commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2020-02-14 16:23:19
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new.26092 (New)
Package is "nodejs8"
Fri Feb 14 16:23:19 2020 rev:31 rq:773450 version:8.17.0
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2020-01-20
22:48:56.579193446 +0100
+++ /work/SRC/openSUSE:Factory/.nodejs8.new.26092/nodejs8.changes
2020-02-14 16:23:24.427126578 +0100
@@ -1,0 +2,13 @@
+Fri Feb 7 14:54:56 UTC 2020 - Adam Majer
+
+- CVE-2019-15604.patch: fixes a remotely triggerable assertion
+ on a TLS server via a crafted certificate string
+ (CVE-2019-15604, bsc#1163104)
+
+- CVE-2019-15605.patch: fixes an HTTP request smuggling vulnerability
+ via malformed Transfer-Encoding header (CVE-2019-15605, bsc#1163102)
+
+- CVE-2019-15606.patch: trim HTTP header values of optional
+ white space (CVE-2019-15606, bsc#1163103)
+
+---
New:
CVE-2019-15604.patch
CVE-2019-15605.patch
CVE-2019-15606.patch
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.nGCB0g/_old 2020-02-14 16:23:25.075126930 +0100
+++ /var/tmp/diff_new_pack.nGCB0g/_new 2020-02-14 16:23:25.075126930 +0100
@@ -1,7 +1,7 @@
#
# spec file for package nodejs8
#
-# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -133,6 +133,10 @@
Patch32:fix_build_with_openssl_1.1.1d.patch
+Patch33:CVE-2019-15606.patch
+Patch34:CVE-2019-15604.patch
+Patch35:CVE-2019-15605.patch
+
## Patches specific to SUSE and openSUSE
# PATCH-FIX-OPENSUSE -- set correct path for dtrace if it is built
Patch101: nodejs-libpath.patch
@@ -345,6 +349,9 @@
%endif
%patch12 -p1
%patch32 -p1
+%patch33 -p1
+%patch34 -p1
+%patch35 -p1
%patch101 -p1
%patch102 -p1
# Add check_output to configure script (not part of Python 2.6 in SLE11).
@@ -390,6 +397,7 @@
# script, so we'll do it thus:
export CFLAGS="%{optflags}"
export CXXFLAGS="%{optflags} -Wno-class-memaccess -Wno-error=return-type"
+export LDFLAGS="%{?build_ldflags}"
%if 0%{?cc_exec:1}
export CC=%{?cc_exec}
++ CVE-2019-15604.patch ++
ported from
commit f940bee3b7da865e28093472dee9ce664f273f6d
Author: Fedor Indutny
Date: Tue Nov 26 12:47:00 2019 -0800
crypto: fix assertion caused by unsupported ext
`X509V3_EXT_print` can return value different from `1` if the X509
extension does not support printing to a buffer. Instead of failing with
an unrecoverable assertion - replace the relevant value in the hashmap
with a JS null value.
Fixes: https://hackerone.com/reports/746733
Backport-PR-URL: https://github.com/nodejs-private/node-private/pull/193
PR-URL: https://github.com/nodejs-private/node-private/pull/175
Reviewed-By: Ben Noordhuis
Reviewed-By: Beth Griggs
Index: node-v8.17.0/src/node_crypto.cc
===
--- node-v8.17.0.orig/src/node_crypto.cc
+++ node-v8.17.0/src/node_crypto.cc
@@ -1818,9 +1818,11 @@ static Local X509ToObject(Enviro
ext = X509_get_ext(cert, index);
CHECK_NE(ext, nullptr);
-if (!SafeX509ExtPrint(bio, ext)) {
- rv = X509V3_EXT_print(bio, ext, 0, 0);
- CHECK_EQ(rv, 1);
+if (!SafeX509ExtPrint(bio, ext) &&
+X509V3_EXT_print(bio, ext, 0, 0) != 1) {
+ info->Set(context, keys[i], Null(env->isolate())).FromJust();
+ (void) BIO_reset(bio);
+ continue;
}
BIO_get_mem_ptr(bio, );
Index: node-v8.17.0/test/parallel/test-tls-cert-ext-encoding.js
===
--- /dev/null
+++ node-v8.17.0/test/parallel/test-tls-cert-ext-encoding.js
@@ -0,0 +1,79 @@
+'use strict';
+const common = require('../common');
+if (!common.hasCrypto)
+ common.skip('missing crypto');
+
+// NOTE: This certificate is hand-generated, hence it is not located in
+// `test/fixtures/keys` to avoid confusion.
+//
+// The key property of this cert is that subjectAltName contains a string with
+// a type `23` which cannot be encoded into string by `X509V3_EXT_print`.
+const pem = `
+-BEGIN RSA PRIVATE KEY-
+MIIEowIBAAKCAQEAzrmfPz5M3wTq2/CwMeSQr/N+R1FCJ+O5n+SMleKvBqaK63eJ
+kL4BnySMc+ZLKCt4UQSsPFIBK63QFq8n6/vjuTDMJiBTsvzytw8zJt1Zr2HA71N3
+VIPt6NdJ/w5lgddTYxR7XudJZJ5lk3PkG8ZgrhuenPYP80UJYVzAC2YZ9KYe3r2B
+rVbut1j+8h0TwVcx2Zg5PorsC/EVxHwo4dCmIHceodikr3UVqHneRcrDBytdG6Mo
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2020-01-20 22:48:31
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new.26092 (New)
Package is "nodejs8"
Mon Jan 20 22:48:31 2020 rev:30 rq:764404 version:8.17.0
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2019-12-29
15:49:19.599166087 +0100
+++ /work/SRC/openSUSE:Factory/.nodejs8.new.26092/nodejs8.changes
2020-01-20 22:48:56.579193446 +0100
@@ -1,0 +2,10 @@
+Tue Jan 7 13:20:06 UTC 2020 - Guillaume GARDET
+
+- Update _constraints for aarch64
+
+---
+Tue Jan 7 13:12:10 UTC 2020 - Guillaume GARDET
+
+- Really disable LTO when required (nodejs < 12)
+
+---
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.m8PxiZ/_old 2020-01-20 22:49:04.471196482 +0100
+++ /var/tmp/diff_new_pack.m8PxiZ/_new 2020-01-20 22:49:04.491196490 +0100
@@ -1,7 +1,7 @@
#
# spec file for package nodejs8
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -42,7 +42,16 @@
%endif
%bcond_withvalgrind_tests
+
+%if %{node_version_number} >= 12
%bcond_without nodejs_lto
+%else
+%bcond_with nodejs_lto
+%endif
+
+%if !0%{?with nodejs_lto}
+%define _lto_cflags %{nil}
+%endif
%if 0%{?suse_version} == 1110
%define _libexecdir %{_exec_prefix}/lib
@@ -318,6 +327,12 @@
%setup -q -n node-%{version}
%endif
+%if %{node_version_number} == 6
+# Update NPM
+rm -r deps/npm
+tar Jxvf %{SOURCE10}
+%endif
+
%if %{node_version_number} >= 10
tar Jxvf %{SOURCE11}
%endif # node_version_number
@@ -386,7 +401,7 @@
./configure \
--prefix=%{_prefix} \
-%if 0%{?with nodejs_lto} && %{node_version_number} >= 12
+%if 0%{?with nodejs_lto}
--enable-lto \
%endif
%if ! 0%{with intree_openssl}
++ _constraints ++
--- /var/tmp/diff_new_pack.m8PxiZ/_old 2020-01-20 22:49:04.627196542 +0100
+++ /var/tmp/diff_new_pack.m8PxiZ/_new 2020-01-20 22:49:04.631196544 +0100
@@ -8,6 +8,9 @@
4
+
+4
+
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2019-12-29 15:49:09
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new.6675 (New)
Package is "nodejs8"
Sun Dec 29 15:49:09 2019 rev:29 rq:759683 version:8.17.0
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2019-11-04
17:02:46.904028658 +0100
+++ /work/SRC/openSUSE:Factory/.nodejs8.new.6675/nodejs8.changes
2019-12-29 15:49:19.599166087 +0100
@@ -1,0 +2,11 @@
+Thu Dec 19 11:30:13 UTC 2019 - Adam Majer
+
+- New upstream LTS release 8.17.0:
+ * deps: updates npm to 6.13.4 fixing an arbitrary path overwrite
+and access via "bin" field (bsc#1159352, CVE-2019-16777,
+CVE-2019-16776, CVE-2019-16775)
+
+- refreshed: versioned.patch node-gyp-addon-gypi.patch
+- upstreamed: CVE-2019-13173.patch
+
+---
Old:
CVE-2019-13173.patch
node-v8.16.2.tar.xz
New:
node-v8.17.0.tar.xz
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.mJBKs3/_old 2019-12-29 15:49:21.347166884 +0100
+++ /var/tmp/diff_new_pack.mJBKs3/_new 2019-12-29 15:49:21.347166884 +0100
@@ -26,7 +26,7 @@
###
Name: nodejs8
-Version:8.16.2
+Version:8.17.0
Release:0
%define node_version_number 8
@@ -122,7 +122,6 @@
Patch7: manual_configure.patch
Patch12:openssl_1_1_1.patch
-Patch31:CVE-2019-13173.patch
Patch32:fix_build_with_openssl_1.1.1d.patch
## Patches specific to SUSE and openSUSE
@@ -186,11 +185,16 @@
BuildRequires: procps
BuildRequires: xz
BuildRequires: zlib-devel
+
+%if %node_version_number > 12
+BuildRequires: python3
+%else
%if 0%{?suse_version} >= 1500
BuildRequires: python2
%else
BuildRequires: python
%endif
+%endif # python3
%if 0%{?suse_version} >= 1500 && %{node_version_number} >= 10
BuildRequires: group(nobody)
@@ -279,13 +283,14 @@
Provides: nodejs-npm = %{version}
Obsoletes: nodejs-npm < 4.0.0
Provides: npm = %{version}
-Provides: npm(npm) = 6.4.1
+Provides: npm(npm) = 6.13.4
%if 0%{?suse_version} >= 1500
%if %{node_version_number} >= 10
Requires: group(nobody)
Requires: user(nobody)
%endif
Recommends: python2
+Recommends: python3
%else
Recommends: python
%endif
@@ -324,7 +329,6 @@
%if 0%{with valgrind_tests}
%endif
%patch12 -p1
-%patch31 -p1
%patch32 -p1
%patch101 -p1
%patch102 -p1
++ SHASUMS256.txt ++
--- /var/tmp/diff_new_pack.mJBKs3/_old 2019-12-29 15:49:21.375166897 +0100
+++ /var/tmp/diff_new_pack.mJBKs3/_new 2019-12-29 15:49:21.375166897 +0100
@@ -1,40 +1,40 @@
-8ed8a96300c116eb9533beb70510882fb5a9bc4b1f9acfa31bb718d52213e4a3
node-v8.16.2-aix-ppc64.tar.gz
-359331120e83f0707219398fc543b05eee9476446ecce549c20c4d9c7c103d29
node-v8.16.2-darwin-x64.tar.gz
-5bbb5be5c388276b78d6c8a17cb1ce0dd2c7e157c08fe7f3eda7414c1f450b39
node-v8.16.2-darwin-x64.tar.xz
-a43156bc0e2fd2f60a4e4a9194564d69b3e9f0f956a175b7ebe95d2610239f1c
node-v8.16.2-headers.tar.gz
-ed608f070fcc84e80ef4caf9004fe955067d003a62ff76c2bf2c1c9c5bfb01b7
node-v8.16.2-headers.tar.xz
-19b8c246dd12840ee6a94c89df683f853ed91cbbf6a133820fb163181d77202d
node-v8.16.2-linux-arm64.tar.gz
-5afe366affb05136d25e99ec97a7a1ee1b690cc26df43567af0509f36b45e682
node-v8.16.2-linux-arm64.tar.xz
-9f3b47244f502a150a09d6ad7f7eb68c835d148712b326d2af8db2b7ca81c14f
node-v8.16.2-linux-armv6l.tar.gz
-0fb8e030651776c490e7a8612e97b0d11af27d6e89461a612fa7fab6afda6c95
node-v8.16.2-linux-armv6l.tar.xz
-291f507d32b79fcd8c16739515516464f27b77cadb8b86f7a8ab43e74032cf69
node-v8.16.2-linux-armv7l.tar.gz
-9b7070578d58785da2bd31d3256b42f91d993a2fb4091e87a21fb9e66cca3b6e
node-v8.16.2-linux-armv7l.tar.xz
-9eb932ac222cbd6a1f145e515b2d41b18ad2ff686eb23782dc0e7205f838
node-v8.16.2-linux-ppc64le.tar.gz
-f442590923136024b23bf8c40533f5d6a7b5fb23ae34a889f77f1539ed9bfe8c
node-v8.16.2-linux-ppc64le.tar.xz
-0dd28c879c3bdfdb7e71b84cd74bf5667146a582b1af7afba25963772303aefb
node-v8.16.2-linux-s390x.tar.gz
-7c40b92a0466ffcade181f750d7fa659fd335a10bf156179c0d4b5bc0b40f10e
node-v8.16.2-linux-s390x.tar.xz
-722d07291a8886384388c6795a747ec2055073f83dc73c0a97efba0022cc23ff
node-v8.16.2-linux-x64.tar.gz
-88617a293f5828cc94ee99c94a43fbea12b989e34fe643fc14885a14748a8da6
node-v8.16.2-linux-x64.tar.xz
-938cc9651ce38091eba8c72ef2b235339fe3bed3980c04d1429f01412c68546c
node-v8.16.2-linux-x86.tar.gz
-3c1be98f792e41ab2a26bf03ed061ec2f98977218662f91daa394f8a23b94127
node-v8.16.2-linux-x86.tar.xz
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2019-11-04 17:02:42
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new.2990 (New)
Package is "nodejs8"
Mon Nov 4 17:02:42 2019 rev:28 rq:744749 version:8.16.2
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2019-08-29
17:17:20.751369158 +0200
+++ /work/SRC/openSUSE:Factory/.nodejs8.new.2990/nodejs8.changes
2019-11-04 17:02:46.904028658 +0100
@@ -1,0 +2,18 @@
+Thu Oct 24 14:34:22 UTC 2019 - Adam Majer
+
+- New upstream LTS release 8.16.2:
+ * deps: update OpenSSL to 1.0.2s
+
+---
+Wed Oct 2 10:13:11 UTC 2019 - Michel Normand
+
+- Add _constraints for aarch64 & ppc64le to avoid build error
+
+---
+Wed Sep 18 13:44:55 UTC 2019 - Vítězslav Čížek
+
+- Fix build with OpenSSL 1.1.1d (bsc#1149792)
+ * https://github.com/nodejs/node/pull/29550
+ * add fix_build_with_openssl_1.1.1d.patch
+
+---
Old:
node-v8.16.1.tar.xz
New:
_constraints
fix_build_with_openssl_1.1.1d.patch
node-v8.16.2.tar.xz
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.Jv8MUp/_old 2019-11-04 17:02:48.468030335 +0100
+++ /var/tmp/diff_new_pack.Jv8MUp/_new 2019-11-04 17:02:48.484030352 +0100
@@ -26,7 +26,7 @@
###
Name: nodejs8
-Version:8.16.1
+Version:8.16.2
Release:0
%define node_version_number 8
@@ -42,6 +42,7 @@
%endif
%bcond_withvalgrind_tests
+%bcond_without nodejs_lto
%if 0%{?suse_version} == 1110
%define _libexecdir %{_exec_prefix}/lib
@@ -122,6 +123,7 @@
Patch12:openssl_1_1_1.patch
Patch31:CVE-2019-13173.patch
+Patch32:fix_build_with_openssl_1.1.1d.patch
## Patches specific to SUSE and openSUSE
# PATCH-FIX-OPENSUSE -- set correct path for dtrace if it is built
@@ -146,6 +148,8 @@
BuildRequires: binutils-gold
%endif
+BuildRequires: pkg-config
+
# Node.js 4/6/7 requires GCC 4.8.5+.
#
# For Node.js 8.x, upstream requires GCC 4.9.4+, as GCC 4.8 may have
@@ -179,7 +183,6 @@
%endif
BuildRequires: fdupes
-BuildRequires: pkg-config
BuildRequires: procps
BuildRequires: xz
BuildRequires: zlib-devel
@@ -322,6 +325,7 @@
%endif
%patch12 -p1
%patch31 -p1
+%patch32 -p1
%patch101 -p1
%patch102 -p1
# Add check_output to configure script (not part of Python 2.6 in SLE11).
@@ -333,8 +337,11 @@
%patch120 -p1
%patch200 -p1
+# remove backup files, if any
+find -name \*~ -print0 -delete
+
# abnormalities from patching
-find -name configure.js.orig -delete
+find \( -name \*.js.orig -or -name \*.md.orig \) -delete
%build
# normalize shebang
@@ -360,10 +367,6 @@
find deps/zlib -name *.[ch] -delete
-# Annoying, over-repetitive patch updated just because lines in
-# documentation changes every version.
