Hi, several Node.js c++ modules are packaged using node-pre-gyp as build tool. Upstream usually do so in order to download prebuilt binaries if some have been made available, or fallback to building from source.
The debian package of node-pre-gyp is patched to *always* build from source. Downloading binaries from untrusted sources seemed bad enough to me to not even let the user choose that option. So debian packages like node-sqlite3 for example, can now safely use "node-pre-gyp configure", "node-pre-gyp build" and don't need a patch to be built. I'm not sure it's worth reporting bugs to all concerned packages. Cheers, Jérémy