1 files changed, 261 insertions, 0 deletions
diff --git a/llhttp.spec b/llhttp.spec
new file mode 100644
index 0000000..c43097c
--- /dev/null
+++ b/llhttp.spec
@@ -0,0 +1,261 @@
+## RPMAUTOSPEC: autorelease, autochangelog
+%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
+    release_number = 2;
+    base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
+    print(release_number + base_release_number - 1);
+}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
+## END: Set by rpmautospec
+
+# This package is rather exotic. The compiled library is a typical shared
+# library with a C API. However, it has only a tiny bit of C source code. Most
+# of the library is written in TypeScript, which is transpiled to C, via LLVM
+# IR, using llparse (https://github.com/nodejs/llparse)—all of which happens
+# within the NodeJS ecosystem.
+#
+# The package therefore “builds like” a NodeJS package, and to the extent they
+# are relevant we apply the NodeJS packaging guidelines. However, the result of
+# the build “installs like” a traditional C library package and has no NodeJS
+# dependencies, including bundled ones.
+#
+# Furthermore, the package is registered with npm as “llhttp”, but current
+# releases are not published there, so we use the GitHub archive as the
+# canonical source and use a custom bundler script based on
+# nodejs-packaging-bundler to fetch NodeJS build dependencies.
+#
+# Overall, we cherry-pick from the standard and NodeJS packaging guidelines as
+# each seems to best apply, understanding that this package does not fit well
+# into any of the usual patterns or templates.
+#
+# Note that there is now a “release” tarball, e.g.
+# https://github.com/nodejs/llhttp/archive/refs/tags/release/v%%{version}tar.gz,
+# that allows this package to be built without the NodeJS/TypeScript machinery.
+# However, the release archive lacks the original TypeScript source code for
+# the generated C code, which we would need to include in the source RPM as an
+# additional source even if we do not do the re-generation ourselves.
+
+Name:           llhttp
+Version:        9.2.1
+%global so_version 9.2
+Release:        %autorelease
+Summary:        Port of http_parser to llparse
+
+# License of llhttp is (SPDX) MIT; nothing from the NodeJS dependency bundle is
+# installed, so its contents do not contribute to the license of the binary
+# RPMs, and we do not need a file llhttp-%%{version}-bundled-licenses.txt.
+License:        MIT
+URL:            https://github.com/nodejs/llhttp
+Source0:        %{url}/archive/v%{version}/llhttp-%{version}.tar.gz
+
+# Based closely on nodejs-packaging-bundler, except:
+#
+# - The GitHub source tarball specified in this spec file is used since the
+#   current version is not typically published on npm
+# - No production dependency bundle is generated, since none is needed—and
+#   therefore, no bundled licenses text file is generated either
+Source1:        llhttp-packaging-bundler
+# Created with llhttp-packaging-bundler (Source1):
+Source2:        llhttp-%{version}-nm-dev.tar.zst
+
+# While nothing in the dev bundle is installed, we still choose to audit for
+# null licenses at build time and to keep manually-approved exceptions in a
+# file.
+Source3:        check-null-licenses
+Source4:        audited-null-licenses.toml
+
+# The compiled RPM does not depend on NodeJS at all, but we cannot *build* it
+# on architectures without NodeJS.
+ExclusiveArch:  %{nodejs_arches}
+
+# For generating the C source “release” from TypeScript:
+BuildRequires:  nodejs-devel
+BuildRequires:  make
+
+# For compiling the C library
+BuildRequires:  cmake
+BuildRequires:  gcc
+
+# For tests
+BuildRequires:  gcc-c++
+
+# For check-null-licenses
+BuildRequires:  python3-devel
+%if !0%{?rhel}
+# For additional license auditing:
+BuildRequires:  askalono-cli
+BuildRequires:  licensecheck
+%endif
+
+%description
+This project is a port of http_parser to TypeScript. llparse is used to
+generate the output C source file, which could be compiled and linked with the
+embedder's program (like Node.js).
+
+
+%package devel
+Summary:        Development files for llhttp
+
+Requires:       llhttp%{?_isa} = %{?epoch:%{epoch}:}%{version}-%{release}
+
+%description devel
+The llhttp-devel package contains libraries and header files for
+developing applications that use llhttp.
+
+
+%prep
+%autosetup
+
+# Remove build flags specifying ISA extensions not in the architectural
+# baseline from the test fixture setup.
+sed -r -i 's@([[:blank:]]*)(.*-m(sse4))@\1// \2@' test/fixtures/index.ts
+
+# We build the library that we install via release/CMakeLists.txt, but the
+# tests are built via Makefile targets. Don’t apply non-default optimization or
+# debug flags to the test executables.
+sed -r -i 's@ -[Og].\b@@g' Makefile
+
+# Set up bundled (dev) node modules required to generate the C sources from the
+# TypeScript sources.
+tar --zstd --extract --file='%{SOURCE2}'
+mkdir -p node_modules
+pushd node_modules
+ln -s ../node_modules_dev/* .
+ln -s ../node_modules_dev/.bin .
+popd
+
+# We run ts-node out of node_modules/.bin rather than using npx (which we will
+# not have available).
+sed -r -i 's@\bnpx[[:blank:]](ts-node)\b@node_modules/.bin/\1@' Makefile
+
+
+%build
+# Generate the C source “release” from TypeScript using the “node_modules_dev”
+# bundle.
