forge/ayaports
1
1
Fork 0
Code Issues 55 Pull requests 15 Projects Releases Packages 460 Wiki Activity Actions
ayaports/user/nodejs/APKBUILD

205 lines
5.6 KiB
Text
Raw Normal View History

user/nodejs: new aport
2023-09-07 10:37:10 -04:00
# Contributor: Jose-Luis Rivas <ghostbar@riseup.net>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Contributor: Dave Esaias <dave@containership.io>
# Contributor: Tadahisa Kamijo <kamijin@live.jp>
# Contributor: Eivind Uggedal <eu@eju.no>
# Maintainer: Jakub Jirutka <jakub@jirutka.cz>
#
# secfixes:
# 14.21.3-r0:
# - CVE-2023-23918
# - CVE-2023-23920
# 14.20.1-r0:
# - CVE-2022-32213
# - CVE-2022-32214
# - CVE-2022-32215
# - CVE-2022-35256
# 14.19.0-r0:
# - CVE-2022-21824
# - CVE-2021-44533
# - CVE-2021-44532
# - CVE-2021-44531
# 14.18.1-r0:
# - CVE-2021-22959
# - CVE-2021-22960
# 14.17.6-r0:
# - CVE-2021-37701
# - CVE-2021-37712
# - CVE-2021-37713
# - CVE-2021-39134
# - CVE-2021-39135
# 14.17.5-r0:
# - CVE-2021-3672
# - CVE-2021-22931
# - CVE-2021-22939
# 14.17.4-r0:
# - CVE-2021-22930
# 14.17.3-r0:
# - CVE-2021-22918
# 14.16.1-r0:
# - CVE-2020-7774
# 14.16.0-r0:
# - CVE-2021-22883
# - CVE-2021-22884
# 14.15.5-r0:
# - CVE-2021-21148
# 14.15.4-r0:
# - CVE-2020-8265
# - CVE-2020-8287
# 14.15.1-r0:
# - CVE-2020-8277
# 12.18.4-r0:
# - CVE-2020-8201
# - CVE-2020-8252
# 12.18.0-r0:
# - CVE-2020-8172
# - CVE-2020-11080
# - CVE-2020-8174
# 12.15.0-r0:
# - CVE-2019-15606
# - CVE-2019-15605
# - CVE-2019-15604
# 10.16.3-r0:
# - CVE-2019-9511
# - CVE-2019-9512
# - CVE-2019-9513
# - CVE-2019-9514
# - CVE-2019-9515
# - CVE-2019-9516
# - CVE-2019-9517
# - CVE-2019-9518
# 10.15.3-r0:
# - CVE-2019-5737
# 10.14.0-r0:
# - CVE-2018-12121
# - CVE-2018-12122
# - CVE-2018-12123
# - CVE-2018-0735
# - CVE-2018-0734
# 8.11.4-r0:
# - CVE-2018-12115
# 8.11.3-r0:
# - CVE-2018-7167
# - CVE-2018-7161
# - CVE-2018-1000168
# 8.11.0-r0:
# - CVE-2018-7158
# - CVE-2018-7159
# - CVE-2018-7160
# 8.9.3-r0:
# - CVE-2017-15896
# - CVE-2017-15897
# 6.11.5-r0:
# - CVE-2017-14919
# 6.11.1-r0:
# - CVE-2017-1000381
# 0:
# - CVE-2022-32212
# - CVE-2022-32223
#
pkgname=nodejs
# Note: Update only to even-numbered versions (e.g. 6.y.z, 8.y.z)!
# Odd-numbered versions are supported only for 9 months by upstream.
pkgver=14.21.3
pkgrel=0
pkgdesc="JavaScript runtime built on V8 engine - LTS version"
url="https://nodejs.org/"
arch="all !mips64 !mips64el !riscv64"
license="MIT"
depends="ca-certificates nghttp2-libs>=1.41"
makedepends="
brotli-dev
c-ares-dev
icu-dev
linux-headers
nghttp2-dev
openssl-dev
python3
zlib-dev
"
install="$pkgname.post-upgrade"
subpackages="$pkgname-dev $pkgname-doc"
provider_priority=100 # highest priority (other provider is nodejs-current)
provides="nodejs-lts=$pkgver" # for backward compatibility
replaces="nodejs-current nodejs-lts" # nodejs-lts for backward compatibility