-find -name *.md.orig -delete
-
# percent-configure pulls in something that confuses node's configure
# script, so we'll do it thus:
export CFLAGS="%{optflags}"
@@ -379,7 +382,7 @@
./configure \
--prefix=%{_prefix} \
-%if %{node_version_number} >= 12
+%if 0%{?with nodejs_lto} && %{node_version_number} >= 12
--enable-lto \
%endif
%if ! 0%{with intree_openssl}
++ SHASUMS256.txt ++
--- /var/tmp/diff_new_pack.Jv8MUp/_old 2019-11-04 17:02:48.548030421 +0100
+++ /var/tmp/diff_new_pack.Jv8MUp/_new 2019-11-04 17:02:48.552030425 +0100
@@ -1,40 +1,40 @@
-be210d9ce20155877e56aa57901f71b45b214ebb6f78fc48e96ad3c37ec2ea0c
node-v8.16.1-aix-ppc64.tar.gz
-ef1cb93f03bca4b9528e5d3226bdf8efa135e4b12285eee1e4760da06bac631a
node-v8.16.1-darwin-x64.tar.gz
-8eac60c9d6687fb77a052a04712cc792a6cd1f55003e96d09404986690f8ad76
node-v8.16.1-darwin-x64.tar.xz
-a9e646dd27f29611002298a5a69e753e37b501ebb587165c258fd18425bbd7ff
node-v8.16.1-headers.tar.gz
-96671638be9e66d81227647123218e0077b7af4105854ac190bc7840d22db91c
node-v8.16.1-headers.tar.xz
-880cdfba7072398b2f7ca84474d3a689a9325182b866e6705f04f1cde10fea94
node-v8.16.1-linux-arm64.tar.gz
-0c61c6ae8a70d96ab19848a09b2010d29b806f2dd79177da22c743fd5e352a98
node-v8.16.1-linux-arm64.tar.xz
-1dc93b1f5adbfb30410766911a6721f7572635704859b02f321165f928bcafce
node-v8.16.1-linux-armv6l.tar.gz
-3ee921a1915e34e8fd8c7a40e1383e89dc3d12a0ed8ac4f252d0ea4c3cb470d6
node-v8.16.1-linux-armv6l.tar.xz
-1995c8a31e6939f47a93b101e1cb7f9d7caa2eacd01b1ffd90e50af5e8a776a2
node-v8.16.1-linux-armv7l.tar.gz
-c71297cdb4336969ee10d5ac7daecdc380bb876a1e17db1cbf0479983cfe6f59
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2019-08-29 17:17:14
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new.7948 (New)
Package is "nodejs8"
Thu Aug 29 17:17:14 2019 rev:27 rq:726172 version:8.16.1
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2019-08-19
21:37:22.348385182 +0200
+++ /work/SRC/openSUSE:Factory/.nodejs8.new.7948/nodejs8.changes
2019-08-29 17:17:20.751369158 +0200
@@ -1,0 +2,18 @@
+Fri Aug 16 14:33:44 UTC 2019 - Adam Majer
+
+- Update to 8.16.1:
+ Security update regarding HTTP/2 Denial of Service vulnerabilities
+ For details see,
+
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V12.md#12.8.1
+
https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
+ (CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514,
+ bsc#1146091, bsc#1146099, bsc#1146094, bsc#1146095,
+ CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, CVE-2019-9518,
+ bsc#1146100, bsc#1146090, bsc#1146097, bsc#1146093)
+
+- Changes in 8.16.0:
+ * n-api:
++ add API for async functions
++ mark thread-safe functions as stable
+
+---
Old:
node-v8.15.1.tar.xz
New:
node-v8.16.1.tar.xz
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.YfR4ox/_old 2019-08-29 17:17:22.715368832 +0200
+++ /var/tmp/diff_new_pack.YfR4ox/_new 2019-08-29 17:17:22.719368831 +0200
@@ -26,7 +26,7 @@
###
Name: nodejs8
-Version:8.15.1
+Version:8.16.1
Release:0
%define node_version_number 8
@@ -197,7 +197,7 @@
%if ! 0%{with intree_openssl}
%if %node_version_number >= 8
-BuildRequires: openssl-devel >= %{openssl_req_ver}
+BuildRequires: pkgconfig(openssl) >= %{openssl_req_ver}
%else # older node doesn't support OpenSSL 1.1
%if 0%{?suse_version} >= 1330
@@ -218,7 +218,7 @@
%endif
%if ! 0%{with intree_nghttp2}
-BuildRequires: libnghttp2-devel >= 1.34.0
+BuildRequires: libnghttp2-devel >= 1.39.2
%endif
%if 0%{with valgrind_tests}
@@ -367,7 +367,7 @@
# percent-configure pulls in something that confuses node's configure
# script, so we'll do it thus:
export CFLAGS="%{optflags}"
-export CXXFLAGS="%{optflags} -Wno-class-memaccess"
+export CXXFLAGS="%{optflags} -Wno-class-memaccess -Wno-error=return-type"
%if 0%{?cc_exec:1}
export CC=%{?cc_exec}
++ SHASUMS256.txt ++
--- /var/tmp/diff_new_pack.YfR4ox/_old 2019-08-29 17:17:22.751368826 +0200
+++ /var/tmp/diff_new_pack.YfR4ox/_new 2019-08-29 17:17:22.755368825 +0200
@@ -1,40 +1,40 @@
-9156fc8929f545981bfbafa4fe8ea3b8afeed9dacfb6e4bbc145ac86705c783e
node-v8.15.1-aix-ppc64.tar.gz
-f3da0b4397150226c008a86c99d77dbb835dc62219d863654913a78332ab19a5
node-v8.15.1-darwin-x64.tar.gz
-aacdc9d5d8bbeaf47c398815147e052aac53cf19319f4c140c1798a82d419e65
node-v8.15.1-darwin-x64.tar.xz
-6254529411abf790030fc72d43fe23f365799c198550e30d2fdc683f9407c299
node-v8.15.1-headers.tar.gz
-6729d58fad4960259ea5233a87ef913e07b7a5118d4c6e3fecc4b3595c817345
node-v8.15.1-headers.tar.xz
-0fcb30bc508097c0a13e7001a55f410802eda155c070cd5d125cd321332cc9f1
node-v8.15.1-linux-arm64.tar.gz
-69e000d78342c3d39583922c57947a906ad723789d6294951deb10cbe8709605
node-v8.15.1-linux-arm64.tar.xz
-a4b0ca0cd8b21224f676f05f6b4760d368935eed21e8ab96ceedb454e70770b4
node-v8.15.1-linux-armv6l.tar.gz
-2bca1485fdbfd2a905d28409450b512eeaeb020ea50b5027d697f15e70bffa95
node-v8.15.1-linux-armv6l.tar.xz
-e1fded2ef39967deef4f6a6921f86a66092c4bda1e9d207126fc7676797de98a
node-v8.15.1-linux-armv7l.tar.gz
-4be3cbf3bd0d0f30c8c2a3a4396fa1b78e6c5defc21dc176bf5da16782c4e1fa
node-v8.15.1-linux-armv7l.tar.xz
-6d122196856e633a645a07da25ada68ae8a841b8cdb962a69f6e9ec6110ee1bb
node-v8.15.1-linux-ppc64le.tar.gz
-efca9b7ca623223ba97dafd16627461075d9fbc9cc9958e91d9a1ff0feb92dc2
node-v8.15.1-linux-ppc64le.tar.xz
-6dd32604a69cb3bb22583842e9a39f88d1ebaf9275fc0c8a870bd13bca0a872b
node-v8.15.1-linux-s390x.tar.gz
-11e78c00c62e588947eff4a658ff9d1a8ad5c3540d387b9a3b28ef11838a8748
node-v8.15.1-linux-s390x.tar.xz
-16e203f2440cffe90522f1e1855d5d7e2e658e759057db070a3dafda445d6d1f
node-v8.15.1-linux-x64.tar.gz
-5643b54c583eebaa40c1623b16cba4e3955ff5dfdd44036f6bafd761160c993d
node-v8.15.1-linux-x64.tar.xz
-d7cb82569278baf46cac88128c0677e0499b066cd2dfe0223af82162e2a17185
node-v8.15.1-linux-x86.tar.gz
-ca5b9ed2377fca5e66f66fa4e9ce4b0ffce6e065651d1c6398989b79d1d8c829
node-v8.15.1-linux-x86.tar.xz
-b87fba0aade8caf51182e3ec3f6293cf8556b4368d7fb5f30e4679188c3b808a
node-v8.15.1.pkg
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2019-08-19 21:37:11
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new.22127 (New)
Package is "nodejs8"
Mon Aug 19 21:37:11 2019 rev:26 rq:724036 version:8.15.1
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2019-08-06
15:11:05.139754885 +0200
+++ /work/SRC/openSUSE:Factory/.nodejs8.new.22127/nodejs8.changes
2019-08-19 21:37:22.348385182 +0200
@@ -1,0 +2,7 @@
+Fri Aug 9 10:09:19 UTC 2019 - Adam Majer
+
+- npm_search_paths.patch: make sure that npm resolves its default
+ config file like in all other versions, as /etc/nodejs/npmrc
+ (bsc#1144919)
+
+---
Other differences:
--
++ npm_search_paths.patch ++
--- /var/tmp/diff_new_pack.cX2qHL/_old 2019-08-19 21:37:23.596384397 +0200
+++ /var/tmp/diff_new_pack.cX2qHL/_new 2019-08-19 21:37:23.596384397 +0200
@@ -1,7 +1,7 @@
-Index: node-v8.12.0/deps/npm/lib/help-search.js
+Index: node-v8.15.1/deps/npm/lib/help-search.js
===
node-v8.12.0.orig/deps/npm/lib/help-search.js
-+++ node-v8.12.0/deps/npm/lib/help-search.js
+--- node-v8.15.1.orig/deps/npm/lib/help-search.js
node-v8.15.1/deps/npm/lib/help-search.js
@@ -18,7 +18,7 @@ function helpSearch (args, silent, cb) {
}
if (!args.length) return cb(helpSearch.usage)
@@ -11,10 +11,10 @@
return glob(docPath + '/*/*.md', function (er, files) {
if (er) return cb(er)
readFiles(files, function (er, data) {
-Index: node-v8.12.0/deps/npm/lib/config/defaults.js
+Index: node-v8.15.1/deps/npm/lib/config/defaults.js
===
node-v8.12.0.orig/deps/npm/lib/config/defaults.js
-+++ node-v8.12.0/deps/npm/lib/config/defaults.js
+--- node-v8.15.1.orig/deps/npm/lib/config/defaults.js
node-v8.15.1/deps/npm/lib/config/defaults.js
@@ -102,6 +102,11 @@ Object.defineProperty(exports, 'defaults
if (process.env.DESTDIR) {
globalPrefix = path.join(process.env.DESTDIR, globalPrefix)
@@ -27,3 +27,19 @@
}
defaults = {
+Index: node-v8.15.1/deps/npm/lib/config/core.js
+===
+--- node-v8.15.1.orig/deps/npm/lib/config/core.js
node-v8.15.1/deps/npm/lib/config/core.js
+@@ -153,8 +153,9 @@ function load_ (builtin, rc, cli, cb) {
+ // Eg, `npm config get globalconfig --prefix ~/local` should
+ // return `~/local/etc/npmrc`
+ // annoying humans and their expectations!
+-if (conf.get('prefix')) {
+- var etc = path.resolve(conf.get('prefix'), 'etc')
++var etc_prefix = conf.get('prefix');
++if (etc_prefix) {
++ var etc = (etc_prefix === '/usr/local' ? '/etc/nodejs' :
path.resolve(etc_prefix, 'etc'));
+ defaults.globalconfig = path.resolve(etc, 'npmrc')
+ defaults.globalignorefile = path.resolve(etc, 'npmignore')
+ }
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2019-08-06 15:11:03
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new.4126 (New)
Package is "nodejs8"
Tue Aug 6 15:11:03 2019 rev:25 rq:721007 version:8.15.1
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2019-05-07
23:20:34.641137098 +0200
+++ /work/SRC/openSUSE:Factory/.nodejs8.new.4126/nodejs8.changes
2019-08-06 15:11:05.139754885 +0200
@@ -1,0 +2,6 @@
+Mon Jul 29 09:01:29 UTC 2019 - Adam Majer
+
+- CVE-2019-13173.patch: fix potential file overwrite via hardlink
+ in fstream.DirWriter() function (bsc#1140290, CVE-2019-13173)
+
+---
New:
CVE-2019-13173.patch
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.gngNYe/_old 2019-08-06 15:11:06.295754350 +0200
+++ /var/tmp/diff_new_pack.gngNYe/_new 2019-08-06 15:11:06.299754348 +0200
@@ -121,6 +121,8 @@
Patch7: manual_configure.patch
Patch12:openssl_1_1_1.patch
+Patch31:CVE-2019-13173.patch
+
## Patches specific to SUSE and openSUSE
# PATCH-FIX-OPENSUSE -- set correct path for dtrace if it is built
Patch101: nodejs-libpath.patch
@@ -319,6 +321,7 @@
%if 0%{with valgrind_tests}
%endif
%patch12 -p1
+%patch31 -p1
%patch101 -p1
%patch102 -p1
# Add check_output to configure script (not part of Python 2.6 in SLE11).
@@ -364,7 +367,7 @@
# percent-configure pulls in something that confuses node's configure
# script, so we'll do it thus:
export CFLAGS="%{optflags}"
-export CXXFLAGS="%{optflags}"
+export CXXFLAGS="%{optflags} -Wno-class-memaccess"
%if 0%{?cc_exec:1}
export CC=%{?cc_exec}
@@ -376,6 +379,9 @@
./configure \
--prefix=%{_prefix} \
+%if %{node_version_number} >= 12
+--enable-lto \
+%endif
%if ! 0%{with intree_openssl}
--shared-openssl \
%endif
++ CVE-2019-13173.patch ++
CVE-2019-13173
Backported from
https://github.com/npm/fstream/commit/6a77d2fa6e1462693cf8e46f930da96ec1b0bb22
>From 6a77d2fa6e1462693cf8e46f930da96ec1b0bb22 Mon Sep 17 00:00:00 2001
From: isaacs
Date: Tue, 14 May 2019 17:37:57 -0700
Subject: [PATCH] Clobber a Link if it's in the way of a File
Fixes https://github.com/npm/node-tar/issues/212
---
lib/writer.js | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/writer.js b/lib/writer.js
index 140e449..3f10547 100644
--- a/deps/npm/node_modules/fstream/lib/writer.js
+++ b/deps/npm/node_modules/fstream/lib/writer.js
@@ -147,7 +147,7 @@ Writer.prototype._stat = function (current) {
// if it's a type change, then we need to clobber or error.
// if it's not a type change, then let the impl take care of it.
-if (currentType !== self.type) {
+if (currentType !== self.type || self.type === 'File' && current.nlink >
1) {
return rimraf(self._path, function (er) {
if (er) return self.error(er)
self._old = null
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2019-05-07 23:20:29
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new.5148 (New)
Package is "nodejs8"
Tue May 7 23:20:29 2019 rev:24 rq:701348 version:8.15.1
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2019-03-13
09:05:46.119445334 +0100
+++ /work/SRC/openSUSE:Factory/.nodejs8.new.5148/nodejs8.changes
2019-05-07 23:20:34.641137098 +0200
@@ -1,0 +2,5 @@
+Tue May 7 11:13:57 UTC 2019 - Adam Majer
+
+- openssl_1_1_1.patch: backport fixes for OpenSSL 1.1.1 (bsc#1134209)
+
+---
New:
openssl_1_1_1.patch
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.zk6SR7/_old 2019-05-07 23:20:36.721142083 +0200
+++ /var/tmp/diff_new_pack.zk6SR7/_new 2019-05-07 23:20:36.725142093 +0200
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@@ -31,11 +31,15 @@
%define node_version_number 8
+%if %node_version_number >= 12
+%define openssl_req_ver 1.1.1
+%else
%if %node_version_number >= 10
%define openssl_req_ver 1.1.0
%else # node8 or older
%define openssl_req_ver 1.0.2
%endif
+%endif
%bcond_withvalgrind_tests
@@ -115,6 +119,7 @@
## Patches not distribution specific
Patch3: fix_ci_tests.patch
Patch7: manual_configure.patch
+Patch12:openssl_1_1_1.patch
## Patches specific to SUSE and openSUSE
# PATCH-FIX-OPENSUSE -- set correct path for dtrace if it is built
@@ -271,6 +276,10 @@
Provides: npm = %{version}
Provides: npm(npm) = 6.4.1
%if 0%{?suse_version} >= 1500
+%if %{node_version_number} >= 10
+Requires: group(nobody)
+Requires: user(nobody)
+%endif
Recommends: python2
%else
Recommends: python
@@ -309,6 +318,7 @@
%patch7 -p1
%if 0%{with valgrind_tests}
%endif
+%patch12 -p1
%patch101 -p1
%patch102 -p1
# Add check_output to configure script (not part of Python 2.6 in SLE11).
++ openssl_1_1_1.patch ++
Backport OpenSSL 1.1.1 support, mostly be disabling TLS 1.3
Upstream commits:
commit 8dd8033519658bba2d7b776ec166f889a56bce31
Author: Shigeki Ohtsu
Date: Wed Sep 12 17:34:24 2018 +0900
tls: workaround handshakedone in renegotiation
`SSL_CB_HANDSHAKE_START` and `SSL_CB_HANDSHAKE_DONE` are called
sending HelloRequest in OpenSSL-1.1.1.
We need to check whether this is in a renegotiation state or not.
Backport-PR-URL: https://github.com/nodejs/node/pull/26270
PR-URL: https://github.com/nodejs/node/pull/25381
Reviewed-By: Daniel Bevenius
Reviewed-By: Shigeki Ohtsu
commit 161dca72cb06e36614fdc75184383c8f456e97a4
Author: Sam Roberts
Date: Wed Nov 28 14:11:18 2018 -0800
tls: re-define max supported version as 1.2
Several secureProtocol strings allow any supported TLS version as the
maximum, but our maximum supported protocol version is TLSv1.2 even if
someone configures a build against an OpenSSL that supports TLSv1.3.
