Nodejs/node - node - Alpaca Bi's Private Git Pepository

mirror of https://github.com/nodejs/node.git synced 2024-11-21 10:59:27 +00:00

Author	SHA1	Message	Date
Rich Trott	571e0b1b3f	doc: final round of markdown format changes Once the README and find-inactive-collaborators.mjs changes land here, we can introduce markdown formatting as a step in the toolchain somewhere. Before this lands, https://github.com/nodejs/node-core-utils/pull/578 will need to land and be included in a node-core-utils release. PR-URL: https://github.com/nodejs/node/pull/40645 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com>	2021-10-31 09:36:02 -07:00
Richard Lau	506f7de440	2021-10-26, Version 16.13.0 'Gallium' (LTS) Notable changes: This release marks the transition of Node.js 16.x into Long Term Support (LTS) with the codename 'Gallium'. The 16.x release line now moves into "Active LTS" and will remain so until October 2022. After that time, it will move into "Maintenance" until end of life in April 2024. PR-URL: https://github.com/nodejs/node/pull/40536	2021-10-26 12:11:04 -04:00
Luigi Pinca	b88de12bfb	doc: fix typo in changelogs Fix typo in v12.22.7, v14.18.1, and v16.11.1 changelogs. PR-URL: https://github.com/nodejs/node/pull/40585 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Voltrex <mohammadkeyvanzade94@gmail.com>	2021-10-25 16:26:12 +00:00
Michaël Zasso	73b2d3bc41	2021-10-20, Version 17.0.1 (Current) Notable changes: Fixed distribution for native addon builds This release fixes an issue introduced in Node.js v17.0.0, where some V8 headers were missing from the distributed tarball, making it impossible to build native addons. These headers are now included. https://github.com/nodejs/node/pull/40526 Fixed stream issues * Fixed a regression in `stream.promises.pipeline`, which was introduced in version 16.10.0, is fixed. It is now possible again to pass an array of streams to the function. https://github.com/nodejs/node/pull/40193 * Fixed a bug in `stream.Duplex.from`, which didn't work properly when an async generator function was passed to it. https://github.com/nodejs/node/pull/40499 PR-URL: https://github.com/nodejs/node/pull/40535	2021-10-20 22:18:46 +02:00
Richard Lau	7ed303beba	2021-10-20, Version 16.12.0 (Current) Notable Changes: Experimental ESM Loader Hooks API: Node.js ESM Loader hooks have been consolidated to represent the steps involved needed to facilitate future loader chaining: 1. `resolve`: `resolve` [+ `getFormat`] 2. `load`: `getFormat` + `getSource` + `transformSource` For consistency, `getGlobalPreloadCode` has been renamed to `globalPreload`. A loader exporting obsolete hook(s) will trigger a single deprecation warning (per loader) listing the errant hooks. Contributed by Jacob Smith, Geoffrey Booth, and Bradley Farias - https://github.com/nodejs/node/pull/37468 Other Notable Changes: deps: * upgrade npm to 8.1.0 (npm team) https://github.com/nodejs/node/pull/40463 doc: * deprecate (doc-only) http abort related (dr-js) https://github.com/nodejs/node/pull/36670 vm: * (SEMVER-MINOR) add support for import assertions in dynamic imports (Antoine du Hamel) https://github.com/nodejs/node/pull/40249 PR-URL: https://github.com/nodejs/node/pull/40504	2021-10-20 10:40:02 -04:00
Beth Griggs	d6c3a10757	2021-10-19, Version 17.0.0 (Current) Notable Changes: Deprecations and Removals: - (SEMVER-MAJOR) dns: runtime deprecate type coercion of `dns.lookup` options (Antoine du Hamel) [https://github.com/nodejs/node/pull/39793] - doc: deprecate (doc-only) http abort related (dr-js) [https://github.com/nodejs/node/pull/36670] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) [https://github.com/nodejs/node/pull/40121] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (Guy Bedford) [https://github.com/nodejs/node/pull/40117] OpenSSL 3.0: Node.js now includes OpenSSL 3.0, specifically https://github.com/quictls/openssl which provides QUIC support. While OpenSSL 3.0 APIs should be mostly compatible with those provided by OpenSSL 1.1.1, we do anticipate some ecosystem impact due to tightened restrictions on the allowed algorithms and key sizes. If you hit an `ERR_OSSL_EVP_UNSUPPORTED` error in your application with Node.js 17, it’s likely that your application or a module you’re using is attempting to use an algorithm or key size which is no longer allowed by default with OpenSSL 3.0. A command-line option, `--openssl-legacy-provider`, has been added to revert to the legacy provider as a temporary workaround for these tightened restrictions. For details about all the features in OpenSSL 3.0 please see https://www.openssl.org/blog/blog/2021/09/07/OpenSSL3.Final. (Daniel Bevenius) [https://github.com/nodejs/node/pull/38512] Contributed in https://github.com/nodejs/node/pull/38512, https://github.com/nodejs/node/pull/40478 V8 9.5: The V8 JavaScript engine is updated to V8 9.5. This release comes with additional supported types for the `Intl.DisplayNames` API and Extended `timeZoneName` options in the `Intl.DateTimeFormat` API. You can read more details in the V8 9.5 release post https://v8.dev/blog/v8-release-95. (Michaël Zasso) [https://github.com/nodejs/node/pull/40178] Readline Promise API: The `readline` module provides an interface for reading data from a Readable stream (such as `process.stdin`) one line at a time. (Antoine du Hamel) [https://github.com/nodejs/node/pull/37947] Other Notable Changes: - (SEMVER-MAJOR) dns: default to verbatim=true in dns.lookup() (treysis) [https://github.com/nodejs/node/pull/39987] - (SEMVER-MAJOR) errors: print Node.js version on fatal exceptions that cause exit (Divlo) [https://github.com/nodejs/node/pull/38332] - deps: upgrade npm to 8.1.0 (npm team) [https://github.com/nodejs/node/pull/40463] - (SEMVER-MINOR) fs: add FileHandle.prototype.readableWebStream() (James M Snell) [https://github.com/nodejs/node/pull/39331] - (SEMVER-MAJOR) lib: add structuredClone() global (Ethan Arrowood) [https://github.com/nodejs/node/pull/39759] - (SEMVER-MAJOR) lib: expose `DOMException` as global (Khaidi Chu) [https://github.com/nodejs/node/pull/39176] - (SEMVER-MAJOR) stream: finished should error on errored stream (Robert Nagy) [https://github.com/nodejs/node/pull/39235] Semver-Major Commits: - (SEMVER-MAJOR) build: compile with C++17 (MSVC) (Richard Lau) [https://github.com/nodejs/node/pull/38807] - (SEMVER-MAJOR) build: compile with --gnu++17 (Richard Lau) [https://github.com/nodejs/node/pull/38807] - (SEMVER-MAJOR) deps: update V8 to 9.5.172.19 (Michaël Zasso) [https://github.com/nodejs/node/pull/40178] - (SEMVER-MAJOR) deps,test,src,doc,tools: update to OpenSSL 3.0 (Daniel Bevenius) [https://github.com/nodejs/node/pull/38512] - (SEMVER-MAJOR) dgram: tighten `address` validation in `socket.send` (Voltrex) [https://github.com/nodejs/node/pull/39190] - (SEMVER-MAJOR) dns: runtime deprecate