| |
@@ -26,8 +26,8 @@
|
| |
# additional source even if we do not do the re-generation ourselves.
|
| |
|
| |
Name: llhttp
|
| |
- Version: 9.1.3
|
| |
- %global so_version 9.1
|
| |
+ Version: 9.2.1
|
| |
+ %global so_version 9.2
|
| |
Release: %autorelease
|
| |
Summary: Port of http_parser to llparse
|
| |
|
| |
@@ -46,7 +46,7 @@
|
| |
# therefore, no bundled licenses text file is generated either
|
| |
Source1: llhttp-packaging-bundler
|
| |
# Created with llhttp-packaging-bundler (Source1):
|
| |
- Source2: llhttp-%{version}-nm-dev.tgz
|
| |
+ Source2: llhttp-%{version}-nm-dev.tar.zst
|
| |
|
| |
# While nothing in the dev bundle is installed, we still choose to audit for
|
| |
# null licenses at build time and to keep manually-approved exceptions in a
|
| |
@@ -71,6 +71,11 @@
|
| |
|
| |
# For check-null-licenses
|
| |
BuildRequires: python3-devel
|
| |
+ %if !0%{?rhel}
|
| |
+ # For additional license auditing:
|
| |
+ BuildRequires: askalono-cli
|
| |
+ BuildRequires: licensecheck
|
| |
+ %endif
|
| |
|
| |
%description
|
| |
This project is a port of http_parser to TypeScript. llparse is used to
|
| |
@@ -102,7 +107,7 @@
|
| |
|
| |
# Set up bundled (dev) node modules required to generate the C sources from the
|
| |
# TypeScript sources.
|
| |
- tar -xzf '%{SOURCE2}'
|
| |
+ tar --zstd --extract --file='%{SOURCE2}'
|
| |
mkdir -p node_modules
|
| |
pushd node_modules
|
| |
ln -s ../node_modules_dev/* .
|
| |
@@ -146,6 +151,74 @@
|
| |
# code with license problems in the source RPM.
|
| |
%{python3} '%{SOURCE3}' --exceptions '%{SOURCE4}' --with dev node_modules_dev
|
| |
|
| |
+ %if !0%{?rhel}
|
| |
+ # Ensure we have checked all of the licenses in the dev dependency bundle for
|
| |
+ # allowability.
|
| |
+ pattern="${pattern-}${pattern+|}UNKNOWN|(Apache|Python) License 2\\.0"
|
| |
+ pattern="${pattern-}${pattern+|}(MIT|ISC|BSD [023]-Clause) License"
|
| |
+ pattern="${pattern-}${pattern+|}BSD 2-Clause with views sentence"
|
| |
+ pattern="${pattern-}${pattern+|}MIT License and/or X11 License"
|
| |
+ pattern="${pattern-}${pattern+|}GNU General Public License"
|
| |
+ # The CC0-1.0 license is *not allowed* in Fedora for code, but the
|
| |
+ # binary-search dev dependency falls under the following blanket exception:
|
| |
+ #
|
| |
+ # Existing uses of CC0-1.0 on code files in Fedora packages prior to
|
| |
+ # 2022-08-01, and subsequent upstream versions of those files in those
|
| |
+ # packages, continue to be allowed. We encourage Fedora package maintainers
|
| |
+ # to ask upstreams to relicense such files.
|
| |
+ #
|
| |
+ # https://gitlab.com/fedora/legal/fedora-license-data/-/issues/91#note_1151947383
|
| |
+ #
|
| |
+ # This can be verified by checking out commit
|
| |
+ # f460573ec4dc41968e600a96aaaf03a167b236bf (2021-12-16) from dist-git for this
|
| |
+ # package, obtaining the source llhttp-6.0.6-nm-dev.tgz, and observing that
|
| |
+ # llhttp-6.0.6/node_modules_dev/binary-search/package.json shows the CC0-1.0
|
| |
+ # license.
|
| |
+ pattern="${pattern-}${pattern+|}binary-search/package.json: (\*No copyright\* )?Creative Commons CC0 1\.0"
|
| |
+ # The license BSD-3-Clause-Clear appears in sprintf-js/bower.json. This license
|
| |
+ # is on the not-allowed list, but it is not real: sprintf-js/package.json and
|
| |
+ # sprintf-js/LICENSE have the correct (and allowed) BSD-3-Clause license, and
|
| |
+ # upstream confirmed in “Licensing Question”
|
| |
+ # https://github.com/alexei/sprintf.js/issues/211 that the appearance of
|
| |
+ # BSD-3-Clause-Clear in this file was a mere typo.
|
| |
+ pattern="${pattern-}${pattern+|}sprintf-js/bower.json: (\*No copyright\* )?BSD 3-Clause Clear License"
|
| |
+
|
| |
+ if licensecheck -r node_modules_dev |
|
| |
+ grep -vE "(${pattern})( \\[generated file\\])?\$" ||
|
| |
+ ! askalono crawl node_modules_dev | awk '
|
| |
+ $1 == "License:" { license = $0; next }
|
| |
+ $1 == "Score:" {
|
| |
+ if ( \
|
| |
+ license ~ /: (MIT|ISC) \(/ || \
|
| |
+ license ~ /: (0BSD|BSD-2-Clause(-Views)?|BSD-3-Clause) \(/ || \
|
| |
+ license ~ /: (Apache-2\.0|Python-2\.0\.1) \(/ \
|
| |
+ ) {
|
| |
+ next # license is OK
|
| |
+ }
|
| |
+ # license needs auditing
|
| |
+ problem = 1
|
| |
+ print file; print license; print $0
|
| |
+ next
|
| |
+ }
|
| |
+ { file = $0 }
|
| |
+ END { exit problem }'
|
| |
+
|
| |
+ then
|
| |
+ cat 1>&2 <<'EOF'
|
| |
+ =================================================================
|
| |
+ Possible new license(s) found in dev dependency bundle!
|
| |
+
|
| |
+ While these do not contribute to License, they must appear in:
|
| |
+ https://docs.fedoraproject.org/en-US/legal/allowed-licenses/
|
| |
+
|
| |
+ Please audit them and modify the patterns representing expected
|
| |
+ licenses in the spec file!
|
| |
+ =================================================================
|
| |
+ EOF
|
| |
+ exit 1
|
| |
+ fi
|
| |
+ %endif
|
| |
+
|
| |
# http-loose-request.c:7205:20: error: invalid conversion from 'void*' to
|
| |
# 'const unsigned char*' [-fpermissive]
|
| |
# 7205 | start = state->_span_pos0;
|
| |
@@ -155,10 +228,8 @@
|
| |
export CXXFLAGS="${CXXFLAGS-} -fpermissive"
|
| |
export CFLAGS="${CFLAGS-} -fpermissive"
|
| |
export CLANG=gcc
|
| |
- # See scripts.mocha in package.json:
|
| |
- NODE_ENV=test ./node_modules/.bin/mocha \
|
| |
- -r ts-node/register/type-check \
|
| |
- test/*-test.ts
|
| |
+ # See scripts.test in package.json:
|
| |
+ NODE_ENV=test node -r ts-node/register/type-check ./test/md-test.ts
|
| |
|
| |
|
| |
%files
|
| |
Merge Rawhide back to F39.
Since 9.2.0 broke ABI from 9.1.3, dependent packages will need to be rebuilt in a side tag. Also, aiohttp support for llhttp 9.2.1 will need to be backported as in https://src.fedoraproject.org/rpms/python-aiohttp/pull-request/32.
This package has a permanent FESCo exception for incompatible upgrades.