File nodejs.changes of Package nodejs

Fri Jul 29 13:47:43 UTC 2016 -

- new upstream version 6.3.1
  * buffer: Improve performance of Buffer.from(str, 'hex') and
    Buffer#write(str, 'hex')
  * buffer: Fix creating from zero-length ArrayBuffer
  * Backport V8 instanceof bugfix and update to V8 5.0.71.xx
  * repl: Fix issue with function redeclaration.
  * util: Fix inspecting of boxed symbols.
- 7569.diff - removed, upstreamed
- SHASUM256.txt - added empty file so that gpg check is run
  on the SHASUM256.txt.asc, which is not a detached signature

Fri Jul 15 14:09:53 UTC 2016 -

- obsolete remove gpg-offline / %gpg_verify

Wed Jul 13 12:04:07 UTC 2016 -

- Use OpenSSL supplied with Leap 42.2 and SLE12 SP2 instead of
  bundled version.

Thu Jul  7 10:44:27 UTC 2016 -

- new upstream version 6.3.0
  * buffer: Added buffer.swap64() to compliment swap16() & swap32()
  * crypto: Root certificates have been updated.
  * debugger: The server address is now configurable via
  * npm: Upgraded npm to v3.10.3
  * readline: Added the `prompt` option to the readline constructor.
  * repl / vm: `sigint`/`ctrl+c` will now break out of infinite loops
    without stopping the Node.js instance.
  * added support for v8_inspector (node --inspect)
- since we can, build NodeJS shared library.
- refreshed patches:
  * support-arm64-build.patch
  * nodejs-libpath.patch
  * npm_search_paths.patch
- 7569.diff:
  * Add upstream PR: #7569 to fix build failure with shared OpenSSL and
    v8_inspector enabled

Tue Jul  5 20:20:27 UTC 2016 -

- Fix Group tag.

Mon Jul  4 12:23:27 UTC 2016 -

- new upstream version 6.2.2
  * http:
    + could cause incoming connections to stall and
      time out under certain conditions. (Fedor Indutny)
    + When freeing the socket to be reused in keep-alive Agent
      wait for both prefinish and end events. Otherwise the next
      request may be written before the previous one has finished
      sending the body, leading to a parser errors. (Fedor Indutny)
  * npm: upgrade npm to 3.9.5 (Kat Marchán)
- use build_cond to to manage configure parameters, instead of
  having duplicate suse_version ifs
- fix permission issues with some installed files
- move fdups to end of install section to make sure we don't end up
  with dangling symlinks
- rpm cannot handle more than one level of parenthesis, hence 
  Conflict: otherproviders(npm), not otherproviders(npm(npm)) as the
  second version has no desired effect
- we should no longer need to explicitly set ARCH values - configure
  should deal with this properly
- verify upstream tarball integrity cryptographically
- patch changes:
  * nodejs-libpath.patch split into two, nodejs-libpath.patch that
    applies on default and nodejs-libpath64.patch that applies on top
    for 64-bit arches
  * support-arm64-build.patch refreshed
  * npm_search_paths.patch:
    + search for manpages in paths were we installed them
    + install modules into /usr/local prefix
    + search for config files under /etc/nodejs

Tue Jun 14 09:46:36 UTC 2016 -

- Search for node modules under /usr/lib{,64}/node_modules and not
  a non-owned path of /usr/lib{,64}/node

Mon Jun  6 08:44:43 UTC 2016 -

- uppdate version 6.2.1
  * buffer: Ignore negative lengths in calls to Buffer() and
  * npm: Upgrade npm to 3.9.3
  * V8: Upgrade to V8
- update to version 6.2.0
  * buffer: fix lastIndexOf and indexOf in various edge cases
  * src,module: add --preserve-symlinks command line flag
  * util: adhere to noDeprecation set at runtime
- refresh support-arm64-build.patch
  * `configure` bits incorporated upstream
- refresh addon-rpm.gypi

Fri May 13 14:52:12 UTC 2016 -

- update version 6.1.0
  * assert: deep{Strict}Equal() now works correctly with circular references.
  * debugger: Arrays are now formatted correctly in the debugger repl.
  * deps: Upgrade OpenSSL sources to 1.0.2h.
  * net: Introduced a Socket#connecting property. Previously this information
    was only available as the undocumented, internal _connecting property.
  * process: Introduced process.cpuUsage().
  * stream: Writable#setDefaultEncoding() now returns this.
  * util: Two new additions to util.inspect():
    + Added a maxArrayLength option to truncate the formatting of Arrays.
      This is set to 100 by default.
    + Added a showProxy option for formatting proxy intercepting handlers.
      Inspecting proxies is non-trivial and as such this is off by default.

