ghostfox/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

push sheeet
Some checks failed
Periodic Merges (6h) / master → staging-nixos (push) Failing after 12m50s
Details
Periodic Merges (6h) / master → staging-next (push) Failing after 12m54s
Details
Periodic Merges (24h) / merge-base(master,staging) → haskell-updates (push) Failing after 11m54s
Details
Periodic Merges (6h) / staging-next → staging (push) Failing after 12m13s
Details
Periodic Merges (24h) / staging-next-25.05 → staging-25.05 (push) Failing after 13m24s
Details
Periodic Merges (24h) / release-25.05 → staging-next-25.05 (push) Failing after 14m28s
Details

Browse Source
This commit is contained in:
Dark Steveneq
2025-10-09 14:15:47 +02:00
commit 646b892680
49168 changed files with 5897842 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
pkgs/development/web/nodejs/bin-sh-node-run-v22.patch Normal file
View File

@@ -0,0 +1,14 @@
Fixes test/parallel/test-node-run.js subtest.
Note that this techinically depends on an impurity during build, see
also https://github.com/NixOS/nix/issues/6081. Currently stdenv allows
/bin/sh as an impure host dependency on Darwin, so we are guaranteed to
have it to certain degree, although it is very hacky.
--- a/test/fixtures/run-script/node_modules/.bin/positional-args
+++ b/test/fixtures/run-script/node_modules/.bin/positional-args
@@ -1,3 +1,3 @@
-#!/bin/bash
+#!/bin/sh
echo "Arguments: '$@'"
echo "The total number of arguments are: $#"

15
pkgs/development/web/nodejs/configure-armv6-vfpv2.patch Normal file
View File

@@ -0,0 +1,15 @@
Allows ARM FPU to be set to vfpv2, e.g. for Raspberry Pi.
See https://github.com/nodejs/node/issues/44357#issuecomment-1235821878
--- a/configure.py
+++ b/configure.py
@@ -50,7 +50,7 @@
valid_arch = ('arm', 'arm64', 'ia32', 'mips', 'mipsel', 'mips64el', 'ppc',
'ppc64', 'x64', 'x86', 'x86_64', 's390x', 'riscv64', 'loong64')
valid_arm_float_abi = ('soft', 'softfp', 'hard')
-valid_arm_fpu = ('vfp', 'vfpv3', 'vfpv3-d16', 'neon')
+valid_arm_fpu = ('vfp', 'vfpv2', 'vfpv3', 'vfpv3-d16', 'neon')
valid_mips_arch = ('loongson', 'r1', 'r2', 'r6', 'rx')
valid_mips_fpu = ('fp32', 'fp64', 'fpxx')
valid_mips_float_abi = ('soft', 'hard')

146
pkgs/development/web/nodejs/configure-emulator.patch Normal file
View File

@@ -0,0 +1,146 @@
From 999d918bc8fefec1752243743a47c0ce5380bcec Mon Sep 17 00:00:00 2001
From: Ivan Trubach <mr.trubach@icloud.com>
Date: Wed, 17 Jul 2024 10:16:02 +0300
Subject: [PATCH] build: support setting an emulator from configure script
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
V8s JIT infrastructure requires binaries such as mksnapshot to be run
during the build. However, these binaries must have the same bit-width
as the host platform (e.g. a x86_64 build platform targeting ARMv6 needs
to produce a 32-bit binary).
To work around this issue, allow building the binaries for the host
platform and running them on the build platform with an emulator.
Based on Buildroots nodejs-src 0001-add-qemu-wrapper-support.patch.
https://gitlab.com/buildroot.org/buildroot/-/blob/c1d5eada4d4db9eeaa1c44dd1dea95a67c8a70ca/package/nodejs/nodejs-src/0001-add-qemu-wrapper-support.patch
Upstream: https://github.com/nodejs/node/pull/53899
---
common.gypi | 1 +
configure.py | 14 ++++++++++++++
node.gyp | 4 ++++
tools/v8_gypfiles/v8.gyp | 4 ++++
4 files changed, 23 insertions(+)
diff --git a/common.gypi b/common.gypi
index 154bbf2a0d..54d2afe3b3 100644
--- a/common.gypi
+++ b/common.gypi
@@ -13,6 +13,7 @@
'enable_pgo_generate%': '0',
'enable_pgo_use%': '0',
'python%': 'python',
+ 'emulator%': [],
'node_shared%': 'false',
'force_dynamic_crt%': 0,
diff --git a/configure.py b/configure.py
index f7e3310723..f7c7acdf4f 100755
--- a/configure.py
+++ b/configure.py
@@ -112,6 +112,12 @@ parser.add_argument('--dest-cpu',
choices=valid_arch,
help=f"CPU architecture to build for ({', '.join(valid_arch)})")
+parser.add_argument('--emulator',
+ action='store',
+ dest='emulator',
+ default=None,
+ help='emulator command that can run executables built for the target system')
+
parser.add_argument('--cross-compiling',
action='store_true',
dest='cross_compiling',
@@ -2276,6 +2282,14 @@ if flavor == 'win' and python.lower().endswith('.exe'):
# will fail to run python scripts.
gyp_args += ['-Dpython=' + python]
+if options.emulator is not None:
+ if not options.cross_compiling:
+ # Note that emulator is a list so we have to quote the variable.
+ gyp_args += ['-Demulator=' + shlex.quote(options.emulator)]
+ else:
+ # TODO: perhaps use emulator for tests?
+ warn('The `--emulator` option has no effect when cross-compiling.')
+
if options.use_ninja:
gyp_args += ['-f', 'ninja-' + flavor]
elif flavor == 'win' and sys.platform != 'msys':
diff --git a/node.gyp b/node.gyp
index 9617596760..439c76aca6 100644
--- a/node.gyp
+++ b/node.gyp
@@ -703,6 +703,7 @@
'<(SHARED_INTERMEDIATE_DIR)/node_snapshot.cc',
],
'action': [
+ '<@(emulator)',
'<(node_mksnapshot_exec)',
'--build-snapshot',
'<(node_snapshot_main)',
@@ -722,6 +723,7 @@
'<(SHARED_INTERMEDIATE_DIR)/node_snapshot.cc',
],
'action': [
+ '<@(emulator)',
'<@(_inputs)',
'<@(_outputs)',
],
@@ -1010,6 +1012,7 @@
'<(SHARED_INTERMEDIATE_DIR)/node_javascript.cc',
],
'action': [
+ '<@(emulator)',
'<(node_js2c_exec)',
'<@(_outputs)',
'lib',
@@ -1477,6 +1480,7 @@
'<(PRODUCT_DIR)/<(node_core_target_name).def',
],
'action': [
+ '<@(emulator)',
'<(PRODUCT_DIR)/gen_node_def.exe',
'<@(_inputs)',
'<@(_outputs)',
diff --git a/tools/v8_gypfiles/v8.gyp b/tools/v8_gypfiles/v8.gyp
index d65a5c268e..5cd6c36b86 100644
--- a/tools/v8_gypfiles/v8.gyp
+++ b/tools/v8_gypfiles/v8.gyp
@@ -112,6 +112,7 @@
'<@(torque_outputs_inc)',
],
'action': [
+ '<@(emulator)',
'<(PRODUCT_DIR)/<(EXECUTABLE_PREFIX)torque<(EXECUTABLE_SUFFIX)',
'-o', '<(SHARED_INTERMEDIATE_DIR)/torque-generated',
'-v8-root', '<(V8_ROOT)',
@@ -232,6 +233,7 @@
'action': [
'<(python)',
'<(V8_ROOT)/tools/run.py',
+ '<@(emulator)',
'<@(_inputs)',
'<@(_outputs)',
],
@@ -453,6 +455,7 @@
}],
],
'action': [
+ '<@(emulator)',
'>@(_inputs)',
'>@(mksnapshot_flags)',
],
@@ -1842,6 +1845,7 @@
'action': [
'<(python)',
'<(V8_ROOT)/tools/run.py',
+ '<@(emulator)',
'<@(_inputs)',
'<@(_outputs)',
],
--
2.44.1

