Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1516860 - nodejs: Builds against compat-openssl10-devel which will be removed
Summary: nodejs: Builds against compat-openssl10-devel which will be removed
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: nodejs
Version: 28
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: NodeJS Packaging SIG
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: 1383740
TreeView+ depends on / blocked
 
Reported: 2017-11-23 12:57 UTC by Tomas Mraz
Modified: 2018-06-04 08:50 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-06-01 11:58:16 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Tomas Mraz 2017-11-23 12:57:55 UTC 
The package currently depends on compat-openssl10-devel which will be removed. It needs to be ported to OpenSSL 1.1 API and built against regular openssl-devel package.

If you need help with porting the package feel free to contact me.
Comment 1 Stephen Gallagher 2017-11-27 13:42:24 UTC 
(In reply to Tomas Mraz from comment #0)
> The package currently depends on compat-openssl10-devel which will be
> removed. It needs to be ported to OpenSSL 1.1 API and built against regular
> openssl-devel package.
> 
> If you need help with porting the package feel free to contact me.

This *cannot* happen. We need this to remain for F27 (but we can drop it in F28).

The reason is that Node.js upstream has only added support for OpenSSL 1.1 as of version 9.x. However, 9.x will be EOL before Fedora 28 is (it ends all support in July 2018). There has also been a long and involved upstream discussion about this support[1] and why it had to wait until 9.x. As a result, we need to continue to carry Node.js 8.x in Fedora until Fedora 29.

In May 2018, Node.js will release version 10.x which we will carry in F29 and F30, which supports OpenSSL 1.1.

In short, please don't remove compat-openssl10-devel in Fedora 28, as it will force us to be unable to ship Node.js in that release. This is a critical piece of software.

Also, changes of this magnitude really need to go through the https://fedoraproject.org/wiki/Mass_package_changes process, which this did not. In particular, there was no gaining of consensus. Also, a change like this probably should go to FESCo via the Change Process, since it affects a huge amount of software.

[1] https://github.com/nodejs/node/issues/4270
Comment 2 Tomas Mraz 2017-11-27 15:24:23 UTC 
I did not say when it will be removed. I just said it will be at some point.
Comment 5 Fedora End Of Life 2018-02-20 15:23:57 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora 28 development cycle.
Changing version to '28'.
Comment 7 Stephen Gallagher 2018-06-01 11:58:16 UTC 
Node.js 10.x (slated to be default in Fedora 29) has upstream support for OpenSSL 1.1.
Comment 8 Zuzana Svetlikova 2018-06-04 08:50:40 UTC 
Node.js v8.x is compatible with both versions of openssl
Note You need to log in before you can comment on or make changes to this bug.