Nodejs/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2024-11-21 10:59:27 +00:00
Code Issues Actions 25 Packages Projects Releases Wiki Activity
0304da22d3
node/tools/dep_updaters
History
Marco Ippolito 0304da22d3
tools: change minimatch install strategy 
PR-URL: https://github.com/nodejs/node/pull/50476
Refs: https://github.com/nodejs/security-wg/issues/1037
Reviewed-By: James M Snell <jasnell@gmail.com>
2023-11-13 08:32:30 +00:00
..
README.md doc: fix broken link to new folder doc/contributing/maintaining 2023-05-28 21:28:19 +02:00
update-acorn-walk.sh tools: improve update acorn-walk script 2023-11-05 09:43:08 +00:00
update-acorn.sh tools: improve update acorn-walk script 2023-11-05 09:43:08 +00:00
update-ada.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00
update-base64.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00
update-brotli.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00
update-c-ares.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00
update-cjs-module-lexer.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00
update-eslint.sh esm: use import attributes instead of import assertions 2023-10-14 03:52:38 +00:00
update-github-reporter.sh tools: add @reporters/github to tools 2023-08-15 07:16:51 +00:00
update-googletest.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00
update-histogram.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00
update-icu.sh tools: compare ICU checksums before file changes 2023-11-06 11:21:49 +00:00
update-libuv.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00
update-llhttp.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00
update-minimatch.sh tools: change minimatch install strategy 2023-11-13 08:32:30 +00:00
update-nghttp2.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00
update-nghttp3.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00
update-ngtcp2.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00
update-npm.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00
update-openssl.sh tools: automate update openssl v16 2023-06-19 12:53:09 +00:00
update-postject.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00
update-root-certs.mjs tools: fix updating root certificates 2023-04-21 02:14:00 +00:00
update-simdutf.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00
update-undici.sh tools: update comment in update-uncidi.sh and acorn_version.h 2023-10-15 22:28:23 +02:00
update-uvwasi.sh tools: fix uvwasi updater 2023-09-19 08:15:23 +00:00
update-v8-patch.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00
update-zlib.sh src: add commit hash shorthand in zlib version 2023-10-23 17:22:16 +00:00
utils.sh tools: add version update to external dependencies 2023-06-06 09:07:34 +00:00

README.md

Dependency update scripts

This folder contains scripts used to automatically update a Node.js dependency. These scripts are usually run by CI (see .github/workflows/tools.yml) in order to download a new dependency version, and replace the old version with it.

Since these scripts only update to the upstream code, changes might be needed in this repository in order to successfully update (e.g: changing API calls to conform to upstream changes, updating GYP build files, etc.)

libuv

The update-libuv.sh script takes the target version to update as its only argument, downloads it from the GitHub repo and uses it to replace the contents of deps/uv/. The contents are replaced entirely except for the *.gyp and *.gypi build files, which are part of the Node.js build definitions and are not present in the upstream repo.

For example, in order to update to version 1.44.2, the following command can be run:

./tools/dep_updaters/update-libuv.sh 1.44.2

Once the script has run (either manually, or by CI in which case a PR will have been created with the changes), do the following:

  1. Check the changelog for things that might require changes in Node.js.
  2. If necessary, update common.gypi and uv.gyp with build-related changes.
  3. Check that Node.js compiles without errors and the tests pass.
  4. Create a commit for the update and in the commit message include the important/relevant items from the changelog (see c61870c for an example).

simdutf

The update-simdutf.sh script takes the target version to update as its only argument, downloads it from the GitHub repo and uses it to replace the contents of deps/simdutf/. The contents are replaced entirely except for the *.gyp and *.gypi build files, which are part of the Node.js build definitions and are not present in the upstream repo.

For example, in order to update to version 2.0.7, the following command can be run:

./tools/dep_updaters/update-simdutf.sh 2.0.7

Once the script has run (either manually, or by CI in which case a PR will have been created with the changes), do the following:

  1. Check the changelog for things that might require changes in Node.js.
  2. If necessary, update simdutf.gyp with build-related changes.
  3. Check that Node.js compiles without errors and the tests pass.
  4. Create a commit for the update and in the commit message include the important/relevant items from the changelog.

OpenSSL

The update-openssl.sh script automates the steps described in maintaining-openssl.md. The main difference is that the script downloads the release tarball from GitHub, instead of cloning the repo and using that as the source code. This is useful since the release tarball does not include development-specific files and directories (e.g the .github folder).

The script has to be run in two steps. The first one (using the download sub-command) replaces the OpenSSL source code with the new version. The second one (using the regenerate sub-command) regenerates the platform-specific files. This makes it easier to create two separate git commits, making the git history more descriptive.

For example, in order to update to version 3.0.7+quic1, the following commands should be run:

./tools/dep_updaters/update-openssl.sh download 3.0.7+quic1
git add -A deps/openssl/openssl
git commit -m "deps: upgrade openssl sources to quictls/openssl-3.0.7+quic1"

./tools/dep_updaters/update-openssl.sh regenerate 3.0.7+quic1
git add -A deps/openssl/config/archs deps/openssl/openssl
git commit -m "deps: update archs files for openssl"

Once the script has run (either manually, or by CI in which case a PR will have been created with the changes), do the following:

  1. Check the CHANGES.md file in the repo for things that might require changes in Node.js.
  2. Check the diffs to ensure the changes are right. Even if there are no changes in the source, buildinf.h files will be updated because they have timestamp data in them.
  3. Check that Node.js compiles without errors and the tests pass.
  4. Create a commit for the update and in the commit message include the important/relevant items from the changelog.

postject

The update-postject.sh script downloads postject from the npm package and uses it to replace the contents of test/fixtures/postject-copy.

In order to update, the following command can be run:

./tools/dep_updaters/update-postject.sh

Once the script has run (either manually, or by CI in which case a PR will have been created with the changes), do the following:

  1. Check the changelog for things that might require changes in Node.js.
  2. Check that Node.js compiles without errors and the tests pass.
  3. Create a commit for the update and in the commit message include the important/relevant items from the changelog.