30
pkgs/development/web/nodejs/corepack.nix Normal file
View File

@@ -0,0 +1,30 @@
{
lib,
stdenv,
nodejs,
}:
stdenv.mkDerivation {
pname = "corepack-nodejs";
inherit (nodejs) version;
nativeBuildInputs = [ nodejs ];
dontUnpack = true;
installPhase = ''
mkdir -p $out/bin
corepack enable --install-directory $out/bin
# Enabling npm caused some crashes - leaving out for now
# corepack enable --install-directory $out/bin npm
'';
meta = {
description = "Wrappers for npm, pnpm and Yarn via Node.js Corepack";
homepage = "https://nodejs.org/api/corepack.html";
changelog = "https://github.com/nodejs/node/releases/tag/v${nodejs.version}";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ wmertens ];
platforms = lib.platforms.linux ++ lib.platforms.darwin;
};
}

7
pkgs/development/web/nodejs/fix-npm-patch-paths.sh Executable file
View File

@@ -0,0 +1,7 @@
#!/usr/bin/env nix-shell
#!nix-shell -i bash -p gnused
sed -i "s| a/node_modules| a/deps/npm/node_modules|" node-npm-build-npm-package-logic.patch
sed -i "s| b/node_modules| b/deps/npm/node_modules|" node-npm-build-npm-package-logic.patch
sed -i "s| a/workspaces| a/deps/npm/node_modules/@npmcli|" node-npm-build-npm-package-logic.patch
sed -i "s| b/workspaces| b/deps/npm/node_modules/@npmcli|" node-npm-build-npm-package-logic.patch

24
pkgs/development/web/nodejs/gyp-patches-pre-v22-import-sys.patch Normal file
View File

@@ -0,0 +1,24 @@
Add missing import statement for gyp-patches.nix.
--- a/deps/npm/node_modules/node-gyp/gyp/pylib/gyp/generator/make.py
+++ b/deps/npm/node_modules/node-gyp/gyp/pylib/gyp/generator/make.py
@@ -25,6 +25,7 @@
import os
import re
import subprocess
+import sys
import gyp
import gyp.common
import gyp.xcode_emulation
--- a/tools/gyp/pylib/gyp/generator/make.py
+++ b/tools/gyp/pylib/gyp/generator/make.py
@@ -25,6 +25,7 @@
import os
import re
import subprocess
+import sys
import gyp
import gyp.common
import gyp.xcode_emulation

64
pkgs/development/web/nodejs/gyp-patches-set-fallback-value-for-CLT-darwin.patch Normal file
View File

@@ -0,0 +1,64 @@
Sandboxed builds need a fallback value for the version of the Command Line Tools
being used. Not calling `CLTVersion()` avoids relying on absolute paths,
improving the reproducibility of non-sandboxed builds.
diff --git a/tools/gyp/pylib/gyp/xcode_emulation.py b/tools/gyp/pylib/gyp/xcode_emulation.py
index 508f6ccac3e..44bcd988c4c 100644
--- a/tools/gyp/pylib/gyp/xcode_emulation.py
+++ b/tools/gyp/pylib/gyp/xcode_emulation.py
@@ -1495,24 +1495,8 @@ def XcodeVersion():
global XCODE_VERSION_CACHE
if XCODE_VERSION_CACHE:
return XCODE_VERSION_CACHE
- version = ""
+ version = "11.0.0.0.1.1567737322"
build = ""
- try:
- version_list = GetStdoutQuiet(["xcodebuild", "-version"]).splitlines()
- # In some circumstances xcodebuild exits 0 but doesn't return
- # the right results; for example, a user on 10.7 or 10.8 with
- # a bogus path set via xcode-select
- # In that case this may be a CLT-only install so fall back to
- # checking that version.
- if len(version_list) < 2:
- raise GypError("xcodebuild returned unexpected results")
- version = version_list[0].split()[-1] # Last word on first line
- build = version_list[-1].split()[-1] # Last word on last line
- except (GypError, OSError):
- # Xcode not installed so look for XCode Command Line Tools
- version = CLTVersion() # macOS Catalina returns 11.0.0.0.1.1567737322
- if not version:
- raise GypError("No Xcode or CLT version detected!")
# Be careful to convert "4.2.3" to "0423" and "11.0.0" to "1100":
version = version.split(".")[:3] # Just major, minor, micro
version[0] = version[0].zfill(2) # Add a leading zero if major is one digit
--- a/deps/npm/node_modules/node-gyp/gyp/pylib/gyp/xcode_emulation.py
+++ b/deps/npm/node_modules/node-gyp/gyp/pylib/gyp/xcode_emulation.py
@@ -1495,24 +1495,8 @@ def XcodeVersion():
global XCODE_VERSION_CACHE
if XCODE_VERSION_CACHE:
return XCODE_VERSION_CACHE
- version = ""
+ version = "11.0.0.0.1.1567737322"
build = ""
- try:
- version_list = GetStdoutQuiet(["xcodebuild", "-version"]).splitlines()
- # In some circumstances xcodebuild exits 0 but doesn't return
- # the right results; for example, a user on 10.7 or 10.8 with
- # a bogus path set via xcode-select
- # In that case this may be a CLT-only install so fall back to
- # checking that version.
- if len(version_list) < 2:
- raise GypError("xcodebuild returned unexpected results")
- version = version_list[0].split()[-1] # Last word on first line
- build = version_list[-1].split()[-1] # Last word on last line
- except (GypError, OSError):
- # Xcode not installed so look for XCode Command Line Tools
- version = CLTVersion() # macOS Catalina returns 11.0.0.0.1.1567737322
- if not version:
- raise GypError("No Xcode or CLT version detected!")
# Be careful to convert "4.2.3" to "0423" and "11.0.0" to "1100":
version = version.split(".")[:3] # Just major, minor, micro
version[0] = version[0].zfill(2) # Add a leading zero if major is one digit