Sun Mar 27 04:12:44 UTC 2016 -

- update version 5.9.1
  * buffer: Now properly throws RangeErrors on out-of-bounds writes
    This effects write{Float|Double} when the noAssert option is
    not used.
  * timers: Returned timeout objects now have a Timeout constructor
    name. Performance of Immediate processing is now ~20-40% faster
  * vm: Fixed a contextify regression introduced in v5.9.0

Tue Feb 23 12:45:30 UTC 2016 -

- update version 5.7.0
  + buffer:
    * You can now supply an encoding argument when filling a Buffer
      Buffer#fill(string[, start[, end]][, encoding]), supplying an
      existing Buffer will also work with
      Buffer#fill(buffer[, start[, end]]). See the API documentation
      for details on how this works.
    * Buffer#indexOf() no longer requires a byteOffset argument if
      you also wish to specify an encoding:
      Buffer#indexOf(val[, byteOffset][, encoding]).
  + child_process:
    * spawn() and spawnSync() now support a 'shell' option to allow
      for optional execution of the given command inside a shell. If
      set to true, cmd.exe will be used on Windows and /bin/sh elsewhere.
      A path to a custom shell can also be passed to override these
      defaults. On Windows, this option allows .bat. and .cmd files to
      be executed with spawn() and spawnSync().
  + http_parser:
    * Update to http-parser 2.6.2 to fix an unintentionally strict
      limitation of allowable header characters
  + dgram:
    * socket.send() now supports accepts an array of Buffers or
      Strings as the first argument. See the API docs for details on
      how this works.
  + http:
    * Fix a bug where handling headers will mistakenly trigger an
      'upgrade' event where the server is just advertising its
      protocols. This bug can prevent HTTP clients from communicating
      with HTTP/2 enabled servers.
  + net:
    * Added a listening Boolean property to net and http servers to
      indicate whether the server is listening for connections.
  + node:
    * The C++ node::MakeCallback() API is now reentrant and calling
      it from inside another MakeCallback() call no longer causes the
      nextTick queue or Promises microtask queue to be processed out
      of order.
  + tls:
    * Add a new tlsSocket.getProtocol() method to get the negotiated
      TLS protocol version of the current connection.
  + vm:
    * Introduce new 'produceCachedData' and 'cachedData' options to
      new vm.Script() to interact with V8's code cache. When a new
      vm.Script object is created with the 'produceCachedData' set to
      true a Buffer with V8's code cache data will be produced and
      stored in cachedData property of the returned object. This data
      in turn may be supplied back to another vm.Script() object with
      a 'cachedData' option if the supplied source is the same.
      Successfully executing a script from cached data can speed up
      instantiation time. See the API docs for details.
  + performance: Improvements in:
    * process.nextTick()
    * path module
    * querystring module
    * streams module when processing small chunks
- rework nodejs-libpath.patch

Fri Feb 19 16:32:39 UTC 2016 -

- update version 5.6.0
  * http: fix defects in HTTP header parsing for requests and
    responses that can allow request smuggling (CVE-2016-2086)
    (boo#966077) or response splitting (CVE-2016-2216 boo#966076)
    HTTP header parsing now aligns more closely with the HTTP spec
    including restricting the acceptable characters.
  * http-parser: upgrade from 2.6.0 to 2.6.1
  * npm: upgrade npm from 3.3.12 to 3.6.0
  * openssl: upgrade from 1.0.2e to 1.0.2f. To mitigate against
    the Logjam attack, TLS clients now reject Diffie-Hellman
    handshakes with parameters shorter than 1024-bits, up from
    the previous limit of 768-bits.
- changes in version 5.5.0
  * events: make sure console functions exist
  * fs: add autoClose option to fs.createWriteStream
  * http: improves expect header handling
  * node: allow preload modules with -i
  * v8,src: expose statistics about heap spaces
  * Minor performance improvements:
    + lib: Use arrow functions instead of bind where possible
    + module: cache stat() results more aggressively
    + querystring: improve parse() performance
- merge patch: nodejs-libpath.patch and nodejs-lib64path.patch

Wed Jan 20 12:49:30 UTC 2016 -

- update version 5.4.1
  * Minor performance improvements:
    + module: move unnecessary work for early return
  * Various bug fixes
  * Various doc fixes
  * Various test improvements
- fix boo#962297: online update breaks nodejs-npm dependency

Sat Jan  9 04:50:04 UTC 2016 -

- update version 5.4.0
  * http:
    + A new status code was added: 451 - "Unavailable For Legal Reasons"
    + Idle sockets that have been kept alive now handle errors
  * minor performance improvements:
    + assert: deepEqual is now speedier when comparing TypedArrays
    + lib: Use arrow functions instead of bind where possible
    + node: Improved accessor perf of process.env
    + node: Improved performance of process.hrtime()
    + node: Improved GetActiveHandles performance
    + util: Use faster iteration in util.format()
- fix boo#961254:
  * common.gypi should install at /usr/share/node, which is now
    in /usr/lib64/node_modules/npm/node_modules/node-gyp
  * node-gyp requires nodejs-devel which contains v8.h and others
    so npm sub-package should require nodejs-devel

Tue Dec 29 15:17:47 UTC 2015 -

- fix boo#955142: SLES11 compliance of build process
  * usage of g++ 4.8 needs to be specified on SLES11
  * python 2.6 does not include the check_output method
    used in the configure script. We need to patch it
    into the script
- add patch: nodejs-sle11-python26-check_output.patch
- adjust packaging method for nodejs-doc
  * %{_docdir} will be recreated anyway when *.md is
    added through %doc macro, so we can't install doc/api
    in %install section on sle11
- adjust packaging method for nodejs_sitelib
  * "install -d" won't work on sle11 for %{_libexecdir},
    replace with "mkdir -p"

