[PATCH 0/4] gnu: node-lts: Update to 18.12.1.

  • Open
  • quality assurance status badge
Details
5 participants
  • Hilton Chain
  • Jelle Licht
  • Ludovic Courtès
  • Christopher Baines
  • Mekeor Melire
Owner
unassigned
Submitted by
Hilton Chain
Severity
normal
H
H
Hilton Chain wrote on 11 Nov 2022 06:34
(address . guix-patches@gnu.org)
y761qqadpgr.wl-hako@ultrarare.space
Hilton Chain (4):
gnu: libuv-for-node: Update to 1.43.0.
gnu: llhttp-bootstrap: Update to 6.0.10.
gnu: node-lts: Update to 18.12.1.
gnu: libnode: Use node-lts as base.

gnu/local.mk | 1 -
gnu/packages/libevent.scm | 4 +-
gnu/packages/node.scm | 44 +++++---
.../llhttp-bootstrap-CVE-2020-8287.patch | 100 ------------------
4 files changed, 30 insertions(+), 119 deletions(-)
delete mode 100644 gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch


base-commit: 70df5c47a89f4f353a1df94467581a0f0da599a4
--
2.38.1
H
H
Hilton Chain wrote on 11 Nov 2022 06:35
[PATCH 1/4] gnu: libuv-for-node: Update to 1.43.0.
(address . 59188@debbugs.gnu.org)
y76zgcycatu.wl-hako@ultrarare.space
* gnu/packages/libevent.scm (libuv-for-node): Update to 1.43.0.
---
gnu/packages/libevent.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

Toggle diff (21 lines)
diff --git a/gnu/packages/libevent.scm b/gnu/packages/libevent.scm
index 176e66cf42..5aff343c06 100644
--- a/gnu/packages/libevent.scm
+++ b/gnu/packages/libevent.scm
@@ -147,14 +147,14 @@ (define-public libuv-for-node
(package
(inherit libuv)
(name "libuv")
- (version "1.42.0")
+ (version "1.43.0")
(source (origin
(method url-fetch)
(uri (string-append "https://dist.libuv.org/dist/v" version
"/libuv-v" version ".tar.gz"))
(sha256
(base32
- "0wpb9pz3r8nksnrf4zbixj2kk9whr7abi45ydrwyv2js2ljrc4j3"))))
+ "194kwq3jfj9s628kzkchdca534rikjw0xiyas0cjbphqmsvjpmwh"))))
(properties '((hidden? . #t)))))

(define-public libuv-julia
--
2.38.1
H
H
Hilton Chain wrote on 11 Nov 2022 06:36
[PATCH 2/4] gnu: llhttp-bootstrap: Update to 6.0.10.
(address . 59188@debbugs.gnu.org)
y76y1sicas3.wl-hako@ultrarare.space
* gnu/packages/node.scm (llhttp-bootstrap): Update to 6.0.10.
* gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch: Remove file.
* gnu/local.mk: Remove it.
---
gnu/local.mk | 1 -
gnu/packages/node.scm | 5 +-
.../llhttp-bootstrap-CVE-2020-8287.patch | 100 ------------------
3 files changed, 2 insertions(+), 104 deletions(-)
delete mode 100644 gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch

Toggle diff (143 lines)
diff --git a/gnu/local.mk b/gnu/local.mk
index 27b31ea27f..1c4b9def96 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1480,7 +1480,6 @@ dist_patch_DATA = \
%D%/packages/patches/linuxdcpp-openssl-1.1.patch \
%D%/packages/patches/lirc-localstatedir.patch \
%D%/packages/patches/lirc-reproducible-build.patch \
- %D%/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch \
%D%/packages/patches/llvm-3.5-fix-clang-build-with-gcc5.patch \
%D%/packages/patches/llvm-3.6-fix-build-with-gcc-10.patch \
%D%/packages/patches/llvm-3.x.1-fix-build-with-gcc.patch \
diff --git a/gnu/packages/node.scm b/gnu/packages/node.scm
index 4e9daa522d..0af0158f45 100644
--- a/gnu/packages/node.scm
+++ b/gnu/packages/node.scm
@@ -666,7 +666,7 @@ (define-public node-llparse-bootstrap
(define-public llhttp-bootstrap
(package
(name "llhttp")
- (version "2.1.4")
+ (version "6.0.10")
(source (origin
(method git-fetch)
(uri (git-reference
@@ -675,8 +675,7 @@ (define-public llhttp-bootstrap
(file-name (git-file-name name version))
(sha256
(base32
- "115mwyds9655p76lhglxg2blc1ksgrix6zhigaxnc2q6syy3pa6x"))
- (patches (search-patches "llhttp-bootstrap-CVE-2020-8287.patch"))
+ "0izwqa77y007xdi0bj3ccw821n19rz89mz4hx4lg99fwkwylr6x8"))
(modules '((guix build utils)))
(snippet
'(begin
diff --git a/gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch b/gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch
deleted file mode 100644
index 215c920e53..0000000000
--- a/gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch
+++ /dev/null
@@ -1,100 +0,0 @@
-This patch comes from upstream. It corresponds to a patch applied to
-the generated C source code for llhttp included in Node.js 14.16.0
-(see commit 641f786bb1a1f6eb1ff8750782ed939780f2b31a). That commit
-fixes CVE-2020-8287. With this patch, the output of our
-llhttp-bootstrap package matches the files included in Node.js 14.16.0
-exactly.
-
-commit e9b36ea64709c35ca66094d5cf3787f444029601
-Author: Fedor Indutny <fedor@indutny.com>
-Date: Sat Oct 10 19:56:01 2020 -0700
-
- http: unset `F_CHUNKED` on new `Transfer-Encoding`
-
- Duplicate `Transfer-Encoding` header should be a treated as a single,
- but with original header values concatenated with a comma separator. In
- the light of this, even if the past `Transfer-Encoding` ended with
- `chunked`, we should be not let the `F_CHUNKED` to leak into the next
- header, because mere presence of another header indicates that `chunked`
- is not the last transfer-encoding token.
-
-diff --git a/src/llhttp/http.ts b/src/llhttp/http.ts
-index f4f1a6e..0a0c365 100644
---- a/src/llhttp/http.ts
-+++ b/src/llhttp/http.ts
-@@ -460,11 +460,19 @@ export class HTTP {
- .match([ ' ', '\t' ], n('header_value_discard_ws'))
- .otherwise(checkContentLengthEmptiness);
-
-+ // Multiple `Transfer-Encoding` headers should be treated as one, but with
-+ // values separate by a comma.
-+ //
-+ // See: https://tools.ietf.org/html/rfc7230#section-3.2.2
-+ const toTransferEncoding = this.unsetFlag(
-+ FLAGS.CHUNKED,
-+ 'header_value_te_chunked');
-+
- n('header_value_start')
- .otherwise(this.load('header_state', {
- [HEADER_STATE.UPGRADE]: this.setFlag(FLAGS.UPGRADE, fallback),
- [HEADER_STATE.TRANSFER_ENCODING]: this.setFlag(
-- FLAGS.TRANSFER_ENCODING, 'header_value_te_chunked'),
-+ FLAGS.TRANSFER_ENCODING, toTransferEncoding),
- [HEADER_STATE.CONTENT_LENGTH]: n('header_value_content_length_once'),
- [HEADER_STATE.CONNECTION]: n('header_value_connection'),
- }, 'header_value'));
-@@ -847,6 +855,11 @@ export class HTTP {
- return span.start(span.end(this.node(next)));
- }
-
-+ private unsetFlag(flag: FLAGS, next: string | Node): Node {
-+ const p = this.llparse;
-+ return p.invoke(p.code.and('flags', ~flag), this.node(next));
-+ }
-+
- private setFlag(flag: FLAGS, next: string | Node): Node {
- const p = this.llparse;
- return p.invoke(p.code.or('flags', flag), this.node(next));
-diff --git a/test/request/transfer-encoding.md b/test/request/transfer-encoding.md
-index a7d1681..b0891d6 100644
---- a/test/request/transfer-encoding.md
-+++ b/test/request/transfer-encoding.md
-@@ -353,6 +353,38 @@ off=106 headers complete method=3 v=1/1 flags=200 content_length=0
- off=106 error code=15 reason="Request has invalid `Transfer-Encoding`"
- ```
-
-+## POST with `chunked` and duplicate transfer-encoding
-+
-+<!-- meta={"type": "request", "noScan": true} -->
-+```http
-+POST /post_identity_body_world?q=search#hey HTTP/1.1
-+Accept: */*
-+Transfer-Encoding: chunked
-+Transfer-Encoding: deflate
-+
-+World
-+```
-+
-+```log
-+off=0 message begin
-+off=5 len=38 span[url]="/post_identity_body_world?q=search#hey"
-+off=44 url complete
-+off=54 len=6 span[header_field]="Accept"
-+off=61 header_field complete
-+off=62 len=3 span[header_value]="*/*"
-+off=67 header_value complete
-+off=67 len=17 span[header_field]="Transfer-Encoding"
-+off=85 header_field complete
-+off=86 len=7 span[header_value]="chunked"
-+off=95 header_value complete
-+off=95 len=17 span[header_field]="Transfer-Encoding"
-+off=113 header_field complete
-+off=114 len=7 span[header_value]="deflate"
-+off=123 header_value complete
-+off=125 headers complete method=3 v=1/1 flags=200 content_length=0
-+off=125 error code=15 reason="Request has invalid `Transfer-Encoding`"
-+```
-+
- ## POST with `chunked` before other transfer-coding (lenient)
-
- TODO(indutny): should we allow it even in lenient mode? (Consider disabling
--
2.38.1
H
H
Hilton Chain wrote on 11 Nov 2022 06:37
[PATCH 3/4] gnu: node-lts: Update to 18.12.1.
(address . 59188@debbugs.gnu.org)
y76wn82car1.wl-hako@ultrarare.space
* gnu/packages/node.scm (node-lts): Update to 18.12.1.
[snippet]: Keep file deps/openssl/nodejs-openssl.cnf.
[arguments]<#:phases>: Adjust problematic tests to delete accordingly.
Patch additional file with hardcoded references to /bin/sh.
[native-inputs,inputs]: Replace openssl-1.1 with openssl.
---
gnu/packages/node.scm | 35 ++++++++++++++++++++++++-----------
1 file changed, 24 insertions(+), 11 deletions(-)

Toggle diff (94 lines)
diff --git a/gnu/packages/node.scm b/gnu/packages/node.scm
index 0af0158f45..cae7d3b0ca 100644
--- a/gnu/packages/node.scm
+++ b/gnu/packages/node.scm
@@ -735,23 +735,28 @@ (define-public llhttp-bootstrap
(define-public node-lts
(package
(inherit node)
- (version "14.19.3")
+ (version "18.12.1")
(source (origin
(method url-fetch)
(uri (string-append "https://nodejs.org/dist/v" version
- "/node-v" version ".tar.xz"))
+ "/node-v" version ".tar.gz"))
(sha256
(base32
- "15691j5zhiikyamiwwd7f282g6d9acfhq91nrwx54xya38gmpx2w"))
+ "11n1h54wgh61inrlqjp0j4fqcz6kl60a3iip7ya90nqdl3fp90ds"))
(modules '((guix build utils)))
(snippet
`(begin
+ ;; openssl.cnf is required for build.
+ (for-each delete-file-recursively
+ (find-files "deps/openssl"
+ (lambda (file stat)
+ (if (string-contains file "nodejs-openssl.cnf")
+ #f #t))))
;; Remove bundled software, where possible
(for-each delete-file-recursively
'("deps/cares"
"deps/icu-small"
"deps/nghttp2"
- "deps/openssl"
"deps/zlib"))
(substitute* "Makefile"
;; Remove references to bundled software.
@@ -800,23 +805,31 @@ (define-public node-lts
libuv "/lib:"
zlib "/lib"
"'],"))))))
+ (add-after 'patch-hardcoded-program-references
+ 'patch-additional-hardcoded-program-references
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "test/parallel/test-stdin-from-file-spawn.js"
+ (("'/bin/sh'") (string-append
+ "'" (search-input-file inputs "/bin/sh")
+ "'")))))
(replace 'delete-problematic-tests
(lambda* (#:key inputs #:allow-other-keys)
;; FIXME: These tests fail in the build container, but they don't
;; seem to be indicative of real problems in practice.
(for-each delete-file
- '("test/parallel/test-cluster-master-error.js"
- "test/parallel/test-cluster-master-kill.js"))
+ '("test/parallel/test-cluster-primary-error.js"
+ "test/parallel/test-cluster-primary-kill.js"))
;; These require a DNS resolver.
(for-each delete-file
'("test/parallel/test-dns.js"
- "test/parallel/test-dns-lookupService-promises.js"))
+ "test/parallel/test-dns-lookupService-promises.js"
+ "test/parallel/test-net-socket-connect-without-cb.js"
+ "test/parallel/test-tcp-wrap-listen.js"))
;; These tests require networking.
(for-each delete-file
- '("test/parallel/test-https-agent-unref-socket.js"
- "test/parallel/test-corepack-yarn-install.js"))
+ '("test/parallel/test-https-agent-unref-socket.js"))
;; This test is timing-sensitive, and fails sporadically on
;; slow, busy, or even very fast machines.
@@ -866,7 +879,7 @@ (define-public node-lts
icu4c-71
libuv-for-node
`(,nghttp2 "lib")
- openssl-1.1
+ openssl
zlib
;; Regular build-time dependencies.
perl
@@ -883,7 +896,7 @@ (define-public node-lts
llhttp-bootstrap
brotli
`(,nghttp2 "lib")
- openssl-1.1
+ openssl
python-wrapper ;; for node-gyp (supports python3)
zlib))))
--
2.38.1
H
H
Hilton Chain wrote on 11 Nov 2022 06:37
[PATCH 4/4] gnu: libnode: Use node-lts as base.
(address . 59188@debbugs.gnu.org)
y76v8nmcaq7.wl-hako@ultrarare.space
* gnu/packages/node.scm (libnode): Use node-lts as base.
---
gnu/packages/node.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

Toggle diff (19 lines)
diff --git a/gnu/packages/node.scm b/gnu/packages/node.scm
index cae7d3b0ca..0e56d12038 100644
--- a/gnu/packages/node.scm
+++ b/gnu/packages/node.scm
@@ -901,10 +901,10 @@ (define-public node-lts
zlib))))
(define-public libnode
- (package/inherit node
+ (package/inherit node-lts
(name "libnode")
(arguments
- (substitute-keyword-arguments (package-arguments node)
+ (substitute-keyword-arguments (package-arguments node-lts)
((#:configure-flags flags ''())
`(cons* "--shared" "--without-npm" ,flags))
((#:phases phases '%standard-phases)
--
2.38.1
H
H
Hilton Chain wrote on 11 Nov 2022 07:21
[PATCH v2 0/4] gnu: node-lts: Update to 18.12.1.
(address . guix-patches@gnu.org)
y76sfiqc8pw.wl-hako@ultrarare.space
v1 -> v2: Fix libnode path for r-v8.

Hilton Chain (4):
gnu: libuv-for-node: Update to 1.43.0.
gnu: llhttp-bootstrap: Update to 6.0.10.
gnu: node-lts: Update to 18.12.1.
gnu: libnode: Use node-lts as base.

gnu/local.mk | 1 -
gnu/packages/cran.scm | 2 +-
gnu/packages/libevent.scm | 4 +-
gnu/packages/node.scm | 44 +++++---
.../llhttp-bootstrap-CVE-2020-8287.patch | 100 ------------------
5 files changed, 31 insertions(+), 120 deletions(-)
delete mode 100644 gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch


base-commit: 70df5c47a89f4f353a1df94467581a0f0da599a4
--
2.38.1
H
H
Hilton Chain wrote on 11 Nov 2022 07:22
[PATCH v2 1/4] gnu: libuv-for-node: Update to 1.43.0.
(address . guix-patches@gnu.org)
y76r0yac8nw.wl-hako@ultrarare.space
* gnu/packages/libevent.scm (libuv-for-node): Update to 1.43.0.
---
gnu/packages/libevent.scm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

Toggle diff (23 lines)
diff --git a/gnu/packages/libevent.scm b/gnu/packages/libevent.scm
index 176e66cf42..5aff343c06 100644
--- a/gnu/packages/libevent.scm
+++ b/gnu/packages/libevent.scm
@@ -147,14 +147,14 @@ (define-public libuv-for-node
(package
(inherit libuv)
(name "libuv")
- (version "1.42.0")
+ (version "1.43.0")
(source (origin
(method url-fetch)
(uri (string-append "https://dist.libuv.org/dist/v" version
"/libuv-v" version ".tar.gz"))
(sha256
(base32
- "0wpb9pz3r8nksnrf4zbixj2kk9whr7abi45ydrwyv2js2ljrc4j3"))))
+ "194kwq3jfj9s628kzkchdca534rikjw0xiyas0cjbphqmsvjpmwh"))))
(properties '((hidden? . #t)))))
(define-public libuv-julia
--
2.38.1
H
H
Hilton Chain wrote on 11 Nov 2022 07:22
[PATCH v2 2/4] gnu: llhttp-bootstrap: Update to 6.0.10.
(address . guix-patches@gnu.org)
y76pmduc8n3.wl-hako@ultrarare.space
* gnu/packages/node.scm (llhttp-bootstrap): Update to 6.0.10.
* gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch: Remove file.
* gnu/local.mk: Remove it.
---
gnu/local.mk | 1 -
gnu/packages/node.scm | 5 +-
.../llhttp-bootstrap-CVE-2020-8287.patch | 100 ------------------
3 files changed, 2 insertions(+), 104 deletions(-)
delete mode 100644 gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch

Toggle diff (143 lines)
diff --git a/gnu/local.mk b/gnu/local.mk
index 27b31ea27f..1c4b9def96 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1480,7 +1480,6 @@ dist_patch_DATA = \
%D%/packages/patches/linuxdcpp-openssl-1.1.patch \
%D%/packages/patches/lirc-localstatedir.patch \
%D%/packages/patches/lirc-reproducible-build.patch \
- %D%/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch \
%D%/packages/patches/llvm-3.5-fix-clang-build-with-gcc5.patch \
%D%/packages/patches/llvm-3.6-fix-build-with-gcc-10.patch \
%D%/packages/patches/llvm-3.x.1-fix-build-with-gcc.patch \
diff --git a/gnu/packages/node.scm b/gnu/packages/node.scm
index 4e9daa522d..0af0158f45 100644
--- a/gnu/packages/node.scm
+++ b/gnu/packages/node.scm
@@ -666,7 +666,7 @@ (define-public node-llparse-bootstrap
(define-public llhttp-bootstrap
(package
(name "llhttp")
- (version "2.1.4")
+ (version "6.0.10")
(source (origin
(method git-fetch)
(uri (git-reference
@@ -675,8 +675,7 @@ (define-public llhttp-bootstrap
(file-name (git-file-name name version))
(sha256
(base32
- "115mwyds9655p76lhglxg2blc1ksgrix6zhigaxnc2q6syy3pa6x"))
- (patches (search-patches "llhttp-bootstrap-CVE-2020-8287.patch"))
+ "0izwqa77y007xdi0bj3ccw821n19rz89mz4hx4lg99fwkwylr6x8"))
(modules '((guix build utils)))
(snippet
'(begin
diff --git a/gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch b/gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch
deleted file mode 100644
index 215c920e53..0000000000
--- a/gnu/packages/patches/llhttp-bootstrap-CVE-2020-8287.patch
+++ /dev/null
@@ -1,100 +0,0 @@
-This patch comes from upstream. It corresponds to a patch applied to
-the generated C source code for llhttp included in Node.js 14.16.0
-(see commit 641f786bb1a1f6eb1ff8750782ed939780f2b31a). That commit
-fixes CVE-2020-8287. With this patch, the output of our
-llhttp-bootstrap package matches the files included in Node.js 14.16.0
-exactly.
-
-commit e9b36ea64709c35ca66094d5cf3787f444029601
-Author: Fedor Indutny <fedor@indutny.com>
-Date: Sat Oct 10 19:56:01 2020 -0700
-
- http: unset `F_CHUNKED` on new `Transfer-Encoding`
-
- Duplicate `Transfer-Encoding` header should be a treated as a single,
- but with original header values concatenated with a comma separator. In
- the light of this, even if the past `Transfer-Encoding` ended with
- `chunked`, we should be not let the `F_CHUNKED` to leak into the next
- header, because mere presence of another header indicates that `chunked`
- is not the last transfer-encoding token.
-
-diff --git a/src/llhttp/http.ts b/src/llhttp/http.ts
-index f4f1a6e..0a0c365 100644
---- a/src/llhttp/http.ts
-+++ b/src/llhttp/http.ts
-@@ -460,11 +460,19 @@ export class HTTP {
- .match([ ' ', '\t' ], n('header_value_discard_ws'))
- .otherwise(checkContentLengthEmptiness);
-
-+ // Multiple `Transfer-Encoding` headers should be treated as one, but with
-+ // values separate by a comma.
-+ //
-+ // See: https://tools.ietf.org/html/rfc7230#section-3.2.2
-+ const toTransferEncoding = this.unsetFlag(
-+ FLAGS.CHUNKED,
-+ 'header_value_te_chunked');
-+
- n('header_value_start')
- .otherwise(this.load('header_state', {
- [HEADER_STATE.UPGRADE]: this.setFlag(FLAGS.UPGRADE, fallback),
- [HEADER_STATE.TRANSFER_ENCODING]: this.setFlag(
-- FLAGS.TRANSFER_ENCODING, 'header_value_te_chunked'),
-+ FLAGS.TRANSFER_ENCODING, toTransferEncoding),
- [HEADER_STATE.CONTENT_LENGTH]: n('header_value_content_length_once'),
- [HEADER_STATE.CONNECTION]: n('header_value_connection'),
- }, 'header_value'));
-@@ -847,6 +855,11 @@ export class HTTP {
- return span.start(span.end(this.node(next)));
- }
-
-+ private unsetFlag(flag: FLAGS, next: string | Node): Node {
-+ const p = this.llparse;
-+ return p.invoke(p.code.and('flags', ~flag), this.node(next));
-+ }
-+
- private setFlag(flag: FLAGS, next: string | Node): Node {
- const p = this.llparse;
- return p.invoke(p.code.or('flags', flag), this.node(next));
-diff --git a/test/request/transfer-encoding.md b/test/request/transfer-encoding.md
-index a7d1681..b0891d6 100644
---- a/test/request/transfer-encoding.md
-+++ b/test/request/transfer-encoding.md
-@@ -353,6 +353,38 @@ off=106 headers complete method=3 v=1/1 flags=200 content_length=0
- off=106 error code=15 reason="Request has invalid `Transfer-Encoding`"
- ```
-
-+## POST with `chunked` and duplicate transfer-encoding
-+
-+<!-- meta={"type": "request", "noScan": true} -->
-+```http
-+POST /post_identity_body_world?q=search#hey HTTP/1.1
-+Accept: */*
-+Transfer-Encoding: chunked
-+Transfer-Encoding: deflate
-+
-+World
-+```
-+
-+```log
-+off=0 message begin
-+off=5 len=38 span[url]="/post_identity_body_world?q=search#hey"
-+off=44 url complete
-+off=54 len=6 span[header_field]="Accept"
-+off=61 header_field complete
-+off=62 len=3 span[header_value]="*/*"
-+off=67 header_value complete
-+off=67 len=17 span[header_field]="Transfer-Encoding"
-+off=85 header_field complete
-+off=86 len=7 span[header_value]="chunked"
-+off=95 header_value complete
-+off=95 len=17 span[header_field]="Transfer-Encoding"
-+off=113 header_field complete
-+off=114 len=7 span[header_value]="deflate"
-+off=123 header_value complete
-+off=125 headers complete method=3 v=1/1 flags=200 content_length=0
-+off=125 error code=15 reason="Request has invalid `Transfer-Encoding`"
-+```
-+
- ## POST with `chunked` before other transfer-coding (lenient)
-
- TODO(indutny): should we allow it even in lenient mode? (Consider disabling
--
2.38.1
H
H
Hilton Chain wrote on 11 Nov 2022 07:23
[PATCH v2 3/4] gnu: node-lts: Update to 18.12.1.
(address . guix-patches@gnu.org)
y76o7tec8m8.wl-hako@ultrarare.space
* gnu/packages/node.scm (node-lts): Update to 18.12.1.
[snippet]: Keep file deps/openssl/nodejs-openssl.cnf.
[arguments]<#:phases>: Adjust problematic tests to delete accordingly.
Patch additional file with hardcoded references to /bin/sh.
[native-inputs,inputs]: Replace openssl-1.1 with openssl.
---
gnu/packages/node.scm | 35 ++++++++++++++++++++++++-----------
1 file changed, 24 insertions(+), 11 deletions(-)