29
pkgs/development/web/nodejs/gyp-patches.nix Normal file
View File

@@ -0,0 +1,29 @@
{
lib,
fetchpatch2,
patch_npm ? true,
patch_tools ? true,
}:
let
url = "https://github.com/nodejs/gyp-next/commit/8224deef984add7e7afe846cfb82c9d3fa6da1fb.patch?full_index=1";
in
lib.optionals patch_tools [
# Fixes builds with Nix sandbox on Darwin for gyp.
(fetchpatch2 {
inherit url;
hash = "sha256-kvCMpedjrY64BlaC1R0NVjk/vIVivYAGVgWwMEGeP6k=";
stripLen = 1;
extraPrefix = "tools/gyp/";
})
]
++ lib.optionals patch_npm [
(fetchpatch2 {
inherit url;
hash = "sha256-cXTwmCRHrNhuY1+3cD/EvU0CJ+1Nk4TRh6c3twvfaW8=";
stripLen = 1;
extraPrefix = "deps/npm/node_modules/node-gyp/gyp/";
})
]
++ [
./gyp-patches-set-fallback-value-for-CLT-darwin.patch
]

95
pkgs/development/web/nodejs/node-npm-build-npm-package-logic.patch Normal file
View File

@@ -0,0 +1,95 @@
This patch is based off of npm tag v9.1.5.
This introduces fixes for 4 issues:
1. When node-gyp is included as a dependency in a project, any scripts that run it will not use the copy included in Node. This is problematic because we patch node-gyp to work without xcbuild on Darwin, leading to these packages failing to build with a sandbox on Darwin.
2. When a Git dependency contains install scripts, it has to be built just like any other package. Thus, we need to patch shebangs appropriately, just like in npmConfigHook.
3. We get useless warnings that clog up logs when using a v1 lockfile, so we silence them.
4. npm looks at a hidden lockfile to determine if files have binaries to link into `node_modules/.bin`. When using a v1 lockfile offline, this lockfile does not contain enough info, leading to binaries for packages such as Webpack not being available to scripts. We used to work around this by making npm ignore the hidden lockfile by creating a file, but now we just disable the code path entirely.
To update:
1. Run `git diff` from an npm checkout
2. Run `fix-npm-patch-paths.sh`
3. Include/update this frontmatter, please!
diff --git a/deps/npm/node_modules/@npmcli/run-script/lib/set-path.js b/deps/npm/node_modules/@npmcli/run-script/lib/set-path.js
index c59c270d9..98785192f 100644
--- a/deps/npm/node_modules/@npmcli/run-script/lib/set-path.js
+++ b/deps/npm/node_modules/@npmcli/run-script/lib/set-path.js
@@ -12,7 +12,10 @@ const setPATH = (projectPath, binPaths, env) => {
.reduce((set, p) => set.concat(p.filter(concatted => !set.includes(concatted))), [])
.join(delimiter)
- const pathArr = []
+ // Ensure when using buildNpmPackage hooks that Node.js'
+ // bundled copy of node-gyp is used, instead of any copy
+ // pulled in as a dependency.
+ const pathArr = process.env['NIX_NODEJS_BUILDNPMPACKAGE'] ? [nodeGypPath, PATH] : [];
if (binPaths) {
pathArr.push(...binPaths)
}
@@ -26,7 +29,8 @@ const setPATH = (projectPath, binPaths, env) => {
pp = p
p = dirname(p)
} while (p !== pp)
- pathArr.push(nodeGypPath, PATH)
+ if (!process.env['NIX_NODEJS_BUILDNPMPACKAGE']) { pathArr.push(nodeGypPath, PATH) }
+
const pathVal = pathArr.join(delimiter)
diff --git a/deps/npm/node_modules/pacote/lib/git.js b/deps/npm/node_modules/pacote/lib/git.js
index 1fa8b1f96..a026bb50d 100644
--- a/deps/npm/node_modules/pacote/lib/git.js
+++ b/deps/npm/node_modules/pacote/lib/git.js
@@ -188,6 +188,24 @@ class GitFetcher extends Fetcher {
}
noPrepare.push(this.resolved)
+ if (process.env['NIX_NODEJS_BUILDNPMPACKAGE']) {
+ const spawn = require('@npmcli/promise-spawn')
+
+ const npmWithNixFlags = (args, cmd) => spawn('bash', ['-c', 'npm ' + args + ` $npm${cmd}Flags "$\{npm${cmd}FlagsArray[@]}" $npmFlags "$\{npmFlagsArray[@]}" || [ -n "$forceGitDeps" ]`], { cwd: dir, env: { ...process.env, _PACOTE_NO_PREPARE_: noPrepare.join('\n') } }, { message: `\`npm ${args}\` failed` })
+ const patchShebangs = () => spawn('bash', ['-c', 'source $stdenv/setup; patchShebangs node_modules'], { cwd: dir })
+
+ // the DirFetcher will do its own preparation to run the prepare scripts
+ // All we have to do is put the deps in place so that it can succeed.
+ //
+ // We ignore this.npmConfig to maintain an environment that's as close
+ // to the rest of the build as possible.
+ return spawn('bash', ['-c', '$prefetchNpmDeps --fixup-lockfile package-lock.json || [ -n "$forceGitDeps" ]'], { cwd: dir })
+ .then(() => npmWithNixFlags('ci --ignore-scripts', 'Install'))
+ .then(patchShebangs)
+ .then(() => npmWithNixFlags('rebuild', 'Rebuild'))
+ .then(patchShebangs)
+ }
+
// the DirFetcher will do its own preparation to run the prepare scripts
// All we have to do is put the deps in place so that it can succeed.
return npm(
diff --git a/deps/npm/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js b/deps/npm/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js
index 2ea66ac33..25e671318 100644
--- a/deps/npm/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js
+++ b/deps/npm/node_modules/@npmcli/arborist/lib/arborist/build-ideal-tree.js
@@ -740,7 +740,7 @@ This is a one-time fix-up, please be patient...
node.package = { ...mani, _id: `${mani.name}@${mani.version}` }
} catch (er) {
const warning = `Could not fetch metadata for ${name}@${id}`
- log.warn(heading, warning, er)
+ if (!process.env['NIX_NODEJS_BUILDNPMPACKAGE']) { log.warn(heading, warning, er) }
}
this.finishTracker(t)
})
diff --git a/deps/npm/node_modules/@npmcli/arborist/lib/arborist/load-actual.js b/deps/npm/node_modules/@npmcli/arborist/lib/arborist/load-actual.js
index 6c3f917c6..ec21d2cc4 100644
--- a/deps/npm/node_modules/@npmcli/arborist/lib/arborist/load-actual.js
+++ b/deps/npm/node_modules/@npmcli/arborist/lib/arborist/load-actual.js
@@ -147,7 +147,7 @@ module.exports = cls => class ActualLoader extends cls {
this[_actualTree].assertRootOverrides()
// if forceActual is set, don't even try the hidden lockfile
- if (!forceActual) {
+ if (!forceActual && !process.env['NIX_NODEJS_BUILDNPMPACKAGE']) {
// Note: hidden lockfile will be rejected if it's not the latest thing
// in the folder, or if any of the entries in the hidden lockfile are
// missing.