type coercion of `dns.lookup` options (Antoine du Hamel) [https://github.com/nodejs/node/pull/39793] - (SEMVER-MAJOR) dns: default to verbatim=true in dns.lookup() (treysis) [https://github.com/nodejs/node/pull/39987] - (SEMVER-MAJOR) doc: update minimum supported FreeBSD to 12.2 (Michaël Zasso) [https://github.com/nodejs/node/pull/40179] - (SEMVER-MAJOR) errors: disp ver on fatal except that causes exit (Divlo) [https://github.com/nodejs/node/pull/38332] - (SEMVER-MAJOR) fs: fix rmsync error swallowing (Nitzan Uziely) [https://github.com/nodejs/node/pull/38684] - (SEMVER-MAJOR) fs: aggregate errors in fsPromises to avoid error swallowing (Nitzan Uziely) [https://github.com/nodejs/node/pull/38259] - (SEMVER-MAJOR) lib: add structuredClone() global (Ethan Arrowood) [https://github.com/nodejs/node/pull/39759] - (SEMVER-MAJOR) lib: expose `DOMException` as global (Khaidi Chu) [https://github.com/nodejs/node/pull/39176] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) [https://github.com/nodejs/node/pull/40121] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (Guy Bedford) [https://github.com/nodejs/node/pull/40117] - (SEMVER-MAJOR) readline: validate `AbortSignal`s and remove unused event listeners (Antoine du Hamel) [https://github.com/nodejs/node/pull/37947] - (SEMVER-MAJOR) readline: introduce promise-based API (Antoine du Hamel) [https://github.com/nodejs/node/pull/37947] - (SEMVER-MAJOR) readline: refactor `Interface` to ES2015 class (Antoine du Hamel) [https://github.com/nodejs/node/pull/37947] - (SEMVER-MAJOR) src: allow CAP\_NET\_BIND\_SERVICE in SafeGetenv (Daniel Bevenius) [https://github.com/nodejs/node/pull/37727] - (SEMVER-MAJOR) src: return Maybe from a couple of functions (Darshan Sen) [https://github.com/nodejs/node/pull/39603] - (SEMVER-MAJOR) src: allow custom PageAllocator in NodePlatform (Shelley Vohr) [https://github.com/nodejs/node/pull/38362] - (SEMVER-MAJOR) stream: fix highwatermark threshold and add the missing error (Rongjian Zhang) [https://github.com/nodejs/node/pull/38700] - (SEMVER-MAJOR) stream: don't emit 'data' after 'error' or 'close' (Robert Nagy) [https://github.com/nodejs/node/pull/39639] - (SEMVER-MAJOR) stream: do not emit `end` on readable error (Szymon Marczak) [https://github.com/nodejs/node/pull/39607] - (SEMVER-MAJOR) stream: forward errored to callback (Robert Nagy) [https://github.com/nodejs/node/pull/39364] - (SEMVER-MAJOR) stream: destroy readable on read error (Robert Nagy) [https://github.com/nodejs/node/pull/39342] - (SEMVER-MAJOR) stream: validate abort signal (Robert Nagy) [https://github.com/nodejs/node/pull/39346] - (SEMVER-MAJOR) stream: unify stream utils (Robert Nagy) [https://github.com/nodejs/node/pull/39294] - (SEMVER-MAJOR) stream: throw on premature close in Readable\ (Darshan Sen) [https://github.com/nodejs/node/pull/39117] - (SEMVER-MAJOR) stream: finished should error on errored stream (Robert Nagy) [https://github.com/nodejs/node/pull/39235] - (SEMVER-MAJOR) stream: error Duplex write/read if not writable/readable (Robert Nagy) [https://github.com/nodejs/node/pull/34385] - (SEMVER-MAJOR) stream: bypass legacy destroy for pipeline and async iteration (Robert Nagy) [https://github.com/nodejs/node/pull/38505] - (SEMVER-MAJOR) url: throw invalid this on detached accessors (James M Snell) [https://github.com/nodejs/node/pull/39752] - (SEMVER-MAJOR) url: forbid certain confusable changes from being introduced by toASCII (Timothy Gu) [https://github.com/nodejs/node/pull/38631] PR-URL: https://github.com/nodejs/node/pull/40119	2021-10-19 16:12:20 +01:00
Danielle Adams	9fcc84d048	2021-10-12, Version 16.11.1 (Current) This is a security release. Notable Changes: * CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium) * The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details are available at: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959 * CVE-2021-22960: HTTP Request Smuggling when parsing the body (Medium) * The parse ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions. More details are available at: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960 PR-URL: https://github.com/nodejs-private/node-private/pull/293	2021-10-12 11:16:57 -04:00
Danielle Adams	df3b4cc90f	2021-10-12, Version 14.18.1 'Fermium' (LTS) This is a security release. Notable Changes: * CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium) * The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details are available at: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959 * CVE-2021-22960: HTTP Request Smuggling when parsing the body (Medium) * The parse ignores chunk extensions when parsing the body of chunked requests. requests. This leads to HTTP Request Smuggling (HRS) under certain conditions. More details are available at: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960 PR-URL: https://github.com/nodejs-private/node-private/pull/294	2021-10-12 11:15:04 -04:00
Danielle Adams	52b613abf4	2021-10-12, Version 12.22.7 'Erbium' (LTS) This is a security release. Notable changes: * CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium) * The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details are available at: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22959 * CVE-2021-22960: HTTP Request Smuggling when parsing the body (Medium) * The parse ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions. More details are available at: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22960 PR-URL: https://github.com/nodejs-private/node-private/pull/295	2021-10-12 11:12:20 -04:00
Rich Trott	40db88b7b5	doc: format changelogs Use the format-md task to format changelogs. PR-URL: https://github.com/nodejs/node/pull/40388 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>	2021-10-11 17:45:09 +00:00
Danielle Adams	879ff775d0	2021-10-08, Version 16.11.0 (Current) Notable changes: * crypto: * update root certificates (Richard Lau) https://github.com/nodejs/node/pull/40280 * deps: * upgrade npm to 8.0.0 (npm team) https://github.com/nodejs/node/pull/40369 * update `nghttp2` to v1.45.1 (thunder-coding) https://github.com/nodejs/node/pull/40206 * update V8 to 9.4.146.19 (Michaël Zasso) https://github.com/nodejs/node/pull/40285 * tools: * update certdata.txt (Richard Lau) https://github.com/nodejs/node/pull/40280 PR-URL: https://github.com/nodejs/node/pull/40319	2021-10-08 13:06:10 -04:00
Michaël Zasso	658612b823	doc: fix CVE-2021-22940 references Fixes: https://github.com/nodejs/node/issues/40306 PR-URL: https://github.com/nodejs/node/pull/40308 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Beth Griggs <bgriggs@redhat.com> Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>	2021-10-05 03:44:04 +00:00
