diff --git a/.gitignore b/.gitignore
index a873a8a..8692d82 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
 SOURCES/icu4c-70_1-src.tgz
-SOURCES/node-v16.14.0-stripped.tar.gz
+SOURCES/node-v16.16.0-stripped.tar.gz
diff --git a/.nodejs.metadata b/.nodejs.metadata
index 9c15be1..c2ce414 100644
--- a/.nodejs.metadata
+++ b/.nodejs.metadata
@@ -1,2 +1,2 @@
 f7c1363edee6be7de8b624ffbb801892b3417d4e SOURCES/icu4c-70_1-src.tgz
-8c33c1ca00dab24a6ce4d1100a6fbc4493d82797 SOURCES/node-v16.14.0-stripped.tar.gz
+17d4c0f6337149c1171c478dbebc8c224ebd0778 SOURCES/node-v16.16.0-stripped.tar.gz
diff --git a/SOURCES/0001-fix-ci-lock-file-validation.patch b/SOURCES/0001-fix-ci-lock-file-validation.patch
deleted file mode 100644
index 81ff06a..0000000
--- a/SOURCES/0001-fix-ci-lock-file-validation.patch
+++ /dev/null
@@ -1,397 +0,0 @@
-From 730dd78c897a28c3df0468ed1fc42d5817badefe Mon Sep 17 00:00:00 2001
-From: Ruy Adorno <ruyadorno@hotmail.com>
-Date: Wed, 2 Feb 2022 22:10:22 -0500
-Subject: [PATCH] fix(ci): lock file validation
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Make sure to validate any lock file (either package-lock.json or
-npm-shrinkwrap.json) against the current install. This will properly
-throw an error in case any of the dependencies being installed don't
-match the dependencies that are currently listed in the lock file.
-
-Fixes: https://github.com/npm/cli/issues/2701
-Fixes: https://github.com/npm/cli/issues/3947
-Signed-off-by: Jan Staněk <jstanek@redhat.com>
----
- deps/npm/lib/commands/ci.js                   | 23 ++++++
- deps/npm/lib/utils/validate-lockfile.js       | 29 +++++++
- .../smoke-tests/index.js.test.cjs             | 11 +++
- .../test/lib/commands/ci.js.test.cjs          | 13 +++
- .../lib/utils/validate-lockfile.js.test.cjs   | 35 ++++++++
- deps/npm/test/lib/commands/ci.js              | 82 +++++++++++++++++++
- deps/npm/test/lib/utils/validate-lockfile.js  | 82 +++++++++++++++++++
- 7 files changed, 275 insertions(+)
- create mode 100644 deps/npm/lib/utils/validate-lockfile.js
- create mode 100644 deps/npm/tap-snapshots/test/lib/commands/ci.js.test.cjs
- create mode 100644 deps/npm/tap-snapshots/test/lib/utils/validate-lockfile.js.test.cjs
- create mode 100644 deps/npm/test/lib/utils/validate-lockfile.js
-
-diff --git a/deps/npm/lib/commands/ci.js b/deps/npm/lib/commands/ci.js
-index 2c2f8da..376a85d 100644
---- a/deps/npm/lib/commands/ci.js
-+++ b/deps/npm/lib/commands/ci.js
-@@ -6,6 +6,7 @@ const runScript = require('@npmcli/run-script')
- const fs = require('fs')
- const readdir = util.promisify(fs.readdir)
- const log = require('../utils/log-shim.js')
-+const validateLockfile = require('../utils/validate-lockfile.js')
- 
- const removeNodeModules = async where => {
-   const rimrafOpts = { glob: false }
-@@ -55,6 +56,28 @@ class CI extends ArboristWorkspaceCmd {
-       }),
-       removeNodeModules(where),
-     ])
-+
-+    // retrieves inventory of packages from loaded virtual tree (lock file)
-+    const virtualInventory = new Map(arb.virtualTree.inventory)
-+
-+    // build ideal tree step needs to come right after retrieving the virtual
-+    // inventory since it's going to erase the previous ref to virtualTree
-+    await arb.buildIdealTree()
-+
-+    // verifies that the packages from the ideal tree will match
-+    // the same versions that are present in the virtual tree (lock file)
-+    // throws a validation error in case of mismatches
-+    const errors = validateLockfile(virtualInventory, arb.idealTree.inventory)
-+    if (errors.length) {
-+      throw new Error(
-+        '`npm ci` can only install packages when your package.json and ' +
-+        'package-lock.json or npm-shrinkwrap.json are in sync. Please ' +
-+        'update your lock file with `npm install` ' +
-+        'before continuing.\n\n' +
