commit 3b87b01ad72109146bfd1610569aaf703c7e025f Author: Jiayi Yin Date: Sun May 18 22:24:21 2025 +0000 转换LFS仓库为普通仓库 diff --git a/0001-Use-system-uv-zlib.patch b/0001-Use-system-uv-zlib.patch new file mode 100644 index 0000000..4872187 --- /dev/null +++ b/0001-Use-system-uv-zlib.patch @@ -0,0 +1,25 @@ +From 114ef2bb6ce7712a9b6be0593d38e6a8874f8b67 Mon Sep 17 00:00:00 2001 +From: misaka00251 +Date: Mon, 22 May 2023 21:44:32 +0800 +Subject: [PATCH] Use system uv & zlib + +--- + Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile b/Makefile +index 0be0659d..3c442014 100644 +--- a/Makefile ++++ b/Makefile +@@ -169,7 +169,7 @@ with-code-cache test-code-cache: + $(warning '$@' target is a noop) + + out/Makefile: config.gypi common.gypi node.gyp \ +- deps/uv/uv.gyp deps/llhttp/llhttp.gyp deps/zlib/zlib.gyp \ ++ deps/llhttp/llhttp.gyp \ + deps/simdutf/simdutf.gyp deps/ada/ada.gyp \ + tools/v8_gypfiles/toolchain.gypi tools/v8_gypfiles/features.gypi \ + tools/v8_gypfiles/inspector.gypi tools/v8_gypfiles/v8.gyp +-- +2.39.2 (Apple Git-143) + diff --git a/0001-correct-some-errors-related-to-CVE-2025-23085.patch b/0001-correct-some-errors-related-to-CVE-2025-23085.patch new file mode 100644 index 0000000..7bc00c4 --- /dev/null +++ b/0001-correct-some-errors-related-to-CVE-2025-23085.patch @@ -0,0 +1,51 @@ +From 888d300c1ae7f1ef4d0eda26df9335b02b62e7b0 Mon Sep 17 00:00:00 2001 +From: hanguanqiang +Date: Wed, 2 Apr 2025 14:42:23 +0800 +Subject: [PATCH] correct some errors related to CVE-2025-23085 + +--- + src/node_http2.cc | 2 +- + test/parallel/test-http2-premature-close.js | 6 +++--- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/node_http2.cc b/src/node_http2.cc +index 1569149b..5a24f99e 100644 +--- a/src/node_http2.cc ++++ b/src/node_http2.cc +@@ -1193,7 +1193,7 @@ int Http2Session::OnFrameNotSent(nghttp2_session* handle, + // closed but the Http2Session will still be up causing a memory leak. + // Therefore, if the GOAWAY frame couldn't be send due to + // ERR_SESSION_CLOSING we should force close from our side. +- if (frame->hd.type != 0x03) { ++ if (frame->hd.type != NGHTTP2_GOAWAY) { + return 0; + } + } +diff --git a/test/parallel/test-http2-premature-close.js b/test/parallel/test-http2-premature-close.js +index a9b08f55..df30c429 100644 +--- a/test/parallel/test-http2-premature-close.js ++++ b/test/parallel/test-http2-premature-close.js +@@ -29,9 +29,9 @@ async function requestAndClose(server) { + // Send a valid HEADERS frame + const headersFrame = Buffer.concat([ + Buffer.from([ +- 0x00, 0x00, 0x0c, // Length: 12 bytes ++ 0x00, 0x00, 0x0e, // Length: 14 bytes + 0x01, // Type: HEADERS +- 0x05, // Flags: END_HEADERS + END_STREAM ++ 0x04, // Flags: END_HEADERS + (streamId >> 24) & 0xFF, // Stream ID: high byte + (streamId >> 16) & 0xFF, + (streamId >> 8) & 0xFF, +@@ -41,7 +41,7 @@ async function requestAndClose(server) { + 0x82, // Indexed Header Field Representation (Predefined ":method: GET") + 0x84, // Indexed Header Field Representation (Predefined ":path: /") + 0x86, // Indexed Header Field Representation (Predefined ":scheme: http") +- 0x44, 0x0a, // Custom ":authority: localhost" ++ 0x41, 0x09, // ":authority: localhost" Length: 9 bytes + 0x6c, 0x6f, 0x63, 0x61, 0x6c, 0x68, 0x6f, 0x73, 0x74, + ]), + ]); +-- +2.43.0 + diff --git a/CVE-2023-45853.patch b/CVE-2023-45853.patch new file mode 100644 index 0000000..676c1cb --- /dev/null +++ b/CVE-2023-45853.patch @@ -0,0 +1,36 @@ +From 73331a6a0481067628f065ffe87bb1d8f787d10c Mon Sep 17 00:00:00 2001 +From: Hans Wennborg +Date: Fri, 18 Aug 2023 11:05:33 +0200 +Subject: [PATCH] Reject overflows of zip header fields in minizip. + +This checks the lengths of the file name, extra field, and comment +that would be put in the zip headers, and rejects them if they are +too long. They are each limited to 65535 bytes in length by the zip +format. This also avoids possible buffer overflows if the provided +fields are too long. +--- + deps/v8/third_party/zlib/contrib/minizip/zip.c | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/deps/v8/third_party/zlib/contrib/minizip/zip.c b/deps/v8/third_party/zlib/contrib/minizip/zip.c +index 3d3d4cadd..0446109b2 100644 +--- a/deps/v8/third_party/zlib/contrib/minizip/zip.c ++++ b/deps/v8/third_party/zlib/contrib/minizip/zip.c +@@ -1043,6 +1043,17 @@ extern int ZEXPORT zipOpenNewFileInZip4_64(zipFile file, const char* filename, c + return ZIP_PARAMERROR; + #endif + ++ // The filename and comment length must fit in 16 bits. ++ if ((filename!