On 09/08/2016 01:27 PM, Stephen Gallagher wrote: > On 08/22/2016 11:23 AM, Stephen Gallagher wrote: >> >> OK, as we stated before, we really need to get Node.js 6.x into the >> updates-testing repository soon. We mentioned that we wanted it to sit there for >> at least a month before we cut over, and "at least a month" means "by next week" >> since the cut over is planned for 2016-10-01. >> >> I'm putting together a COPR right now as a first pass at this upgrade: >> >> https://copr.fedorainfracloud.org/coprs/g/nodejs-sig/nodejs-epel/ >> >> I've run into the following blocker issues: >> >> * We cannot jump to 6.x in EPEL 6 easily at this time, because upstream strictly >> requires GCC 4.8 or later and we only have 4.4 in EPEL 6. It might be possible >> to resolve this with SCLs, but I am no expert there. Zuzana? >> >> * Node.js 4.x and 6.x both *strictly* require functionality from OpenSSL 1.0.2 >> and cannot run (or indeed build) against OpenSSL 1.0.1. Currently, both EPEL 6 >> and EPEL 7 have 1.0.1 in their buildroots. I am not aware of any solution (SCL >> or otherwise) for linking EPEL to a newer version of OpenSSL. >> >> The OpenSSL 1.0.2 problem is a significant one; we cannot build against the >> bundled copy of OpenSSL because it includes patented algorithms that are not >> acceptable for inclusion in Fedora. We also cannot trivially backport Fedora's >> OpenSSL 1.0.2 packages because EPEL forbids upgrading packages provided by the >> base RHEL/CentOS repositories. >> >> >> Right now, the only thing I can think of would be for someone to build a >> parallel-installable OpenSSL 1.0.2 package for EPEL 6 and EPEL 7 (similar to the >> openssl101e package available for EPEL 5) and patch our specfile to be able to >> work with that instead. >> >> This is a task I'm not anxious to embark upon personally; there is too much >> overhead in maintaining a fork of OpenSSL to make me comfortable. >> >> How shall we proceed? >> Thanks to a lot of help from Haikel Guemar, I now have working builds of Node.js 6.5.0 against EPEL 7. His team was able to write adapt a patch that Solaris folks wrote to work against OpenSSL 1.0.1. I have put them up in a COPR[1] and also am running a build in the official EPEL 7 branch which I will get into updates-testing ASAP. This *is* a world-breaking change. There have been numerous backwards-incompatible changes since Node.js 0.10.x, so testing will be imperative. Reminder: Node.js 0.10.x hits EOL on 2016-10-01, so there is no hanging on to the old version. [1] https://copr.fedorainfracloud.org/coprs/g/nodejs-sig/nodejs-epel/
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ epel-devel mailing list epel-devel@xxxxxxxxxxxxxxxxxxxxxxx https://lists.fedoraproject.org/admin/lists/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
