mbox series

[bug#59188,0/4] gnu: node-lts: Update to 18.12.1.

Message ID y761qqadpgr.wl-hako@ultrarare.space
Headers
Series gnu: node-lts: Update to 18.12.1. |

Message

Hilton Chain Nov. 11, 2022, 5:34 a.m. UTC 
Hilton Chain (4):
  gnu: libuv-for-node: Update to 1.43.0.
  gnu: llhttp-bootstrap: Update to 6.0.10.
  gnu: node-lts: Update to 18.12.1.
  gnu: libnode: Use node-lts as base.

 gnu/local.mk                                  |   1 -
 gnu/packages/libevent.scm                     |   4 +-
 gnu/packages/node.scm                         |  44 +++++---
 .../llhttp-bootstrap-CVE-2020-8287.patch      | 100 ------------------
 4 files changed, 30 insertions(+), 119 deletions(-)
 delete mode 100644 gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch


base-commit: 70df5c47a89f4f353a1df94467581a0f0da599a4
--
2.38.1

Comments

Hilton Chain Nov. 11, 2022, 6:21 a.m. UTC | #1 
v1 -> v2: Fix libnode path for r-v8.

Hilton Chain (4):
  gnu: libuv-for-node: Update to 1.43.0.
  gnu: llhttp-bootstrap: Update to 6.0.10.
  gnu: node-lts: Update to 18.12.1.
  gnu: libnode: Use node-lts as base.

 gnu/local.mk                                  |   1 -
 gnu/packages/cran.scm                         |   2 +-
 gnu/packages/libevent.scm                     |   4 +-
 gnu/packages/node.scm                         |  44 +++++---
 .../llhttp-bootstrap-CVE-2020-8287.patch      | 100 ------------------
 5 files changed, 31 insertions(+), 120 deletions(-)
 delete mode 100644 gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch


base-commit: 70df5c47a89f4f353a1df94467581a0f0da599a4
--
2.38.1
Dr. Arne Babenhauserheide Feb. 6, 2023, 1:37 p.m. UTC | #2 
Hi,

Did you make progress with this patch?

Is there a way I can help you?

Best wishes,
Arne
Jelle Licht Feb. 8, 2023, 9:05 p.m. UTC | #3 
From: Jelle Licht <jlicht@fsfe.org>

Folks,

This should at least build for x86_64, and I'm sending in a 'new' patch series
in the hopes of QA picking things up this time.

Hilton, I've taken the liberty of adding in a copyright line for your node-lts
update: I've also tweaked some versions so there would be less manual patching
and backports to do, namely:
* libuv-for-node to 1.44.2
* node-lts to 18.14.0

I needed to tweak some of our existing packages so they actually explicitly
state which dependencies they do not care about; with the npm bundled with
node < 16, things "Just Worked", but since then npm has become a bit stricter.

After applying my patches they should build with either node@14 (current
packaged version) or node@18 (Hilton's version).

Hilton Chain (4):
  gnu: libuv-for-node: Update to 1.44.2.
  gnu: llhttp-bootstrap: Update to 6.0.10.
  gnu: node-lts: Update to 18.14.0.
  gnu: libnode: Use node-lts as base.

Jelle Licht (12):
  gnu: node-acorn: Disable tests.
  gnu: node-acorn: Remove lifecycle script.
  gnu: node-acorn: Fix broken transpilation.
  gnu: node-buffer-crc32: Ignore development dependencies.
  gnu: node-crx3: Ignore development dependencies.
  gnu: node-minimist: Ignore development dependencies.
  gnu: node-pbf: Ignore development dependencies.
  gnu: node-protocol-buffers-schema: Ignore development dependencies.
  gnu: node-resolve-protobuf-schema: Ignore development dependencies.
  gnu: node-ieee754: Ignore development dependencies.
  gnu: node-yazl: Ignore development dependencies.
  gnu: node-uglify-js: Update to 3.14.2.

 gnu/local.mk                                  |   1 -
 gnu/packages/cran.scm                         |   2 +-
 gnu/packages/libevent.scm                     |   4 +-
 gnu/packages/node-xyz.scm                     | 110 +++++++++++++-----
 gnu/packages/node.scm                         |  49 +++++---
 .../llhttp-bootstrap-CVE-2020-8287.patch      | 100 ----------------
 gnu/packages/uglifyjs.scm                     |   4 +-
 7 files changed, 121 insertions(+), 149 deletions(-)
 delete mode 100644 gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch


base-commit: 07e74b63d4969de0b51c48edb586f0d7d8c08db7
Jelle Licht March 2, 2023, 10:53 p.m. UTC | #4 
From: Jelle Licht <jlicht@fsfe.org>

To prevent bitrot, I rebased and built it all locally.