source="https://nodejs.org/dist/v$pkgver/node-v$pkgver.tar.gz
disable-running-gyp-on-shared-deps.patch
link-with-libatomic-on-mips32.patch
fix-build-with-system-c-ares.patch
"
builddir="$srcdir/node-v$pkgver"
prepare() {
default_prepare
# Remove bundled dependencies that we're not using.
rm -rf deps/brotli deps/cares deps/openssl deps/zlib
}
build() {
# Add defines recommended in libuv readme.
local common_flags="-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"
# Compiling with O2 instead of Os increases binary size by ~10%
# (53.1 MiB -> 58.6 MiB), but also increases performance by ~20%
# according to v8/web-tooling-benchmark. Node.js is quite huge anyway;
# there are better options for size constrained environments.
export CFLAGS="${CFLAGS/-Os/-O2} $common_flags"
export CXXFLAGS="${CXXFLAGS/-Os/-O2} $common_flags"
export CPPFLAGS="${CPPFLAGS/-Os/-O2} $common_flags"
case "$CARCH" in
mips*) _carchflags="--with-mips-arch-variant=r1 --with-mips-float-abi=soft";;
esac
# NOTE: We use bundled libuv because they don't care much about backward
# compatibility and it has happened several times in past that we
# couldn't upgrade nodejs package in stable branches to fix CVEs due to
# libuv incompatibility.
#
# NOTE: We don't package the bundled npm - it's a separate project with
# its own release cycle and version numbering, so it's better to keep
# it in a standalone aport.
#
# TODO: After icu package is modified to split data into multiple
# variants, change --with-intl to "system-icu".
python3 configure.py --prefix=/usr \
$_carchflags \
--shared-brotli \
--shared-zlib \
--shared-openssl \
--shared-cares \
--shared-nghttp2 \
--openssl-use-def-ca-store \
--with-icu-default-data-dir=$(icu-config --icudatadir) \
--with-intl=small-icu \
--without-corepack \
--without-npm
make BUILDTYPE=Release
}
# TODO Run provided test suite.
check() {
cd "$builddir"/out/Release
./node -e 'console.log("Hello, world!")'
./node -e "require('assert').equal(process.versions.node, '$pkgver')"
}
package() {
make DESTDIR="$pkgdir" install
}
dev() {
provides="nodejs-lts-dev=$pkgver" # for backward compatibility
default_dev
}
sha512sums="
36e91d15f8e3687deb74f05e4e635c824410b586ebe9b7a410006d1e864093a45d0d350fa9b8536ff9d48d81907ac5f551c17a010707f9776a2f53d5711be0cb node-v14.21.3.tar.gz
8033162669e01a1cd6d5103e5b86c3a6cc49d9a40c1715538be08a181d2c30eb588b251ef7520e73bf6ca8fccb90d81d139ba933927a0869f02546489e3df281 disable-running-gyp-on-shared-deps.patch
44e81fbf254bd79e38b813f7f5a1336df854588939cba50aaec600660495f9b7745a7049a99eb59d15a51100b3a44f66892a902d7fc32e1399b51883ad4c02cf link-with-libatomic-on-mips32.patch
30ca1ce7f9512c943950b8eec98bca99d24c740ebaa14619292fe5ed931dcf603ca90afb1d704ca7f545e421752ba4dde81c0c5bbb5242eb1726739ca627e15f fix-build-with-system-c-ares.patch
"
Reference in a new issue Copy permalink