-+        errors.join('\n') + '\n'
-+      )
-+    }
-+
-     await arb.reify(opts)
- 
-     const ignoreScripts = this.npm.config.get('ignore-scripts')
-diff --git a/deps/npm/lib/utils/validate-lockfile.js b/deps/npm/lib/utils/validate-lockfile.js
-new file mode 100644
-index 0000000..29161ec
---- /dev/null
-+++ b/deps/npm/lib/utils/validate-lockfile.js
-@@ -0,0 +1,29 @@
-+// compares the inventory of package items in the tree
-+// that is about to be installed (idealTree) with the inventory
-+// of items stored in the package-lock file (virtualTree)
-+//
-+// Returns empty array if no errors found or an array populated
-+// with an entry for each validation error found.
-+function validateLockfile (virtualTree, idealTree) {
-+  const errors = []
-+
-+  // loops through the inventory of packages resulted by ideal tree,
-+  // for each package compares the versions with the version stored in the
-+  // package-lock and adds an error to the list in case of mismatches
-+  for (const [key, entry] of idealTree.entries()) {
-+    const lock = virtualTree.get(key)
-+
-+    if (!lock) {
-+      errors.push(`Missing: ${entry.name}@${entry.version} from lock file`)
-+      continue
-+    }
-+
-+    if (entry.version !== lock.version) {
-+      errors.push(`Invalid: lock file's ${lock.name}@${lock.version} does ` +
-+      `not satisfy ${entry.name}@${entry.version}`)
-+    }
-+  }
-+  return errors
-+}
-+
-+module.exports = validateLockfile
-diff --git a/deps/npm/tap-snapshots/smoke-tests/index.js.test.cjs b/deps/npm/tap-snapshots/smoke-tests/index.js.test.cjs
-index c1316e0..5fa3977 100644
---- a/deps/npm/tap-snapshots/smoke-tests/index.js.test.cjs
-+++ b/deps/npm/tap-snapshots/smoke-tests/index.js.test.cjs
-@@ -40,6 +40,17 @@ Configuration fields: npm help 7 config
- 
- npm {CWD}
- 
-+`
-+
-+exports[`smoke-tests/index.js TAP npm ci > should throw mismatch deps in lock file error 1`] = `
-+npm ERR! \`npm ci\` can only install packages when your package.json and package-lock.json or npm-shrinkwrap.json are in sync. Please update your lock file with \`npm install\` before continuing.
-+npm ERR! 
-+npm ERR! Invalid: lock file's abbrev@1.0.4 does not satisfy abbrev@1.1.1
-+npm ERR! 
-+
-+npm ERR! A complete log of this run can be found in:
-+
-+
- `
- 
- exports[`smoke-tests/index.js TAP npm diff > should have expected diff output 1`] = `
-diff --git a/deps/npm/tap-snapshots/test/lib/commands/ci.js.test.cjs b/deps/npm/tap-snapshots/test/lib/commands/ci.js.test.cjs
-new file mode 100644
-index 0000000..d6a7471
---- /dev/null
-+++ b/deps/npm/tap-snapshots/test/lib/commands/ci.js.test.cjs
-@@ -0,0 +1,13 @@
-+/* IMPORTANT
-+ * This snapshot file is auto-generated, but designed for humans.
-+ * It should be checked into source control and tracked carefully.
-+ * Re-generate by setting TAP_SNAPSHOT=1 and running tests.
-+ * Make sure to inspect the output below.  Do not ignore changes!
-+ */
-+'use strict'
-+exports[`test/lib/commands/ci.js TAP should throw error when ideal inventory mismatches virtual > must match snapshot 1`] = `
-+\`npm ci\` can only install packages when your package.json and package-lock.json or npm-shrinkwrap.json are in sync. Please update your lock file with \`npm install\` before continuing.
-+
-+Invalid: lock file's foo@1.0.0 does not satisfy foo@2.0.0
-+
-+`
-diff --git a/deps/npm/tap-snapshots/test/lib/utils/validate-lockfile.js.test.cjs b/deps/npm/tap-snapshots/test/lib/utils/validate-lockfile.js.test.cjs
-new file mode 100644
-index 0000000..98a5126
---- /dev/null
-+++ b/deps/npm/tap-snapshots/test/lib/utils/validate-lockfile.js.test.cjs
-@@ -0,0 +1,35 @@
-+/* IMPORTANT
-+ * This snapshot file is auto-generated, but designed for humans.
-+ * It should be checked into source control and tracked carefully.
-+ * Re-generate by setting TAP_SNAPSHOT=1 and running tests.