Michaël Zasso	d9ebc04e9b	2021-09-28, Version 14.18.0 'Fermium' (LTS) Notable changes: assert: * change status of legacy asserts (James M Snell) https://github.com/nodejs/node/pull/38113 buffer: * (SEMVER-MINOR) introduce Blob (James M Snell) https://github.com/nodejs/node/pull/36811 * (SEMVER-MINOR) add base64url encoding option (Filip Skokan) https://github.com/nodejs/node/pull/36952 child_process: * (SEMVER-MINOR) allow `options.cwd` receive a URL (Khaidi Chu) https://github.com/nodejs/node/pull/38862 * (SEMVER-MINOR) add timeout to spawn and fork (Nitzan Uziely) https://github.com/nodejs/node/pull/37256 * (SEMVER-MINOR) allow promisified exec to be cancel (Carlos Fuentes) https://github.com/nodejs/node/pull/34249 * (SEMVER-MINOR) add 'overlapped' stdio flag (Thiago Padilha) https://github.com/nodejs/node/pull/29412 cli: * (SEMVER-MINOR) add -C alias for --conditions flag (Guy Bedford) https://github.com/nodejs/node/pull/38755 * (SEMVER-MINOR) add --node-memory-debug option (Anna Henningsen) https://github.com/nodejs/node/pull/35537 dns: * (SEMVER-MINOR) add "tries" option to Resolve options (Luan Devecchi) https://github.com/nodejs/node/pull/39610 * (SEMVER-MINOR) allow `--dns-result-order` to change default dns verbatim (Ouyang Yadong) https://github.com/nodejs/node/pull/38099 doc: * (SEMVER-MINOR) add missing change to resolver ctor (Luan Devecchi) https://github.com/nodejs/node/pull/39610 * refactor fs docs structure (James M Snell) https://github.com/nodejs/node/pull/37170 errors: * (SEMVER-MINOR) remove experimental from --enable-source-maps (Benjamin Coe) https://github.com/nodejs/node/pull/37362 esm: * deprecate legacy main lookup for modules (Guy Bedford) https://github.com/nodejs/node/pull/36918 fs: * (SEMVER-MINOR) allow empty string for temp directory prefix (Voltrex) https://github.com/nodejs/node/pull/39028 * (SEMVER-MINOR) allow no-params fsPromises fileHandle read (Nitzan Uziely) https://github.com/nodejs/node/pull/38287 * (SEMVER-MINOR) add support for async iterators to `fsPromises.writeFile` (HiroyukiYagihashi) https://github.com/nodejs/node/pull/37490 * improve fsPromises readFile performance (Nitzan Uziely) https://github.com/nodejs/node/pull/37608 * (SEMVER-MINOR) add fsPromises.watch() (James M Snell) https://github.com/nodejs/node/pull/37179 * (SEMVER-MINOR) allow `position` parameter to be a `BigInt` in read and readSync (Darshan Sen) https://github.com/nodejs/node/pull/36190 http2: * (SEMVER-MINOR) add support for sensitive headers (Anna Henningsen) https://github.com/nodejs/node/pull/34145 * (SEMVER-MINOR) allow setting the local window size of a session (Yongsheng Zhang) https://github.com/nodejs/node/pull/35978 inspector: * mark as stable (Gireesh Punathil) https://github.com/nodejs/node/pull/37748 module: * (SEMVER-MINOR) add support for `URL` to `import.meta.resolve` (Antoine du Hamel) https://github.com/nodejs/node/pull/38587 * (SEMVER-MINOR) add support for `node:`‑prefixed `require(…)` calls (ExE Boss) https://github.com/nodejs/node/pull/37246 net: * (SEMVER-MINOR) introduce net.BlockList (James M Snell) https://github.com/nodejs/node/pull/34625 node-api: * (SEMVER-MINOR) allow retrieval of add-on file name (Gabriel Schulhof) https://github.com/nodejs/node/pull/37195 os: * (SEMVER-MINOR) add os.devNull (Luigi Pinca) https://github.com/nodejs/node/pull/38569 perf_hooks: * (SEMVER-MINOR) introduce createHistogram (James M Snell) https://github.com/nodejs/node/pull/37155 process: * (SEMVER-MINOR) add api to enable source-maps programmatically (legendecas) https://github.com/nodejs/node/pull/39085 * (SEMVER-MINOR) add `'worker'` event (James M Snell) https://github.com/nodejs/node/pull/38659 * (SEMVER-MINOR) add direct access to rss without iterating pages (Adrien Maret) https://github.com/nodejs/node/pull/34291 readline: * (SEMVER-MINOR) add AbortSignal support to interface (Nitzan Uziely) https://github.com/nodejs/node/pull/37932 * (SEMVER-MINOR) add support for the AbortController to the question method (Mattias Runge-Broberg) https://github.com/nodejs/node/pull/33676 * (SEMVER-MINOR) add history event and option to set initial history (Mattias Runge-Broberg) https://github.com/nodejs/node/pull/33662 repl: * (SEMVER-MINOR) add auto‑completion for `node:`‑prefixed `require(…)` calls (ExE Boss) https://github.com/nodejs/node/pull/37246 src: * (SEMVER-MINOR) call overload ctor from the original ctor (Darshan Sen) https://github.com/nodejs/node/pull/39768 * (SEMVER-MINOR) add a constructor overload for CallbackScope (Darshan Sen) https://github.com/nodejs/node/pull/39768 * (SEMVER-MINOR) allow to negate boolean CLI flags (Michaël Zasso) https://github.com/nodejs/node/pull/39023 * (SEMVER-MINOR) add --heapsnapshot-near-heap-limit option (Joyee Cheung) https://github.com/nodejs/node/pull/33010 * (SEMVER-MINOR) add way to get IsolateData and allocator from Environment (Anna Henningsen) https://github.com/nodejs/node/pull/36441 * (SEMVER-MINOR) allow preventing SetPrepareStackTraceCallback (Shelley Vohr) https://github.com/nodejs/node/pull/36447 * (SEMVER-MINOR) add maybe versions of EmitExit and EmitBeforeExit (Anna Henningsen) https://github.com/nodejs/node/pull/35486 stream: * (SEMVER-MINOR) add readableDidRead if has been read from (Robert Nagy) https://github.com/nodejs/node/pull/39589 * (SEMVER-MINOR) pipeline accept Buffer as a valid first argument (Nitzan Uziely) https://github.com/nodejs/node/pull/37739 tls: * (SEMVER-MINOR) allow reading data into a static buffer (Andrey Pechkurov) https://github.com/nodejs/node/pull/35753 tools: * (SEMVER-MINOR) add `Worker` to type-parser (James M Snell) https://github.com/nodejs/node/pull/38659 url: * (SEMVER-MINOR) expose urlToHttpOptions utility (Yongsheng Zhang) https://github.com/nodejs/node/pull/35960 util: * (SEMVER-MINOR) expose toUSVString (Robert Nagy) https://github.com/nodejs/node/pull/39814 v8: * (SEMVER-MINOR) implement v8.stopCoverage() (Joyee Cheung) https://github.com/nodejs/node/pull/33807 * (SEMVER-MINOR) implement v8.takeCoverage() (Joyee Cheung) https://github.com/nodejs/node/pull/33807 worker: * (SEMVER-MINOR) add setEnvironmentData/getEnvironmentData (James M Snell) https://github.com/nodejs/node/pull/37486 PR-URL: https://github.com/nodejs/node/pull/39990	2021-09-28 13:27:26 +02:00
Beth Griggs	8d5675e3fe	2021-09-22, Version 16.10.0 (Current) Notable changes: crypto: * (SEMVER-MINOR) add rsa-pss keygen parameters (Filip Skokan) https://github.com/nodejs/node/pull/39927 doc: * add Ayase-252 to collaborators (Qingyu Deng) https://github.com/nodejs/node/pull/40078 fs: * (SEMVER-MINOR) make `open` and `close` stream override optional when unused (Antoine du Hamel) https://github.com/nodejs/node/pull/40013 http: * (SEMVER-MINOR) limit requests per connection (Artur K) https://github.com/nodejs/node/pull/40082 src: * (SEMVER-MINOR) add --no-global-search-paths cli option (Cheng Zhao) https://github.com/nodejs/node/pull/39754 * (SEMVER-MINOR) add option to disable global search paths (Cheng Zhao) https://github.com/nodejs/node/pull/39754 * (SEMVER-MINOR) make napi_create_reference accept symbol (JckXia) https://github.com/nodejs/node/pull/39926 stream: * (SEMVER-MINOR) add signal support to pipeline generators (Robert Nagy) https://github.com/nodejs/node/pull/39067 PR-URL: https://github.com/nodejs/node/pull/40175	2021-09-22 21:38:17 +01:00