=NULL) && (strlen(filename)>0xffff)) ++ return ZIP_PARAMERROR; ++ if ((comment!=NULL) && (strlen(comment)>0xffff)) ++ return ZIP_PARAMERROR; ++ // The extra field length must fit in 16 bits. If the member also requires ++ // a Zip64 extra block, that will also need to fit within that 16-bit ++ // length, but that will be checked for later. ++ if ((size_extrafield_local>0xffff) || (size_extrafield_global>0xffff)) ++ return ZIP_PARAMERROR; ++ + zi = (zip64_internal*)file; + + if (zi->in_opened_file_inzip == 1) diff --git a/CVE-2024-5274.patch b/CVE-2024-5274.patch new file mode 100644 index 0000000..17eb19a --- /dev/null +++ b/CVE-2024-5274.patch @@ -0,0 +1,38 @@ +From f79f2d4458557b78e390276cd39f88941ea2d6a9 Mon Sep 17 00:00:00 2001 +From: Shu-yu Guo +Date: Fri, 3 Jan 2025 17:32:00 +0800 +Subject: [PATCH] [parser] Using FunctionParsingScope for parsing class static + +--- + deps/v8/src/ast/scopes.cc | 2 +- + deps/v8/src/parsing/parser-base.h | 1 + + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/deps/v8/src/ast/scopes.cc b/deps/v8/src/ast/scopes.cc +index cd8be1ca..1cbeaaca 100644 +--- a/deps/v8/src/ast/scopes.cc ++++ b/deps/v8/src/ast/scopes.cc +@@ -2420,7 +2420,7 @@ bool Scope::MustAllocate(Variable* var) { + var->set_is_used(); + if (inner_scope_calls_eval_ && !var->is_this()) var->SetMaybeAssigned(); + } +- DCHECK(!var->has_forced_context_allocation() || var->is_used()); ++ CHECK(!var->has_forced_context_allocation() || var->is_used()); + // Global variables do not need to be allocated. + return !var->IsGlobalObjectProperty() && var->is_used(); + } +diff --git a/deps/v8/src/parsing/parser-base.h b/deps/v8/src/parsing/parser-base.h +index cfba92d7..efefb37f 100644 +--- a/deps/v8/src/parsing/parser-base.h ++++ b/deps/v8/src/parsing/parser-base.h +@@ -2611,6 +2611,7 @@ typename ParserBase::BlockT ParserBase::ParseClassStaticBlock( + } + + FunctionState initializer_state(&function_state_, &scope_, initializer_scope); ++ FunctionParsingScope body_parsing_scope(impl()); + AcceptINScope accept_in(this, true); + + // Each static block has its own var and lexical scope, so make a new var +-- +2.43.0 + diff --git a/CVE-2024-7971.patch b/CVE-2024-7971.patch new file mode 100644 index 0000000..cc0b8df --- /dev/null +++ b/CVE-2024-7971.patch @@ -0,0 +1,101 @@ +From b03d043bdc5abb867ef3d937f116dcb576e774e0 Mon Sep 17 00:00:00 2001 +From: Clemens Backes +Date: Fri, 3 Jan 2025 16:13:32 +0800 +Subject: [PATCH] [wasm] Spill all loop inputs before entering loop + +--- + .../v8/src/wasm/baseline/liftoff-assembler.cc | 35 +++++-------------- + deps/v8/src/wasm/baseline/liftoff-assembler.h | 6 ++-- + deps/v8/src/wasm/baseline/liftoff-compiler.cc | 2 +- + 3 files changed, 12 insertions(+), 31 deletions(-) + +diff --git a/deps/v8/src/wasm/baseline/liftoff-assembler.cc b/deps/v8/src/wasm/baseline/liftoff-assembler.cc +index 29120dd0..29ab4714 100644 +--- a/deps/v8/src/wasm/baseline/liftoff-assembler.cc ++++ b/deps/v8/src/wasm/baseline/liftoff-assembler.cc +@@ -764,29 +764,10 @@ void LiftoffAssembler::DropExceptionValueAtOffset(int offset) { + cache_state_.stack_state.pop_back(); + } + +-void LiftoffAssembler::PrepareLoopArgs(int num) { +- for (int i = 0; i < num; ++i) { +- VarState& slot = cache_state_.stack_state.end()[-1 - i]; +- if (slot.is_stack()) continue; +- RegClass rc = reg_class_for(slot.kind()); +- if (slot.is_reg()) { +- if (cache_state_.get_use_count(slot.reg()) > 1) { +- // If the register is used more than once, we cannot use it for the +- // merge. Move it to an unused register instead. +- LiftoffRegList pinned; +- pinned.set(slot.reg()); +- LiftoffRegister dst_reg = GetUnusedRegister(rc, pinned); +- Move(dst_reg, slot.reg(), slot.kind()); +- cache_state_.dec_used(slot.reg()); +- cache_state_.inc_used(dst_reg); +- slot.MakeRegister(dst_reg); +- } +- continue; +- } +- LiftoffRegister reg = GetUnusedRegister(rc, {}); +- LoadConstant(reg, slot.constant()); +- slot.MakeRegister(reg); +- cache_state_.inc_used(reg); ++void