Compare commits

..

No commits in common. 'i10c-beta' and 'i9ce' have entirely different histories.

3
.gitignore vendored

@ -1,2 +1 @@
SOURCES/llhttp-9.1.3-nm-dev.tgz SOURCES/llhttp-9.2.1.tar.gz
SOURCES/llhttp-9.1.3.tar.gz

@ -1,2 +1 @@
95778471ca43cf222724cd4a3e16a7a7506a3d8e SOURCES/llhttp-9.1.3-nm-dev.tgz a9bc2288b1fbb830bb4f454ea9803fe317472375 SOURCES/llhttp-9.2.1.tar.gz
a504e64bd543a743fa25d99abca569a01ce33e74 SOURCES/llhttp-9.1.3.tar.gz

@ -12,6 +12,19 @@ modules = "<unknown version>"
# tslib/test/validateModuleExportsMatchCommonJS # tslib/test/validateModuleExportsMatchCommonJS
validateModuleExportsMatchCommonJS = "<unknown version>" validateModuleExportsMatchCommonJS = "<unknown version>"
# Similarly, these are all just ES6 module (mjs) or CommonJS (cjs) module
# wrappers in packages that do have proper license information:
# node_modules_dev/@ungap/structured-clone/cjs
# node_modules_dev/@typescript-eslint/utils/node_modules/minimatch/dist/cjs
# node_modules_dev/@typescript-eslint/utils/node_modules/minimatch/dist/mjs
# node_modules_dev/@typescript-eslint/parser/node_modules/minimatch/dist/cjs
# node_modules_dev/@typescript-eslint/parser/node_modules/minimatch/dist/mjs
# node_modules_dev/@typescript-eslint/type-utils/node_modules/minimatch/dist/cjs
# node_modules_dev/@typescript-eslint/type-utils/node_modules/minimatch/dist/mjs
# node_modules_dev/flatted/cjs
cjs = "<unknown version>"
mjs = "<unknown version>"
# These are all “dummy” modules in the tests for resolve: # These are all “dummy” modules in the tests for resolve:
# resolve/test/module_dir/zmodules/bbb # resolve/test/module_dir/zmodules/bbb
bbb = "<unknown version>" bbb = "<unknown version>"

@ -6,7 +6,10 @@ from argparse import ArgumentParser, FileType, RawDescriptionHelpFormatter
from pathlib import Path from pathlib import Path
from sys import exit, stderr from sys import exit, stderr
try:
import tomllib import tomllib
except ImportError:
import tomli as tomllib
def main(): def main():
@ -21,9 +24,7 @@ def main():
continue # Do not even check the license continue # Do not even check the license
elif license is None: elif license is None:
problem = True problem = True
print( print(f"Missing license in package.json for {identity}", file=stderr)
f"Missing license in package.json for {identity}", file=stderr
)
elif isinstance(license, dict): elif isinstance(license, dict):
if isinstance(license.get("type"), str): if isinstance(license.get("type"), str):
continue continue
@ -62,10 +63,6 @@ def main():
return "At least one missing license was found." return "At least one missing license was found."
def check_exception(exceptions, name, version):
x = args.exceptions
def parse(package_json_path): def parse(package_json_path):
with package_json_path.open("rb") as pjfile: with package_json_path.open("rb") as pjfile:
pj = json.load(pjfile) pj = json.load(pjfile)
@ -85,9 +82,7 @@ def parse(package_json_path):
def parse_args(): def parse_args():
parser = ArgumentParser( parser = ArgumentParser(
formatter_class=RawDescriptionHelpFormatter, formatter_class=RawDescriptionHelpFormatter,
description=( description=("Search for bundled dependencies without declared licenses"),
"Search for bundled dependencies without declared licenses"
),
epilog=""" epilog="""
The exceptions file must be a TOML file with zero or more tables. Each tables The exceptions file must be a TOML file with zero or more tables. Each tables
@ -154,9 +149,7 @@ considered an error, and the program returns with nonzero status.
parser.error(f"Invalid format in {xname}: not an object") parser.error(f"Invalid format in {xname}: not an object")
for tablename, table in args.exceptions.items(): for tablename, table in args.exceptions.items():
if not isinstance(table, dict): if not isinstance(table, dict):
parser.error( parser.error(f"Non-table entry in {xname}: {tablename} = {table!r}")
f"Non-table entry in {xname}: {tablename} = {table!r}"
)
overlay = {} overlay = {}
for key, value in table.items(): for key, value in table.items():
if isinstance(value, str): if isinstance(value, str):
@ -176,9 +169,7 @@ considered an error, and the program returns with nonzero status.
x.update(args.exceptions[add]) x.update(args.exceptions[add])
except KeyError: except KeyError:
if xname is None: if xname is None:
parser.error( parser.error(f"No table {add}, as no exceptions file was given")
f"No table {add}, as no exceptions file was given"
)
else: else:
parser.error(f"No table {add} in {xname}") parser.error(f"No table {add} in {xname}")
# Store the merged dictionary # Store the merged dictionary