-+ * Make sure to inspect the output below.  Do not ignore changes!
-+ */
-+'use strict'
-+exports[`test/lib/utils/validate-lockfile.js TAP extra inventory items on idealTree > should have missing entries error 1`] = `
-+Array [
-+  "Missing: baz@3.0.0 from lock file",
-+]
-+`
-+
-+exports[`test/lib/utils/validate-lockfile.js TAP extra inventory items on virtualTree > should have no errors if finding virtualTree extra items 1`] = `
-+Array []
-+`
-+
-+exports[`test/lib/utils/validate-lockfile.js TAP identical inventory for both idealTree and virtualTree > should have no errors on identical inventories 1`] = `
-+Array []
-+`
-+
-+exports[`test/lib/utils/validate-lockfile.js TAP mismatching versions on inventory > should have errors for each mismatching version 1`] = `
-+Array [
-+  "Invalid: lock file's foo@1.0.0 does not satisfy foo@2.0.0",
-+  "Invalid: lock file's bar@2.0.0 does not satisfy bar@3.0.0",
-+]
-+`
-+
-+exports[`test/lib/utils/validate-lockfile.js TAP missing virtualTree inventory > should have errors for each mismatching version 1`] = `
-+Array [
-+  "Missing: foo@1.0.0 from lock file",
-+  "Missing: bar@2.0.0 from lock file",
-+  "Missing: baz@3.0.0 from lock file",
-+]
-+`
-diff --git a/deps/npm/test/lib/commands/ci.js b/deps/npm/test/lib/commands/ci.js
-index 537d078..e077c99 100644
---- a/deps/npm/test/lib/commands/ci.js
-+++ b/deps/npm/test/lib/commands/ci.js
-@@ -19,6 +19,17 @@ t.test('should ignore scripts with --ignore-scripts', async t => {
-       this.reify = () => {
-         REIFY_CALLED = true
-       }
-+      this.buildIdealTree = () => {}
-+      this.virtualTree = {
-+        inventory: new Map([
-+          ['foo', { name: 'foo', version: '1.0.0' }],
-+        ]),
-+      }
-+      this.idealTree = {
-+        inventory: new Map([
-+          ['foo', { name: 'foo', version: '1.0.0' }],
-+        ]),
-+      }
-     },
-   })
- 
-@@ -99,6 +110,17 @@ t.test('should use Arborist and run-script', async t => {
-       this.reify = () => {
-         t.ok(true, 'reify is called')
-       }
-+      this.buildIdealTree = () => {}
-+      this.virtualTree = {
-+        inventory: new Map([
-+          ['foo', { name: 'foo', version: '1.0.0' }],
-+        ]),
-+      }
-+      this.idealTree = {
-+        inventory: new Map([
-+          ['foo', { name: 'foo', version: '1.0.0' }],
-+        ]),
-+      }
-     },
-     rimraf: (path, ...args) => {
-       actualRimrafs++
-@@ -138,6 +160,17 @@ t.test('should pass flatOptions to Arborist.reify', async t => {
-       this.reify = async (options) => {
-         t.equal(options.production, true, 'should pass flatOptions to Arborist.reify')
-       }
-+      this.buildIdealTree = () => {}
-+      this.virtualTree = {
-+        inventory: new Map([
-+          ['foo', { name: 'foo', version: '1.0.0' }],
-+        ]),
-+      }
-+      this.idealTree = {
-+        inventory: new Map([
-+          ['foo', { name: 'foo', version: '1.0.0' }],
-+        ]),
-+      }
-     },
-   })
-   const npm = mockNpm({
-@@ -218,6 +251,17 @@ t.test('should remove existing node_modules before installing', async t => {
-         const nodeModules = contents.filter((path) => path.startsWith('node_modules'))
-         t.same(nodeModules, ['node_modules'], 'should only have the node_modules directory')
-       }
-+      this.buildIdealTree = () => {}
-+      this.virtualTree = {
-+        inventory: new Map([
-+          ['foo', { name: 'foo', version: '1.0.0' }],
-+        ]),
-+      }
-+      this.idealTree = {
-+        inventory: new Map([
-+          ['foo', { name: 'foo', version: '1.0.0' }],
-+        ]),
-+      }
-     },
-   })
- 
-@@ -231,3 +275,41 @@ t.test('should remove existing node_modules before installing', async t => {
- 
-   await ci.exec(null)
- })
-+
-+t.test('should throw error when ideal inventory mismatches virtual', async t => {