561
pkgs/development/web/nodejs/nodejs.nix Normal file
View File

@@ -0,0 +1,561 @@
{
lib,
stdenv,
fetchurl,
openssl,
python,
zlib,
libuv,
sqlite,
icu,
bash,
ninja,
pkgconf,
unixtools,
runCommand,
buildPackages,
testers,
# for `.pkgs` attribute
callPackage,
# Updater dependencies
writeScript,
coreutils,
gnugrep,
jq,
curl,
common-updater-scripts,
runtimeShell,
gnupg,
installShellFiles,
darwin,
}:
{
enableNpm ? true,
version,
sha256,
patches ? [ ],
}@args:
let
majorVersion = lib.versions.major version;
minorVersion = lib.versions.minor version;
pname = if enableNpm then "nodejs" else "nodejs-slim";
canExecute = stdenv.buildPlatform.canExecute stdenv.hostPlatform;
emulator = stdenv.hostPlatform.emulator buildPackages;
canEmulate = stdenv.hostPlatform.emulatorAvailable buildPackages;
buildNode = buildPackages."${pname}_${majorVersion}";
# See valid_os and valid_arch in configure.py.
destOS =
let
platform = stdenv.hostPlatform;
in
if platform.isiOS then
"ios"
else if platform.isAndroid then
"android"
else if platform.isWindows then
"win"
else if platform.isDarwin then
"mac"
else if platform.isLinux then
"linux"
else if platform.isOpenBSD then
"openbsd"
else if platform.isFreeBSD then
"freebsd"
else
throw "unsupported os ${platform.uname.system}";
destARMFPU =
let
platform = stdenv.hostPlatform;
in
if platform.isAarch32 && platform ? gcc.fpu then
lib.throwIfNot (builtins.elem platform.gcc.fpu [
"vfp"
"vfpv2"
"vfpv3"
"vfpv3-d16"
"neon"
]) "unsupported ARM FPU ${platform.gcc.fpu}" platform.gcc.fpu
else
null;
destARMFloatABI =
let
platform = stdenv.hostPlatform;
in
if platform.isAarch32 && platform ? gcc.float-abi then
lib.throwIfNot (builtins.elem platform.gcc.float-abi [
"soft"
"softfp"
"hard"
]) "unsupported ARM float ABI ${platform.gcc.float-abi}" platform.gcc.float-abi
else
null;
# TODO: also handle MIPS flags (mips_arch, mips_fpu, mips_float_abi).
useSharedSQLite = lib.versionAtLeast version "22.5";
sharedLibDeps = {
inherit openssl zlib libuv;
}
// (lib.optionalAttrs useSharedSQLite {
inherit sqlite;
});
copyLibHeaders = map (name: "${lib.getDev sharedLibDeps.${name}}/include/*") (
builtins.attrNames sharedLibDeps
);
# Currently stdenv sets CC/LD/AR/etc environment variables to program names
# instead of absolute paths. If we add cctools to nativeBuildInputs, that
# would shadow stdenvs bintools and potentially break other parts of the
# build. The correct behavior is to use absolute paths, and there is a PR for
# that, see https://github.com/NixOS/nixpkgs/pull/314920. As a temporary
# workaround, we use only a single program we need (and that is not part of
# the stdenv).
darwin-cctools-only-libtool =
# Would be nice to have onlyExe builder similar to onlyBin…
runCommand "darwin-cctools-only-libtool" { cctools = lib.getBin buildPackages.cctools; } ''
mkdir -p "$out/bin"
ln -s "$cctools/bin/libtool" "$out/bin/libtool"
'';
# a script which claims to be a different script but switches to simply touching its output
# when an environment variable is set. See CC_host, --cross-compiling, and postConfigure.
touchScript =
real:
writeScript "touch-script" ''
#!${stdenv.shell}
if [ -z "$FAKE_TOUCH" ]; then
exec "${real}" "$@"
fi
while [ "$#" != "0" ]; do
if [ "$1" == "-o" ]; then
shift
touch "$1"
fi
shift
done
'';
downloadDir = if lib.strings.hasInfix "-rc." version then "download/rc" else "dist";
package = stdenv.mkDerivation (
finalAttrs:
let
/**
the final package fixed point, after potential overrides
*/
self = finalAttrs.finalPackage;
in
{
inherit pname version;
src = fetchurl {
url = "https://nodejs.org/${downloadDir}/v${version}/node-v${version}.tar.xz";
inherit sha256;
};
strictDeps = true;
env = {
# Tell ninja to avoid ANSI sequences, otherwise we dont see build
# progress in Nix logs.
#
# Note: do not set TERM=dumb environment variable globally, it is used in
# test-ci-js test suite to skip tests that otherwise run fine.
NINJA = "TERM=dumb ninja";
}
// lib.optionalAttrs (!canExecute && !canEmulate) {
# these are used in the --cross-compiling case. see comment at postConfigure.
CC_host = touchScript "${buildPackages.stdenv.cc}/bin/cc";
CXX_host = touchScript "${buildPackages.stdenv.cc}/bin/c++";
AR_host = touchScript "${buildPackages.stdenv.cc}/bin/ar";
};
# NB: technically, we do not need bash in build inputs since all scripts are
# wrappers over the corresponding JS scripts. There are some packages though
# that use bash wrappers, e.g. polaris-web.
buildInputs = [
zlib
libuv
openssl
icu
bash
]
++ lib.optionals useSharedSQLite [ sqlite ];
nativeBuildInputs = [
installShellFiles
ninja
pkgconf
python
]
++ lib.optionals stdenv.buildPlatform.isDarwin [
# gyp checks `sysctl -n hw.memsize` if `sys.platform == "darwin"`.
unixtools.sysctl
]
++ lib.optionals stdenv.hostPlatform.isDarwin [
# For gyp-mac-tool if `flavor == "mac"`.
darwin-cctools-only-libtool
];
# We currently rely on Makefile and stdenv for build phases, so do not let
# ninjas setup hook to override default stdenv phases.
dontUseNinjaBuild = true;
dontUseNinjaCheck = true;
dontUseNinjaInstall = true;
outputs = [
"out"
"libv8"
]
++ lib.optionals (stdenv.hostPlatform == stdenv.buildPlatform) [ "dev" ];
setOutputFlags = false;
moveToDev = false;
configureFlags = [
"--ninja"
"--with-intl=system-icu"
"--openssl-use-def-ca-store"
# --cross-compiling flag enables use of CC_host et. al
(if canExecute || canEmulate then "--no-cross-compiling" else "--cross-compiling")
"--dest-os=${destOS}"
"--dest-cpu=${stdenv.hostPlatform.node.arch}"
]
