+Provides:       bundled(node-cmd-shim) = 6.0.3
 Provides:       bundled(node-color-convert) = 2.0.1
 Provides:       bundled(node-color-name) = 1.1.4
 Provides:       bundled(node-common-ancestor-path) = 1.0.1
 Provides:       bundled(node-cross-spawn) = 7.0.3
 Provides:       bundled(node-cssesc) = 3.0.0
-Provides:       bundled(node-debug) = 4.3.4
+Provides:       bundled(node-debug) = 4.3.5
 Provides:       bundled(node-diff) = 5.2.0
 Provides:       bundled(node-eastasianwidth) = 0.2.0
 Provides:       bundled(node-emoji-regex) = 8.0.0
@@ -466,60 +484,55 @@ Provides:       bundled(node-env-paths) = 2.2.1
 Provides:       bundled(node-err-code) = 2.0.3
 Provides:       bundled(node-exponential-backoff) = 3.1.1
 Provides:       bundled(node-fastest-levenshtein) = 1.0.16
-Provides:       bundled(node-foreground-child) = 3.1.1
+Provides:       bundled(node-foreground-child) = 3.2.1
 Provides:       bundled(node-fs-minipass) = 2.1.0
 Provides:       bundled(node-fs-minipass) = 3.0.3
-Provides:       bundled(node-function-bind) = 1.1.2
+Provides:       bundled(node-glob) = 10.4.2
-Provides:       bundled(node-glob) = 10.3.12
 Provides:       bundled(node-graceful-fs) = 4.2.11
-Provides:       bundled(node-hasown) = 2.0.2
+Provides:       bundled(node-hosted-git-info) = 7.0.2
-Provides:       bundled(node-hosted-git-info) = 7.0.1
 Provides:       bundled(node-http-cache-semantics) = 4.1.1
 Provides:       bundled(node-http-proxy-agent) = 7.0.2
-Provides:       bundled(node-https-proxy-agent) = 7.0.4
+Provides:       bundled(node-https-proxy-agent) = 7.0.5
 Provides:       bundled(node-iconv-lite) = 0.6.3
-Provides:       bundled(node-ignore-walk) = 6.0.4
+Provides:       bundled(node-ignore-walk) = 6.0.5
 Provides:       bundled(node-imurmurhash) = 0.1.4
 Provides:       bundled(node-indent-string) = 4.0.0
-Provides:       bundled(node-ini) = 4.1.2
+Provides:       bundled(node-ini) = 4.1.3
-Provides:       bundled(node-init-package-json) = 6.0.2
+Provides:       bundled(node-init-package-json) = 6.0.3
 Provides:       bundled(node-ip-address) = 9.0.5
 Provides:       bundled(node-ip-regex) = 5.0.0
-Provides:       bundled(node-is-cidr) = 5.0.5
+Provides:       bundled(node-is-cidr) = 5.1.0
-Provides:       bundled(node-is-core-module) = 2.13.1
 Provides:       bundled(node-is-fullwidth-code-point) = 3.0.0
 Provides:       bundled(node-is-lambda) = 1.0.1
 Provides:       bundled(node-isexe) = 2.0.0
 Provides:       bundled(node-isexe) = 3.1.1
-Provides:       bundled(node-jackspeak) = 2.3.6
+Provides:       bundled(node-jackspeak) = 3.4.0
 Provides:       bundled(node-jsbn) = 1.1.0
-Provides:       bundled(node-json-parse-even-better-errors) = 3.0.1
+Provides:       bundled(node-json-parse-even-better-errors) = 3.0.2
 Provides:       bundled(node-json-stringify-nice) = 1.1.4
 Provides:       bundled(node-jsonparse) = 1.3.1
 Provides:       bundled(node-just-diff) = 6.0.2
 Provides:       bundled(node-just-diff-apply) = 5.5.0
-Provides:       bundled(node-libnpmaccess) = 8.0.5
