57d9c64bdf
lang/node: Update to v22.14.0
...
ok tb@
2025-02-16 13:53:27 +00:00
a9c3f567fb
lang/node: Fix build with llmv-19 on arm64
...
with help from robert@, ok jca@
2025-02-11 15:33:00 +00:00
ac25a81213
lang/node: Update to v22.13.1
...
Fixes
CVE-2025-23083 (High)
CVE-2025-23085 (Medium)
CVE-2025-22150 (Medium)
ok tb@
2025-01-21 18:45:55 +00:00
724606aad5
lang/node: Update to 22.13.0
...
ok jca@
2025-01-13 15:58:55 +00:00
04b7aaf307
handle py3.12 switchover in lang
2024-12-21 11:38:19 +00:00
ab062b21ba
lang/node: Update to v22.12.0
...
No fallout in an amd64 bulk build by tb@, no objection from jca@
2024-12-09 19:29:30 +00:00
af6cba421f
lang/node: Update to v22.11.0
...
Feedback from and riscv64 fixes by jca@
ok aisha@
2024-11-14 18:58:02 +00:00
947df20206
lang/node: Enable debug package
...
requested by Mikolaj Kucharski
2024-11-08 14:33:33 +00:00
dc284f8027
lang/node: Build against openssl/3.3
2024-11-04 10:52:40 +00:00
90f27be31c
lang/node: Update to v20.18.0
...
ok aisha
2024-10-09 14:03:05 +00:00
08b40d1b90
lang/node: Update to v20.17.0
...
ok aisha@, additional tests (build with python 3.12) by daniel@
2024-08-28 17:44:40 +00:00
0b37a97f9b
lang/node: Update to v20.16.0 and build against OpenSSL 3.2
...
ok tb@
2024-07-27 15:17:54 +00:00
9fd3eba642
lang/node: Update to v20.15.1
...
Fixes
CVE-2024-22020
CVE-2024-22018
CVE-2024-36137
CVE-2024-37372
ok rsadowski@
2024-07-15 20:23:53 +00:00
4831c97e44
lang/node: Update to v20.15.0
...
ok thfr@
2024-06-22 07:01:03 +00:00
9c128647ad
lang/node: Use MODPY_COMPILEALL
2024-05-28 19:52:27 +00:00
cb7ddb8629
lang/node: Update to 20.13.1
...
20.x is the currently active LTS release branch, supported until 04/2026
ok tb@
2024-05-18 12:10:12 +00:00
41b34e2587
bump REVISION for py3.10 -> py3.11 switch
2024-05-06 12:23:44 +00:00
a6d6de4d2b
lang/node: Security Update to v18.19.1
...
Fixes
CVE-2024-24758
CVE-2024-22019
CVE-2024-21896
CVE-2024-22017
CVE-2023-46809
CVE-2024-21891
CVE-2024-21890
ok thfr@
2024-02-19 07:45:39 +00:00
6033a899b3
lang/node: Update to v18.19.0
...
ok sthen@
2023-12-07 17:01:26 +00:00
50ccb495a3
Workaround for clang 16, copied from x11/qt5/qtwebengine which copied it
...
from gentoo
seen on arm64
OK MAINTAINER
2023-11-17 12:41:08 +00:00
65128de451
lang/node: Update to 18.18.2
...
Fixes
CVE-2023-45143
CVE-2023-39331
CVE-2023-39332
CVE-2023-39333
CVE-2023-38552
ok kn@
2023-10-16 19:23:17 +00:00
51acb67336
MASTER_SITES->SITES (apart from modules)
2023-09-26 12:02:00 +00:00
5bbfd48ffe
lang/node: Update to v18.18.0
...
ppc64 fixes from gkoehler@, ok sthen@
2023-09-26 10:44:17 +00:00
93fa758565
zap remaining MASTER_SITES0...9
2023-09-25 17:07:27 +00:00
8cead09774
lang/node: update to v18.17.1
...
ok gonzalo@
2023-08-15 13:46:30 +00:00
83bade3732
unbreak on arm64 where BTI is enforced by doing the following steps:
...
- use openssl/3.1 because that port has all the fixes for BTI
- enable v8_control_flow_integrity so that the proper BTI code is used in v8
- include the necessary files for v8_control_flow_integrity on arm64 for v8
2023-07-24 09:16:07 +00:00
32b3d9aced
drop USE_NOBTCFI=Yes and backport WIP endbr64 support in the JIT code of v8
...
https://chromium-review.googlesource.com/c/v8/v8/+/4637222
with these, node can build itself and also build chromium so let's see if
anything else needs work
2023-07-07 10:44:15 +00:00
2eeba6d616
lang/node
...
* build with USE_NOBTCFI
* include nobtcfi in common.gypi's ldflags
feedback and ok sthen@
2023-06-27 18:30:26 +00:00
aff39d9065
update lang/node to v18.16.1
...
Fixes
CVE-2023-30581
CVE-2023-30588
CVE-2023-30589
CVE-2023-30590
ok kn@, tests from mbuhl@
2023-06-21 16:08:20 +00:00
e4c9922f7a
lang/node: pull in upstream update to newer simdutf code; this adds
...
a check that the OS supports AVX-512 (previously it was checking CPU
support but not whether it worked with the OS). Fixes SIGILL on OpenBSD
with some Intel CPUs.