++ lib.optionals (destARMFPU != null) [ "--with-arm-fpu=${destARMFPU}" ]
++ lib.optionals (destARMFloatABI != null) [ "--with-arm-float-abi=${destARMFloatABI}" ]
++ lib.optionals (!canExecute && canEmulate) [
# Node.js requires matching bitness between build and host platforms, e.g.
# for V8 startup snapshot builder (see tools/snapshot) and some other
# tools. We apply a patch that runs these tools using a host platform
# emulator and avoid cross-compiling altogether (from the build systems
# perspective).
"--emulator=${emulator}"
]
++ lib.optionals (lib.versionOlder version "19") [ "--without-dtrace" ]
++ lib.optionals (!enableNpm) [ "--without-npm" ]
++ lib.concatMap (name: [
"--shared-${name}"
"--shared-${name}-libpath=${lib.getLib sharedLibDeps.${name}}/lib"
/**
Closure notes: we explicitly avoid specifying --shared-*-includes,
as that would put the paths into bin/nodejs.
Including pkg-config in build inputs would also have the same effect!
FIXME: the statement above is outdated, we have to include pkg-config
in build inputs for system-icu.
*/
]) (builtins.attrNames sharedLibDeps);
configurePlatforms = [ ];
dontDisableStatic = true;
configureScript = writeScript "nodejs-configure" ''
exec ${python.executable} configure.py "$@"
'';
# In order to support unsupported cross configurations, we copy some intermediate executables
# from a native build and replace all the build-system tools with a script which simply touches
# its outfile. We have to indiana-jones-swap the build-system-targeted tools since they are
# tested for efficacy at configure time.
postConfigure = lib.optionalString (!canEmulate && !canExecute) ''
cp ${buildNode.dev}/bin/* out/Release
export FAKE_TOUCH=1
'';
enableParallelBuilding = true;
# Don't allow enabling content addressed conversion as `nodejs`
# checksums it's image before conversion happens and image loading
# breaks:
# $ nix build -f. nodejs --arg config '{ contentAddressedByDefault = true; }'
# $ ./result/bin/node
# Check failed: VerifyChecksum(blob).
__contentAddressed = false;
passthru.interpreterName = "nodejs";
passthru.pkgs = callPackage ../../node-packages/default.nix {
nodejs = self;
};
setupHook = ./setup-hook.sh;
pos = builtins.unsafeGetAttrPos "version" args;
inherit patches;
postPatch = lib.optionalString stdenv.hostPlatform.isDarwin ''
substituteInPlace test/parallel/test-macos-app-sandbox.js \
--subst-var-by codesign '${darwin.sigtool}/bin/codesign'
'';
__darwinAllowLocalNetworking = true; # for tests
doCheck = canExecute;
# See https://github.com/nodejs/node/issues/22006
enableParallelChecking = false;
# Some dependencies required for tools/doc/node_modules (and therefore
# test-addons, jstest and others) target are not included in the tarball.
# Run test targets that do not require network access.
checkTarget = lib.concatStringsSep " " (
[
"build-js-native-api-tests"
"build-node-api-tests"
"tooltest"
"cctest"
]
++ lib.optionals (!stdenv.buildPlatform.isDarwin || lib.versionAtLeast version "20") [
# There are some test failures on macOS before v20 that are not worth the
# time to debug for a version that would be eventually removed in less
# than a year (Node.js 18 will be EOL at 2025-04-30). Note that these
# failures are specific to Nix sandbox on macOS and should not affect
# actual functionality.
"test-ci-js"
]
);
checkFlags = [
# Do not create __pycache__ when running tests.
"PYTHONDONTWRITEBYTECODE=1"
]
++ lib.optionals (stdenv.buildPlatform.isDarwin && stdenv.buildPlatform.isx86_64) [
# Python 3.12 introduced a warning for calling `os.fork()` in a
# multithreaded program. For some reason, the Node.js
# `tools/pseudo-tty.py` program used for PTYrelated tests
# triggers this warning on Hydra, on `x86_64-darwin` only,
# despite not creating any threads itself. This causes the
# Node.js test runner to misinterpret the warnings as part of the
# test output and fail. It does not reproduce reliably off Hydra
# on Intel Macs, or occur on the `aarch64-darwin` builds.
#
# This seems likely to be related to Rosetta 2, but it could also
# be some strange x8664only threading behaviour of the Darwin
# system libraries, or a bug in CPython, or something else
# haunted about the Nixpkgs/Hydra build environment. We silence
# the warnings in the hope that closing our eyes will make the
# ghosts go away.
"PYTHONWARNINGS=ignore::DeprecationWarning"
]
++ lib.optionals (!stdenv.buildPlatform.isDarwin || lib.versionAtLeast version "20") [
"FLAKY_TESTS=skip"
# Skip some tests that are not passing in this context
"CI_SKIP_TESTS=${
lib.concatStringsSep "," (
[
# Tests don't work in sandbox.
"test-child-process-exec-env"
"test-child-process-uid-gid"
"test-fs-write-stream-eagain"
"test-process-euid-egid"
"test-process-initgroups"
"test-process-setgroups"
"test-process-uid-gid"
# This is a bit weird, but for some reason fs watch tests fail with
# sandbox.
"test-fs-promises-watch"
"test-fs-watch"
"test-fs-watch-encoding"
"test-fs-watch-non-recursive"
"test-fs-watch-recursive-add-file"
"test-fs-watch-recursive-add-file-to-existing-subfolder"
"test-fs-watch-recursive-add-file-to-new-folder"
"test-fs-watch-recursive-add-file-with-url"
"test-fs-watch-recursive-add-folder"
"test-fs-watch-recursive-assert-leaks"
"test-fs-watch-recursive-promise"
"test-fs-watch-recursive-symlink"
"test-fs-watch-recursive-sync-write"
"test-fs-watch-recursive-update-file"
"test-fs-watchfile"
"test-runner-run"
"test-runner-watch-mode"
"test-watch-mode-files_watcher"
]
