diff --git a/main/nodejs/APKBUILD b/main/nodejs/APKBUILD
index 27c4ef2c969060157bf5b26c4a8b2d783cd8b3aa..b510d575eedbad942631afabd87bc442bf9a1d65 100644
--- a/main/nodejs/APKBUILD
+++ b/main/nodejs/APKBUILD
@@ -7,8 +7,8 @@
pkgname=nodejs
# Note: Update only to even-numbered versions (e.g. 6.y.z, 8.y.z)!
# Odd-numbered versions are supported only for 9 months by upstream.
-pkgver=22.11.0
-pkgrel=2
+pkgver=22.13.1
+pkgrel=0
pkgdesc="JavaScript runtime built on V8 engine - LTS version"
url="https://nodejs.org/"
arch="all"
@@ -40,9 +40,6 @@ provider_priority=100 # highest priority (other provider is nodejs-current)
provides="nodejs-lts=$pkgver-r$pkgrel" # for backward compatibility
replaces="nodejs-current nodejs-lts" # nodejs-lts for backward compatibility
source="https://nodejs.org/dist/v$pkgver/node-v$pkgver.tar.gz
- unbundle-sqlite.patch
- unbundle-ada-simdjson-simdutf.patch
- disable-running-gyp-on-shared-deps.patch
ncrypto-include-openssl-rand.h.patch
v8-ppc64le-compat.patch
v8-riscv-trap-handler.patch
@@ -53,6 +50,11 @@ source="https://nodejs.org/dist/v$pkgver/node-v$pkgver.tar.gz
builddir="$srcdir/node-v$pkgver"
# secfixes:
+# 22.13.1-r0:
+# - CVE-2025-23083
+# - CVE-2025-23085
+# - CVE-2025-23085
+# - CVE-2025-22150
# 20.15.1-r0:
# - CVE-2024-22018
# - CVE-2024-22020
@@ -293,10 +295,7 @@ dev() {
}
sha512sums="
-e70d388ff190dc6753823e3f9591b05f25bc5d0420d60e9e1bdbefa63df710a52f86bcabf5dccbc29f1b0cfadaf2074412b9612b6ca86cbcb308b1b3aad2a64e node-v22.11.0.tar.gz
-0809cc9cce39985c98757165bc0441e0751de085e80c6f16dbb5ef619f8cb8ec02fd1333f8e183f6ca1826ae79149f2f201bfa500f39fc868b6afdeb0d6f9e2f unbundle-sqlite.patch
-477d2e83035eb991a09811e067f0016eccdc51ed8ba7f348accd7e8ef2e4475ddb11ea8310b9fcd845737f03a1c5d49e961fde718f417d99da1ef4b5b747cb3a unbundle-ada-simdjson-simdutf.patch
-9c73f3c25dd43b436cbb6e493c24022199232bf295ab3fd238c98c5def062b2ce0243dceb5362cc2bfcfa423686cd80b75bf1b7af850faec3edd0d638bb3e12f disable-running-gyp-on-shared-deps.patch
+d4b9c4203ea7b77be98143d733c593267764d450bd70a60e5a621a8914015195cab48c329623d8e8cb05b79046fb548181c768005135f49843ee9e507d526659 node-v22.13.1.tar.gz
784e692513b9d7d45dce82ac047415b76227770ed5231c57f8ccfb6ae148332cac82a3d8539c33247eeb041cd8d23331fed8dba7c35fad07f6aec6a440b89040 ncrypto-include-openssl-rand.h.patch
37dc38704eae165e6940393c08bb182120dcec119739bda4961706f3aa955bf9669c371bcfa0317269f8f08e01d4c6c204f2c595d583d649433a659a44113bfb v8-ppc64le-compat.patch
37955e69b0548b582a3877df05361d0d5f342f7c0d84b58f2772e8601cd9d6f702f4a016a51023b80dc187b81a0143a5a78e7462f85a7bc7f2474f6c8b5e5fe4 v8-riscv-trap-handler.patch
diff --git a/main/nodejs/disable-running-gyp-on-shared-deps.patch b/main/nodejs/disable-running-gyp-on-shared-deps.patch
deleted file mode 100644
index 92645c5988e83022253471fb19cb685db4940fb5..0000000000000000000000000000000000000000
--- a/main/nodejs/disable-running-gyp-on-shared-deps.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-From: Jakub Jirutka <jakub@jirutka.cz>
-Date: Sat, 26 Nov 2016 01:32:00 +0200
-Subject: Disable running gyp on shared deps
-
-Author: Stephen Gallagher <sgallagh@redhat.com>
-
-Modified 2016-11-26 by Jakub Jirutka <jakub@jirutka.cz> to update for
-Node.js 7.2.0
-
---- a/Makefile
-+++ b/Makefile
-@@ -173,8 +173,8 @@
- $(warning '$@' target is a noop)
-
- out/Makefile: config.gypi common.gypi common_node.gypi node.gyp \
-- deps/uv/uv.gyp deps/llhttp/llhttp.gyp deps/zlib/zlib.gyp \
-- deps/simdutf/simdutf.gyp deps/ada/ada.gyp deps/nbytes/nbytes.gyp \
-+ deps/uv/uv.gyp deps/llhttp/llhttp.gyp \
-+ deps/nbytes/nbytes.gyp \
- tools/v8_gypfiles/toolchain.gypi \
- tools/v8_gypfiles/features.gypi \
