www/node14: Upgrade to 14.19.3

https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V14.md#14.19.3

This update is based on a patch from Dani I. <i.dani@outlook.com> that
was originally attached to the PR.

This update addresses CVE-2021-44531/44532/44533, CVE-2022-0778, and
CVE-2022-21824.

Notable port additions:

- COREPACK option [1]
- test target
- python 3.10 build support
- patch for failing test due to FreeBSD OpenSSL adding "-freebsd" to
  version string

[1] Corepack is an experimental tool to help with managing versions of
your package managers. It exposes binary proxies for each supported
package manager that, when called, will identify whatever package
manager is configured for the current project, transparently install it
if needed, and finally run it without requiring explicit user
interactions.

PR:		263090
Approved by:	bhughes (maintainer, timeout)
Differential Revision:	https://reviews.freebsd.org/D35192

www/node14/Makefile

@@ -1,7 +1,6 @@
 PORTNAME=	node
 DISTVERSIONPREFIX=	v
-DISTVERSION=	14.18.1
-PORTREVISION=	2
+DISTVERSION=	14.19.3
 CATEGORIES=	www
 MASTER_SITES=	http://nodejs.org/dist/v${DISTVERSION}/
 PKGNAMESUFFIX=	14
@@ -12,98 +11,105 @@ COMMENT=	V8 JavaScript for client and server
 LICENSE=	MIT
 LICENSE_FILE=	${WRKSRC}/LICENSE
 
-BROKEN_SSL=		libressl libressl-devel
-BROKEN_SSL_REASON=	Node.js 14.x LTS requires OpenSSL 1.1.x or the BUNDLED_SSL option enabled
-ONLY_FOR_ARCHS=		aarch64 amd64 armv6 armv7 i386 powerpc64 powerpc64le
+ONLY_FOR_ARCHS=	aarch64 amd64 armv6 armv7 i386 powerpc64 powerpc64le
 
-USES=		compiler:c++11-lib gmake python:2.7-3.9,build pkgconfig \
-		localbase shebangfix
+BUILD_DEPENDS+=	brotli>=1.0.9,1:archivers/brotli \
+		c-ares>=1.17.2:dns/c-ares \
+		libnghttp2>=1.42.0:www/libnghttp2 \
+		libuv>=1.42.0:devel/libuv \
+		objdump:devel/binutils
+LIB_DEPENDS+=	libbrotlidec.so:archivers/brotli \
+		libcares.so:dns/c-ares \
+		libnghttp2.so:www/libnghttp2 \
+		libuv.so:devel/libuv
+
+USES=		compiler:c++11-lib gmake localbase pkgconfig \
+		python:2.7-3.10,build shebangfix
+BROKEN_SSL=	libressl libressl-devel
+BROKEN_SSL_REASON=	node.js 14.x LTS requires OpenSSL 1.1.x or the BUNDLED_SSL option enabled
+SHEBANG_FILES=	deps/v8/third_party/inspector_protocol/*.py deps/v8/tools/*.py \
+		tools/*.py tools/inspector_protocol/*.py
 
-OPTIONS_DEFINE=		BUNDLED_SSL DOCS NLS DTRACE
-OPTIONS_DEFAULT=	DTRACE
+HAS_CONFIGURE=	yes
+CONFIGURE_ARGS=	--prefix=${PREFIX_RELDEST} \
+		--shared-brotli \
+		--shared-cares \
+		--shared-libuv \
+		--shared-nghttp2 \
+		--shared-zlib \
+		--without-npm
+
+MAKE_ENV+=	CC.host=${CC} \
+		CFLAGS.host="${CFLAGS}" \
+		CXX.host=${CXX} \
+		CXXFLAGS.host="${CXXFLAGS}" \
+		LDFLAGS.host="${LDFLAGS}" \
+		LINK.host=${CXX}
+TEST_ARGS=	-i
+TEST_TARGET=	test-only
+
+CONFLICTS_INSTALL=	node node10 node16
+
+PREFIX_RELDEST=	${PREFIX:S,^${DESTDIR},,}
+REINPLACE_ARGS=	-i ''
+
+OPTIONS_DEFINE=		BUNDLED_SSL COREPACK DOCS DTRACE NLS
+OPTIONS_DEFAULT=	COREPACK DTRACE
 OPTIONS_DEFAULT+=	${OPTIONS_DEFAULT_${OPSYS}_${OSREL:R}}
-OPTIONS_SUB=		yes
 