@ -97,12 +97,13 @@ mv node_modules/ node_modules_dev
if [[ -d node_modules_prod ]] if [[ -d node_modules_prod ]]
then then
tar -czf "../llhttp-${VERSION}-nm-prod.tgz" node_modules_prod tar -cf "../llhttp-${VERSION}-nm-prod.tar" node_modules_prod
fi fi
if [[ -d node_modules_dev ]] if [[ -d node_modules_dev ]]
then then
tar -czf "../llhttp-${VERSION}-nm-dev.tgz" node_modules_dev tar -cf "../llhttp-${VERSION}-nm-dev.tar" node_modules_dev
fi fi
zstdmt --ultra -22 "../llhttp-${VERSION}-nm-prod.tar" "../llhttp-${VERSION}-nm-dev.tar"
cd .. cd ..
find . -mindepth 1 -maxdepth 1 -type f \( -name "$(basename "${ARCHIVE}")" \ find . -mindepth 1 -maxdepth 1 -type f \( -name "$(basename "${ARCHIVE}")" \

@ -1,8 +1,8 @@
## START: Set by rpmautospec ## START: Set by rpmautospec
## (rpmautospec version 0.6.1) ## (rpmautospec version 0.6.3)
## RPMAUTOSPEC: autorelease, autochangelog ## RPMAUTOSPEC: autorelease, autochangelog
%define autorelease(e:s:pb:n) %{?-p:0.}%{lua: %define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
release_number = 7; release_number = 1;
base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}")); base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
print(release_number + base_release_number - 1); print(release_number + base_release_number - 1);
}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}} }%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
@ -36,8 +36,8 @@
# additional source even if we do not do the re-generation ourselves. # additional source even if we do not do the re-generation ourselves.
Name: llhttp Name: llhttp
Version: 9.1.3 Version: 9.2.1
%global so_version 9.1 %global so_version 9.2
Release: %autorelease Release: %autorelease
Summary: Port of http_parser to llparse Summary: Port of http_parser to llparse
@ -56,7 +56,7 @@ Source0: %{url}/archive/v%{version}/llhttp-%{version}.tar.gz
# therefore, no bundled licenses text file is generated either # therefore, no bundled licenses text file is generated either
Source1: llhttp-packaging-bundler Source1: llhttp-packaging-bundler
# Created with llhttp-packaging-bundler (Source1): # Created with llhttp-packaging-bundler (Source1):
Source2: llhttp-%{version}-nm-dev.tgz Source2: llhttp-%{version}-nm-dev.tar.zst
# While nothing in the dev bundle is installed, we still choose to audit for # While nothing in the dev bundle is installed, we still choose to audit for
# null licenses at build time and to keep manually-approved exceptions in a # null licenses at build time and to keep manually-approved exceptions in a
@ -81,11 +81,7 @@ BuildRequires: gcc-c++
# For check-null-licenses # For check-null-licenses
BuildRequires: python3-devel BuildRequires: python3-devel
%if !0%{?rhel} BuildRequires: (python3dist(tomli) if python3 < 3.11)
# For additional license auditing:
BuildRequires: askalono-cli
BuildRequires: licensecheck
%endif
%description %description
This project is a port of http_parser to TypeScript. llparse is used to This project is a port of http_parser to TypeScript. llparse is used to
@ -117,7 +113,7 @@ sed -r -i 's@ -[Og].\b@@g' Makefile
# Set up bundled (dev) node modules required to generate the C sources from the # Set up bundled (dev) node modules required to generate the C sources from the
# TypeScript sources. # TypeScript sources.
tar -xzf '%{SOURCE2}' tar --zstd --extract --file='%{SOURCE2}'
mkdir -p node_modules mkdir -p node_modules