- tools/v8_gypfiles/inspector.gypi tools/v8_gypfiles/v8.gyp
diff --git a/main/nodejs/unbundle-ada-simdjson-simdutf.patch b/main/nodejs/unbundle-ada-simdjson-simdutf.patch
deleted file mode 100644
index 45ff899131716099006ab8fabf9945faf8c04935..0000000000000000000000000000000000000000
--- a/main/nodejs/unbundle-ada-simdjson-simdutf.patch
+++ /dev/null
@@ -1,96 +0,0 @@
-Patch-Source: https://github.com/nodejs/node/pull/55886
-
-diff --git a/node.gyp b/node.gyp
-index 5b5b2b7c1c..ae21978922 100644
---- a/node.gyp
-+++ b/node.gyp
-@@ -849,9 +849,6 @@
- 'dependencies': [
- 'deps/googletest/googletest.gyp:gtest_prod',
- 'deps/histogram/histogram.gyp:histogram',
-- 'deps/simdjson/simdjson.gyp:simdjson',
-- 'deps/simdutf/simdutf.gyp:simdutf',
-- 'deps/ada/ada.gyp:ada',
- 'deps/nbytes/nbytes.gyp:nbytes',
- 'node_js2c#host',
- ],
-@@ -1125,7 +1122,6 @@
- 'deps/googletest/googletest.gyp:gtest_prod',
- 'deps/histogram/histogram.gyp:histogram',
- 'deps/uvwasi/uvwasi.gyp:uvwasi',
-- 'deps/ada/ada.gyp:ada',
- 'deps/nbytes/nbytes.gyp:nbytes',
- ],
- 'includes': [
-@@ -1172,9 +1168,6 @@
- 'deps/googletest/googletest.gyp:gtest',
- 'deps/googletest/googletest.gyp:gtest_main',
- 'deps/histogram/histogram.gyp:histogram',
-- 'deps/simdjson/simdjson.gyp:simdjson',
-- 'deps/simdutf/simdutf.gyp:simdutf',
-- 'deps/ada/ada.gyp:ada',
- 'deps/nbytes/nbytes.gyp:nbytes',
- ],
-
-@@ -1252,7 +1245,6 @@
- 'dependencies': [
- '<(node_lib_target_name)',
- 'deps/histogram/histogram.gyp:histogram',
-- 'deps/ada/ada.gyp:ada',
- 'deps/nbytes/nbytes.gyp:nbytes',
- ],
-
-@@ -1327,9 +1319,6 @@
- 'target_name': 'node_js2c',
- 'type': 'executable',
- 'toolsets': ['host'],
-- 'dependencies': [
-- 'deps/simdutf/simdutf.gyp:simdutf#host',
-- ],
- 'include_dirs': [
- 'tools',
- 'src',
-@@ -1341,6 +1330,9 @@
- 'src/embedded_data.cc',
- ],
- 'conditions': [
-+ [ 'node_shared_simdutf=="false"', {
-+ 'dependencies': [ 'deps/simdutf/simdutf.gyp:simdutf#host' ],
-+ }],
- [ 'node_shared_libuv=="false"', {
- 'dependencies': [ 'deps/uv/uv.gyp:libuv#host' ],
- }],
-@@ -1366,10 +1358,7 @@
- 'dependencies': [
- '<(node_lib_target_name)',
- 'deps/histogram/histogram.gyp:histogram',
-- 'deps/ada/ada.gyp:ada',
- 'deps/nbytes/nbytes.gyp:nbytes',
-- 'deps/simdjson/simdjson.gyp:simdjson',
-- 'deps/simdutf/simdutf.gyp:simdutf',
- ],
-
- 'includes': [
-diff --git a/node.gypi b/node.gypi
-index 9c989022a9..c61e9b170a 100644
---- a/node.gypi
-+++ b/node.gypi
-@@ -212,6 +212,18 @@
- 'dependencies': [ 'deps/nghttp2/nghttp2.gyp:nghttp2' ],
- }],
-
-+ [ 'node_shared_ada=="false"', {
-+ 'dependencies': [ 'deps/ada/ada.gyp:ada' ],
-+ }],
-+
-+ [ 'node_shared_simdjson=="false"', {
-+ 'dependencies': [ 'deps/simdjson/simdjson.gyp:simdjson' ],
-+ }],
-+
-+ [ 'node_shared_simdutf=="false"', {
-+ 'dependencies': [ 'deps/simdutf/simdutf.gyp:simdutf' ],
-+ }],
-+
- [ 'node_shared_brotli=="false"', {
- 'dependencies': [ 'deps/brotli/brotli.gyp:brotli' ],
- }],
diff --git a/main/nodejs/unbundle-sqlite.patch b/main/nodejs/unbundle-sqlite.patch
deleted file mode 100644
index b52de6ebfb77bec13868588fbc763abd189d7685..0000000000000000000000000000000000000000
--- a/main/nodejs/unbundle-sqlite.patch
+++ /dev/null
@@ -1,120 +0,0 @@
-Patch-Source: https://github.com/nodejs/node/commit/e92446536ed4e268c9eef6ae6f911e384c98eecf (backported)
---
-From e92446536ed4e268c9eef6ae6f911e384c98eecf Mon Sep 17 00:00:00 2001
-From: Richard Lau <rlau@redhat.com>
-Date: Mon, 21 Oct 2024 17:57:14 +0100
-Subject: [PATCH] build: conditionally compile bundled sqlite
-
-Only compile the bundled sqlite in `deps/sqlite` if Node.js was not
-configured with `--shared-sqlite`.