Fri Dec 25 14:53:13 UTC 2015 -

- update version 5.3.0
  * buffer: Buffer.prototype.includes() has been added to keep 
    parity with TypedArrays
  * domains: Fix handling of uncaught exceptions
  * https: Added support for disabling session caching
  * repl: Allow third party modules to be imported using require()
  * deps: Upgrade libuv to 1.8.0
- as npm was dropped from factory/d:l:nodejs, we rename nodejs-npm
  to npm because there's only one npm package existing (there's 
  another one in 13.2 only, but we can upgrade it smoothly through
  newer version we provide
- fix boo#948045 again: Nodejs 4.0 rpm does not install addon-rpm.gypi
  * I copied codes from old specfile, which installed nodejs modules
    into /usr/share/node, while I splitted that directory into devel
    package. so common.gypi and addon-rpm.gypi were not in npm package
    at all!
- nodejs >= 5.2.0 needs binutils-gold to build (github issue #4212)

Wed Dec 16 03:16:04 UTC 2015 -

- update to 4.2.3
  * http: Fix a bug where an HTTP socket may no longer have a socket
    but a pipelined request triggers a pause or resume, a potential
    denial-of-service vector
  * openssl: Upgrade to 1.0.2e, containing fixes for:
    + CVE-2015-3193 (boo#957814) "BN_mod_exp may produce incorrect
      results on x86_64", an attack is considered feasible against a
      Node.js TLS server using DHE key exchange
    + CVE-2015-3194 (boo#957815) "Certificate verify crash with missing
      PSS parameter", a potential denial-of-service vector for Node.js
      TLS servers; TLS clients are also impacted
  * v8: Backport fixes for a bug in JSON.stringify() that can result in
    out-of-bounds reads for arrays.

Fri Nov 13 19:56:58 UTC 2015 -

- update to 4.2.2
 * buffer: fix value check for writeUInt{B,L}E
 * buffer: don't CHECK on zero-sized realloc
 * deps: backport 010897c from V8 upstream
 * deps: backport 8d6a228 from the v8's upstream
 * fs: reduced duplicate code in fs.write()
 * http: fix stalled pipeline bug
 * lib: fix cluster handle leak
 * lib: avoid REPL exit on completion error
 * repl: handle comments properly
 * repl: limit persistent history correctly on load 
 * src: fix race condition in debug signal on exit
 * src: fix exception message encoding on Windows
 * stream: avoid unnecessary concat of a single buffer
 * Timers: reuse timer in setTimeout().unref()
 * tls: TLSSocket options default isServer false 

Sat Oct 17 17:43:19 UTC 2015 -

- fixed boo#948602/CVE-2015-7384:
  * nodejs: HTTP Denial of Service Vulnerability
- drop nodejs-no-fips.patch, upstreamed
- update to 4.2.1
  * Includes fixes for two regressions
    + Assertion error in WeakCallback
    + Undefined timeout regression
- changes in 4.2.0
  * icu: Updated to version 56 with significant performance
  * node:
    + Added new -c (or --check) command line argument for checking
      script syntax without executing the code
    + Added to hold the current ICU library
    + Added process.release.lts to hold the current LTS codename
      when the binary is from an active LTS release line
  * npm: Upgraded to npm 2.14.7 from 2.14.4
- changes in 4.1.2
  * http:
    + Fix out-of-order 'finish' event bug in pipelining that can
      abort execution, fixes DoS vulnerability CVE-2015-7384
    + Account for pending response data instead of just the data
      on the current request to decide whether pause the socket
      or not
    + libuv: Upgraded from v1.7.4 to v1.7.5
    + Improved AIX support
  * v8:
    + Upgraded from v4.5.103.33 to v4.5.103.35
    + Backported f782159 from v8's upstream to help speed up Promise
    + Backported c281c15 from v8's upstream to add JSTypedArray 
      length in post-mortem metadata
- changes in 4.1.1
  * buffer: Fixed a bug introduced in v4.1.0 where allocating a new
    zero-length buffer can result in the next allocation of a
    TypedArray in JavaScript not being zero-filled. In certain
    circumstances this could result in data leakage via reuse of
    memory space in TypedArrays, breaking the normally safe assumption
    that TypedArrays should be always zero-filled.
  * http: Guard against response-splitting of HTTP trailing headers
    added via response.addTrailers() by removing new-line ([\r\n])
    characters from values. Note that standard header values are
    already stripped of new-line characters. The expected security
    impact is low because trailing headers are rarely used.
  * npm: 
    + Upgrade to npm 2.14.4 from 2.14.3
    + Upgrades graceful-fs on multiple dependencies to no longer 
      rely on monkey-patching fs
    + Fix npm link for pre-release / RC builds of Node
  * v8: 
    + Update post-mortem metadata to allow post-mortem debugging 
      tools to find and inspect:
    + JavaScript objects that use dictionary properties ScopeInfo
      and thus closures
- changes in 4.1.0
  * buffer:
    + Buffers are now created in JavaScript, rather than C++. 
      This increases the speed of buffer creation
    + Buffer#slice() now uses Uint8Array#subarray() internally,
      increasing slice() performance
  * fs:
    + fs.utimes() now properly converts numeric strings, NaN, 
      and Infinity
    + fs.WriteStream now implements _writev, allowing for
      super-fast bulk writes
  * http: Fixed an issue with certain write() sizes causing errors
    when using http.request()
  * npm: Upgrade to version 2.14.3
  * src: V8 cpu profiling no longer erroneously shows idle time
  * timers: #ref() and #unref() now return the timer they belong to
  * v8: Lateral upgrade to from, contains minor
        fixes. This fixes a previously known bug where some computed
        object shorthand properties did not work correctly. 