Toggle diff (94 lines)
diff --git a/gnu/packages/node.scm b/gnu/packages/node.scm
index 0af0158f45..cae7d3b0ca 100644
--- a/gnu/packages/node.scm
+++ b/gnu/packages/node.scm
@@ -735,23 +735,28 @@ (define-public llhttp-bootstrap
(define-public node-lts
(package
(inherit node)
- (version "14.19.3")
+ (version "18.12.1")
(source (origin
(method url-fetch)
(uri (string-append "https://nodejs.org/dist/v" version
- "/node-v" version ".tar.xz"))
+ "/node-v" version ".tar.gz"))
(sha256
(base32
- "15691j5zhiikyamiwwd7f282g6d9acfhq91nrwx54xya38gmpx2w"))
+ "11n1h54wgh61inrlqjp0j4fqcz6kl60a3iip7ya90nqdl3fp90ds"))
(modules '((guix build utils)))
(snippet
`(begin
+ ;; openssl.cnf is required for build.
+ (for-each delete-file-recursively
+ (find-files "deps/openssl"
+ (lambda (file stat)
+ (if (string-contains file "nodejs-openssl.cnf")
+ #f #t))))
;; Remove bundled software, where possible
(for-each delete-file-recursively
'("deps/cares"
"deps/icu-small"
"deps/nghttp2"
- "deps/openssl"
"deps/zlib"))
(substitute* "Makefile"
;; Remove references to bundled software.
@@ -800,23 +805,31 @@ (define-public node-lts
libuv "/lib:"
zlib "/lib"
"'],"))))))
+ (add-after 'patch-hardcoded-program-references
+ 'patch-additional-hardcoded-program-references
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "test/parallel/test-stdin-from-file-spawn.js"
+ (("'/bin/sh'") (string-append
+ "'" (search-input-file inputs "/bin/sh")
+ "'")))))
(replace 'delete-problematic-tests
(lambda* (#:key inputs #:allow-other-keys)
;; FIXME: These tests fail in the build container, but they don't
;; seem to be indicative of real problems in practice.
(for-each delete-file
- '("test/parallel/test-cluster-master-error.js"
- "test/parallel/test-cluster-master-kill.js"))
+ '("test/parallel/test-cluster-primary-error.js"
+ "test/parallel/test-cluster-primary-kill.js"))
;; These require a DNS resolver.
(for-each delete-file
'("test/parallel/test-dns.js"
- "test/parallel/test-dns-lookupService-promises.js"))
+ "test/parallel/test-dns-lookupService-promises.js"
+ "test/parallel/test-net-socket-connect-without-cb.js"
+ "test/parallel/test-tcp-wrap-listen.js"))
;; These tests require networking.
(for-each delete-file
- '("test/parallel/test-https-agent-unref-socket.js"
- "test/parallel/test-corepack-yarn-install.js"))
+ '("test/parallel/test-https-agent-unref-socket.js"))
;; This test is timing-sensitive, and fails sporadically on
;; slow, busy, or even very fast machines.
@@ -866,7 +879,7 @@ (define-public node-lts
icu4c-71
libuv-for-node
`(,nghttp2 "lib")
- openssl-1.1
+ openssl
zlib
;; Regular build-time dependencies.
perl
@@ -883,7 +896,7 @@ (define-public node-lts
llhttp-bootstrap
brotli
`(,nghttp2 "lib")
- openssl-1.1
+ openssl
python-wrapper ;; for node-gyp (supports python3)
zlib))))
--
2.38.1
H
H
Hilton Chain wrote on 11 Nov 2022 07:24
[PATCH v2 4/4] gnu: libnode: Use node-lts as base.
(address . guix-patches@gnu.org)
y76mt8yc8l4.wl-hako@ultrarare.space
* gnu/packages/node.scm (libnode): Use node-lts as base.
* gnu/packages/cran.scm (r-v8)[arguments]<#:phases>: Adjusted accordingly.
---
gnu/packages/cran.scm | 2 +-
gnu/packages/node.scm | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)