+Provides:       bundled(node-libnpmaccess) = 8.0.6
-Provides:       bundled(node-libnpmdiff) = 6.1.1
+Provides:       bundled(node-libnpmdiff) = 6.1.4
-Provides:       bundled(node-libnpmexec) = 8.1.0
+Provides:       bundled(node-libnpmexec) = 8.1.3
-Provides:       bundled(node-libnpmfund) = 5.0.9
+Provides:       bundled(node-libnpmfund) = 5.0.12
-Provides:       bundled(node-libnpmhook) = 10.0.4
+Provides:       bundled(node-libnpmhook) = 10.0.5
-Provides:       bundled(node-libnpmorg) = 6.0.5
+Provides:       bundled(node-libnpmorg) = 6.0.6
-Provides:       bundled(node-libnpmpack) = 7.0.1
+Provides:       bundled(node-libnpmpack) = 7.0.4
-Provides:       bundled(node-libnpmpublish) = 9.0.7
+Provides:       bundled(node-libnpmpublish) = 9.0.9
-Provides:       bundled(node-libnpmsearch) = 7.0.4
+Provides:       bundled(node-libnpmsearch) = 7.0.6
-Provides:       bundled(node-libnpmteam) = 6.0.4
+Provides:       bundled(node-libnpmteam) = 6.0.5
-Provides:       bundled(node-libnpmversion) = 6.0.1
+Provides:       bundled(node-libnpmversion) = 6.0.3
 Provides:       bundled(node-lru-cache) = 10.2.2
-Provides:       bundled(node-lru-cache) = 6.0.0
 Provides:       bundled(node-make-fetch-happen) = 13.0.1
-Provides:       bundled(node-minimatch) = 9.0.4
+Provides:       bundled(node-minimatch) = 9.0.5
 Provides:       bundled(node-minipass) = 3.3.6
 Provides:       bundled(node-minipass) = 5.0.0
-Provides:       bundled(node-minipass) = 7.0.4
+Provides:       bundled(node-minipass) = 7.1.2
 Provides:       bundled(node-minipass-collect) = 2.0.1
-Provides:       bundled(node-minipass-fetch) = 3.0.4
+Provides:       bundled(node-minipass-fetch) = 3.0.5
 Provides:       bundled(node-minipass-flush) = 1.0.5
-Provides:       bundled(node-minipass-json-stream) = 1.0.1
 Provides:       bundled(node-minipass-pipeline) = 1.2.4
 Provides:       bundled(node-minipass-sized) = 1.0.3
 Provides:       bundled(node-minizlib) = 2.1.2
@@ -529,24 +542,25 @@ Provides:       bundled(node-ms) = 2.1.3
 Provides:       bundled(node-mute-stream) = 1.0.0
 Provides:       bundled(node-negotiator) = 0.6.3
 Provides:       bundled(node-node-gyp) = 10.1.0
-Provides:       bundled(node-nopt) = 7.2.0
+Provides:       bundled(node-nopt) = 7.2.1
-Provides:       bundled(node-normalize-package-data) = 6.0.0
+Provides:       bundled(node-normalize-package-data) = 6.0.2
 Provides:       bundled(node-npm-audit-report) = 5.0.0
-Provides:       bundled(node-npm-bundled) = 3.0.0
+Provides:       bundled(node-npm-bundled) = 3.0.1
 Provides:       bundled(node-npm-install-checks) = 6.3.0
 Provides:       bundled(node-npm-normalize-package-bin) = 3.0.1
 Provides:       bundled(node-npm-package-arg) = 11.0.2
 Provides:       bundled(node-npm-packlist) = 8.0.2
-Provides:       bundled(node-npm-pick-manifest) = 9.0.0
+Provides:       bundled(node-npm-pick-manifest) = 9.1.0
-Provides:       bundled(node-npm-profile) = 9.0.2
+Provides:       bundled(node-npm-profile) = 10.0.0