LiftoffAssembler::SpillLoopArgs(int num) { ++ for (VarState& slot : ++ base::VectorOf(cache_state_.stack_state.end() - num, num)) { ++ Spill(&slot); + } + } + +@@ -978,14 +959,14 @@ void LiftoffAssembler::Spill(VarState* slot) { + } + + void LiftoffAssembler::SpillLocals() { +- for (uint32_t i = 0; i < num_locals_; ++i) { +- Spill(&cache_state_.stack_state[i]); ++ for (VarState& local_slot : ++ base::VectorOf(cache_state_.stack_state.data(), num_locals_)) { ++ Spill(&local_slot); + } + } + + void LiftoffAssembler::SpillAllRegisters() { +- for (uint32_t i = 0, e = cache_state_.stack_height(); i < e; ++i) { +- auto& slot = cache_state_.stack_state[i]; ++ for (VarState& slot : cache_state_.stack_state) { + if (!slot.is_reg()) continue; + Spill(slot.offset(), slot.reg(), slot.kind()); + slot.MakeStack(); +diff --git a/deps/v8/src/wasm/baseline/liftoff-assembler.h b/deps/v8/src/wasm/baseline/liftoff-assembler.h +index aef63c64..d5c3b056 100644 +--- a/deps/v8/src/wasm/baseline/liftoff-assembler.h ++++ b/deps/v8/src/wasm/baseline/liftoff-assembler.h +@@ -549,9 +549,9 @@ class LiftoffAssembler : public MacroAssembler { + // the bottom of the stack. + void DropExceptionValueAtOffset(int offset); + +- // Ensure that the loop inputs are either in a register or spilled to the +- // stack, so that we can merge different values on the back-edge. +- void PrepareLoopArgs(int num); ++ // Spill all loop inputs to the stack to free registers and to ensure that we ++ // can merge different values on the back-edge. ++ void SpillLoopArgs(int num); + + V8_INLINE static int NextSpillOffset(ValueKind kind, int top_spill_offset) { + int offset = top_spill_offset + SlotSizeForType(kind); +diff --git a/deps/v8/src/wasm/baseline/liftoff-compiler.cc b/deps/v8/src/wasm/baseline/liftoff-compiler.cc +index f0887de7..9aed6ddd 100644 +--- a/deps/v8/src/wasm/baseline/liftoff-compiler.cc ++++ b/deps/v8/src/wasm/baseline/liftoff-compiler.cc +@@ -1262,7 +1262,7 @@ class LiftoffCompiler { + // pre-analysis of the function. + __ SpillLocals(); + +- __ PrepareLoopArgs(loop->start_merge.arity); ++ __ SpillLoopArgs(loop->start_merge.arity); + + // Loop labels bind at the beginning of the block. + __ bind(loop->label.get()); +-- +2.43.0 + diff --git a/btest402.js b/btest402.js new file mode 100644 index 0000000..277319c --- /dev/null +++ b/btest402.js @@ -0,0 +1,151 @@ +// Copyright (C) 2014 IBM Corporation and Others. All Rights Reserved. +// This file is part of the Node.JS ICU enablement work +// https://github.com/joyent/node/pull/7719 +// and is under the same license. +// +// This is a very, very, very basic test of es402 +// +// URL: https://github.com/srl295/btest402 +// Author: Steven R. Loomis +// +// for a complete test, see http://test262.ecmascript.org +// +// Usage: node btest402.js + +try { + console.log("You have console.log."); +} catch(e) { + // this works on d8 + console = { log: print }; + console.log("Now you have console.log."); +} + +function runbtest() { + var summary = {}; + + try { + var i = Intl; + summary.haveIntl = true; + console.log("+ Congrats, you have the Intl object."); + } catch(e) { + console.log("You don't have the Intl object: " + e); + } + + if(summary.haveIntl) { + var locs = [ "en", "mt", "ja","tlh"]; + var d = new Date(196400000); + for ( var n=0; n 0 ) { + lsummary.haveSlo = true; + } + } catch (e) { + console.log("SLO err: " + e); + } + var dstr = "ERR"; + try { + lsummary.dstr = d.toLocaleString(loc,{month: "long",day:"numeric",weekday:"long",year:"numeric"}); + console.log(" date: (supported:"+sl+") " + lsummary.dstr); + } catch (e) { + console.log(" Date Format err: " + e); + } + try { + new Intl.v8BreakIterator(); + console.log(" Intl.v8BreakIterator:" + + Intl.v8BreakIterator.supportedLocalesOf(loc) + " Supported, first()==" + + new Intl.v8BreakIterator(loc).first() ); + lsummary.brkOk = true; + } catch ( e) { + console.log(" Intl.v8BreakIterator error (NOT part of EcmaScript402): " + e); + } + console.log(); + } + } + + // print summary + console.log(); + console.log("--------- Analysis ---------"); + stxt = ""; + if( summary.haveIntl ) { + console.log("* You have the 'Intl' object. Congratulations! You have the possibility