-
-`node.gypi` is already correctly adding the sqlite dependency if
-`node_shared_sqlite=="false"` so the unconditional entries in `node.gyp`
-are not necessary.
-
---- a/node.gyp
-+++ b/node.gyp
-@@ -857,7 +857,6 @@
- 'dependencies': [
- 'deps/googletest/googletest.gyp:gtest_prod',
- 'deps/histogram/histogram.gyp:histogram',
-- 'deps/sqlite/sqlite.gyp:sqlite',
- 'deps/simdjson/simdjson.gyp:simdjson',
- 'deps/simdutf/simdutf.gyp:simdutf',
- 'deps/ada/ada.gyp:ada',
-@@ -1047,7 +1046,6 @@
- 'dependencies': [
- '<(node_lib_target_name)',
- 'deps/histogram/histogram.gyp:histogram',
-- 'deps/sqlite/sqlite.gyp:sqlite',
- ],
-
- 'includes': [
-@@ -1059,7 +1057,6 @@
- 'deps/v8/include',
- 'deps/cares/include',
- 'deps/uv/include',
-- 'deps/sqlite',
- 'test/cctest',
- ],
-
-@@ -1092,7 +1089,6 @@
- 'dependencies': [
- '<(node_lib_target_name)',
- 'deps/histogram/histogram.gyp:histogram',
-- 'deps/sqlite/sqlite.gyp:sqlite',
- 'deps/uvwasi/uvwasi.gyp:uvwasi',
- ],
- 'includes': [
-@@ -1103,7 +1099,6 @@
- 'tools/msvs/genfiles',
- 'deps/v8/include',
- 'deps/cares/include',
-- 'deps/sqlite',
- 'deps/uv/include',
- 'deps/uvwasi/include',
- 'test/cctest',
-@@ -1138,7 +1133,6 @@
- '<(node_lib_target_name)',
- 'deps/googletest/googletest.gyp:gtest_prod',
- 'deps/histogram/histogram.gyp:histogram',
-- 'deps/sqlite/sqlite.gyp:sqlite',
- 'deps/uvwasi/uvwasi.gyp:uvwasi',
- 'deps/ada/ada.gyp:ada',
- 'deps/nbytes/nbytes.gyp:nbytes',
-@@ -1151,7 +1145,6 @@
- 'tools/msvs/genfiles',
- 'deps/v8/include',
- 'deps/cares/include',
-- 'deps/sqlite',
- 'deps/uv/include',
- 'deps/uvwasi/include',
- 'test/cctest',
-@@ -1188,7 +1181,6 @@
- 'deps/googletest/googletest.gyp:gtest',
- 'deps/googletest/googletest.gyp:gtest_main',
- 'deps/histogram/histogram.gyp:histogram',
-- 'deps/sqlite/sqlite.gyp:sqlite',
- 'deps/simdjson/simdjson.gyp:simdjson',
- 'deps/simdutf/simdutf.gyp:simdutf',
- 'deps/ada/ada.gyp:ada',
-@@ -1205,7 +1197,6 @@
- 'deps/v8/include',
- 'deps/cares/include',
- 'deps/uv/include',
-- 'deps/sqlite',
- 'test/cctest',
- ],
-
-@@ -1270,7 +1261,6 @@
- 'dependencies': [
- '<(node_lib_target_name)',
- 'deps/histogram/histogram.gyp:histogram',
-- 'deps/sqlite/sqlite.gyp:sqlite',
- 'deps/ada/ada.gyp:ada',
- 'deps/nbytes/nbytes.gyp:nbytes',
- ],
-@@ -1286,7 +1276,6 @@
- 'deps/v8/include',
- 'deps/cares/include',
- 'deps/uv/include',
-- 'deps/sqlite',
- 'test/embedding',
- ],
-
-@@ -1386,7 +1375,6 @@
- 'dependencies': [
- '<(node_lib_target_name)',
- 'deps/histogram/histogram.gyp:histogram',
-- 'deps/sqlite/sqlite.gyp:sqlite',
- 'deps/ada/ada.gyp:ada',
- 'deps/nbytes/nbytes.gyp:nbytes',
- 'deps/simdjson/simdjson.gyp:simdjson',
-@@ -1403,7 +1391,6 @@
- 'deps/v8/include',
- 'deps/cares/include',
- 'deps/uv/include',
-- 'deps/sqlite',
- ],
-
- 'defines': [ 'NODE_WANT_INTERNALS=1' ],