Nodejs/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2024-11-21 10:59:27 +00:00
Code Issues Actions 25 Packages Projects Releases Wiki Activity

tools: use latest upstream commit for zlib updates

Browse Source 
Zlib rarely gets new tags or releases, so now we use the latest commit
on the upstream default branch to check if an update is available.

Refs: https://github.com/nodejs/security-wg/issues/973
PR-URL: https://github.com/nodejs/node/pull/48054
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
This commit is contained in:
Andrea Fassina 2023-05-18 00:36:45 +02:00 committed by Antoine du Hamel
parent 817c5799e2
commit 860d7e3906
No known key found for this signature in database
GPG Key ID: 21D900FFDB233756
1 changed files with 29 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
tools/dep_updaters/update-zlib.sh
View File

@ -1,23 +1,46 @@
#!/bin/sh
set -e
# Shell script to update zlib in the source tree to a specific version
# Shell script to update zlib in the source tree to the most recent version.
# Zlib rarely creates tags or releases, so we use the latest commit on the main branch.
# See: https://github.com/nodejs/node/pull/47417
BASE_DIR=$(cd "$(dirname "$0")/../.." && pwd)
DEPS_DIR="$BASE_DIR/deps"
CURRENT_VERSION=$(grep "#define ZLIB_VERSION" "$DEPS_DIR/zlib/zlib.h" | sed -n "s/^.*VERSION \"\(.*\)\"/\1/p")
echo "Comparing latest upstream with current revision"
NEW_VERSION_ZLIB_H=$(curl -s "https://chromium.googlesource.com/chromium/src/+/refs/heads/main/third_party/zlib/zlib.h?format=TEXT" | base64 --decode)
git fetch https://chromium.googlesource.com/chromium/src/third_party/zlib.git HEAD
NEW_VERSION=$(printf '%s' "$NEW_VERSION_ZLIB_H" | grep "#define ZLIB_VERSION" | sed -n "s/^.*VERSION \"\(.*\)\"/\1/p")
# Revert zconf.h changes before checking diff
perl -i -pe 's|^//#include "chromeconf.h"|#include "chromeconf.h"|' "$DEPS_DIR/zlib/zconf.h"
git stash -- "$DEPS_DIR/zlib/zconf.h"
echo "Comparing $NEW_VERSION with $CURRENT_VERSION"
DIFF_TREE=$(git diff --diff-filter=d 'stash@{0}:deps/zlib' FETCH_HEAD)
if [ "$NEW_VERSION" = "$CURRENT_VERSION" ]; then
git stash drop
if [ -z "$DIFF_TREE" ]; then
echo "Skipped because zlib is on the latest version."
exit 0
fi
# This is a rather arbitrary restriction. This script is assumed to run on
# Sunday, shortly after midnight UTC. This check thus prevents pulling in the
# most recent commits if any changes were made on Friday or Saturday (UTC).
# We don't want to pull in a commit that was just pushed, and instead rather
# wait for the next week's update. If no commits have been pushed in the last
# two days, we assume that the most recent commit is stable enough to be
# pulled in.
LAST_CHANGE_DATE=$(git log -1 --format=%ct FETCH_HEAD)
TWO_DAYS_AGO=$(date -d 'now - 2 days' '+%s')
if [ "$LAST_CHANGE_DATE" -gt "$TWO_DAYS_AGO" ]; then
echo "Skipped because the latest version is too recent."
exit 0
fi
NEW_VERSION=$(git rev-parse --short=7 FETCH_HEAD)
echo "Making temporary workspace..."
WORKSPACE=$(mktemp -d 2> /dev/null || mktemp -d -t 'tmp')