# Contributor: Jose-Luis Rivas # Contributor: Jakub Jirutka # Contributor: Dave Esaias # Contributor: Tadahisa Kamijo # Contributor: Eivind Uggedal # Maintainer: Jakub Jirutka # # secfixes: # 10.16.3-r0: # - CVE-2019-9511 # - CVE-2019-9512 # - CVE-2019-9513 # - CVE-2019-9514 # - CVE-2019-9515 # - CVE-2019-9516 # - CVE-2019-9517 # - CVE-2019-9518 # 10.15.3-r0: # - CVE-2019-5737 # 10.14.0-r0: # - CVE-2018-12121 # - CVE-2018-12122 # - CVE-2018-12123 # - CVE-2018-0735 # - CVE-2018-0734 # 8.11.4-r0: # - CVE-2018-12115 # 8.11.3-r0: # - CVE-2018-7167 # - CVE-2018-7161 # - CVE-2018-1000168 # 8.11.0-r0: # - CVE-2018-7158 # - CVE-2018-7159 # - CVE-2018-7160 # 8.9.3-r0: # - CVE-2017-15896 # - CVE-2017-15897 # 6.11.5-r0: # - CVE-2017-14919 # 6.11.1-r0: # - CVE-2017-1000381 # pkgname=nodejs # Note: Update only to even-numbered versions (e.g. 6.y.z, 8.y.z)! # Odd-numbered versions are supported only for 9 months by upstream. pkgver=10.16.3 pkgrel=0 pkgdesc="JavaScript runtime built on V8 engine - LTS version" url="https://nodejs.org/" arch="all !mips64 !mips64el" license="MIT" depends="ca-certificates" depends_dev="libuv" # gold is needed for mksnapshot makedepends="$depends_dev python2 openssl-dev zlib-dev libuv-dev linux-headers paxmark binutils-gold http-parser-dev ca-certificates c-ares-dev" subpackages="$pkgname-dev $pkgname-doc npm::noarch" provides="nodejs-lts=$pkgver" # for backward compatibility replaces="nodejs-current nodejs-lts" # nodejs-lts for backward compatibility source="https://nodejs.org/dist/v$pkgver/node-v$pkgver.tar.gz dont-run-gyp-files-for-bundled-deps.patch link-with-libatomic-on-mips32.patch " builddir="$srcdir/node-v$pkgver" prepare() { default_prepare # Remove bundled dependencies that we're not using. rm -rf deps/http_parser deps/openssl deps/uv deps/zlib } build() { cd "$builddir" case "$CARCH" in mips*) _carchflags="--with-mips-arch-variant=r1 --with-mips-float-abi=soft";; esac ./configure --prefix=/usr \ $_carchflags \ --shared-zlib \ --shared-libuv \ --shared-openssl \ --shared-http-parser \ --shared-cares \ --openssl-use-def-ca-store # We need run mksnapshot at build time so paxmark it early. make -C out mksnapshot BUILDTYPE=Release paxmark -m out/Release/mksnapshot make # paxmark so JIT works paxmark -m out/Release/node } # TODO Run provided test suite. check() { cd "$builddir"/out/Release ./node -e 'console.log("Hello, world!")' ./node -e "require('assert').equal(process.versions.node, '$pkgver')" } package() { cd "$builddir" make DESTDIR="$pkgdir" install # It's strange, but it really needs to be paxmarked again... paxmark -m "$pkgdir"/usr/bin/node cp -pr "$pkgdir"/usr/lib/node_modules/npm/man "$pkgdir"/usr/share local d; for d in doc html man; do rm -r "$pkgdir"/usr/lib/node_modules/npm/$d done } dev() { provides="nodejs-lts-dev=$pkgver" # for backward compatibility default_dev } npm() { pkgdesc="A package manager for JavaScript" depends="$pkgname" # for backward compatibility provides="nodejs-npm=$pkgver-r$pkgrel nodejs-current-npm=$pkgver-r$pkgrel" replaces="nodejs-npm nodejs-current-npm $pkgname" mkdir -p "$subpkgdir"/usr/bin mv "$pkgdir"/usr/bin/np[mx] "$subpkgdir"/usr/bin/ mkdir -p "$subpkgdir"/usr/lib/node_modules mv "$pkgdir"/usr/lib/node_modules/npm "$subpkgdir"/usr/lib/node_modules/ } sha512sums="c3a95d8810599db8e9a17932c55ff57223cf9e66028e776088420023ab7ba393e9b60518a189fcab46ca2597d213f8a6414abba282a73c9501c294dbc7b041e6 node-v10.16.3.tar.gz 9d09a88074bf0093f35c5b610e73ebf4c5381df2a2b29feb69da1af0b18776a683b13f1276375bbcfc60936cc27769539e1f01b4ba94b22cad2d5f4daae14c46 dont-run-gyp-files-for-bundled-deps.patch 4fd3f10bd82d1e851ed000169c2635c001a4a051283edf96f1efb2260e2d395199dd5843f79f1cff8f2c0c65462c44241c508ea67835dfbd9880d9196fae290a link-with-libatomic-on-mips32.patch"