Rich Trott	0991dfcece	doc: add blank line between comments Upcoming remark-based formatting/linting will add a blank line between comments in markdown. This is in preparation for that change. PR-URL: https://github.com/nodejs/node/pull/40160 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>	2021-09-21 18:40:04 -07:00
Richard Lau	1b335d41a4	2021-09-10, Version 16.9.1 (Current) Notable changes: This release fixes a regression introduced by the V8 9.3 update in Node.js 16.9.0. PR-URL: https://github.com/nodejs/node/issues/40069	2021-09-10 15:34:48 -04:00
Michaël Zasso	6211d9358d	2021-09-07, Version 16.9.0 (Current) Notable changes: crypto: * (SEMVER-MINOR) add RSA-PSS params to asymmetricKeyDetails (Tobias Nießen) https://github.com/nodejs/node/pull/39851 deps: * (SEMVER-MINOR) add corepack (Maël Nison) https://github.com/nodejs/node/pull/39608 * (SEMVER-MINOR) update V8 to 9.3.345.16 (Michaël Zasso) https://github.com/nodejs/node/pull/39947 module: * (SEMVER-MINOR) support pattern trailers (Guy Bedford) https://github.com/nodejs/node/pull/39635 stream: * (SEMVER-MINOR) add stream.compose (Robert Nagy) https://github.com/nodejs/node/pull/39029 PR-URL: https://github.com/nodejs/node/pull/40011	2021-09-07 12:03:33 +02:00
Myles Borins	f172c5ad5b	2021-08-31, Version 14.17.6 'Fermium' (LTS) This is a security release. Notable changes: These are vulnerabilities in the node-tar, arborist, and npm cli modules which are related to the initial reports and subsequent remediation of node-tar vulnerabilities CVE-2021-32803 (https://github.com/advisories/GHSA-r628-mhmh-qjhw) and CVE-2021-32804 (https://github.com/advisories/GHSA-3jfq-g458-7qm9). Subsequent internal security review of node-tar and additional external bounty reports have resulted in another 5 CVE being remediated in core npm CLI dependencies including node-tar, and npm arborist. You can read more about it in: * CVE-2021-37701: https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc * CVE-2021-37712: https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p * CVE-2021-37713: https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh * CVE-2021-39134: https://github.com/npm/arborist/security/advisories/GHSA-2h3h-q99f-3fhc * CVE-2021-39135: https://github.com/npm/arborist/security/advisories/GHSA-gmw6-94gg-2rc2 PR-URL: https://github.com/nodejs-private/node-private/pull/287	2021-08-31 10:56:51 -04:00
Myles Borins	d989186cf2	2021-08-31, Version 12.22.6 'Erbium' (LTS) This is a security release. Notable changes: These are vulnerabilities in the node-tar, arborist, and npm cli modules which are related to the initial reports and subsequent remediation of node-tar vulnerabilities CVE-2021-32803 (https://github.com/advisories/GHSA-r628-mhmh-qjhw) and CVE-2021-32804 (https://github.com/advisories/GHSA-3jfq-g458-7qm9). Subsequent internal security review of node-tar and additional external bounty reports have resulted in another 5 CVE being remediated in core npm CLI dependencies including node-tar, and npm arborist. You can read more about it in: * CVE-2021-37701: https://github.com/npm/node-tar/security/advisories/GHSA-9r2w-394v-53qc * CVE-2021-37712: https://github.com/npm/node-tar/security/advisories/GHSA-qq89-hq3f-393p * CVE-2021-37713: https://github.com/npm/node-tar/security/advisories/GHSA-5955-9wpr-37jh * CVE-2021-39134: https://github.com/npm/arborist/security/advisories/GHSA-2h3h-q99f-3fhc * CVE-2021-39135: https://github.com/npm/arborist/security/advisories/GHSA-gmw6-94gg-2rc2 PR-URL: https://github.com/nodejs-private/node-private/pull/288	2021-08-31 10:55:56 -04:00
Michaël Zasso	31772a4e85	2021-08-25, Version 16.8.0 (Current) Notable changes: doc: * deprecate type coercion for `dns.lookup` options (Antoine du Hamel) https://github.com/nodejs/node/pull/38906 stream: * (SEMVER-MINOR) add `stream.Duplex.from` utility (Robert Nagy) https://github.com/nodejs/node/pull/39519 * (SEMVER-MINOR) add `isDisturbed` helper (Robert Nagy) https://github.com/nodejs/node/pull/39628 util: * (SEMVER-MINOR) expose `toUSVString` (Robert Nagy) https://github.com/nodejs/node/pull/39814 PR-URL: https://github.com/nodejs/node/pull/39875	2021-08-25 22:51:53 +02:00
Danielle Adams	7ca38f05a0	2021-08-17, Version 16.7.0 (Current) Notable changes: * fs: * experimental: add recursive cp method (Benjamin Coe) https://github.com/nodejs/node/pull/39372 PR-URL: https://github.com/nodejs/node/pull/39782	2021-08-17 21:09:13 -04:00
Rich Trott	f42d7a4552	doc: fix malformed changelog entries PR-URL: https://github.com/nodejs/node/pull/39791 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>	2021-08-17 07:49:12 -07:00
Beth Griggs	ea47d83640	2021-08-11, Version 16.6.2 (Current) This is a security release. Notable Changes: - CVE-2021-3672/CVE-2021-22931: Improper handling of untypical characters in domain names (High) - CVE-2021-22930: Use after free on close http2 on stream canceling (High) - CVE-2021-22939: Incomplete validation of rejectUnauthorized parameter (Low) PR-URL: https://github.com/nodejs-private/node-private/pull/280	2021-08-11 16:22:15 +01:00
Beth Griggs	02b145083e	2021-08-11, Version 14.17.5 'Fermium' (LTS) This is a security release. Notable Changes: - CVE-2021-3672/CVE-2021-22931: Improper handling of untypical characters in domain names (High) - CVE-2021-22930: Use after free on close http2 on stream canceling (High) - CVE-2021-22939: Incomplete validation of rejectUnauthorized parameter (Low) PR-URL: https://github.com/nodejs-private/node-private/pull/279	2021-08-11 16:22:15 +01:00
Beth Griggs	e973b55c86	2021-08-11, Version 12.22.5 'Erbium' (LTS) This is a security release. Notable Changes: - CVE-2021-3672/CVE-2021-22931: Improper handling of untypical characters in domain names (High) - CVE-2021-22930: Use after free on close http2 on stream canceling (High) - CVE-2021-22939: Incomplete validation of rejectUnauthorized parameter (Low) PR-URL: https://github.com/nodejs-private/node-private/pull/278	2021-08-11 16:22:15 +01:00
Michaël Zasso	51cd4a8c56	2021-08-03, Version 16.6.1 (Current) Notable changes: * Updated npm to 7.20.3 (npm team) https://github.com/nodejs/node/pull/39579 * Reverted an ABI-breaking change from V8 9.2 that could impact some native modules (Michaël Zasso) https://github.com/nodejs/node/pull/39624 * Fixed a bug in error handling known to affect at least Webpack and Jest (Guy Bedford) https://github.com/nodejs/node/pull/39593 PR-URL: https://github.com/nodejs/node/pull/39631	2021-08-03 10:04:02 +02:00