Fixes: https://github.com/nodejs/node/issues/24658
PR-URL: https://github.com/nodejs/node/pull/25024
Reviewed-By: Richard Lau
Reviewed-By: Ben Noordhuis
Reviewed-By: Daniel Bevenius
Reviewed-By: Colin Ihrig
Partial port, remain compatible with 1.0.2:
commit 970ce14f61a44504520581c5af5dc9c3bddc0f40
Author: Shigeki Ohtsu
Date: Wed Mar 14 14:26:55 2018 +0900
crypto: remove deperecated methods of TLS version
All version-specific methods were deprecated in OpenSSL 1.1.0 and
min/max versions explicitly need to be set.
This still keeps comptatible with JS and OpenSSL-1.0.2 APIs for now.
crypto, constants: add constant of OpenSSL-1.1.0
Several constants for OpenSSL-1.1.0 engine were removed and renamed in
OpenSSL-1.1.0. This added one renamed constant in order to have a
compatible feature with that of OpenSSL-1.0.2.
Other missed or new constants in OpenSSL-1.1.0 are not yet added.
crypto,tls,constants: remove OpenSSL1.0.2 support
This is semver-majar change so that we need not to have
compatibilities with older versions.
Fixes: https://github.com/nodejs/node/issues/4270
PR-URL: https://github.com/nodejs/node/pull/19794
Reviewed-By: James M Snell
Reviewed-By: Rod Vagg
Reviewed-By: Michael Dawson
Index: node-v8.15.1/src/node_constants.cc
commit nodejs8 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs8 for openSUSE:Factory checked in at 2019-03-13 09:05:40 Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old) and /work/SRC/openSUSE:Factory/.nodejs8.new.28833 (New) Package is "nodejs8" Wed Mar 13 09:05:40 2019 rev:23 rq:681822 version:8.15.1 Changes: --- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2019-01-15 09:13:58.986368817 +0100 +++ /work/SRC/openSUSE:Factory/.nodejs8.new.28833/nodejs8.changes 2019-03-13 09:05:46.119445334 +0100 @@ -1,0 +2,15 @@ +Thu Feb 28 13:26:36 UTC 2019 - Adam Majer + +- New upstream LTS release 8.15.1: + * http: Further prevention of "Slowloris" attacks on HTTP and HTTPS + connections by consistently applying the receive timeout set by + server.headersTimeout to connections in keep-alive mode. + (CVE-2019-5737, bsc#1127532) + +--- +Fri Feb 1 12:40:17 UTC 2019 - adam.ma...@suse.de + +- nodejs.keyring: update keyring to today's list as per + https://github.com/nodejs/node + +--- Old: node-v8.15.0.tar.xz New: node-v8.15.1.tar.xz Other differences: -- ++ nodejs8.spec ++ --- /var/tmp/diff_new_pack.JuLYEJ/_old 2019-03-13 09:05:47.535445187 +0100 +++ /var/tmp/diff_new_pack.JuLYEJ/_new 2019-03-13 09:05:47.539445187 +0100 @@ -26,7 +26,7 @@ ### Name: nodejs8 -Version:8.15.0 +Version:8.15.1 Release:0 %define node_version_number 8 ++ SHASUMS256.txt ++ --- /var/tmp/diff_new_pack.JuLYEJ/_old 2019-03-13 09:05:47.567445184 +0100 +++ /var/tmp/diff_new_pack.JuLYEJ/_new 2019-03-13 09:05:47.571445183 +0100 @@ -1,40 +1,40 @@ -ef9db73a1c84129b0549db54299569eb308e5992a1459fe27f5c4c8c7184b382 node-v8.15.0-aix-ppc64.tar.gz -a393971136408f837fbc0f7d71a63754f91cfb1851d48bd612d8219eb61956f1 node-v8.15.0-darwin-x64.tar.gz -7a2662d95d5e89874035233035d56ec067e5798b512f8d0393e805a3d742bd58 node-v8.15.0-darwin-x64.tar.xz -5918d8f4da6c8aed5d27be1c5d318517fd175983ca3514592e3cdbf364d8d316 node-v8.15.0-headers.tar.gz -cb252b265e7f8ee795f0c83b39a4d27988838efa9f28acaf9f9bf906fbca01b7 node-v8.15.0-headers.tar.xz -02ce5c6551c0252c74b12c217d4e4f331147dc605990d6bbfb2fa247f356b5b0 node-v8.15.0-linux-arm64.tar.gz -5985c6dce65b1161ff41253da5aa4e64b8f10eb010a5d2712ea9b659f70179d7 node-v8.15.0-linux-arm64.tar.xz -6b56540492f7b4107dc9ee94ee170f9d26364fa7c55572b70d0aa39c13a0513f node-v8.15.0-linux-armv6l.tar.gz -fd0a06bb084742e84c502684c0aed2e9bac95a5c3962073c3dbfb739768c3d32 node-v8.15.0-linux-armv6l.tar.xz -a19b38d89f87c357569ee6ec99e767789a97c1a053e073676cfb0d68945d584e node-v8.15.0-linux-armv7l.tar.gz -8cad5b17d90e7e3aaea6c723f0608de502738641e88c2e8406c93d7cd031ac54 node-v8.15.0-linux-armv7l.tar.xz -0a82cd81f13e59811c02dd12b7446fb2d5be86182dd9a6e96bf4fa32296a192a node-v8.15.0-linux-ppc64le.tar.gz -c7ea47b9c16dc383d859d0abe201d25e25d90fedd64759ea22775eac39937690 node-v8.15.0-linux-ppc64le.tar.xz -c68bf544c3998cfa7803811e3c03ec74077a5a57c15ef487ff847c395c6a35fc node-v8.15.0-linux-s390x.tar.gz -560620a4e061b94f2ff28bcc42582c15b23f1796ae5892f24daf32003f555740 node-v8.15.0-linux-s390x.tar.xz -dc004e5c0f39c6534232a73100c194bc1446f25e3a6a39b29e2000bb3d139d52 node-v8.15.0-linux-x64.tar.gz -c1f0c5facdba78b5dec5136aec40dcb00b5c7cf404d9236a99c955994f91d969 node-v8.15.0-linux-x64.tar.xz -cb20139da17c6805af5e3e04b4414c8f92cf3369cd1dd7aca3a58e1ad6b806a9 node-v8.15.0-linux-x86.tar.gz -c43e992e1967310091c8f700dbe537559849c7b5c8436f48aba161fa987645fc node-v8.15.0-linux-x86.tar.xz -c260dd072480208cc4bd8df1a5a022e82d21d685ebdbbf1421a6ebe3c023a566 node-v8.15.0.pkg -ff5ed2508f073cef892992285a21608463054be059d25155618a94099a53df31 node-v8.15.0-sunos-x64.tar.gz -20b3e5798e51406d3d03c6199d4fac573ba58812bad379e30dd799319a63ce7f node-v8.15.0-sunos-x64.tar.xz -08ed85feac66ae0e5cad2dfb78d85fa3ac1ef681eb4b0aeb885c08dc4fa9ded2 node-v8.15.0-sunos-x86.tar.gz -eed3d477213a5efd1831b1fb8d172f4b5addc0b94a256b10ef3ac37556f1d34d node-v8.15.0-sunos-x86.tar.xz -590fc8b09c2466f8f7854ce3342ae1d0ba421c104999b7bd54ec0c690321d2aa node-v8.15.0.tar.gz -96852947cc3f769d73dedc6c9c60580826d8714bc0e62ca4589de6a7c633 node-v8.15.0.tar.xz -5317b304111f29c274a6c03375f65b9a2229397d0cd0152c79d32c24ede89f8d node-v8.15.0-win-x64.7z -13d8eab29c191bd16c69a70a556178a5adc988b243a036aaf3d5158861b60d8e node-v8.15.0-win-x64.zip -0a88b05dd281ce0af7b4cc5237cfd065f2ba54df700c9e3bff334832c7b24387 node-v8.15.0-win-x86.7z -2c9626cff11b476de178e9357ba26808dacbe26b26f34fd74adfb77c998ef022 node-v8.15.0-win-x86.zip
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2019-01-15 09:13:48
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new.28833 (New)
Package is "nodejs8"
Tue Jan 15 09:13:48 2019 rev:22 rq:664390 version:8.15.0
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2018-11-06
13:54:45.676222011 +0100
+++ /work/SRC/openSUSE:Factory/.nodejs8.new.28833/nodejs8.changes
2019-01-15 09:13:58.986368817 +0100
@@ -1,0 +2,56 @@
+Mon Jan 7 15:37:20 UTC 2019 - adam.ma...@suse.de
+
+- New upstream LTS release 8.15.0:
+ * cli: add --max-http-header-size flag
+ * http: add maxHeaderSize property
+
+- Changes in LTS release 8.14.1:
+ * http2: fix sequence of error/close events
+
+- Changes in LTS release 8.14.0:
+ * http:
++ Headers received by HTTP servers must not exceed 8192 bytes
+ in total to prevent possible Denial of Service attacks.
+ (CVE-2018-12121, bsc#1117626)
++ A timeout of 40 seconds now applies to servers receiving HTTP
+ headers. This value can be adjusted with server.headersTimeout.
+ Where headers are not completely received within this period,
+ the socket is destroyed on the next received chunk. In
+ conjunction with server.setTimeout(), this aids in protecting
+ against excessive resource retention and possible
+ Denial of Service. (CVE-2018-12122, bsc#1117627)
++ Two-byte characters are now strictly disallowed for the path
+ option in HTTP client requests. Paths containing characters
+ outside of the range \u0021 - \u00ff will now be rejected
+ with a TypeError. This behavior can be reverted if necessary
+ by supplying the --security-revert=CVE-2018-12116 command
+ line argument (this is not recommended).
+ (CVE-2018-12116, bsc#1117630)
+ * url: Fix a bug that would allow a hostname being spoofed when
+parsing URLs with url.parse() with the 'javascript:' protocol.
+(CVE-2018-12123, bsc#1117629)
+
+- Changes in LTS release 8.13.0:
+ * assert: backport some assert commits
+ * deps:
++ upgrade to libuv 1.23.2
++ V8: cherry-pick 64-bit hash seed commits
+ * http: added aborted property to request
+ * http2: no longer experimental
++ bump dependency of nghttp2 to 1.34.0
+
+- fix_ci_tests.patch: Reduce timeout for test-http2-session-timeout
+- skip_test_on_lowmem.patch: skip test on low-memory build machine
+- env_shebang.patch: dropped in favour of programmatic update
+
+---
+Mon Dec 24 10:13:43 UTC 2018 - Guillaume GARDET
+
+- Enable armv6 build
+
+---
+Mon Nov 26 14:06:57 UTC 2018 - adam.ma...@suse.de
+
+- flaky_test_rerun.patch: Rerun failing tests in case of flakiness
+
+---
Old:
env_shebang.patch
node-v8.12.0.tar.xz
New:
flaky_test_rerun.patch
node-v8.15.0.tar.xz
skip_test_on_lowmem.patch
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.E9DIQQ/_old 2019-01-15 09:13:59.674368180 +0100
+++ /var/tmp/diff_new_pack.E9DIQQ/_new 2019-01-15 09:13:59.674368180 +0100
@@ -1,7 +1,7 @@
#
# spec file for package nodejs8
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -26,7 +26,7 @@
###
Name: nodejs8
-Version:8.12.0
+Version:8.15.0
Release:0
%define node_version_number 8
@@ -61,7 +61,7 @@
%bcond_without intree_icu
%endif
-%if 0%{suse_version} >= 1500
+%if 0%{suse_version} >= 1550
%bcond_withintree_nghttp2
%else
%bcond_without intree_nghttp2
@@ -128,12 +128,13 @@
# PATCH-FIX-OPENSUSE -- install user global npm packages to /usr/local
# instead of /usr
Patch104: npm_search_paths.patch
+Patch105: skip_test_on_lowmem.patch
+
+Patch120: flaky_test_rerun.patch
# Use versioned binaries and paths
Patch200: versioned.patch
-Patch201: env_shebang.patch
-
%if 0%{with binutils_gold}
BuildRequires: binutils-gold
%endif
@@ -210,7 +211,7 @@
%endif
%if ! 0%{with intree_nghttp2}
-BuildRequires: libnghttp2-devel >= 1.31.0
+BuildRequires: libnghttp2-devel >= 1.34.0
%endif
%if 0%{with valgrind_tests}
@@ -244,7 +245,7 @@
%endif
# Building Node.js only makes sense on V8 architectures.
-ExclusiveArch: %{ix86} x86_64 armv7hl aarch64
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2018-11-06 13:54:38
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Tue Nov 6 13:54:38 2018 rev:21 rq:643771 version:8.12.0
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2018-09-04
22:48:20.831391878 +0200
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2018-11-06
13:54:45.676222011 +0100
@@ -2 +2 @@
-Thu Aug 23 11:56:53 UTC 2018 - adam.ma...@suse.de
+Fri Oct 5 11:36:31 UTC 2018 - adam.ma...@suse.de
@@ -4,2 +4,37 @@
-- fix_ci_tests.patch: Fix parallel/test-tls-passphrase.js test to
- continue to function with older versions of OpenSSL library.
+- fix_ci_tests.patch: fix unit tests
+
+---
+Fri Sep 21 15:28:17 UTC 2018 - adam.ma...@suse.de
+
+- New upstream LTS release 8.12.0:
+ * async_hooks:
++ rename PromiseWrap.parentId
++ remove runtime deprecation
++ deprecate unsafe emit{Before,After}
+ * cluster:
++ add cwd to cluster.settings
++ support windowsHide option for workers
+ * crypto: allow passing null as IV unless required
+ * deps:
++ upgrade npm to 6.4.1
++ upgrade libuv to 1.19.2
++ Upgrade node-inspect to 1.11.5
+ * fs, net:
++ support as and as+ flags in stringToFlags()
++ emit 'ready' for fs streams and sockets
+ * http, http2:
++ add options to http.createServer()
++ add 103 Early Hints status code
++ add http fallback options to .createServer
+ * n-api: take n-api out of experimental
+ * perf_hooks: add warning when too many entries in the timeline
+ * src:
++ add public API for managing NodePlatform
++ allow --perf-(basic-)?prof in NODE_OPTIONS
++ node internals' postmortem metadata
+ * tls: expose Finished messages in TLSSocket
+ * trace_events: add file pattern cli option
+ * util: implement util.getSystemErrorName()
+icu_61_namespacefix.patch: upstreamed
+npm_search_paths.patch, versioned.patch, env_shebang.patch,
+ fix_ci_tests.patch: refreshed
Old:
icu_61_namespacefix.patch
node-v8.11.4.tar.xz
New:
bash_output_helper.bash
node-v8.12.0.tar.xz
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.yrvmrK/_old 2018-11-06 13:54:46.908220331 +0100
+++ /var/tmp/diff_new_pack.yrvmrK/_new 2018-11-06 13:54:46.912220326 +0100
@@ -26,7 +26,7 @@
###
Name: nodejs8
-Version:8.11.4
+Version:8.12.0
Release:0
%define node_version_number 8
@@ -37,11 +37,12 @@
%define openssl_req_ver 1.0.2
%endif
+%bcond_withvalgrind_tests
+
%if 0%{?suse_version} == 1110
%define _libexecdir %{_exec_prefix}/lib
%endif
-# Only Leap 42.2+, SLE 12 SP2+ and Tumbleweed have OpenSSL 1.0.2.
%if 0%{?suse_version} > 1320 || 0%{?sle_version} >= 120200
%bcond_withintree_openssl
%else
@@ -98,6 +99,8 @@
%bcond_without binutils_gold
%endif
+%define git_node 0
+
Summary:Evented I/O for V8 JavaScript
License:MIT
Group: Development/Languages/NodeJS
@@ -107,9 +110,10 @@
Source2:https://nodejs.org/dist/v%{version}/SHASUMS256.txt.sig
Source3:nodejs.keyring
+Source20: bash_output_helper.bash
+
## Patches not distribution specific
Patch3: fix_ci_tests.patch
-Patch6: icu_61_namespacefix.patch
Patch7: manual_configure.patch
## Patches specific to SUSE and openSUSE
@@ -130,7 +134,7 @@
Patch201: env_shebang.patch
-%if %{with binutils_gold}
+%if 0%{with binutils_gold}
BuildRequires: binutils-gold
%endif
@@ -177,7 +181,12 @@
BuildRequires: python
%endif
-%if ! %{with intree_openssl}
+%if 0%{?suse_version} >= 1500 && %{node_version_number} >= 10
+BuildRequires: group(nobody)
+BuildRequires: user(nobody)
+%endif
+
+%if ! 0%{with intree_openssl}
%if %node_version_number >= 8
BuildRequires: openssl-devel >= %{openssl_req_ver}
@@ -192,18 +201,22 @@
%endif # older node doesn't support OpenSSL 1.1
%endif # ! {with intree_openssl}
-%if ! %{with intree_cares}
+%if ! 0%{with intree_cares}
BuildRequires: pkgconfig(libcares) >= 1.10.0
%endif
-%if ! %{with intree_icu}
+%if ! 0%{with intree_icu}
BuildRequires: pkgconfig(icu-i18n) >= 57
%endif
-%if ! %{with intree_nghttp2}
+%if ! 0%{with intree_nghttp2}
BuildRequires: libnghttp2-devel >= 1.31.0
%endif
+%if 0%{with valgrind_tests}
+BuildRequires: valgrind
+%endif
+
Requires(post): update-alternatives
Requires(postun): update-alternatives
Recommends: npm8
@@ -255,7 +268,7 @@
Provides: nodejs-npm = %{version}
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2018-09-04 22:47:53
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Tue Sep 4 22:47:53 2018 rev:20 rq:632297 version:8.11.4
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2018-08-28
09:21:18.076239706 +0200
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2018-09-04
22:48:20.831391878 +0200
@@ -1,0 +2,6 @@
+Thu Aug 23 11:56:53 UTC 2018 - adam.ma...@suse.de
+
+- fix_ci_tests.patch: Fix parallel/test-tls-passphrase.js test to
+ continue to function with older versions of OpenSSL library.
