blob: e67021bd29093e5ae6722d7cf9099c629ee52139 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
|
# Contributor: Jose-Luis Rivas <ghostbar@riseup.net>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Contributor: Dave Esaias <dave@containership.io>
# Contributor: Tadahisa Kamijo <kamijin@live.jp>
# Contributor: Eivind Uggedal <eu@eju.no>
# Maintainer: Jakub Jirutka <jakub@jirutka.cz>
#
# secfixes:
# 12.22.5-r0:
# - CVE-2021-3672
# - CVE-2021-22931
# - CVE-2021-22939
# 12.22.4-r0:
# - CVE-2021-22930
# 12.22.2-r0:
# - CVE-2021-22918
# 12.22.1-r0:
# - CVE-2020-7774
# 12.21.0-r0:
# - CVE-2021-22883
# - CVE-2021-22884
# 12.20.1-r0:
# - CVE-2020-8277
# - CVE-2020-8265
# - CVE-2020-8287
# - CVE-2020-8201
# - CVE-2020-8252
# - CVE-2020-8172
# - CVE-2020-11080
# - CVE-2020-8174
# 12.15.0-r0:
# - CVE-2019-15606
# - CVE-2019-15605
# - CVE-2019-15604
# 10.16.3-r0:
# - CVE-2019-9511
# - CVE-2019-9512
# - CVE-2019-9513
# - CVE-2019-9514
# - CVE-2019-9515
# - CVE-2019-9516
# - CVE-2019-9517
# - CVE-2019-9518
# 10.15.3-r0:
# - CVE-2019-5737
# 10.14.0-r0:
# - CVE-2018-12121
# - CVE-2018-12122
# - CVE-2018-12123
# - CVE-2018-0735
# - CVE-2018-0734
# 8.11.4-r0:
# - CVE-2018-12115
# 8.11.3-r0:
# - CVE-2018-7167
# - CVE-2018-7161
# - CVE-2018-1000168
# 8.11.0-r0:
# - CVE-2018-7158
# - CVE-2018-7159
# - CVE-2018-7160
# 8.9.3-r0:
# - CVE-2017-15896
# - CVE-2017-15897
# 6.11.5-r0:
# - CVE-2017-14919
# 6.11.1-r0:
# - CVE-2017-1000381
#
pkgname=nodejs
# Note: Update only to even-numbered versions (e.g. 6.y.z, 8.y.z)!
# Odd-numbered versions are supported only for 9 months by upstream.
pkgver=12.22.5
pkgrel=0
pkgdesc="JavaScript runtime built on V8 engine - LTS version"
url="https://nodejs.org/"
arch="all !mips64 !mips64el"
license="MIT"
depends="ca-certificates"
makedepends="linux-headers python2 paxmark
zlib-dev libuv-dev openssl-dev c-ares-dev nghttp2-dev"
subpackages="$pkgname-dev $pkgname-doc npm::noarch"
provides="nodejs-lts=$pkgver" # for backward compatibility
replaces="nodejs-current nodejs-lts" # nodejs-lts for backward compatibility
source="https://nodejs.org/dist/v$pkgver/node-v$pkgver.tar.gz
dont-run-gyp-files-for-bundled-deps.patch
link-with-libatomic-on-mips32.patch
fix-build-with-system-c-ares.patch
"
builddir="$srcdir/node-v$pkgver"
prepare() {
default_prepare
# Remove bundled dependencies that we're not using.
rm -rf deps/cares deps/openssl deps/zlib
}
build() {
cd "$builddir"
case "$CARCH" in
mips*) _carchflags="--with-mips-arch-variant=r1 --with-mips-float-abi=soft";;
esac
# NOTE: We use bundled libuv because they don't care much about backward
# compatibility and it has happened several times in past that we
# couldn't upgrade nodejs package in stable branches to fix CVEs due to
# libuv incompatibility.
./configure --prefix=/usr \
$_carchflags \
--shared-zlib \
--shared-openssl \
--shared-cares \
--shared-nghttp2 \
--openssl-use-def-ca-store
# we need run mksnapshot at build time so paxmark it early.
make -C out mksnapshot BUILDTYPE=Release
paxmark -m out/Release/mksnapshot
make
# paxmark so JIT works
paxmark -m out/Release/node
}
# TODO Run provided test suite.
check() {
cd "$builddir"/out/Release
./node -e 'console.log("Hello, world!")'
./node -e "require('assert').equal(process.versions.node, '$pkgver')"
}
package() {
cd "$builddir"
make DESTDIR="$pkgdir" install
# It's strange, but it really needs to be paxmarked again...
paxmark -m "$pkgdir"/usr/bin/node
cp -pr "$pkgdir"/usr/lib/node_modules/npm/man "$pkgdir"/usr/share
local d; for d in docs man; do
rm -r "$pkgdir"/usr/lib/node_modules/npm/$d
done
# XXX: Workaround for https://github.com/npm/cli/issues/780.
(cd "$pkgdir"/usr/share/man/man5 && find * \
-type f ! \( -name 'package-json.*' -or -name 'npmrc.*' -or -name 'npm-*' \) \
-exec mv {} npm-{} \;)
(cd "$pkgdir"/usr/share/man/man7 && find * \
-type f ! \( -name 'semver.*' -or -name 'npm-*' \) \
-exec mv {} npm-{} \;)
}
dev() {
provides="nodejs-lts-dev=$pkgver" # for backward compatibility
default_dev
}
npm() {
pkgdesc="A package manager for JavaScript"
depends="$pkgname"
# for backward compatibility
provides="nodejs-npm=$pkgver-r$pkgrel nodejs-current-npm=$pkgver-r$pkgrel"
replaces="nodejs-npm nodejs-current-npm $pkgname"
mkdir -p "$subpkgdir"/usr/bin
mv "$pkgdir"/usr/bin/np[mx] "$subpkgdir"/usr/bin/
mkdir -p "$subpkgdir"/usr/lib/node_modules
mv "$pkgdir"/usr/lib/node_modules/npm "$subpkgdir"/usr/lib/node_modules/
}
sha512sums="
7f866a8db590d617d79f216103c1c96848f5d552744532d1f5dad546979eba3307956e27fc3113dc4e244caa1d68634222748f0ae09fa298c57d797f3ce0c084 node-v12.22.5.tar.gz
fc5848ced3e591e732b6a9af27679ca82f7605a4b2cd2f7eb6a411664b7c065892fb67a1db5aec7a26207582eecd8377476ed550c1dfb6c7917ba7babfa66a2d dont-run-gyp-files-for-bundled-deps.patch
9f60928b53447f9590c7065bcdbdd4065d10a06e8451531615791a3bd7d14f9114807e5446e0ec00e2cb7a11a277050345e34636b199db2979d7f022b31ffde4 link-with-libatomic-on-mips32.patch
30ca1ce7f9512c943950b8eec98bca99d24c740ebaa14619292fe5ed931dcf603ca90afb1d704ca7f545e421752ba4dde81c0c5bbb5242eb1726739ca627e15f fix-build-with-system-c-ares.patch
"
|