Changes in v4:
- node-lts to 18.14.2

Hilton Chain (4):
  gnu: libuv-for-node: Update to 1.44.2.
  gnu: llhttp-bootstrap: Update to 6.0.10.
  gnu: node-lts: Update to 18.14.2.
  gnu: libnode: Use node-lts as base.

Jelle Licht (12):
  gnu: node-acorn: Disable tests.
  gnu: node-acorn: Remove lifecycle script.
  gnu: node-acorn: Fix broken transpilation.
  gnu: node-buffer-crc32: Ignore development dependencies.
  gnu: node-crx3: Ignore development dependencies.
  gnu: node-minimist: Ignore development dependencies.
  gnu: node-pbf: Ignore development dependencies.
  gnu: node-protocol-buffers-schema: Ignore development dependencies.
  gnu: node-resolve-protobuf-schema: Ignore development dependencies.
  gnu: node-ieee754: Ignore development dependencies.
  gnu: node-yazl: Ignore development dependencies.
  gnu: node-uglify-js: Update to 3.14.2.

 gnu/local.mk                                  |   1 -
 gnu/packages/cran.scm                         |   2 +-
 gnu/packages/libevent.scm                     |   4 +-
 gnu/packages/node-xyz.scm                     | 110 +++++++++++++-----
 gnu/packages/node.scm                         |  49 +++++---
 .../llhttp-bootstrap-CVE-2020-8287.patch      | 100 ----------------
 gnu/packages/uglifyjs.scm                     |   4 +-
 7 files changed, 121 insertions(+), 149 deletions(-)
 delete mode 100644 gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch
Jelle Licht March 15, 2023, 12:55 a.m. UTC | #5 
From: Jelle Licht <jlicht@fsfe.org>



Changes in v5:
- node build system needs an additional --install-links to work with newer npm.
- node-lts to 18.15.0

Hilton Chain (4):
  gnu: libuv-for-node: Update to 1.44.2.
  gnu: llhttp-bootstrap: Update to 6.0.10.
  gnu: node-lts: Update to 18.15.0.
  gnu: libnode: Use node-lts as base.

Jelle Licht (13):
  build-system: node: Use `--install-links' with `npm install'.
  gnu: node-acorn: Disable tests.
  gnu: node-acorn: Remove lifecycle script.
  gnu: node-acorn: Fix broken transpilation.
  gnu: node-buffer-crc32: Ignore development dependencies.
  gnu: node-crx3: Ignore development dependencies.
  gnu: node-minimist: Ignore development dependencies.
  gnu: node-pbf: Ignore development dependencies.
  gnu: node-protocol-buffers-schema: Ignore development dependencies.
  gnu: node-resolve-protobuf-schema: Ignore development dependencies.
  gnu: node-ieee754: Ignore development dependencies.
  gnu: node-yazl: Ignore development dependencies.
  gnu: node-uglify-js: Update to 3.14.2.

 gnu/local.mk                                  |   1 -
 gnu/packages/cran.scm                         |   2 +-
 gnu/packages/libevent.scm                     |   4 +-
 gnu/packages/node-xyz.scm                     | 110 +++++++++++++-----
 gnu/packages/node.scm                         |  49 +++++---
 .../llhttp-bootstrap-CVE-2020-8287.patch      | 100 ----------------
 gnu/packages/uglifyjs.scm                     |   4 +-
 guix/build/node-build-system.scm              |   3 +-
 8 files changed, 123 insertions(+), 150 deletions(-)
 delete mode 100644 gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch
Jelle Licht March 30, 2023, 12:31 p.m. UTC | #6 
From: Jelle Licht <jlicht@fsfe.org>



Changes in v6:
- Fix build of node-openzwave-shared
- Fix build of node-serialport
- Rebase on master

Hilton Chain (4):
  gnu: libuv-for-node: Update to 1.44.2.
  gnu: llhttp-bootstrap: Update to 6.0.10.
  gnu: node-lts: Update to 18.15.0.
  gnu: libnode: Use node-lts as base.