Toggle diff (32 lines)
diff --git a/gnu/packages/cran.scm b/gnu/packages/cran.scm
index a1702ae5f6..8f04d9ad6e 100644
--- a/gnu/packages/cran.scm
+++ b/gnu/packages/cran.scm
@@ -902,7 +902,7 @@ (define-public r-v8
(("^PKG_LIBS=.*")
(string-append "PKG_LIBS="
(assoc-ref inputs "libnode")
- "/lib/libnode.so.64\n")))
+ "/lib/libnode.so.108\n")))
(setenv "INCLUDE_DIR"
(string-append
(assoc-ref inputs "libnode")
diff --git a/gnu/packages/node.scm b/gnu/packages/node.scm
index cae7d3b0ca..0e56d12038 100644
--- a/gnu/packages/node.scm
+++ b/gnu/packages/node.scm
@@ -901,10 +901,10 @@ (define-public node-lts
zlib))))
(define-public libnode
- (package/inherit node
+ (package/inherit node-lts
(name "libnode")
(arguments
- (substitute-keyword-arguments (package-arguments node)
+ (substitute-keyword-arguments (package-arguments node-lts)
((#:configure-flags flags ''())
`(cons* "--shared" "--without-npm" ,flags))
((#:phases phases '%standard-phases)
--
2.38.1
M
M
Mekeor Melire wrote on 17 Nov 2022 00:31
Re: [bug#59188] [PATCH v2 3/4] gnu: node-lts: Update to 18.12.1.
(address . 59188@debbugs.gnu.org)
87zgcq79ml.fsf@posteo.de
2022-11-11 / 14:23 / hako@ultrarare.space:

Toggle quote (6 lines)
> * gnu/packages/node.scm (node-lts): Update to 18.12.1.
> [snippet]: Keep file deps/openssl/nodejs-openssl.cnf.
> [arguments]<#:phases>: Adjust problematic tests to delete accordingly.
> Patch additional file with hardcoded references to /bin/sh.
> [native-inputs,inputs]: Replace openssl-1.1 with openssl.

Thank you for this submission.

As I said in the other thread, I'd suggest to decline the 53414 (which
updates node to version 16.x) in favor of this patch-series (which
updates to 18.x). That is because it'll save us work since there'll only
be a single package-breaking upgrade (instead of two).

For this submission to be merged, I'd guess we should:

1. Check if we want to adapt some patches from Debian, listed here:
E.g. the "dfsg/privacy_breach.patch" looks good.

2. Make sure that packages, which depend on node, still build (and run)
fine. I'm not sure how to do this. Do we need a branch for this?


Kindly,
Mekeor


Toggle quote (94 lines)
> --- gnu/packages/node.scm | 35 ++++++++++++++++++++++++----------- 1
> file changed, 24 insertions(+), 11 deletions(-)
>
> diff --git a/gnu/packages/node.scm b/gnu/packages/node.scm
> index 0af0158f45..cae7d3b0ca 100644
> --- a/gnu/packages/node.scm
> +++ b/gnu/packages/node.scm
> @@ -735,23 +735,28 @@ (define-public llhttp-bootstrap
> (define-public node-lts
> (package
> (inherit node)
> - (version "14.19.3")
> + (version "18.12.1")
> (source (origin
> (method url-fetch)
> (uri (string-append "https://nodejs.org/dist/v" version
> - "/node-v" version ".tar.xz"))
> + "/node-v" version ".tar.gz"))
> (sha256
> (base32
> - "15691j5zhiikyamiwwd7f282g6d9acfhq91nrwx54xya38gmpx2w"))
> + "11n1h54wgh61inrlqjp0j4fqcz6kl60a3iip7ya90nqdl3fp90ds"))
> (modules '((guix build utils)))
> (snippet
> `(begin
> + ;; openssl.cnf is required for build.
> + (for-each delete-file-recursively
> + (find-files "deps/openssl"
> + (lambda (file stat)
> + (if (string-contains file "nodejs-openssl.cnf")
> + #f #t))))
> ;; Remove bundled software, where possible
> (for-each delete-file-recursively
> '("deps/cares"
> "deps/icu-small"
> "deps/nghttp2"
> - "deps/openssl"
> "deps/zlib"))
> (substitute* "Makefile"
> ;; Remove references to bundled software.
> @@ -800,23 +805,31 @@ (define-public node-lts
> libuv "/lib:"
> zlib "/lib"
> "'],"))))))
> + (add-after 'patch-hardcoded-program-references
> + 'patch-additional-hardcoded-program-references
> + (lambda* (#:key inputs #:allow-other-keys)
> + (substitute* "test/parallel/test-stdin-from-file-spawn.js"
> + (("'/bin/sh'") (string-append
> + "'" (search-input-file inputs "/bin/sh")
> + "'")))))
> (replace 'delete-problematic-tests
> (lambda* (#:key inputs #:allow-other-keys)
> ;; FIXME: These tests fail in the build container, but they don't
> ;; seem to be indicative of real problems in practice.
> (for-each delete-file
> - '("test/parallel/test-cluster-master-error.js"
> - "test/parallel/test-cluster-master-kill.js"))
> + '("test/parallel/test-cluster-primary-error.js"
> + "test/parallel/test-cluster-primary-kill.js"))
>
> ;; These require a DNS resolver.
> (for-each delete-file
> '("test/parallel/test-dns.js"
> - "test/parallel/test-dns-lookupService-promises.js"))
> + "test/parallel/test-dns-lookupService-promises.js"
> + "test/parallel/test-net-socket-connect-without-cb.js"
> + "test/parallel/test-tcp-wrap-listen.js"))
>
> ;; These tests require networking.
> (for-each delete-file
> - '("test/parallel/test-https-agent-unref-socket.js"
> - "test/parallel/test-corepack-yarn-install.js"))
> + '("test/parallel/test-https-agent-unref-socket.js"))
>
> ;; This test is timing-sensitive, and fails sporadically on
> ;; slow, busy, or even very fast machines.
> @@ -866,7 +879,7 @@ (define-public node-lts
> icu4c-71
> libuv-for-node
> `(,nghttp2 "lib")
> - openssl-1.1
> + openssl
> zlib
> ;; Regular build-time dependencies.
> perl
> @@ -883,7 +896,7 @@ (define-public node-lts
> llhttp-bootstrap
> brotli
> `(,nghttp2 "lib")
> - openssl-1.1
> + openssl
> python-wrapper ;; for node-gyp (supports python3)
> zlib))))
L
L
Ludovic Courtès wrote on 18 Nov 2022 15:12
Re: bug#59188: [PATCH 0/4] gnu: node-lts: Update to 18.12.1.
(name . Mekeor Melire)(address . mekeor@posteo.de)
87bkp4bbd1.fsf_-_@gnu.org
Hi,

Mekeor Melire <mekeor@posteo.de> skribis:

Toggle quote (5 lines)
> As I said in the other thread, I'd suggest to decline the 53414 (which
> updates node to version 16.x) in favor of this patch-series (which
> updates to 18.x). That is because it'll save us work since there'll only
> be a single package-breaking upgrade (instead of two).

Sounds good to me.

Toggle quote (6 lines)
> For this submission to be merged, I'd guess we should:
>
> 1. Check if we want to adapt some patches from Debian, listed here:
> https://sources.debian.org/patches/nodejs/18.12.1+dfsg-2/
> E.g. the "dfsg/privacy_breach.patch" looks good.

Yes, but that can be done separately I guess.