of being EcmaScript 402 compliant."); + stxt += "Have Intl, "; + + if ( !summary.en.haveSlo ) { + stxt += "Date:no EN, "; + console.log("* English isn't a supported language by the date formatter. Perhaps the data isn't installed properly?"); + } + if ( !summary.tlh.haveSlo ) { + stxt += "Date:no 'tlh', "; + console.log("* Klingon isn't a supported language by the date formatter. It is without honor!"); + } + // now, what is it actually saying + if( summary.en.dstr.indexOf("1970") == -1) { + stxt += "Date:bad 'en', "; + console.log("* the English date format text looks bad to me. Doesn't even have the year."); + } else { + if( summary.en.dstr.indexOf("Jan") == -1) { + stxt += "Date:bad 'en', "; + console.log("* The English date format text looks bad to me. Doesn't have the right month."); + } + } + + if( summary.mt.dstr == summary.en.dstr ) { + stxt += "Date:'mt'=='en', "; + console.log("* The English and Maltese look the same to me. Probably a 'small' build."); + } else if( summary.mt.dstr.indexOf("1970") == -1) { + stxt += "Date:bad 'mt', "; + console.log("* the Maltese date format text looks bad to me. Doesn't even have the year. (This data is missing from the Chromium ICU build)"); + } else { + if( summary.mt.dstr.indexOf("Jann") == -1) { + stxt += "Date:bad 'mt', "; + console.log("* The Maltese date format text looks bad to me. Doesn't have the right month. (This data is missing from the Chromium ICU build)"); + } + } + + if ( !summary.ja.haveSlo ) { + stxt += "Date:no 'ja', "; + console.log("* Japanese isn't a supported language by the date formatter. Could be a 'small' build."); + } else { + if( summary.ja.dstr.indexOf("1970") == -1) { + stxt += "Date:bad 'ja', "; + console.log("* the Japanese date format text looks bad to me. Doesn't even have the year."); + } else { + if( summary.ja.dstr.indexOf("日") == -1) { + stxt += "Date:bad 'ja', "; + console.log("* The Japanese date format text looks bad to me."); + } + } + } + if ( summary.en.brkOk ) { + stxt += "FYI: v8Brk:have 'en', "; + console.log("* You have Intl.v8BreakIterator support. (Note: not part of ES402.)"); + } + } else { + console.log("* You don't have the 'Intl' object. You aren't EcmaScript 402 compliant."); + stxt += " NO Intl. "; + } + + // 1-liner. + console.log(); + console.log("----------------"); + console.log( "SUMMARY:" + stxt ); +} + +var dorun = true; + +try { + if(btest402_noautorun) { + dorun = false; + } +} catch(e) {} + +if(dorun) { + console.log("Running btest.."); + runbtest(); +} diff --git a/icu4c-75_1-data-bin-l.zip b/icu4c-75_1-data-bin-l.zip new file mode 100644 index 0000000..fadacb4 Binary files /dev/null and b/icu4c-75_1-data-bin-l.zip differ diff --git a/node-v20.18.2.tar.xz b/node-v20.18.2.tar.xz new file mode 100644 index 0000000..ac9dcca Binary files /dev/null and b/node-v20.18.2.tar.xz differ diff --git a/nodejs.spec b/nodejs.spec new file mode 100644 index 0000000..cf209b3 --- /dev/null +++ b/nodejs.spec @@ -0,0 +1,522 @@ +%global baserelease 2 +%{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}} +%global nodejs_epoch 1 +%global nodejs_major 20 +%global nodejs_minor 18 +%global nodejs_patch 2 +%global nodejs_abi %{nodejs_major}.%{nodejs_minor} +%global nodejs_soversion 115 +%global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} +%global nodejs_release %{baserelease} +%global nodejs_datadir %{_datarootdir}/nodejs +%global v8_epoch 3 +%global v8_major 11 +%global v8_minor 3 +%global v8_build 244 +%global v8_patch 8 +%global v8_abi %{v8_major}.%{v8_minor} +%global v8_version %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch} +%global v8_release %{nodejs_epoch}.%{nodejs_major}.%{nodejs_minor}.%{nodejs_patch}.%{nodejs_release} + +# c-ares - from deps/cares/include/ares_version.h +# https://github.com/nodejs/node/pull/9332 +%global c_ares_version 1.33.1 + +# llhttp - from deps/llhttp/include/llhttp.h +%global llhttp_version 8.1.2 + +# libuv - from deps/uv/include/uv/version.h +%global libuv_version 1.46.0 + +# nghttp2 - from deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h +%global nghttp2_version 1.61.0 + +%global icu_major 75 +%global icu_minor 1 +%global icu_version %{icu_major}.