https://blogs.gentoo.org/ago/2020/07/04/gentoo-tinderbox/ Issue: net-analyzer/gsa-21.4.4 fails to compile. Discovered on: amd64 (internal ref: ci)
Created attachment 777767 [details] build.log build log and emerge --info
We seem to be running into https://github.com/greenbone/gsa/issues/3422 Upstream suggests the supported configuration uses nodejs 10, while others say they're getting the problem since nodejs 15 (where the deprecation notice pops up first) The internet lists several workarounds. - Adding "./*": "./*" => Not tried myself, but at least one reply that this breaks other parts - Downgrading to nodejs 14 (oldest major version in gentoo portage) => Trying this right now - "yarn upgrade" => Build completes, but the Content-Security-Policy now needs "unsafe-eval" for script sources => Stopped right there, this seems to be the wrong track (until upstream fixes their dependencies)
I have no idea why, but while waiting for nodejs 14 to compile, the web ui started working. I'm now running nodejs 18 with latest gsa, which was build with a manual "yarn upgrade" between unpack and prepare stages. I cancelled the nodejs downgrade build.
This is the required settings for Content-Security-Policy to work (/etc/conf.d/gsad). GSAD_OPTIONS="--no-redirect --timeout=14400 --http-csp=\"default-src 'none'; object-src 'none'; base-uri 'none'; connect-src 'self'; script-src 'self' 'unsafe-eval'; frame-ancestors 'none'; form-action 'self'; style-src-elem 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' blob:;\""
I also hit this error. Build log: https://bpa.st/DAWP6 Masking current stable net-libs/nodejs-18.14.2 and downgrading to the last stable version (16.19.1) let gsa compile successfully.
