| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
License Update: Add sorttable.js under the MIT license - https://github.com/nodejs/node/pull/61348/files
Update minimatch to the Blue Oak Model License - https://github.com/nodejs/node/commit/e72da8c7544727f90b857ba86b8c7755e631fe96
Changelog: https://github.com/nodejs/node/releases/tag/v22.22.1
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The NEON SIMD fast path in the bundled llhttp calls
__builtin_ctzll(match_mask) without checking if match_mask is zero.
When all 16 bytes in a NEON register are valid header value characters,
match_mask is 0. Calling __builtin_ctzll(0) is undefined behavior.
GCC at -O2 exploits this by optimizing "if (match_len != 16)" to
always-true, causing HTTP 400 Bad Request for any header value longer
than 16 characters on ARM targets with NEON enabled.
Fix by explicitly checking for match_mask == 0 and setting
match_len = 16. This bug affects both aarch64 and armv7 NEON targets.
The code this patch modifies is generated, so the patch itself isn't
suitable for upstream submission, as the root cause of the error is
in the generator itself. The fix has been merged upstream[1] in
llparse 7.3.1 and is included in llhttp 9.3.1. This patch can be
dropped when nodejs updates its bundled llhttp to >= 9.3.1.
[1]: https://github.com/nodejs/llparse/pull/83
Signed-off-by: Telukula Jeevan Kumar Sahu <j-sahu@ti.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The llhttp vendored dependency of nodejs takes advantage of Arm NEON
instructions when they are available, however they are detected by
checking for an outdated CPU feature macro: it checks for __ARM_NEON__,
however it is not defined by new compilers for aarch64, rather they
set __ARM_NEON. The Arm C extension guide[1] refers to __ARM_NEON macro
aswell.
This patch changes the detection to check for both macros when detecting
the availability of NEON instructions.
The code this patch modifies is generated, so the patch itself isn't
suitable for upstream submission, as the root cause of the error is
in the generator itself. A PR has been submitted[2] to the generator
project to rectify this issue.
[1]: https://developer.arm.com/documentation/ihi0053/d/ - pdf, section 6.9
[2]: https://github.com/nodejs/llparse/pull/84
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The llhttp dependency of nodejs uses NEON intrinsics when they
are available, however some of these calls are incorrect: they
the call they use don't match the parameters passed, and so
the compilation fail (unless the error is suppressed):
| ../deps/llhttp/src/llhttp.c: In function 'llhttp__internal__run':
| ../deps/llhttp/src/llhttp.c:2645:9: note: use '-flax-vector-conversions' to permit conversions between vectors with differing element types or numbers of subparts
| 2645 | );
| | ^
| ../deps/llhttp/src/llhttp.c:2643:11: error: incompatible type for argument 1 of 'vandq_u16'
| 2643 | vcgeq_u8(input, vdupq_n_u8(' ')),
There is a patch upstream that fixes it (though it is not merged
yet). This patch is a port of that fix.
This allows us to remove the extra CFLAGS also from the recipe that
suppressed this error.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In case nghttp2 and/or libuv PACKAGECONFIGs are enabled, nodejs
will build some binaries for the build system also, linking to
native binaries and using headers from the native sysroot.
However in case the dependencies are missing from the native sysroot,
then it falls back to the build system's sysroot, and use the files
that it can find there. If the build system doesn't have nghttp2/libuv
installed, then compilation fails:
libuv:
../tools/executable_wrapper.h:5:10: fatal error: uv.h: No such file or directory
ngtthp2:
<...snip...>/build/tmp/hosttools/ld: cannot find -lnghttp2: No such file or directory
To avoid falling back to the build system's sysroot, add the missing
libuv-native and nghttp2-native dependencies.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch isn't intended to introduce new behavior, rather it
changes the order of some existing LDFLAGS to fix a workaround that
stopped working at some point in the past.
LDFLAGS:x86 contains libatomic, because linking with this library
is required for this platform.