Jordan Harband	08ef0ae998	doc: add `String.prototype.at` and `%TypedArray%.prototype.at` PR-URL: https://github.com/nodejs/node/pull/39583 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Beth Griggs <bgriggs@redhat.com> Reviewed-By: Ash Cripps <acripps@redhat.com>	2021-07-30 10:52:42 +00:00
Beth Griggs	0e22fa0f3d	2021-07-29, Version 16.6.0 (Current) This is a security release. Notable Changes: - CVE-2021-22930: Use after free on close http2 on stream canceling (High) [#39423](https://github.com/nodejs/node/pull/39423) - (SEMVER-MINOR) deps: update V8 to 9.2.230.21 (Michaël Zasso) [#39470](https://github.com/nodejs/node/pull/39470) - inspector: mark as stable (Gireesh Punathil) [#37748](https://github.com/nodejs/node/pull/37748) - punycode: add pending deprecation (Antoine du Hamel) [#38444](https://github.com/nodejs/node/pull/38444) - (SEMVER-MINOR) repl: enable --experimental-repl-await /w opt-out (hemanth.hm) [#34733](https://github.com/nodejs/node/pull/34733) PR-URL: https://github.com/nodejs/node/pull/39534	2021-07-29 23:52:55 +01:00
Richard Lau	bd33fdfadf	2021-07-29, Version 14.17.4 'Fermium' (LTS) This is a security release. Notable Changes: - CVE-2021-22930: Use after free on close http2 on stream canceling (High) This releases fixes some regressions with internationalization introduced by the ICU updates in Node.js 14.17.0 and 14.17.1. PR-URL: https://github.com/nodejs/node/pull/39466	2021-07-29 12:40:58 -04:00
Richard Lau	9b4199450e	2021-07-29, Version 12.22.4 'Erbium' (LTS) This is a security release. Notable changes: - CVE-2021-22930: Use after free on close http2 on stream canceling (High) PR-URL: https://github.com/nodejs/node/pull/39500	2021-07-29 12:32:23 -04:00
Michaël Zasso	4a9fcb3534	2021-07-14, Version 16.5.0 (Current) Notable changes: deps: * upgrade npm to 7.19.1 (npm team) https://github.com/nodejs/node/pull/39225 fs: * (SEMVER-MINOR) allow empty string for temp directory prefix (Voltrex) https://github.com/nodejs/node/pull/39028 stream: * (SEMVER-MINOR) implement Web Streams API (James M Snell) https://github.com/nodejs/node/pull/39062 PR-URL: https://github.com/nodejs/node/pull/39373	2021-07-14 11:08:26 +02:00
Beth Griggs	70cf0dce4e	2021-07-05, Version 16.4.2 (Current) Notable changes: Node.js 16.4.1 introduced a regression in the Windows installer on non-English locales that is being fixed in this release. There is no need to download this release if you are not using the Windows installer. PR-URL: https://github.com/nodejs/node/pull/39270	2021-07-05 18:23:26 +01:00
Richard Lau	ef3969542d	2021-07-05, Version v14.17.3 'Fermium' (LTS) Notable changes: Node.js 14.17.2 introduced a regression in the Windows installer on non-English locales that is being fixed in this release. There is no need to download this release if you are not using the Windows installer. PR-URL: https://github.com/nodejs/node/pull/39269	2021-07-05 17:03:09 +01:00
Richard Lau	cf1abe4b88	2021-07-05, Version 12.22.3 'Erbium' (LTS) Notable changes: Node.js 12.22.2 introduced a regression in the Windows installer on non-English locales that is being fixed in this release. There is no need to download this release if you are not using the Windows installer. PR-URL: https://github.com/nodejs/node/pull/39268	2021-07-05 16:50:08 +01:00
Beth Griggs	5ba2442e82	2021-07-01, Version 16.4.1 (Current) This is a security release. Notable changes: Vulnerabilities fixed: - CVE-2021-22918: libuv upgrade - Out of bounds read (Medium) - CVE-2021-22921: Windows installer - Node Installer Local Privilege Escalation (Medium) PR-URL: https://github.com/nodejs-private/node-private/pull/271	2021-07-01 15:37:30 +01:00
Richard Lau	0969b9f0e8	2021-07-01, Version 14.17.2 'Fermium' (LTS) This is a security release. Notable changes: Vulnerabilities fixed: - CVE-2021-22918: libuv upgrade - Out of bounds read (Medium) - CVE-2021-22921: Windows installer - Node Installer Local Privilege Escalation (Medium) PR-URL: https://github.com/nodejs-private/node-private/pull/272	2021-07-01 14:48:10 +01:00
Richard Lau	9b7eb82a42	2021-07-01, Version 12.22.2 'Erbium' (LTS) This is a security release. Notable changes: Vulnerabilities fixed: - CVE-2021-22918: libuv upgrade - Out of bounds read (Medium) - CVE-2021-22921: Windows installer - Node Installer Local Privilege Escalation (Medium) - CVE-2021-27290: npm upgrade - ssri Regular Expression Denial of Service (ReDoS) (High) - CVE-2021-23362: npm upgrade - hosted-git-info Regular Expression Denial of Service (ReDoS) (Medium) PR-URL: https://github.com/nodejs-private/node-private/pull/270	2021-07-01 14:41:48 +01:00
Danielle Adams	84d6ce9fd1	2021-06-23, Version 16.4.0 (Current) Notable changes: * async_hooks: * stabilize part of AsyncLocalStorage (Vladimir de Turckheim) https://github.com/nodejs/node/pull/37675 * deps: * upgrade npm to 7.18.1 (npm-robot) https://github.com/nodejs/node/pull/39065 * update V8 to 9.1.269.36 (Michaël Zasso) https://github.com/nodejs/node/pull/38273 * dns: * allow `--dns-result-order` to change default dns verbatim (Ouyang Yadong) https://github.com/nodejs/node/pull/38099 PR-URL: https://github.com/nodejs/node/pull/39031	2021-06-23 07:42:28 -04:00
Michaël Zasso	c0becbc1bd	2021-06-15, Version 14.17.1 'Fermium' (LTS) Notable changes: deps: * update ICU to 69.1 (Michaël Zasso) https://github.com/nodejs/node/pull/38178 src: * align source-map stacks with spec (Benjamin Coe) https://github.com/nodejs/node/pull/37252 PR-URL: https://github.com/nodejs/node/pull/38948	2021-06-15 14:45:01 +02:00
Danielle Adams	21f5a56914	2021-06-02, Version 16.3.0 (Current) Notable changes: * cli: * add -C alias for --conditions flag (Guy Bedford) (https://github.com/nodejs/node/pull/38755) * deps: * add workspaces support to npm install commands (Ruy Adorno) (https://github.com/nodejs/node/pull/38750) PR-URL: https://github.com/nodejs/node/pull/38874	2021-06-02 23:25:45 -04:00
Michaël Zasso	44ffddae8b	2021-05-19, Version 16.2.0 (Current) Notable changes: async_hooks: * (SEMVER-MINOR) use new v8::Context PromiseHook API (Stephen Belanger) https://github.com/nodejs/node/pull/36394 lib: * support setting process.env.TZ on windows (James M Snell) https://github.com/nodejs/node/pull/38642 module: * (SEMVER-MINOR) add support for `URL` to `import.meta.resolve` (Antoine du Hamel) https://github.com/nodejs/node/pull/38587 process: * (SEMVER-MINOR) add `'worker'` event (James M Snell) https://github.com/nodejs/node/pull/38659 util: * (SEMVER-MINOR) add util.types.isKeyObject and util.types.isCryptoKey (Filip Skokan) https://github.com/nodejs/node/pull/38619 PR-URL: https://github.com/nodejs/node/pull/38719	2021-05-19 12:56:18 +02:00