Fri Oct  2 13:14:03 UTC 2015 -

- replace node-no-fips.patch with upstream fix

Fri Oct  2 02:47:28 UTC 2015 -

- fix build by using internal openssl for openSUSE <= 1320
  which didn't provide openssl 1.0.2
- install missing addon-rpm.gypi (boo#948045)

Tue Sep 29 04:46:20 UTC 2015 -

- Do not force enable FIPS mode. bsc#947747

Sat Sep 12 05:38:35 UTC 2015 -

- update to 4.0.0
  * child_process: ChildProcess.prototype.send() and process.send()
    operate asynchronously across all platforms so an optional 
    callback parameter has been introduced that will be invoked once
    the message has been sent.
  * node: Rename "io.js" code to "Node.js".
  * node-gyp: This release bundles an updated version of node-gyp 
    that works with all versions of Node.js and io.js including 
    nightly and release candidate builds. From io.js v3 and Node.js
    v4 onward, it will only download a headers tarball when building
    addons rather than the entire source.
  * npm: Upgrade to version 2.14.2 from 2.13.3, includes a security
  * timers: Improved timer performance from porting the 0.12 
    implementation, plus minor fixes.
  * util: The*() functions have been deprecated, beginning
    with deprecation warnings in the documentation for this release,
    users are encouraged to seek more robust alternatives in the 
    npm registry.
  * v8: Upgrade to version from
    + Implement new TypedArray prototype methods: copyWithin(),
      every(), fill(), filter(), find(), findIndex(), forEach(),
      indexOf(), join(), lastIndexOf(), map(), reduce(),
      reduceRight(), reverse(), slice(), some(), sort().
    + Implement new TypedArray.from() and TypedArray.of() functions.
    + Implement arrow functions
- drop nodejs-openssl-missing-api.patch: it's for 0.9.8.
- ppc/ppc64(le) is natively supported since nodejs 3.0.0.
  so drop nodejs-v0.12.7-release-ppc.patch.bz2
- drop node-gcc5.patch, upstream fixed
- add nodejs-lib64path.patch, adjust libdir
- add nodejs-libpath.patch, adjust libdir
- add node-gyp-addon-gypi.patch
  * use custom addon.gypi by default instead of downloading
    node source
- add node_modules clean up codes

Wed Jul 29 10:55:26 UTC 2015 -

- update version 0.12.7
  * openssl: upgrade to 1.0.1p
  * npm: upgrade to 2.11.3
  * v8: cherry-pick JitCodeEvent patch from upstream
- changes in 0.12.6
  * v8: fix out-of-band write in utf8 decoder
  * fix boo#937414: CVE-2015-5380: nodejs: out of band write

Sat Jul 25 16:02:47 UTC 2015 -

- build with bundled npm

Thu Jun 25 14:53:27 UTC 2015 -

- update version 0.12.5
  * openssl: upgrade to 1.0.1o
  * npm: upgrade to 2.11.2
  * uv: upgrade to 1.6.1
  * V8: avoid deadlock when profiling is active
  * install: fix source path for openssl headers
  * install: make sure opensslconf.h is overwritten
  * timers: fix timeout when added in timer's callback
- add patch: node-gcc5.patch
  * fix gcc 5 version detection

Fri Jun  5 17:52:47 UTC 2015 -

- update version 0.12.4
  * npm: upgrade to 2.10.1
  * V8: revert v8 Array.prototype.values() removal
  * win: bring back xp/2k3 support
- previous changes from 0.12.1 to 0.12.3 see ChangeLog

Fri Apr  3 19:40:20 UTC 2015 -

- enable aarch64
- add support-arm64-build.patch

Thu Mar 19 11:03:57 UTC 2015 -

- enable s390x

Sun Mar  1 14:20:55 UTC 2015 -

- update version 0.12.0
  * npm: upgrade to 2.5.1
  * mdb_v8: update for v0.12
- drop nodejs-v0.10.32-release-ppc.patch.bz2
- add nodejs-v0.12.0-release-ppc.patch.bz2
- add README.SUSE.PowerPC to explain how to generate ppc patch

Wed Jan 21 18:23:55 UTC 2015 -

- Add three arches to ExclusiveArch: ppc ppc64 ppc64le
- Add nodejs-v0.10.32-release-ppc.patch.bz2 for them
  (required as PowerPC support not yet upstream)
  (the patch header details how it is created)
- do not configure --with-gdb for those architectures

Thu Oct  9 15:06:49 UTC 2014 -

- removed macros.nodejs (moved to nodejs-packaging)

Wed Sep 17 06:28:02 UTC 2014 -

- update version 0.10.32
  * v8: fix a crash introduced by previous release
  * configure: add --openssl-no-asm flag
  * crypto: use domains for any callback-taking method
  * http: do not send `0\r\n\r\n` in TE HEAD responses
  * querystring: fix unescape override
  * url: Add support for RFC 3490 separators

Wed Sep 10 12:14:13 UTC 2014 -

- do not install NPM
- use /usr/lib/node_modules instead of /usr/lib64/node_modules even
  on x86_64 (node modules are not binary)
- drop patch: nodejs-lib64path.patch and nodejs-libpath.patch
  * installing in /usr/lib64 doesn't really make sense for non-binary files
- drop patch: node-gyp-addon-gypi.patch and
  * they were patching npm files, which is separate now