Toggle quote (3 lines)
> 2. Make sure that packages, which depend on node, still build (and run)
> fine. I'm not sure how to do this. Do we need a branch for this?

It depends. Hilton, were you able to build everything returned by
‘guix refresh -l node’, except perhaps ungoogled-chromium?

For some reason https://qa.guix.gnu.org/issue/59188 didn’t pick it
up. Anything we should do to address that, Chris?

Otherwise we can indeed create a branch and tell ci.guix to build it,
for instance.

Thanks,
Ludo’.
H
H
Hilton Chain wrote on 19 Nov 2022 06:17
(name . Ludovic Courtès)(address . ludo@gnu.org)
y76y1s7o740.wl-hako@ultrarare.space
node-acorn fails in check phase.
#+RESULTS:
: starting phase `check'
: npm ERR! Missing script: "test"
: npm ERR!
: npm ERR! To see a list of scripts, run:
: npm ERR! npm run
:
: npm ERR! A complete log of this run can be found in:
: npm ERR! /tmp/guix-build-node-acorn-8.4.1.drv-0/source/npm-home-0/.npm/_logs/2022-11-19T04_28_57_471Z-debug-0.log
: error: in phase 'check': uncaught exception:
: %exception #<&invoke-error program: "/gnu/store/l32l0i53ik9ja3fircdd89bgq6b1v6y5-node-18.12.1/bin/npm" arguments: ("test") exit-status: 1 term-signal: #f stop-signal: #f>
: phase `check' failed after 0.2 seconds
: command "/gnu/store/l32l0i53ik9ja3fircdd89bgq6b1v6y5-node-18.12.1/bin/npm" "test" failed with status 1

Then node-uglify-js
#+RESULTS:
: starting phase `configure'
: npm ERR! code 254
: npm ERR! path /gnu/store/969597ncg311d3kd8vbhdlniwqg4mr2k-node-acorn-8.4.1/lib/node_modules/acorn
: npm ERR! command failed
: npm ERR! command sh -c -- cd ..; npm run build:main && npm run build:bin
: npm ERR! npm ERR! code ENOENT
: npm ERR! npm ERR! syscall open
: npm ERR! npm ERR! path /gnu/store/969597ncg311d3kd8vbhdlniwqg4mr2k-node-acorn-8.4.1/lib/package.json
: npm ERR! npm ERR! errno -2
: npm ERR! npm ERR! enoent ENOENT: no such file or directory, open '/gnu/store/969597ncg311d3kd8vbhdlniwqg4mr2k-node-acorn-8.4.1/lib/package.json'
: npm ERR! npm ERR! enoent This is related to npm not being able to find a file.
: npm ERR! npm ERR! enoent
: npm ERR!
: npm ERR! npm ERR! A complete log of this run can be found in:
: npm ERR! npm ERR! /tmp/guix-build-node-uglify-js-3.13.9.drv-0/npm-home-0/.npm/_logs/2022-11-19T04_54_25_643Z-debug-0.log
:
: npm ERR! A complete log of this run can be found in:
: npm ERR! /tmp/guix-build-node-uglify-js-3.13.9.drv-0/npm-home-0/.npm/_logs/2022-11-19T04_54_25_343Z-debug-0.log
: error: in phase 'configure': uncaught exception:
: %exception #<&invoke-error program: "/gnu/store/l32l0i53ik9ja3fircdd89bgq6b1v6y5-node-18.12.1/bin/npm" arguments: ("--offline" "--ignore-scripts" "install") exit-status: 254 term-signal: #f stop-signal: #f>
: phase `configure' failed after 0.6 seconds
: command "/gnu/store/l32l0i53ik9ja3fircdd89bgq6b1v6y5-node-18.12.1/bin/npm" "--offline" "--ignore-scripts" "install" failed with status 254

One test failed after deleting node-uglify-js's configure phase.
#+RESULTS:
: 1 test(s) failed!
:
: test/reduce.js
: 1) Should reduce test case which differs only in Error.message
: AssertionError [ERR_ASSERTION]: Expected values to be strictly equal:
: + actual - expected
:
: + `try{null[function(){}]}catch(e){console.log(e)}\n// output: TypeError: Cannot read properties of null (reading 'function(){}')\n// \n// minify: TypeError: Cannot read properties of null (reading 'function() {}')\n// \n// options: {\n// "compress": false,\n// "mangle": false,\n// "output": {\n// "beautify": true\n// }\n// }`
: - `try{null[function(){}]}catch(e){console.log(e)}\n// output: TypeError: Cannot read property 'function(){}' of null\n// \n// minify: TypeError: Cannot read property 'function() {}' of null\n// \n// options: {\n// "compress": false,\n// "mangle": false,\n// "output": {\n// "beautify": true\n// }\n// }`
: at Function.<anonymous> (/tmp/guix-build-node-uglify-js-3.13.9.drv-0/source/test/mocha/reduce.js:285:16)
: at run (/tmp/guix-build-node-uglify-js-3.13.9.drv-0/source/test/mocha.js:79:18)
: at process.processTicksAndRejections (node:internal/process/task_queues:77:11)
: error: in phase 'check': uncaught exception:
: %exception #<&invoke-error program: "/gnu/store/l32l0i53ik9ja3fircdd89bgq6b1v6y5-node-18.12.1/bin/npm" arguments: ("test") exit-status: 1 term-signal: #f stop-signal: #f>
: phase `check' failed after 264.2 seconds
: command "/gnu/store/l32l0i53ik9ja3fircdd89bgq6b1v6y5-node-18.12.1/bin/npm" "test" failed with status 1

