#17228 closed enhancement (fixed)


Reported by: Bruce Dubbs Owned by: pierre
Priority: elevated Milestone: 11.3
Component: BOOK Version: git
Severity: normal Keywords:


New major version?

Change History (18)

comment:1 by Bruce Dubbs, 13 months ago

Milestone: 11.3hold
Summary: node.js-18.12.0node.js-18.12.0 (Hold until somthing needs this)

This version conflicts wit Firefox and other packages.

comment:2 by ken@…, 13 months ago

This is the new long-term support version, so in theory we should be moving to it now. https://github.com/nodejs/release#release-schedule

Any pointers to the problem(s), please ?

comment:3 by pierre, 13 months ago

Somebody (r1c0n3r0) on #lfs-support says that ff is fine with node.js-18.12.0 and python-3.10, but that there are problems with python-3.11...

comment:4 by ken@…, 13 months ago

Fedora rawhide (so, using 106 series at the moment) have a patch for python-3.11 https://src.fedoraproject.org/rpms/firefox/blob/rawhide/f/build-python-3.11.patch (three small changes, could be seds) and extra source for firefox re node https://src.fedoraproject.org/rpms/firefox/blob/rawhide/f/node-stdout-nonblocking-wrapper which is

exec /usr/bin/node "$@" 2>&1 | cat -

which they activate with

echo 'export NODEJS="%{_buildrootdir}/bin/node-stdout-nonblocking-wrapper"' >> .mozconfig

Obviously their location is specific to how they build

comment:5 by Joe Locash, 13 months ago

I've been running node-v18.12.0 with FF-102.4.0esr for almost a week now with no issues. This is on a 11.2 build with only security updates.

I updated my build/testing environment to python-3.11 last night. For firefox I also needed https://src.fedoraproject.org/rpms/firefox/c/a76220b14695a6e4595c799e565a154a478a8c7a?branch=rawhide I did not need to use the extra node script that Ken mentioned.

comment:6 by ken@…, 13 months ago

Priority: normalelevated

Now v18.12.1 or v16.18.1 to address three vulnerabilities, two rated as high. [ https://nodejs.org/en/blog/vulnerability/november-2022-security-releases/]

I don't have a Python3 system, I'm unlikely to have one for the next week and my test machine is down, so merely noting this now - unsure if we should go to 18 or stick with 16.

comment:7 by Douglas R. Reno, 13 months ago

Some quick triaging - the two High vulnerabilities have to do with a bundled copy of OpenSSL (I think we use the system version?)

I think we should attempt going for 18

comment:8 by pierre, 13 months ago

From "r1c0n3r0" on #lfs-support:

good news is firefox-102.4.0esr can be built with
node-v18.12.1+Python-3.11.0+rustc-1.65.0, requiring the "rU" sed and
fedora's xpidl patch mentioned in the node.js ticket.

however I don't understand and don't know how to use the 'extra source
for firefox re node', so I didn't apply it.

comment:9 by pierre, 13 months ago

Milestone: hold11.3
Owner: changed from blfs-book to pierre
Status: newassigned
Summary: node.js-18.12.0 (Hold until somthing needs this)node.js-18.12.0

Will try to update to 18. If it seems too hard, I shall fall back to 16.

comment:10 by pierre, 13 months ago

Summary: node.js-18.12.0node.js-18.12.1

Now 18.12.1 (this one has the fixes for the security issues). Note that our node-v16 is only affected by the issue rated medium.

comment:12 by pierre, 13 months ago

First error at the very beginning of the build:

Please use python3.10 or python3.9 or python3.8 or python3.7 or python3.6.
Node.js configure: Found Python 3.11.0...

in reply to:  12 comment:13 by pierre, 13 months ago

Replying to pierre:

First error at the very beginning of the build:

Please use python3.10 or python3.9 or python3.8 or python3.7 or python3.6.
Node.js configure: Found Python 3.11.0...

Fixed upstream with this commit. The main part is just adding 3.11 to configure. I've used this dirty fix:

sed -i s/10/11/g configure

which would break the build if python-3.10 is still installed... But I am reluctant to using a patch. I'll add a note not to apply the sed if still with python-3.10.

comment:14 by Bruce Dubbs, 13 months ago

Let me give you a better sed:

sed -e '/=.*exec/a command -v python3.11 >/dev/null && exec python3.11 "$0" "$@"' \
    -e s'/((/((3, 11), (/'  \
    -i configure

I have already committed my sed... Feel free to change it, but I am not sure it is necessary.

Last edited 13 months ago by pierre (previous) (diff)

comment:15 by pierre, 13 months ago

Firefox built ok with the sed for "rU", and the change to pidl.py. Update committed at 38277fd5e.

comment:16 by pierre, 13 months ago

SA done. Waiting for thunderbird.

comment:17 by pierre, 13 months ago

Thunderbird compiled ok with the same changes as firefox. QtWebEngine has (at least, it is still compiling) two errors (both due to python-3.11, not node itself). It needs:

sed -i 's/\^(?i)/(?i)^/' src/3rdparty/chromium/tools/metrics/ukm/ukm_model.py
sed -i "s/'rU'/'r'/" src/3rdparty/chromium/tools/grit/grit/util.py

The first one fixes the error reported by Ken in https://lists.linuxfromscratch.org/sympa/arc/blfs-dev/2022-11/msg00021.html. I've checked it is in chromium-102.x, so this does not appear in fedora patches for chromium... And fedora is still using python2 for qtwebengine.

The second one is to implement https://src.fedoraproject.org/rpms/chromium/blob/rawhide/f/chromium-103.0.5060.53-python3-do-not-use-deprecated-mode-U.patch

comment:18 by pierre, 13 months ago

Resolution: fixed
Status: assignedclosed

qtwebengine compiled ok with the above fixes, closing.

Note: See TracTickets for help on using tickets.