+
+---
Other differences:
--
++ fix_ci_tests.patch ++
--- /var/tmp/diff_new_pack.N5Fevy/_old 2018-09-04 22:48:21.575394438 +0200
+++ /var/tmp/diff_new_pack.N5Fevy/_new 2018-09-04 22:48:21.575394438 +0200
@@ -2,10 +2,10 @@
Date: Dec 20 09:18:49 UTC 2017
Summary: Fix CI unit tests framework for OBS building
-Index: node-v8.9.3/test/parallel/test-module-loading-globalpaths.js
+Index: node-v8.11.4/test/parallel/test-module-loading-globalpaths.js
===
node-v8.9.3.orig/test/parallel/test-module-loading-globalpaths.js
-+++ node-v8.9.3/test/parallel/test-module-loading-globalpaths.js
+--- node-v8.11.4.orig/test/parallel/test-module-loading-globalpaths.js
node-v8.11.4/test/parallel/test-module-loading-globalpaths.js
@@ -7,6 +7,9 @@ const fs = require('fs');
const child_process = require('child_process');
const pkgName = 'foo';
@@ -16,11 +16,11 @@
if (process.argv[2] === 'child') {
console.log(require(pkgName).string);
} else {
-Index: node-v8.9.3/Makefile
+Index: node-v8.11.4/Makefile
===
node-v8.9.3.orig/Makefile
-+++ node-v8.9.3/Makefile
-@@ -409,7 +409,7 @@ test-ci-js: | clear-stalled
+--- node-v8.11.4.orig/Makefile
node-v8.11.4/Makefile
+@@ -416,7 +416,7 @@ test-ci-js: | clear-stalled
fi
test-ci: LOGLEVEL := info
@@ -29,10 +29,10 @@
out/Release/cctest --gtest_output=tap:cctest.tap
$(PYTHON) tools/test.py $(PARALLEL_ARGS) -p tap --logfile test.tap \
--mode=release --flaky-tests=$(FLAKY_TESTS) \
-Index: node-v8.9.3/test/doctool/test-make-doc.js
+Index: node-v8.11.4/test/doctool/test-make-doc.js
===
node-v8.9.3.orig/test/doctool/test-make-doc.js
-+++ node-v8.9.3/test/doctool/test-make-doc.js
+--- node-v8.11.4.orig/test/doctool/test-make-doc.js
node-v8.11.4/test/doctool/test-make-doc.js
@@ -11,7 +11,7 @@ const assert = require('assert');
const fs = require('fs');
const path = require('path');
@@ -42,3 +42,16 @@
const docs = fs.readdirSync(apiPath);
assert.ok(docs.includes('_toc.html'));
+Index: node-v8.11.4/test/parallel/test-tls-passphrase.js
+===
+--- node-v8.11.4.orig/test/parallel/test-tls-passphrase.js
node-v8.11.4/test/parallel/test-tls-passphrase.js
+@@ -221,7 +221,7 @@ server.listen(0, common.mustCall(functio
+ }, common.mustCall());
+ })).unref();
+
+-const errMessagePassword = /bad decrypt/;
++const errMessagePassword = /bad (decrypt|password read)/;
+
+ // Missing passphrase
+ assert.throws(function() {
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2018-08-28 09:20:53
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Tue Aug 28 09:20:53 2018 rev:19 rq:630498 version:8.11.4
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2018-06-22
13:12:47.608799752 +0200
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2018-08-28
09:21:18.076239706 +0200
@@ -1,0 +2,17 @@
+Mon Aug 20 08:30:52 UTC 2018 - adam.ma...@suse.de
+
+- New upstream LTS release 8.11.4:
+ * buffer: Fix out-of-bounds (OOB) write in Buffer.write() for
+UCS-2 encoding (CVE-2018-12115, bsc#1105019)
+ * deps: Upgrade to OpenSSL 1.0.2p, fixing:
++ Client DoS due to large DH parameter
+ (CVE-2018-0732, bsc#1097158)
++ ECDSA key extraction via local side-channel
+
+---
+Sun Jul 29 10:47:39 UTC 2018 - jeng...@inai.de
+
+- Ensure neutrality of description.
+- Use %make_install.
+
+---
Old:
node-v8.11.3.tar.xz
New:
node-v8.11.4.tar.xz
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.Y9Osyr/_old 2018-08-28 09:21:19.040242712 +0200
+++ /var/tmp/diff_new_pack.Y9Osyr/_new 2018-08-28 09:21:19.044242724 +0200
@@ -26,7 +26,7 @@
###
Name: nodejs8
-Version:8.11.3
+Version:8.11.4
Release:0
%define node_version_number 8
@@ -235,10 +235,9 @@
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
-Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine.
-Node.js uses an event-driven, non-blocking I/O model that makes it
-lightweight and efficient. Node.js' package ecosystem, npm, is the largest
-ecosystem of open source libraries in the world.
+Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine. Node.js
+uses an event-driven, non-blocking I/O model. Node.js has a package ecosystem
+provided by npm.
%package devel
Summary:Files needed for development of NodeJS platforms
@@ -296,6 +295,9 @@
%patch200 -p1
%patch201 -p1
+# abnormalities from patching
+find -name configure.js.orig -delete
+
%build
# Make sure nothing gets included from bundled deps:
# We only delete the source and header files, because
@@ -363,7 +365,7 @@
find doc/api -type f -exec chmod 0644 {} +
%install
-make install DESTDIR=%{buildroot} %{?_smp_mflags}
+%make_install %{?_smp_mflags}
rm %{buildroot}%{_datadir}/doc/node/gdbinit
rm -f %{buildroot}%{_datadir}/doc/node/lldbinit
rm -f %{buildroot}%{_datadir}/doc/node/lldb_commands.py
@@ -435,7 +437,7 @@
ln -s %{_sysconfdir}/alternatives/npx.1%{ext_man}
%{buildroot}%{_mandir}/man1/npx.1%{ext_man}
%endif
-# We need to own directory on old versions of SLE
+# We need to own license directory on old versions of SLE
%if 0%{?suse_version} < 1500
mkdir -p %{buildroot}%{_defaultlicensedir}
%endif
++ SHASUMS256.txt ++
--- /var/tmp/diff_new_pack.Y9Osyr/_old 2018-08-28 09:21:19.068242799 +0200
+++ /var/tmp/diff_new_pack.Y9Osyr/_new 2018-08-28 09:21:19.068242799 +0200
@@ -1,40 +1,40 @@
-3933bbdbc678cf237072b0429f0552e01c77fe0a6118da907bff81769d2c801e
node-v8.11.3-aix-ppc64.tar.gz
-77fa26b4c2fc34bdf5a5dd1cd39c93b12087fbd25148c6f04bf409698ee48b86
node-v8.11.3-darwin-x64.tar.gz
-7eac0bf398cb6ecf9f84dfc577ee84eee3d930f7a54b7e50f56d1a358b528792
node-v8.11.3-darwin-x64.tar.xz
-36bf155f2c42bb3628f146a35fcf2ce812ba29f5d57bbec4780787fe282f9b80
node-v8.11.3-headers.tar.gz
-cf42ee988b81b5fd0744f121caa16c7e3fc689137aad66c12eff4d8ac3ebc158
node-v8.11.3-headers.tar.xz
-27bbee0710a798f61fab945dc22d4680926d0a679e293f285ff06bb86142b086
node-v8.11.3-linux-arm64.tar.gz
-b8fddec18f20533929a07bc1d38ae63b1999a0252740094f0974b2cbea76eaa4
node-v8.11.3-linux-arm64.tar.xz
-4e44edd4830159fe026ae2a240308d590e4e3930d794370c2cfcb4c6c1b6db30
node-v8.11.3-linux-armv6l.tar.gz
-7eec60b638843f0336759dd6cc6fa236c103ce9a10e137e6a0b3a82bb7e59f9b
node-v8.11.3-linux-armv6l.tar.xz
-3ab2037f7de2be2021e9b2eccad4a4480f6ec66cad8d7b344ac6a8aeba6908ca
node-v8.11.3-linux-armv7l.tar.gz
-7a2bb6e37615fa45926ac0ad4e5ecda4a98e2956e468dedc337117bfbae0ac68
node-v8.11.3-linux-armv7l.tar.xz
-5c73e55c748c3176746f4e3c278646b44a39e3526c72767a74ce9444165e9e80
node-v8.11.3-linux-ppc64le.tar.gz
-6a29ea871e2288dc83d79473bd7b6702a1da126c1a5c900247344252970cb87e
node-v8.11.3-linux-ppc64le.tar.xz
-3bdb471bbf28478ea82a184193d2fd20d9a5fa5bfe962ecd87a6b4d06a20bd9a
node-v8.11.3-linux-s390x.tar.gz
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2018-06-22 13:12:42
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Fri Jun 22 13:12:42 2018 rev:18 rq:617096 version:8.11.3
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2018-05-18
14:27:48.970561764 +0200
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2018-06-22
13:12:47.608799752 +0200
@@ -1,0 +2,31 @@
+Fri Jun 15 12:03:47 UTC 2018 - adam.ma...@suse.de
+
+- Recommend same major version npm package (bsc#1097748)
+
+---
+Wed Jun 13 16:32:24 UTC 2018 - adam.ma...@suse.de
+
+- New upstream LTS release 8.11.3:
+ * buffer: Fixes Denial of Service vulnerability where calling
+Buffer.fill() could hang (CVE-2018-7167, bsc#1097375)
+ * http2:
++ Fixes Denial of Service vulnerability by updating the http2
+ implementation to not crash under certain circumstances
+ during cleanup (CVE-2018-7161, bsc#1097404)
++ Unbundled nghttp2 to fix Denial of Service vulnerability
+ (CVE-2018-1000168, bsc#1097401)
+
+---
+Thu May 24 14:17:25 UTC 2018 - adam.ma...@suse.de
+
+- env_shebang.patch: use absolute paths in executable shebang lines
+- versioned.patch: updated to move shebang modifications to above
+ patch.
+
+---
+Wed May 23 11:31:09 UTC 2018 - adam.ma...@suse.de
+
+- use gcc7 for SLE12
+- manual_configure.patch: configure nghttp2 correctly
+
+---
Old:
node-v8.11.2.tar.xz
New:
env_shebang.patch
manual_configure.patch
node-v8.11.3.tar.xz
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.mkgaJg/_old 2018-06-22 13:12:48.384770977 +0200
+++ /var/tmp/diff_new_pack.mkgaJg/_new 2018-06-22 13:12:48.384770977 +0200
@@ -26,7 +26,7 @@
###
Name: nodejs8
-Version:8.11.2
+Version:8.11.3
Release:0
%define node_version_number 8
@@ -60,6 +60,12 @@
%bcond_without intree_icu
%endif
+%if 0%{suse_version} >= 1500
+%bcond_withintree_nghttp2
+%else
+%bcond_without intree_nghttp2
+%endif
+
%ifarch aarch64 ppc ppc64 ppc64le s390 s390x
%bcond_withgdb
%else
@@ -101,11 +107,12 @@
Source2:https://nodejs.org/dist/v%{version}/SHASUMS256.txt.sig
Source3:nodejs.keyring
-## UPSTREAM PATCHES HERE, if any
+## Patches not distribution specific
Patch3: fix_ci_tests.patch
Patch6: icu_61_namespacefix.patch
+Patch7: manual_configure.patch
-## Our patches
+## Patches specific to SUSE and openSUSE
# PATCH-FIX-OPENSUSE -- set correct path for dtrace if it is built
Patch101: nodejs-libpath.patch
# PATCH-FIX-UPSTREAM -- use custom addon.gypi by default instead of
@@ -121,6 +128,8 @@
# Use versioned binaries and paths
Patch200: versioned.patch
+Patch201: env_shebang.patch
+
%if %{with binutils_gold}
BuildRequires: binutils-gold
%endif
@@ -145,24 +154,11 @@
%endif # node >= 8
%endif # sles == 11
-# SLE 12 and Leap 42
-# GCC 6 is only available with SLE 12 SP1 and Leap 42.2+.
+# Use GCC 7, since it is in SLE-12:Update
%if %node_version_number >= 8 && 0%{?suse_version} == 1315
-%if 0%{?sle_version} < 120100
-BuildRequires: gcc5-c++
-%define cc_exec gcc-5
-%define cpp_exec g++-5
-%else
-%if 0%{?sle_version} <= 120200 || (0%{?sle_version} == 120300 &&
!0%{?is_opensuse})
-BuildRequires: gcc6-c++
-%define cc_exec gcc-6
-%define cpp_exec g++-6
-%else
BuildRequires: gcc7-c++
%define cc_exec gcc-7
%define cpp_exec g++-7
-%endif # SLE 12 <= SP2 and SLE 12 SP3 but not Leap 42.3
-%endif # SLE 12 < SP1
%endif # node >= 8 and sle == 12
# No special version defined, use default.
@@ -204,9 +200,13 @@
BuildRequires: pkgconfig(icu-i18n) >= 57
%endif
+%if ! %{with intree_nghttp2}
+BuildRequires: libnghttp2-devel >= 1.31.0
+%endif
+
Requires(post): update-alternatives
Requires(postun): update-alternatives
-Recommends: npm(npm) = 5.6.0
+Recommends: npm8
#we need ABI virtual provides where SONAMEs aren't enough/not present so deps
#break when binary compatibility is broken
@@ -285,6 +285,7 @@
%if ! %{with intree_openssl}
%endif
%patch6 -p1
+%patch7 -p1
%patch101 -p1
%patch102 -p1
# Add check_output to configure script (not part of Python 2.6 in SLE11).
@@ -293,7 +294,9 @@
%endif
%patch104 -p1
%patch200 -p1
+%patch201 -p1
+%build
# Make sure nothing gets
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2018-05-18 14:26:52
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Fri May 18 14:26:52 2018 rev:17 rq:610023 version:8.11.2
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2018-04-07
20:47:30.763116954 +0200
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2018-05-18
14:27:48.970561764 +0200
@@ -1,0 +2,16 @@
+Wed May 16 11:04:43 UTC 2018 - adam.ma...@suse.de
+
+- New upstream LTS release 8.11.2:
+ * deps:
++ update node-inspect to 1.11.3
++ update nghttp2 to 1.29.0
+ * http2: Sync with current release stream
+ * n-api: Sync with current release stream
+- versioned.patch: rebased
+
+---
+Fri May 11 12:36:10 UTC 2018 - adam.ma...@suse.de
+
+- icu_61_namespacefix.patch: Fix building with ICU61.1 (bsc#1091764)
+
+---
Old:
node-v8.11.1.tar.xz
New:
icu_61_namespacefix.patch
node-v8.11.2.tar.xz
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.gjPjCH/_old 2018-05-18 14:27:50.010523599 +0200
