tools: add automation for updating libuv dependency

Add a Github Action that checks for new versions of the `libuv` C library, and creates a PR to update it if a newer version than the one present in the repo is found. Refs: nodejs/security-wg#828 PR-URL: #45362 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
nodejs · Nov 21, 2022 · f3f1aed · f3f1aed
1 parent bb4c293
commit f3f1aed
Show file tree

Hide file tree

Showing 3 changed files with 97 additions and 0 deletions.
diff --git a/.github/workflows/tools.yml b/.github/workflows/tools.yml
@@ -109,6 +109,22 @@ jobs:
                 echo "NEW_VERSION=$NEW_VERSION" >> $GITHUB_ENV
                 ./tools/update-acorn-walk.sh
               fi
+          - id: libuv
+            subsystem: deps
+            label: dependencies
+            run: |
+              NEW_VERSION=$(gh api repos/libuv/libuv/releases/latest -q '.tag_name|ltrimstr("v")')
+              VERSION_H="./deps/uv/include/uv/version.h"
+              CURRENT_MAJOR_VERSION=$(grep "#define UV_VERSION_MAJOR" $VERSION_H | sed -n "s/^.*MAJOR \(.*\)/\1/p")
+              CURRENT_MINOR_VERSION=$(grep "#define UV_VERSION_MINOR" $VERSION_H | sed -n "s/^.*MINOR \(.*\)/\1/p")
+              CURRENT_PATCH_VERSION=$(grep "#define UV_VERSION_PATCH" $VERSION_H | sed -n "s/^.*PATCH \(.*\)/\1/p")
+              CURRENT_SUFFIX_VERSION=$(grep "#define UV_VERSION_SUFFIX" $VERSION_H | sed -n "s/^.*SUFFIX \"\(.*\)\"/\1/p")
+              SUFFIX_STRING=$([[ -z "$CURRENT_SUFFIX_VERSION" ]] && echo "" || echo "-$CURRENT_SUFFIX_VERSION")
+              CURRENT_VERSION="$CURRENT_MAJOR_VERSION.$CURRENT_MINOR_VERSION.$CURRENT_PATCH_VERSION$SUFFIX_STRING"
+              if [ "$NEW_VERSION" != "$CURRENT_VERSION" ]; then
+                echo "NEW_VERSION=$NEW_VERSION" >> $GITHUB_ENV
+                ./tools/dep_updaters/update-libuv.sh "$NEW_VERSION"
+              fi
     steps:
       - uses: actions/checkout@v3
         with:

diff --git a/tools/dep_updaters/README.md b/tools/dep_updaters/README.md
@@ -0,0 +1,37 @@
+# Dependency update scripts
+
+This folder contains scripts used to automatically update a Node.js dependency.
+These scripts are usually run by CI (see `.github/workflows/tools.yml`) in order
+to download a new dependency version, and replace the old version with it.
+
+Since these scripts only update to the upstream code, changes might be needed in
+this repository in order to successfully update (e.g: changing API calls to
+conform to upstream changes, updating GYP build files, etc.)
+
+## libuv
+
+The `update-libuv.sh` script takes the target version to update as its only
+argument, downloads it from the [GitHub repo](https://github.com/libuv/libuv)
+and uses it to replace the contents of `deps/uv/`. The contents are replaced
+entirely except for the `*.gyp` and `*.gypi` build files, which are part of the
+Node.js build definitions and are not present in the upstream repo.
+
+For example, in order to update to version `1.44.2`, the following command can
+be run:
+
+```bash
+./tools/dep_updaters/update-libuv.sh 1.44.2
+```
+
+Once the script has run (either manually, or by CI in which case a PR will have
+been created with the changes), do the following:
+
+1. Check the [changelog](https://github.com/libuv/libuv/blob/v1.x/ChangeLog) for
+   things that might require changes in Node.js.
+2. If necessary, update `common.gypi` and `uv.gyp` with build-related changes.
+3. Check that Node.js compiles without errors and the tests pass.
+4. Create a commit for the update and in the commit message include the
+   important/relevant items from the changelog (see [`c61870c`][] for an
+   example).
+
+[`c61870c`]: https://github.com/nodejs/node/commit/c61870c376e2f5b0dbaa939972c46745e21cdbdd
diff --git a/tools/dep_updaters/update-libuv.sh b/tools/dep_updaters/update-libuv.sh
@@ -0,0 +1,44 @@
+#!/bin/sh
+set -e
+# Shell script to update libuv in the source tree to a specific version
+
+BASE_DIR=$(cd "$(dirname "$0")/../.." && pwd)
+DEPS_DIR="$BASE_DIR/deps"
+LIBUV_VERSION=$1
+
+if [ "$#" -le 0 ]; then
+  echo "Error: please provide an libuv version to update to"
+  echo "	e.g. $0 1.44.2"
+  exit 1
+fi
+
+echo "Making temporary workspace..."
+
+WORKSPACE=$(mktemp -d 2> /dev/null || mktemp -d -t 'tmp')
+
+cleanup () {
+  EXIT_CODE=$?
+  [ -d "$WORKSPACE" ] && rm -rf "$WORKSPACE"
+  exit $EXIT_CODE
+}
+
+trap cleanup INT TERM EXIT
+
+cd "$WORKSPACE"
+
+echo "Fetching libuv source archive..."
+curl -sL "https://api.github.com/repos/libuv/libuv/tarball/v$LIBUV_VERSION" | tar xzf -
+mv libuv-libuv-* uv
+
+echo "Replacing existing libuv (except GYP build files)"
+mv "$DEPS_DIR/uv/"*.gyp "$DEPS_DIR/uv/"*.gypi "$WORKSPACE/uv/"
+rm -rf "$DEPS_DIR/uv"
+mv "$WORKSPACE/uv" "$DEPS_DIR/"
+
+echo "All done!"
+echo ""
+echo "Please git add uv, commit the new version:"
+echo ""
+echo "$ git add -A deps/uv"
+echo "$ git commit -m \"deps: update libuv to $LIBUV_VERSION\""
+echo ""