Sat Aug 23 13:43:16 UTC 2014 -

- workaround for sles

Fri Aug 22 09:38:38 UTC 2014 -

- update version 0.10.31
  * v8: backport CVE-2013-6668
  * openssl: Update to v1.0.1i
  * npm: Update to v1.4.23
  * cluster: disconnect should not be synchronous
  * fs: fix fs.readFileSync fd leak when get RangeError
  * stream: fix Readable.wrap objectMode falsy values
  * timers: fix timers with non-integer delay hanging

Sat Aug 16 11:27:36 UTC 2014 -

- Update to version 0.10.30
  * uv: Upgrade to v0.10.28
  * npm: Upgrade to v1.4.21
  * v8: Interrupts must not mask stack overflow.
  * Revert "stream: start old-mode read in a next tick" (Fedor Indutny)
  * buffer: fix sign overflow in `readUIn32BE` (Fedor Indutny)
  * buffer: improve {read,write}{U}Int* methods (Nick Apperson)
  * child_process: handle writeUtf8String error (Fedor Indutny)
  * deps: backport 4ed5fde4f from v8 upstream (Fedor Indutny)
  * deps: cherry-pick eca441b2 from OpenSSL (Fedor Indutny)
  * lib: remove and restructure calls to isNaN() (cjihrig)
  * module: eliminate double `getenv()` (Maciej Małecki)
  * stream2: flush extant data on read of ended stream (Chris Dickinson)
  * streams: remove unused require('assert') (Rod Vagg)
  * timers: backport f8193ab (Julien Gilli)
  * util.h: interface compatibility (Oguz Bastemur)
  * zlib: do not crash on write after close (Fedor Indutny)

Tue Jul 29 13:43:10 UTC 2014 -

- fix a typo in macros.nodejs
- explicitly use /usr/lib, %%{_libexecdir} will resolve to
  /usr/lib64 on sles x86_64 versions.

Fri Jul 18 08:21:19 UTC 2014 -

- update version 0.10.29
  * openssl: to 1.0.1h (CVE-2014-0224)
  * npm: upgrade to 1.4.10
  * utf8: Prevent Node from sending invalid UTF-8 (Felix Geisendörfer)
    *NOTE* this introduces a breaking change, previously you could construct
    invalid UTF-8 and invoke an error in a client that was expecting valid
    UTF-8, now unmatched surrogate pairs are replaced with the unknown UTF-8
    character. To restore the old functionality simply have NODE_INVALID_UTF8
    environment variable set.
  * child_process: do not set args before throwing (Greg Sabia Tucker)
  * child_process: spawn() does not throw TypeError (Greg Sabia Tucker)
  * constants: export O_NONBLOCK (Fedor Indutny)
  * crypto: improve memory usage (Alexis Campailla)
  * fs: close file if fstat() fails in readFile() (cjihrig)
  * lib: name EventEmitter prototype methods (Ben Noordhuis)
  * tls: fix performance issue (Alexis Campailla)

Fri Jul 18 07:41:54 UTC 2014 -

- fix changelog chronologically

Wed May 28 13:45:51 UTC 2014 -

- fixes
  * initialization of the next build step was missing in case original node
    headers were to be used in node-gyp

Fri May  2 12:32:52 UTC 2014 -

- update version 0.10.27
  * npm: upgrade to v1.4.8
  * openssl: upgrade to 1.0.1g
  * uv: update to v0.10.27
  * dns: fix certain txt entries (Fedor Indutny)
  * assert: Ensure reflexivity of deepEqual (Mike Pennisi)
  * child_process: fix deadlock when sending handles (Fedor Indutny)
  * child_process: fix sending handle twice (Fedor Indutny)
  * crypto: do not lowercase cipher/hash names (Fedor Indutny)
  * dtrace: workaround linker bug on FreeBSD (Fedor Indutny)
  * http: do not emit EOF non-readable socket (Fedor Indutny)
  * http: invoke createConnection when no agent (Nathan Rajlich)
  * stream: remove useless check (Brian White)
  * timer: don't reschedule timer bucket in a domain (Greg Brail)
  * url: treat \ the same as / (isaacs)
  * util: format as Error if instanceof Error (Rod Vagg)
- add macros.nodejs