%{icu_minor} +%global icudatadir %{nodejs_datadir}/icudata +%{!?little_endian: %global little_endian %(%{__python3} -c "import sys;print (0 if sys.byteorder=='big' else 1)")} +# " this line just fixes syntax highlighting for vim that is confused by the above and continues literal +%global openssl_minimum 1:1.1.1 +# OpenSSL3 +%global openssl3_minimum 1:3.0.2 +%global punycode_version 2.1.0 +%global npm_epoch 1 +%global npm_version 10.8.2 +%global npm_release %{nodejs_epoch}.%{nodejs_major}.%{nodejs_minor}.%{nodejs_patch}.%{nodejs_release} + +# uvwasi - from deps/uvwasi/include/uvwasi.h +%global uvwasi_version 0.0.21 + +# histogram_c - assumed from timestamps +%global histogram_version 0.9.7 + +# simdutf from deps/simdutf/simdutf.h +%global simdutf_version 5.5.0 + +# dtrace is not supported on Node.js 19+ +%global dtrace_configure %{nil} + +Name: nodejs +Epoch: %{nodejs_epoch} +Version: %{nodejs_version} +Release: %{nodejs_release} +Summary: JavaScript runtime +License: MIT and Apache-2.0 and ISC and BSD and AFL-2.1 +Group: Development/Languages +URL: http://nodejs.org/ + +Source0: https://nodejs.org/dist/v%{version}/node-v%{version}.tar.xz +Source1: npmrc +Source2: btest402.js +Source3: https://github.com/unicode-org/icu/releases/download/release-%{icu_major}-%{icu_minor}/icu4c-%{icu_major}_%{icu_minor}-data-bin-l.zip +Source4: nodejs_native.attr + +Patch0: 0001-Use-system-uv-zlib.patch +Patch1: CVE-2023-45853.patch +Patch2: CVE-2024-5274.patch +Patch3: CVE-2024-7971.patch +Patch4: 0001-correct-some-errors-related-to-CVE-2025-23085.patch + +BuildRequires: python3-devel python3-setuptools make +BuildRequires: zlib-devel python3-jinja2 +BuildRequires: brotli-devel python3-unversioned-command +BuildRequires: gcc >= 8.3.0 jq +BuildRequires: gcc-c++ >= 8.3.0 unzip +BuildRequires: nodejs-packaging +BuildRequires: chrpath +BuildRequires: ninja-build +BuildRequires: libatomic +BuildRequires: systemtap-sdt-devel +BuildRequires: libuv-devel >= 1:%{libuv_version} +Requires: libuv >= 1:%{libuv_version} + +Provides: bundled(nghttp2) = %{nghttp2_version} +Provides: bundled(llhttp) = %{llhttp_version} +Provides: bundled(simdutf) = %{simdutf_version} + +BuildRequires: openssl-devel >= %{openssl_minimum} +Requires: openssl >= %{openssl_minimum} +Requires: ca-certificates +Requires: nodejs-libs%{?_isa} = %{nodejs_epoch}:%{version}-%{release} +Recommends: nodejs-full-i18n%{?_isa} = %{nodejs_epoch}:%{version}-%{release} +Provides: nodejs(abi) = %{nodejs_abi} +Provides: nodejs(abi%{nodejs_major}) = %{nodejs_abi} +Provides: nodejs(v8-abi) = %{v8_abi} +Provides: nodejs(v8-abi%{v8_major}) = %{v8_abi} +Provides: nodejs(engine) = %{nodejs_version} +Conflicts: node <= 0.3.2-12 +Provides: nodejs-punycode = %{punycode_version} +Provides: npm(punycode) = %{punycode_version} +Provides: bundled(c-ares) = %{c_ares_version} +Provides: bundled(v8) = %{v8_version} +Provides: bundled(icu) = %{icu_version} +Provides: bundled(uvwasi) = %{uvwasi_version} +Provides: bundled(histogram) = %{histogram_version} +Provides: bundled(ada) = 2.7.4 +Requires: (nodejs-packaging if rpm-build) +Recommends: npm >= %{npm_epoch}:%{npm_version}-%{npm_release}%{?dist} + +%description +Node.js is a platform built on Chrome's JavaScript runtime +for easily building fast, scalable network applications. +Node.js uses an event-driven, non-blocking I/O model that +makes it lightweight and efficient, perfect for data-intensive +real-time applications that run across distributed devices. + +%package devel +Summary: JavaScript runtime - development headers +Group: Development/Languages +Requires: %{name}%{?_isa} = %{epoch}:%{nodejs_version}-%{nodejs_release}%{?dist} +Requires: openssl-devel%{?_isa} +Requires: zlib-devel%{?_isa} +Requires: brotli-devel%{?_isa} +Requires: nodejs-packaging +Requires: libuv-devel%{?_isa} + +%description devel +Development headers for the Node.js JavaScript runtime. + +%package libs +Summary: Node.js and v8 libraries + +%if 0%{?__isa_bits} == 64 +Provides: libv8.so.%{v8_major}()(64bit) +Provides: libv8_libbase.so.%{v8_major}()(64bit) +Provides: libv8_libplatform.so.%{v8_major}()(64bit) +%else +Provides: libv8.so.%{v8_major} +Provides: libv8_libbase.so.%{v8_major} +Provides: libv8_libplatform.so.%{v8_major} +%endif + +Provides: v8 = %{v8_epoch}:%{v8_version}-%{nodejs_release}%{?dist} +Provides: v8%{?