Todo List: Node.js removal
As Node.js has history of malware in hosted packages and doesn't support LibreSSL, we have decided to blacklist it.
Every linked packages needs to be rebuild or removed. There will likely be broken packages.
It is a todo list of packages that either have a direct dependency on Node.js.
Blacklisting process:
https://git.hyperbola.info:50100/software/blacklist.git/
Further details:
https://hacknews.co/malware/20181127/rogue-developer-infects-widely-used-nodejs-module-to-steal-bitcoins.html
https://thenewstack.io/npm-cleans-typosquatting-malware/
http://webinos.org/2013/06/17/reflections-on-nodejs-malware/
[ ] = remove package
[*] = build package without nodejs or related-nodejs dependencies
[#] = build package by removing nodejs or related-nodejs optional dependencies
packages:
* [ ] acorn
* [ ] apm
* [ ] asar
* [ ] babel-cli
* [ ] bower
* [ ] browserify
* [*] cantor (sagemath optdeps)
* [ ] cjdns
* [ ] cldr-emoji-annotation (only useful with nodejs-emojione)
* [ ] coffee-script
* [ ] cordova
* [ ] emscripten
* [ ] eslint
* [ ] fluid (fluid; nodejs-material-design-icons makedeps)
* [ ] gitlab (gitlab; nodejs deps)
* [ ] gitlab-runner (gitlab; independent package)
* [ ] gitlab-shell (gitlab; required by gitlab)
* [ ] gitlab-workhorse (gitlab; required by gitlab)
* [ ] grafana (grafana; grunt-cli makedeps)
* [ ] grafana-zabbix (grafana; grafana deps)
* [ ] grunt-cli
* [ ] gulp
* [*] http-parser (nodejs; independent package)
* [*] ibus (nodejs-emojione and cldr-emoji-annotation makedeps; independent package)
* [*] idris (idris; nodejs makedeps)
* [*] ipython (jupyter; independent package)
* [ ] ipython2-notebook (jupyter; independent package)
* [ ] jake
* [ ] jupyter (juppyter; python-ipywidgets deps)
* [ ] jupyter_console (jupyter; python-jupyter_client deps)
* [ ] jupyter-nbconvert (jupyter; jupyter deps)
* [ ] jupyter-nbformat (jupyter; python-jupyter_core deps)
* [ ] jupyter-notebook (jupyter; npm makedeps)
* [ ] jupyter-widgetsnbextension (jupyter; jupyter-notebook deps)
* [ ] libreoffice-online (npm and jake deps; independent package)
* [*] libibus (nodejs-emojione and cldr-emoji-annotation makedeps; independent package)
* [ ] liri-files (liri; fluid deps)
* [ ] liri-terminal (liri; fluid deps)
* [ ] marked (marked; nodejs deps)
* [ ] marked-man (marked; nodejs deps)
* [#] netdata (nodejs optdeps only)
* [*] nextcloud-app-richdocuments (libreoffice-online deps)
* [ ] nodejs-emojione (nodejs; nodejs deps)
* [ ] nodejs-less (nodejs; nodejs deps)
* [ ] nodejs-lts (nodejs)
* [ ] nodejs-material-design-icons (nodejs; nodejs deps)
* [ ] npm (npm; nodejs deps)
* [ ] npm-check-updates (npm; npm makedeps)
* [ ] phonegap (phonegap; semver deps)
* [ ] pm2
* [ ] pulp
* [#] purescript (pulp optdeps only)
* [ ] python-ipykernel (jupyter; python-jupyter_client deps)
* [ ] python-ipywidgets (jupyter; npm makedeps)
* [ ] python-jupyter_client (jupyter; python-jupyter_core deps)
* [ ] python-jupyter_core (jupyter; required by jupyter)
* [ ] python-qtconsole (jupyter; pyhon-jupyter_client deps)
* [*] python2-fpylll (sagemath optdeps)
* [ ] python2-ipykernel (jupyter; pyhon2-jupyter_client deps)
* [ ] python2-ipywidgets (jupyter; npm makedeps)
* [ ] python2-jupyter_client (jupyter; python2-jupyter_core deps)
* [ ] python2-jupyter_core (jupyter; required by jupyter)
* [ ] python2-qtconsole (jupyter; pyhon2-jupyter_client deps)
* [ ] sage-data-conway_polynomials (sagemath makedeps)
* [ ] sage-notebook
* [ ] sage-notebook-exporter (sage-notebook-exporter; jupyter-nbconvert deps)
* [ ] sagemath
* [ ] sagemath-doc (sage-notebook and thebe deps; python2-ipywidgets, python2-jupyter_client, sage-notebook and thebe makedeps)
* [ ] sagemath-jupyter (sagemath-jupyter; sage-notebook-exporter optdeps and python2-jupyter_client deps)
* [ ] sagemath-src (python2-ipywidgets, python2-jupyter_client, sage-notebook and thebe makedeps)
* [ ] sagetex (sagemath deps)
* [ ] semver
* [ ] spyder (spyder; python2-qtconsole deps)
* [ ] spyder3 (spyder; python-qtconsole and jupyder deps)
* [ ] startdde (deepin; coffee-script makedeps)
* [ ] stylus
* [ ] thebe (jupyter; independent package)
* [ ] typescript
* [ ] uglify-js
* [*] valabind (valabind; independent package, contains nodejs?)
* [ ] vibe (liri and fluid deps)
* [ ] yarn
Link to lists of pkgbase values:
Filter Todo List Packages
| Arch | Repository | Name | Current Version | Staging Version | Maintainers | Status | Last Touched By |
|---|