However when gyp links, it invokes the following (pseudo-)command:
$LD $LDFLAGS $RESOURCES_TO_LINK $EXTRA_LIBS $EXTRA_LDFLAGS
The EXTRA* arguments are coming from the gyp config. Since
LDFLAGS appears very early in the command, libatomic also
appears early amongst the resources, and the linker couldn't
find the relevant symbols when compiled for x86 platform (as
it was processed the very last):
| [...] undefined reference to `__atomic_compare_exchange'
Using this patch the library appears at the end, along with
the other EXTRA_LIBS, after the list of linked resources,
allowing linking to succeed.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
ERROR: nodejs-22.21.1-r0 do_patch: Applying patch '0001-deps-disable-io_uring-support-in-libuv.patch' on target directory '/build/tmp/work/core2-32-poky-linux/nodejs/22.21.1/sources/node-v22.21.1'
CmdError('quilt --quiltrc /build/tmp/work/core2-32-poky-linux/nodejs/22.21.1/recipe-sysroot-native/etc/quiltrc push', 0, "stdout: Applying patch 0001-deps-disable-io_uring-support-in-libuv.patch
can't find file to patch at input line 27
The sources which related to libuv as deps/uv/ are removed in prune_sources
when depends on libuv.
So postpone prune_sources execute at do_patch phase to fix the gap.
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is the December 2025 security release that the nodejs team released
January 13, 2026.
3 high severity issues.
4 medium severity issues.
1 low severity issue.
High priority fixes:
CVE-2025-55131
CVE-2025-55130
CVE-2025-59465
Medium priority fixes:
CVE-2025-59466
CVE-2025-59464
CVE-2026-21636 *
CVE-2026-21637
Low priority fixes:
CVE-2025-55132
* note that this medium priority CVE only effects Nodejs v25.
https://nodejs.org/en/blog/vulnerability/december-2025-security-releases
Changelog: https://github.com/nodejs/node/releases/tag/v22.22.0
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
CVE_PRODUCT is specified twice - the second instance only duplicates one
value from the first instance.
Remove this extra CVE_PRODUCT.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use gcc to compile failed for 32 bit arm target
$ echo 'MACHINE = "qemuarm"' >> conf/local.conf
$ bitbake nodejs
...
2645 | );
| ^
../deps/llhttp/src/llhttp.c:2643:11: error: incompatible type for argument 1 of 'vandq_u16'
2643 | vcgeq_u8(input, vdupq_n_u8(' ')),
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| |
| uint8x16_t
...
Use '-flax-vector-conversions' to permit conversions between vectors
with differing element types or numbers of subparts
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Changelog: https://github.com/nodejs/node/releases/tag/v22.21.1
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Changelog: https://github.com/nodejs/node/releases/tag/v22.21.0
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Chagelog: https://github.com/nodejs/node/releases/tag/v22.20.0
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
License-Update: Add sonic-boom under MIT License
https://github.com/nodejs/node/commit/0edf17198fe118c6cc39746feb8707a91d739f94
Changelog: https://github.com/nodejs/node/releases/tag/v22.19.0
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
0001-build-remove-redundant-mXX-flags-for-V8.patch - fix offset and fuzz.
0001-deps-disable-io_uring-support-in-libuv.patch - update for new libuv version 1.51.0
https://github.com/nodejs/node/commit/e397980a1a
License-Update: zlib version change from 1.3.0.1 to 1.3.1
https://github.com/nodejs/node/commit/efebf461313db420243717f48aaa0b97d5279580
Changelog: https://github.com/nodejs/node/releases/tag/v22.18.0
Changelog: https://github.com/nodejs/node/releases/tag/v22.17.1
Changelog: https://github.com/nodejs/node/releases/tag/v22.17.0
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When clang is used as cross compiler, it confuses gyp
system to enable -m64 option for host pieces of build
and the reason is that it assumes clang to be biarch
by default for all architectures but that maybe true for
x86/x86_64 combo but not true for arm/aarch64 systems
This is a backport from node 24
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Plenty of other recipes inherit qemu unconditionally, including
some pretty foundational ones like python3, and they do not need
this fix. I think something else is going on here, and that issue
needs to be properly investigated.
