aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJakub Jirutka <jakub@jirutka.cz>2020-02-07 15:39:07 +0100
committerJakub Jirutka <jakub@jirutka.cz>2020-02-07 15:36:10 +0100
commit975b6a3945fcfc2d2d1b044ea5fb1d32f8cda08f (patch)
treea359877f852b3ac21dafe8d2bf02bff47bd1e751
parent61851c5e9528fc803ee3dff5431d76482e125ba3 (diff)
downloadaports-975b6a3945fcfc2d2d1b044ea5fb1d32f8cda08f.tar.gz
aports-975b6a3945fcfc2d2d1b044ea5fb1d32f8cda08f.tar.bz2
aports-975b6a3945fcfc2d2d1b044ea5fb1d32f8cda08f.tar.xz
main/nodejs: security upgrade to 10.19.0
-rw-r--r--main/nodejs/APKBUILD18
1 files changed, 15 insertions, 3 deletions
diff --git a/main/nodejs/APKBUILD b/main/nodejs/APKBUILD
index d025612fd4..19e80ed7d5 100644
--- a/main/nodejs/APKBUILD
+++ b/main/nodejs/APKBUILD
@@ -6,6 +6,10 @@
# Maintainer: Jakub Jirutka <jakub@jirutka.cz>
#
# secfixes:
+# 10.19.0-r0:
+# - CVE-2019-15606
+# - CVE-2019-15605
+# - CVE-2019-15604
# 10.16.3-r0:
# - CVE-2019-9511
# - CVE-2019-9512
@@ -44,7 +48,7 @@
pkgname=nodejs
# Note: Update only to even-numbered versions (e.g. 6.y.z, 8.y.z)!
# Odd-numbered versions are supported only for 9 months by upstream.
-pkgver=10.16.3
+pkgver=10.19.0
pkgrel=0
pkgdesc="JavaScript runtime built on V8 engine - LTS version"
url="https://nodejs.org/"
@@ -113,9 +117,17 @@ package() {
paxmark -m "$pkgdir"/usr/bin/node
cp -pr "$pkgdir"/usr/lib/node_modules/npm/man "$pkgdir"/usr/share
- local d; for d in doc html man; do
+ local d; for d in docs man; do
rm -r "$pkgdir"/usr/lib/node_modules/npm/$d
done
+
+ # XXX: Workaround for https://github.com/npm/cli/issues/780.
+ (cd "$pkgdir"/usr/share/man/man5 && find * \
+ -type f ! \( -name 'package-json.*' -or -name 'npmrc.*' -or -name 'npm-*' \) \
+ -exec mv {} npm-{} \;)
+ (cd "$pkgdir"/usr/share/man/man7 && find * \
+ -type f ! \( -name 'semver.*' -or -name 'npm-*' \) \
+ -exec mv {} npm-{} \;)
}
dev() {
@@ -137,6 +149,6 @@ npm() {
mv "$pkgdir"/usr/lib/node_modules/npm "$subpkgdir"/usr/lib/node_modules/
}
-sha512sums="c3a95d8810599db8e9a17932c55ff57223cf9e66028e776088420023ab7ba393e9b60518a189fcab46ca2597d213f8a6414abba282a73c9501c294dbc7b041e6 node-v10.16.3.tar.gz
+sha512sums="59f584e27dfd99453a031722ca3e094d658a90e77316a85a7048868fe6a6164b8aef0f03b60cbe681ace273d902434210bf3cd10a638583b74264d8b42bf2565 node-v10.19.0.tar.gz
9d09a88074bf0093f35c5b610e73ebf4c5381df2a2b29feb69da1af0b18776a683b13f1276375bbcfc60936cc27769539e1f01b4ba94b22cad2d5f4daae14c46 dont-run-gyp-files-for-bundled-deps.patch
4fd3f10bd82d1e851ed000169c2635c001a4a051283edf96f1efb2260e2d395199dd5843f79f1cff8f2c0c65462c44241c508ea67835dfbd9880d9196fae290a link-with-libatomic-on-mips32.patch"