pushd node_modules pushd node_modules
ln -s ../node_modules_dev/* . ln -s ../node_modules_dev/* .
@ -161,72 +157,7 @@ popd
# code with license problems in the source RPM. # code with license problems in the source RPM.
%{python3} '%{SOURCE3}' --exceptions '%{SOURCE4}' --with dev node_modules_dev %{python3} '%{SOURCE3}' --exceptions '%{SOURCE4}' --with dev node_modules_dev
%if !0%{?rhel} %set_build_flags
# Ensure we have checked all of the licenses in the dev dependency bundle for
# allowability.
pattern="${pattern-}${pattern+|}UNKNOWN|(Apache|Python) License 2\\.0"
pattern="${pattern-}${pattern+|}(MIT|ISC|BSD [023]-Clause) License"
pattern="${pattern-}${pattern+|}MIT License and/or X11 License"
pattern="${pattern-}${pattern+|}GNU General Public License"
# The CC0-1.0 license is *not allowed* in Fedora for code, but the
# binary-search dev dependency falls under the following blanket exception:
#
# Existing uses of CC0-1.0 on code files in Fedora packages prior to
# 2022-08-01, and subsequent upstream versions of those files in those
# packages, continue to be allowed. We encourage Fedora package maintainers
# to ask upstreams to relicense such files.
#
# https://gitlab.com/fedora/legal/fedora-license-data/-/issues/91#note_1151947383
#
# This can be verified by checking out commit
# f460573ec4dc41968e600a96aaaf03a167b236bf (2021-12-16) from dist-git for this
# package, obtaining the source llhttp-6.0.6-nm-dev.tgz, and observing that
# llhttp-6.0.6/node_modules_dev/binary-search/package.json shows the CC0-1.0
# license.
pattern="${pattern-}${pattern+|}binary-search/package.json: (\*No copyright\* )?Creative Commons CC0 1\.0"
# The license BSD-3-Clause-Clear appears in sprintf-js/bower.json. This license
# is on the not-allowed list, but it is not real: sprintf-js/package.json and
# sprintf-js/LICENSE have the correct (and allowed) BSD-3-Clause license, and
# upstream confirmed in “Licensing Question”
# https://github.com/alexei/sprintf.js/issues/211 that the appearance of
# BSD-3-Clause-Clear in this file was a mere typo.
pattern="${pattern-}${pattern+|}sprintf-js/bower.json: (\*No copyright\* )?BSD 3-Clause Clear License"
if licensecheck -r node_modules_dev |
grep -vE "(${pattern})( \\[generated file\\])?\$" ||
! askalono crawl node_modules_dev | awk '
$1 == "License:" { license = $0; next }
$1 == "Score:" {
if ( \
license ~ /: (MIT|ISC|0BSD|BSD-[23]-Clause) \(/ || \
license ~ /: (Apache-2\.0|Python-2\.0\.1) \(/ \
) {
next # license is OK
}
# license needs auditing
problem = 1
print file; print license; print $0
next
}
{ file = $0 }
END { exit problem }'
then
cat 1>&2 <<'EOF'
=================================================================
Possible new license(s) found in dev dependency bundle!
While these do not contribute to License, they must appear in:
https://docs.fedoraproject.org/en-US/legal/allowed-licenses/
Please audit them and modify the patterns representing expected
licenses in the spec file!
=================================================================
EOF
exit 1
fi
%endif
# http-loose-request.c:7205:20: error: invalid conversion from 'void*' to # http-loose-request.c:7205:20: error: invalid conversion from 'void*' to
# 'const unsigned char*' [-fpermissive] # 'const unsigned char*' [-fpermissive]
# 7205 | start = state->_span_pos0; # 7205 | start = state->_span_pos0;
@ -236,10 +167,8 @@ fi