+++ /var/tmp/diff_new_pack.gjPjCH/_new 2018-05-18 14:27:50.010523599 +0200
@@ -26,11 +26,17 @@
###
Name: nodejs8
-Version:8.11.1
+Version:8.11.2
Release:0
%define node_version_number 8
+%if %node_version_number >= 10
+%define openssl_req_ver 1.1.0
+%else # node8 or older
+%define openssl_req_ver 1.0.2
+%endif
+
%if 0%{?suse_version} == 1110
%define _libexecdir %{_exec_prefix}/lib
%endif
@@ -97,6 +103,7 @@
## UPSTREAM PATCHES HERE, if any
Patch3: fix_ci_tests.patch
+Patch6: icu_61_namespacefix.patch
## Our patches
# PATCH-FIX-OPENSUSE -- set correct path for dtrace if it is built
@@ -177,13 +184,13 @@
%if ! %{with intree_openssl}
%if %node_version_number >= 8
-BuildRequires: openssl-devel >= 1.0.2
+BuildRequires: openssl-devel >= %{openssl_req_ver}
%else # older node doesn't support OpenSSL 1.1
%if 0%{?suse_version} >= 1330
BuildRequires: libopenssl-1_0_0-devel
%else
-BuildRequires: openssl-devel >= 1.0.2
+BuildRequires: openssl-devel >= %{openssl_req_ver}
%endif
%endif # older node doesn't support OpenSSL 1.1
@@ -277,6 +284,7 @@
%patch3 -p1
%if ! %{with intree_openssl}
%endif
+%patch6 -p1
%patch101 -p1
%patch102 -p1
# Add check_output to configure script (not part of Python 2.6 in SLE11).
@@ -419,6 +427,11 @@
ln -s %{_sysconfdir}/alternatives/npx.1%{ext_man}
%{buildroot}%{_mandir}/man1/npx.1%{ext_man}
%endif
+# We need to own directory on old versions of SLE
+%if 0%{?suse_version} < 1500
+mkdir -p %{buildroot}%{_defaultlicensedir}
+%endif
+
%check
ln addon-rpm.gypi deps/npm/node_modules/node-gyp/addon-rpm.gypi
# Tarball doesn't have eslint package distributed, so disable some tests
@@ -448,7 +461,7 @@
%exclude %{_libdir}/node_modules/npm%{node_version_number}
# We need to own directory on old versions of SLE
%if 0%{?suse_version} < 1500
-%dir %_defaultlicensedir
+%dir %{_defaultlicensedir}
%endif
%files -n npm%{node_version_number}
++ SHASUMS256.txt ++
--- /var/tmp/diff_new_pack.gjPjCH/_old 2018-05-18 14:27:50.050522131 +0200
+++ /var/tmp/diff_new_pack.gjPjCH/_new 2018-05-18 14:27:50.050522131 +0200
@@ -1,40 +1,40 @@
-0dabd62eaa3675dafb458da6206fe31a6edf3c368b428fe8d2f800b857070c44
node-v8.11.1-aix-ppc64.tar.gz
-5c7b05899ff56910a2b8180f139d48612f349ac2c5d20f08dbbeffbed9e3a089
node-v8.11.1-darwin-x64.tar.gz
-882fcca054d6100ca67f94e4cf50d8df141f106fafbcefc0b04facc4a9ab956c
node-v8.11.1-darwin-x64.tar.xz
-ea28109f7a3b3b21705f25fb0e181e984ece46e785dd9912b5c14df4c067fa07
node-v8.11.1-headers.tar.gz
-0f1838be48063a0c419178b02eeffaffeb6d4b09b50b9b33b4234dc111ff64fa
node-v8.11.1-headers.tar.xz
-68546c94a730a8d546e37a9bbae919f4a0f864220ce3aa160461a4f3e779a6af
node-v8.11.1-linux-arm64.tar.gz
-ff518f33751baa8ea4f18853d446357c2edecd930a1526ac9b2eaa79baddc1bf
node-v8.11.1-linux-arm64.tar.xz
-10ccfd8631923cac8b0f41a83ef9316a5f19faf96de1eee66dedc20ebf9d61e7
node-v8.11.1-linux-armv6l.tar.gz
-ae5d9b9804a441b786046e125380ea15755db40a99fb5551582bd6bd59ef71be
node-v8.11.1-linux-armv6l.tar.xz
-73abddb5e80a2926f1646b77bbb7093465b2abc43846c1b468dbccad4b72164d
node-v8.11.1-linux-armv7l.tar.gz
-7bb97e3b06d186cfff576096f75431eedcc0ecee16c47afe8aabd7a22cc31c47
node-v8.11.1-linux-armv7l.tar.xz
-f894524124c19fcd2180a483b7a238b77a14fb81c3d4723620ec66be2635cb4f
node-v8.11.1-linux-ppc64le.tar.gz
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2018-04-07 20:47:11
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Sat Apr 7 20:47:11 2018 rev:16 rq:593717 version:8.11.1
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2018-03-30
11:58:47.764450324 +0200
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2018-04-07
20:47:30.763116954 +0200
@@ -1,0 +2,23 @@
+Thu Apr 5 07:18:42 UTC 2018 - adam.ma...@suse.de
+
+- Install license with %license, not %doc (bsc#1082318)
+
+---
+Wed Apr 4 13:29:24 UTC 2018 - adam.ma...@suse.de
+
+- Fix some node-gyp permissions
+
+---
+Tue Apr 3 11:02:33 UTC 2018 - adam.ma...@suse.de
+
+- New upstream LTS release 8.11.1:
+ * Security fixes:
++ Fix for inspector DNS rebinding vulnerability
+ (bsc#1087463, CVE-2018-7160)
++ Fix for 'path' module regular expression denial of service
+ (bsc#1087459, CVE-2018-7158)
++ Reject spaces in HTTP Content-Length header values
+ (bsc#1087453, CVE-2018-7159)
+ * deps: upgrade http-parser to v2.8.0
+
+---
Old:
node-v8.10.0.tar.xz
New:
node-v8.11.1.tar.xz
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.zDxWSC/_old 2018-04-07 20:47:32.335060063 +0200
+++ /var/tmp/diff_new_pack.zDxWSC/_new 2018-04-07 20:47:32.339059919 +0200
@@ -26,7 +26,7 @@
###
Name: nodejs8
-Version:8.10.0
+Version:8.11.1
Release:0
%define node_version_number 8
@@ -390,6 +390,11 @@
find %{buildroot}%{_libdir}/node_modules -type f -exec chmod -x {} +
chmod 0755
%{buildroot}%{_libdir}/node_modules/npm%{node_version_number}/bin/np*-cli.js
chmod 0755
%{buildroot}%{_libdir}/node_modules/npm%{node_version_number}/bin/node-gyp-bin/node-gyp
+chmod 0755
%{buildroot}%{_libdir}/node_modules/npm%{node_version_number}/node_modules/node-gyp/bin/node-gyp.js
+%if %{node_version_number} >= 8
+chmod 0755
%{buildroot}%{_libdir}/node_modules/npm%{node_version_number}/node_modules/npm-lifecycle/node-gyp-bin/node-gyp
+%endif
+
# browser.js is useless for npm cli
find %{buildroot}%{_libdir}/node_modules/npm%{node_version_number} -name
"browser.js" -delete
@@ -430,7 +435,8 @@
%files
%defattr(-, root, root)
-%doc AUTHORS LICENSE *.md
+%license LICENSE
+%doc AUTHORS *.md
%doc deps/v8/tools/gdbinit
%dir %{_libdir}/node_modules
%{_bindir}/node%{node_version_number}
@@ -440,6 +446,10 @@
%ghost %{_sysconfdir}/alternatives/node-default
%ghost %{_sysconfdir}/alternatives/node.1%{ext_man}
%exclude %{_libdir}/node_modules/npm%{node_version_number}
+# We need to own directory on old versions of SLE
+%if 0%{?suse_version} < 1500
+%dir %_defaultlicensedir
+%endif
%files -n npm%{node_version_number}
%defattr(-, root, root)
++ SHASUMS256.txt ++
--- /var/tmp/diff_new_pack.zDxWSC/_old 2018-04-07 20:47:32.371058761 +0200
+++ /var/tmp/diff_new_pack.zDxWSC/_new 2018-04-07 20:47:32.375058616 +0200
@@ -1,40 +1,40 @@
-0cf3170dfd8cf489a8e17dfa525927ba927fe3022a1ef2c924ace7c82691
node-v8.10.0-aix-ppc64.tar.gz
-7d77bd35bc781f02ba7383779da30bd529f21849b86f14d87e097497671b0271
node-v8.10.0-darwin-x64.tar.gz
-03eac783c88ac5253942504658b02105b8acce5c07ff702f55c2fc47d7798664
node-v8.10.0-darwin-x64.tar.xz
-283b3754d72cfee294c5fb69b684c6ab645e4ce2bccc1a931a9687d275f86c74
node-v8.10.0-headers.tar.gz
-461b094359bb69ec9cbe1326cd4a9576403960167857a41f7c0599e28e3b6021
node-v8.10.0-headers.tar.xz
-0776fd38fec6e739c9b4ae18dbdabd09a763b1b6fb7deb12ea2863046350d6a9
node-v8.10.0-linux-arm64.tar.gz
-cbec410109664f75d3c988a43483576fc56f745e05e3884891df9c509fbb1b12
node-v8.10.0-linux-arm64.tar.xz
-4b551327679b40065eed483e1dad0ba4626ed493cbc9fe4322d4c13a34754332
node-v8.10.0-linux-armv6l.tar.gz
-0180c89e7987650009cbfb90fe238b0c5cf3c5ff50d9b4c60a40de2044bd3178
node-v8.10.0-linux-armv6l.tar.xz
-806b735c9d082e12406737c9d4dac851c03f5b36feb6afebdc9c99164c66398b
node-v8.10.0-linux-armv7l.tar.gz
-0f0a675639180cd95077212d0993b45664524bba07359918230cfd7f1bf3d97d
node-v8.10.0-linux-armv7l.tar.xz
-f3daa7c32c5ea92176821b87e4f7653de6c181cca2d87904f6a1d3b25864d623
node-v8.10.0-linux-ppc64le.tar.gz
-b0bd52b42580f2fdbe5eb705b8fe98324028cdb3b0fd625d1e118e4315657afa
node-v8.10.0-linux-ppc64le.tar.xz
-f225806b120564dadc9f1194d4360a311ffb374e3ffd0bcf6da0a9bfeeb670bc
node-v8.10.0-linux-s390x.tar.gz
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2018-03-30 11:58:42
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Fri Mar 30 11:58:42 2018 rev:15 rq:591578 version:8.10.0
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2018-02-25
11:35:37.661290011 +0100
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2018-03-30
11:58:47.764450324 +0200
@@ -1,0 +2,38 @@
+Thu Mar 22 10:38:46 UTC 2018 - adam.ma...@suse.de
+
+- New upstream LTS release 8.10.0:
+ * deps:
++ update V8 to 6.2.414.46
++ revert ABI breaking changes in V8 6.2
++ upgrade libuv to 1.19.1
++ re land npm 5.6.0
+ * crypto:
++ Support both OpenSSL 1.1.0 and 1.0.2. This allows us to drop
+ openssl11.patch
++ warn on invalid authentication tag length
+ * async_hooks:
++ update defaultTriggerAsyncIdScope for perf
++ use typed array stack as fast path
++ use scope for defaultTriggerAsyncId
++ separate missing from default context
++ deprecate undocumented API
+ * n-api: add helper for addons to get the event loop
+ * cli: add --stack-trace-limit to NODE_OPTIONS
+ * console: add support for console.debug
+ * module:
++ add builtinModules
++ replace default paths in require.resolve()
+ * src: add process.ppid
+ * http:
++ support generic Duplex streams
++ add rawPacket in err of clientError event
++ better support for IPv6 addresses
+ * tls: unconsume stream on destroy
+ * process: improve unhandled rejection message
+ * stream: remove usage of *State.highWaterMark
+ * trace_events: add executionAsyncId to init events
+- remove any old manpage files in %pre from before update-alternatives
+ were used to manage symlinks to these manpages.
+- versioned.patch: refreshed
+
+---
Old:
node-v8.9.4.tar.xz
openssl11.patch
New:
node-v8.10.0.tar.xz
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.C7SBiz/_old 2018-03-30 11:58:52.660273276 +0200
+++ /var/tmp/diff_new_pack.C7SBiz/_new 2018-03-30 11:58:52.660273276 +0200
@@ -26,7 +26,7 @@
###
Name: nodejs8
-Version:8.9.4
+Version:8.10.0
Release:0
%define node_version_number 8
@@ -96,7 +96,6 @@
Source3:nodejs.keyring
## UPSTREAM PATCHES HERE, if any
-Patch2: openssl11.patch
Patch3: fix_ci_tests.patch
## Our patches
@@ -167,10 +166,13 @@
BuildRequires: fdupes
BuildRequires: pkg-config
BuildRequires: procps
-BuildRequires: python
-BuildRequires: python2
BuildRequires: xz
BuildRequires: zlib-devel
+%if 0%{?suse_version} >= 1500
+BuildRequires: python2
+%else
+BuildRequires: python
+%endif
%if ! %{with intree_openssl}
@@ -248,7 +250,11 @@
Obsoletes: nodejs-npm < 4.0.0
Provides: npm = %{version}
Provides: npm(npm) = 5.6.0
+%if 0%{?suse_version} >= 1500
Recommends: python2
+%else
+Recommends: python
+%endif
%description -n npm8
A package manager for Node.js that allows developers to install and
@@ -268,7 +274,6 @@
%prep
echo "`grep node-v%{version}.tar.xz %{S:1} | head -n1 | cut -c1-64` %{S:0}" |
sha256sum -c
%setup -q -n node-v%{version}
-%patch2 -p1
%patch3 -p1
%if ! %{with intree_openssl}
%endif
@@ -350,8 +355,11 @@
# remove .bak files, if any
find %{buildroot} -name \*.bak -print -delete
-# npm man page
+# npm/npx man page
install -D -m 644 deps/npm/man/man1/npm.1
%{buildroot}%{_mandir}/man1/npm%{node_version_number}.1
+%if %{node_version_number} >= 8
+install -D -m 644 deps/npm/man/man1/npx.1
%{buildroot}%{_mandir}/man1/npx%{node_version_number}.1
+%endif
#node-gyp needs common.gypi too
install -D -m 644 common.gypi \
@@ -445,6 +453,7 @@
%if %{node_version_number} >= 8
%{_bindir}/npx%{node_version_number}
+%{_mandir}/man1/npx%{node_version_number}.1%{ext_man}
%ghost %{_bindir}/npx-default
%ghost %{_mandir}/man1/npx.1%{ext_man}
%ghost %{_sysconfdir}/alternatives/npx-default
@@ -462,6 +471,12 @@
%defattr(-,root,root)
%doc doc/api
+%pre
+# remove files that are no longer owned but provided by update-alternatives
+if ! [ -L %{_mandir}/man1/node.1%{ext_man} ]; then
+rm -f %{_mandir}/man1/node.1%{ext_man}
+fi
+
%post
update-alternatives \
--install %{_bindir}/node-default node-default
%{_bindir}/node%{node_version_number} %{node_version_number} \
@@ -472,6 +487,12 @@
update-alternatives --remove node-default
%{_bindir}/node%{node_version_number}
fi
+%pre -n npm%{node_version_number}
+# remove
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2018-02-25 11:35:36
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Sun Feb 25 11:35:36 2018 rev:14 rq:578285 version:8.9.4
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2018-02-03
15:41:10.745080006 +0100
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2018-02-25
11:35:37.661290011 +0100
@@ -1,0 +2,13 @@
+Tue Feb 13 08:40:52 UTC 2018 - adam.ma...@suse.de
+
+- Add Recommends and BuildRequire on python2 for npm. node-gyp
+ requires this old version of python for now. This is only needed
+ for binary modules.
+
+---
+Wed Feb 7 11:12:11 UTC 2018 - adam.ma...@suse.de
+
+- Fix specfile typo
+- Use gcc7 on Leap 42.3
+
+---
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.Bjz0xy/_old 2018-02-25 11:35:38.909244701 +0100
+++ /var/tmp/diff_new_pack.Bjz0xy/_new 2018-02-25 11:35:38.917244411 +0100
@@ -147,9 +147,15 @@
%define cc_exec gcc-5
%define cpp_exec g++-5
%else
+%if 0%{?sle_version} <= 120200 || (0%{?sle_version} == 120300 &&
!0%{?is_opensuse})
BuildRequires: gcc6-c++
%define cc_exec gcc-6
%define cpp_exec g++-6
+%else
+BuildRequires: gcc7-c++
+%define cc_exec gcc-7
+%define cpp_exec g++-7
+%endif # SLE 12 <= SP2 and SLE 12 SP3 but not Leap 42.3
%endif # SLE 12 < SP1
%endif # node >= 8 and sle == 12
@@ -162,6 +168,7 @@
BuildRequires: pkg-config
BuildRequires: procps
BuildRequires: python
+BuildRequires: python2
BuildRequires: xz
BuildRequires: zlib-devel
@@ -185,7 +192,7 @@
%endif
%if ! %{with intree_icu}
-BuildRequires: pkgconfig(icu-i18n) >= {{min_icu_version}}
+BuildRequires: pkgconfig(icu-i18n) >= 57
%endif
Requires(post): update-alternatives
@@ -241,6 +248,7 @@
Obsoletes: nodejs-npm < 4.0.0
Provides: npm = %{version}
Provides: npm(npm) = 5.6.0
+Recommends: python2
%description -n npm8
A package manager for Node.js that allows developers to install and
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2018-02-03 15:41:10
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Sat Feb 3 15:41:10 2018 rev:13 rq:571325 version:8.9.4
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2018-01-17
21:59:48.834987869 +0100
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2018-02-03
15:41:10.745080006 +0100
@@ -1,0 +2,6 @@
+Tue Jan 30 18:10:06 CET 2018 - r...@suse.de
+
+- even on recent codestreams there is no binutils gold on s390
+ only on s390x
+
+---
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.FJI3zl/_old 2018-02-03 15:41:11.725034235 +0100
+++ /var/tmp/diff_new_pack.FJI3zl/_new 2018-02-03 15:41:11.729034049 +0100
@@ -70,13 +70,17 @@
%endif # aarch64
# No binutils_gold on all versions of SLE 12 and Leap 42 (s390x).
-%ifarch s390x s390
+%ifarch s390x
%if 0%{?suse_version} > 1320
%bcond_without binutils_gold
%else
%bcond_withbinutils_gold
%endif
-%endif # s390x s390
+%endif # s390x
+
+%ifarch s390
+%bcond_withbinutils_gold
+%endif
%ifnarch aarch64 s390x s390
%bcond_without binutils_gold
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2018-01-17 21:58:50
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Wed Jan 17 21:58:50 2018 rev:12 rq:566595 version:8.9.4
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2018-01-06
18:52:21.766334674 +0100
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2018-01-17
21:59:48.834987869 +0100
@@ -1,0 +2,10 @@
+Tue Jan 9 11:03:58 UTC 2018 - adam.ma...@suse.de
+
+- New upstream LTS release 8.9.4:
+ * deps: update npm to 5.6.0
+ * for complete changeset see
+
https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V8.md#8.9.4
+- versioned.patch: refreshed
+- nodejs-sle11-python26-check_output.patch: refreshed
+
+---
Old:
node-v8.9.3.tar.xz
New:
node-v8.9.4.tar.xz
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.PPCw2b/_old 2018-01-17 21:59:50.122927501 +0100
+++ /var/tmp/diff_new_pack.PPCw2b/_new 2018-01-17 21:59:50.126927313 +0100
@@ -1,7 +1,7 @@
#
# spec file for package nodejs8
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -26,12 +26,12 @@
###
Name: nodejs8
-Version:8.9.3
+Version:8.9.4
Release:0
%define node_version_number 8
-%if 0%{?sles_version} == 11
+%if 0%{?suse_version} == 1110
%define _libexecdir %{_exec_prefix}/lib
%endif
@@ -122,7 +122,7 @@
#
# If the default compiler is not supported, use the most recent compiler
# version available.
-%if 0%{?sles_version} == 11
+%if 0%{?suse_version} == 1110
# GCC 5 is only available in the SUSE:SLE-11:SP4:Update repository (SDK).
%if %node_version_number >= 8
BuildRequires: gcc5-c++
@@ -136,8 +136,8 @@
%endif # sles == 11
# SLE 12 and Leap 42
-# GCC 6 is only available with SLE 12 SP1 and Leap 42.2+ (ignore 42.1: EOL).
