commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2018-01-06 18:51:51 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Sat Jan 6 18:51:51 2018 rev:20 rq:561898 version:4.8.7 Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2017-12-09 20:32:43.318591244 +0100 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2018-01-06 18:52:04.863124473 +0100 @@ -1,0 +2,12 @@ +Thu Dec 21 12:53:36 UTC 2017 - adam.ma...@suse.de + +- Enable CI tests in %check target + + fix_ci_ssl_tests.patch: Disable testing of obsolete curves +which are not enabled OpenSUSE's OpenSSL library + + fix_ci_tests.patch: +- DNS queries in buildroots are failing with EAI_AGAIN +- disable test-module-loading-globalpaths.js - we have + hardcoded global paths + + versioned.patch: call versioned node binary for tests + +--- @@ -6 +18 @@ -and lower) +and lower) (bsc#1072322) New: fix_ci_ssl_tests.patch fix_ci_tests.patch Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.LPhGt7/_old 2018-01-06 18:52:08.730943750 +0100 +++ /var/tmp/diff_new_pack.LPhGt7/_new 2018-01-06 18:52:08.730943750 +0100 @@ -93,6 +93,8 @@ ## UPSTREAM PATCHES HERE, if any Patch1: 8334.diff +Patch3: fix_ci_tests.patch +Patch4: fix_ci_ssl_tests.patch ## Our patches # PATCH-FIX-OPENSUSE -- set correct path for dtrace if it is built @@ -161,12 +163,19 @@ BuildRequires: zlib-devel %if ! %{with intree_openssl} + +%if %node_version_number >= 8 +BuildRequires: openssl-devel >= 1.0.2 +%else # older node doesn't support OpenSSL 1.1 + %if 0%{?suse_version} >= 1330 BuildRequires: libopenssl-1_0_0-devel %else BuildRequires: openssl-devel >= 1.0.2 %endif -%endif + +%endif # older node doesn't support OpenSSL 1.1 +%endif # ! {with intree_openssl} %if ! %{with intree_cares} BuildRequires: pkgconfig(libcares) >= 1.10.0 @@ -248,8 +257,10 @@ %prep echo "`grep node-v%{version}.tar.xz %{S:1} | head -n1 | cut -c1-64` %{S:0}" | sha256sum -c %setup -q -n node-v%{version} -%if %node_version_number < 6 %patch1 -p1 +%patch3 -p1 +%if ! %{with intree_openssl} +%patch4 -p1 %endif %patch101 -p1 %patch102 -p1 @@ -381,9 +392,19 @@ ln -s %{_sysconfdir}/alternatives/npx.1%{ext_man} %{buildroot}%{_mandir}/man1/npx.1%{ext_man} %endif -# Check that Node.js isn't completely broken. %check -%{buildroot}%{_bindir}/node%{node_version_number} -e 'require("assert").strictEqual(process.versions.node, "%{version}");' +ln addon-rpm.gypi deps/npm/node_modules/node-gyp/addon-rpm.gypi +# Tarball doesn't have eslint package distributed, so disable some tests +find test -name \*-eslint-\* -print -delete +# No documentation is generated, don't bother checking it +rm -f test/doctool/test-make-doc.js +# DNS lookup doesn't work in build root +rm -f test/parallel/test-dns-cancel-reverse-lookup.js \ + test/parallel/test-dns-resolveany.js +# multicast test fail since no socket? +rm -f test/parallel/test-dgram-membership.js +# Run CI tests - 'advisory for now' +make test-ci || echo "** UNIT TESTS NOT ALL HAPPY *" %files %defattr(-, root, root) ++ fix_ci_ssl_tests.patch ++ Author: Adam Majer Date: Dec 20 09:18:49 UTC 2017 Summary: Fix CI unit tests framework for OBS building When using OpenSUSE supplied openssl, some tests act differently. Index: node-v4.8.7/test/parallel/test-crypto-dh.js === --- node-v4.8.7.orig/test/parallel/test-crypto-dh.js +++ node-v4.8.7/test/parallel/test-crypto-dh.js @@ -161,7 +161,7 @@ assert.equal(secret1, secret2.toString(' // Oakley curves do not clean up ERR stack, it was causing unexpected failure // when accessing other OpenSSL APIs afterwards. -crypto.createECDH('Oakley-EC2N-3'); +// crypto.createECDH('Oakley-EC2N-3'); crypto.createHash('sha256'); // Point formats ++ fix_ci_tests.patch ++ Author: Adam Majer Date: Dec 20 09:18:49 UTC 2017 Summary: Fix CI unit tests framework for OBS building Index: node-v4.8.7/test/parallel/test-tls-connect-address-family.js === --- node-v4.8.7.orig/test/parallel/test-tls-connect-address-family.js +++ node-v4.8.7/test/parallel/test-tls-connect-address-family.js @@ -32,7 +32,7 @@ function runTest() { dns.lookup('localhost', {family: 6, all: true}, (err, addresses) => { if (err) { -if (err.code === 'ENOTFOUND') { +if (err.code === 'ENOTFOUND' || err.code === 'EAI_AGAIN') { common.s
commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2017-12-09 20:32:28 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Sat Dec 9 20:32:28 2017 rev:19 rq:25 version:4.8.7 Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2017-11-29 10:54:47.172021795 +0100 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2017-12-09 20:32:43.318591244 +0100 @@ -1,0 +2,9 @@ +Sat Dec 9 03:22:01 UTC 2017 - qantas94he...@gmail.com + +- New upstream maintenance release 4.8.7: + * deps/openssl: updated to 1.0.2n (only applies to SLE 12 SP1 +and lower) +[ CVE-2017-3738 CVE-2017-15896 ] +- Remove unnecessary curl BuildRequires + +--- Old: node-v4.8.6.tar.xz New: node-v4.8.7.tar.xz Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.2D1ac7/_old 2017-12-09 20:32:44.514534280 +0100 +++ /var/tmp/diff_new_pack.2D1ac7/_new 2017-12-09 20:32:44.518534090 +0100 @@ -26,7 +26,7 @@ ### Name: nodejs4 -Version:4.8.6 +Version:4.8.7 Release:0 %define node_version_number 4 @@ -60,25 +60,27 @@ %bcond_without gdb %endif -# No binutils_gold on SLE12 (aarch64). +# No binutils_gold on SLE 12 GA (aarch64). %ifarch aarch64 - %if 0%{?sle_version} >= 120100 || 0%{?is_opensuse} %bcond_without binutils_gold %else %bcond_withbinutils_gold %endif +%endif # aarch64 -%else # aarch64 - -# No binutils_gold on s390x. +# No binutils_gold on all versions of SLE 12 and Leap 42 (s390x). %ifarch s390x s390 -%bcond_withbinutils_gold -%else +%if 0%{?suse_version} > 1320 %bcond_without binutils_gold +%else +%bcond_withbinutils_gold +%endif %endif # s390x s390 -%endif # aarch64 +%ifnarch aarch64 s390x s390 +%bcond_without binutils_gold +%endif Summary:Evented I/O for V8 JavaScript License:MIT @@ -133,20 +135,24 @@ %endif # sles == 11 # SLE 12 and Leap 42 -%if 0%{?suse_version} == 1315 -%if %node_version_number >= 8 +# GCC 6 is only available with SLE 12 SP1 and Leap 42.2+ (ignore 42.1: EOL). +%if 4 >= 8 && 0%{?suse_version} == 1315 +%if 0%{?sle_version} < 120100 +BuildRequires: gcc5-c++ +%define cc_exec gcc-5 +%define cpp_exec g++-5 +%else BuildRequires: gcc6-c++ %define cc_exec gcc-6 %define cpp_exec g++-6 -%endif -%endif +%endif # SLE 12 < SP1 +%endif # node >= 8 and sle == 12 # No special version defined, use default. %if ! 0%{?cc_exec:1} BuildRequires: gcc-c++ %endif -BuildRequires: curl BuildRequires: fdupes BuildRequires: pkg-config BuildRequires: procps @@ -282,6 +288,9 @@ export CXX=%{?cpp_exec} %endif +# Node.js 4.x does not include the ICU database in the source tarball. +%define has_small_icu %(test -d "deps/icu-small" && echo 1 || echo 0) + ./configure \ --prefix=%{_prefix} \ %if ! %{with intree_openssl} @@ -293,6 +302,11 @@ %endif %if ! %{with intree_icu} --with-intl=system-icu \ +%else +%if %{has_small_icu} +--with-intl=small-icu \ +--with-icu-source=deps/icu-small \ +%endif %endif %if %{with gdb} --gdb \ ++ SHASUMS256.txt ++ --- /var/tmp/diff_new_pack.2D1ac7/_old 2017-12-09 20:32:44.550532565 +0100 +++ /var/tmp/diff_new_pack.2D1ac7/_new 2017-12-09 20:32:44.554532375 +0100 @@ -1,39 +1,39 @@ -ee7ce30a1b7069efea27bbef1829a3a665ae6650cc4a79eb556707c6779ba540 node-v4.8.6-darwin-x64.tar.gz -724b15bfbc0d8bd2e0ab9db5fabcf65c5214dd8a4edf8f482502382a76dd3bcc node-v4.8.6-darwin-x64.tar.xz -75a76a42d01aec1e6b70078adae797078b46c4fa5bd049fc2814ec028937d356 node-v4.8.6-headers.tar.gz -ef08ff8c87db784c2afd994e2341be3975685c55cd9006c80403e60fea94240b node-v4.8.6-headers.tar.xz -b132ab051b1a48db3e9385b086c77fc4438f888a236b7e9cbe998171196592cb node-v4.8.6-linux-arm64.tar.gz -03fad7fe117ec2f81c98af89e99b93b9ce3505bf57a51b630f3648bf0f868c0a node-v4.8.6-linux-arm64.tar.xz -68f599d287f11ca528acc3f1371305301ba34b8fbd915e65fd71a5144b169c87 node-v4.8.6-linux-armv6l.tar.gz -16081118979537dcdd4fd210fa916a97e481dde5dbc269156faa8825f8830cbd node-v4.8.6-linux-armv6l.tar.xz -d4cfb8286de99911548a29d792a108dbbc43df2d747099d311ff882f25c3c608 node-v4.8.6-linux-armv7l.tar.gz -2bf41f0067587af422773984c352295870ceee94965eaea3f7926cf62c9db5d0 node-v4.8.6-linux-armv7l.tar.xz -7339f4e8e3fdc34c6992f3e92ffd5a41e331bc28f8d07fcf83fe8211c766d772 node-v4.8.6-linux-ppc64le.tar.gz -0514f7a0722707ca9a4a4a98f2c8be779f71115aecd75bb06be97e5db692a90f node-v4.8.6-linux-ppc64le.tar.xz -58c0788793f580f3f4edc79df16046b3ee815bc42fcaf4dde5a1a164ca248c3c no
commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2017-11-29 10:54:40 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Wed Nov 29 10:54:40 2017 rev:18 rq:546332 version:4.8.6 Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2017-11-17 11:00:21.695937053 +0100 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2017-11-29 10:54:47.172021795 +0100 @@ -1,0 +2,12 @@ +Wed Nov 29 01:41:56 UTC 2017 - qantas94he...@gmail.com + +- Change BuildRequires from openssl-devel to libopenssl-1_0_0-devel + due to Tumbleweed/Leap 15 change to OpenSSL 1.1.0 as default + +--- +Thu Nov 16 13:16:25 UTC 2017 - adam.ma...@suse.de + +- Update nodejs.keyring based on current Release Team as found on + https://github.com/nodejs/node#release-team + +--- @@ -5,0 +18 @@ + Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.F9SK7y/_old 2017-11-29 10:54:48.023990884 +0100 +++ /var/tmp/diff_new_pack.F9SK7y/_new 2017-11-29 10:54:48.023990884 +0100 @@ -155,8 +155,12 @@ BuildRequires: zlib-devel %if ! %{with intree_openssl} +%if 0%{?suse_version} >= 1330 +BuildRequires: libopenssl-1_0_0-devel +%else BuildRequires: openssl-devel >= 1.0.2 %endif +%endif %if ! %{with intree_cares} BuildRequires: pkgconfig(libcares) >= 1.10.0 ++ nodejs.keyring ++ Binary files /var/tmp/diff_new_pack.F9SK7y/_old and /var/tmp/diff_new_pack.F9SK7y/_new differ
commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2017-11-17 10:55:00 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Fri Nov 17 10:55:00 2017 rev:17 rq:542083 version:4.8.6 Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2017-10-25 17:49:14.226583412 +0200 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2017-11-17 11:00:21.695937053 +0100 @@ -1,0 +2,16 @@ +Mon Nov 13 14:29:47 UTC 2017 - adam.ma...@suse.de + +- Fix permissions of node-gyp. This should be executable to allow + building of binary node modules. +--- +Mon Nov 13 10:12:07 UTC 2017 - adam.ma...@suse.de + +- New upstream maintenance release 4.8.6: + * crypto: upgrade openssl sources to 1.0.2m +[OpenSSL Security Advisory (bsc#1066242, bsc#1056058) + CVE-2017-3735 CVE-2017-3736] + * deps: add support for more modern versions of INTL +- 0f3e69db.patch: removed, upstreamed +- icu59.patch: removed, upstreamed + +--- @@ -14,5 +29,0 @@ -- Make sure npm program remains executable - -Fri Oct 13 11:04:51 UTC 2017 - adam.ma...@suse.de - @@ -20,0 +32,2 @@ +- Make sure npm program remains executable + Old: 0f3e69db.patch icu59.patch node-v4.8.5.tar.xz New: node-v4.8.6.tar.xz Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.iA7zy8/_old 2017-11-17 11:00:22.687900748 +0100 +++ /var/tmp/diff_new_pack.iA7zy8/_new 2017-11-17 11:00:22.691900601 +0100 @@ -26,7 +26,7 @@ ### Name: nodejs4 -Version:4.8.5 +Version:4.8.6 Release:0 %define node_version_number 4 @@ -91,8 +91,6 @@ ## UPSTREAM PATCHES HERE, if any Patch1: 8334.diff -Patch2: 0f3e69db.patch -Patch3: icu59.patch ## Our patches # PATCH-FIX-OPENSUSE -- set correct path for dtrace if it is built @@ -243,12 +241,6 @@ %if %node_version_number < 6 %patch1 -p1 %endif -%if %node_version_number < 6 -%patch2 -p1 -%endif -%if %node_version_number < 6 -%patch3 -p1 -%endif %patch101 -p1 %patch102 -p1 # Add check_output to configure script (not part of Python 2.6 in SLE11). @@ -312,6 +304,9 @@ rm -f %{buildroot}%{_datadir}/doc/node/lldbinit rm -f %{buildroot}%{_datadir}/doc/node/lldb_commands.py +# remove .bak files, if any +find %{buildroot} -name \*.bak -print -delete + # npm man page install -D -m 644 deps/npm/man/man1/npm.1 %{buildroot}%{_mandir}/man1/npm%{node_version_number}.1 @@ -343,6 +338,7 @@ # fix permissions find %{buildroot}%{_libdir}/node_modules -type f -exec chmod -x {} + chmod 0755 %{buildroot}%{_libdir}/node_modules/npm%{node_version_number}/bin/np*-cli.js +chmod 0755 %{buildroot}%{_libdir}/node_modules/npm%{node_version_number}/bin/node-gyp-bin/node-gyp # browser.js is useless for npm cli find %{buildroot}%{_libdir}/node_modules/npm%{node_version_number} -name "browser.js" -delete ++ SHASUMS256.txt ++ --- /var/tmp/diff_new_pack.iA7zy8/_old 2017-11-17 11:00:22.727899284 +0100 +++ /var/tmp/diff_new_pack.iA7zy8/_new 2017-11-17 11:00:22.731899137 +0100 @@ -1,39 +1,39 @@ -7e0b0ea1ea8d37096561caed59368eebb773c2cdf9d455ad30381053fbc109ce node-v4.8.5-darwin-x64.tar.gz -c32a9d5d47255a8dfd768787a0bac7d17d5f55709b20f7b59a3de3f013c6e7dc node-v4.8.5-darwin-x64.tar.xz -68efec4d1b8cd080bbb622e6f690520bfae575c26aeaa983ae9eb0585e087658 node-v4.8.5-headers.tar.gz -311734f04786dad2ded0d31611d1a180983e0eba8da350622a395ea0dd9bc83b node-v4.8.5-headers.tar.xz -9133ba0865f1d15c52a6fe550fb7a8df81ac81083661dd28ce0bec5fb97be6bf node-v4.8.5-linux-arm64.tar.gz -826f8f898b70085443a6191321e7424967154596021f39bbd517c10ad78bd920 node-v4.8.5-linux-arm64.tar.xz -c2665427269408ba05a7917362af3c9ee28095931315987ec8e9ff332cc4df5d node-v4.8.5-linux-armv6l.tar.gz -d219a26024498d4fdc615803621dead734a515087e1b98b38240deeb0c2c877d node-v4.8.5-linux-armv6l.tar.xz -b6b1a85c7d8fe63aa9459748b035116ca71a42c0aac06eab6d876ebc67f7a136 node-v4.8.5-linux-armv7l.tar.gz -d054af00b6d67f3417e6062a967c7124bcdd45c83f1f103ae4705ff8e62e16ea node-v4.8.5-linux-armv7l.tar.xz -53599540a678fd7114922b4f94b28518a76899f64d3c0e6ba94ccf5c266b5652 node-v4.8.5-linux-ppc64le.tar.gz -8b5ae4d119d645bcff7e93186aff6c5f8ee4ae7d9c66d2969ff70ddf01707ccc node-v4.8.5-linux-ppc64le.tar.xz -f26cfd2e27cda911fbacf03d856cd8dcbbe0f54cf16958d94c58eb721d2e8946 node-v4.8.5-linux-ppc64.tar.gz -a97e732688f9b4a0c2b208160abd939c660d7298d299c3281947829
commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2017-10-25 17:49:02 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Wed Oct 25 17:49:02 2017 rev:16 rq:536529 version:4.8.5 Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2017-08-13 14:57:07.286208433 +0200 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2017-10-25 17:49:14.226583412 +0200 @@ -1,0 +2,20 @@ +Wed Oct 25 07:02:20 UTC 2017 - qantas94he...@gmail.com + +- New upstream maintenance release 4.8.5: + * zlib: (CVE-2017-14919: only affects TW) In zlib v1.2.9, a +change was made that causes an exception to be thrown when a +raw deflate stream is initialized with windowBits set to 8. +Node.js will now gracefully set windowBits to 9 (replicating +the legacy behavior) to avoid a DOS vector. + +--- +Thu Oct 19 08:07:05 UTC 2017 - adam.ma...@suse.de + +- Make sure npm program remains executable + +--- +Fri Oct 13 11:04:51 UTC 2017 - adam.ma...@suse.de + +- Replace {{node_version_major}} with RPM define %node_version_number + for simpler spec file review. +--- Old: node-v4.8.4.tar.xz New: node-v4.8.5.tar.xz Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.DKxVWL/_old 2017-10-25 17:49:15.382529158 +0200 +++ /var/tmp/diff_new_pack.DKxVWL/_new 2017-10-25 17:49:15.386528971 +0200 @@ -26,9 +26,11 @@ ### Name: nodejs4 -Version:4.8.4 +Version:4.8.5 Release:0 +%define node_version_number 4 + %if 0%{?sles_version} == 11 %define _libexecdir %{_exec_prefix}/lib %endif @@ -112,23 +114,39 @@ BuildRequires: binutils-gold %endif -%if 4 >= 8 +# Node.js 4/6/7 requires GCC 4.8.5+. +# +# For Node.js 8.x, upstream requires GCC 4.9.4+, as GCC 4.8 may have +# slightly buggy C++11 support: https://github.com/nodejs/node/pull/13466 +# +# If the default compiler is not supported, use the most recent compiler +# version available. %if 0%{?sles_version} == 11 +# GCC 5 is only available in the SUSE:SLE-11:SP4:Update repository (SDK). +%if %node_version_number >= 8 BuildRequires: gcc5-c++ %define cc_exec gcc-5 %define cpp_exec g++-5 %else +BuildRequires: gcc48-c++ +%define cc_exec gcc-4.8 +%define cpp_exec g++-4.8 +%endif # node >= 8 +%endif # sles == 11 + +# SLE 12 and Leap 42 +%if 0%{?suse_version} == 1315 +%if %node_version_number >= 8 BuildRequires: gcc6-c++ %define cc_exec gcc-6 %define cpp_exec g++-6 -%endif # node8+ GCC requirements -%else # older than node8 -%if 0%{?sles_version} == 11 -BuildRequires: gcc48-c++ -%else +%endif +%endif + +# No special version defined, use default. +%if ! 