++ lib.optionals (!lib.versionAtLeast version "22") [
"test-tls-multi-key"
]
++ lib.optionals stdenv.hostPlatform.is32bit [
# utime (actually utimensat) fails with EINVAL on 2038 timestamp
"test-fs-utimes-y2K38"
]
++ lib.optionals stdenv.buildPlatform.isDarwin [
# Disable tests that dont work under macOS sandbox.
# uv_os_setpriority returned EPERM (operation not permitted)
"test-os"
"test-os-process-priority"
# Debugger tests failing on macOS 15.4
"test-debugger-extract-function-name"
"test-debugger-random-port-with-inspect-port"
"test-debugger-launch"
"test-debugger-pid"
# Those are annoyingly flaky, but not enough to be marked as such upstream.
"test-wasi"
]
++ lib.optionals stdenv.hostPlatform.isMusl [
# Doesn't work in sandbox on x86_64.
"test-dns-set-default-order"
]
++ lib.optionals (stdenv.buildPlatform.isDarwin && stdenv.buildPlatform.isx86_64) [
# These tests fail on x86_64-darwin (even without sandbox).
# TODO: revisit at a later date.
"test-fs-readv"
"test-fs-readv-sync"
"test-vm-memleak"
# Those are annoyingly flaky, but not enough to be marked as such upstream.
"test-tick-processor-arguments"
"test-set-raw-mode-reset-signal"
]
# Those are annoyingly flaky, but not enough to be marked as such upstream.
++ lib.optional (majorVersion == "22") "test-child-process-stdout-flush-exit"
)
}"
];
sandboxProfile = ''
(allow file-read*
(literal "/Library/Keychains/System.keychain")
(literal "/private/var/db/mds/system/mdsDirectory.db")
(literal "/private/var/db/mds/system/mdsObject.db"))
; Allow files written by Module Directory Services (MDS), which is used
; by Security.framework: https://apple.stackexchange.com/a/411476
; These rules are based on the system sandbox profiles found in
; /System/Library/Sandbox/Profiles.
(allow file-write*
(regex #"^/private/var/folders/[^/]+/[^/]+/C/mds/mdsDirectory\.db$")
(regex #"^/private/var/folders/[^/]+/[^/]+/C/mds/mdsObject\.db_?$")
(regex #"^/private/var/folders/[^/]+/[^/]+/C/mds/mds\.lock$"))
(allow mach-lookup
(global-name "com.apple.FSEvents")
(global-name "com.apple.SecurityServer")
(global-name "com.apple.system.opendirectoryd.membership"))
'';
postInstall =
let
# nodejs_18 does not have node_js2c, and we don't want to rebuild the other ones
# FIXME: fix this cleanly in staging
tools =
if majorVersion == "18" then
"{bytecode_builtins_list_generator,mksnapshot,torque,gen-regexp-special-case}"
else
"{bytecode_builtins_list_generator,mksnapshot,torque,node_js2c,gen-regexp-special-case}";
in
lib.optionalString (stdenv.hostPlatform == stdenv.buildPlatform) ''
mkdir -p $dev/bin
cp out/Release/${tools} $dev/bin
''
+ ''
HOST_PATH=$out/bin patchShebangs --host $out
${lib.optionalString canExecute ''
$out/bin/node --completion-bash > node.bash
installShellCompletion node.bash
''}
${lib.optionalString enableNpm ''
mkdir -p $out/share/bash-completion/completions
ln -s $out/lib/node_modules/npm/lib/utils/completion.sh \
$out/share/bash-completion/completions/npm
for dir in "$out/lib/node_modules/npm/man/"*; do
mkdir -p $out/share/man/$(basename "$dir")
for page in "$dir"/*; do
ln -rs $page $out/share/man/$(basename "$dir")
done
done
''}
# install the missing headers for node-gyp
# TODO: use propagatedBuildInputs instead of copying headers.
cp -r ${lib.concatStringsSep " " copyLibHeaders} $out/include/node
# assemble a static v8 library and put it in the 'libv8' output
mkdir -p $libv8/lib
pushd out/Release/obj
find . -path "**/torque_*/**/*.o" -or -path "**/v8*/**/*.o" \
-and -not -name "torque.*" \
-and -not -name "mksnapshot.*" \
-and -not -name "gen-regexp-special-case.*" \
-and -not -name "bytecode_builtins_list_generator.*" \
| sort -u >files
test -s files # ensure that the list is not empty
$AR -cqs $libv8/lib/libv8.a @files
popd
# copy v8 headers
cp -r deps/v8/include $libv8/
# create a pkgconfig file for v8
major=$(grep V8_MAJOR_VERSION deps/v8/include/v8-version.h | cut -d ' ' -f 3)
minor=$(grep V8_MINOR_VERSION deps/v8/include/v8-version.h | cut -d ' ' -f 3)
patch=$(grep V8_PATCH_LEVEL deps/v8/include/v8-version.h | cut -d ' ' -f 3)
mkdir -p $libv8/lib/pkgconfig
cat > $libv8/lib/pkgconfig/v8.pc << EOF
Name: v8
Description: V8 JavaScript Engine
Version: $major.$minor.$patch
Libs: -L$libv8/lib -lv8 -pthread -licui18n -licuuc
Cflags: -I$libv8/include
EOF
''
+ lib.optionalString (stdenv.hostPlatform == stdenv.buildPlatform) ''
cp -r $out/include $dev/include
'';
passthru.tests = {
version = testers.testVersion {
package = self;
version = "v${lib.head (lib.strings.splitString "-rc." version)}";
};
};
passthru.updateScript = import ./update.nix {
inherit
writeScript
common-updater-scripts
coreutils
curl
fetchurl
gnugrep
gnupg
jq
runtimeShell
;
inherit lib;
inherit majorVersion;
};
meta = with lib; {
description = "Event-driven I/O framework for the V8 JavaScript engine";
homepage = "https://nodejs.org";
changelog = "https://github.com/nodejs/node/releases/tag/v${version}";
license = licenses.mit;
maintainers = with maintainers; [ aduh95 ];
platforms = platforms.linux ++ platforms.darwin ++ platforms.freebsd;
# This broken condition is likely too conservative. Feel free to loosen it if it works.
broken =
!canExecute && !canEmulate && (stdenv.buildPlatform.parsed.cpu != stdenv.hostPlatform.parsed.cpu);
mainProgram = "node";
knownVulnerabilities = optional (versionOlder version "18") "This NodeJS release has reached its end of life. See https://nodejs.org/en/about/releases/.";
};
passthru.python = python; # to ensure nodeEnv uses the same version
}
);
in
package