Danielle Adams	16e00a15de	2021-05-11, Version 14.17.0 'Fermium' (LTS) Notable Changes: Diagnostics channel (experimental module): `diagnostics_channel` is a new experimental module that provides an API to create named channels to report arbitrary message data for diagnostics purposes. The module was initially introduced in Node.js v15.1.0 and is backported to v14.17.0 to enable testing it at a larger scale. With `diagnostics_channel`, Node.js core and module authors can publish contextual data about what they are doing at a given time. This could be the hostname and query string of a mysql query, for example. Just create a named channel with `dc.channel(name)` and call `channel.publish(data)` to send the data to any listeners to that channel. ```js const dc = require('diagnostics_channel'); const channel = dc.channel('mysql.query'); MySQL.prototype.query = function query(queryString, values, callback) { // Broadcast query information whenever a query is made channel.publish({ query: queryString, host: this.hostname, }); this.doQuery(queryString, values, callback); }; ``` Channels are like one big global event emitter but are split into separate objects to ensure they get the best performance. If nothing is listening to the channel, the publishing overhead should be as close to zero as possible. Consuming channel data is as easy as using `channel.subscribe(listener)` to run a function whenever a message is published to that channel. ```js const dc = require('diagnostics_channel'); const channel = dc.channel('mysql.query'); channel.subscribe(({ query, host }) => { console.log(`mysql query to ${host}: ${query}`); }); ``` The data captured can be used to provide context for what an app is doing at a given time. This can be used for things like augmenting tracing data, tracking network and filesystem activity, logging queries, and many other things. It's also a very useful data source for diagnostics tools to provide a clearer picture of exactly what the application is doing at a given point in the data they are presenting. Contributed by Stephen Belanger (https://github.com/nodejs/node/pull/34895). UUID support in the crypto module: The new `crypto.randomUUID()` method now allows to generate random [RFC 4122](https://www.rfc-editor.org/rfc/rfc4122.txt) Version 4 UUID strings: ```js const { randomUUID } = require('crypto'); console.log(randomUUID()); // 'aa7c91a1-f8fc-4339-b9db-f93fc7233429' ``` Contributed by James M Snell (https://github.com/nodejs/node/pull/36729). Experimental support for `AbortController` and `AbortSignal`: Node.js 14.17.0 adds experimental partial support for `AbortController` and `AbortSignal`. Both constructors can be enabled globally using the `--experimental-abortcontroller` flag. Additionally, several Node.js APIs have been updated to support `AbortSignal` for cancellation. It is not mandatory to use the built-in constructors with them. Any spec-compliant third-party alternatives should be compatible. `AbortSignal` support was added to the following methods: * `child_process.exec` * `child_process.execFile` * `child_process.fork` * `child_process.spawn` * `dgram.createSocket` * `events.on` * `events.once` * `fs.readFile` * `fs.watch` * `fs.writeFile` * `http.request` * `https.request` * `http2Session.request` * The promisified variants of `setImmediate` and `setTimeout` Other notable changes: * doc: * revoke deprecation of legacy url, change status to legacy (James M Snell) (https://github.com/nodejs/node/pull/37784) * add legacy status to stability index (James M Snell) (https://github.com/nodejs/node/pull/37784) * upgrade stability status of report API (Gireesh Punathil) (https://github.com/nodejs/node/pull/35654) * deps: * V8: Backport various patches for Apple Silicon support (BoHong Li) (https://github.com/nodejs/node/pull/38051) * update ICU to 68.1 (Michaël Zasso) (https://github.com/nodejs/node/pull/36187) * upgrade to libuv 1.41.0 (Colin Ihrig) (https://github.com/nodejs/node/pull/37360) * http: * add http.ClientRequest.getRawHeaderNames() (simov) (https://github.com/nodejs/node/pull/37660) * report request start and end with diagnostics\_channel (Stephen Belanger) (https://github.com/nodejs/node/pull/34895) * util: * add getSystemErrorMap() impl (eladkeyshawn) (https://github.com/nodejs/node/pull/38101) PR-URL: https://github.com/nodejs/node/pull/38507	2021-05-11 19:05:18 -04:00
Michaël Zasso	671c289957	2021-05-04, Version 16.1.0 (Current) Notable changes: fs: * (SEMVER-MINOR) allow no-params fsPromises fileHandle read (Nitzan Uziely) https://github.com/nodejs/node/pull/38287 PR-URL: https://github.com/nodejs/node/pull/38522	2021-05-04 17:09:39 +02:00
Beth Griggs	8780537564	2021-04-20, Version 16.0.0 (Current) Notable changes: Deprecations and Removals: - (SEMVER-MAJOR) fs: remove permissive rmdir recursive (Antoine du Hamel) [https://github.com/nodejs/node/pull/37216] - (SEMVER-MAJOR) fs: runtime deprecate rmdir recursive option (Antoine du Hamel) [https://github.com/nodejs/node/pull/37302] - (SEMVER-MAJOR) lib: runtime deprecate access to process.binding('http_parser') (James M Snell) [https://github.com/nodejs/node/pull/37813] - (SEMVER-MAJOR) lib: runtime deprecate access to process.binding('url') (James M Snell) [https://github.com/nodejs/node/pull/37799] - (SEMVER-MAJOR) lib: make process.binding('util') return only type checkers (Anna Henningsen) [https://github.com/nodejs/node/pull/37819] - (SEMVER-MAJOR) lib: runtime deprecate access to process.binding('crypto') (James M Snell) [https://github.com/nodejs/node/pull/37790] - (SEMVER-MAJOR) lib: runtime deprecate access to process.binding('signal_wrap') (James M Snell) [https://github.com/nodejs/node/pull/37800] - (SEMVER-MAJOR) lib: runtime deprecate access to process.binding('v8') (James M Snell) [https://github.com/nodejs/node/pull/37789] - (SEMVER-MAJOR) lib: runtime deprecate access to process.binding('async_wrap') (James M Snell) [https://github.com/nodejs/node/pull/37576] - (SEMVER-MAJOR) module: remove module.createRequireFromPath (Antoine du Hamel) [https://github.com/nodejs/node/pull/37201] - (SEMVER-MAJOR) module: runtime deprecate subpath folder mappings (Antoine du Hamel) [https://github.com/nodejs/node/pull/37215] - (SEMVER-MAJOR) module: runtime deprecate "main" index and extension lookups (Antoine du Hamel) [https://github.com/nodejs/node/pull/37206] - (SEMVER-MAJOR) module: runtime deprecate invalid package.json main entries (Antoine du Hamel) [https://github.com/nodejs/node/pull/37204] - (SEMVER-MAJOR) process: runtime deprecate changing process.config (James M Snell) [https://github.com/nodejs/node/pull/36902] Stable Timers Promises API: The Timers Promises API provides an alternative set of timer functions that return Promise objects. Added in Node.js v15.0.0, in this release they graduate from experimental status to stable. Contributed by James Snell - [https://github.com/nodejs/node/pull/38112] Toolchain and Compiler Upgrades: Node.js