 .if !exists(/usr/sbin/dtrace)
 OPTIONS_EXCLUDE+=	DTRACE
 .endif
 
 OPTIONS_EXCLUDE_aarch64=	DTRACE
 # dt_modtext:/usr/src/cddl/contrib/opensolaris/lib/libdtrace/common/dt_link.c(820): arm not implemented
-OPTIONS_EXCLUDE_armv6=		DTRACE
-OPTIONS_EXCLUDE_armv7=		DTRACE
+OPTIONS_EXCLUDE_armv6=	DTRACE
+OPTIONS_EXCLUDE_armv7=	DTRACE
 OPTIONS_EXCLUDE_powerpc64=	DTRACE
 OPTIONS_EXCLUDE_powerpc64le=	DTRACE
 
-BUNDLED_SSL_DESC=		Use node.js's bundled OpenSSL implementation
-BUNDLED_SSL_USES_OFF=		ssl
-BUNDLED_SSL_CONFIGURE_OFF=	--shared-openssl --openssl-use-def-ca-store
-BUNDLED_SSL_RUN_DEPENDS_OFF=	ca_root_nss>=0:security/ca_root_nss
+OPTIONS_SUB=	yes
 
-NLS_CONFIGURE_ON=	--with-intl=system-icu
-NLS_BUILD_DEPENDS=	icu>=69.1:devel/icu
-NLS_LIB_DEPENDS=	libicui18n.so:devel/icu
+BUNDLED_SSL_DESC=	Use bundled OpenSSL implementation from node.js
+COREPACK_DESC=		Build and install corepack package manager
 
-DTRACE_CONFIGURE_ON=	--with-dtrace
-
-HAS_CONFIGURE=	yes
-
-CONFLICTS_INSTALL=	node10 node16 node
-
-CONFIGURE_ARGS=	--prefix=${PREFIX_RELDEST} \
-		--without-npm \
-		--shared-brotli \
-		--shared-cares \
-		--shared-libuv \
-		--shared-nghttp2 \
-		--shared-zlib
-
-SHEBANG_FILES=	deps/v8/tools/*.py \
-		deps/v8/third_party/inspector_protocol/*.py \
-		tools/*.py \
-		tools/inspector_protocol/*.py
+BUNDLED_SSL_RUN_DEPENDS_OFF=	ca_root_nss>=0:security/ca_root_nss
+BUNDLED_SSL_USES_OFF=		ssl
+BUNDLED_SSL_CONFIGURE_OFF=	--openssl-use-def-ca-store \
+				--shared-openssl
 
-PREFIX_RELDEST=	${PREFIX:S,^${DESTDIR},,}
-REINPLACE_ARGS=	-i ''
-MAKE_ENV+=	CC.host=${CC} CFLAGS.host="${CFLAGS}" \
-		CXX.host=${CXX} CXXFLAGS.host="${CXXFLAGS}" \
-		LINK.host=${CXX} LDFLAGS.host="${LDFLAGS}"
+COREPACK_CONFIGURE_OFF=	--without-corepack
+DTRACE_CONFIGURE_ON=	--with-dtrace
 
-BUILD_DEPENDS+=	brotli>=1.0.9,1:archivers/brotli \
-		c-ares>=1.17.2:dns/c-ares \
-		libuv>=1.42.0:devel/libuv \
-		libnghttp2>=1.42.0:www/libnghttp2 \
-		objdump:devel/binutils
-LIB_DEPENDS+=	libbrotlidec.so:archivers/brotli \
-		libcares.so:dns/c-ares\
-		libuv.so:devel/libuv \
-		libnghttp2.so:www/libnghttp2
+NLS_BUILD_DEPENDS=	icu>=69.1:devel/icu
+NLS_LIB_DEPENDS=	libicui18n.so:devel/icu
+NLS_CONFIGURE_ON=	--with-intl=system-icu
 