_isa} = %{v8_epoch}:%{v8_version}-%{nodejs_release}%{?dist} +Obsoletes: v8 < 1:6.7.17-10 + +%description libs +Libraries to support Node.js and provide stable v8 interfaces. + +%package full-i18n +Summary: Non-English locale data for Node.js +Requires: %{name}%{?_isa} = %{nodejs_epoch}:%{nodejs_version}-%{nodejs_release}%{?dist} + +%description full-i18n +Optional data files to provide full-icu support for Node.js. Remove this +package to save space if non-English locales are not needed. + +%package -n v8-devel +Summary: v8 - development headers +Epoch: %{v8_epoch} +Version: %{v8_version} +Release: %{v8_release} +Requires: %{name}-devel%{?_isa} = %{nodejs_epoch}:%{nodejs_version}-%{nodejs_release}%{?dist} + +%description -n v8-devel +Development headers for the v8 runtime. + +%package -n npm +Summary: Node.js Package Manager +Epoch: %{npm_epoch} +Version: %{npm_version} +Release: %{npm_release} + +Obsoletes: npm < 1:9 +Provides: npm = %{npm_epoch}:%{npm_version} +Requires: nodejs = %{nodejs_epoch}:%{nodejs_version}-%{nodejs_release}%{?dist} +Recommends: nodejs-docs = %{nodejs_epoch}:%{nodejs_version}-%{nodejs_release}%{?dist} +Provides: npm(npm) = %{npm_version} + +%description -n npm +npm is a package manager for node.js. You can use it to install and publish +your node programs. It manages dependencies and does other cool stuff. + +%package docs +Summary: Node.js API documentation +Group: Documentation +BuildArch: noarch + +Conflicts: %{name} > %{nodejs_epoch}:%{nodejs_version}-%{nodejs_release}%{?dist} +Conflicts: %{name} < %{nodejs_epoch}:%{nodejs_version}-%{nodejs_release}%{?dist} + +%description docs +The API documentation for the Node.js JavaScript runtime. + +%prep +%autosetup -p1 -n node-v%{nodejs_version} +rm -rf deps/zlib +rm -rf deps/brotli +rm -rf deps/v8/third_party/jinja2 +rm -rf tools/inspector_protocol/jinja2 +pathfix.py -i %{__python3} -pn $(find -type f ! -name "*.js") +find . -type f -exec sed -i "s~/usr\/bin\/env python~/usr/bin/python3~" {} \; +find . -type f -exec sed -i "s~/usr\/bin\/python\W~/usr/bin/python3~" {} \; +sed -i "s~usr\/bin\/python2~usr\/bin\/python3~" ./deps/v8/tools/gen-inlining-tests.py +sed -i "s~usr\/bin\/python.*$~usr\/bin\/python3~" ./deps/v8/tools/mb/mb_test.py +find . -type f -exec sed -i "s~python -c~python3 -c~" {} \; + +%build +%global optflags %(echo %{optflags} | sed 's/-g /-g1 /') + +export CC='%{__cc}' +export CXX='%{__cxx}' +export CFLAGS='%{optflags} \ + -D_LARGEFILE_SOURCE \ + -D_FILE_OFFSET_BITS=64 \ + -DZLIB_CONST \ + -fno-delete-null-pointer-checks \ + -O3 \ + -fno-ipa-icf' +export CXXFLAGS='%{optflags} \ + -D_LARGEFILE_SOURCE \ + -D_FILE_OFFSET_BITS=64 \ + -DZLIB_CONST \ + -fno-delete-null-pointer-checks \ + -O3 \ + -fno-ipa-icf' + +export CFLAGS="$(echo ${CFLAGS} | tr -s '[:space:]\\' ' ')" +export CXXFLAGS="$(echo ${CXXFLAGS} | tr -s '[:space:]\\' ' ')" +export LDFLAGS="%{build_ldflags}" + +%if "%toolchain" == "clang" +export CFLAGS="$(echo ${CFLAGS} | sed -e s/-fno-ipa-icf//g)" +export CXXFLAGS="$(echo ${CXXFLAGS} | sed -e s/-fno-ipa-icf//g)" +%endif + +%{__python3} configure.py --prefix=%{_prefix} \ + --verbose \ + --ninja \ + --shared \ + --libdir=%{_lib} \ + --shared-openssl \ + --shared-zlib \ + --shared-brotli \ + --shared-libuv \ + %{dtrace_configure} \ + --with-intl=small-icu \ + --with-icu-default-data-dir=%{icudatadir} \ + --without-corepack \ + --openssl-use-def-ca-store \ +%if "%toolchain" != "clang" + --enable-lto +%endif + +%ninja_build -C out/Release + +%install +# The ninja build does not put the shared library in the expected location, so +# we will move it. +mv out/Release/lib/libnode.so.%{nodejs_soversion} out/Release/ + +%if 0%{?nodejs_major} >= 20 +./tools/install.py install --dest-dir %{buildroot} --prefix %{_prefix} +%else +./tools/install.py install %{buildroot} %{_prefix} +%endif + +chmod 0755 %{buildroot}/%{_bindir}/node +chrpath --delete %{buildroot}%{_bindir}/node +ln -s libnode.so.%{nodejs_soversion} %{buildroot}%{_libdir}/libnode.so + +for header in %{buildroot}%{_includedir}/node/libplatform %{buildroot}%{_includedir}/node/v8*.h; do + header=$(basename ${header}) + ln -s ./node/${header} %{buildroot}%{_includedir}/${header} +done +ln -s ./node/cppgc %{buildroot}%{_includedir}/cppgc +for soname in libv8 libv8_libbase libv8_libplatform; do + ln -s libnode.so.