-Provides:       bundled(node-npm-registry-fetch) = 17.0.0
+Provides:       bundled(node-npm-registry-fetch) = 17.1.0
-Provides:       bundled(node-npm-user-validate) = 2.0.0
+Provides:       bundled(node-npm-user-validate) = 2.0.1
 Provides:       bundled(node-p-map) = 4.0.0
-Provides:       bundled(node-pacote) = 18.0.3
+Provides:       bundled(node-package-json-from-dist) = 1.0.0
+Provides:       bundled(node-pacote) = 18.0.6
 Provides:       bundled(node-parse-conflict-json) = 3.0.1
 Provides:       bundled(node-path-key) = 3.1.1
-Provides:       bundled(node-path-scurry) = 1.10.2
+Provides:       bundled(node-path-scurry) = 1.11.1
-Provides:       bundled(node-postcss-selector-parser) = 6.0.16
+Provides:       bundled(node-postcss-selector-parser) = 6.1.0
 Provides:       bundled(node-proc-log) = 3.0.0
 Provides:       bundled(node-proc-log) = 4.2.0
 Provides:       bundled(node-proggy) = 2.0.0
@@ -554,28 +568,28 @@ Provides:       bundled(node-promise-all-reject-late) = 1.0.1
 Provides:       bundled(node-promise-call-limit) = 3.0.1
 Provides:       bundled(node-promise-inflight) = 1.0.1
 Provides:       bundled(node-promise-retry) = 2.0.1
-Provides:       bundled(node-promzard) = 1.0.1
+Provides:       bundled(node-promzard) = 1.0.2
 Provides:       bundled(node-qrcode-terminal) = 0.12.0
 Provides:       bundled(node-read) = 3.0.1
 Provides:       bundled(node-read-cmd-shim) = 4.0.0
 Provides:       bundled(node-read-package-json-fast) = 3.0.2
 Provides:       bundled(node-retry) = 0.12.0
 Provides:       bundled(node-safer-buffer) = 2.1.2
-Provides:       bundled(node-semver) = 7.6.0
+Provides:       bundled(node-semver) = 7.6.2
 Provides:       bundled(node-shebang-command) = 2.0.0
 Provides:       bundled(node-shebang-regex) = 3.0.0
 Provides:       bundled(node-signal-exit) = 4.1.0
-Provides:       bundled(node-sigstore) = 2.3.0
+Provides:       bundled(node-sigstore) = 2.3.1
 Provides:       bundled(node-smart-buffer) = 4.2.0
 Provides:       bundled(node-socks) = 2.8.3
-Provides:       bundled(node-socks-proxy-agent) = 8.0.3
+Provides:       bundled(node-socks-proxy-agent) = 8.0.4
 Provides:       bundled(node-spdx-correct) = 3.2.0
 Provides:       bundled(node-spdx-exceptions) = 2.5.0
 Provides:       bundled(node-spdx-expression-parse) = 3.0.1
 Provides:       bundled(node-spdx-expression-parse) = 4.0.0
-Provides:       bundled(node-spdx-license-ids) = 3.0.17
+Provides:       bundled(node-spdx-license-ids) = 3.0.18
 Provides:       bundled(node-sprintf-js) = 1.1.3
-Provides:       bundled(node-ssri) = 10.0.5
+Provides:       bundled(node-ssri) = 10.0.6
 Provides:       bundled(node-string-width) = 4.2.3
 Provides:       bundled(node-string-width) = 5.1.2
 Provides:       bundled(node-strip-ansi) = 6.0.1
@@ -585,12 +599,12 @@ Provides:       bundled(node-tar) = 6.2.1
 Provides:       bundled(node-text-table) = 0.2.0
 Provides:       bundled(node-tiny-relative-date) = 1.3.0
 Provides:       bundled(node-treeverse) = 3.0.0
-Provides:       bundled(node-tuf-js) = 2.2.0