-%if 8 >= 8 && 0%{?suse_version} == 1315
+# GCC 6 is only available with SLE 12 SP1 and Leap 42.2+.
+%if %node_version_number >= 8 && 0%{?suse_version} == 1315
%if 0%{?sle_version} < 120100
BuildRequires: gcc5-c++
%define cc_exec gcc-5
@@ -186,7 +186,7 @@
Requires(post): update-alternatives
Requires(postun): update-alternatives
-Recommends: npm(npm) = 5.5.1
+Recommends: npm(npm) = 5.6.0
#we need ABI virtual provides where SONAMEs aren't enough/not present so deps
#break when binary compatibility is broken
@@ -206,7 +206,7 @@
# For SLE11, to be able to use the certificate store we need to have properly
# symlinked certificates. The compatability symlinks are provided by the
# openssl1 library in the Security Module
-%if 0%{?sles_version} == 11
+%if 0%{?suse_version} == 1110
Requires: openssl1
%endif
@@ -236,7 +236,7 @@
Provides: nodejs-npm = %{version}
Obsoletes: nodejs-npm < 4.0.0
Provides: npm = %{version}
-Provides: npm(npm) = 5.5.1
+Provides: npm(npm) = 5.6.0
%description -n npm8
A package manager for Node.js that allows developers to install and
@@ -263,7 +263,7 @@
%patch101 -p1
%patch102 -p1
# Add check_output to configure script (not part of Python 2.6 in SLE11).
-%if 0%{?sles_version} == 11
+%if 0%{?suse_version} == 1110
%patch103 -p1
%endif
%patch104 -p1
@@ -286,6 +286,10 @@
find deps/zlib -name *.[ch] -delete
+# Annoying, over-repetitive patch updated just because lines in
+# documentation changes every version.
+find -name *.md.orig -delete
+
%build
# percent-configure pulls in something that confuses node's configure
# script, so we'll do it thus:
++ SHASUMS256.txt ++
--- /var/tmp/diff_new_pack.PPCw2b/_old 2018-01-17 21:59:50.174925064 +0100
+++ /var/tmp/diff_new_pack.PPCw2b/_new 2018-01-17 21:59:50.178924877 +0100
@@ -1,40 +1,40 @@
-92e662ae3e7fa84a304a4be2e547a38d4f4dc421201a44a5f833683278484198
node-v8.9.3-aix-ppc64.tar.gz
-fa7962f25db420a374e9e60d8a410188bd690a2f0ce8d403aa9b09d9b7ae8c1f
node-v8.9.3-darwin-x64.tar.gz
-ff2a425e6c87cd51be6935fe7e3cf3979f9dd53fc7307b66b74358822780ab05
node-v8.9.3-darwin-x64.tar.xz
-f8a5add5cc635ac6981a52ac777d9e7ff03c072078f2ec1f33e099e9f57e3fca
node-v8.9.3-headers.tar.gz
-c0aa9ccfc9445b912367e695285cab6d153904c75a67b9cf7ce1b5fc8620ba99
node-v8.9.3-headers.tar.xz
-df32e87060f5426fc6c6b1af8e3e130ae08ee36f570ac3728442c7833e53d7c3
node-v8.9.3-linux-arm64.tar.gz
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2018-01-06 18:52:14
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Sat Jan 6 18:52:14 2018 rev:11 rq:561900 version:8.9.3
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2017-12-18
08:59:27.162958825 +0100
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2018-01-06
18:52:21.766334674 +0100
@@ -1,0 +2,13 @@
+Fri Dec 22 14:01:07 UTC 2017 - adam.ma...@suse.de
+
+- Enable CI tests in %check target
+ + fix_ci_tests.patch:
+- DNS queries in buildroots are failing with EAI_AGAIN
+- disable test-module-loading-globalpaths.js - we have
+ hardcoded global paths
+ + versioned.patch: call versioned node binary for tests
+ + openssl11.patch: fix OpenSSL 1.1 backport so all SSL tests pass
+instead of crashing in some situations.
+- node-gyp-addon-gypi.patch: fix typo allowing unit tests to compile
+
+---
@@ -14 +27 @@
- * deps/openssl: updated to 1.0.2n
+ * deps/openssl: updated to 1.0.2n (bsc#1072322)
New:
fix_ci_tests.patch
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.rN8rXW/_old 2018-01-06 18:52:23.458255620 +0100
+++ /var/tmp/diff_new_pack.rN8rXW/_new 2018-01-06 18:52:23.462255433 +0100
@@ -93,6 +93,7 @@
## UPSTREAM PATCHES HERE, if any
Patch2: openssl11.patch
+Patch3: fix_ci_tests.patch
## Our patches
# PATCH-FIX-OPENSUSE -- set correct path for dtrace if it is built
@@ -256,6 +257,9 @@
echo "`grep node-v%{version}.tar.xz %{S:1} | head -n1 | cut -c1-64` %{S:0}" |
sha256sum -c
%setup -q -n node-v%{version}
%patch2 -p1
+%patch3 -p1
+%if ! %{with intree_openssl}
+%endif
%patch101 -p1
%patch102 -p1
# Add check_output to configure script (not part of Python 2.6 in SLE11).
@@ -386,9 +390,19 @@
ln -s %{_sysconfdir}/alternatives/npx.1%{ext_man}
%{buildroot}%{_mandir}/man1/npx.1%{ext_man}
%endif
-# Check that Node.js isn't completely broken.
%check
-%{buildroot}%{_bindir}/node%{node_version_number} -e
'require("assert").strictEqual(process.versions.node, "%{version}");'
+ln addon-rpm.gypi deps/npm/node_modules/node-gyp/addon-rpm.gypi
+# Tarball doesn't have eslint package distributed, so disable some tests
+find test -name \*-eslint-\* -print -delete
+# No documentation is generated, don't bother checking it
+rm -f test/doctool/test-make-doc.js
+# DNS lookup doesn't work in build root
+rm -f test/parallel/test-dns-cancel-reverse-lookup.js \
+ test/parallel/test-dns-resolveany.js
+# multicast test fail since no socket?
+rm -f test/parallel/test-dgram-membership.js
+# Run CI tests - 'advisory for now'
+make test-ci || echo "** UNIT TESTS NOT ALL HAPPY *"
%files
%defattr(-, root, root)
++ fix_ci_tests.patch ++
Author: Adam Majer
Date: Dec 20 09:18:49 UTC 2017
Summary: Fix CI unit tests framework for OBS building
Index: node-v8.9.3/test/parallel/test-module-loading-globalpaths.js
===
--- node-v8.9.3.orig/test/parallel/test-module-loading-globalpaths.js
+++ node-v8.9.3/test/parallel/test-module-loading-globalpaths.js
@@ -7,6 +7,9 @@ const fs = require('fs');
const child_process = require('child_process');
const pkgName = 'foo';
+common.skip('hardcoded global paths');
+return;
+
if (process.argv[2] === 'child') {
console.log(require(pkgName).string);
} else {
Index: node-v8.9.3/Makefile
===
--- node-v8.9.3.orig/Makefile
+++ node-v8.9.3/Makefile
@@ -409,7 +409,7 @@ test-ci-js: | clear-stalled
fi
test-ci: LOGLEVEL := info
-test-ci: | clear-stalled build-addons build-addons-napi doc-only
+test-ci: | clear-stalled build-addons build-addons-napi
out/Release/cctest --gtest_output=tap:cctest.tap
$(PYTHON) tools/test.py $(PARALLEL_ARGS) -p tap --logfile test.tap \
--mode=release --flaky-tests=$(FLAKY_TESTS) \
Index: node-v8.9.3/test/doctool/test-make-doc.js
===
--- node-v8.9.3.orig/test/doctool/test-make-doc.js
+++ node-v8.9.3/test/doctool/test-make-doc.js
@@ -11,7 +11,7 @@ const assert = require('assert');
const fs = require('fs');
const path = require('path');
-const apiPath = path.resolve(common.projectDir, 'out', 'doc', 'api');
+const apiPath = path.resolve(common.projectDir, 'doc', 'api');
const docs = fs.readdirSync(apiPath);
assert.ok(docs.includes('_toc.html'));
++ node-gyp-addon-gypi.patch ++
---
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2017-12-18 08:59:20
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Mon Dec 18 08:59:20 2017 rev:10 rq:557315 version:8.9.3
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2017-12-09
20:33:27.872469116 +0100
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2017-12-18
08:59:27.162958825 +0100
@@ -1,0 +2,6 @@
+Thu Dec 14 09:46:31 UTC 2017 - adam.ma...@suse.de
+
+- openssl11.patch: backport support for OpenSSL 1.1 (bnc#1066953)
+- Dropped 8334.diff - no longer needed
+
+---
@@ -7,3 +13,2 @@
-[ CVE-2017-15897, gh#nodejs/node#17428 ]
- * deps/openssl: updated to 1.0.2n (only applies to SLE 12 SP1
-and lower)
+[ CVE-2017-15897, bnc#1072320 ]
+ * deps/openssl: updated to 1.0.2n
@@ -14 +18,0 @@
-[ gh#nodejs/node#16770 ]
@@ -16 +19,0 @@
-[ gh#nodejs/node#16718 ]
Old:
8334.diff
New:
openssl11.patch
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.xoiq9l/_old 2017-12-18 08:59:28.514893562 +0100
+++ /var/tmp/diff_new_pack.xoiq9l/_new 2017-12-18 08:59:28.518893368 +0100
@@ -92,7 +92,7 @@
Source3:nodejs.keyring
## UPSTREAM PATCHES HERE, if any
-Patch1: 8334.diff
+Patch2: openssl11.patch
## Our patches
# PATCH-FIX-OPENSUSE -- set correct path for dtrace if it is built
@@ -161,12 +161,19 @@
BuildRequires: zlib-devel
%if ! %{with intree_openssl}
+
+%if %node_version_number >= 8
+BuildRequires: openssl-devel >= 1.0.2
+%else # older node doesn't support OpenSSL 1.1
+
%if 0%{?suse_version} >= 1330
BuildRequires: libopenssl-1_0_0-devel
%else
BuildRequires: openssl-devel >= 1.0.2
%endif
-%endif
+
+%endif # older node doesn't support OpenSSL 1.1
+%endif # ! {with intree_openssl}
%if ! %{with intree_cares}
BuildRequires: pkgconfig(libcares) >= 1.10.0
@@ -248,9 +255,7 @@
%prep
echo "`grep node-v%{version}.tar.xz %{S:1} | head -n1 | cut -c1-64` %{S:0}" |
sha256sum -c
%setup -q -n node-v%{version}
-%if %node_version_number < 6
-%patch1 -p1
-%endif
+%patch2 -p1
%patch101 -p1
%patch102 -p1
# Add check_output to configure script (not part of Python 2.6 in SLE11).
++ openssl11.patch ++
2196 lines (skipped)
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2017-12-09 20:32:52
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Sat Dec 9 20:32:52 2017 rev:9 rq:28 version:8.9.3
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2017-11-29
10:54:48.235983194 +0100
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2017-12-09
20:33:27.872469116 +0100
@@ -1,0 +2,22 @@
+Sat Dec 9 03:22:01 UTC 2017 - qantas94he...@gmail.com
+
+- New upstream LTS release 8.9.3:
+ * buffer: buffers allocated with an invalid content will now be
+zero filled
+[ CVE-2017-15897, gh#nodejs/node#17428 ]
+ * deps/openssl: updated to 1.0.2n (only applies to SLE 12 SP1
+and lower)
+[ CVE-2017-3738 CVE-2017-15896 ]
+
+- Changes in 8.9.2:
+ * console: avoid adding infinite error listeners
+[ gh#nodejs/node#16770 ]
+ * http2: improve errors thrown in header validation
+[ gh#nodejs/node#16718 ]
+
+- Remove unnecessary curl BuildRequires
+- Enable gold linker on s390x (TW and SLE/Leap 15)
+- Build with bundled ICU if system ICU not available (only applies
+ to SLE 11/12 and Leap 42.x)
+
+---
Old:
node-v8.9.1.tar.xz
New:
node-v8.9.3.tar.xz
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.TZrgNA/_old 2017-12-09 20:33:29.964369478 +0100
+++ /var/tmp/diff_new_pack.TZrgNA/_new 2017-12-09 20:33:29.964369478 +0100
@@ -26,7 +26,7 @@
###
Name: nodejs8
-Version:8.9.1
+Version:8.9.3
Release:0
%define node_version_number 8
@@ -60,25 +60,27 @@
%bcond_without gdb
%endif
-# No binutils_gold on SLE12 (aarch64).
+# No binutils_gold on SLE 12 GA (aarch64).
%ifarch aarch64
-
%if 0%{?sle_version} >= 120100 || 0%{?is_opensuse}
%bcond_without binutils_gold
%else
%bcond_withbinutils_gold
%endif
+%endif # aarch64
-%else # aarch64
-
-# No binutils_gold on s390x.
+# No binutils_gold on all versions of SLE 12 and Leap 42 (s390x).
%ifarch s390x s390
-%bcond_withbinutils_gold
-%else
+%if 0%{?suse_version} > 1320
%bcond_without binutils_gold
+%else
+%bcond_withbinutils_gold
+%endif
%endif # s390x s390
-%endif # aarch64
+%ifnarch aarch64 s390x s390
+%bcond_without binutils_gold
+%endif
Summary:Evented I/O for V8 JavaScript
License:MIT
@@ -133,20 +135,24 @@
%endif # sles == 11
# SLE 12 and Leap 42
-%if 0%{?suse_version} == 1315
-%if %node_version_number >= 8
+# GCC 6 is only available with SLE 12 SP1 and Leap 42.2+ (ignore 42.1: EOL).
+%if 8 >= 8 && 0%{?suse_version} == 1315
+%if 0%{?sle_version} < 120100
+BuildRequires: gcc5-c++
+%define cc_exec gcc-5
+%define cpp_exec g++-5
+%else
BuildRequires: gcc6-c++
%define cc_exec gcc-6
%define cpp_exec g++-6
-%endif
-%endif
+%endif # SLE 12 < SP1
+%endif # node >= 8 and sle == 12
# No special version defined, use default.
%if ! 0%{?cc_exec:1}
BuildRequires: gcc-c++
%endif
-BuildRequires: curl
BuildRequires: fdupes
BuildRequires: pkg-config
BuildRequires: procps
@@ -282,6 +288,9 @@
export CXX=%{?cpp_exec}
%endif
+# Node.js 4.x does not include the ICU database in the source tarball.
+%define has_small_icu %(test -d "deps/icu-small" && echo 1 || echo 0)
+
./configure \
--prefix=%{_prefix} \
%if ! %{with intree_openssl}
@@ -293,6 +302,11 @@
%endif
%if ! %{with intree_icu}
--with-intl=system-icu \
+%else
+%if %{has_small_icu}
+--with-intl=small-icu \
+--with-icu-source=deps/icu-small \
+%endif
%endif
%if %{with gdb}
--gdb \
++ SHASUMS256.txt ++
--- /var/tmp/diff_new_pack.TZrgNA/_old 2017-12-09 20:33:29.996367954 +0100
+++ /var/tmp/diff_new_pack.TZrgNA/_new 2017-12-09 20:33:29.996367954 +0100
@@ -1,40 +1,40 @@
-70c9bbb0b7e9125ba2d1e83826cd7ab981d21bf59f58b53809bb1922e59211a9
node-v8.9.1-aix-ppc64.tar.gz
-05c992a6621d28d564b92bf3051a5dc0adf83839237c0d4653a8cdb8a1c73b94
node-v8.9.1-darwin-x64.tar.gz
-ed71abc42e00f9d1f55f0977ff55cad2f68f3e8693211d33922d9286e6f6540b
node-v8.9.1-darwin-x64.tar.xz
-20bba14a649ac39210a74720e399bde117ed38f95bde3548c16b36b8a1702cfc
node-v8.9.1-headers.tar.gz
-2f5e2d2bd3b5242d20a65be645b55f41e62550dfacc35d8b445f8613aec117e3
node-v8.9.1-headers.tar.xz
-47521340ff82617c1e6ba63ce300685e1b8b7cf5c0ec2e71628bcdb398085b29
node-v8.9.1-linux-arm64.tar.gz
-f774660980dcf931bf29847a5f26317823a063fa4a56f85f37c3222d77cce7c1
node-v8.9.1-linux-arm64.tar.xz
-54efdd6a22d03294e4b6dc00338fa2d37e9740040d85638a62a3603cf31d3b26
node-v8.9.1-linux-armv7l.tar.gz
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2017-11-29 10:54:44
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Wed Nov 29 10:54:44 2017 rev:8 rq:546333 version:8.9.1
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2017-11-17
11:00:44.519101747 +0100
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2017-11-29
10:54:48.235983194 +0100
@@ -1,0 +2,6 @@
+Wed Nov 29 01:41:56 UTC 2017 - qantas94he...@gmail.com
+
+- Change BuildRequires from openssl-devel to libopenssl-1_0_0-devel
+ due to Tumbleweed/Leap 15 change to OpenSSL 1.1.0 as default
+
+---
@@ -11,0 +18 @@
+
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.lKJVl0/_old 2017-11-29 10:54:49.467938497 +0100
+++ /var/tmp/diff_new_pack.lKJVl0/_new 2017-11-29 10:54:49.471938352 +0100
@@ -155,8 +155,12 @@
BuildRequires: zlib-devel
%if ! %{with intree_openssl}
+%if 0%{?suse_version} >= 1330
+BuildRequires: libopenssl-1_0_0-devel
+%else
BuildRequires: openssl-devel >= 1.0.2
%endif
+%endif
%if ! %{with intree_cares}
BuildRequires: pkgconfig(libcares) >= 1.10.0
++ 8334.diff ++
--- /var/tmp/diff_new_pack.lKJVl0/_old 2017-11-29 10:54:49.491937627 +0100
+++ /var/tmp/diff_new_pack.lKJVl0/_new 2017-11-29 10:54:49.491937627 +0100
@@ -1,3 +1,2 @@
Empty patch. Placeholder must exist as long as same patch
for older Node codestreams exist.