export CXXFLAGS="${CXXFLAGS-} -fpermissive" export CXXFLAGS="${CXXFLAGS-} -fpermissive"
export CFLAGS="${CFLAGS-} -fpermissive" export CFLAGS="${CFLAGS-} -fpermissive"
export CLANG=gcc export CLANG=gcc
# See scripts.mocha in package.json: # See scripts.test in package.json:
NODE_ENV=test ./node_modules/.bin/mocha \ NODE_ENV=test node -r ts-node/register/type-check ./test/md-test.ts
-r ts-node/register/type-check \
test/*-test.ts
%files %files
@ -256,95 +185,72 @@ NODE_ENV=test ./node_modules/.bin/mocha \
%changelog %changelog
* Tue Nov 26 2024 MSVSphere Packaging Team <packager@msvsphere-os.ru> - 9.1.3-7 * Thu May 09 2024 Arkady L. Shane <tigro@msvsphere-os.ru> - 9.2.1-1
- Rebuilt for MSVSphere 10 - Rebuilt for MSVSphere 9.4
## START: Generated by rpmautospec ## START: Generated by rpmautospec
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 9.1.3-7 * Thu Apr 11 2024 Benjamin A. Beasley <code@musicinmybrain.net> - 9.2.1-1
- Bump release for June 2024 mass rebuild - Update to 9.2.1 (close RHBZ#2273352, fix CVE-2024-27982)
- Switch from xz to zstd compression for the “dev” bundle archive
* Tue May 28 2024 koncpa <pkoncity@redhat.com> - 9.1.3-6
- Enable RHEL gating for llhttp
* Sun Feb 11 2024 Yaakov Selkowitz <yselkowi@redhat.com> - 9.1.3-5
- Avoid licensecheck dependency in RHEL builds
* Thu Feb 08 2024 Benjamin A. Beasley <code@musicinmybrain.net> - 9.1.3-4 * Thu Apr 11 2024 Benjamin A. Beasley <code@musicinmybrain.net> - 9.2.0-4
- Better audit (and document auditing of) dev dependency licenses - Format check-null-licenses with “ruff format”
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> - 9.1.3-3 * Thu Apr 11 2024 Benjamin A. Beasley <code@musicinmybrain.net> - 9.2.0-1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild - Update to 9.2.0 (close RHBZ#2263250)
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> - 9.1.3-2 * Thu Apr 11 2024 Benjamin A. Beasley <code@musicinmybrain.net> - 9.1.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild - Compress the dev dependency bundle with xz instead of gzip
* Thu Oct 05 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 9.1.3-1 * Thu Nov 30 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 9.1.3-1
- Update to 9.1.3 (close RHBZ#2242220) - Update to 9.1.3 (close RHBZ#2242220)
* Tue Oct 03 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 9.1.2-1 * Thu Nov 30 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 9.1.2-1
- Update to 9.1.2 - Update to 9.1.2
* Thu Sep 14 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 9.1.1-1 * Thu Nov 30 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 9.1.1-1
- Update to 9.1.1 - Update to 9.1.1
* Thu Sep 14 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 9.1.0-1 * Thu Nov 30 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 9.1.0-1
- Update to 9.1.0 - Update to 9.1.0
* Mon Aug 21 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 9.0.1-1 * Thu Nov 30 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 9.0.1-1
- Update to 9.0.1 (close RHBZ#2228290) - Update to 9.0.1 (close RHBZ#2228290)
* Tue Aug 01 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 9.0.0-1 * Thu Nov 30 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 9.0.0-1
- Update to 9.0.0 - Update to 9.0.0
* Sat Jul 29 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 8.1.1-1 * Sat Jul 29 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 8.1.1-1