v16.0.0 will be the first release where we ship prebuilt binaries for Apple Silicon. While we’ll be providing separate tarballs for the Intel (`darwin-x64`) and ARM (`darwin-arm64`) architectures the macOS installer (`.pkg`) will be shipped as a ‘fat’ (multi-architecture) binary. - (SEMVER-MAJOR) build: remove support for Python 2 (Christian Clauss) [https://github.com/nodejs/node/pull/36691] - (SEMVER-MAJOR) build: default PYTHON to python3 in Makefile (Michaël Zasso) [https://github.com/nodejs/node/pull/37764] - build: update Makefile to support fat binary (Ash Cripps) [https://github.com/nodejs/node/pull/37861] - (SEMVER-MAJOR) build: enable ASLR (PIE) on OS X (woodfairy) [https://github.com/nodejs/node/pull/35704] - build: warn for gcc versions earlier than 8.3.0 (Richard Lau) [https://github.com/nodejs/node/pull/37935] - (SEMVER-MAJOR) doc: update minimum supported Xcode to 11 (Michaël Zasso) [https://github.com/nodejs/node/pull/37872] - (SEMVER-MAJOR) doc: update minimum supported GCC to 8.3 (Michaël Zasso) [https://github.com/nodejs/node/pull/37871] - (SEMVER-MAJOR) doc: update AIX to GCC8 for v16.x (Ash Cripps) [https://github.com/nodejs/node/pull/37677] - tools: set arch in Distribution.xml (Ash Cripps) [https://github.com/nodejs/node/pull/38261] V8 9.0: The V8 JavaScript engine is updated to V8 9.0, including performance tweaks and improvements. This update also brings the ECMAScript RegExp Match Indices, which provide the start and end indices of the captured string. The indices array is available via the `.indices` property on match objects when the regular expression has the `/d` flag. Contributed by Michaël Zasso - [https://github.com/nodejs/node/pull/37587] Other Notable Changes: - (SEMVER-MINOR) assert: graduate assert.match and assert.doesNotMatch (James M Snell) [https://github.com/nodejs/node/pull/38111] - (SEMVER-MAJOR) buffer: expose btoa and atob as globals (James M Snell) [https://github.com/nodejs/node/pull/37786] - (SEMVER-MAJOR) deps: bump minimum ICU version to 68 (Michaël Zasso) [https://github.com/nodejs/node/pull/37330] - deps: update ICU to 69.1 (Michaël Zasso) [https://github.com/nodejs/node/pull/38178] - deps: update llhttp to 6.0.0 (Fedor Indutny) [https://github.com/nodejs/node/pull/38277] - deps: upgrade npm to 7.10.0 (Ruy Adorno) [https://github.com/nodejs/node/pull/38254] - (SEMVER-MINOR) http: add http.ClientRequest.getRawHeaderNames() (simov) [https://github.com/nodejs/node/pull/37660] - (SEMVER-MAJOR) lib,src: update cluster to use Parent (Michael Dawson) [https://github.com/nodejs/node/pull/36478] - (SEMVER-MINOR) module: add support for `node:`‑prefixed `require(…)` calls (ExE Boss) [https://github.com/nodejs/node/pull/37246] - (SEMVER-MINOR) perf_hooks: add histogram option to timerify (James M Snell) [https://github.com/nodejs/node/pull/37475] - (SEMVER-MINOR) repl: add auto‑completion for `node:`‑prefixed `require(…)` calls (ExE Boss) [https://github.com/nodejs/node/pull/37246] - (SEMVER-MINOR) util: add getSystemErrorMap() impl (eladkeyshawn) [https://github.com/nodejs/node/pull/38101] Semver-Major Commits: - (SEMVER-MAJOR) async_hooks: add thisArg to AsyncResource.bind (James M Snell) [https://github.com/nodejs/node/pull/36782] - (SEMVER-MAJOR) buffer: expose btoa and atob as globals (James M Snell) [https://github.com/nodejs/node/pull/37786] - (SEMVER-MAJOR) build: remove support for Python 2 (Christian Clauss) [https://github.com/nodejs/node/pull/36691] - (SEMVER-MAJOR) build: default PYTHON to python3 in Makefile (Michaël Zasso) [https://github.com/nodejs/node/pull/37764] - (SEMVER-MAJOR) build: update Makefile to support fat binary (Ash Cripps) [https://github.com/nodejs/node/pull/37861] - (SEMVER-MAJOR) build: include minimal V8 headers in distribution (Michaël Zasso) [https://github.com/nodejs/node/pull/37570] - (SEMVER-MAJOR) build: use C++11 ABI with libstdc++ (Anna Henningsen) [https://github.com/nodejs/node/pull/36634] - (SEMVER-MAJOR) build: enable ASLR (PIE) on OS X (woodfairy) [https://github.com/nodejs/node/pull/35704] - (SEMVER-MAJOR) deps: update V8 to 9.0.257.11 (Michaël Zasso) [https://github.com/nodejs/node/pull/37587] - (SEMVER-MAJOR) deps: bump minimum ICU version to 68 (Michaël Zasso) [https://github.com/nodejs/node/pull/37330] - (SEMVER-MAJOR) deps: update V8 to 8.9.255.19 (Michaël Zasso) [https://github.com/nodejs/node/pull/37330] - (SEMVER-MAJOR) deps: update V8 to 8.8.278.17 (Michaël Zasso) [https://github.com/nodejs/node/pull/36139] - (SEMVER-MAJOR) deps: update V8 to 8.7.220 (Michaël Zasso) [https://github.com/nodejs/node/pull/35700] - (SEMVER-MAJOR) dns: use url module instead of punycode for IDNA (Antoine du Hamel) [https://github.com/nodejs/node/pull/35091] - (SEMVER-MAJOR) doc: update minimum supported Xcode to 11 (Michaël Zasso) [https://github.com/nodejs/node/pull/37872] - (SEMVER-MAJOR) doc: update minimum supported GCC to 8.3 (Michaël Zasso) [https://github.com/nodejs/node/pull/37871] - (SEMVER-MAJOR) doc: update AIX to GCC8 for v16.x (Ash Cripps) [https://github.com/nodejs/node/pull/37677] - (SEMVER-MAJOR) doc: add http.IncomingMessage#connection (Pranshu Srivastava) [https://github.com/nodejs/node/pull/33768] - (SEMVER-MAJOR) events: change EventTarget handler exception behavior (Nitzan Uziely) [https://github.com/nodejs/node/pull/37237] - (SEMVER-MAJOR) fs: remove permissive rmdir recursive (Antoine du Hamel) [https://github.com/nodejs/node/pull/37216] - (SEMVER-MAJOR) fs: add validation for fd and path (Dylan Elliott) [https://github.com/nodejs/node/pull/35187] - (SEMVER-MAJOR) fs: runtime deprecate rmdir recursive option (Antoine du Hamel) [https://github.com/nodejs/node/pull/37302] - (SEMVER-MAJOR) fs: fix flag and mode validation (James M Snell) [https://github.com/nodejs/node/pull/37480] - (SEMVER-MAJOR) http: use objects with null prototype in Agent (Michaël Zasso) [https://github.com/nodejs/node/pull/36409] - (SEMVER-MAJOR) lib: runtime deprecate access to process.binding('http_parser') (James M Snell) [https://github.com/nodejs/node/pull/37813] - (SEMVER-MAJOR) lib: runtime deprecate access to process.binding('url') (James M Snell) [https://github.com/nodejs/node/pull/37799] - (SEMVER-MAJOR) lib: make process.binding('util') return only type checkers (Anna Henningsen) [https://github.com/nodejs/node/pull/37819] - (SEMVER-MAJOR) lib: runtime deprecate access to process.binding('crypto') (James M Snell) [https://github.com/nodejs/node/pull/37790] - (SEMVER-MAJOR) lib: runtime deprecate access to process.binding('signal_wrap') (James M Snell) [https://github.com/nodejs/node/pull/37800] - (SEMVER-MAJOR) lib: runtime deprecate access to process.binding('v8') (James M Snell) [https://github.com/nodejs/node/pull/37789] - (SEMVER-MAJOR) lib: aggregate errors to avoid error swallowing (Antoine du