-
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2017-11-17 10:56:34
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Fri Nov 17 10:56:34 2017 rev:7 rq:542248 version:8.9.1
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2017-10-27
14:01:30.803759221 +0200
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2017-11-17
11:00:44.519101747 +0100
@@ -1,0 +2,30 @@
+Thu Nov 16 13:16:25 UTC 2017 - adam.ma...@suse.de
+
+- Update nodejs.keyring based on current Release Team as found on
+ https://github.com/nodejs/node#release-team
+
+---
+Mon Nov 13 14:29:47 UTC 2017 - adam.ma...@suse.de
+
+- Fix permissions of node-gyp. This should be executable to allow
+ building of binary node modules.
+---
+Mon Nov 13 10:05:10 UTC 2017 - adam.ma...@suse.de
+
+- New upstream LTS version 8.9.1:
+ * openssl: upgrade openssl sources to 1.0.2m
+[OpenSSL Security Advisory (bsc#1066242, bsc#1056058)
+ CVE-2017-3735 CVE-2017-3736]
+ * https: revert refactor to use http internals
+
+- Changes since 8.9.0 LTS version:
+ * deps: update to npm 5.5.1
+ * http2: The exposed http2 socket is no longer manipulatable
+ * module: support custom paths to require.resolve()
+ * util: util.TextEncoder and util.TextDecoder are no longer
+experimental. No longer produces a warning when using them.
+
+- versioned.patch: refreshed
+- 0f3e69db.patch icu59.patch: removed empty patches
+
+---
@@ -35,0 +66 @@
+
Old:
0f3e69db.patch
icu59.patch
node-v8.8.1.tar.xz
New:
node-v8.9.1.tar.xz
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.SuC0Te/_old 2017-11-17 11:00:46.511028845 +0100
+++ /var/tmp/diff_new_pack.SuC0Te/_new 2017-11-17 11:00:46.515028698 +0100
@@ -26,7 +26,7 @@
###
Name: nodejs8
-Version:8.8.1
+Version:8.9.1
Release:0
%define node_version_number 8
@@ -91,8 +91,6 @@
## UPSTREAM PATCHES HERE, if any
Patch1: 8334.diff
-Patch2: 0f3e69db.patch
-Patch3: icu59.patch
## Our patches
# PATCH-FIX-OPENSUSE -- set correct path for dtrace if it is built
@@ -170,7 +168,7 @@
Requires(post): update-alternatives
Requires(postun): update-alternatives
-Recommends: npm(npm) = 5.4.2
+Recommends: npm(npm) = 5.5.1
#we need ABI virtual provides where SONAMEs aren't enough/not present so deps
#break when binary compatibility is broken
@@ -220,7 +218,7 @@
Provides: nodejs-npm = %{version}
Obsoletes: nodejs-npm < 4.0.0
Provides: npm = %{version}
-Provides: npm(npm) = 5.4.2
+Provides: npm(npm) = 5.5.1
%description -n npm8
A package manager for Node.js that allows developers to install and
@@ -243,12 +241,6 @@
%if %node_version_number < 6
%patch1 -p1
%endif
-%if %node_version_number < 6
-%patch2 -p1
-%endif
-%if %node_version_number < 6
-%patch3 -p1
-%endif
%patch101 -p1
%patch102 -p1
# Add check_output to configure script (not part of Python 2.6 in SLE11).
@@ -312,6 +304,9 @@
rm -f %{buildroot}%{_datadir}/doc/node/lldbinit
rm -f %{buildroot}%{_datadir}/doc/node/lldb_commands.py
+# remove .bak files, if any
+find %{buildroot} -name \*.bak -print -delete
+
# npm man page
install -D -m 644 deps/npm/man/man1/npm.1
%{buildroot}%{_mandir}/man1/npm%{node_version_number}.1
@@ -343,6 +338,7 @@
# fix permissions
find %{buildroot}%{_libdir}/node_modules -type f -exec chmod -x {} +
chmod 0755
%{buildroot}%{_libdir}/node_modules/npm%{node_version_number}/bin/np*-cli.js
+chmod 0755
%{buildroot}%{_libdir}/node_modules/npm%{node_version_number}/bin/node-gyp-bin/node-gyp
# browser.js is useless for npm cli
find %{buildroot}%{_libdir}/node_modules/npm%{node_version_number} -name
"browser.js" -delete
++ SHASUMS256.txt ++
--- /var/tmp/diff_new_pack.SuC0Te/_old 2017-11-17 11:00:46.559027088 +0100
+++ /var/tmp/diff_new_pack.SuC0Te/_new 2017-11-17 11:00:46.559027088 +0100
@@ -1,42 +1,40 @@
-532ab5404a992e061639e9fb552818719c67167b065d831e203e896baa9a68b4
node-v8.8.1-aix-ppc64.tar.gz
-bf208e29418fb3efc836d3d32b62b9162f0f0b36a0665abc0990f4e292cfc84b
node-v8.8.1-darwin-x64.tar.gz
-d79e34f4679c0359ca63fefd8f9f907af2eb3ab05335291c77d25408afe5ec18
node-v8.8.1-darwin-x64.tar.xz
-a23bf22300253de45f38791d639deecc30f525591f892f7781f233cb25c25291
node-v8.8.1-headers.tar.gz
commit nodejs8 for openSUSE:Factory
Hello community, here is the log from the commit of package nodejs8 for openSUSE:Factory checked in at 2017-10-27 14:01:27 Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old) and /work/SRC/openSUSE:Factory/.nodejs8.new (New) Package is "nodejs8" Fri Oct 27 14:01:27 2017 rev:6 rq:536912 version:8.8.1 Changes: --- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2017-10-25 17:49:04.995016691 +0200 +++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2017-10-27 14:01:30.803759221 +0200 @@ -1,0 +2,7 @@ +Thu Oct 26 14:54:45 UTC 2017 - qantas94he...@gmail.com + +- New upstream release 8.8.1: + * net: Fix timeout with null handle issue. This is a regression +in Node 8.8.0. (gh#nodejs/node#16489) + +--- @@ -8 +15 @@ -+ a new environment varible NODE_NO_HTTP2 has been added to ++ a new environment variable NODE_NO_HTTP2 has been added to Old: node-v8.8.0.tar.xz New: node-v8.8.1.tar.xz Other differences: -- ++ nodejs8.spec ++ --- /var/tmp/diff_new_pack.zJF2ji/_old 2017-10-27 14:01:32.871662554 +0200 +++ /var/tmp/diff_new_pack.zJF2ji/_new 2017-10-27 14:01:32.875662367 +0200 @@ -26,7 +26,7 @@ ### Name: nodejs8 -Version:8.8.0 +Version:8.8.1 Release:0 %define node_version_number 8 ++ SHASUMS256.txt ++ --- /var/tmp/diff_new_pack.zJF2ji/_old 2017-10-27 14:01:32.927659936 +0200 +++ /var/tmp/diff_new_pack.zJF2ji/_new 2017-10-27 14:01:32.927659936 +0200 @@ -1,42 +1,42 @@ -4524fccb73aae20d6ebd1900c0dd131fab7d3807c5597eb847293562513e43bf node-v8.8.0-aix-ppc64.tar.gz -69a37e240fac48289a2a5bb75ab96091f8d6457eeaf23c0a5125250abe418176 node-v8.8.0-darwin-x64.tar.gz -b2f1440a7669af1e76be7ee7b275c97cbe79ee41a7e6278518d00b5a142d8d12 node-v8.8.0-darwin-x64.tar.xz -272888d6830c0a8c881c947cd5108a51f657f8e050f51b73c6eed1479dec55a3 node-v8.8.0-headers.tar.gz -85a4b3b5ad9d95e0e7df1c00c6496601cd1b4b9844c0bc57310741589bc7dc48 node-v8.8.0-headers.tar.xz -58bb50e792f60651f48b26a9e7e68bd10f51ecc254a2be6ea759f26ebe6b1a21 node-v8.8.0-linux-arm64.tar.gz -454617ff94882d9a81dca0840065fb5a928ff68e8e8efe7c1748d996ab757b2e node-v8.8.0-linux-arm64.tar.xz -15145f5b3c8d05abb786b7877e66ad70459cd5d949bcc63ed5a307a2e1cc300f node-v8.8.0-linux-armv6l.tar.gz -acd924e0bd5fe95e7fad2a97d1e5ffd43e67e6f880e1947dc805a9fe4546b31e node-v8.8.0-linux-armv6l.tar.xz -c6e30d71dba7d735aeb969205c5aa5f9d7574e19fee5e0aa3434bcc8c4d74683 node-v8.8.0-linux-armv7l.tar.gz -68b6b2393f0d379a8c3e2f7416e4577996047839fae8076e479a19ae0d90e053 node-v8.8.0-linux-armv7l.tar.xz -a0e9e51e4b47cacda44db1b9e6bd47d5bc0445b08784aaf4f7181a71a5dfcffa node-v8.8.0-linux-ppc64le.tar.gz -942aade9651a425b171d2699d8c849eb065e49885d6e346c3bf23a5bc9f0b503 node-v8.8.0-linux-ppc64le.tar.xz -d5878ed00864b724339d3752be8d830e2eb7c08c4ce90a9d0ea80a7e78e03dcc node-v8.8.0-linux-ppc64.tar.gz -9eccec7aa1c983ebdb2688f1788b432c5c8908d98c593fd989f0755249f90866 node-v8.8.0-linux-ppc64.tar.xz -aae9ea4e9b213bf40bf5305bf3ac82fa82efd33a4216fea01d430300a9757320 node-v8.8.0-linux-s390x.tar.gz -5405e9f28db36d798253e74d6a52764a91170bf8578fc793620b598c958c5522 node-v8.8.0-linux-s390x.tar.xz -3d988ec9d7e50a030b5aa3f36840a6d37219ff0f5bcd7da255dc9475e7d99813 node-v8.8.0-linux-x64.tar.gz -4304c297f41085ac1f7a6a8e68496d9fd5aa3b92590e7c3c6015a23939767e72 node-v8.8.0-linux-x64.tar.xz -6fcb04e49725378a109388610ac14142adaa001bcf292982077968406fb04a54 node-v8.8.0-linux-x86.tar.gz -6257c617a12eb3a4c5381629c5a8a6166b20efd853ae09fdb1ac10c2c259cdd1 node-v8.8.0-linux-x86.tar.xz -9968e00b7530203d26baa6aa2895717df5a5c433dc9a8bad032c8d2cfb6a425a node-v8.8.0.pkg -bf8d32f0e8c59c60b0de386b557057618476261ce4d0668fc493b3774f7af7f3 node-v8.8.0-sunos-x64.tar.gz -3233c927cc9fb99d17a2bab8f0fdf510b1e3b3b07a0eafbb0690da585324ab28 node-v8.8.0-sunos-x64.tar.xz -9c9b535fab082990689360d7857ffc8aea5f0e371e28be132f98b9f07ff5be02 node-v8.8.0-sunos-x86.tar.gz -a143ba487b1aba035634eec41ad03ba7681b7a1ed78d70f551b9471f3df01dc8 node-v8.8.0-sunos-x86.tar.xz -669e0054a25c7f21e6d8bef182da566de35fb3b3441e8f90b6da9585c1f82caf node-v8.8.0.tar.gz -854f32d27cd62895a13a6af43b87e0542f512f40af960244d15cf16da0914ecf node-v8.8.0.tar.xz -a4bbee86af96c01159178ace42643942bc55ce3907e49f01dd1810f19cfef822 node-v8.8.0-win-x64.7z -a7a1fd2c5f5c967d7df70fdec1a8b2d2d2b1b411fcdd4f23bcf8c9c837a7c3cb node-v8.8.0-win-x64.zip -2136c4c0a489074ad317603605ae03ada260b21e6d0a40ef0c7282b6130f50bd node-v8.8.0-win-x86.7z -abec6b1cec0b768e57121d98d1546741bf33e29399e348bbd26d6c3fd4b359ee node-v8.8.0-win-x86.zip
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2017-10-25 17:48:59
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Wed Oct 25 17:48:59 2017 rev:5 rq:536527 version:8.8.0
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2017-09-29
11:57:12.351409022 +0200
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2017-10-25
17:49:04.995016691 +0200
@@ -1,0 +2,42 @@
+Wed Oct 25 05:18:51 UTC 2017 - qantas94he...@gmail.com
+
+- New upstream release 8.8.0:
+ * crypto: expose ECDH class (gh#nodejs/node#8188)
+ * http2: (gh#nodejs/node#{15685,16269})
++ http2 is now exposed by default without the need for a flag
++ a new environment varible NODE_NO_HTTP2 has been added to
+ allow userland http2 to be required
++ support has been added for generic Duplex streams
+ * module: resolve and instantiate loader pipeline hooks have been
+added to the ESM lifecycle (gh#nodejs/node#15445)
+ * zlib: (CVE-2017-14919: only affects TW) In zlib v1.2.9, a
+change was made that causes an exception to be thrown when a
+raw deflate stream is initialized with windowBits set to 8.
+Node.js will now gracefully set windowBits to 9 (replicating
+the legacy behavior) to avoid a DOS vector.
+
+---
+Thu Oct 19 08:07:05 UTC 2017 - adam.ma...@suse.de
+
+- Make sure npm and npx programs remain executable
+
+---
+Fri Oct 13 11:04:51 UTC 2017 - adam.ma...@suse.de
+
+- Replace {{node_version_major}} with RPM define %node_version_number
+ for simpler spec file review.
+---
+Fri Oct 13 10:06:23 UTC 2017 - adam.ma...@suse.de
+
+- New upstream version 8.7.0:
+ * deps:
++ update npm to 5.4.2
++ update libuv 1.15.0
++ update V8 to 6.1.534.42
+ * dgram: support for setting dgram socket buffer size
+ * fs: add support O_DSYNC file open constant
+ * util: deprecate obj.inspect for custom inspection
+- nodejs-libpath.patch
+ versioned.patch: refreshed patches
+
+---
@@ -11 +53 @@
- * path: fix normalize paths ending with two dots
+ * path: fix normalize paths ending with two dots (CVE-2017-14849)
Old:
node-v8.6.0.tar.xz
New:
node-v8.8.0.tar.xz
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.RkIM4n/_old 2017-10-25 17:49:06.182960935 +0200
+++ /var/tmp/diff_new_pack.RkIM4n/_new 2017-10-25 17:49:06.182960935 +0200
@@ -26,9 +26,11 @@
###
Name: nodejs8
-Version:8.6.0
+Version:8.8.0
Release:0
+%define node_version_number 8
+
%if 0%{?sles_version} == 11
%define _libexecdir %{_exec_prefix}/lib
%endif
@@ -121,7 +123,7 @@
# version available.
%if 0%{?sles_version} == 11
# GCC 5 is only available in the SUSE:SLE-11:SP4:Update repository (SDK).
-%if 8 >= 8
+%if %node_version_number >= 8
BuildRequires: gcc5-c++
%define cc_exec gcc-5
%define cpp_exec g++-5
@@ -134,7 +136,7 @@
# SLE 12 and Leap 42
%if 0%{?suse_version} == 1315
-%if 8 >= 8
+%if %node_version_number >= 8
BuildRequires: gcc6-c++
%define cc_exec gcc-6
%define cpp_exec g++-6
@@ -168,7 +170,7 @@
Requires(post): update-alternatives
Requires(postun): update-alternatives
-Recommends: npm(npm) = 5.3.0
+Recommends: npm(npm) = 5.4.2
#we need ABI virtual provides where SONAMEs aren't enough/not present so deps
#break when binary compatibility is broken
@@ -218,7 +220,7 @@
Provides: nodejs-npm = %{version}
Obsoletes: nodejs-npm < 4.0.0
Provides: npm = %{version}
-Provides: npm(npm) = 5.3.0
+Provides: npm(npm) = 5.4.2
%description -n npm8
A package manager for Node.js that allows developers to install and
@@ -238,13 +240,13 @@
%prep
echo "`grep node-v%{version}.tar.xz %{S:1} | head -n1 | cut -c1-64` %{S:0}" |
sha256sum -c
%setup -q -n node-v%{version}
-%if 8 < 6
+%if %node_version_number < 6
%patch1 -p1
%endif
-%if 8 < 6
+%if %node_version_number < 6
%patch2 -p1
%endif
-%if 8 < 6
+%if %node_version_number < 6
%patch3 -p1
%endif
%patch101 -p1
@@ -311,59 +313,42 @@
rm -f %{buildroot}%{_datadir}/doc/node/lldb_commands.py
# npm man page
-install -D -m 644 deps/npm/man/man1/npm.1 %{buildroot}%{_mandir}/man1/npm8.1
+install -D -m 644 deps/npm/man/man1/npm.1
%{buildroot}%{_mandir}/man1/npm%{node_version_number}.1
#node-gyp needs common.gypi too
install -D -m 644 common.gypi \
-
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2017-09-29 11:57:00
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Fri Sep 29 11:57:00 2017 rev:4 rq:529110 version:8.6.0
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2017-09-22
21:33:57.388295035 +0200
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2017-09-29
11:57:12.351409022 +0200
@@ -1,0 +2,14 @@
+Wed Sep 27 15:02:48 UTC 2017 - adam.ma...@suse.de
+
+- New upstream version 8.6.0:
+ * crypto: Support for multiple ECDH curves.