%{nodejs_soversion} %{buildroot}%{_libdir}/${soname}.so + ln -s libnode.so.%{nodejs_soversion} %{buildroot}%{_libdir}/${soname}.so.%{v8_major} +done + +mkdir -p %{buildroot}%{_prefix}/lib/node_modules + +install -Dpm0644 %{SOURCE4} %{buildroot}%{_rpmconfigdir}/fileattrs/nodejs_native.attr +cat << EOF > %{buildroot}%{_rpmconfigdir}/nodejs_native.req +#!/bin/sh +echo 'nodejs(abi%{nodejs_major}) >= %nodejs_abi' +echo 'nodejs(v8-abi%{v8_major}) >= %v8_abi' +EOF +chmod 0755 %{buildroot}%{_rpmconfigdir}/nodejs_native.req + +mkdir -p %{buildroot}%{_pkgdocdir}/html +cp -pr doc/* %{buildroot}%{_pkgdocdir}/html +rm -f %{buildroot}%{_pkgdocdir}/html/nodejs.1 + +mkdir -p %{buildroot}%{_datadir}/node +cp -p common.gypi %{buildroot}%{_datadir}/node + +mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit + +mkdir -p %{buildroot}%{_mandir} \ + %{buildroot}%{_pkgdocdir}/npm + +cp -pr deps/npm/man/* %{buildroot}%{_mandir}/ +rm -rf %{buildroot}%{_prefix}/lib/node_modules/npm/man +ln -sf %{_mandir} %{buildroot}%{_prefix}/lib/node_modules/npm/man + +cp -pr deps/npm/docs %{buildroot}%{_pkgdocdir}/npm/ +rm -rf %{buildroot}%{_prefix}/lib/node_modules/npm/docs + +ln -sf %{_pkgdocdir}/npm %{buildroot}%{_prefix}/lib/node_modules/npm/docs + +rm -f %{buildroot}/%{_defaultdocdir}/node/lldb_commands.py \ + %{buildroot}/%{_defaultdocdir}/node/lldbinit + +find %{buildroot}%{_prefix}/lib/node_modules/npm \ + -not -path "%{buildroot}%{_prefix}/lib/node_modules/npm/bin/*" \ + -executable -type f \ + -exec chmod -x {} \; + +chmod 0755 %{buildroot}%{_prefix}/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin/node-gyp +chmod 0755 %{buildroot}%{_prefix}/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js + +mkdir -p %{buildroot}%{_sysconfdir} +cp %{SOURCE1} %{buildroot}%{_sysconfdir}/npmrc + +mkdir -p %{buildroot}%{_prefix}/etc +ln -s %{_sysconfdir}/npmrc %{buildroot}%{_prefix}/etc/npmrc + +mkdir -p %{buildroot}%{icudatadir} +unzip -d %{buildroot}%{icudatadir} %{SOURCE3} icudt%{icu_major}l.dat + +%check +LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}/%{_bindir}/node -e "require('assert').equal(process.versions.node, '%{nodejs_version}')" +LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}/%{_bindir}/node -e "require('assert').equal(process.versions.v8.replace(/-node\.\d+$/, ''), '%{v8_version}')" +LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}/%{_bindir}/node -e "require('assert').equal(process.versions.ares.replace(/-DEV$/, ''), '%{c_ares_version}')" + +LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}/%{_bindir}/node -e "require(\"assert\").equal(require(\"punycode\").version, '%{punycode_version}')" + +LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}%{_bindir}/node %{buildroot}%{_bindir}/npm version --json |jq -e '.npm == "%{npm_version}"' + +NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/node_modules/npm/node_modules LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}/%{_bindir}/node --icu-data-dir=%{buildroot}%{icudatadir} %{SOURCE2} + + +%files +%{_bindir}/node +%dir %{_prefix}/lib/node_modules +%dir %{_datadir}/node + + +%{_rpmconfigdir}/fileattrs/nodejs_native.attr +%{_rpmconfigdir}/nodejs_native.req +%doc CHANGELOG.md onboarding.md GOVERNANCE.md README.md +%doc %{_mandir}/man1/node.1* + +%files devel +%{_includedir}/node +%{_libdir}/libnode.so +%{_datadir}/node/common.gypi +%{_pkgdocdir}/gdbinit + +%files full-i18n +%dir %{icudatadir} +%{icudatadir}/icudt%{icu_major}*.dat + +%files libs +%license LICENSE +%{_libdir}/libnode.so.%{nodejs_soversion} +%{_libdir}/libv8.so.%{v8_major} +%{_libdir}/libv8_libbase.so.%{v8_major} +%{_libdir}/libv8_libplatform.so.