-+  const CI = t.mock('../../../lib/commands/ci.js', {
-+    '../../../lib/utils/reify-finish.js': async () => {},
-+    '@npmcli/run-script': ({ event }) => {},
-+    '@npmcli/arborist': function () {
-+      this.loadVirtual = async () => {}
-+      this.reify = () => {}
-+      this.buildIdealTree = () => {}
-+      this.virtualTree = {
-+        inventory: new Map([
-+          ['foo', { name: 'foo', version: '1.0.0' }],
-+        ]),
-+      }
-+      this.idealTree = {
-+        inventory: new Map([
-+          ['foo', { name: 'foo', version: '2.0.0' }],
-+        ]),
-+      }
-+    },
-+  })
-+
-+  const npm = mockNpm({
-+    globalDir: 'path/to/node_modules/',
-+    prefix: 'foo',
-+    config: {
-+      global: false,
-+      'ignore-scripts': true,
-+    },
-+  })
-+  const ci = new CI(npm)
-+
-+  try {
-+    await ci.exec([])
-+  } catch (err) {
-+    t.matchSnapshot(err.message)
-+  }
-+})
-diff --git a/deps/npm/test/lib/utils/validate-lockfile.js b/deps/npm/test/lib/utils/validate-lockfile.js
-new file mode 100644
-index 0000000..25939c5
---- /dev/null
-+++ b/deps/npm/test/lib/utils/validate-lockfile.js
-@@ -0,0 +1,82 @@
-+const t = require('tap')
-+const validateLockfile = require('../../../lib/utils/validate-lockfile.js')
-+
-+t.test('identical inventory for both idealTree and virtualTree', async t => {
-+  t.matchSnapshot(
-+    validateLockfile(
-+      new Map([
-+        ['foo', { name: 'foo', version: '1.0.0' }],
-+        ['bar', { name: 'bar', version: '2.0.0' }],
-+      ]),
-+      new Map([
-+        ['foo', { name: 'foo', version: '1.0.0' }],
-+        ['bar', { name: 'bar', version: '2.0.0' }],
-+      ])
-+    ),
-+    'should have no errors on identical inventories'
-+  )
-+})
-+
-+t.test('extra inventory items on idealTree', async t => {
-+  t.matchSnapshot(
-+    validateLockfile(
-+      new Map([
-+        ['foo', { name: 'foo', version: '1.0.0' }],
-+        ['bar', { name: 'bar', version: '2.0.0' }],
-+      ]),
-+      new Map([
-+        ['foo', { name: 'foo', version: '1.0.0' }],
-+        ['bar', { name: 'bar', version: '2.0.0' }],
-+        ['baz', { name: 'baz', version: '3.0.0' }],
-+      ])
-+    ),
-+    'should have missing entries error'
-+  )
-+})
-+
-+t.test('extra inventory items on virtualTree', async t => {
-+  t.matchSnapshot(
-+    validateLockfile(
-+      new Map([
-+        ['foo', { name: 'foo', version: '1.0.0' }],
-+        ['bar', { name: 'bar', version: '2.0.0' }],
-+        ['baz', { name: 'baz', version: '3.0.0' }],
-+      ]),
-+      new Map([
-+        ['foo', { name: 'foo', version: '1.0.0' }],
-+        ['bar', { name: 'bar', version: '2.0.0' }],
-+      ])
-+    ),
-+    'should have no errors if finding virtualTree extra items'
-+  )
-+})
-+
-+t.test('mismatching versions on inventory', async t => {
-+  t.matchSnapshot(
-+    validateLockfile(
-+      new Map([
-+        ['foo', { name: 'foo', version: '1.0.0' }],
-+        ['bar', { name: 'bar', version: '2.0.0' }],
-+      ]),
-+      new Map([
-+        ['foo', { name: 'foo', version: '2.0.0' }],
-+        ['bar', { name: 'bar', version: '3.0.0' }],
-+      ])
-+    ),
-+    'should have errors for each mismatching version'
-+  )
-+})
-+
-+t.test('missing virtualTree inventory', async t => {
-+  t.matchSnapshot(
-+    validateLockfile(
-+      new Map([]),
-+      new Map([
-+        ['foo', { name: 'foo', version: '1.0.0' }],
-+        ['bar', { name: 'bar', version: '2.0.0' }],
-+        ['baz', { name: 'baz', version: '3.0.0' }],
-+      ])
-+    ),
-+    'should have errors for each mismatching version'
-+  )
-+})
--- 
-2.35.1
-
diff --git a/SPECS/nodejs.spec b/SPECS/nodejs.spec
index ed02cca..b2ebdbf 100644
--- a/SPECS/nodejs.spec
+++ b/SPECS/nodejs.spec
@@ -1,9 +1,9 @@
-%global with_debug 0
+%bcond_with debug
 