 .include <bsd.port.options.mk>
 
 .if (defined(PPC_ABI) && ${PPC_ABI} == ELFv2) || ${ARCH} == powerpc64le
-EXTRA_PATCHES=		${PATCHDIR}/extra-patch-common.gypi
+EXTRA_PATCHES=	${PATCHDIR}/extra-patch-common.gypi
 .endif
 
 .if ${ARCH} == armv6 || ${ARCH} == armv7
 EXTRA_PATCHES=	${PATCHDIR}/extra-patch-tools_v8__gypfiles_v8.gyp
 .endif
 
 .if ${PORT_OPTIONS:MBUNDLED_SSL} && ${ARCH} != amd64
-CONFIGURE_ARGS+=--openssl-no-asm
+CONFIGURE_ARGS+=	--openssl-no-asm
 .endif
 
 post-patch:
 	@${REINPLACE_CMD} -e 's|/usr/local|${LOCALBASE}|' \
 		${WRKSRC}/tools/v8_gypfiles/v8.gyp
 
 post-configure:
-	# Post-process Makefile and *.mk files created by node-gyp and remove
-	# all occurrences of -I${LOCALBASE}/include. C*FLAGS include this
-	# before all -I../deps/* for bundled code. This can cause build
-	# breakages if the dependency is installed in ${LOCALBASE}. The
-	# USES+=localbase # above will ensure that we pick up includes for real
-	# external dependencies.
+# Post-process Makefile and *.mk files created by node-gyp and remove
+# all occurrences of -I${LOCALBASE}/include. C*FLAGS include this
+# before all -I../deps/* for bundled code. This can cause build
+# breakages if the dependency is installed in ${LOCALBASE}. The
+# USES+=localbase # above will ensure that we pick up includes for real
+# external dependencies.
 	${FIND} ${WRKSRC}/out -type f -print0 \
 		| ${XARGS} -0 ${REINPLACE_CMD} -e "s|-I${LOCALBASE}/include||g"
 

www/node14/distinfo

@@ -1,3 +1,3 @@
-TIMESTAMP = 1634227132
-SHA256 (node-v14.18.1.tar.gz) = 89d22d34fd4ba3715252dcd2dd94d1699338436463b277163ed950040c7b621a
-SIZE (node-v14.18.1.tar.gz) = 63849860
+TIMESTAMP = 1653106814
+SHA256 (node-v14.19.3.tar.gz) = 1df831a7b9d9ca76fb9af45244a309b7430bf54ba2be9d2d7b77d868ddaf0d3d
+SIZE (node-v14.19.3.tar.gz) = 64983615

www/node14/files/patch-node.gypi

@@ -1,9 +1,9 @@
---- node.gypi.orig	2020-03-05 00:41:47 UTC
+--- node.gypi.orig	2022-05-04 10:22:01 UTC
 +++ node.gypi
-@@ -322,6 +322,9 @@
-         ['openssl_fips != "" or openssl_is_fips=="true"', {
-           'defines': [ 'NODE_FIPS_MODE' ],
-         }],
+@@ -319,6 +319,9 @@
+     [ 'node_use_openssl=="true"', {
+       'defines': [ 'HAVE_OPENSSL=1' ],
+       'conditions': [
 +        ['openssl_no_asm==1', {
 +          'defines': [ 'OPENSSL_NO_ASM' ],
 +        }],

www/node14/files/patch-test_parallel_test-process-versions.js

@@ -0,0 +1,11 @@
+--- test/parallel/test-process-versions.js.orig	2022-05-08 01:48:13 UTC
++++ test/parallel/test-process-versions.js
+@@ -45,7 +45,7 @@ assert(/^\d+\.\d+\.\d+(?:\.\d+)?-node\.\d+(?: \(candid
+ assert(/^\d+$/.test(process.versions.modules));
+
+ if (common.hasCrypto) {
+-  assert(/^\d+\.\d+\.\d+[a-z]?(-fips)?$/.test(process.versions.openssl));
++  assert(/^\d+\.\d+\.\d+[a-z]?(-freebsd|-fips)?$/.test(process.versions.openssl));
+ }
+
+ for (let i = 0; i < expected_keys.length; i++) {