There's a request to provide steps to observe the issue, but the original
patch author so far hasn't been able to reproduce it on demand:
https://lists.openembedded.org/g/openembedded-devel/topic/113861973
This reverts commit b2a950a75b15c93f625bfe6514bc248c9310813f.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The recipe unconditionally inherits the qemu class, because it executes
some target binaries when it is cross-compiled and the bit-width of the
build host and the target host are different.
Since it is unconditional, it also means that it is inherited for native
and nativesdk builds also. The qemu class uses some qemu options that are
always derived from the target machine's configuration, even when the
recipe is built for class-native. This means that some of the variables
used by the recipe changes (e.g. QEMU_OPTIONS), and the shared state cache
is invalidated when the target machine changes, even when nodejs-native is
being built - and it triggers a full rebuild of nodejs-native unnecessarily.
To avoid this, inherit the qemu class conditionally, only in case it is
used (when the target and build arch's bit-widths are different).
Also, inherit qemu-native based on the same condition, and move around the
qemu-dependent code a bit, so it will be only executed when the qemu class
is inherited.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Please see
https://git.yoctoproject.org/poky/commit/?id=4dd321f8b83afecd962393101b2a6861275b5265
for what changes are needed, and sed commands that can be used to make them en masse.
I've verified that bitbake -c patch world works with these, but did not run a world
build; the majority of recipes shouldn't need further fixups, but if there are
some that still fall out, they can be fixed in followups.
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes:
1. Compile failure with host gcc 11.4.0 (on ubuntu 22.04)
$ echo 'MACHINE = "qemuppc64"' >> conf/local.conf
$ bitbake nodejs
'''
../deps/v8/src/execution/ppc/simulator-ppc.cc:5126:33: error: ‘ceilf’ is not a member of ‘std’; did you mean ‘ceil’?
5126 | VECTOR_FP_ROUNDING(float, ceilf)
| ^~~~~
'''
2. Segment fault on qemuppc64
$ runqemu qemuppc64 slirp nographic ext4 snapshot qemuparams="-m 8192"
root@qemuppc64:~# node --help
Segmentation fault (core dumped)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 24ff52ba3b73757cc0255a5b19822e2e4d3d4e0a.
The original patch was my bad. The patches for oe-core were re-worked,
but I forgot the recall this patch.
In fact, inheriting qemu is needed because it sets a clear barriar
for people to use qemu user mode. And the QEMU_OPTIONS settings
are also in qemu.bbclass.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Drop the backported zlib-fix-pointer-alignment patch. It is included in this release.
https://github.com/nodejs/node/commit/f2159f2a44
Changelog: https://github.com/nodejs/node/releases/tag/v22.16.0
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a security update.
(CVE-2025-23166) fix error handling on async crypto operation
(CVE-2025-23165) add missing call to uv_fs_req_cleanup
https://nodejs.org/en/blog/vulnerability/may-2025-security-releases
Changelog: https://github.com/nodejs/node/releases/tag/v22.15.1
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Avoid inheriting qemu.bbclass and use oe.qemu.xxx instead.
Also, the 'qemu-native' dep is replaced by 'qemuwrapper-cross' for
PACKAGE_WRITE_DEPS. qemuwrapper-cross is the one that is actually
used by postints and it has 'qemu-native' in DEPENDS.