Sun Apr 27 11:29:44 UTC 2014 -

- update to 0.10.26:
  * cares: backport TXT parsing fix (Fedor Indutny)
  * child_process: fix spawn() optional arguments (Sam Roberts)
  * child_process: don't assert on stale file descriptor events (Fedor Indutny)
  * cluster: report more errors to workers (Fedor Indutny)
  * cluster, v8: fix --logfile=%p.log (Ben Noordhuis)
  * crypto: Make Decipher._flush() emit errors. (Kai Groner)
  * crypto: throw on SignFinal failure (Fedor Indutny)
  * crypto: update root certificates (Ben Noordhuis)
  * crypto: clear errors from verify failure (Timothy J Fontaine)
  * debugger: Fix breakpoint not showing after restart (Farid Neshat)
  * debugger: Fix bug in sb() with unnamed script (Maxim Bogushevich)
  * dgram: fix abort when getting `fd` of closed dgram (Fedor Indutny)
  * domains: exit() only affects active domains (Ryan Graham)
  * dtrace: interpret two byte strings (Dave Pacheco)
  * events: do not accept NaN in setMaxListeners (Fedor Indutny)
  * events: avoid calling `once` functions twice (Tim Wood)
  * events: fix TypeError in removeAllListeners (Jeremy Martin)
  * fs: make unwatchFile() insensitive to path (iamdoron)
  * fs: fix fs.truncate() file content zeroing bug (Ben Noordhuis)
  * fs: report correct path when EEXIST (Fedor Indutny)
  * http: provide backpressure for pipeline flood (isaacs)
  * module: only cache package main (Wyatt Preul)
  * net: do not re-emit stream errors (Fedor Indutny)
  * net: make Socket destroy() re-entrance safe (Jun Ma)
  * net: reset `endEmitted` on reconnect (Fedor Indutny)
  * node: do not close stdio implicitly (Fedor Indutny)
  * process: enforce allowed signals for kill (Sam Roberts)
  * readline: handle input starting with control chars (Eric Schrock)
  * repl: do not insert duplicates into completions (Maciej Małecki)
  * src: OnFatalError handler must abort() (Timothy J Fontaine)
  * tls: emit 'end' on .receivedShutdown (Fedor Indutny)
  * tls: fix potential data corruption (Fedor Indutny)
  * tls: handle `ssl.start()` errors appropriately (Fedor Indutny)
  * tls: reset NPN callbacks after SNI (Fedor Indutny)
  * tls: prevent stalls by using read(0) (Fedor Indutny)
  * tls: fix premature connection termination (Ben Noordhuis)
  * tls: fix sporadic hang and partial reads (Fedor Indutny)
  * tls: prevent duplicate values returned from read (Nathan Rajlich)
  * tls: NPN protocols are now local to connections (Fedor Indutny)
  * src: Fix memory leak on closed handles (Timothy J Fontaine)
  * stream: writes may return false but forget to emit drain (Yang Tianyang)
  * stream: objectMode transforms allow falsey values (isaacs)
  * stream: Don't crash on unset _events property (isaacs)
  * stream: Pass 'buffer' encoding with decoded writable chunks (isaacs)
  * v8: support compiling with VS2013 (Fedor Indutny)
  * v8: Fix enumeration for objects with lots of properties
  * v8: backport fix for CVE-2013-6639 and CVE-2013-6640
- refresh nodejs-lib64path.patch
- rebuild node-gyp-addon-gypi.patch from scratch
- small specfile cleanup (remove commented values finally)
- fix two file permissions during setup

Fri Mar 21 09:34:31 UTC 2014 -

- move v8 headers to node subdirectory in include dir. Otherwise
  it conflicts with the v8 package

Mon Jan 13 11:56:51 UTC 2014 -

- fixes
  * included v8 headers in the -devel package

Fri Aug 30 20:02:44 UTC 2013 -

- update to 0.10.17:
  * uv: Upgrade v0.10.14
  * http_parser: Do not accept PUN/GEM methods as PUT/GET
  * tls: fix assertion when ssl is destroyed at read 
  * stream: Throw on 'error' if listeners removed 
  * dgram: fix assertion on bad send() arguments
  * readline: pause stdin before turning off terminal raw mode
  * package:
    - remove unneeded files such as Makefiles, tests, ...
    - fix missing shebangs, exec flags
- changes from 0.10.16:
  * v8: back-port fix for CVE-2013-2882
  * npm: Upgrade to 1.3.8
  * crypto: fix assert() on malformed hex input
  * crypto: fix memory leak in randomBytes() error path
  * events: fix memory leak, don't leak event names
  * http: Handle hex/base64 encodings properly
  * http: improve chunked res.write(buf) performance
  * stream: Fix double pipe error emit
- changes from 0.10.15:
  * src: fix process.getuid() return value
- changes from 0.10.14:
  * os: Don't report negative times in cpu info
  * fs: Handle large UID and GID
  * url: Fix edge-case when protocol is non-lowercase
  * node: call MakeDomainCallback in all domain cases
  * crypto: fix memory leak in LoadPKCS12
- changes from 0.10.13:
  * tls: only wait for finish if we haven't seen it
  * http: Dump response when request is aborted
  * http: use an unref'd timer to fix delay in exit
  * zlib: level can be negative
  * zlib: allow zero values for level and strategy
  * string_bytes: properly detect 64bit
  * src: fix memory leak in UsingDomains
- changes from 0.10.12:
  * readline: make `ctrl + L` clear the screen
  * v8: add setVariableValue debugger command
  * net: Do not destroy socket mid-write
- changes from 0.10.11:
  * v8: fix pointer arithmetic undefined behavior
  * crypto: fix utf8/utf-8 encoding check
  * net: Fix busy loop on POLLERR|POLLHUP on older linux kernels
- changes from 0.10.10:
  * url: Properly parse certain oddly formed urls
  * stream: unshift('') is a noop
- changes from 0.10.9:
  * repl: fix JSON.parse error check
  * tls: proper .destroySoon
  * tls: invoke write cb only after opposite read end
  * tls: ignore .shutdown() syscall error
- changes from 0.10.8:
  * v8: update to
  * http: remove bodyHead from 'upgrade' events
  * http: Return true on empty writes, not false
  * http: save roundtrips, convert buffers to strings
  * buffer: throw when writing beyond buffer
  * crypto: Clear error after DiffieHellman key errors
  * string_bytes: strip padding from base64 strings
- changes from 0.10.7:
  * crypto: Don't ignore verify encoding argument
  * buffer, crypto: fix default encoding regression
  * timers: fix setInterval() assert
- changes from 0.10.6:
  * module: Deprecate require.extensions
  * stream: make Readable.wrap support objectMode, empty streams
  * child_process: fix handle delivery
  * crypto: Fix performance regression

Wed Aug 16 13:17:48 UTC 2013 -

- make nodejs use the v8 shipped with it by upstream.
  The API of the new v8 deviates too much and we're not involved
  enough upstream to justify a deviation here.