+Provides:       bundled(node-tuf-js) = 2.2.1
 Provides:       bundled(node-unique-filename) = 3.0.0
 Provides:       bundled(node-unique-slug) = 4.0.0
 Provides:       bundled(node-util-deprecate) = 1.0.2
 Provides:       bundled(node-validate-npm-package-license) = 3.0.4
-Provides:       bundled(node-validate-npm-package-name) = 5.0.0
+Provides:       bundled(node-validate-npm-package-name) = 5.0.1
 Provides:       bundled(node-walk-up-path) = 3.0.1
 Provides:       bundled(node-which) = 2.0.2
 Provides:       bundled(node-which) = 4.0.0
@@ -673,6 +687,7 @@ popd
 %if 0%{with valgrind_tests}
 %endif
 %patch -P 13 -p1
+%patch -P 82 -p1
 %patch -P 100 -p1
 %patch -P 101 -p1
 %if 0%{?suse_version} >= 1500 || 0%{?suse_version} == 0
@@ -789,6 +804,12 @@ EOF
 %if %{node_version_number} < 19
     --without-dtrace \
 %endif
+%if %{node_version_number} >= 22 && 0%{?suse_version} > 1500
+    --shared-sqlite \
+%endif
+%if %{node_version_number} >= 22
+    --shared-zstd \
+%endif
 %if %{node_version_number} >= 16 && (0%{?suse_version} > 1550 || 0%{?sle_version} >= 150400)
     --openssl-default-cipher-list=PROFILE=SYSTEM \
 %endif
@@ -916,12 +937,21 @@ export OPENSSL_CONF=''
 export CI_JS_SUITES=default
 export NODE_TEST_NO_INTERNET=1
 
+%ifarch s390x
+# webcrypto is unreliable with nodejs20 and behaviour can differ between z13 and z15
+rm test/wpt/test-webcrypto.js
+%endif
+
 %if %{node_version_number} >= 12
-find test \( -name \*.out -or -name \*.js \) -exec sed -i 's,Use `node ,Use `node%{node_version_number} ,' {} \;
+find test \( -name \*.out -or -name \*.js -or -name \*.snapshot \) -exec sed -i 's,Use `node ,Use `node%{node_version_number} ,' {} \;
 %endif
 
 %if %{node_version_number} >= 20
 rm test/parallel/test-strace-openat-openssl.js
+
+# https://github.com/nodejs/node/pull/57269 -- nghttp2 dropped priority support
+rm test/parallel/test-http2-client-set-priority.js
+rm test/parallel/test-http2-priority-event.js
 %endif
 
 # Update the python3 executable name to point at forced python version
@@ -929,6 +959,7 @@ rm test/parallel/test-strace-openat-openssl.js
 %if 0%{?forced_python_version:1}
 sed -i -e "s,'python3','python%{forced_python_version}'," test/parallel/test-child-process-set-blocking.js
 test -e tools/pseudo-tty.py && sed -i -e "s,^#!/usr/bin/env python3$,#!/usr/bin/python%{forced_python_version}," tools/pseudo-tty.py ||:
+export PYTHON="/usr/bin/python%{forced_python_version}"
 %endif
 
 ln addon-rpm.gypi deps/npm/node_modules/node-gyp/addon-rpm.gypi
@@ -943,6 +974,10 @@ rm test/parallel/test-dns-cancel-reverse-lookup.js \
    test/parallel/test-dns-resolveany.js
 # multicast test fail since no socket?
 rm test/parallel/test-dgram-membership.js
+%if %{node_version_number} > 20
+# missing ICU test data for 15.6/15.7/SLFO
+ln test/fixtures/icu/localizationData-v74.2.json test/fixtures/icu/localizationData-v73.2.json
+%endif
 
 %if %{node_version_number} >= 18
 # OBS broken /etc/hosts -- https://github.com/openSUSE/open-build-service/issues/13104