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Brotli can crash nodejs (on ARM), because the memory allocated for
brotli wasn't properly aligned.
https://github.com/google/brotli/issues/1159
https://github.com/nodejs/node/commit/dc035bbc9b310ff8067bc0dad22230978489c061
Signed-off-by: Jeroen Hofstee <jhofstee@victronenergy.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
License-Update: Whitespace changes. Update copyright years. Add zstd under BSD license.
https://github.com/nodejs/node/pull/57840/files#diff-c693279643b8cd5d248172d9c22cb7cf4ed163a3c98c8a3f69c2717edd3eacb7
Changelog: https://github.com/nodejs/node/releases/tag/v22.15.0
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
License-Update: Change the location of the inspector_protocol
https://github.com/nodejs/node/commit/a48430d4d34eb9f598522410dd7723f069c574d0
Changelog: https://github.com/nodejs/node/releases/tag/v22.14.0
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog for 22.13.0 : https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V22.md#22.13.0
Changelog for 22.13.1 : https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V22.md#22.13.1
The 22.13.1 release is a security fix addressing four CVEs.
CVE-2025-23083 - src,loader,permission: throw on InternalWorker use when permission model is enabled (High)
CVE-2025-23085 - src: fix HTTP2 mem leak on premature close and ERR_PROTO (Medium)
CVE-2025-23084 - path: fix path traversal in normalize() on Windows (Medium)
CVE-2025-22150 - Use of Insufficiently Random Values in undici fetch() (Medium)
I introduce a new patch with this recipe 0001-Do-not-use-glob-in-deps.patch to revert https://github.com/nodejs/node/commit/77e2869ca6
I restored 0001-deps-disable-io_uring-support-in-libuv.patch as suggested here : https://lore.kernel.org/all/20241207140642.181134-1-martin.jansa@gmail.com/
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
License-Update: Add JSON parsing library under MIT license.
https://github.com/nodejs/node/pull/56040/commits/27bcd103e775e00eb8d03ac37052bbd4ccb6d239
Drop backported patch fix-build-with-icu-76.patch. It is already
integrated in this version https://github.com/nodejs/node/pull/56040/commits/c3ca978d9c73d1a96f4d5c7bfa3c10ce786b8fe9
Changelog: https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V22.md#22.12.0
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* icu was upgraded in oe-core in:
https://git.openembedded.org/openembedded-core/commit/?id=ef2bd18dd1db7e5f01db76889933bfdbb5415aaf
nodejs is now failing to link:
TOPDIR/BUILD/hosttools/ld: nodejs/22.11.0/node-v22.11.0/out/Release/obj.host/gen-regexp-special-case/deps/v8/src/regexp/gen-regexp-special-case.o: in function `v8::internal::PrintSet(std::basic_ofstream<char, std::char_traits<char> >&, char const*, icu_76::UnicodeSet const&)':
gen-regexp-special-case.cc:(.text._ZN2v88internal8PrintSetERSt14basic_ofstreamIcSt11char_traitsIcEEPKcRKN6icu_7610UnicodeSetE+0x8b): undefined reference to `icu_76::UnicodeSet::getRangeStart(int) const'
TOPDIR/BUILD/hosttools/ld: gen-regexp-special-case.cc:(.text._ZN2v88internal8PrintSetERSt14basic_ofstreamIcSt11char_traitsIcEEPKcRKN6icu_7610UnicodeSetE+0xb6): undefined reference to `icu_76::UnicodeSet::getRangeEnd(int) const'
TOPDIR/BUILD/hosttools/ld: gen-regexp-special-case.cc:(.text._ZN2v88internal8PrintSetERSt14basic_ofstreamIcSt11char_traitsIcEEPKcRKN6icu_7610UnicodeSetE+0xdf): undefined reference to `icu_76::UnicodeSet::getRangeCount() const'
TOPDIR/BUILD/hosttools/ld: gen-regexp-special-case.cc:(.text._ZN2v88internal8PrintSetERSt14basic_ofstreamIcSt11char_traitsIcEEPKcRKN6icu_7610UnicodeSetE+0xed): undefined reference to `icu_76::UnicodeSet::getRangeStart(int) const'