 # PowerPC, s390x and aarch64 segfault during Debug builds
 # https://github.com/nodejs/node/issues/20642
 %ifarch %{power64} s390x aarch64
-%global with_debug 0
+%bcond_with debug
 %endif
 
 # The following macros control the usage of dependencies bundled from upstream.
@@ -30,7 +30,7 @@
 # This is used by both the nodejs package and the npm subpackage that
 # has a separate version - the name is special so that rpmdev-bumpspec
 # will bump this rather than adding .1 to the end.
-%global baserelease 5
+%global baserelease 3
 
 %{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
 
@@ -41,7 +41,7 @@
 # than a Fedora release lifecycle.
 %global nodejs_epoch 1
 %global nodejs_major 16
-%global nodejs_minor 14
+%global nodejs_minor 16
 %global nodejs_patch 0
 %global nodejs_abi %{nodejs_major}.%{nodejs_minor}
 # nodejs_soversion - from NODE_MODULE_VERSION in src/node_version.h
@@ -74,7 +74,7 @@
 # llhttp - from deps/llhttp/include/llhttp.h
 %global llhttp_major 6
 %global llhttp_minor 0
-%global llhttp_patch 4
+%global llhttp_patch 7
 %global llhttp_version %{llhttp_major}.%{llhttp_minor}.%{llhttp_patch}
 