Thu Apr 25 18:33:51 UTC 2013 -

- update to 0.10.5

Thu Apr 25 18:12:39 UTC 2013 -

- rebase 0.10.4 build/patches against current OBS state

Sun Apr 21 19:29:22 UTC 2013 -

- always runtime require the exact v8 version that was used
  for building, as it breaks binary compatibility quite often 

Sun Apr 21 10:01:43 UTC 2013 -

- updated to 0.8.23
- added nodejs-openssl-missing-api.patch:
    * provides a macro implementation of EVP_PKEY_id, not present
      in openssl 0.9.8j and previous versions.
    * required when building for SLE11, which has older openssl.
- added nodejs-v8-deprecated-api.patch:
  * allows 0.8 versions of nodejs to use newer v8 versions, which
    deprecated (or renamed, in this case) some methods (in 3.15.3)
    and subsequently removed them (in 3.16.5).

Fri Apr 19 20:05:20 UTC 2013 -

- make v8 version deps explicit, and add more provides (copied from Fedora)

This will require manually updating the nodejs pkg whenever there's a
minor version bump in v8 (3.x to 3.y, not micro, i.e. 3.x.a to 3.x.b),
but that's better than v8 updates breaking existing nodejs installations.

Thu Apr 18 23:31:58 UTC 2013 -

- Fix build on platforms w/openssl 0.9.8 (e.g. SLES 11).
- Fix -devel subpkg -- manually install headers (copied from Fedora),
  and move dtrace and share to -devel subpkg.
  + NodeJS <= 0.8 installed headers itself, so this was not previously
  + NB: Fedora uses an external libuv pkg, but we don't, so we must
    also copy libuv headers.

Thu Apr 18 14:23:49 UTC 2013 -

- Update to version 0.10.4:
  + See
- Delete no longer needed patches:
  + node-v0.8.12_missing_include.patch
  + nodejs-devel-lib64path.patch
  + nodejs-no-v8-headers.patch
- Rebase nodejs-lib64path.patch and nodejs-libpath.patch.
- Add nodejs-v8-3.18.0.patch: make node.js compatible to V8 3.18.0.

Thu Mar  7 13:53:28 UTC 2013 -

- Set ExclusiveArch to x86 and ARM
  nodejs depends on v8 which is available only for those arches atm 

Thu Jan 31 16:08:14 CST 2013 -

- fix node-gyp to use the system v8 headers instead of those bundled with nodejs
    * Without this, dependencies installed via npm will be built against
      the bundled v8 (3.11.10) but linked against the system libv8 (currently
      3.16.x) which has ABI incompatibilites, and fail to run with symbol
    * 3.16 ABI change:
    * node-gyp patch taken from Fedora SRPM --
- remove bundled sources for shared dependencies, a la the Fedora 18
  updates-testing package (but simplified a bit)
    * without doing this, /usr/include/node will still have the 3.11.0
      v8 headers, and node-gyp will remain broken
- patch tools/ to not install these removed headers

Fri Nov  2 16:18:09 UTC 2012 -

- added node-v0.8.12_missing_include.patch:
  fixes a compiler warning about implicite declaration due to
  missing include.
- enabled usage of system zlib and openssl
- enabled gdb support
- set CFLAGS/CXXFLAGS so the binary gets compiled with the optflags

Thu Oct 25 01:38:35 UTC 2012 -

- update to version 0.8.12 
    * npm: Upgrade to 1.1.63

    * crypto: Reduce stability index to 2-Unstable (isaacs)

    * windows: fix handle leak in uv_fs_utime (Bert Belder)

    * windows: fix application crashed popup in debug version (Bert Belder)

    * buffer: report proper retained size in profiler (Ben Noordhuis)

    * buffer: fix byteLength with UTF-16LE (koichik)

    * repl: make "end of input" JSON.parse() errors throw in the REPL (Nathan Rajlich)

    * repl: make invalid RegExp modifiers throw in the REPL (Nathan Rajlich)

    * http: handle multiple Proxy-Authenticate values (Willi Eggeling)

Mon Sep 17 19:12:44 UTC 2012 -

- update to version 0.8.9
  * v8: upgrade to
  * GYP: upgrade to r1477
  * npm: Upgrade to 1.1.61
  * npm: Don't create world-writable files (isaacs)
  * unix: fix memory leak in udp (Ben Noordhuis)
  * unix: map errno ESPIPE (Ben Noordhuis)
  * unix, windows: fix memory corruption in fs-poll.c (Ben Noordhuis)
  * child process: fix processes with IPC channel don't emit 'close' (Bert Belder)
  * build: fix openssl configuration for "arm" builds (Nathan Rajlich)
  * tls: support unix domain socket/named pipe in tls.connect (Shigeki Ohtsu)
  * https: make https.get() accept a URL (koichik)
  * http: respect HTTP/1.0 TE header (Ben Noordhuis)
  * crypto, tls: Domainify setSNICallback, pbkdf2, randomBytes (Ben Noordhuis)
  * stream.pipe: Don't call destroy() unless it's a function (isaacs)