TOPDIR/BUILD/hosttools/ld: gen-regexp-special-case.cc:(.text._ZN2v88internal8PrintSetERSt14basic_ofstreamIcSt11char_traitsIcEEPKcRKN6icu_7610UnicodeSetE+0xfa): undefined reference to `icu_76::UnicodeSet::getRangeEnd(int) const'
TOPDIR/BUILD/hosttools/ld: gen-regexp-special-case.cc:(.text._ZN2v88internal8PrintSetERSt14basic_ofstreamIcSt11char_traitsIcEEPKcRKN6icu_7610UnicodeSetE+0x121): undefined reference to `icu_76::UnicodeSet::getRangeStart(int) const'
TOPDIR/BUILD/hosttools/ld: nodejs/22.11.0/node-v22.11.0/out/Release/obj.host/gen-regexp-special-case/deps/v8/src/regexp/gen-regexp-special-case.o: in function `v8::internal::PrintSpecial(std::basic_ofstream<char, std::char_traits<char> >&)':
gen-regexp-special-case.cc:(.text._ZN2v88internal12PrintSpecialERSt14basic_ofstreamIcSt11char_traitsIcEE+0x43): undefined reference to `icu_76::UnicodeSet::UnicodeSet()'
TOPDIR/BUILD/hosttools/ld: gen-regexp-special-case.cc:(.text._ZN2v88internal12PrintSpecialERSt14basic_ofstreamIcSt11char_traitsIcEE+0x59): undefined reference to `icu_76::UnicodeSet::UnicodeSet()'
...
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This moves us from the previous Long Term Support version codenamed 'Iron' to the newly
released Long Term Support version 22.11.0 Codename 'Jod'
Changelog: https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V22.md#22.11.0
License-Update:
Add amaro dependency under MIT License.
Add swc dependency under Aapche License Version 2.0.
Add simdjson dependency under Apache License Version 2.0.
Add on-exit-leak-free under MIT License.
Remove ESLint.
Remove base64 dependency.
Removed patchs:
182d9c05e78.patch - This was a backport to 20.x it is now integrated in 22.x
Added patches:
Two small patches here to use Bourne Shell instad of BASH.
0001-custom-env.patch
0001-positional-args.patch
This patch from https://github.com/nodejs/node/commit/686da19abb that addressed CVE-2024-22017
0001-deps-disable-io_uring-support-in-libuv.patch
Other patches were refreshed.
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Drop two patches which haven't been referenced by the nodejs recipe since the
20.11.0 version checkin.
0001-build-fix-build-with-Python-3.12.patch
0001-gyp-resolve-python-3.12-issues.patch
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
License checksum change due to whitespace changes.
https://github.com/nodejs/node/commit/1dfd238781
libatomic.patch change due to changes in node.gyp
https://github.com/nodejs/node/commit/25c788009f1fa7a392af51cb97d0a55f0f4a6983
Changelog :
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V20.md#20.18.0
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As noted in the libc++ 19 release notes [1], std::char_traits<> is now
only provided for char, char8_t, char16_t, char32_t and wchar_t, and any
instantiation for other types will fail.
This causes nodejs-20 to fail to compile with clang 19 and libc++ 19,
resulting in errors similar to:
/usr/include/c++/v1/string:820:42: error: implicit instantiation of undefined template 'std::char_traits<unsigned short>'
820 | static_assert(is_same<_CharT, typename traits_type::char_type>::value,
| ^
../deps/v8/src/inspector/string-16.h:114:28: note: in instantiation of template class 'std::basic_string<unsigned short>' requested here
114 | std::basic_string<UChar> m_impl;
| ^
/usr/include/c++/v1/__fwd/string.h:23:29: note: template is declared here
23 | struct _LIBCPP_TEMPLATE_VIS char_traits;
| ^
Upstream v8 has fixed this in commit 182d9c05e78 [2], so add it as a
backported patch, until the next version of node is released.
