# Contributor: William Pitcock <nenolod@dereferenced.org>
# Contributor: Jose-Luis Rivas <ghostbar@riseup.net>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Contributor: Dave Esaias <dave@containership.io>
# Contributor: Tadahisa Kamijo <kamijin@live.jp>
# Maintainer: Jakub Jirutka <jakub@jirutka.cz>
#
# secfixes:
#   6.10.3-r1:
#   - CVE-2017-1000381
#   6.10.0-r0:
#   - CVE-2016-5129
#   6.8.0-r0:
#   - CVE-2016-5180
#
pkgname=nodejs
# Note: Update only to even-numbered versions (e.g. 6.y.z, 8.y.z)!
# Odd-numbered versions are supported only for 9 months by upstream.
pkgver=6.10.3
pkgrel=2
pkgdesc="JavaScript runtime built on V8 engine - LTS version"
url="http://nodejs.org/"
arch="all"
license="MIT"
depends="ca-certificates"
depends_dev="libuv"
# gold is needed for mksnapshot
makedepends="$depends_dev python2 openssl-dev zlib-dev libuv-dev linux-headers
	paxmark binutils-gold http-parser-dev ca-certificates"
subpackages="$pkgname-dev $pkgname-doc $pkgname-npm::noarch"
provides="nodejs-lts=$pkgver"  # for backward compatibility
replaces="nodejs-current nodejs-lts"  # nodejs-lts for backward compatibility
source="https://nodejs.org/dist/v$pkgver/node-v$pkgver.tar.gz
	use-system-ca-certs.patch
	dont-run-gyp-files-for-bundled-deps.patch
	ppc-fix-musl-mcontext.patch
	disable-v8-snapshots.patch
	s390-debug-code-requires-bigger-buffer.patch
	CVE-2017-1000381.patch"
builddir="$srcdir/node-v$pkgver"

prepare() {
	default_prepare || return 1

	# Remove bundled dependencies that we're not using.
	rm -rf deps/http_parser deps/openssl deps/uv deps/zlib
}

build() {
	cd "$builddir"

	./configure --prefix=/usr \
		--shared-zlib \
		--shared-libuv \
		--shared-openssl \
		--shared-http-parser \
		--openssl-use-def-ca-store \
		|| return 1

	# we need run mksnapshot at build time so paxmark it early
	make -C out mksnapshot BUILDTYPE=Release \
		&& paxmark -m out/Release/mksnapshot \
		&& make || return 1

	# paxmark so JIT works
	paxmark -m out/Release/node
}

# TODO Run provided test suite.
check() {
	cd "$builddir"/out/Release

	./node -e 'console.log("Hello, world!")'
	./node -e "require('assert').equal(process.versions.node, '$pkgver')"
}

package() {
	cd "$builddir"

	make DESTDIR="$pkgdir" install || return 1

	# It's strange, but it really needs to be paxmarked again...
	paxmark -m "$pkgdir"/usr/bin/node || return 1

	cp -pr "$pkgdir"/usr/lib/node_modules/npm/man "$pkgdir"/usr/share || return 1
	local d; for d in doc html man; do
		rm -r "$pkgdir"/usr/lib/node_modules/npm/$d || return 1
	done
}

dev() {
	provides="nodejs-lts-dev=$pkgver"  # for backward compatibility

	default_dev || return 1

	# Remove some junk.
	rm -r "$subpkgdir"/usr/lib/node_modules
	rmdir -p "$subpkgdir"/usr/lib || :
}

npm() {
	pkgdesc="A package manager for JavaScript"
	depends="$pkgname"
	replaces="nodejs-current-npm $pkgname"  # $pkgname for backward compatibility

	mkdir -p "$subpkgdir"/usr/bin
	mv "$pkgdir"/usr/bin/npm "$subpkgdir"/usr/bin/ || return 1

	mkdir -p "$subpkgdir"/usr/lib/node_modules
	mv "$pkgdir"/usr/lib/node_modules/npm "$subpkgdir"/usr/lib/node_modules/
}

sha512sums="1aa4b2984893375c9fad675f629a1a1131e1e06778abe92a99ebd472f681e372432c7ff08dfe282848bf2b324cb5cc757dde42523016a16a527360083499c718  node-v6.10.3.tar.gz
316a09f697e244c48d4dcf26ca2bb7e2441fc01ed61ad6b987e24741f93cfcf29f2e6de736ab9e4c014355cd14dd63ae7de1f8c28b5274e3225b1b3412db11d4  use-system-ca-certs.patch
a8be538158b7c96341a407acba30450ddc5c3ad764e7efe728d1ceff64efc3067b177855b9ef91b54400be6a02600d83da4c21a07ae9d7dc0774f92b2006ea8b  dont-run-gyp-files-for-bundled-deps.patch
54a96cdc103bdffa9ba5283f59c64a35774e272f3a944d6475e3f669f95f7d75bcca6db3b12b9af76ea463f531763105aeabb302872652ced6a2bcb66f1eace0  ppc-fix-musl-mcontext.patch
adb75d68c350640a96c536baa46d18b566cc00796db1ea6e5ee00d60b6ab8316212dd4aa6fb00e58ef9a40a1f68b1c6c52aaffedaad6c4c91d650a946bcaeba2  disable-v8-snapshots.patch
7e03abce16050ca6abedf9c2f167e75f6e8d9c92bbab3dacf4be4f0b490829666d60a764d5bfc496a1fce7f5cad757073200c8c07c5df8f531c65ee2099f4540  s390-debug-code-requires-bigger-buffer.patch
57738244c3b0484f24a0082cf3f1d582dead809a3962e89a692c288829c4a4e5dd60695dbe6a76081db1dbc92bf6f9dcfaff892b99f9985aff5d4231d9a13145  CVE-2017-1000381.patch"