+%make_build release RELEASE='%{version}'
+
+# To help prove that nothing from the bundled NodeJS dev dependencies is
+# included in the binary packages, remove the “node_modules” symlinks.
+rm -rvf node_modules
+
+cd release
+mkdir -p %{_target_platform}
+pushd %{_target_platform}
+%cmake ..
+popd
+cmake --build %{_target_platform} %{?_smp_mflags} -v
+
+
+%install
+cd release
+DESTDIR="%{buildroot}" %__cmake --install "%{_target_platform}"
+
+
+%check
+# Symlink the NodeJS bundle again so that we can test with Mocha
+mkdir -p node_modules
+pushd node_modules
+ln -s ../node_modules_dev/* .
+ln -s ../node_modules_dev/.bin .
+popd
+
+# Verify that no bundled dev dependency has a null license field, unless we
+# already audited it by hand. This reduces the chance of accidentally including
+# code with license problems in the source RPM.
+%{__python3} '%{SOURCE3}' --exceptions '%{SOURCE4}' --with dev node_modules_dev
+
+%if !0%{?rhel}
+# Ensure we have checked all of the licenses in the dev dependency bundle for
+# allowability.
+pattern="${pattern-}${pattern+|}UNKNOWN|(Apache|Python) License 2\\.0"
+pattern="${pattern-}${pattern+|}(MIT|ISC|BSD [023]-Clause) License"
+pattern="${pattern-}${pattern+|}BSD 2-Clause with views sentence"
+pattern="${pattern-}${pattern+|}MIT License and/or X11 License"
+pattern="${pattern-}${pattern+|}GNU General Public License"
+# The CC0-1.0 license is *not allowed* in Fedora for code, but the
+# binary-search dev dependency falls under the following blanket exception:
+#
+#   Existing uses of CC0-1.0 on code files in Fedora packages prior to
+#   2022-08-01, and subsequent upstream versions of those files in those
+#   packages, continue to be allowed. We encourage Fedora package maintainers
+#   to ask upstreams to relicense such files.
+#
+# https://gitlab.com/fedora/legal/fedora-license-data/-/issues/91#note_1151947383
+#
+# This can be verified by checking out commit
+# f460573ec4dc41968e600a96aaaf03a167b236bf (2021-12-16) from dist-git for this
+# package, obtaining the source llhttp-6.0.6-nm-dev.tgz, and observing that
+# llhttp-6.0.6/node_modules_dev/binary-search/package.json shows the CC0-1.0
+# license.
+pattern="${pattern-}${pattern+|}binary-search/package.json: (\*No copyright\* )?Creative Commons CC0 1\.0"
+# The license BSD-3-Clause-Clear appears in sprintf-js/bower.json. This license
+# is on the not-allowed list, but it is not real: sprintf-js/package.json and
+# sprintf-js/LICENSE have the correct (and allowed) BSD-3-Clause license, and
+# upstream confirmed in “Licensing Question”
+# https://github.com/alexei/sprintf.js/issues/211 that the appearance of
+# BSD-3-Clause-Clear in this file was a mere typo.
+pattern="${pattern-}${pattern+|}sprintf-js/bower.json: (\*No copyright\* )?BSD 3-Clause Clear License"
+
+if licensecheck -r node_modules_dev |
+    grep -vE "(${pattern})( \\[generated file\\])?\$" ||
+  ! askalono crawl node_modules_dev | awk '
+      $1 == "License:" { license = $0; next }
+      $1 == "Score:" {
+        if ( \
+          license ~ /: (MIT|ISC) \(/ || \
+          license ~ /: (0BSD|BSD-2-Clause(-Views)?|BSD-3-Clause) \(/ || \
+          license ~ /: (Apache-2\.0|Python-2\.0\.1) \(/ \
+        ) {
+          next # license is OK
+        }
+        # license needs auditing
+        problem = 1
+        print file; print license; print $0
+        next
+      }
+      { file = $0 }
+      END { exit problem }'
+
+then
+  cat 1>&2 <<'EOF'
+=================================================================
+Possible new license(s) found in dev dependency bundle!
+
+While these do not contribute to License, they must appear in:
+https://docs.fedoraproject.org/en-US/legal/allowed-licenses/
+
+Please audit them and modify the patterns representing expected
+licenses in the spec file!
+=================================================================
+EOF
+  exit 1
+fi
+%endif
+
+# http-loose-request.c:7205:20: error: invalid conversion from 'void*' to
+#     'const unsigned char*' [-fpermissive]
+#  7205 |     start = state->_span_pos0;
+#       |             ~~~~~~~^~~~~~~~~~
+#       |                    |
+#       |                    void*
+export CXXFLAGS="${CXXFLAGS-} -fpermissive"
+export CFLAGS="${CFLAGS-} -fpermissive"
+export CLANG=gcc
+# See scripts.test in package.json:
+NODE_ENV=test node -r ts-node/register/type-check ./test/md-test.ts
+
+
+%files
+%license release/LICENSE-MIT
+%{_libdir}/libllhttp.so.%{so_version}{,.*}
+
+
+%files devel
+%doc release/README.md
+%{_includedir}/llhttp.h
+%{_libdir}/libllhttp.so
+%{_libdir}/pkgconfig/libllhttp.pc
+%{_libdir}/cmake/llhttp/
+
+
+%changelog
+* Fri Nov 8 2024 Ming Keke <keke.oerv@isrc.iscas.ac.cn> - 9.2.1-2
+- Initial package for repo