23
pkgs/development/web/nodejs/npm-patches.nix Normal file
View File

@@ -0,0 +1,23 @@
{ fetchpatch }:
[
# Makes `npm pack` obey `--foreground-scripts`
(fetchpatch {
name = "libnpmpack-obey-foreground-scripts.patch";
url = "https://github.com/npm/cli/commit/e4e8ae20aef9e27e57282e87e8757d5b364abb39.patch";
hash = "sha256-NQ8CZBfRqAOMe0Ysg3cq1FiferWKTzXC1QXgzX+f8OU=";
stripLen = 2;
extraPrefix = "deps/npm/node_modules/";
includes = [ "deps/npm/node_modules/libnpmpack/lib/index.js" ];
})
# Makes `npm pack` obey `--ignore-scripts`
(fetchpatch {
name = "libnpmpack-obey-ignore-scripts.patch";
url = "https://github.com/npm/cli/commit/a990c3c9a0e67f0a8b6454213675e159fe49432d.patch";
hash = "sha256-eA5YST9RxMMjk5FCwEbl1HQUpXZuwWZkx5WC4yJium8=";
stripLen = 2;
extraPrefix = "deps/npm/node_modules/";
includes = [ "deps/npm/node_modules/libnpmpack/lib/index.js" ];
})
]

5
pkgs/development/web/nodejs/setup-hook.sh Normal file
View File

@@ -0,0 +1,5 @@
addNodePath () {
addToSearchPath NODE_PATH "$1/lib/node_modules"
}
addEnvHooks "$hostOffset" addNodePath

52
pkgs/development/web/nodejs/update.nix Normal file
View File

@@ -0,0 +1,52 @@
{
lib,
writeScript,
common-updater-scripts,
coreutils,
curl,
fetchurl,
gnugrep,
gnupg,
jq,
majorVersion,
runtimeShell,
}:
let
rev = "901fc09b83c686693be51b3c9a13578929cbc1ab"; # should be the HEAD of nodejs/release-keys
pubring = fetchurl {
url = "https://github.com/nodejs/release-keys/raw/${rev}/gpg-only-active-keys/pubring.kbx";
hash = "sha256-r/thHVLDlMVRN3Ahr5Apivy+h2IuvPm4QhYFoAmms3E=";
};
in
writeScript "update-nodejs" ''
#!${runtimeShell}
set -e
set -o pipefail
PATH=${
lib.makeBinPath [
common-updater-scripts
coreutils
curl
gnugrep
gnupg
jq
]
}
version=`\
curl --silent https://api.github.com/repos/nodejs/node/git/refs/tags | \
jq -r '.[] | select(.ref | startswith("refs/tags/v${majorVersion}")) | .ref' | \
sort --version-sort | \
tail -1 | \
grep -oP "^refs/tags/v\K.*"`
hash_hex=`
curl --silent "https://nodejs.org/dist/v''${version}/SHASUMS256.txt.asc" | \
gpgv --keyring="${pubring}" --output - | \
grep -oP "^([0-9a-f]{64})(?=\s+node-v''${version}.tar.xz$)"`
update-source-version nodejs_${majorVersion} "''${version}" "''${hash_hex}"
''

17
pkgs/development/web/nodejs/use-correct-env-in-tests.patch Normal file
View File

@@ -0,0 +1,17 @@
`/usr/bin/env` is not available.
--- old/test/parallel/test-child-process-default-options.js
+++ new/test/parallel/test-child-process-default-options.js
@@ -35 +35 @@ if (isWindows) {
- child = spawn('/usr/bin/env', [], {});
+ child = spawn('env', [], {});
--- old/test/parallel/test-child-process-env.js
+++ new/test/parallel/test-child-process-env.js
@@ -51 +51 @@ if (isWindows) {
- child = spawn('/usr/bin/env', [], { env });
+ child = spawn('env', [], { env });
--- old/test/parallel/test-child-process-exec-env.js
+++ new/test/parallel/test-child-process-exec-env.js
@@ -47 +47 @@ if (!isWindows) {
- child = exec('/usr/bin/env', { env: { 'HELLO': 'WORLD' } }, after);
+ child = exec('env', { env: { 'HELLO': 'WORLD' } }, after);

18
pkgs/development/web/nodejs/use-nix-codesign.patch Normal file
View File

@@ -0,0 +1,18 @@
diff --git a/test/parallel/test-macos-app-sandbox.js b/test/parallel/test-macos-app-sandbox.js
index 60ad67b3db..b6ac0dcef4 100644
--- a/test/parallel/test-macos-app-sandbox.js
+++ b/test/parallel/test-macos-app-sandbox.js
@@ -45,11 +45,11 @@ fs.copyFileSync(
// Sign the app bundle with sandbox entitlements:
assert.strictEqual(
- child_process.spawnSync('/usr/bin/codesign', [
+ child_process.spawnSync('@codesign@', [
'--entitlements', fixtures.path(
'macos-app-sandbox', 'node_sandboxed.entitlements'),
'--force', '-s', '-',
- appBundlePath,
+ appExecutablePath,
]).status,
0);

