# Contributor: William Pitcock # Contributor: Jose-Luis Rivas # Contributor: Jakub Jirutka # Maintainer: Jakub Jirutka # # secfixes: # 6.9.5-r1: # - CVE-2017-1000381 # pkgname=nodejs # Note: Update only to even-numbered versions (e.g. 6.y.z, 8.y.z)! # Odd-numbered versions are supported only for 9 months by upstream. pkgver=6.9.5 pkgrel=2 pkgdesc="JavaScript runtime built on V8 engine - LTS version" url="http://nodejs.org/" arch="all" license="MIT" depends="ca-certificates" depends_dev="libuv" # gold is needed for mksnapshot makedepends="$depends_dev python2 openssl-dev zlib-dev libuv-dev linux-headers paxmark binutils-gold http-parser-dev ca-certificates" subpackages="$pkgname-dev $pkgname-doc" provides="nodejs-lts=$pkgver" # for backward compatibility replaces="nodejs-current nodejs-lts" # nodejs-lts for backward compatibility source="https://nodejs.org/dist/v$pkgver/node-v$pkgver.tar.gz use-system-ca-certs.patch dont-run-gyp-files-for-bundled-deps.patch disable-v8-snapshots.patch CVE-2017-1000381.patch" builddir="$srcdir/node-v$pkgver" prepare() { default_prepare || return 1 # Remove bundled CA certificates. rm -f src/node_root_certs.h # Remove bundled dependencies that we're not using. rm -rf deps/http_parser deps/openssl deps/uv deps/zlib } build() { cd "$builddir" ./configure --prefix=/usr \ --shared-zlib \ --shared-libuv \ --shared-openssl \ --shared-http-parser \ || return 1 # we need run mksnapshot at build time so paxmark it early make -C out mksnapshot BUILDTYPE=Release \ && paxmark -m out/Release/mksnapshot \ && make || return 1 } package() { cd "$builddir" make DESTDIR="$pkgdir" install || return 1 # paxmark so JIT works paxmark -m "$pkgdir"/usr/bin/node || return 1 cp -pr "$pkgdir"/usr/lib/node_modules/npm/man "$pkgdir"/usr/share || return 1 local d; for d in doc html man; do rm -r "$pkgdir"/usr/lib/node_modules/npm/$d || return 1 done } dev() { provides="nodejs-lts-dev=$pkgver" # for backward compatibility default_dev } sha512sums="59e544909742d2b3e88b11bbdad6bf713b55e82f32f993b17b7eff83cd1cbac3c10fb2445304245d44ce1c2c219f439acd51f872ecb285535d8ae471bf4c8410 node-v6.9.5.tar.gz c540878495761f4c38f3cccd61da75fa5619637ba9887b7946964a7cef790178e26678fe0aabe400e32c8f0f65e97a519ceee1534bbf18a1a14bc6e9fe067637 use-system-ca-certs.patch a8be538158b7c96341a407acba30450ddc5c3ad764e7efe728d1ceff64efc3067b177855b9ef91b54400be6a02600d83da4c21a07ae9d7dc0774f92b2006ea8b dont-run-gyp-files-for-bundled-deps.patch 45fa75c663edfa67aaebd49d85999af4cbe730b4dd931d9f799d7c26ad389569b1af340c4e54cefffe282cf9e20ba326212590cc4578a6b1fe9d9f148aeb6767 disable-v8-snapshots.patch 57738244c3b0484f24a0082cf3f1d582dead809a3962e89a692c288829c4a4e5dd60695dbe6a76081db1dbc92bf6f9dcfaff892b99f9985aff5d4231d9a13145 CVE-2017-1000381.patch"