- Update to 8.1.1 (close RHBZ#2216591) - Update to 8.1.1 (close RHBZ#2216591)
* Thu Jul 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 8.1.0-6 * Sat Jul 29 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 8.1.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Sat Jun 03 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 8.1.0-5
- Remove explicit %%set_build_flags, not needed since F36
* Wed Feb 15 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 8.1.0-4
- Fix test compiling/execution - Fix test compiling/execution
* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 8.1.0-3 * Sat Jul 29 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 8.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Tue Dec 20 2022 Benjamin A. Beasley <code@musicinmybrain.net> - 8.1.0-2
- Indicate dirs. in files list with trailing slashes - Indicate dirs. in files list with trailing slashes
* Sat Oct 15 2022 Benjamin A. Beasley <code@musicinmybrain.net> - 8.1.0-1 * Sat Jul 29 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 8.1.0-1
- Update to 8.1.0 (close RHBZ#2131175) - Update to 8.1.0 (close RHBZ#2131175)
* Sat Oct 15 2022 Benjamin A. Beasley <code@musicinmybrain.net> - 8.0.0-1 * Sat Jul 29 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 8.0.0-1
- Update to 8.0.0 (close RHBZ#2131175) - Update to 8.0.0 (close RHBZ#2131175)
* Sat Oct 15 2022 Benjamin A. Beasley <code@musicinmybrain.net> - 6.0.10-2 * Sat Jul 29 2023 Stephen Gallagher <sgallagh@redhat.com> - 6.0.10-1
- Drop workarounds for Python 3.10 and older
* Thu Sep 29 2022 Stephen Gallagher <sgallagh@redhat.com> - 6.0.10-1
- Update to v6.0.10 - Update to v6.0.10
* Thu Aug 25 2022 Miro Hrončok <miro@hroncok.cz> - 6.0.9-2 * Sat Jul 29 2023 Miro Hrončok <miro@hroncok.cz> - 6.0.9-2
- Use tomllib/python-tomli instead of dead upstream python-toml - Use tomllib/python-tomli instead of dead upstream python-toml
* Thu Aug 11 2022 Benjamin A. Beasley <code@musicinmybrain.net> - 6.0.9-1 * Sat Jul 29 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 6.0.9-1
- Update to 6.0.9 (close RHBZ#2116231) - Update to 6.0.9 (close RHBZ#2116231)
- Bumped .so version from downstream 0.1 to upstream 6.0 - Bumped .so version from downstream 0.1 to upstream 6.0
- Better upstream support for building and installing a shared library - Better upstream support for building and installing a shared library
- The -devel package now contains a .pc file - The -devel package now contains a .pc file
- Tests are now built with gcc and fully respect distro flags - Tests are now built with gcc and fully respect distro flags
* Thu Jul 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 6.0.6-8 * Sat Jul 29 2023 Benjamin A. Beasley <code@musicinmybrain.net> - 6.0.6-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Wed Apr 20 2022 Benjamin A. Beasley <code@musicinmybrain.net> - 6.0.6-7
- Drop “forge” macros, which arent really doing much here - Drop “forge” macros, which arent really doing much here
* Thu Jan 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 6.0.6-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Fri Dec 24 2021 Benjamin A. Beasley <code@musicinmybrain.net> - 6.0.6-5 * Fri Dec 24 2021 Benjamin A. Beasley <code@musicinmybrain.net> - 6.0.6-5
- Add a note about LLHTTP_STRICT_MODE to the package description - Add a note about LLHTTP_STRICT_MODE to the package description

Loading…
Cancel
Save