0%{?cc_exec:1} BuildRequires: gcc-c++ %endif -%endif # node7,6,5 BuildRequires: curl BuildRequires: fdupes @@ -222,13 +240,13 @@ %prep echo "`grep node-v%{version}.tar.xz %{S:1} | head -n1 | cut -c1-64` %{S:0}" | sha256sum -c %setup -q -n node-v%{version} -%if 4 < 6 +%if %node_version_number < 6 %patch1 -p1 %endif -%if 4 < 7 +%if %node_version_number < 6 %patch2 -p1 %endif -%if 4 < 8 +%if %node_version_number < 6 %patch3 -p1 %endif %patch101 -p1 @@ -262,10 +280,6 @@ # script, so we'll do it thus: export CFLAGS="%{optflags}" export CXXFLAGS="%{optflags}" -# It seems that GCC 4.8 is needed to compile on SLE 11 SP4. -%if 0%{?sles_version} == 11 -export CXX="g++-4.8" -%endif %if 0%{?cc_exec:1} export CC=%{?cc_exec} @@ -299,59 +313,42 @@ rm -f %{buildroot}%{_datadir}/doc/node/lldb_commands.py # npm man page -install -D -m 644 deps/npm/man/man1/npm.1 %{buildroot}%{_mandir}/man1/npm4.1 +install -D -m 644 deps/npm/man/man1/npm.1 %{buildroot}%{_mandir}/man1/npm%{node_version_number}.1 #node-gyp needs common.gypi too install -D -m 644 common.gypi \ - %{buildroot}%{_libdir}/node_modules/npm4/node_modules/node-gyp/common.gypi + %{buildroot}%{_libdir}/node_modules/npm%{node_version_number}/node_modules/node-gyp/common.gypi # %%{buildroot}%%{_datadir}/node/common.gypi # install addon-rpm.gypi install -D -m 644 addon-rpm.gypi \ - %{buildroot}%{_libdir}/node_modules/npm4/node_modules/node-gyp/addon-rpm.gypi + %{buildroot}%{_libdir}/node_modules/npm%{node_version_number}/node_modules/node-gyp/addon-rpm.gypi # clean # hidden files and directories -find %{buildroot}%{_libdir}/node_modules/npm4 -name ".*" -print0 | xargs -r0 -0 rm -rf -- +find %{buildroot}%{
commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2017-08-13 14:57:06 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Sun Aug 13 14:57:06 2017 rev:15 rq:515762 version:4.8.4 Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2017-07-19 12:21:47.317758859 +0200 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2017-08-13 14:57:07.286208433 +0200 @@ -1,0 +2,6 @@ +Wed Aug 2 15:16:57 UTC 2017 - adam.ma...@suse.de + +- Fix update-alternative handling in %postun - don't remove + links on upgrades. + +--- @@ -9 +15 @@ -robust solution is found (bnc#1048299). +robust solution is found (bnc#1048299, CVE-2017-11499). Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.2fabir/_old 2017-08-13 14:57:08.434047355 +0200 +++ /var/tmp/diff_new_pack.2fabir/_new 2017-08-13 14:57:08.450045109 +0200 @@ -112,11 +112,23 @@ BuildRequires: binutils-gold %endif +%if 4 >= 8 +%if 0%{?sles_version} == 11 +BuildRequires: gcc5-c++ +%define cc_exec gcc-5 +%define cpp_exec g++-5 +%else +BuildRequires: gcc6-c++ +%define cc_exec gcc-6 +%define cpp_exec g++-6 +%endif # node8+ GCC requirements +%else # older than node8 %if 0%{?sles_version} == 11 BuildRequires: gcc48-c++ %else BuildRequires: gcc-c++ %endif +%endif # node7,6,5 BuildRequires: curl BuildRequires: fdupes @@ -255,6 +267,11 @@ export CXX="g++-4.8" %endif +%if 0%{?cc_exec:1} +export CC=%{?cc_exec} +export CXX=%{?cpp_exec} +%endif + ./configure \ --prefix=%{_prefix} \ %if ! %{with intree_openssl} @@ -346,6 +363,12 @@ ln -s %{_sysconfdir}/alternatives/node.1%{ext_man} %{buildroot}%{_mandir}/man1/node.1%{ext_man} ln -s %{_sysconfdir}/alternatives/npm-default %{buildroot}%{_bindir}/npm-default ln -s %{_sysconfdir}/alternatives/npm.1%{ext_man} %{buildroot}%{_mandir}/man1/npm.1%{ext_man} +%if 4 >= 8 +ln -s -f npx-default %{buildroot}%{_sysconfdir}/alternatives/npx-default +ln -s -f npx.1%{ext_man} %{buildroot}%{_sysconfdir}/alternatives/npx.1%{ext_man} +ln -s %{_sysconfdir}/alternatives/npx-default %{buildroot}%{_bindir}/npx-default +ln -s %{_sysconfdir}/alternatives/npx.1%{ext_man} %{buildroot}%{_mandir}/man1/npx.1%{ext_man} +%endif # Check that Node.js isn't completely broken. %check @@ -374,6 +397,14 @@ %ghost %{_sysconfdir}/alternatives/npm-default %ghost %{_sysconfdir}/alternatives/npm.1%{ext_man} +%if 4 >= 8 +%{_bindir}/npx4 +%ghost %{_bindir}/npx-default +%ghost %{_mandir}/man1/npx.1%{ext_man} +%ghost %{_sysconfdir}/alternatives/npx-default +%ghost %{_sysconfdir}/alternatives/npx.1%{ext_man} +%endif + %files devel %defattr(-, root, root) %{_includedir}/node4 @@ -391,14 +422,28 @@ --slave %{_mandir}/man1/node.1%{ext_man} node.1%{ext_man} %{_mandir}/man1/node4.1%{ext_man} %postun -update-alternatives --remove node-default %{_bindir}/node4 +if [ ! -f %{_bindir}/node4 ] ; then +update-alternatives --remove node-default %{_bindir}/node4 +fi %post -n npm4 update-alternatives \ --install %{_bindir}/npm-default npm-default %{_bindir}/npm4 4 \ --slave %{_mandir}/man1/npm.1%{ext_man} npm.1%{ext_man} %{_mandir}/man1/npm4.1%{ext_man} +%if 4 >= 8 +update-alternatives \ +--install %{_bindir}/npx-default npx-default %{_bindir}/npx4 4 \ +--slave %{_mandir}/man1/npx.1%{ext_man} npx.1%{ext_man} %{_mandir}/man1/npx4.1%{ext_man} +%endif %postun -n npm4 -update-alternatives --remove npm-default %{_bindir}/npm4 +if [ ! -f %{_bindir}/npm4 ] ; then +update-alternatives --remove npm-default %{_bindir}/npm4 +fi +%if 4 >= 8 +if [ ! -f %{_bindir}/npx4 ] ; then +update-alternatives --remove npx-default %{_bindir}/npx4 +fi +%endif %changelog
commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2017-07-19 11:20:49 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Wed Jul 19 11:20:49 2017 rev:14 rq:509751 version:4.8.4 Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2017-06-21 13:57:40.471283315 +0200 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2017-07-19 12:21:47.317758859 +0200 @@ -1,0 +2,37 @@ +Wed Jul 12 08:17:53 UTC 2017 - adam.ma...@suse.de + +- New LTS upstream version 4.8.4 + * v8: disable V8 snapshots. The hashseed embedded in the snapshot +is currently the same for all runs of the binary. This opens +node up to collision attacks which could result in a Denial +of Service. We have temporarily disabled snapshots until a more +robust solution is found (bnc#1048299). + * http: fixes http.get with numeric authorization options that +created/used uninitialized buffers as the authentication string + * The c-ares function ares_parse_naptr_reply(), which is used for +parsing NAPTR responses, could be triggered to read memory +outside of the given input buffer if the passed in DNS response +packet was crafted in a particular way. +(CVE-2017-1000381, bnc#1044946) + +--- +Fri Jul 7 14:05:05 UTC 2017 - adam.ma...@suse.de + +- Depend on nodejs-common that is then used to pick correctly + versioned node or npm binary. This is required since 3rd party + modules use `/usr/bin/env node` which breaks if multiple versions + of NodeJS are installed at the same time and non-default version + is used (for example, to compile a native module) + +--- +Thu Jul 6 12:08:26 UTC 2017 - adam.ma...@suse.de + +- npm_search_paths.patch: Since concurrent installations are now + possible, node manual pages are moved once again back under npm + searcheable locations only. +- versioned.patch: All files are now under versioned directoies + and names. node and npm symlinks are now managed by + update-alternatives +- node-gyp-addon-gypi.patch: Reference versioned directories only + +--- Old: node-v4.8.3.tar.xz New: node-v4.8.4.tar.xz versioned.patch Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.LkIIBD/_old 2017-07-19 12:21:48.941529726 +0200 +++ /var/tmp/diff_new_pack.LkIIBD/_new 2017-07-19 12:21:48.945529162 +0200 @@ -26,7 +26,7 @@ ### Name: nodejs4 -Version:4.8.3 +Version:4.8.4 Release:0 %if 0%{?sles_version} == 11 @@ -105,6 +105,9 @@ # instead of /usr Patch104: npm_search_paths.patch +# Use versioned binaries and paths +Patch200: versioned.patch + %if %{with binutils_gold} BuildRequires: binutils-gold %endif @@ -135,6 +138,8 @@ BuildRequires: pkgconfig(icu-i18n) >= 52 %endif +Requires(post): update-alternatives +Requires(postun): update-alternatives Recommends: npm(npm) = 2.15.11 #we need ABI virtual provides where SONAMEs aren't enough/not present so deps @@ -145,9 +150,12 @@ #this corresponds to the "engine" requirement in package.json Provides: nodejs(engine) = %{version} -# Only one nodejs installed at a time +# Multiple versions of NodeJS can be installed at a time, but +# to properly allow correct version execution from 3rd party +# npm software, `env node` requires further help than only +# update-alternatives can provide. Provides: nodejs = %{version} -Conflicts: otherproviders(nodejs) +Requires: nodejs-common # For SLE11, to be able to use the certificate store we need to have properly # symlinked certificates. The compatability symlinks are provided by the @@ -171,7 +179,6 @@ Group: Development/Languages/NodeJS Provides: nodejs-devel = %{version} Requires: %{name} = %{version} -Conflicts: otherproviders(nodejs-devel) %description devel This package provides development headers for Node.js. @@ -181,10 +188,9 @@ Group: Development/Languages/NodeJS Requires: %{name}-devel = %{version} Provides: nodejs-npm = %{version} -Obsoletes: nodejs-npm < 5.3.1 +Obsoletes: nodejs-npm < 4.0.0 Provides: npm = %{version} Provides: npm(npm) = 2.15.11 -Conflicts: otherproviders(npm) %description -n npm4 A package manager for Node.js that allows developers to install and @@ -220,6 +226,8 @@ %patch103 -p1 %endif %patch104 -p1 +%patch200 -
commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2017-06-21 13:57:39 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Wed Jun 21 13:57:39 2017 rev:13 rq:505081 version:4.8.3 Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2017-06-01 16:34:12.186690718 +0200 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2017-06-21 13:57:40.471283315 +0200 @@ -1,0 +2,5 @@ +Tue Jun 13 11:34:35 UTC 2017 - adam.ma...@suse.de + +- Fix typo in node-gyp-addon-gypi.patch patch + +--- Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.arTf0n/_old 2017-06-21 13:57:41.447145662 +0200 +++ /var/tmp/diff_new_pack.arTf0n/_new 2017-06-21 13:57:41.447145662 +0200 @@ -204,8 +204,10 @@ %prep echo "`grep node-v%{version}.tar.xz %{S:1} | head -n1 | cut -c1-64` %{S:0}" | sha256sum -c %setup -q -n node-v%{version} -%if 4 < 7 +%if 4 < 6 %patch1 -p1 +%endif +%if 4 < 7 %patch2 -p1 %endif %if 4 < 8 @@ -298,7 +300,7 @@ find %{buildroot}%{_libdir}/node_modules/npm -name "Makefile" -delete rm -rf %{buildroot}%{_libdir}/node_modules/npm/{test,scripts} find %{buildroot}%{_libdir}/node_modules/npm/node_modules -name "*.sh" -delete -find %{buildroot}%{_libdir}/node_modules/npm -name "src" -print0 | xargs -0 rm -rf -- +rm -rf %{buildroot}%{_libdir}/node_modules/npm/node_modules/node-gyp/src # remove examples/tests/benchmark stuff find %{buildroot}%{_libdir}/node_modules/npm/node_modules -name "example*" -print0 | xargs -0 rm -rf -- find %{buildroot}%{_libdir}/node_modules/npm/node_modules -name "test*" -print0 | xargs -0 rm -rf -- ++ node-gyp-addon-gypi.patch ++ --- /var/tmp/diff_new_pack.arTf0n/_old 2017-06-21 13:57:41.523134943 +0200 +++ /var/tmp/diff_new_pack.arTf0n/_new 2017-06-21 13:57:41.527134379 +0200 @@ -71,7 +71,7 @@ // this logic ported from the old `gyp_addon` python file var gyp_script = path.resolve(__dirname, '..', 'gyp', 'gyp_main.py') -var addon_gypi = path.resolve(__dirname, '..', 'addon.gypi') -+var addon_gypi_file = gyp.opts.target || gyp.opts.nodeDir ? 'addon.gypi' : 'addon-rpm.gypi' ++var addon_gypi_file = gyp.opts.target || gyp.opts.nodedir ? 'addon.gypi' : 'addon-rpm.gypi' +var addon_gypi = path.resolve(__dirname, '..', addon_gypi_file) var common_gypi = path.resolve(nodeDir, 'include/node/common.gypi') fs.stat(common_gypi, function (err, stat) {
commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2017-06-01 16:34:07 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Thu Jun 1 16:34:07 2017 rev:12 rq:500159 version:4.8.3 Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2017-05-27 13:16:50.620409925 +0200 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2017-06-01 16:34:12.186690718 +0200 @@ -1,0 +2,6 @@ +Tue May 30 12:45:42 UTC 2017 - adam.ma...@suse.de + +- 0f3e69db.patch, icu59.patch: GCC 7 compilation fixes for v8 + backported and add missing ICU59 headers (bnc#1041283) + +--- New: 0f3e69db.patch icu59.patch Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.5wMlij/_old 2017-06-01 16:34:13.650484231 +0200 +++ /var/tmp/diff_new_pack.5wMlij/_new 2017-06-01 16:34:13.654483667 +0200 @@ -89,6 +89,8 @@ ## UPSTREAM PATCHES HERE, if any Patch1: 8334.diff +Patch2: 0f3e69db.patch +Patch3: icu59.patch ## Our patches # PATCH-FIX-OPENSUSE -- set correct path for dtrace if it is built @@ -202,8 +204,12 @@ %prep echo "`grep node-v%{version}.tar.xz %{S:1} | head -n1 | cut -c1-64` %{S:0}" | sha256sum -c %setup -q -n node-v%{version} -%if 4 != 7 +%if 4 < 7 %patch1 -p1 +%patch2 -p1 +%endif +%if 4 < 8 +%patch3 -p1 %endif %patch101 -p1 %patch102 -p1 @@ -346,7 +352,7 @@ %{_bindir}/npm %{_libdir}/node_modules/npm %{_mandir}/man*/*npm*%{ext_man} -%{_mandir}/man5/package.json.5%{ext_man} +%{_mandir}/man5/package*.json.5%{ext_man} %{_mandir}/man7/semver.7%{ext_man} %files devel ++ 0f3e69db.patch ++ commit 0f3e69db41c2b6a1863f2454b028f3b3b28a9613 Author: Zuzana Svetlikova Date: Wed Apr 26 18:04:40 2017 +0200 v8: fix gcc 7 build errors Porting https://github.com/nodejs/node/pull/12392 to master Ref: https://github.com/nodejs/node/pull/12392 Fixes: https://github.com/nodejs/node/issues/10388 PR-URL: https://github.com/nodejs/node/pull/12676 Reviewed-By: Ben Noordhuis Reviewed-By: Anna Henningsen Index: node-v4.8.3/deps/v8/src/objects-inl.h === --- node-v4.8.3.orig/deps/v8/src/objects-inl.h +++ node-v4.8.3/deps/v8/src/objects-inl.h @@ -37,6 +37,27 @@ namespace v8 { namespace internal { +template +uint32_t HashTable::Hash(Key key) { + if (Shape::UsesSeed) { +return Shape::SeededHash(key, GetHeap()->HashSeed()); + } else { +return Shape::Hash(key); + } +} + + +template +uint32_t HashTable::HashForObject(Key key, + Object* object) { + if (Shape::UsesSeed) { +return Shape::SeededHashForObject(key, GetHeap()->HashSeed(), object); + } else { +return Shape::HashForObject(key, object); + } +} + + PropertyDetails::PropertyDetails(Smi* smi) { value_ = smi->value(); } Index: node-v4.8.3/deps/v8/src/objects.h === --- node-v4.8.3.orig/deps/v8/src/objects.h +++ node-v4.8.3/deps/v8/src/objects.h @@ -3045,22 +3045,10 @@ class HashTableBase : public FixedArray template class HashTable : public HashTableBase { public: - // Wrapper methods - inline uint32_t Hash(Key key) { -if (Shape::UsesSeed) { - return Shape::SeededHash(key, GetHeap()->HashSeed()); -} else { - return Shape::Hash(key); -} - } - - inline uint32_t HashForObject(Key key, Object* object) { -if (Shape::UsesSeed) { - return Shape::SeededHashForObject(key, GetHeap()->HashSeed(), object); -} else { - return Shape::HashForObject(key, object); -} - } + // Wrapper methods. Defined in src/objects-inl.h + // to break a cycle with src/heap/heap.h. + inline uint32_t Hash(Key key); + inline uint32_t HashForObject(Key key, Object* object); // Returns a new HashTable object. MUST_USE_RESULT static Handle New( ++ icu59.patch ++ Index: node-v4.8.3/deps/v8/src/runtime/runtime-i18n.cc === --- node-v4.8.3.orig/deps/v8/src/runtime/runtime-i18n.cc +++ node-v4.8.3/deps/v8/src/runtime/runtime-i18n.cc @@ -22,6 +22,7 @@ #include "unicode/dtfmtsym.h" #include "unicode/dtptngen.h" #include "unicode/locid.h" +#include "unicode/normlzr.h" #include "unicode/numfmt.h" #include "unicode/numsys.h" #include "unicode/rbbi.h" @@ -32,6 +33,7 @@ #include "unicode/ucurr.h" #include "unicode/uloc.h" #include "unicode/unum.h" +#include "unicode/ustring.h" #include "unicode/uversion.h"
commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2017-05-27 13:16:48 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Sat May 27 13:16:48 2017 rev:11 rq:497913 version:4.8.3 Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2017-04-11 09:46:29.193864343 +0200 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2017-05-27 13:16:50.620409925 +0200 @@ -1,0 +2,12 @@ +Tue May 23 09:54:05 UTC 2017 - adam.ma...@suse.de + +- New upstream LTS release 4.8.3 + * v8: trigger OOM crash if memory allocation fails + * src: fix base64 decoding in rare edgecase + * tls: ++ fix segfault on destroy after partial read ++ keep track of stream that is closed ++ TLSSocket emits 'error' on handshake failure +- nodejs-libpath.patch: updated + +--- Old: node-v4.8.2.tar.xz New: node-v4.8.3.tar.xz Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.dRRFiO/_old 2017-05-27 13:16:52.020212027 +0200 +++ /var/tmp/diff_new_pack.dRRFiO/_new 2017-05-27 13:16:52.020212027 +0200 @@ -26,7 +26,7 @@ ### Name: nodejs4 -Version:4.8.2 +Version:4.8.3 Release:0 %if 0%{?sles_version} == 11 @@ -262,6 +262,8 @@ %install make install DESTDIR=%{buildroot} %{?_smp_mflags} rm %{buildroot}%{_datadir}/doc/node/gdbinit +rm -f %{buildroot}%{_datadir}/doc/node/lldbinit +rm -f %{buildroot}%{_datadir}/doc/node/lldb_commands.py # npm man page rm -rf %{buildroot}%{_libdir}/node_modules/npm/man ++ SHASUMS256.txt ++ --- /var/tmp/diff_new_pack.dRRFiO/_old 2017-05-27 13:16:52.064205807 +0200 +++ /var/tmp/diff_new_pack.dRRFiO/_new 2017-05-27 13:16:52.064205807 +0200 @@ -1,39 +1,39 @@ -839e8ac8b30692000393172ba10e0d14057060751694c73276cecc03ec301152 node-v4.8.2-darwin-x64.tar.gz -44db1ea96242fc350e3f253e525c46217049ddff6acf0f273483657a0947d5c4 node-v4.8.2-darwin-x64.tar.xz -dbbf4f4f8b9253b39ffb26c8984865ddf25052c314c699799cbad78b728a1247 node-v4.8.2-headers.tar.gz -42d2320c5d42f45c8d71e0a6da87b2566b55e520eec1c3aca5bf16816546207a node-v4.8.2-headers.tar.xz -f12a9e347da6ffdac6598164831198714a6ef7e0587d10fce21e5312629f2ed8 node-v4.8.2-linux-arm64.tar.gz -963fe4b9355c1dcd4e0c5004978bb6b843c0b7e13f7b67e98d67baf4cf288275 node-v4.8.2-linux-arm64.tar.xz -d31a6808a7af5f50dc22de4983b2eae3379fde5e230fcdbc0edfbf788d4cc34a node-v4.8.2-linux-armv6l.tar.gz -212f27d2430bc6112782f04594a9a9143205926b4d7b15e3a5790fe1a46f30e3 node-v4.8.2-linux-armv6l.tar.xz -2fb743e3d980f851cd3d1e82f2a6c02fd69a9a4fcf696efc8365cad0e565506f node-v4.8.2-linux-armv7l.tar.gz -26a89c9e27a58c0ff7c59d2dc3ceba3c1f87201715126f00412e7f8195609cf6 node-v4.8.2-linux-armv7l.tar.xz -cd78e40c3a1699520e497aa22f4b52582232442eee04d2defa7db6a6859956ad node-v4.8.2-linux-ppc64le.tar.gz -ace83a9d71704caff18a81901eaedaca0c623e289f98fa88178ba80b0cd7a39c node-v4.8.2-linux-ppc64le.tar.xz -df8152c1df39e5d6fa38ecadd6c8d0fdb731a3602a9bd63eebc378d1b1ad5a1f node-v4.8.2-linux-ppc64.tar.gz -1d088bc87cba2ffae5696bf1e6432622afaaee5c9ec2da96302100b707a5af4b node-v4.8.2-linux-ppc64.tar.xz -150c468f67a84c343503864a037cb8f4decd375279f3c20afe7c4f21f7aa3164 node-v4.8.2-linux-x64.tar.gz -4d4a37f980bb2770c44d7123864650d0823bae696d7db09d9ed83028cab32fd3 node-v4.8.2-linux-x64.tar.xz -08d7b0db8ca5ad5579c7391efedc38d69ceac6de2bc3f6bb0d14fa0fe7ee5907 node-v4.8.2-linux-x86.tar.gz -69b20ac1d234f936bb9841262de177dd451cb5c8640005832242350dcd022486 node-v4.8.2-linux-x86.tar.xz -25606ccd44d634b3796806e4c534456b235310e9c3bdbd0afb3e1fb5d0214371 node-v4.8.2.pkg -ecd2b4a554681b38703d54f1c1c66f4410af0dcfb931ab37b082c1e5b6f062e6 node-v4.8.2-sunos-x64.tar.gz -ece0313949c6b8ba15e4797f4bce53612ae806306ea12a91b1f29f27ffbb3171 node-v4.8.2-sunos-x64.tar.xz -198009fbc858a8a4c1ee5b5d717d964c3e99de840fa541e195b16f1caeee2f3e node-v4.8.2-sunos-x86.tar.gz -9d0693c228bd7c45051a35b871e3d79253e138de46e380b61b546a3e2f1ab663 node-v4.8.2-sunos-x86.tar.xz -29dc51947b09f081263bf60f70525979e3f78efc21c68f108bc3c6c64d18b904 node-v4.8.2.tar.gz -b961350b8490c791bdd3663925662ba0fbe01e004b43f1c2779baffcc816b930 node-v4.8.2.tar.xz -39cf9694594e42f49cfe54de720575ecd3a32dd08f6b390f017283ddb84828e6 node-v4.8.2-win-x64.7z -fcd1233e3fab11859c96784e714d0a2256fa065ffdbce5bbc8fe55a2e8052a1e node-v4.8.2-win-x64.zip -48c360e9d6aac6c19267255c8df9ac510cf2f196ff0885d856eca4dc3ad861cd node-v4.8.2-win-x86.7z -23d7d0e5a3934b2183ce2c71d102417282a6f183774123558d408d117dd06e34 node-v4.8.2-win-x86.zip -f7a14975cdcf4eb76727
commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2017-04-11 09:46:25 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Tue Apr 11 09:46:25 2017 rev:10 rq:486388 version:4.8.2 Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2017-03-12 20:00:53.784106570 +0100 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2017-04-11 09:46:29.193864343 +0200 @@ -1,0 +2,22 @@ +Wed Apr 5 01:37:06 UTC 2017 - qantas94he...@gmail.com + +- New upstream maintenance release 4.8.2 + * crypto: fix memory leak if certificate is revoked (#12089) + +- Changes not applicable to openSUSE in 4.8.2: + * deps: upgrade zlib to 1.2.11 (#10980) + +- Changes in LTS release 4.8.1 + * buffer: The performance of .toJSON() is now up to 2859% faster +on average. + * IPC: Batched writes have been enabled for process IPC on +platforms that support Unix Domain Sockets. Performance gains +may be up to 40% for some workloads. + * http: Control characters are now always rejected when using +http.request(). + * node: Heap statistics now support values larger than 4GB. + +- Modify 8334.diff: + * Bring patch in line with upstream changes (#8334) + +--- Old: node-v4.8.0.tar.xz New: node-v4.8.2.tar.xz Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.RbiM1q/_old 2017-04-11 09:46:30.549672817 +0200 +++ /var/tmp/diff_new_pack.RbiM1q/_new 2017-04-11 09:46:30.553672252 +0200 @@ -26,7 +26,7 @@ ### Name: nodejs4 -Version:4.8.0 +Version:4.8.2 Release:0 %if 0%{?sles_version} == 11 ++ 8334.diff ++ --- /var/tmp/diff_new_pack.RbiM1q/_old 2017-04-11 09:46:30.573669427 +0200 +++ /var/tmp/diff_new_pack.RbiM1q/_new 2017-04-11 09:46:30.573669427 +0200 @@ -2,11 +2,11 @@ Author: Adam Majer Summary: add option to use system CA store -Index: node-v4.8.0/configure +Index: node-v4.8.1/configure === node-v4.8.0.orig/configure -+++ node-v4.8.0/configure -@@ -139,6 +139,11 @@ parser.add_option("--openssl-no-asm", +--- node-v4.8.1.orig/configure node-v4.8.1/configure +@@ -148,6 +148,11 @@ parser.add_option("--openssl-no-asm", dest="openssl_no_asm", help="Do not build optimized assembly for OpenSSL") @@ -18,7 +18,7 @@ parser.add_option('--openssl-fips', action='store', dest='openssl_fips', -@@ -890,6 +895,8 @@ def configure_openssl(o): +@@ -905,6 +910,8 @@ def configure_openssl(o): o['variables']['node_use_openssl'] = b(not options.without_ssl) o['variables']['node_shared_openssl'] = b(options.shared_openssl) o['variables']['openssl_no_asm'] = 1 if options.openssl_no_asm else 0 @@ -27,39 +27,22 @@ if options.openssl_fips: o['variables']['openssl_fips'] = options.openssl_fips fips_dir = os.path.join(root_dir, 'deps', 'openssl', 'fips') -Index: node-v4.8.0/src/node_crypto.cc +Index: node-v4.8.1/src/node_crypto.cc === node-v4.8.0.orig/src/node_crypto.cc -+++ node-v4.8.0/src/node_crypto.cc -@@ -797,6 +797,23 @@ void SecureContext::AddRootCerts(const F - CHECK_EQ(sc->ca_store_, nullptr); +--- node-v4.8.1.orig/src/node_crypto.cc node-v4.8.1/src/node_crypto.cc +@@ -725,10 +725,14 @@ static X509_STORE* NewRootCertStore() { + } - if (!root_cert_store) { + X509_STORE* store = X509_STORE_new(); +#if defined(NODE_OPENSSL_CERT_STORE) -+// *Assume* OpenSSL is setup correctly, which is the case -+// for distribution supplied versions. -+// -+// If this does not work, define SSL_CERT_DIR environment -+if (SSL_CTX_set_default_verify_paths(sc->ctx_)) { -+ root_cert_store = SSL_CTX_get_cert_store(sc->ctx_); -+ // root_cert_store created here is already assigned to the SSL_CTX -+ // so when it is assigned again below, the reference is dropped by 1 -+ // and then we will delete root store with the SSL_CTX deletion. -+ // Increase references to 2 to avoid this scenario. -+ CRYPTO_add(&root_cert_store->references, 1, CRYPTO_LOCK_X509_STORE); -+} else { -+ // failed to load, default to nothing -+ root_cert_store = X509_STORE_new(); -+} -+#else /* Use supplied certificates */ - root_cert_store = X509_STORE_new(); ++ X509_STORE_set_default_paths(store); ++#else + for (auto& cert : *root_certs_vector) { + X509_up_ref(cert); + X509_STORE_add_cert(store, cert); + }
commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2017-03-12 20:00:48 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Sun Mar 12 20:00:48 2017 rev:9 rq:476975 version:4.8.0 Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2017-02-25 00:52:31.41334 +0100 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2017-03-12 20:00:53.784106570 +0100 @@ -1,0 +2,14 @@ +Sun Feb 26 03:00:33 UTC 2017 - qantas94he...@gmail.com + +- New upstream LTS release 4.8.0 + * child_process: add shell option to spawn() + * crypto: add ALPN Support + * crypto: allow adding extra certs to well-known CAs + * deps/v8: expose statistics about heap spaces + * fs: add the fs.mkdtemp() function + * process: add process.memoryUsage().external + * process: add process.cpuUsage() +- Modify 8334.diff: + * Remove merged reference counting code (#9409) + +--- Old: node-v4.7.3.tar.xz New: node-v4.8.0.tar.xz Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.k2nE6V/_old 2017-03-12 20:00:54.915946416 +0100 +++ /var/tmp/diff_new_pack.k2nE6V/_new 2017-03-12 20:00:54.915946416 +0100 @@ -26,7 +26,7 @@ ### Name: nodejs4 -Version:4.7.3 +Version:4.8.0 Release:0 %if 0%{?sles_version} == 11 ++ 8334.diff ++ --- /var/tmp/diff_new_pack.k2nE6V/_old 2017-03-12 20:00:54.939943021 +0100 +++ /var/tmp/diff_new_pack.k2nE6V/_new 2017-03-12 20:00:54.939943021 +0100 @@ -2,40 +2,40 @@ Author: Adam Majer Summary: add option to use system CA store -Index: node-v6.9.0/configure +Index: node-v4.8.0/configure === node-v6.9.0.orig/configure -+++ node-v6.9.0/configure -@@ -187,6 +187,11 @@ shared_optgroup.add_option('--shared-ope - dest='shared_openssl_libpath', - help='a directory to search for the shared OpenSSL DLLs') +--- node-v4.8.0.orig/configure node-v4.8.0/configure +@@ -139,6 +139,11 @@ parser.add_option("--openssl-no-asm", + dest="openssl_no_asm", + help="Do not build optimized assembly for OpenSSL") -+shared_optgroup.add_option('--openssl-use-def-ca-store', ++parser.add_option('--openssl-use-def-ca-store', +action='store_true', -+dest='use_system_ca_store', -+help='use system supplied Root CA store instead of bundled copy') ++dest='use_openssl_ca_store', ++help='Use OpenSSL supplied CA store instead of compiled-in Mozilla CA copy.') + - shared_optgroup.add_option('--shared-zlib', - action='store_true', - dest='shared_zlib', -@@ -905,6 +910,8 @@ def configure_openssl(o): + parser.add_option('--openssl-fips', + action='store', + dest='openssl_fips', +@@ -890,6 +895,8 @@ def configure_openssl(o): o['variables']['node_use_openssl'] = b(not options.without_ssl) o['variables']['node_shared_openssl'] = b(options.shared_openssl) o['variables']['openssl_no_asm'] = 1 if options.openssl_no_asm else 0 -+ if options.use_system_ca_store: -+o['defines'] += ['NODE_SYSTEM_CERT_STORE'] ++ if options.use_openssl_ca_store: ++o['defines'] += ['NODE_OPENSSL_CERT_STORE'] if options.openssl_fips: o['variables']['openssl_fips'] = options.openssl_fips fips_dir = os.path.join(root_dir, 'deps', 'openssl', 'fips') -Index: node-v6.9.0/src/node_crypto.cc +Index: node-v4.8.0/src/node_crypto.cc === node-v6.9.0.orig/src/node_crypto.cc -+++ node-v6.9.0/src/node_crypto.cc -@@ -751,6 +751,23 @@ void SecureContext::AddRootCerts(const F +--- node-v4.8.0.orig/src/node_crypto.cc node-v4.8.0/src/node_crypto.cc +@@ -797,6 +797,23 @@ void SecureContext::AddRootCerts(const F CHECK_EQ(sc->ca_store_, nullptr); if (!root_cert_store) { -+#if defined(NODE_SYSTEM_CERT_STORE) ++#if defined(NODE_OPENSSL_CERT_STORE) +// *Assume* OpenSSL is setup correctly, which is the case +// for distribution supplied versions. +// @@ -55,34 +55,11 @@ root_cert_store = X509_STORE_new(); for (size_t i = 0; i < arraysize(root_certs); i++) { -@@ -770,9 +787,12 @@ void SecureContext::AddRootCerts(const F +@@ -816,6 +833,7 @@ void SecureContext::AddRootCerts(const F BIO_free_all(bp); X509_free(x509); } -+#endif // defined(USE_SYSTEM_CERTIFICATE_STORE) - } ++#endif // defined(NODE_OPENSSL_CERT_STORE) - sc->ca_store_ = root_cert_store; -+ // increment reference count so global store is not deleted alon
commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2017-02-25 00:52:29 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2017-01-10 10:47:29.849404059 +0100 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2017-02-25 00:52:31.41334 +0100 @@ -1,0 +2,16 @@ +Fri Feb 3 12:30:12 UTC 2017 - adam.ma...@suse.de + +- New upstream LTS release 4.7.3 + * deps: upgrade openssl sources to 1.0.2k +(CVE-2017-3731, CVE-2017-3732, CVE-2016-7055, + bnc#1022085, bnc#1022086, bnc#1009528) +- No changes in LTS version 4.7.2 +- Adjusted 8334.diff to be inline with accepted changes +- Merge nodejs4.changes from SLE and devel project + +--- +Fri Jan 6 08:25:14 UTC 2017 - qantas94he...@gmail.com + +- Add basic check that Node.js loads successfully to spec file + +--- @@ -62,0 +79,7 @@ +Tue Nov 8 14:03:01 UTC 2016 - adam.ma...@suse.de + +- npm4 should provide versioned nodejs-npm and npm allowing + nodejs-packaging to continue to function properly in Leap 42.2 + (bnc #1009011) + +--- @@ -66,2 +89,8 @@ - * c-ares: -+ CVE-2016-5180: fix for single-byte buffer overwrite + * c-ares: fix for single-byte buffer overwrite, CVE-2016-5180 +more information at https://c-ares.haxx.se/adv_20160929.html +(bnc #1007728) + +--- +Tue Oct 4 14:25:04 UTC 2016 - adam.ma...@suse.de + +- npm4 now provides nodejs-npm to ease upgrades for Leap @@ -70 +99 @@ -Wed Sep 28 08:37:49 UTC 2016 - adam.ma...@suse.de +Thu Sep 29 08:52:25 UTC 2016 - adam.ma...@suse.de @@ -93 +122 @@ -- New upstream LTS version 4.5.0 +- New upstream LTS version 4.5.0 (bnc#997405) Old: node-v4.7.1.tar.xz New: node-v4.7.3.tar.xz Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.LdkFb0/_old 2017-02-25 00:52:33.193726613 +0100 +++ /var/tmp/diff_new_pack.LdkFb0/_new 2017-02-25 00:52:33.193726613 +0100 @@ -26,7 +26,7 @@ ### Name: nodejs4 -Version:4.7.1 +Version:4.7.3 Release:0 %if 0%{?sles_version} == 11 @@ -88,7 +88,8 @@ Source3:nodejs.keyring ## UPSTREAM PATCHES HERE, if any -Patch1: https://patch-diff.githubusercontent.com/raw/nodejs/node/pull/8334.diff +Patch1: 8334.diff + ## Our patches # PATCH-FIX-OPENSUSE -- set correct path for dtrace if it is built Patch101: nodejs-libpath.patch @@ -201,7 +202,9 @@ %prep echo "`grep node-v%{version}.tar.xz %{S:1} | head -n1 | cut -c1-64` %{S:0}" | sha256sum -c %setup -q -n node-v%{version} +%if 4 != 7 %patch1 -p1 +%endif %patch101 -p1 %patch102 -p1 # Add check_output to configure script (not part of Python 2.6 in SLE11). @@ -252,7 +255,7 @@ --gdb \ %endif --without-dtrace \ ---use-def-ca-store +--openssl-use-def-ca-store make %{?_smp_mflags} @@ -322,6 +325,10 @@ %fdupes %{buildroot}%{_includedir}/node %fdupes %{buildroot}%{_mandir}/man5 +# Check that Node.js isn't completely broken. +%check +%{buildroot}%{_bindir}/node -e 'require("assert").strictEqual(process.versions.node, "%{version}");' + %files %defattr(-, root, root) %doc AUTHORS LICENSE *.md ++ 8334.diff ++ --- /var/tmp/diff_new_pack.LdkFb0/_old 2017-02-25 00:52:33.213723544 +0100 +++ /var/tmp/diff_new_pack.LdkFb0/_new 2017-02-25 00:52:33.213723544 +0100 @@ -10,7 +10,7 @@ dest='shared_openssl_libpath', help='a directory to search for the shared OpenSSL DLLs') -+shared_optgroup.add_option('--use-def-ca-store', ++shared_optgroup.add_option('--openssl-use-def-ca-store', +action='store_true', +dest='use_system_ca_store', +help='use system supplied Root CA store instead of bundled copy') ++ SHASUMS256.txt ++ --- /var/tmp/diff_new_pack.LdkFb0/_old 2017-02-25 00:52:33.233720475 +0100 +++ /var/tmp/diff_new_pack.LdkFb0/_new 2017-02-25 00:52:33.233720475 +0100 @@ -1,37 +1,39 @@ -1341d2a535f2c92d87607e94ef4389ce365769c5c582da93604ba0328e59c620 node-v4.7.1-darwin-x64.tar.gz -2cb9fcb62e99296005bf5fbc6f691eeb77a298730e75ab96d4d50578fdf412f8 node-v4.7.1-darwin-x64.tar.xz -7eb5c43e61eb70115792ead0a1b4b66d4afe5f2a040214e7c2753cbd09113093 node-v4.7.1-headers.tar.gz -ce4e3573c3705ab24545476f3c3c73c3c59bbcd4d0096e071c1fba11d60ba8e5 node-v4.7.1-headers.tar.xz -b0a7b4addbcfbeedb442ea7b88d7f4ff8aef50
commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2016-12-06 14:27:20 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2016-12-02 16:42:24.0 +0100 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2016-12-06 14:27:23.0 +0100 @@ -1,0 +2,16 @@ +Thu Dec 1 02:48:44 UTC 2016 - qantas94he...@gmail.com + +- New upstream LTS version 4.6.2 + * build: ++ It is now possible to build the documentation from the release tarball. + * buffer: ++ Buffer.alloc() will no longer incorrectly return a zero filled buffer + when an encoding is passed. + * deps: ++ Upgrade npm in LTS to 2.15.11. + * repl: ++ Enable tab completion for global properties. + * url: ++ url.format() will now encode all "#" in search. + +--- Old: node-v4.6.1.tar.xz New: node-v4.6.2.tar.xz Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.DvPrUl/_old 2016-12-06 14:27:25.0 +0100 +++ /var/tmp/diff_new_pack.DvPrUl/_new 2016-12-06 14:27:25.0 +0100 @@ -26,7 +26,7 @@ ### Name: nodejs4 -Version:4.6.1 +Version:4.6.2 Release:0 %if 0%{?sles_version} == 11 @@ -132,7 +132,7 @@ BuildRequires: pkgconfig(icu-i18n) >= 52 %endif -Recommends: npm(npm) = 2.15.9 +Recommends: npm(npm) = 2.15.11 #we need ABI virtual provides where SONAMEs aren't enough/not present so deps #break when binary compatibility is broken @@ -180,7 +180,7 @@ Provides: nodejs-npm = %{version} Obsoletes: nodejs-npm < 5.3.1 Provides: npm = %{version} -Provides: npm(npm) = 2.15.9 +Provides: npm(npm) = 2.15.11 Conflicts: otherproviders(npm) %description -n npm4 ++ SHASUMS256.txt ++ --- /var/tmp/diff_new_pack.DvPrUl/_old 2016-12-06 14:27:25.0 +0100 +++ /var/tmp/diff_new_pack.DvPrUl/_new 2016-12-06 14:27:25.0 +0100 @@ -1,39 +1,37 @@ -e5929de3a963f9a75c5923c9c222cde401e03c4b4991ec9281bf81f878f482ff node-v4.6.1-darwin-x64.tar.gz -18252a9261477296975317c11ee5d21c3847df0f6e4b25e210373fd839a77984 node-v4.6.1-darwin-x64.tar.xz -58ce23125a049f0098693f8c48c431d54906586007c1a8b899add656a4e5a2fe node-v4.6.1-headers.tar.gz -7d0e7ad37175695b35c6f6761dbc5f0e3beb777f8ad5943563100efed1c0b43d node-v4.6.1-headers.tar.xz -439a4261c13644dee42d8f5ff6a6fc7974a5c5bb169f6c79cc5852b50298a1c4 node-v4.6.1-linux-arm64.tar.gz -a8952908de2933f6702ac85e2f12ea0443ac7459176624546565ea74d2492560 node-v4.6.1-linux-arm64.tar.xz -a66310bd045260f3c1d55bbafe7bbd6477004882f8b7ef63da0b79ed3d2b9ec4 node-v4.6.1-linux-armv6l.tar.gz -8883c105c0e192ba41d882ac459a5f025a205f7d5799369f2f54c71ce84fb1f2 node-v4.6.1-linux-armv6l.tar.xz -b6883d8d3daf121c6fffcd8546747105ca46ae8b1214d2fb6f3640a8aef0879c node-v4.6.1-linux-armv7l.tar.gz -3cd0d522ddcedd22110b0cd698c5babc3b11b3be378e79570010f6708ee9714f node-v4.6.1-linux-armv7l.tar.xz -1c66dd602d5ac022560eb7f2cb8c1be63d7a0d9e32f8f67c0bd7d84fce7179e5 node-v4.6.1-linux-ppc64le.tar.gz -ed99067c35d478d5667789298cbd0a645c88f9be291091ae9d868ccc12e8e833 node-v4.6.1-linux-ppc64le.tar.xz -297a458edf5f0f274e8bba96dcb8cb975e47a802401087a17ba20f550fa85785 node-v4.6.1-linux-ppc64.tar.gz -84e0e9d8930cc6a6c8f519a802ad7a28f33298d71ba59e8f8a5eead5233c0030 node-v4.6.1-linux-ppc64.tar.xz -033243d4ddffd67856c9ccfb512b0d1980e8d1373554bc328472b21bc5de7675 node-v4.6.1-linux-x64.tar.gz -cafa6e4bc66e3b8047f927c6cd3549398b9c11a94c73c9d0b9fc330e85e9697b node-v4.6.1-linux-x64.tar.xz -16e0216d35ed1f81ac9a40081fa6f9b28e63dcbb38b316956dc1badd8b4bcfa7 node-v4.6.1-linux-x86.tar.gz -ddbfd6729538da959c181b1860dd6bfbee927c5f0c3b9007881006f19f58 node-v4.6.1-linux-x86.tar.xz -ccf029983486ba15394bd7cf4dd23b19cd371ec58f58d60897e72d156556e8c2 node-v4.6.1.pkg -892b86782c240b1886b4b655ca266425164e928b18c75e3d3f6960172a34cedf node-v4.6.1-sunos-x64.tar.gz -1a0d8ae76ef9c03c24bf8a46abe8e1c334be97ccec4a7b4e40ed6e3db899 node-v4.6.1-sunos-x64.tar.xz -f87490f0764b6c0a88e3e90e2ee14eb8b67dad0245a7b20fcc4e5fe1e75d3ec9 node-v4.6.1-sunos-x86.tar.gz -3047a3ee63e8bd3fd2275daf2e9bb9be028009394751fb96b0c79f74c3cedb9c node-v4.6.1-sunos-x86.tar.xz -b8ca4db42c5a1fed95baf6996ff776db3c95ad2bcf73c7aed2f1f921a1225de3 node-v4.6.1.tar.gz -fe2a85df8758001878abb5bbaf17a6b6cdc12b3e465b1d3bace83b37fdf0345a node-v4.6.1.tar.xz -8a9739e505244f382d8a045464cff1c92a10977351138e7972bd3349bb4e9106 node-v4.6.1-win-x64.7z -f576f2dacc426
commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2016-12-02 16:42:23 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2016-10-23 12:51:38.0 +0200 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2016-12-02 16:42:24.0 +0100 @@ -1,0 +2,15 @@ +Wed Nov 23 09:00:40 UTC 2016 - adam.ma...@suse.de + +- Add missing conflicts to base package. It's not possible to have + concurrent nodejs installations. + +--- +Fri Nov 18 11:59:06 UTC 2016 - adam.ma...@suse.de + +- Package unification across various branches of NodeJS. Package + for 4.x, 6.x and current (7.x) branches of NodeJS are now + handled via GitHub repository. +- remove support-arm64-build.patch: no longer required +- remove nodejs-libpath64.patch: obsolete + +--- Old: SHASUMS256.txt.asc nodejs-libpath64.patch nodejs4.keyring support-arm64-build.patch New: SHASUMS256.txt.sig nodejs.keyring Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.i8BUiY/_old 2016-12-02 16:42:26.0 +0100 +++ /var/tmp/diff_new_pack.i8BUiY/_new 2016-12-02 16:42:26.0 +0100 @@ -16,77 +16,123 @@ # +### +# +# WARNING! WARNING! WARNING! WARNING! WARNING! WARNING! +# +# This spec file is generated from a template hosted at +# https://github.com/AdamMajer/nodejs-packaging +# +### + Name: nodejs4 Version:4.6.1 Release:0 -%define npm_version 2.15.9 -%define major_version 4 + +%if 0%{?sles_version} == 11 +%define _libexecdir %{_exec_prefix}/lib +%endif + +# Only Leap 42.2+, SLE 12 SP2+ and Tumbleweed have OpenSSL 1.0.2. %if 0%{?suse_version} > 1320 || 0%{?sle_version} >= 120200 %bcond_withintree_openssl %else %bcond_without intree_openssl %endif -%ifarch aarch64 ppc ppc64 ppc64le s390x +%if 0 +%bcond_withintree_cares +%else +%bcond_without intree_cares +%endif + +%if 0%{?suse_version} >= 1200 +%bcond_withintree_icu +%else +%bcond_without intree_icu +%endif + +%ifarch aarch64 ppc ppc64 ppc64le s390 s390x %bcond_withgdb %else %bcond_without gdb %endif -%ifarch aarch64 # No binutils_gold on SLE12 +# No binutils_gold on SLE12 (aarch64). +%ifarch aarch64 + %if 0%{?sle_version} >= 120100 || 0%{?is_opensuse} %bcond_without binutils_gold %else %bcond_withbinutils_gold %endif -%else # other arch + +%else # aarch64 + +# No binutils_gold on s390x. +%ifarch s390x s390 +%bcond_withbinutils_gold +%else %bcond_without binutils_gold -%endif -# +%endif # s390x s390 + +%endif # aarch64 + Summary:Evented I/O for V8 JavaScript License:MIT Group: Development/Languages/NodeJS -Url:http://www.nodejs.org -Source: http://nodejs.org/dist/v%{version}/node-v%{version}.tar.xz -Source1:https://nodejs.org/dist/v%{version}/SHASUMS256.txt.asc -Source2:nodejs4.keyring -# dummy file so GPG check is run vs. embedded signature of the actual checksum file -Source3:SHASUMS256.txt +Url:https://nodejs.org +Source: https://nodejs.org/dist/v%{version}/node-v%{version}.tar.xz +Source1:https://nodejs.org/dist/v%{version}/SHASUMS256.txt +Source2:https://nodejs.org/dist/v%{version}/SHASUMS256.txt.sig +Source3:nodejs.keyring + ## UPSTREAM PATCHES HERE, if any Patch1: https://patch-diff.githubusercontent.com/raw/nodejs/node/pull/8334.diff ## Our patches -Patch101: support-arm64-build.patch -Patch102: nodejs-libpath.patch -Patch103: nodejs-libpath64.patch -# PATCH-FIX-UPSTREAM use custom addon.gypi by default instead of +# PATCH-FIX-OPENSUSE -- set correct path for dtrace if it is built +Patch101: nodejs-libpath.patch +# PATCH-FIX-UPSTREAM -- use custom addon.gypi by default instead of # downloading node source -Patch104: node-gyp-addon-gypi.patch -# PATCH-FIX-SLES python 2.6 doesn't include the check_output method -# used in the configure, we need to patch it into the script -Patch105: nodejs-sle11-python26-check_output.patch -Patch106: npm_search_paths.patch +Patch102: node-gyp-addon-gypi.patch +# PATCH-FIX-SLE -- configure script uses Python check_output method +# which isn't included in Python 2.6 (used in SLE 11). +Patch103: nodejs-sle11-python26-check_output.patch +# PATCH-FIX-OPENSUSE -- install user
commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2016-10-23 12:51:34 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2016-09-30 15:35:10.0 +0200 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2016-10-23 12:51:38.0 +0200 @@ -1,0 +2,7 @@ +Wed Oct 19 08:16:38 UTC 2016 - qantas94he...@gmail.com + +- New upstream LTS version 4.6.1 + * c-ares: ++ CVE-2016-5180: fix for single-byte buffer overwrite + +--- Old: node-v4.6.0.tar.xz New: node-v4.6.1.tar.xz Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.YX05KR/_old 2016-10-23 12:51:39.0 +0200 +++ /var/tmp/diff_new_pack.YX05KR/_new 2016-10-23 12:51:39.0 +0200 @@ -17,7 +17,7 @@ Name: nodejs4 -Version:4.6.0 +Version:4.6.1 Release:0 %define npm_version 2.15.9 %define major_version 4 @@ -77,7 +77,7 @@ BuildRequires: gcc-c++ %endif %if ! %{with intree_openssl} -BuildRequires: openssl-devel +BuildRequires: openssl-devel >= 1.0.2 %endif BuildRequires: pkg-config BuildRequires: procps ++ SHASUMS256.txt.asc ++ --- /var/tmp/diff_new_pack.YX05KR/_old 2016-10-23 12:51:39.0 +0200 +++ /var/tmp/diff_new_pack.YX05KR/_new 2016-10-23 12:51:39.0 +0200 @@ -1,52 +1,53 @@ -BEGIN PGP SIGNED MESSAGE- -Hash: SHA1 +Hash: SHA256 -525ab42c767525edb7e512c600dedb20d826a6f58e1d6d1b774651a1c782a267 node-v4.6.0-darwin-x64.tar.gz -3c728c25b541fd8b88826568e7867098658df7c45d2389b60877c093a9803bd0 node-v4.6.0-darwin-x64.tar.xz -5eb4b4324d72297066b4b8c91d0b1e7c82cabde9986c986682be66202f37176b node-v4.6.0-headers.tar.gz -862ce573bcfd592ea0c24861c0097bd23ca842d263e03f5dfa1ce08be888f20f node-v4.6.0-headers.tar.xz -bf03e7384b727bc80c0c59cf38ba5704d83faa7f455f40fa62a67c8331dde7d6 node-v4.6.0-linux-arm64.tar.gz -7683e664b648c4ec3f86935f4b4f9fbf56f19d171e1e29d5adf687fc4c392b5b node-v4.6.0-linux-arm64.tar.xz -e7db1c612eb9dd55e3ff246bfa7c35f0b87664e6e2bc7b32891de8cc1e48f5a7 node-v4.6.0-linux-armv6l.tar.gz -766d10a73886bbe1a3abd4b78563a825408cab7e116e590f1bbdc9b88cc3aa09 node-v4.6.0-linux-armv6l.tar.xz -9e46082bef5b521afd483532c8d3715f33d1d4302b7980b904bea3182817275f node-v4.6.0-linux-armv7l.tar.gz -def976771b4a2a4488b87a06c8295ffea55671f7f42df13e3718341d28bf2d40 node-v4.6.0-linux-armv7l.tar.xz -2aa9518ea637cc06877a01c40d4608cf9a7f1588000cf3e550e4ab24c170aee6 node-v4.6.0-linux-ppc64le.tar.gz -b06c39da4fae47e2d204cae183425a3a77849944c5be47c5807f4f08cef51f64 node-v4.6.0-linux-ppc64le.tar.xz -ee77fb6a1dfbe166c9faee25b4f110af25723c64b0abcb9085507b8445fa2e7b node-v4.6.0-linux-ppc64.tar.gz -e35955a846c1082e1681fdcbf488a66e43f56fb0aa7205b86a4aa0ce69dfb1eb node-v4.6.0-linux-ppc64.tar.xz -acf08148cecf245f28126122ac9128ff9909f00938b18d80fc0b92648d1c98a8 node-v4.6.0-linux-x64.tar.gz -a77ceb75a05984153304ad0f09b11d234ca54a67714ba575b52e4298df0343d1 node-v4.6.0-linux-x64.tar.xz -9aab75618de0dca640d747aa25073cbb5a01342dd8aa177df8112e26a39541f4 node-v4.6.0-linux-x86.tar.gz -8994ee2c180a97fc4280bfb390444a4bcb2629290aa8243e7ab6271efab593f4 node-v4.6.0-linux-x86.tar.xz -0359c50c5d7e887c7f17d7ea4f42b1776ac8df263c6471bf8054b5c9f3d42a67 node-v4.6.0.pkg -e9a02da71d0cd6a1874f4a7d227dfcbe6ab9492eba419b5c9a83c8c95065195f node-v4.6.0-sunos-x64.tar.gz -8ea3d2887b4850fb92f75573f30bbb257b7cd11f71cda12becc34868c535acf8 node-v4.6.0-sunos-x64.tar.xz -f8536a25629ef1ad3228b2d712e2fa43bf66980673d3cdf469da37c0407e9633 node-v4.6.0-sunos-x86.tar.gz -5750a8256356f43c6b80854b7c6ce46d6933e64cf5f2efecdf4841e4fe582a28 node-v4.6.0-sunos-x86.tar.xz -0838f12e329edb252e6e6baddca85632bf5ff2ec900e737e88f9bf9b38946b1b node-v4.6.0.tar.gz -42910dbd34e49bfc40580e06753947c30d31101455a38e9f0343a23d67c0c694 node-v4.6.0.tar.xz -0c6509c13cfa9795f08b9bf694383de7e4d93cde14a9e8979a92f21736e19498 node-v4.6.0-win-x64.7z -0782bd50251c2a159fba5b874c56fb4a6680f454cc16892cee8e62d17b7d6f60 node-v4.6.0-win-x64.zip -413f98f2b765fe862ff6971724c3f265dbfe5a2cb865dd1894b4447426542c91 node-v4.6.0-win-x86.7z -13a5dcb90a8397f62c55945b65cb1c7b9d7576af3cbfc8d9cb67f72edcf68201 node-v4.6.0-win-x86.zip -80926b2df6e7efc8adda2e1fcb6328b99fe878d728cf93f39b0c710adc1bcb35 node-v4.6.0-x64.msi -5f91bf57512c1fa96d016c8f6236c689998ed926faa13aaf2170154342ca915a node-v4.6.0-x86.msi -7564472c672e729a724ffe890ba06ec318c9e311684516a25a47b3f1e549504e win-x64/node.exe -24178152fc3a99b9b83a1620897c5624cb7e0ba0544da38e18ca0cde807435d4 win-x64/node.lib -44
commit nodejs4 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs4 for openSUSE:Factory checked in at 2016-09-30 15:34:53 Comparing /work/SRC/openSUSE:Factory/nodejs4 (Old) and /work/SRC/openSUSE:Factory/.nodejs4.new (New) Package is "nodejs4" Changes: --- /work/SRC/openSUSE:Factory/nodejs4/nodejs4.changes 2016-09-23 11:34:15.0 +0200 +++ /work/SRC/openSUSE:Factory/.nodejs4.new/nodejs4.changes 2016-09-30 15:35:10.0 +0200 @@ -1,0 +2,21 @@ +Wed Sep 28 08:37:49 UTC 2016 - adam.ma...@suse.de + +- enable usage of system certificate store on SLE11SP4 by + requiring openssl1 (boo#136) +- nodejs-libpath.patch: + * adapt patch from main nodejs project so it builds on SLE11 +- New upstream LTS version 4.6.0 + * openssl update (not applicable for SLE12SP2, Leap 42.2 and later) ++ upgrade to 1.0.2j (CVE-2016-6304, CVE-2016-2183, CVE-2016-2178, + CVE-2016-6306, CVE-2016-7052) ++ remove support for dynamic 3rd party engine modules + * http: Properly validate for allowable characters in input + user data. This introduces a new case where throw may occur + when configuring HTTP responses, users should already + be adopting try/catch here. (CVE-2016-5325, bnc#985201) + * tls: properly validate wildcard certificates + (CVE-2016-7099, bnc#1001652) + * buffer: Zero-fill excess bytes in new Buffer objects created + with Buffer.concat() + +--- Old: node-v4.5.0.tar.xz New: node-v4.6.0.tar.xz Other differences: -- ++ nodejs4.spec ++ --- /var/tmp/diff_new_pack.wZlDxi/_old 2016-09-30 15:35:13.0 +0200 +++ /var/tmp/diff_new_pack.wZlDxi/_new 2016-09-30 15:35:13.0 +0200 @@ -1,5 +1,5 @@ # -# spec file for package nodejs +# spec file for package nodejs4 # # Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # @@ -15,8 +15,9 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + Name: nodejs4 -Version:4.5.0 +Version:4.6.0 Release:0 %define npm_version 2.15.9 %define major_version 4 @@ -95,6 +96,13 @@ #this corresponds to the "engine" requirement in package.json Provides: nodejs(engine) = %{version} +# For SLE11, to be able to use the certificate store we need to have properly +# symlinked certificates. The compatability symlinks are provided by the +# openssl1 library in the Security Module +%if 0%{suse_version} == 1110 +Requires: openssl1 +%endif + #building nodejs makes sense only on v8 archs ExclusiveArch: %{ix86} x86_64 armv7hl aarch64 ppc ppc64 ppc64le BuildRoot: %{_tmppath}/%{name}-%{version}-build ++ SHASUMS256.txt.asc ++ --- /var/tmp/diff_new_pack.wZlDxi/_old 2016-09-30 15:35:13.0 +0200 +++ /var/tmp/diff_new_pack.wZlDxi/_new 2016-09-30 15:35:13.0 +0200 @@ -1,52 +1,52 @@ -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 -d171f0c859e3895b2430c317001b817866c4de45211ad540c59658ee6a2f689f node-v4.5.0-darwin-x64.tar.gz -61b570d0744bed2725a4d64ab28f641acb1206fee8760035df36f8ee63e54da3 node-v4.5.0-darwin-x64.tar.xz -12ee966eef2abc928f6d7fcf9cfcf2913ef0e59ae07e2dcc20726246ab174fd8 node-v4.5.0-headers.tar.gz -7a83d8e11089c16824dfcd82ca3f5cb9f727545a39f7138d034b67ed95fb922c node-v4.5.0-headers.tar.xz -ecdbb3cb55d0a87aeb10334b47310f1823393abe6273f1ce7c97bcb509051e68 node-v4.5.0-linux-arm64.tar.gz -9034e67629e1912d6dc0632627528565d9e412c6eba410d171f9fd80f700f84f node-v4.5.0-linux-arm64.tar.xz -87c6fb8269475d385a9b923c647890def45079f8e30b55c4737d70558fd36418 node-v4.5.0-linux-armv6l.tar.gz -bc3e33872b009e18f084efb9a595cc12cf8314df125ce80c2e8bde1c2213b5f1 node-v4.5.0-linux-armv6l.tar.xz -99d222ede2f38041c55a64da8e6a669e0128cfb40d40f968cae74d80e52ad566 node-v4.5.0-linux-armv7l.tar.gz -c01482d423b646542ba037cb5ce646cb26518aa2dc9f7728520e7ac1247932b3 node-v4.5.0-linux-armv7l.tar.xz -a517a56b5550567225c6820f99e44fc84ac9953e2fe9db67f3bab7a8d7661e9f node-v4.5.0-linux-ppc64le.tar.gz -e01cb29c51f05dd56e15e0a25918fe4a2ad10cf4b83c4eee89fb0a3598728e50 node-v4.5.0-linux-ppc64le.tar.xz -46bebb806e4e8273e66e02faf5f25145f5351958bda75d9aa49bee9df7ccafec node-v4.5.0-linux-ppc64.tar.gz -f910ffa6ff0dbe32d2e3dea7e73b4f83c37f8a7a0d4078d53f3d3b426e30a8cf node-v4.5.0-linux-ppc64.tar.xz -5678ad94ee35e40fc3a2c545e136a0dc946ac4c039fca5898e1ea51ecf9e7c39 node-v4.5.0-linux-x64.tar.gz -c6ee1f4303353e3605ff70de180431417eb594fe08daf612e692216236750c55 node-v4.5.0-linux-x64.tar.xz -a11ef26fa700eff8ea7acfa491fd362dd362590da2967335d87932e7036a06fd node-v4.5.0-linux-x86.tar.gz -0f5e51d913867eaf71332cd20fd9a98aeb3576b8a22a52e8e1cd97c89cf51feb node-v4.5.0-linux-x86.tar.xz -370b65e6cd27943afc18e517f8