jlicht@fsfe.org writes: > From: Jelle Licht > > * gnu/packages/node.scm (node-lts): Update to 18.18.2. > [arguments]: Add 'install-node-gyp-wrapper phase. > > Change-Id: I6b17de33313505558a8fa9560126adef486fd0e3 > --- > I tried my hand at introducing a small wrapper script that works around the > node-gyp regression introduced in the version of npm bundled with node 18.18.2. > > It's not quite clear yet whether upstream considers this a regression that > will still be fixed or just behaviour that be kept as-is going forward. > > This patch series also leaves Node vulnerable to a recently reported CVE in > many HTTP2 server implementations, such as nghttp2, but I believe this can be > addressed by https://issues.guix.gnu.org/issue/66658 > > Changes in v2: > - Re-bump from 18.18.0 to 18.18.2 > - Fix 'node-gyp' regression. > > gnu/packages/node.scm | 25 ++++++++++++++++++++++--- > 1 file changed, 22 insertions(+), 3 deletions(-) Looking at QA, there seems to be some issues on aarch64-linux. The build logs do differ between the failed builds, so I've submitted a few more.