Then node-string-decoder fails to install, I have no idea how to continue...
#+RESULTS:
: starting phase `install'
: npm info using npm@8.19.2
: npm info using node@v18.12.1
: npm timing npm:load:whichnode Completed in 0ms
: npm timing config:load:defaults Completed in 1ms
: npm timing config:load:file:/gnu/store/l32l0i53ik9ja3fircdd89bgq6b1v6y5-node-18.12.1/lib/node_modules/npm/npmrc Completed in 2ms
: npm timing config:load:builtin Completed in 3ms
: npm WARN config production Use `--omit=dev` instead.
: npm timing config:load:cli Completed in 1ms
: npm timing config:load:env Completed in 1ms
: npm timing config:load:project Completed in 0ms
: npm timing config:load:file:/tmp/guix-build-node-string-decoder-1.3.0.drv-0/npm-home-0/.npmrc Completed in 0ms
: npm timing config:load:user Completed in 0ms
: npm timing config:load:file:/gnu/store/ansccgk9y8vzd5rwsx4iz7j2n0gp8ig8-node-string-decoder-1.3.0/etc/npmrc Completed in 2ms
: npm timing config:load:global Completed in 2ms
: npm timing config:load:validate Completed in 0ms
: npm timing config:load:credentials Completed in 1ms
: npm timing config:load:setEnvs Completed in 0ms
: npm timing config:load Completed in 9ms
: npm timing npm:load:configload Completed in 9ms
: npm timing npm:load:mkdirpcache Completed in 1ms
: npm timing npm:load:mkdirplogs Completed in 1ms
: npm timing npm:load:setTitle Completed in 0ms
: npm timing config:load:flatten Completed in 1ms
: npm timing npm:load:display Completed in 4ms
: npm timing npm:load:logFile Completed in 3ms
: npm timing npm:load:timers Completed in 0ms
: npm timing npm:load:configScope Completed in 0ms
: npm timing npm:load Completed in 19ms
: npm timing arborist:ctor Completed in 0ms
: npm timing idealTree:init Completed in 4ms
: npm timing idealTree:userRequests Completed in 30ms
: npm timing idealTree:#root Completed in 16ms
: npm timing idealTree:node_modules/string_decoder Completed in 3ms
: npm timing idealTree:node_modules/string_decoder/node_modules/safe-buffer Completed in 0ms
: npm timing idealTree:buildDeps Completed in 20ms
: npm timing idealTree:fixDepFlags Completed in 0ms
: npm timing idealTree Completed in 56ms
: npm timing reify:loadTrees Completed in 57ms
: npm timing reify:diffTrees Completed in 1ms
: npm timing reify:retireShallow Completed in 1ms
: npm timing reify:createSparse Completed in 0ms
: npm timing reify:trashOmits Completed in 0ms
: npm timing reify:loadBundles Completed in 0ms
: npm timing reify:audit Completed in 0ms
: npm timing reifyNode:node_modules/string_decoder/node_modules/safe-buffer Completed in 5ms
: npm timing reifyNode:node_modules/string_decoder Completed in 12ms
: npm timing reify:unpack Completed in 13ms
: npm timing reify:unretire Completed in 0ms
: npm timing build:queue Completed in 1ms
: npm timing build:deps Completed in 1ms
: npm timing build:queue Completed in 1ms
: npm timing build:links Completed in 1ms
: npm timing build Completed in 2ms
: npm timing reify:build Completed in 2ms
: npm timing reify:trash Completed in 0ms
: npm timing command:install Completed in 83ms
: npm ERR! Cannot set properties of null (setting 'dev')
: npm timing npm Completed in 163ms
:
: npm ERR! A complete log of this run can be found in:
: npm ERR! /tmp/guix-build-node-string-decoder-1.3.0.drv-0/npm-home-0/.npm/_logs/2022-11-19T05_09_44_366Z-debug-0.log
: error: in phase 'install': uncaught exception:
: %exception #<&invoke-error program: "/gnu/store/l32l0i53ik9ja3fircdd89bgq6b1v6y5-node-18.12.1/bin/npm" arguments: ("--prefix" "/gnu/store/ansccgk9y8vzd5rwsx4iz7j2n0gp8ig8-node-string-decoder-1.3.0" "--global" "--offline" "--loglevel" "info" "--production" "install" "../package.tgz") exit-status: 1 term-signal: #f stop-signal: #f>
: phase `install' failed after 0.4 seconds
: command "/gnu/store/l32l0i53ik9ja3fircdd89bgq6b1v6y5-node-18.12.1/bin/npm" "--prefix" "/gnu/store/ansccgk9y8vzd5rwsx4iz7j2n0gp8ig8-node-string-decoder-1.3.0" "--global" "--offline" "--loglevel" "info" "--production" "install" "../package.tgz" failed with status 1
C
C
Christopher Baines wrote on 20 Nov 2022 10:40
(name . Ludovic Courtès)(address . ludo@gnu.org)(address . 59188@debbugs.gnu.org)
87bkp2x8ns.fsf@cbaines.net
Ludovic Courtès <ludo@gnu.org> writes:

Toggle quote (6 lines)
> It depends. Hilton, were you able to build everything returned by
> ‘guix refresh -l node’, except perhaps ungoogled-chromium?
>
> For some reason <https://qa.guix.gnu.org/issue/59188> didn’t pick it
> up. Anything we should do to address that, Chris?

For some reason, the branch existed, but the patchwork checks
didn't. I've got some ideas on how to avoid that being a possibility in
the future.

Thanks,

Chris
-----BEGIN PGP SIGNATURE-----

iQKlBAEBCgCPFiEEPonu50WOcg2XVOCyXiijOwuE9XcFAmN59udfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF
ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcRHG1haWxAY2Jh
aW5lcy5uZXQACgkQXiijOwuE9XcLjQ//StlAfSFi10Mf9HglK7fEHSKC1W28TsTX
euRr/VjRfQkYzogjQOriMy9TrRh6JR0hEOaSblZmYAsrZ6foH+S8aSLcHCTh7Ar8
+EaAgw5RoUyvFUt3eQ8eLyCiFnvkAsdaDDKDw0pfNPp933+Lq+d3hUVZQQHEUVSv
7Z+XnlS0RgOzqVmDoyV/bwrOQjo2hdtUuqus+UgpUU0e6h/ATPRJ3Bxjd2efuJaY
10lCXZywTNUBL7ZMhYr2MKFReSC8vW5QibY/heIJGj/jN+44IiUVTys8SwZP+6f3
o74KP7kP2SyQ5xkf5ReMK+3VAPWAvhMBoK4wVsn43oeCLzl6584kvcPxUE3oc15g
BRwBM9oll1QiBFtAEVNcEludlIT0PJ8KZtVv7mGLpG4Nqvz4GT2E0fNv9Wi6Pai2
mvbspIen3OLoNSF18GSEVjbrZLdpiSy3y2OnJBW3dlUSTdY2UrvivzYmwYQB7tj+
Z73R1rY5+K/UZJnLBJSYVTt4iVljy7nQxgEKyYPR+n9kFaYWTHjRAuuL0B171jP9
FkwdahhYyEZIcKOaans4zdTCkn77W+B/zXs+52ZIxVny0SQDqWdXS8VMFpvDDQnR
acgkTCEd4IiV+NBUuhovgT+8oEGRUKR9xeqXEfQxhWOPjBphbeuW60eu33OFj+ZQ
K4YMgD8yVtU=
=UqCa
-----END PGP SIGNATURE-----

J
J
Jelle Licht wrote on 5 Jan 14:10 +0100
(name . Hilton Chain)(address . hako@ultrarare.space)
87bknd2kkq.fsf_-_@fsfe.org
Hello Hilton, other folks,

Hilton Chain <hako@ultrarare.space> writes:

Toggle quote (9 lines)
> node-acorn fails in check phase.
> #+RESULTS:
> : starting phase `check'
> : npm ERR! Missing script: "test"
> : npm ERR!
> : npm ERR! To see a list of scripts, run:
> : npm ERR! npm run
> <snip>

This is due to a change in how npm treats the 'test' command; before,
having no "scripts.test" entry in package.json lead to a placeholder of
"echo 'Error: no test specified'" (with a status code of 0).

More recently, npm was changed to make `npm test' like any other `npm
run XYZ' command. This means that all of the packages that fail like
this due to upgrading node/npm should be get a `#:tests? #f'.

Toggle quote (9 lines)
> Then node-uglify-js
> #+RESULTS:
> : starting phase `configure'
> : npm ERR! code 254
> : npm ERR! path /gnu/store/969597ncg311d3kd8vbhdlniwqg4mr2k-node-acorn-8.4.1/lib/node_modules/acorn
> : npm ERR! command failed
> : npm ERR! command sh -c -- cd ..; npm run build:main && npm run build:bin
> <snip>

This is due to the fact that the `prepare' scripts is being run for our
installed node-acorn. Apparently, the fact that it previously did not
happen was a bug that was fixed somewhere between node 14 and 18 [1][2].

I do not know what the best approach is here. Consider patching the
"scripts.prepare" entry in node-acorn, and if we find we need to do this
often, we can introduce a convenience function similar to
`delete-dependencies' to streamline this.