 # libuv - from deps/uv/include/uv/version.h
@@ -85,8 +85,8 @@
 
 # nghttp2 - from deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
 %global nghttp2_major 1
-%global nghttp2_minor 45
-%global nghttp2_patch 1
+%global nghttp2_minor 47
+%global nghttp2_patch 0
 %global nghttp2_version %{nghttp2_major}.%{nghttp2_minor}.%{nghttp2_patch}
 
 # nghttp3 - from deps/ngtcp2/nghttp3/lib/includes/nghttp3/version.h
@@ -134,8 +134,8 @@
 # npm - from deps/npm/package.json
 %global npm_epoch 1
 %global npm_major 8
-%global npm_minor 3
-%global npm_patch 1
+%global npm_minor 11
+%global npm_patch 0
 %global npm_version %{npm_major}.%{npm_minor}.%{npm_patch}
 
 # uvwasi - from deps/uvwasi/include/uvwasi.h
@@ -156,8 +156,6 @@
 # base npm version number is increasing.
 %global npm_release %{nodejs_epoch}.%{nodejs_major}.%{nodejs_minor}.%{nodejs_patch}.%{nodejs_release}
 
-# Node.js 16.9.1 and later comes with an experimental package management tool
-%global corepack_version 0.10.0
 
 Name: nodejs
 Epoch: %{nodejs_epoch}
@@ -187,9 +185,6 @@ Source7: nodejs_native.attr
 # Disable running gyp on bundled deps we don't use
 Patch1: 0001-Disable-running-gyp-on-shared-deps.patch
 
-# CVE-2021-43616
-Patch2: 0001-fix-ci-lock-file-validation.patch
-
 BuildRequires: make
 BuildRequires: python3-devel
 BuildRequires: zlib-devel
@@ -281,7 +276,6 @@ Provides: bundled(icu) = %{icu_version}
 # or there's no option to built it as a shared dependency, so we bundle them
 Provides: bundled(uvwasi) = %{uvwasi_version}
 Provides: bundled(histogram) = %{histogram_version}
-Provides: bundled(corepack) = %{corepack_version}
 
 # Make sure we keep NPM up to date when we update Node.js
 %if 0%{?rhel} < 8
@@ -397,6 +391,7 @@ export CXX='g++'
 # build with debugging symbols and add defines from libuv (#892601)
 # Node's v8 breaks with GCC 6 because of incorrect usage of methods on
 # NULL objects. We need to pass -fno-delete-null-pointer-checks
+
 extra_cflags=(
     -D_LARGEFILE_SOURCE
     -D_FILE_OFFSET_BITS=64
@@ -412,13 +407,14 @@ export LDFLAGS="%{build_ldflags}"
            --shared-brotli \
            %{!?with_bundled:--shared-libuv} \
            %{!?with_bundled:--shared-nghttp2} \
-           --with-dtrace \
+           %{?with_bundled:--without-dtrace}%{!?with_bundled:--with-dtrace} \
            --with-intl=small-icu \
            --with-icu-default-data-dir=%{icudatadir} \
+           --without-corepack \
            --openssl-use-def-ca-store \
            --openssl-default-cipher-list=PROFILE=SYSTEM
 
-%if %{?with_debug} == 1
+%if %{with debug}
 # Setting BUILDTYPE=Debug builds both release and debug binaries
 make BUILDTYPE=Debug %{?_smp_mflags}
 %else
@@ -464,7 +460,7 @@ rm -rf %{buildroot}
 chmod 0755 %{buildroot}/%{_bindir}/node
 chrpath --delete %{buildroot}%{_bindir}/node
 