%{v8_major} +%dir %{nodejs_datadir}/ + +%files -n v8-devel +%{_includedir}/libplatform +%{_includedir}/v8*.h +%{_libdir}/libv8.so +%{_includedir}/cppgc +%{_libdir}/libv8_libbase.so +%{_libdir}/libv8_libplatform.so + +%files -n npm +%{_bindir}/npm +%{_bindir}/npx +%{_prefix}/lib/node_modules/npm +%config(noreplace) %{_sysconfdir}/npmrc +%{_prefix}/etc/npmrc +%ghost %{_sysconfdir}/npmignore +%doc %{_mandir}/man*/ +%exclude %doc %{_mandir}/man1/node.1* + + +%files docs +%dir %{_pkgdocdir} +%doc doc +%{_pkgdocdir}/html +%{_pkgdocdir}/npm/docs + +%changelog +* Wed Apr 02 2025 hanguanqiang - 1:20.18.2-2 +- correct error related to CVE-2025-23085 + +* Thu Jan 23 2025 wangkai <13474090681@163.com> - 1:20.18.2-1 +- Update to 20.18.2 +- Fix CVE-2025-23083 CVE-2025-23085 CVE-2025-23084 CVE-2024-36137 + CVE-2024-22018 CVE-2024-22020 + +* Mon Jan 06 2025 Ge Wang - 1:20.12.1-3 +- CVE-2023-45853 - Reject overflows of zip header fields in minizip +- CVE-2024-5274 - Using FunctionParsingScope for parsing class static +- CVE-2024-5535 - Fix SSL_select_next_proto +- CVE-2024-7971 - Spill all loop inputs before entering loop + +* Fri Nov 29 2024 jchzhou - 1:20.12.1-2 +- fix building w/ clang: only apply '-fno-ipa-icf' for gcc && disable LTO for clang + ld.bfd +- improve the handling of trilling whitespaces in C/CXXFLAGS + +* Wed Sep 18 2024 yaoxin - 1:20.12.1-1 +- Update to 20.12.1: + * CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() + leads to HTTP/2 server crash- (High) + * CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium) + * llhttp version 9.2.1 + * undici version 5.28.4 + +* Mon May 06 2024 Ge Wang - 1:20.11.1-3 +- Fix fd is null when calling clearBuffer + +* Mon Mar 18 2024 Eustace - 1:20.11.1-2 +- Revert some v8 roll + +* Mon Feb 19 2024 wangkai <13474090681@163.com> - 1:20.11.1-1 +- Update to 20.11.1 +- Fix CVE-2023-46809 CVE-2024-21896 CVE-2024-22019 CVE-2024-21892 CVE-2024-24758 CVE-2024-22025 + +* Mon Nov 27 2023 Jingwiw - 1:20.10.0-1 +- Update to the new LTS version 20.10.0 +- Add CFLAGS "-O3 -fno-ipa-icf" +- Enable lto + +* Thu Aug 31 2023 Funda Wang - 1:18.17.1-1 +- Update to 18.17.1 +- Use huaweicloud.com mirror as default registry + +* Thu May 18 2023 misaka00251 - 1:18.16.0-1 +- Update to 18.16.0 + +* Sat Mar 11 2023 Tom_zc - 1:16.15.0-3 +- support openssl v3.0.8 + +* Thu Feb 23 2023 yaoxin - 1:16.15.0-2 +- Fix CVE-2023-0286,CVE-2023-0215,CVE-2022-4304 and CVE-2022-4450 + +* Fri Feb 10 2023 liyanan - 1:16.15.0-1 +- Update to 16.15.0 + +* Fri Feb 03 2023 yaoxin - 1:12.22.11-5 +- Fix build failed due to openssl update to 3.0 + +* Wed Nov 16 2022 liyuxiang - 1:12.22.11-4 +- fix CVE-2022-43548 + +* Wed Aug 03 2022 wangkai - 1:12.22.11-3 +- Rollback remove dist + +* Tue Aug 02 2022 wulei - 1:12.22.11-2 +- Dist is controlled by the version project, dist is deleted + +* Mon Jun 06 2022 wangkai - 1:12.22.11-1 +- Update to 12.22.11 + +* Fri Apr 15 2022 liyanan - 1:12.18.4-8 +- The third party software jinja2-support python 3.10.0 + +* Thu Oct 21 2021 yaoxin - 1:12.18.4-7 +- fix CVE-2021-22930 + +* Mon Aug 16 2021 zhouwenpei - 1:12.18.4-6 +- use getauxval to fix build failure in node_main.cc + +* Tue Jul 20 2021 zhouwenpei - 1:12.18.4-5 +- fix CVE-2021-22918 + +* Mon Mar 15 2021 xinghe - 1:12.18.4-4 +- fix CVE-2021-22883 CVE-2021-22884 + +* Tue Feb 09 2021 xinghe - 1:12.18.4-3 +- fix CVE-2020-8265 CVE-2020-8287 + +* Sat Jan 04 2020 huanghaitao - 1:12.18.4-2 +- Make AARCH64 compile on 64KB physical pages to fix build error + +* Wed Nov 18 2020 lingsheng - 1:12.18.4-1 +- Update to 12.18.4 + +* Tue Nov 17 2020 lingsheng - 1:10.21.0-3 +- Fix nodejs release version + +* Wed Nov 04 2020 gaozhekang - 1:10.21.0-2 +- avoid OOB read in URL parser + +* Mon Aug 24 2020 lingsheng - 1:10.21.0-1 +- Update to 10.21.0 + +* Thu Aug 20 2020 wutao - 1:10.11.0-3 +- fix dist miss problem + +* Fri Mar 20 2020 shijian - 1:10.11.0-2 +- Fix CVE-2018-12122 CVE-2019-5737 + +* Fri Mar 6 2020 openEuler Buildteam - 1:10.11.0-1 +- Package init diff --git a/nodejs.yaml b/nodejs.yaml new file mode 100644 index 0000000..7d8d239 --- /dev/null +++ b/nodejs.yaml @@ -0,0 +1,4 @@ +version_control: github +src_repo: nodejs/node +tag_prefix: "^v" +separator: "." diff --git a/nodejs_native.attr b/nodejs_native.attr new file mode 100644 index 0000000..0527af6 --- /dev/null +++ b/nodejs_native.attr @@ -0,0 +1,2 @@ +%__nodejs_native_requires %{_rpmconfigdir}/nodejs_native.req +%__nodejs_native_path ^/usr/lib.*/node_modules/.*\\.node$ diff --git a/npmrc b/npmrc new file mode 100644 index 0000000..ae9341c --- /dev/null +++ b/npmrc @@ -0,0 +1,3 @@ +prefix=/usr/local +python=/usr/bin/python3 +registry=https://repo.huaweicloud.com/repository/npm