Jelle Licht (15):
  build-system: node: Use `--install-links' with `npm install'.
  gnu: node-acorn: Disable tests.
  gnu: node-acorn: Remove lifecycle script.
  gnu: node-acorn: Fix broken transpilation.
  gnu: node-buffer-crc32: Ignore development dependencies.
  gnu: node-crx3: Ignore development dependencies.
  gnu: node-minimist: Ignore development dependencies.
  gnu: node-pbf: Ignore development dependencies.
  gnu: node-protocol-buffers-schema: Ignore development dependencies.
  gnu: node-resolve-protobuf-schema: Ignore development dependencies.
  gnu: node-ieee754: Ignore development dependencies.
  gnu: node-yazl: Ignore development dependencies.
  gnu: node-uglify-js: Update to 3.14.2.
  gnu: node-serialport: Avoid gyp rebuilds.
  gnu: node-openzwave-shared: Fix compilation for new versions of node

 gnu/local.mk                                  |   1 -
 gnu/packages/cran.scm                         |   2 +-
 gnu/packages/libevent.scm                     |   4 +-
 gnu/packages/node-xyz.scm                     | 112 ++++++++++++++----
 gnu/packages/node.scm                         |  49 +++++---
 .../llhttp-bootstrap-CVE-2020-8287.patch      | 100 ----------------
 gnu/packages/uglifyjs.scm                     |   4 +-
 gnu/packages/zwave.scm                        |   5 +
 guix/build/node-build-system.scm              |   3 +-
 9 files changed, 130 insertions(+), 150 deletions(-)
 delete mode 100644 gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch
Jelle Licht April 17, 2023, 2:51 p.m. UTC | #7 
From: Jelle Licht <jlicht@fsfe.org>

Node-based things are broken on armhf, but that has been the case for a good
while already. If nobody objects, I'm planning to push this to master after a
'green light' (modulo armhf results) from the QA service, somewhere in the
coming days.

Changes in v7:
- Build emacs-nodejs-repl with node-lts
- Rebase on master
- Update node-lts to 18.16.0

Hilton Chain (4):
  gnu: libuv-for-node: Update to 1.44.2.
  gnu: llhttp-bootstrap: Update to 6.0.10.
  gnu: node-lts: Update to 18.16.0.
  gnu: libnode: Use node-lts as base.

Jelle Licht (16):
  build-system: node: Use `--install-links' with `npm install'.
  gnu: node-acorn: Disable tests.
  gnu: node-acorn: Remove lifecycle script.
  gnu: node-acorn: Fix broken transpilation.
  gnu: node-buffer-crc32: Ignore development dependencies.
  gnu: node-crx3: Ignore development dependencies.
  gnu: node-minimist: Ignore development dependencies.
  gnu: node-pbf: Ignore development dependencies.
  gnu: node-protocol-buffers-schema: Ignore development dependencies.
  gnu: node-resolve-protobuf-schema: Ignore development dependencies.
  gnu: node-ieee754: Ignore development dependencies.
  gnu: node-yazl: Ignore development dependencies.
  gnu: node-uglify-js: Update to 3.14.2.
  gnu: node-serialport: Avoid gyp rebuilds.
  gnu: node-openzwave-shared: Fix compilation for new versions of node
  gnu: emacs-nodejs-repl: Build with node-lts.

 gnu/local.mk                                  |   1 -
 gnu/packages/cran.scm                         |   2 +-
 gnu/packages/emacs-xyz.scm                    |   2 +-
 gnu/packages/libevent.scm                     |   4 +-
 gnu/packages/node-xyz.scm                     | 112 ++++++++++++++----
 gnu/packages/node.scm                         |  49 +++++---
 .../llhttp-bootstrap-CVE-2020-8287.patch      | 100 ----------------
 gnu/packages/uglifyjs.scm                     |   4 +-
 gnu/packages/zwave.scm                        |   5 +
 guix/build/node-build-system.scm              |   3 +-
 10 files changed, 131 insertions(+), 151 deletions(-)
 delete mode 100644 gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch
Jelle Licht May 6, 2023, 12:50 p.m. UTC | #8 
Pushed to master, with some minor adjustments to make things work after
the core-updates merge. Thanks for the patience and feedback!

- Jelle