[1] https://libcxx.llvm.org/ReleaseNotes/19.html#deprecations-and-removals
[2] https://chromium.googlesource.com/v8/v8.git/+/182d9c05e78
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
commit c1ddc60fd25456da07d8402c89157c4354fde5ac
Author: Jason Schonberg <schonm@gmail.com>
Date: Wed Aug 21 17:40:03 2024 -0400
License change - remove highlight.js
https://github.com/nodejs/node/commit/1c5fe040a0a73b483cc3e3fef76efe2d1712205b
Changelog :
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V20.md#20.17.0
nodejs: upgrade 20.16.0 -> 20.17.0
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Due to the scope of supported BSPs by qemu-user is limited, such
as a segment fault on armv9 after qemu apply commit [target/arm:
Convert LDAPR/STLR (imm) to decodetree][1]
```
|tmp-glibc/work/neoversen2-crypto-wrs-linux/nodejs/20.5.1/node-v20.5.1/out/
Release/v8-qemu-wrapper.sh: line 7: 3179613 Segmentation fault (core dumped)
PSEUDO_UNLOAD=1 qemu-aarch64 -r 5.15 -L tmp-glibc/work/neoversen2-crypto-wrs-linux/
nodejs/20.5.1/recipe-sysroot -E LD_LIBRARY_PATH=tmp-glibc/work/neoversen2-crypto-wrs-linux/
nodejs/20.5.1/recipe-sysroot/usr/lib64:tmp-glibc/work/neoversen2-crypto-wrs-linux/
nodejs/20.5.1/recipe-sysroot/usr/lib64 "$@"
```
Upstream nodejs have cross compile support, but it needs host and target
have same bit width (e.g. a x86_64 host targeting arrch64 to produce a
64-bit binary). So:
1. If host and target have different bit width, build with QEMU user as usual;
2. If host and target have same bit width, enable notejs cross compile support:
- The build tools of nodejs is GYP[2], set CC_host, CFLAGS_host,
CXX_host, CXXFLAGS_host, LDFLAGS_host, AR_host for host build
which is separated with target build [3]
- Satisfy layer compatibility, set GYP variables in prefuncs of do_configure,
do_compile and do_install other than in recipe parsing
- Add missing native packages to fix library missing on host build
- Rework libatomic.patch, explicitly link to libatomic for clang
conditionally
[1] https://github.com/qemu/qemu/commit/2521b6073b7b4b505533a941d4f9600f7585dc78
[2] https://github.com/nodejs/node-gyp
[3] https://github.com/nodejs/node-gyp/blob/main/gyp/docs/UserDocumentation.md#cross-compiling
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Jason Schonberg <schonm@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
work arounds for:
meta-oe/meta-oe/recipes-devtools/nodejs/nodejs_20.12.2.bb:do_compile
meta-oe/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb:do_compile
meta-oe/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb:do_compile
meta-oe/meta-oe/recipes-extended/rrdtool/rrdtool_1.8.0.bb:do_compile
meta-oe/meta-oe/recipes-extended/cmpi-bindings/cmpi-bindings_1.0.4.bb:do_compile
meta-oe/meta-python/recipes-devtools/python/python3-gevent_24.2.1.bb:do_compile
meta-oe/meta-oe/recipes-support/avro/avro-c++_1.11.3.bb:do_compile
meta-oe/meta-python/recipes-devtools/python/python3-h5py_3.10.0.bb:do_compile
meta-oe/meta-oe/recipes-multimedia/cdrkit/cdrkit_1.1.11.bb:do_compile
meta-oe/meta-networking/recipes-connectivity/openthread/ot-br-posix_git.bb:do_compile
meta-oe/meta-oe/recipes-devtools/heaptrack/heaptrack_1.2.0.bb:do_configure
meta-oe/meta-oe/recipes-support/avro/avro-c_1.11.3.bb:do_compile
meta-oe/meta-oe/recipes-core/usleep/usleep_1.2.bb:do_compile
meta-oe/meta-networking/recipes-protocols/openflow/openflow_git.bb:do_compile
meta-oe/meta-oe/recipes-extended/sblim-sfcc/sblim-sfcc_2.2.8.bb:do_compile
meta-oe/meta-networking/recipes-support/linux-atm/linux-atm_2.5.2.bb:do_compile
meta-oe/meta-oe/recipes-kernel/ipmitool/ipmitool_1.8.19.bb:do_compile
meta-oe/meta-networking/recipes-support/ssmping/ssmping_0.9.1.bb:do_compile