-%if %{?with_debug} == 1
+%if %{with debug}
 # Install the debug binary and set its permissions
 install -Dpm0755 out/Debug/node %{buildroot}/%{_bindir}/node_g
 %endif
@@ -526,11 +522,6 @@ find %{buildroot}%{_prefix}/lib/node_modules/npm \
 chmod 0755 %{buildroot}%{_prefix}/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin/node-gyp
 chmod 0755 %{buildroot}%{_prefix}/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js
 
-# Corepack contains a number of executable"shims", including some for Windows
-# PowerShell. Drop the executable bit for those so we don't pick up an
-# automatic dependency on /usr/bin/pwsh that we cannot satisfy.
-chmod -x %{buildroot}%{_prefix}/lib/node_modules/corepack/shims/*.ps1
-
 # Drop the NPM default configuration in place
 mkdir -p %{buildroot}%{_sysconfdir}
 cp %{SOURCE1} %{buildroot}%{_sysconfdir}/npmrc
@@ -554,7 +545,6 @@ install -Dpm0644 -t %{buildroot}%{icudatadir} deps/icu/source/converted/*
 %{buildroot}/%{_bindir}/node -e "require(\"assert\").equal(require(\"punycode\").version, '%{punycode_version}')"
 
 # Ensure we have npm and that the version matches
-# NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/node_modules/npm/node_modules %{buildroot}/%{_bindir}/node -e "require(\"assert\").equal(require(\"npm\").version, '%{npm_version}')"
 NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/node_modules/npm/node_modules %{buildroot}/%{_bindir}/node -e "require(\"assert\").equal(JSON.parse(require(\"fs\").readFileSync(\"%{buildroot}%{_prefix}/lib/node_modules/npm/package.json\")).version, '%{npm_version}')"
 
 # Make sure i18n support is working
@@ -633,12 +623,10 @@ end
 %dir %{_datadir}/systemtap/tapset
 %{_datadir}/systemtap/tapset/node.stp
 
-# corepack
-%{_bindir}/corepack
-%{_prefix}/lib/node_modules/corepack
-
+%if %{without bundled}
 %dir %{_usr}/lib/dtrace
 %{_usr}/lib/dtrace/node.d
+%endif
 
 %{_rpmconfigdir}/fileattrs/nodejs_native.attr
 %{_rpmconfigdir}/nodejs_native.req
@@ -648,9 +636,7 @@ end
 
 
 %files devel
-%if %{?with_debug} == 1
-%{_bindir}/node_g
-%endif
+%{?with_debug:%{_bindir}/node_g}
 %{_includedir}/node
 %{_datadir}/node/common.gypi
 %{_pkgdocdir}/gdbinit
@@ -695,15 +681,24 @@ end
 
 
 %changelog
-* Mon Apr 25 2022 Jan Staněk <jstanek@redhat.com> - 1:16.14.0-5
-- Unify configure calls into single command
-- Refactor bootstrap-related parts
-- Decouple dependency bundling from bootstrapping
+* Fri Aug 05 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.16.0-3
+- Fix build
+- Resolves: RHBZ#2111416
+
+* Fri Aug 05 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.16.0-2
+- Refactor spec
+- Resolves: RHBZ#2111416
+
+* Tue Jul 26 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.16.0-1
+- Rebase to latest version
+- Resolves: RHBZ#2106369
+- CVE fixes for CVE-2022-32212/3/4/5
+- Resolves: #2109578, #2109581, #2109584, #2109588
 
 * Mon Apr 11 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.14.0-4
 - Apply lock file validation fixes
-- Resolves: CVE-2021-43616
-- Resolves: RHBZ#2070013
+- Resolves CVE-2021-43616
+- Resolves: RHBZ#2070012
 
 * Mon Dec 06 2021 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.13.1-3
 - Resolves: RHBZ#2026329