Hamel) [https://github.com/nodejs/node/pull/37460] - (SEMVER-MAJOR) lib: runtime deprecate access to process.binding('async_wrap') (James M Snell) [https://github.com/nodejs/node/pull/37576] - (SEMVER-MAJOR) lib: remove usage of url.parse (raisinten) [https://github.com/nodejs/node/pull/36853] - (SEMVER-MAJOR) lib: add error handling for input stream (rexagod) [https://github.com/nodejs/node/pull/31603] - (SEMVER-MAJOR) lib,src: update cluster to use Parent (Michael Dawson) [https://github.com/nodejs/node/pull/36478] - (SEMVER-MAJOR) module: runtime deprecate subpath folder mappings (Antoine du Hamel) [https://github.com/nodejs/node/pull/37215] - (SEMVER-MAJOR) module: runtime deprecate "main" index and extension lookups (Antoine du Hamel) [https://github.com/nodejs/node/pull/37206] - (SEMVER-MAJOR) module: runtime deprecate invalid package.json main entries (Antoine du Hamel) [https://github.com/nodejs/node/pull/37204] - (SEMVER-MAJOR) module: remove module.createRequireFromPath (Antoine du Hamel) [https://github.com/nodejs/node/pull/37201] - (SEMVER-MAJOR) module: only set cache when finding module succeeds (Yongsheng Zhang) [https://github.com/nodejs/node/pull/36642] - (SEMVER-MAJOR) perf_hooks: make performance a global (James M Snell) [https://github.com/nodejs/node/pull/37970] - (SEMVER-MAJOR) perf_hooks: complete overhaul of the implementation (James M Snell) [https://github.com/nodejs/node/pull/37136] - (SEMVER-MAJOR) process: disallow adding options to process.allowedNodeEnvironmentFlags (Antoine du Hamel) [https://github.com/nodejs/node/pull/36660] - (SEMVER-MAJOR) process: runtime deprecate changing process.config (James M Snell) [https://github.com/nodejs/node/pull/36902] - (SEMVER-MAJOR) readline: cursorTo throw error on NaN (Zijian Liu) [https://github.com/nodejs/node/pull/36379] - (SEMVER-MAJOR) src: mark internally exported functions as explicitly internal (Tyler Ang-Wanek) [https://github.com/nodejs/node/pull/37000] - (SEMVER-MAJOR) src: inline AsyncCleanupHookHandle in headers (Tyler Ang-Wanek) [https://github.com/nodejs/node/pull/37000] - (SEMVER-MAJOR) src: clean up embedder API (Anna Henningsen) [https://github.com/nodejs/node/pull/35897] - (SEMVER-MAJOR) worker: send correct error status for worker init (Yash Ladha) [https://github.com/nodejs/node/pull/36242] PR-URL: https://github.com/nodejs/node/pull/37678	2021-04-20 16:48:35 +01:00
Myles Borins	78b6f389d0	2021-04-06, Version 15.14.0 (Current) Notable Changes: This is a security release. Vulnerabilities fixed: - CVE-2021-3450: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) - CVE-2021-3449: OpenSSL - NULL pointer deref in signature_algorithms processing (High) - CVE-2020-7774: npm upgrade - Update y18n to fix Prototype-Pollution (High) Other Notable changes: fs: * (SEMVER-MINOR) add support for async iterators to `fsPromises.writeFile` (HiroyukiYagihashi) https://github.com/nodejs/node/pull/37490 net: * (SEMVER-MINOR) allow net.BlockList to use net.SocketAddress objects (James M Snell) https://github.com/nodejs/node/pull/37917 * (SEMVER-MINOR) add SocketAddress class (James M Snell) https://github.com/nodejs/node/pull/37917 * (SEMVER-MINOR) make net.BlockList cloneable (James M Snell) https://github.com/nodejs/node/pull/37917 net,tls: * (SEMVER-MINOR) add abort signal support to connect (Nitzan Uziely) https://github.com/nodejs/node/pull/37735 readline: * (SEMVER-MINOR) add AbortSignal support to interface (Nitzan Uziely) https://github.com/nodejs/node/pull/37932 PR-URL: https://github.com/nodejs/node/pull/38084	2021-04-06 15:55:23 -04:00
Myles Borins	1522a93646	2021-04-06, Version 14.16.1 'Fermium' (LTS) This is a security release. Notable Changes: Vulnerabilities fixed: - CVE-2021-3450: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) - CVE-2021-3449: OpenSSL - NULL pointer deref in signature_algorithms processing (High) - CVE-2020-7774: npm upgrade - Update y18n to fix Prototype-Pollution (High) PR-URL: https://github.com/nodejs/node/pull/38082	2021-04-06 15:55:23 -04:00
Myles Borins	d318ec7fc3	2021-04-06, Version 12.22.1 'Erbium' (LTS) This is a security release. Notable changes: Vulnerabilities fixed: - CVE-2021-3450: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) - CVE-2021-3449: OpenSSL - NULL pointer deref in signature_algorithms processing (High) - CVE-2020-7774: npm upgrade - Update y18n to fix Prototype-Pollution (High) PR-URL: https://github.com/nodejs/node/pull/38083	2021-04-06 15:55:22 -04:00
Myles Borins	cd15b1cde2	2021-04-06, Version 10.24.1 'Dubnium' (LTS) This is a security release. Notable changes: Vulnerabilities fixed: - CVE-2021-3450: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) - CVE-2021-3449: OpenSSL - NULL pointer deref in signature_algorithms processing (High) - CVE-2020-7774: npm upgrade - Update y18n to fix Prototype-Pollution (High) PR-URL: https://github.com/nodejs/node/pull/38085	2021-04-06 15:55:22 -04:00
Ruy Adorno	82bc5c3d5c	2021-03-31, Version 15.13.0 (Current) PR-URL: https://github.com/nodejs/node/pull/37977 Notable changes: * buffer: * implement btoa and atob (James M Snell) https://github.com/nodejs/node/pull/37529 * deps: * upgrade npm to 7.7.6 (Ruy Adorno) https://github.com/nodejs/node/pull/37968 * doc: * add legacy status to stability index (James M Snell) https://github.com/nodejs/node/pull/37784 * add @linkgoron to collaborators (Nitzan Uziely) https://github.com/nodejs/node/pull/37817 * http: * add http.ClientRequest.getRawHeaderNames() (simov) https://github.com/nodejs/node/pull/37660	2021-03-31 10:14:03 -04:00
Richard Lau	30fe4ed8c4	2021-03-30, Version 12.22.0 'Erbium' (LTS) Notable changes The legacy HTTP parser is runtime deprecated: - The legacy HTTP parser, selected by the `--http-parser=legacy` command line option, is deprecated with the pending End-of-Life of Node.js 10.x (where it is the only HTTP parser implementation provided) at the end of April 2021. It will now warn on use but otherwise continue to function and may be removed in a future Node.js 12.x release. - The default HTTP parser based on llhttp is not affected. By default it is stricter than the now deprecated legacy HTTP parser. If interoperability with HTTP implementations that send invalid HTTP headers is required, the HTTP parser can be started in a less secure mode with the `--insecure-http-parser` command line option. ES Modules: - ES Modules are now considered stable. node-api: - Updated to node-api version 8 and added an experimental API to allow retrieval of the add-on file name. New API's to control code coverage data collection: - `v8.stopCoverage()` and `v8.takeCoverage()` have been added. New API to monitor event loop utilization by Worker threads - `worker.performance.eventLoopUtilization()` has been added. PR-URL: https://github.com/nodejs/node/pull/37797	2021-03-30 15:09:15 +01:00

1 2 3 4 5 ...

441 Commits