www/node14/pkg-plist

@@ -483,6 +483,63 @@ include/node/node_version.h
 %%BUNDLED_SSL%%include/node/openssl/x509err.h
 %%BUNDLED_SSL%%include/node/openssl/x509v3.h
 %%BUNDLED_SSL%%include/node/openssl/x509v3err.h
+%%COREPACK%%bin/corepack
+%%COREPACK%%lib/node_modules/corepack/LICENSE.md
+%%COREPACK%%lib/node_modules/corepack/README.md
+%%COREPACK%%lib/node_modules/corepack/dist/corepack.js
+%%COREPACK%%lib/node_modules/corepack/dist/npm.js
+%%COREPACK%%lib/node_modules/corepack/dist/npx.js
+%%COREPACK%%lib/node_modules/corepack/dist/pnpm.js
+%%COREPACK%%lib/node_modules/corepack/dist/pnpx.js
+%%COREPACK%%lib/node_modules/corepack/dist/vcc.js
+%%COREPACK%%lib/node_modules/corepack/dist/yarn.js
+%%COREPACK%%lib/node_modules/corepack/dist/yarnpkg.js
+%%COREPACK%%lib/node_modules/corepack/package.json
+%%COREPACK%%lib/node_modules/corepack/shims/corepack
+%%COREPACK%%lib/node_modules/corepack/shims/corepack.cmd
+%%COREPACK%%lib/node_modules/corepack/shims/corepack.ps1
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/corepack
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/corepack.cmd
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/corepack.ps1
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/npm
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/npm.cmd
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/npm.ps1
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/npx
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/npx.cmd
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/npx.ps1
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/pnpm
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/pnpm.cmd
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/pnpm.ps1
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/pnpx
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/pnpx.cmd
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/pnpx.ps1
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/vcc
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/vcc.cmd
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/vcc.ps1
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/yarn
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/yarn.cmd
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/yarn.ps1
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/yarnpkg
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/yarnpkg.cmd
+%%COREPACK%%lib/node_modules/corepack/shims/nodewin/yarnpkg.ps1
+%%COREPACK%%lib/node_modules/corepack/shims/npm
+%%COREPACK%%lib/node_modules/corepack/shims/npm.cmd
+%%COREPACK%%lib/node_modules/corepack/shims/npm.ps1
+%%COREPACK%%lib/node_modules/corepack/shims/npx
+%%COREPACK%%lib/node_modules/corepack/shims/npx.cmd
+%%COREPACK%%lib/node_modules/corepack/shims/npx.ps1
+%%COREPACK%%lib/node_modules/corepack/shims/pnpm
+%%COREPACK%%lib/node_modules/corepack/shims/pnpm.cmd
+%%COREPACK%%lib/node_modules/corepack/shims/pnpm.ps1
+%%COREPACK%%lib/node_modules/corepack/shims/pnpx
+%%COREPACK%%lib/node_modules/corepack/shims/pnpx.cmd
+%%COREPACK%%lib/node_modules/corepack/shims/pnpx.ps1
+%%COREPACK%%lib/node_modules/corepack/shims/yarn
+%%COREPACK%%lib/node_modules/corepack/shims/yarn.cmd
+%%COREPACK%%lib/node_modules/corepack/shims/yarn.ps1
+%%COREPACK%%lib/node_modules/corepack/shims/yarnpkg
+%%COREPACK%%lib/node_modules/corepack/shims/yarnpkg.cmd
+%%COREPACK%%lib/node_modules/corepack/shims/yarnpkg.ps1
 include/node/v8-fast-api-calls.h
 include/node/v8-internal.h
 include/node/v8-platform.h