GNU bug report logs -
#66158
[PATCH] gnu: node-lts: Update to 18.18.0.
Previous Next
Reported by: jlicht <at> fsfe.org
Date: Fri, 22 Sep 2023 18:14:01 UTC
Severity: normal
Tags: patch
Done: Jelle Licht <jlicht <at> fsfe.org>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
jlicht <at> fsfe.org writes:
> From: Jelle Licht <jlicht <at> fsfe.org>
>
> * gnu/packages/node.scm (node-lts): Update to 18.18.2.
> [arguments]<phases>: Add 'install-node-gyp-wrapper phase.
>
> Change-Id: I6b17de33313505558a8fa9560126adef486fd0e3
> ---
> I tried my hand at introducing a small wrapper script that works around the
> node-gyp regression introduced in the version of npm bundled with node 18.18.2.
>
> It's not quite clear yet whether upstream considers this a regression that
> will still be fixed or just behaviour that be kept as-is going forward.
>
> This patch series also leaves Node vulnerable to a recently reported CVE in
> many HTTP2 server implementations, such as nghttp2, but I believe this can be
> addressed by https://issues.guix.gnu.org/issue/66658
>
> Changes in v2:
> - Re-bump from 18.18.0 to 18.18.2
> - Fix 'node-gyp' regression.
>
> gnu/packages/node.scm | 25 ++++++++++++++++++++++---
> 1 file changed, 22 insertions(+), 3 deletions(-)
Looking at QA, there seems to be some issues on aarch64-linux. The build
logs do differ between the failed builds, so I've submitted a few more.
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 1 year and 255 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.