Toggle quote (80 lines)
> One test failed after deleting node-uglify-js's configure phase.
> #+RESULTS:
> : 1 test(s) failed!
> :
> : test/reduce.js
> : 1) Should reduce test case which differs only in Error.message
> : AssertionError [ERR_ASSERTION]: Expected values to be strictly equal:
> : + actual - expected
> :
> : + `try{null[function(){}]}catch(e){console.log(e)}\n// output: TypeError: Cannot read properties of null (reading 'function(){}')\n// \n// minify: TypeError: Cannot read properties of null (reading 'function() {}')\n// \n// options: {\n// "compress": false,\n// "mangle": false,\n// "output": {\n// "beautify": true\n// }\n// }`
> : - `try{null[function(){}]}catch(e){console.log(e)}\n// output: TypeError: Cannot read property 'function(){}' of null\n// \n// minify: TypeError: Cannot read property 'function() {}' of null\n// \n// options: {\n// "compress": false,\n// "mangle": false,\n// "output": {\n// "beautify": true\n// }\n// }`
> : at Function.<anonymous> (/tmp/guix-build-node-uglify-js-3.13.9.drv-0/source/test/mocha/reduce.js:285:16)
> : at run (/tmp/guix-build-node-uglify-js-3.13.9.drv-0/source/test/mocha.js:79:18)
> : at process.processTicksAndRejections (node:internal/process/task_queues:77:11)
> : error: in phase 'check': uncaught exception:
> : %exception #<&invoke-error program: "/gnu/store/l32l0i53ik9ja3fircdd89bgq6b1v6y5-node-18.12.1/bin/npm" arguments: ("test") exit-status: 1 term-signal: #f stop-signal: #f>
> : phase `check' failed after 264.2 seconds
> : command "/gnu/store/l32l0i53ik9ja3fircdd89bgq6b1v6y5-node-18.12.1/bin/npm" "test" failed with status 1
>
> Then node-string-decoder fails to install, I have no idea how to continue...
> #+RESULTS:
> : starting phase `install'
> : npm info using npm@8.19.2
> : npm info using node@v18.12.1
> : npm timing npm:load:whichnode Completed in 0ms
> : npm timing config:load:defaults Completed in 1ms
> : npm timing config:load:file:/gnu/store/l32l0i53ik9ja3fircdd89bgq6b1v6y5-node-18.12.1/lib/node_modules/npm/npmrc Completed in 2ms
> : npm timing config:load:builtin Completed in 3ms
> : npm WARN config production Use `--omit=dev` instead.
> : npm timing config:load:cli Completed in 1ms
> : npm timing config:load:env Completed in 1ms
> : npm timing config:load:project Completed in 0ms
> : npm timing config:load:file:/tmp/guix-build-node-string-decoder-1.3.0.drv-0/npm-home-0/.npmrc Completed in 0ms
> : npm timing config:load:user Completed in 0ms
> : npm timing config:load:file:/gnu/store/ansccgk9y8vzd5rwsx4iz7j2n0gp8ig8-node-string-decoder-1.3.0/etc/npmrc Completed in 2ms
> : npm timing config:load:global Completed in 2ms
> : npm timing config:load:validate Completed in 0ms
> : npm timing config:load:credentials Completed in 1ms
> : npm timing config:load:setEnvs Completed in 0ms
> : npm timing config:load Completed in 9ms
> : npm timing npm:load:configload Completed in 9ms
> : npm timing npm:load:mkdirpcache Completed in 1ms
> : npm timing npm:load:mkdirplogs Completed in 1ms
> : npm timing npm:load:setTitle Completed in 0ms
> : npm timing config:load:flatten Completed in 1ms
> : npm timing npm:load:display Completed in 4ms
> : npm timing npm:load:logFile Completed in 3ms
> : npm timing npm:load:timers Completed in 0ms
> : npm timing npm:load:configScope Completed in 0ms
> : npm timing npm:load Completed in 19ms
> : npm timing arborist:ctor Completed in 0ms
> : npm timing idealTree:init Completed in 4ms
> : npm timing idealTree:userRequests Completed in 30ms
> : npm timing idealTree:#root Completed in 16ms
> : npm timing idealTree:node_modules/string_decoder Completed in 3ms
> : npm timing idealTree:node_modules/string_decoder/node_modules/safe-buffer Completed in 0ms
> : npm timing idealTree:buildDeps Completed in 20ms
> : npm timing idealTree:fixDepFlags Completed in 0ms
> : npm timing idealTree Completed in 56ms
> : npm timing reify:loadTrees Completed in 57ms
> : npm timing reify:diffTrees Completed in 1ms
> : npm timing reify:retireShallow Completed in 1ms
> : npm timing reify:createSparse Completed in 0ms
> : npm timing reify:trashOmits Completed in 0ms
> : npm timing reify:loadBundles Completed in 0ms
> : npm timing reify:audit Completed in 0ms
> : npm timing reifyNode:node_modules/string_decoder/node_modules/safe-buffer Completed in 5ms
> : npm timing reifyNode:node_modules/string_decoder Completed in 12ms
> : npm timing reify:unpack Completed in 13ms
> : npm timing reify:unretire Completed in 0ms
> : npm timing build:queue Completed in 1ms
> : npm timing build:deps Completed in 1ms
> : npm timing build:queue Completed in 1ms
> : npm timing build:links Completed in 1ms
> : npm timing build Completed in 2ms
> : npm timing reify:build Completed in 2ms
> : npm timing reify:trash Completed in 0ms
> : npm timing command:install Completed in 83ms
> : npm ERR! Cannot set properties of null (setting 'dev')

This is due to either a newly introducded bug, or perhaps more likely,
an unfortunate sequence of interactions in arborist. I've done some
bisecting, and got things to work with a hack.

Relevants parts of arborist were rewritten in version 6, whereas we are
stuck with 5.4.XYZ, making a proper backport highly unlikely.

Toggle snippet (10 lines)
+ ;; TODO: Work around issue in that is fixed in arborist@6.0.0/npm@9.0.0/node@19+
+ (add-after 'patch-hardcoded-program-references
+ 'patch-broken-arborist
+ (lambda* (#:key inputs #:allow-other-keys)
+ (substitute* "deps/npm/node_modules/@npmcli/arborist/lib/calc-dep-flags.js"
+ (("if \\(node\\.isLink\\)")
+ "if (node.isLink && node.target)"))))


In addition it some of the packages in node-xyz.scm that involve
replacing the 'configure phase are also failing. For some reason, this
updated version of npm seems to want to have access to either some
cached metadata or the actual npm packages for each of the specified
devDependencies[3]. This can be worked around by introducing a
'patch-dependencies phase for impacted packages, and patching out all
devDependencies. AFAICS this applies for (at least) these packages:

- node-buffer-crc32
- node-crx3
- node-minimist
- node-pbf
- node-protocol-buffers-schema
- node-protobuf-schema
- node-ieee754
- node-yazl

HTH

You have my gratitude for working on this Hilton!
- Jelle




[3]: My guess: npm wants to be able to construct a 'proper'
package-lock.json, for which it needs some metadata from the npm
registry. I've already checked if adding '--no-package-lock' fixes the
issue, but while it indeed ensures no package-lock.json is generated, it
sadly doesn't address the issue. IWBN if there were some magical
invocation(s) for npm that allow these packages to actually be packaged
by distributions...
?