58
pkgs/development/web/nodejs/v20.nix Normal file
View File

@@ -0,0 +1,58 @@
{
callPackage,
fetchpatch2,
openssl,
python3,
enableNpm ? true,
}:
let
buildNodejs = callPackage ./nodejs.nix {
inherit openssl;
python = python3;
};
gypPatches = callPackage ./gyp-patches.nix { } ++ [
# Fixes builds with Nix sandbox on Darwin for gyp.
# See https://github.com/NixOS/nixpkgs/issues/261820
# and https://github.com/nodejs/gyp-next/pull/216
(fetchpatch2 {
url = "https://github.com/nodejs/gyp-next/commit/706d04aba5bd18f311dc56f84720e99f64c73466.patch?full_index=1";
hash = "sha256-iV9qvj0meZkgRzFNur2v1jtLZahbqvSJ237NoM8pPZc=";
stripLen = 1;
extraPrefix = "tools/gyp/";
})
(fetchpatch2 {
url = "https://github.com/nodejs/gyp-next/commit/706d04aba5bd18f311dc56f84720e99f64c73466.patch?full_index=1";
hash = "sha256-1iyeeAprmWpmLafvOOXW45iZ4jWFSloWJxQ0reAKBOo=";
stripLen = 1;
extraPrefix = "deps/npm/node_modules/node-gyp/gyp/";
})
./gyp-patches-pre-v22-import-sys.patch
];
in
buildNodejs {
inherit enableNpm;
version = "20.19.5";
sha256 = "230c899f4e2489c4b8d2232edd6cc02f384fb2397c2a246a22e415837ee5da51";
patches = [
./configure-emulator.patch
./configure-armv6-vfpv2.patch
./node-npm-build-npm-package-logic.patch
./use-correct-env-in-tests.patch
./use-nix-codesign.patch
# TODO: remove when included in a release
(fetchpatch2 {
url = "https://github.com/nodejs/node/commit/8caa1dcee63b2c6fd7a9edf9b9a6222b38a2cf62.patch?full_index=1";
hash = "sha256-DtN0bpYfo5twHz2GrLLgq4Bu2gFYTkNPMRKhrgeYRyA=";
includes = [ "test/parallel/test-setproctitle.js" ];
})
(fetchpatch2 {
url = "https://github.com/nodejs/node/commit/499a5c345165f0d4a94b98d08f1ace7268781564.patch?full_index=1";
hash = "sha256-wF4+CytC1OB5egJGOfLm1USsYY12f9kADymVrxotezE=";
})
]
++ gypPatches;
}

63
pkgs/development/web/nodejs/v22.nix Normal file
View File

@@ -0,0 +1,63 @@
{
lib,
stdenv,
buildPackages,
callPackage,
fetchpatch2,
openssl,
python3,
enableNpm ? true,
}:
let
buildNodejs = callPackage ./nodejs.nix {
inherit openssl;
python = python3;
};
gypPatches = if stdenv.buildPlatform.isDarwin then callPackage ./gyp-patches.nix { } else [ ];
in
buildNodejs {
inherit enableNpm;
version = "22.19.0";
sha256 = "0272acfce50ce9ad060288321b1092719a7f19966f81419835410c59c09daa46";
patches =
(
if (stdenv.hostPlatform.emulatorAvailable buildPackages) then
[
./configure-emulator.patch
]
else
[
(fetchpatch2 {
url = "https://raw.githubusercontent.com/buildroot/buildroot/2f0c31bffdb59fb224387e35134a6d5e09a81d57/package/nodejs/nodejs-src/0003-include-obj-name-in-shared-intermediate.patch";
hash = "sha256-3g4aS+NmmUYNOYRNc6UMJKYoaTlpP5Knt9UHegx+o0Y=";
})
]
)
++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform && stdenv.hostPlatform.isFreeBSD) [
# This patch is concerning.
# https://github.com/nodejs/node/issues/54576
# It is only supposed to affect clang >= 17, but I'm seeing it on clang 19.
# I'm keeping the predicate for this patch pretty strict out of caution,
# so if you see the error it's supposed to prevent, feel free to loosen it.
(fetchpatch2 {
url = "https://raw.githubusercontent.com/rubyjs/libv8-node/62476a398d4c9c1a670240a3b070d69544be3761/patch/v8-no-assert-trivially-copyable.patch";
hash = "sha256-hSTLljmVzYmc3WAVeRq9EPYluXGXFeWVXkykufGQPVw=";
})
]
++ gypPatches
++ [
./configure-armv6-vfpv2.patch
./node-npm-build-npm-package-logic.patch
./use-correct-env-in-tests.patch
./bin-sh-node-run-v22.patch
./use-nix-codesign.patch
# TODO: remove when included in a release
(fetchpatch2 {
url = "https://github.com/nodejs/node/commit/499a5c345165f0d4a94b98d08f1ace7268781564.patch?full_index=1";
hash = "sha256-wF4+CytC1OB5egJGOfLm1USsYY12f9kADymVrxotezE=";
})
];
}

69
pkgs/development/web/nodejs/v24.nix Normal file
View File

@@ -0,0 +1,69 @@
{
lib,
stdenv,
buildPackages,
callPackage,
fetchpatch2,
openssl,
python3,
enableNpm ? true,
}:
let
buildNodejs = callPackage ./nodejs.nix {
inherit openssl;
python = python3;
};
gypPatches =
if stdenv.buildPlatform.isDarwin then
callPackage ./gyp-patches.nix { patch_tools = false; }
else
[ ];
in
buildNodejs {
inherit enableNpm;
version = "24.9.0";
sha256 = "f17bc4cb01f59098c34a288c1bb109a778867c14eeb0ebbd608d0617b1193bbf";
patches =
(
if (stdenv.hostPlatform.emulatorAvailable buildPackages) then
[
./configure-emulator.patch
]
else
[
(fetchpatch2 {
url = "https://raw.githubusercontent.com/buildroot/buildroot/2f0c31bffdb59fb224387e35134a6d5e09a81d57/package/nodejs/nodejs-src/0003-include-obj-name-in-shared-intermediate.patch";
hash = "sha256-3g4aS+NmmUYNOYRNc6UMJKYoaTlpP5Knt9UHegx+o0Y=";
})
]
)
++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform && stdenv.hostPlatform.isFreeBSD) [
# This patch is concerning.
# https://github.com/nodejs/node/issues/54576
# It is only supposed to affect clang >= 17, but I'm seeing it on clang 19.
# I'm keeping the predicate for this patch pretty strict out of caution,
# so if you see the error it's supposed to prevent, feel free to loosen it.
(fetchpatch2 {
url = "https://raw.githubusercontent.com/rubyjs/libv8-node/62476a398d4c9c1a670240a3b070d69544be3761/patch/v8-no-assert-trivially-copyable.patch";
hash = "sha256-hSTLljmVzYmc3WAVeRq9EPYluXGXFeWVXkykufGQPVw=";
})
]
++ [
./configure-armv6-vfpv2.patch
./node-npm-build-npm-package-logic.patch
./use-correct-env-in-tests.patch
./bin-sh-node-run-v22.patch
./use-nix-codesign.patch
]
++ gypPatches
++ lib.optionals (!stdenv.buildPlatform.isDarwin) [
# test-icu-env is failing without the reverts
(fetchpatch2 {
url = "https://github.com/nodejs/node/commit/869d0cbca3b0b5e594b3254869a34d549664e089.patch?full_index=1";
hash = "sha256-BBBShQwU20TSY8GtPehQ9i3AH4ZKUGIr8O0bRsgrpNo=";
revert = true;
})
];
}