meta-oe/meta-oe/recipes-connectivity/wifi-test-suite/wifi-test-suite_10.10.1.bb:do_compile
meta-oe/meta-oe/recipes-extended/zsync/zsync-curl_git.bb:do_compile
meta-oe/meta-python/recipes-devtools/python/python3-kivy_2.3.0.bb:do_compile
meta-oe/meta-oe/recipes-support/openct/openct_0.6.20.bb:do_compile
meta-oe/meta-oe/recipes-benchmark/dhrystone/dhrystone_2.1.bb:do_compile
meta-oe/meta-networking/recipes-daemons/ncftp/ncftp_3.2.7.bb:do_compile
meta-oe/meta-oe/recipes-support/daemontools/daemontools_0.76.bb:do_compile
meta-oe/meta-oe/recipes-devtools/libgee/libgee_0.20.6.bb:do_compile
meta-oe/meta-oe/recipes-devtools/mcpp/mcpp_2.7.2.bb:do_compile
meta-oe/meta-oe/recipes-devtools/android-tools/android-tools_5.1.1.r37.bb:do_compile
meta-oe/meta-networking/recipes-connectivity/dibbler/dibbler_git.bb:do_compile
meta-oe/meta-oe/recipes-devtools/glade/glade_3.22.2.bb:do_compile
http://errors.yoctoproject.org/Errors/Build/183124/
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* oe-npm-cache is now in UNPACKDIR not WORKDIR
* fixes:
http://errors.yoctoproject.org/Errors/Details/771012/
/OE/build/oe-core/tmp-glibc/work/x86_64-linux/nodejs-oe-cache-native/20.13/temp/run.do_configure.1268826: line 142: /OE/build/oe-core/tmp-glibc/work/x86_64-linux/nodejs-oe-cache-native/20.13/oe-npm-cache: No such file or directory
* set S and UNPACKDIR to avoid this as well:
WARNING: nodejs-oe-cache-native-20.13-r0 do_unpack: nodejs-oe-cache-native: the directory ${WORKDIR}/${BP} (/OE/build/oe-core/tmp-glibc/work/x86_64-linux/nodejs-oe-cache-native/20.13/nodejs-oe-cache-20.13) pointed to by the S variable doesn't exist - please set S within the recipe to point to where the source has been unpacked to
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
nodejs release notes [1]
License-Update: Copyright year changed for Unicode License [2]
[1] https://nodejs.org/en/blog/release/v20.13.0
[2] https://github.com/nodejs/node/commit/d5a316f5ea3fade3140c2ae35c144b500fb5d758
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Apparently, npm has changed its request accept header, so that cache
lookup misses. This causes an ENOTCACHED error when doing the offline
install in do_compile() from npm.bbclass.
Fix it by updating the fake cache entry to match the newest behaviour
from npm.
Note that npm doesn't agree with itself, as it still uses the previous
header value when doing `npm cache add <pkg>`, but the new value when
doing `npm install <pkg>`.
Bug submitted upstream:
https://github.com/npm/cli/issues/7465
Signed-off-by: Martin Hundebøll <martin@geanix.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
License-Update:
Copyright year updated
zlib version updated
GN files License update
https://github.com/nodejs/node/commit/b5bc597871ca701bab750c46d31ed626decd7f89
https://github.com/nodejs/node/commit/c8233912e9fd7464898b549d6762130722bf0bf4
Changelog:
https://github.com/nodejs/node/releases/tag/v20.12.2
https://github.com/nodejs/node/releases/tag/v20.12.1
https://github.com/nodejs/node/releases/tag/v20.12.0
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The original idea was always disable io_uring to avoid follwing failure
even when UV_USE_IO_URING is set to true, refer [1][2]:
0608: try:
*** 0609: update_hash(" %10s" % pwd.getpwuid(s.st_uid).pw_name)
0610: update_hash(" %10s" % grp.getgrgid(s.st_gid).gr_name)
0611: except KeyError as e:
0612: msg = ("KeyError: %s\nPath %s is owned by uid %d, gid %d, which doesn't match "
0613: "any user/group on target. This may be due to host contamination." %
Exception: Exception: KeyError: 'getpwuid(): uid not found: 20561'
But since 20.11.1, for fix CVE-2024-22017, io_uring is disabled by
default, refer [3]. So maybe patch
0001-deps-disable-io_uring-support-in-libuv.patch is not needed.