  * unix, windows: fix memory corruption in fs-poll.c (Ben Noordhuis)
  * unix: fix integer overflow in uv_hrtime (Tim Holy)
  * tls: update default cipher list (Ben Noordhuis)
  * unix: Fix llvm and older gcc duplicate symbol warnings (Bert Belder)
  * fs: fix use after free in stat watcher (Ben Noordhuis)
  * crypto: fix uninitialized memory access in openssl (Ben Noordhuis)
  * buffer, crypto: fix buffer decoding (Ben Noordhuis)
  * tls: handle multiple CN fields when verifying cert (Ben Noordhuis)
  * doc: remove unused util from child_process (Kyle Robinson Young)

Thu Jul 19 06:56:57 UTC 2012 -

- update to version 0.8.2:
  API changes between v0.6 and v0.8:
- update npm to 1.1.36
- remove node-segfault.patch, as 0.8.2 already has this fix
- remove nodejs-npm-lib64path.patch as no wscript any more
- remove libdir from configure as no such option in 0.8
- update nodejs-lib64path.patch to fix lib64 issue in x86_64

Fri Jun 15 11:05:56 UTC 2012 -

- fix segfault 

Fri Jun 15 10:30:28 UTC 2012 -

- update to version 0.6.19 
  npm: upgrade to 1.1.24
  fs: no end emit after createReadStream.pause() (Andreas Madsen)
  vm: cleanup module memory leakage (Marcel Laverdet)
  unix: fix loop starvation under high network load (Ben Noordhuis)
  unix: remove abort() in ev_unref() (Ben Noordhuis)
  windows/tty: never report error after forcibly aborting line-buffered read (Bert Belder)
  windows: skip GetFileAttributes call when opening a file (Bert Belder)

Tue May  8 15:52:08 UTC 2012 -

- update to version 0.6.17
  * Upgrade npm to 1.1.21
  * uv: Add support for EROFS errors 
  * uv: Add support for EIO and ENOSPC errors
  * windows: Add support for EXDEV errors 
  * http: Fix client memory leaks 
  * fs: fix file descriptor leak in sync functions 
  * fs: fix ReadStream / WriteStream double close bug 
- changes in version 0.6.16
  * Upgrade V8 to
  * Upgrade npm to 1.1.19
  * Windows: add mappings for UV_ENOENT
  * linux: add IN_MOVE_SELF to inotify event mask 
  * unix: call pipe handle connection cb on accept() error 
  * unix: handle EWOULDBLOCK 
  * Child process: support the `gid` and `uid` options 
  * test: cluster: add worker death event test 
  * typo in node_http_parser 
  * http_parser: Eat CRLF between requests, even on connection:close. 
  * don't check return value of unsetenv

Wed Apr 18 14:11:59 UTC 2012 -

- Update to version 0.6.15:
  * Update npm to 1.1.16
  * Show licenses in binary installers.
  * unix: add uv_fs_read64, uv_fs_write64 and uv_fs_ftruncate64
  * add 64bit offset fs functions
  * fs.readFile: don't make the callback before the fd is closed
  * Fix #2061: segmentation fault on OS X due to stat size mismatch
- Remove empty %clean section not cleaning up anything (and there's good default)
- Add spec file license header
- Ran spec-cleaner

Thu Apr  5 11:22:33 UTC 2012 -

- update to 0.6.14
  see for details

Wed Feb  15 16:17:00 UTC 2012 -

- Removed doc patch because it's included in neew 0.6.10 nodejs
- Upgraded to newest 0.6.10
- Testing on openSUSE 12.1

Fri Jan 27 19:04:03 UTC 2012 -

- Update to 0.6.8 

Thu Dec  1 19:39:23 UTC 2011 -

- Added patch for npm docs 

Wed Nov 30 12:24:22 UTC 2011 -

- Fix files section:
   use %{_libdir} instead of lib64 

Tue Nov 29 15:51:50 UTC 2011 -

- Removed 0.6.2 source 

Fri Nov 25 16:13:45 UTC 2011 -

- Updated to 0.6.3
    #2083 Land NPM in Node. It is included in packages/installers and installed on `make install`.
    #2076 Add logos to windows installer.
    #1711 Correctly handle http requests without headers. (Ben Noordhuis, Felix Geisendörfer)
    TLS: expose more openssl SSL context options and constants. (Ben Noordhuis)
    #2177 Windows: don’t kill UDP socket when a packet fails to reach its destination. (Bert Belder)
    Windows: support paths longer than 260 characters. (Igor Zinkovsky)
    Windows: correctly resolve drive-relative paths. (Bert Belder)
    #2166 Don’t leave file descriptor open after lchmod. (Isaac Schlueter)
    #2084 Add OS X .pkg build script to make file.
    #2160 Documentation improvements. (Ben Noordhuis)

Wed Nov 23 17:21:19 UTC 2011 -

- Updated to 0.6.2
- Build and link against system v8 

Tue Oct  4 15:21:47 UTC 2011 -

- Revert to latest stable version of node (0.4.12). Some packages didn't work
  properly with unstable.

Tue Oct  4 14:14:36 UTC 2011 -

- Update to latest unstable version of node: 0.5.8
- Build & link against system v8

Fri Sep 23 14:03:32 UTC 2011 -

- The devel package now requires gcc-c++ since most of the native nodejs
  packages need it.

Thu Sep 22 16:02:24 UTC 2011 -

- small cleanup inside of spec file