Re https://github.com/simdutf/simdutf/issues/242
From Volker Schlecht (maintainer), I added a bit more detail to comments
in patches.
2023-05-15 12:53:40 +00:00
e7bc66cd01
update to node-18.16.0, from Volker Schlecht (maintainer)
2023-05-04 12:25:23 +00:00
1819879c6c
Unbreak node for powerpc64 by dropping -mminimal-toc
...
from Volker Schlecht (maintainer)
checked by mbuhl@
ok sthen@ naddy@
2023-03-19 04:02:16 +00:00
afb5ece7bd
update to 18.15.0
...
patch from Volker Schlecht (maintainer) who tested on amd64,arm64,i386
I tested on arm64, works fine for me
2023-03-15 02:00:52 +00:00
826a0d6ff6
Update node to 18.14.1 from maintainer Volker Schlecht
...
A ton of changes since 18.12.1, including a few security fixes released a few
days ago that affect OpenBSD's port:
* Node.js Permissions policies can be bypassed via process.mainModule
(CVE-2023-23918)
* Node.js OpenSSL error handling issues in nodejs crypto library
(CVE-2023-23919)
* Fetch API in Node.js did not protect against CRLF injection in host headers
(CVE-2023-23936)
* Regular Expression Denial of Service in Headers in Node.js fetch API
(CVE-2023-24807)
Port changes:
* reinstate old patch to disable building the bundled googletest, because that
could lead to build-time conflicts when devel/gtest is installed, now that the
version of devel/gtest has diverged from the bundled version again
* This fixes a build issue on riscv64 that slipped into v18.13.0
https://github.com/nodejs/node/commit/1e11247b91
* PLIST churn due to updated npm
https://github.com/nodejs/node/blob/main/doc/changelogs/CHANGELOG_V18.md#18.14.1
2023-02-19 12:27:19 +00:00
2aba169072
put the embedded blob code to the .openbsd.mutable section and
...
mprotect it RX to support x-only
idea from deraadt@, diff from kettenis@
2023-01-28 12:46:46 +00:00
d34278583e
USE_NOEXECONLY needed on riscv64
...
Sync with reality, it was alread needed in the previous bulk. ok tb@
2023-01-23 18:12:26 +00:00
8de3b6b687
lang/node: work around amd64 xonly issues with USE_NOEXECONLY.
2023-01-21 15:48:25 +00:00
4c6ff4e6ce
build fix for node on !LP64; from Volker Schlecht (maintainer) "builds
...
and works for me on my freshly dedicated i386 build machine and on
amd64"
2023-01-04 17:06:33 +00:00
0c63ee68d1
revert previous, something more is needed
2023-01-03 12:10:40 +00:00
a941e686e9
sync patch with www/chromium, should fix !LP64 archs
2023-01-03 11:27:52 +00:00
af70282fab
update to node-18.12.1, from Volker Schlecht, various feedback/tweaks/testing
...
from jca@ tb@ thfr@ aisha@ and Barry K. Nathan
2022-12-29 23:34:13 +00:00
dae9f91e31
bump for MODPY_DEFAULT_VERSION_3 change
2022-11-13 15:28:39 +00:00
2ac76f7f45
lang/node: fetch/install nodejs*-headers.tar.gz instead of .xz
...
node-gyp expects a .gz, and its tar implementation doesnt support xz.
from maintainer Volker Schlecht, thanks !
2022-11-01 12:01:49 +00:00
2a3e346bdb
Bump REVISION of ports depending on security/openssl/{1.1,3.0}
2022-10-12 16:15:02 +00:00
bd3af7ea70
security update to node-16.17.1, from maintainer Volker Schlecht
...
plus I added a patch to the configure script to prevent it from picking up
a non-default Python version at build time
HTTP Request Smuggling Due to Incorrect Parsing of Multi-line
Transfer-Encoding (Medium) (improper fix for CVE-2022-32215)
CVE-2022-32213 bypass via obs-fold mechanic (Medium) (CVE-2022-32213)
HTTP Request Smuggling Due to Incorrect Parsing of Header Fields
(Medium) (CVE-2022-35256)
Weak randomness in WebCrypto keygen (High) (CVE-2022-35255)
2022-09-23 19:28:50 +00:00
ba6fc8f592
Update to node-16.17.0
...
From maintainer Volker Schlecht
2022-09-01 20:42:56 +00:00
003fdc0012
Add support for riscv64
...
With this we can try silly things like building firefox - fails with OOM
in ld(1) on my 16GB Unmatched... - or chromium.
ok Volker Schlecht (maintainer)
2022-09-01 19:23:04 +00:00
87b0163c59
lang/node: update to 16.16.0
...
From maintainer Volker Schlecht
OK sthen@
2022-07-22 17:46:49 +00:00
60596ad129
add notes as to why OpenSSL is used for node
2022-06-26 13:59:50 +00:00
51e11d1db6
reinstate node-16.15.1 update, tidy SUBST_VARS while there (some are no
...
longer used, some are duplicated from the default)
2022-06-08 21:14:29 +00:00
volker