For case UV_USE_IO_URING is set to true, user can fix above failure
by "chown root:root -R ${D}" in do_install.
[1] https://lists.openembedded.org/g/openembedded-devel/message/105583
[2] https://bugzilla.yoctoproject.org/show_bug.cgi?id=15244
[3] https://github.com/nodejs/node/commit/686da19abbb83b7e01d48be19f832ab081b87084
[4] https://nvd.nist.gov/vuln/detail/CVE-2024-22017
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Drop patches for revert io_uring support in libuv:
0001-Revert-io_uring-changes-from-libuv-1.46.0.patch
0002-Revert-io_uring-changes-from-libuv-1.45.0.patch
Change to just always disable io_uring in libuv, in this way, we don't have to
pick out io_uring related changes and revert them when internal libuv
upgraded.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
License-Update:
update c-ares to 1.20.0 [1]
Copyright update [2]
Removed below patches as these are availbe in 20.11.0
0001-build-fix-build-with-Python-3.12.patch [3]
0001-gyp-resolve-python-3.12-issues.patch [4]
Changelog:
https://github.com/nodejs/node/releases/tag/v20.11.0
[1] https://github.com/nodejs/node/commit/b705e19a95b5fc5a2edc9fc11a7649d6eb32d70b
[2] https://github.com/nodejs/node/commit/347e1dd06a5f927d9fd64ce72d776c56d5101910
[3] https://github.com/nodejs/node/commit/0a5e9c12cf961a56bd63005974b953bbc0bc62a7
[4] https://github.com/nodejs/node/commit/68ec1e5eeb4ff984868c625f0ce808210169360d
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
| |
Set CVE_PRODUCT to 'node.js' for nodjs recipe
Signed-off-by: virendra thakur <virendrak@kpit.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
| |
This reverts commit f4bf27dbdb751aa146c9c23fc436358a2cc01d9b.
|
| |
|
|
|
| |
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Pseudo fails to intercept some of the syscalls used by the
new version as documented in:
https://github.com/shr-project/com.webos.app.minimal/tree/recipes
Now we have 3 options:
1) every use of nodejs-native where io_uring might be used (like in webpack)
needs to export UV_USE_IO_URING=0 before using node, but be aware that
the PR says it's only temporary and this variable might be removed in future.
Unfortunately many people are lucky enough not to know what pseudo even is,
so they might not realize that host-user-contamination QA issues or
"KeyError: 'getpwuid(): uid not found" might be related to this (and they
probably won't find this e-mail as well:
https://lists.openembedded.org/g/openembedded-devel/message/105583
2) revert the io_uring changes from bundled libuv, to make sure it stays disabled.
The changes are massive and it will be PIA to update them for every nodejs release
I've already separated them for nodejs-20.3.0 where I've initialy tested this
on top of libuv-1.45.0 and for 20.4.0 this need another patch for changes
from libuv-1.46.0.
Patch for keeping UV_USE_IO_URING support after it's removed from upstream libuv
will be much smaller, but PIA to use UV_USE_IO_URING whenever using nodejs-native
during build.
3) fix pseudo to correctly work with io_uring calls, definitely best long-term solution
as more and more tools will now switch to io_uring, but without active maintainer
of pseudo it might be _very_ difficult to implement this and there aren't many
people willing to touch this beast.
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