+ * dgram:
++ Added setMulticastInterface() API
++ Custom lookup functions are now supported.
+ * n-api: The command-line flag is no longer required to use N-API
+ * tls: Docs-only deprecation of parseCertString().
+ * path: fix normalize paths ending with two dots
+ * see https://nodejs.org/en/blog/release/v8.6.0/ for full
+changelog
+
+---
Old:
node-v8.5.0.tar.xz
New:
node-v8.6.0.tar.xz
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.UZCSxP/_old 2017-09-29 11:57:13.323271984 +0200
+++ /var/tmp/diff_new_pack.UZCSxP/_new 2017-09-29 11:57:13.323271984 +0200
@@ -26,7 +26,7 @@
###
Name: nodejs8
-Version:8.5.0
+Version:8.6.0
Release:0
%if 0%{?sles_version} == 11
++ SHASUMS256.txt ++
--- /var/tmp/diff_new_pack.UZCSxP/_old 2017-09-29 11:57:13.367265781 +0200
+++ /var/tmp/diff_new_pack.UZCSxP/_new 2017-09-29 11:57:13.371265217 +0200
@@ -1,42 +1,40 @@
-ac88cdf15b0984efb87a81b6b692ad2a86711516453b8e8fd4923003b578
node-v8.5.0-aix-ppc64.tar.gz
-0c8d4c4d90f858a19a29fe1ae7f42b2b7f1a4d3caaa25bea2e08479c00ebbd5f
node-v8.5.0-darwin-x64.tar.gz
-30cdfc139d8909eabde9bb4439c1b2409b9814ff05032368e9ed96555af1c860
node-v8.5.0-darwin-x64.tar.xz
-c0e2c5ad594cc0d5898d933fc4d859974e62034b9e691af4fc3fdc8f0755300f
node-v8.5.0-headers.tar.gz
-8e83244ac9e0fedd472aed02da6857f1befdba74fd29cf56a40476fd7f020aec
node-v8.5.0-headers.tar.xz
-09004f9cc8039918e48ce846173dbd37e8673c9a6ada34bdb2e073534c70c9af
node-v8.5.0-linux-arm64.tar.gz
-e0decdebe73dba516d6c72401e337cee6277c6e00f817b0bf1c592360adfd4e6
node-v8.5.0-linux-arm64.tar.xz
-b6e8f2963c149a556ca2c3f2bfbd42a94ea2f51608e4d1873364b86c283c11da
node-v8.5.0-linux-armv6l.tar.gz
-fee64a5843ebcd20b3a553b2fcc032729a90fcf23da236ebdd7dc241fcf93736
node-v8.5.0-linux-armv6l.tar.xz
-3caed49e1367eb0a173646a9f82616401127a96cf8c569f5bf5a1dbfba74680c
node-v8.5.0-linux-armv7l.tar.gz
-c0b8adcc54a754a84768d8860d4e2abd2eaba35b579fdc0a576e830c7d7ac599
node-v8.5.0-linux-armv7l.tar.xz
-82dedda02b88df74d9f0f415d27da3b7ab584b1679b032d70773fe59a954f3c1
node-v8.5.0-linux-ppc64le.tar.gz
-abc1db0f2a731d67b598b6e784acee341e0e6272fe61c5f337522ab576ff2cd0
node-v8.5.0-linux-ppc64le.tar.xz
-73e218998534f1c467591d474a9436ada1b6adc4977709f482393b6b00eedd6c
node-v8.5.0-linux-ppc64.tar.gz
-adeed3f1b7ebc7495a694ffa1514cb9e4700ad4a580c1cd6f529e814e184e11f
node-v8.5.0-linux-ppc64.tar.xz
-09eb6157502faabf4e3d22fbe3c31245f5c9e14cf3ec9e25ba5ce1bc19ea84ee
node-v8.5.0-linux-s390x.tar.gz
-b75d06cadaa1611b0ee10ebc5a3127f529afc1e19d3ee1299ba05f31c9f969fa
node-v8.5.0-linux-s390x.tar.xz
-710235e04553147b9c18deadc7cefa4297d4dce190de94cc625d2cf6b9ba
node-v8.5.0-linux-x64.tar.gz
-a9651fcc6259b4a944ebb72e6dd116602c7b26ddf939599b060d1d3e6ead8c36
node-v8.5.0-linux-x64.tar.xz
-00ea2be3a78b1694439254d9c7232ce79748d5ff3e0d9bb2ff1fcd090d502d63
node-v8.5.0-linux-x86.tar.gz
-b420254e8ec211bc28059176890d4dab83e2ee7e72965a6953aec9bf87b9db97
node-v8.5.0-linux-x86.tar.xz
-20362cacfceb34512a03ba766e239c142fe89ed6ecbff21a851dd52015482c88
node-v8.5.0.pkg
-6f8ce37b15c6e950d98b0523326484e5c23fd2df36f69c032f08790e90ad0f73
node-v8.5.0-sunos-x64.tar.gz
-fb06d47106af700633885c476177e52e5e6be3c4bcdb84d7263dd0ff3e47040e
node-v8.5.0-sunos-x64.tar.xz
-495b3383d8116b8f82648754c2df54950f68205852b0094f95632da9c558ff68
node-v8.5.0-sunos-x86.tar.gz
-b441d93edac5aac5e46cac93354638d7ab5d5e4216fcd3bf279196fe84f6e761
node-v8.5.0-sunos-x86.tar.xz
-dd5ac97074882ba62892bdb91ec5e624c338d772a6218da08c182231031a4446
node-v8.5.0.tar.gz
-e1cde5d8e5049e7e1b61aef128f26162059d885dc8cab5014bf5cbf693f75c3c
node-v8.5.0.tar.xz
-bce2013fdd2d6fbd6bbca1397e07600d01081be711e18fb8a9515443f4eb89a6
node-v8.5.0-win-x64.7z
-c385d162c15a7a85d42755ee8c78c1c73bd251e2f7cbf82e5e20c824564aa9df
node-v8.5.0-win-x64.zip
-797bed56fe22b52ab8639e4377ffa6a62f921ab0b9ff671fe2ecb6fb2bbcd1f4
node-v8.5.0-win-x86.7z
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2017-09-22 21:33:35
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Fri Sep 22 21:33:35 2017 rev:3 rq:526982 version:8.5.0
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2017-09-04
12:34:31.434686772 +0200
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2017-09-22
21:33:57.388295035 +0200
@@ -1,0 +2,32 @@
+Wed Sep 13 04:43:23 UTC 2017 - qantas94he...@gmail.com
+
+- New upstream version 8.5.0:
+ * build: Snapshots are now re-enabled in V8 (#14875)
+ * console: Implement minimal console.group(). (#14910)
+ * deps/libuv: upgraded to 1.14.1 (#14866)
+ * deps/nghttp2: upgraded to 1.25.0 (#14955)
+ * dns: Add "verbatim" option to dns.lookup(). When true, results
+from the DNS resolver are passed on as-is, without the
+reshuffling that Node.js otherwise does that puts IPv4
+addresses before IPv6 addresses. (#14731)
+ * fs: add fs.copyFile and fs.copyFileSync which allows for more
+efficient copying of files. (#15034)
+ * inspector: Enable async stack traces (#13870)
+ * module: Add support for ESM. This is currently behind the
+--experimental-modules flag and requires the .mjs extension.
+(#14369)
+ * napi: implement promise (#14365)
+ * os: Add support for CIDR notation to the output of the
+networkInterfaces() method. (#14307)
+ * perf_hooks: An initial implementation of the Performance
+Timing API for Node.js. This is the same Performance Timing
+API implemented by modern browsers with a number of Node.js
+specific properties. The User Timing mark() and measure() APIs
+have also been implemented. (#14680)
+ * tls: multiple PFX in createSecureContext (#14793)
+- Change compiler version used:
+ * SLE 11 SP4: GCC 5
+ * SLE 12 and Leap 42: GCC 6
+ * Factory and SLE/Leap 15: default
+
+---
Old:
node-v8.4.0.tar.xz
New:
node-v8.5.0.tar.xz
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.R1bQlR/_old 2017-09-22 21:33:58.924078848 +0200
+++ /var/tmp/diff_new_pack.R1bQlR/_new 2017-09-22 21:33:58.928078285 +0200
@@ -26,7 +26,7 @@
###
Name: nodejs8
-Version:8.4.0
+Version:8.5.0
Release:0
%if 0%{?sles_version} == 11
@@ -113,15 +113,36 @@
%endif
# Node.js 4/6/7 requires GCC 4.8.5+.
-# Upstream asks for GCC 4.9.4+ with 8.x, but that is more for
-# maintenance reasons and potential C++11 issues rather than
-# a failure to compile with GCC 4.8. (GH: nodejs/node, d13a65ad)
-# Only SLE 11 has a default compiler version older than necessary.
+#
+# For Node.js 8.x, upstream requires GCC 4.9.4+, as GCC 4.8 may have
+# slightly buggy C++11 support: https://github.com/nodejs/node/pull/13466
+#
+# If the default compiler is not supported, use the most recent compiler
+# version available.
%if 0%{?sles_version} == 11
+# GCC 5 is only available in the SUSE:SLE-11:SP4:Update repository (SDK).
+%if 8 >= 8
+BuildRequires: gcc5-c++
+%define cc_exec gcc-5
+%define cpp_exec g++-5
+%else
BuildRequires: gcc48-c++
%define cc_exec gcc-4.8
%define cpp_exec g++-4.8
-%else
+%endif # node >= 8
+%endif # sles == 11
+
+# SLE 12 and Leap 42
+%if 0%{?suse_version} == 1315
+%if 8 >= 8
+BuildRequires: gcc6-c++
+%define cc_exec gcc-6
+%define cpp_exec g++-6
+%endif
+%endif
+
+# No special version defined, use default.
+%if ! 0%{?cc_exec:1}
BuildRequires: gcc-c++
%endif
@@ -223,7 +244,7 @@
%if 8 < 6
%patch2 -p1
%endif
-%if 8 < 8
+%if 8 < 6
%patch3 -p1
%endif
%patch101 -p1
++ SHASUMS256.txt ++
--- /var/tmp/diff_new_pack.R1bQlR/_old 2017-09-22 21:33:58.976071529 +0200
+++ /var/tmp/diff_new_pack.R1bQlR/_new 2017-09-22 21:33:58.976071529 +0200
@@ -1,42 +1,42 @@
-9007e961fc9a2a8badb656ebaab52077347113d7618806e7aa502a71eab3f5aa
node-v8.4.0-aix-ppc64.tar.gz
-cc10ffbd11586bd27a7cc5e6e2d03fd3e0b341368387a03ee9a0117a0288599d
node-v8.4.0-darwin-x64.tar.gz
-e88e41ff5566f1e79f88d116bcc0013ac423741e85bd40d91775ca8f4e5141a1
node-v8.4.0-darwin-x64.tar.xz
-724d091c6610255ece8c310e7e3924f0e675d1486d63bca34e7ac0c8c8e07497
node-v8.4.0-headers.tar.gz
-bd56ece5c3f66492c178f3affb9a9dc0dfbf121dd21b52c9e04071dc2e9b8b61
node-v8.4.0-headers.tar.xz
-a85225930dadf0b8161f95fe7e0e81e8840a8e20623cb5a7b5c61fced10ed7f0
node-v8.4.0-linux-arm64.tar.gz
-0a811bbe4905fc879f3cbfc976e5a37cca05bbd609774abe4332b29fea75f073
node-v8.4.0-linux-arm64.tar.xz
-c8812b7cdce2de297d320145dab11e521a6734d0a3f42e67f86f80b1bb5984a0
commit nodejs8 for openSUSE:Factory
Hello community,
here is the log from the commit of package nodejs8 for openSUSE:Factory checked
in at 2017-09-04 12:34:20
Comparing /work/SRC/openSUSE:Factory/nodejs8 (Old)
and /work/SRC/openSUSE:Factory/.nodejs8.new (New)
Package is "nodejs8"
Mon Sep 4 12:34:20 2017 rev:2 rq:520137 version:8.4.0
Changes:
--- /work/SRC/openSUSE:Factory/nodejs8/nodejs8.changes 2017-08-24
18:38:07.166084023 +0200
+++ /work/SRC/openSUSE:Factory/.nodejs8.new/nodejs8.changes 2017-09-04
12:34:31.434686772 +0200
@@ -1,0 +2,65 @@
+Sat Aug 19 05:58:32 UTC 2017 - qantas94he...@gmail.com
+
+- New upstream release 8.4.0
+ * HTTP2: Experimental support for the built-in http2 module has
+been added via the --expose-http2 flag. (#14239)
+ * Inspector:
++ require() is available in the inspector console now. (#8837)
++ Multiple contexts, as created by the vm module, are supported
+ now. (#14465)
+ * N-API: New APIs for creating number values have been
+introduced. (#14573)
+ * Stream: For Duplex streams, the high water mark option can now
+be set independently for the readable and the writable side.
+(#14636)
+ * Util: util.format now supports the %o and %O specifiers for
+printing objects. (#14558)
+- Changes in release 8.3.0
+ * V8: The V8 engine has been upgraded to version 6.0, which has a
+significantly changed performance profile. (#14574)
+ * DNS: Independent DNS resolver instances are supported now, with
+support for cancelling the corresponding requests. (#14518)
+ * N-API: Multiple N-API functions for error handling have been
+changed to support assigning error codes. (#13988)
+ * REPL: Autocompletion support for require() has been improved.
+(#14409)
+ * Utilities: The WHATWG Encoding Standard (TextDecoder and
+TextEncoder) has been implemented as an experimental feature.
+(#13644)
+
+---
+Wed Aug 2 15:16:57 UTC 2017 - adam.ma...@suse.de
+
+- Fix update-alternative handling in %postun - don't remove
+ links on upgrades.
+
+---
+Thu Jul 27 10:12:36 UTC 2017 - qantas94he...@gmail.com
+
+- New upstream release 8.2.1
+ * http: Writes no longer abort if the Socket is missing.
+ * process, async_hooks: Avoid problems when triggerAsyncId is
+undefined.
+ * zlib: Streams no longer attempt to process data when destroyed.
+- Changes in upstream release 8.2.0
+ * async_hooks: Multiple improvements to Promise support in
+ async_hooks have been made.
+ * build: The compiler version requirement to build Node with GCC
+ has been raised to GCC 4.9.4. [820b011ed6] #13466
+ * cluster: Users now have more fine-grained control over the
+ inspector port used by individual cluster workers. Previously,
+ cluster workers were restricted to incrementing from the
+ master's debug port. [dfc46e262a] #14140
+ * dns:
+ + The server used for DNS queries can now use a custom port.
+ [ebe7bb29aa] #13723
+ + Support for dns.resolveAny() has been added.
+ [6e30e2558e] #13137
+ * npm: The npm CLI has been updated to version 5.3.0. In
+ particular, it now comes with the npx binary, which is also
+ shipped with Node.
+- Modify versioned.patch:
+ * Add support for new npx binary introduced in npm 5.3.0,
+ versioned as `/usr/bin/npx8`.
+
+---
@@ -9 +74 @@
-robust solution is found. (bnc#1048299)
+robust solution is found. (bnc#1048299, CVE-2017-11499)
Old:
node-v8.1.4.tar.xz
New:
node-v8.4.0.tar.xz
Other differences:
--
++ nodejs8.spec ++
--- /var/tmp/diff_new_pack.gQnvHn/_old 2017-09-04 12:34:34.782216097 +0200
+++ /var/tmp/diff_new_pack.gQnvHn/_new 2017-09-04 12:34:34.786215535 +0200
@@ -15,6 +15,7 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
+
###
#
# WARNING! WARNING! WARNING! WARNING! WARNING! WARNING!
@@ -25,7 +26,7 @@
###
Name: nodejs8
-Version:8.1.4
+Version:8.4.0
Release:0
%if 0%{?sles_version} == 11
@@ -111,8 +112,15 @@
BuildRequires: binutils-gold
%endif
+# Node.js 4/6/7 requires GCC 4.8.5+.
+# Upstream asks for GCC 4.9.4+ with 8.x, but that is more for
+# maintenance reasons and potential C++11 issues rather than
+# a failure to compile with GCC 4.8. (GH: nodejs/node, d13a65ad)
+# Only SLE 11 has a default compiler version older than necessary.
%if 0%{?sles_version} == 11
BuildRequires: gcc48-c++
+%define cc_exec gcc-4.8
+%define cpp_exec g++-4.8
%else
BuildRequires:
