- Simplify the beginning of the description.
- Add a missing serial comma.
- Add a missing parenthesis.
PR-URL: https://github.com/nodejs/node/pull/43334
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/43177
Reviewed-By: LiviaMedeiros <livia@cirno.name>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..
PR-URL: https://github.com/nodejs/node/pull/43124
Refs: https://github.com/nodejs/node/issues/40366
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Beth Griggs <bgriggs@redhat.com>
PR-URL: https://github.com/nodejs/node/pull/42878
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
This commit documents the event parameters and `http2stream.respond`,
and adds some tests to ensure the actual behaviors are aligned with
the docs.
Testing the 'Http2Server.sessionError' event is added by updating
`test/parallel/test-http2-options-max-headers-exceeds-nghttp2.js`.
The event seemingly has not been tested so far.
`ServerHttp2Session` is exported to validate the `session` event
and the `sessionError` event.
Signed-off-by: Daeyeon Jeong daeyeon.dev@gmail.com
PR-URL: https://github.com/nodejs/node/pull/42858
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
PR-URL: https://github.com/nodejs/node/pull/43114
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/42974
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
PR-URL: https://github.com/nodejs/node/pull/42889
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Since we were removing the hasRef() method before exposing the
MessagePort object, the only way of knowing if the handle was keeping
the event loop active was to parse the string returned by
util.inspect(port), which is inconvenient and inconsistent with most of
the other async resources. So this change stops removing hasRef() from
the MessagePort prototype. The reason why this is also being documented
is that while reporting active resources, async_hooks returns the same
MessagePort object as the one that is accessible by users.
Refs: https://github.com/nodejs/node/issues/42091#issuecomment-1104793189
Signed-off-by: Darshan Sen <raisinten@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/42849
Reviewed-By: Anna Henningsen <anna@addaleax.net>
The method might be designed to explicitly take `options`. However,
the implementation and many examples already allow the first parameter
of a function type.
PR-URL: https://github.com/nodejs/node/pull/42832
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Removes the experimental label in the docs and makes the
`--experimental-top-level-await` flag a no-op.
V8 has removed the harmony flag in V8 9.1 and consider the feature
stable, there's no reason to keep it experimental in Node.js.
PR-URL: https://github.com/nodejs/node/pull/42875
Reviewed-By: Jacob Smith <jacob@frende.me>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
PR-URL: https://github.com/nodejs/node/pull/42738
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/42820
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
export total_global_handles_size, used_global_handles_size,
external_memory in getHeapStatistics
PR-URL: https://github.com/nodejs/node/pull/42784
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/42797
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
Some core modules can be loaded with or without the `node:` prefix.
Using the prefix disambiguates which specifiers refer to core modules.
This commit updates the docs to use the prefix everywhere a core module
is referenced.
PR-URL: https://github.com/nodejs/node/pull/42752
Fixes: https://github.com/nodejs/node/issues/38343
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Notable Changes:
Deprecations and Removals:
- (SEMVER-MAJOR) fs: runtime deprecate string coercion in `fs.write`,
`fs.writeFileSync`
(Livia Medeiros) (https://github.com/nodejs/node/pull/42607)
- (SEMVER-MAJOR) dns: remove `dns.lookup` and `dnsPromises.lookup`
options type coercion
(Antoine du Hamel) (https://github.com/nodejs/node/pull/41431)
- (SEMVER-MAJOR) process: runtime deprecate multipleResolves
(Benjamin Gruenbaum) (https://github.com/nodejs/node/pull/41896)
- (SEMVER-MAJOR) stream: remove thenable support (Robert Nagy)
(https://github.com/nodejs/node/pull/40773)
- (SEMVER-MAJOR) tls: move tls.parseCertString to end-of-life
(Tobias Nießen) (https://github.com/nodejs/node/pull/41479)
fetch (experimental):
An experimental fetch API is available on the global scope by default.
The implementation is based upon https://undici.nodejs.org/#/,
an HTTP/1.1 client written for Node.js by contributors to the project.
Through this addition, the following globals are made available: `fetch`
, `FormData`, `Headers`, `Request`, `Response`.
Disable this API with the `--no-experimental-fetch` command-line flag.
Contributed by Michaël Zasso in https://github.com/nodejs/node/pull/41811.
HTTP Timeouts:
`server.headersTimeout`, which limits the amount of time the parser will
wait to receive the complete HTTP headers, is now set to `60000` (60
seconds) by default.
`server.requestTimeout`, which sets the timeout value in milliseconds
for receiving the entire request from the client, is now set to `300000`
(5 minutes) by default.
If these timeouts expire, the server responds with status 408 without
forwarding the request to the request listener and then closes the
connection.
Both timeouts must be set to a non-zero value to protect against
potential Denial-of-Service attacks in case the server is deployed
without a reverse proxy in front.
Contributed by Paolo Insogna in https://github.com/nodejs/node/pull/41263.
Test Runner module (experimental):
The `node:test` module facilitates the creation of JavaScript tests that
report results in TAP format. This module is only available under the
`node:` scheme.
Contributed by Colin Ihrig in https://github.com/nodejs/node/pull/42325.
Toolchain and Compiler Upgrades:
- Prebuilt binaries for Linux are now built on Red Hat Enterprise Linux
(RHEL) 8 and are compatible with Linux distributions based on glibc
2.28 or later, for example, Debian 10, RHEL 8, Ubuntu 20.04.
- Prebuilt binaries for macOS now require macOS 10.15 or later.
- For AIX the minimum supported architecture has been raised from Power
7 to Power 8.
Prebuilt binaries for 32-bit Windows will initially not be available due
to issues building the V8 dependency in Node.js. We hope to restore
32-bit Windows binaries for Node.js 18 with a future V8 update.
Node.js does not support running on operating systems that are no longer
supported by their vendor. For operating systems where their vendor has
planned to end support earlier than April 2025, such as Windows 8.1
(January 2023) and Windows Server 2012 R2 (October 2023), support for
Node.js 18 will end at the earlier date.
Full details about the supported toolchains and compilers are documented
in the Node.js `BUILDING.md` file.
Contributed by Richard Lau in https://github.com/nodejs/node/pull/42292,
https://github.com/nodejs/node/pull/42604 and https://github.com/nodejs/node/pull/42659
, and Michaël Zasso in https://github.com/nodejs/node/pull/42105 and
https://github.com/nodejs/node/pull/42666.
V8 10.1:
The V8 engine is updated to version 10.1, which is part of Chromium 101.
Compared to the version included in Node.js 17.9.0, the following new
features are included:
- The `findLast` and `findLastIndex` array methods.
- Improvements to the `Intl.Locale` API.
- The `Intl.supportedValuesOf` function.
- Improved performance of class fields and private class methods (the
initialization of them is now as fast as ordinary property stores).
The data format returned by the serialization API (`v8.serialize(value)`)
has changed, and cannot be deserialized by earlier versions of Node.js.
On the other hand, it is still possible to deserialize the previous
format, as the API is backwards-compatible.
Contributed by Michaël Zasso in https://github.com/nodejs/node/pull/42657.
Web Streams API (experimental):
Node.js now exposes the experimental implementation of the Web Streams
API on the global scope. This means the following APIs are now globally
available:
- `ReadableStream`, `ReadableStreamDefaultReader`,
`ReadableStreamBYOBReader`, `ReadableStreamBYOBRequest`,
`ReadableByteStreamController`, `ReadableStreamDefaultController`,
`TransformStream`, `TransformStreamDefaultController`, `WritableStream`,
`WritableStreamDefaultWriter`, `WritableStreamDefaultController`,
`ByteLengthQueuingStrategy`, `CountQueuingStrategy`, `TextEncoderStream`,
`TextDecoderStream`, `CompressionStream`, `DecompressionStream`.
Contributed James Snell in https://github.com/nodejs/node/pull/39062,
and Antoine du Hamel in https://github.com/nodejs/node/pull/42225.
Other Notable Changes:
- (SEMVER-MAJOR) buffer: expose Blob as a global
(James M Snell) (https://github.com/nodejs/node/pull/41270)
- (SEMVER-MAJOR) child\_process: improve argument validation
(Rich Trott) (https://github.com/nodejs/node/pull/41305)
- doc: add RafaelGSS to collaborators
(RafaelGSS) (https://github.com/nodejs/node/pull/42718)
- (SEMVER-MAJOR) http: make TCP noDelay enabled by default
(Paolo Insogna) (https://github.com/nodejs/node/pull/42163)
- (SEMVER-MAJOR) net: make `server.address()` return an integer for
`family`
(Antoine du Hamel) (https://github.com/nodejs/node/pull/41431)
- (SEMVER-MAJOR) worker: expose BroadcastChannel as a global
(James M Snell) (https://github.com/nodejs/node/pull/41271)
- (SEMVER-MAJOR) worker: graduate BroadcastChannel to supported
(James M Snell) (https://github.com/nodejs/node/pull/41271)
Semver-Major Commits:
- (SEMVER-MAJOR) assert,util: compare RegExp.lastIndex while using deep
equal checks
(Ruben Bridgewater) (https://github.com/nodejs/node/pull/41020)
- (SEMVER-MAJOR) buffer: refactor `byteLength` to remove outdated
optimizations
(Rongjian Zhang) (https://github.com/nodejs/node/pull/38545)
- (SEMVER-MAJOR) buffer: expose Blob as a global
(James M Snell) (https://github.com/nodejs/node/pull/41270)
- (SEMVER-MAJOR) buffer: graduate Blob from experimental
(James M Snell) (https://github.com/nodejs/node/pull/41270)
- (SEMVER-MAJOR) build: make x86 Windows support temporarily
experimental
(Michaël Zasso) (https://github.com/nodejs/node/pull/42666)
- (SEMVER-MAJOR) build: bump macOS deployment target to 10.15
(Richard Lau) (https://github.com/nodejs/node/pull/42292)
- (SEMVER-MAJOR) build: downgrade Windows 8.1 and server 2012 R2 to
experimental
(Michaël Zasso) (https://github.com/nodejs/node/pull/42105)
- (SEMVER-MAJOR) child\_process: improve argument validation
(Rich Trott) (https://github.com/nodejs/node/pull/41305)
- (SEMVER-MAJOR) cluster: make `kill` to be just `process.kill`
(Bar Admoni) (https://github.com/nodejs/node/pull/34312)
- (SEMVER-MAJOR) crypto: cleanup validation
(Mohammed Keyvanzadeh) (https://github.com/nodejs/node/pull/39841)
- (SEMVER-MAJOR) crypto: prettify othername in PrintGeneralName
(Tobias Nießen) (https://github.com/nodejs/node/pull/42123)
- (SEMVER-MAJOR) crypto: fix X509Certificate toLegacyObject
(Tobias Nießen) (https://github.com/nodejs/node/pull/42124)
- (SEMVER-MAJOR) crypto: use RFC2253 format in PrintGeneralName
(Tobias Nießen) (https://github.com/nodejs/node/pull/42002)
- (SEMVER-MAJOR) crypto: change default check(Host|Email) behavior
(Tobias Nießen) (https://github.com/nodejs/node/pull/41600)
- (SEMVER-MAJOR) deps: V8: cherry-pick semver-major commits from 10.2
(Michaël Zasso) (https://github.com/nodejs/node/pull/42657)
- (SEMVER-MAJOR) deps: update V8 to 10.1.124.6
(Michaël Zasso) (https://github.com/nodejs/node/pull/42657)
- (SEMVER-MAJOR) deps: update V8 to 9.8.177.9
(Michaël Zasso) (https://github.com/nodejs/node/pull/41610)
- (SEMVER-MAJOR) deps: update V8 to 9.7.106.18
(Michaël Zasso) (https://github.com/nodejs/node/pull/40907)
- (SEMVER-MAJOR) dns: remove `dns.lookup` and `dnsPromises.lookup`
options type coercion
(Antoine du Hamel) (https://github.com/nodejs/node/pull/41431)
- (SEMVER-MAJOR) doc: update minimum glibc requirements for Linux
(Richard Lau) (https://github.com/nodejs/node/pull/42659)
- (SEMVER-MAJOR) doc: update AIX minimum supported arch
(Richard Lau) (https://github.com/nodejs/node/pull/42604)
- (SEMVER-MAJOR) fs: runtime deprecate string coercion in `fs.write`,
`fs.writeFileSync`
(Livia Medeiros) (https://github.com/nodejs/node/pull/42607)
- (SEMVER-MAJOR) http: refactor headersTimeout and requestTimeout logic
(Paolo Insogna) (https://github.com/nodejs/node/pull/41263)
- (SEMVER-MAJOR) http: make TCP noDelay enabled by default
(Paolo Insogna) (https://github.com/nodejs/node/pull/42163)
- (SEMVER-MAJOR) lib: enable fetch by default
(Michaël Zasso) (https://github.com/nodejs/node/pull/41811)
- (SEMVER-MAJOR) lib: replace validator and error
(Mohammed Keyvanzadeh) (https://github.com/nodejs/node/pull/41678)
- (SEMVER-MAJOR) module,repl: support 'node:'-only core modules
(Colin Ihrig) (https://github.com/nodejs/node/pull/42325)
- (SEMVER-MAJOR) net: make `server.address()` return an integer for
`family`
(Antoine du Hamel) (https://github.com/nodejs/node/pull/41431)
- (SEMVER-MAJOR) process: disallow some uses of Object.defineProperty()
on process.env
(Himself65) (https://github.com/nodejs/node/pull/28006)
- (SEMVER-MAJOR) process: runtime deprecate multipleResolves
(Benjamin Gruenbaum) (https://github.com/nodejs/node/pull/41896)
- (SEMVER-MAJOR) readline: fix question still called after closed
(Xuguang Mei) (https://github.com/nodejs/node/pull/42464)
- (SEMVER-MAJOR) stream: remove thenable support
(Robert Nagy) (https://github.com/nodejs/node/pull/40773)
- (SEMVER-MAJOR) stream: expose web streams globals, remove runtime
experimental warning
(Antoine du Hamel) (https://github.com/nodejs/node/pull/42225)
- (SEMVER-MAJOR) stream: need to cleanup event listeners if last stream
is readable
(Xuguang Mei) (https://github.com/nodejs/node/pull/41954)
- (SEMVER-MAJOR) stream: revert revert `map` spec compliance
(Benjamin Gruenbaum) (https://github.com/nodejs/node/pull/41933)
- (SEMVER-MAJOR) stream: throw invalid arg type from End Of Stream
(Jithil P Ponnan) (https://github.com/nodejs/node/pull/41766)
- (SEMVER-MAJOR) stream: don't emit finish after destroy
(Robert Nagy) (https://github.com/nodejs/node/pull/40852)
- (SEMVER-MAJOR) stream: add errored and closed props
(Robert Nagy) (https://github.com/nodejs/node/pull/40696)
- (SEMVER-MAJOR) test: add initial test module
(Colin Ihrig) (https://github.com/nodejs/node/pull/42325)
- (SEMVER-MAJOR) timers: refactor internal classes to ES2015 syntax
(Rabbit) (https://github.com/nodejs/node/pull/37408)
- (SEMVER-MAJOR) tls: represent registeredID numerically always
(Tobias Nießen) (https://github.com/nodejs/node/pull/41561)
- (SEMVER-MAJOR) tls: move tls.parseCertString to end-of-life
(Tobias Nießen) (https://github.com/nodejs/node/pull/41479)
- (SEMVER-MAJOR) url: throw on NULL in IPv6 hostname
(Rich Trott) (https://github.com/nodejs/node/pull/42313)
- (SEMVER-MAJOR) v8: make v8.writeHeapSnapshot() error codes consistent
(Darshan Sen) (https://github.com/nodejs/node/pull/42577)
- (SEMVER-MAJOR) v8: make writeHeapSnapshot throw if fopen fails
(Antonio Román) (https://github.com/nodejs/node/pull/41373)
- (SEMVER-MAJOR) worker: expose BroadcastChannel as a global
(James M Snell) (https://github.com/nodejs/node/pull/41271)
- (SEMVER-MAJOR) worker: graduate BroadcastChannel to supported
(James M Snell) (https://github.com/nodejs/node/pull/41271)
PR-URL: https://github.com/nodejs/node/pull/42262
These methods are inherited from `http.OutgoingMessage` and
they are already documented as methods of the `http.ServerResponse`
class. For consistency, document them also as methods of the
`http.ClientRequest` class.
PR-URL: https://github.com/nodejs/node/pull/42691
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Mestery <mestery@protonmail.com>
- `outgoingMessage.writableCorked` was added to Node.js v13.2.0 via
62e15a793a and backported to Node.js v12.16.0 via db8144be31.
- `outgoingMessage.writableEnded` was added to Node.js v12.9.0 via
f9b61d2bc7.
- `outgoingMessage.writableFinished` was added to Node.js v12.7.0 via
06d0abea0d.
- `outgoingMessage.writableHighWaterMark`,
`outgoingMessage.writableLength`, and
`outgoingMessage.writableObjectMode` were added to Node.js v12.9.0 via
16e001112c.
PR-URL: https://github.com/nodejs/node/pull/42737
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Ricky Zhou <0x19951125@gmail.com>
This commit introduces an initial version of a CLI-based
test runner.
PR-URL: https://github.com/nodejs/node/pull/42658
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
These events are already documented as events of the
`http.ServerResponse` class. Document that they can also be emitted on
instances of the `http.ClientRequest` class.
PR-URL: https://github.com/nodejs/node/pull/42704
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
`outgoingMessage.cork()` and `outgoingMessage.uncork()` were added to
Node.js v13.2.0 via 62e15a793a and backported to Node.js v12.16.0 via
db8144be31.
PR-URL: https://github.com/nodejs/node/pull/42711
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Revise for conformance with style guide and clarity.
PR-URL: https://github.com/nodejs/node/pull/42734
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
`outgoingMessage.getHeader()`, `outgoingMessage.getHeaderNames()`, and
`outgoingMessage.getHeaders()` were added to Node.js v7.7.0 via
3e8d43d165.
PR-URL: https://github.com/nodejs/node/pull/42661
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Qingyu Deng <i@ayase-lab.com>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
`fh.createWriteStream` can be more convenient than
`fs.createWriteStream` when using the FS promises API.
PR-URL: https://github.com/nodejs/node/pull/42653
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Specify that `outgoingMessage.removeHeader()` takes a `name` argument
whose type is string.
PR-URL: https://github.com/nodejs/node/pull/42652
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
This is not a function and should not have a return type.
PR-URL: https://github.com/nodejs/node/pull/42647
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Remove support for returning thenables in stream
implementation methods. This is causing more confusion
and issues than it's worth.
Refs: https://github.com/nodejs/node/issues/39535
PR-URL: https://github.com/nodejs/node/pull/40773
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
This also affects `fs.writeFile`, `fs.appendFile`, and
`fs.appendFileSync`
PR-URL: https://github.com/nodejs/node/pull/42607
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/42649
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
http: fix extends for ClientRequest from Stream to http.OutgoingMessage
http: added page entry for http.OutgoingMessage
http: updated order of links
http: included entry for http.OutgoingMessage
http: removed unnecessary entry from md file
PR-URL: https://github.com/nodejs/node/pull/42642
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
This change makes the error codes returned by v8.writeHeapSnapshot()
consistent across all platforms by using the libuv APIs instead of
fopen(), fwrite() and fclose(). This also starts reporting potential
errors that might happen during the write operations.
Signed-off-by: Darshan Sen <raisinten@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/42577
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
PR-URL: https://github.com/nodejs/node/pull/42586
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
This commit introduces a CLI flag and test runner functionality
to support running a subset of tests that are indicated by an
'only' option passed to the test.
PR-URL: https://github.com/nodejs/node/pull/42514
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
The FS docs wrongfully indicated support for passing object with an own
`toString` function property to `FileHandle.prototype.appendFile`,
`FileHandle.prototype.writeFile`, `FileHandle.prototype.write`,
`fsPromises.writeFile`, and `fs.writeSync`. This commit fixes that, and
adds some test to ensure the actual behavior is aligned with the docs.
It also fixes a bug that makes the process crash if a non-buffer object
was passed to `FileHandle.prototype.write`.
Refs: https://github.com/nodejs/node/pull/34993
PR-URL: https://github.com/nodejs/node/pull/41677
Refs: https://github.com/nodejs/node/issues/41666
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Disallow the use of Object.defineProperty() to hide entries in
process.env or make them immutable.
PR-URL: https://github.com/nodejs/node/pull/28006
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
This sentence implies that AES-128 is preferred over AES-256 because
of a related-key attack from 2009. However, that attack by Alex
Biryukov, Orr Dunkelman, Nathan Keller, Dmitry Khovratovich, and Adi
Shamir, while impressive, is only effective against variants of
AES-256 with a reduced number of rounds and it requires related keys.
This means that the attack is not effective against AES-256 as it is
used within TLS.
(AES-128 is still often preferred over AES-256 simply because it is
believed to be sufficiently secure and because it is faster.)
PR-URL: https://github.com/nodejs/node/pull/42578
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/42588
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Remove recommendation that has no explanation. Make the other
recommendation less wordy.
PR-URL: https://github.com/nodejs/node/pull/42556
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
Recommend using x509.fingerprint256 instead of x509.fingerprint and
x509.fingerprint512 and suggest using it instead of x509.serialNumber
in order to uniquely identify certificates.
PR-URL: https://github.com/nodejs/node/pull/42516
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tierney Cyren <hello@bnb.im>
PR-URL: https://github.com/nodejs/node/pull/42525
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
use the perf_hooks to trace the time spent by net.connect, dns.lookup,
dns.lookupService, dns.resolvexxx.
PR-URL: https://github.com/nodejs/node/pull/42390
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/42465
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
We currently defer finalizer callbacks until the loop is idle.
Warn users that the weak reference returned by napi_wrap()
isn't guaranteed to be valid just because the finalizer hasn't
yet been called.
PR-URL: https://github.com/nodejs/node/pull/42461
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Tierney Cyren <hello@bnb.im>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit adds a new 'test' module that exposes an API
for creating JavaScript tests. As the tests execute, TAP
output is written to standard output. This commit only supports
executing individual test files, and does not implement
command line functionality for a full test runner.
PR-URL: https://github.com/nodejs/node/pull/42325
Refs: https://github.com/nodejs/node/issues/40954
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Property name `min` was updated in 23637e9a3b
to `lowest` but an instance of `min` was missed.
PR-URL: https://github.com/nodejs/node/pull/42398
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Harshitha K P <harshitha014@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/42373
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
The only significant change is to replace AsyncHooks with `AsyncHook`.
PR-URL: https://github.com/nodejs/node/pull/42337
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
PR-URL: https://github.com/nodejs/node/pull/42301
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Jacob Smith <jacob@frende.me>
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Fix the pipeline examples to show that async generators receive
an AbortSignal wrapped in an object.
PR-URL: https://github.com/nodejs/node/pull/42258
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
The documentation about command lookup could be more clear and note
differences between Windows and Linux/OSX.
Current text gives the impression that if one passes `options.env`
without `PATH`, the path search will fall back on `process.env.PATH`.
In reality, passing environment without `PATH` to `execvp` causes it
to look for the binary only in `/usr/bin:/bin`.
Also Windows behaves different and more in line with the current
documentation text.
PR-URL: https://github.com/nodejs/node/pull/41418
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
I spent hours trying to make it work only to
learn that it's not supported in node anymore,
so I thought I'd save other people the time in the future.
https://groups.google.com/g/nodejs/c/SxNKLclbM5k?pli=1
PR-URL: https://github.com/nodejs/node/pull/42295
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
PR-URL: https://github.com/nodejs/node/pull/42252
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Jacob Smith <jacob@frende.me>
Reviewed-By: Rich Trott <rtrott@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/42163
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
This also affects `fs.writeFile`, `fs.appendFile`, and
`fs.appendFileSync`
Refs: https://github.com/nodejs/node/pull/41677
PR-URL: https://github.com/nodejs/node/pull/42149
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/42177
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
Reviewed-By: Bradley Farias <bradley.meck@gmail.com>
Reviewed-By: Bryan English <bryan@bryanenglish.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
The last release line that did not support the new openssl list command
was OpenSSL 1.1.0, which reached its end-of-life status years ago.
PR-URL: https://github.com/nodejs/node/pull/42235
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Updated docs to reflect current behaviour of readline:
final line of input will be emitted via `'line'` event
when input stream `'end'` event is emitted even when
the input is not newline terminated.
Refs: https://github.com/nodejs/node-v0.x-archive/issues/7238
PR-URL: https://github.com/nodejs/node/pull/42214
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Makes default length reasonable when nonzero offset is set.
PR-URL: https://github.com/nodejs/node/pull/42128
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
The IncomingMessage.headers property was made non-enumerable
in PR #35281.
PR-URL: https://github.com/nodejs/node/pull/42095
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Harshitha K P <harshitha014@gmail.com>
Add explanation of case to be careful of
in order to avoid native memory being kept
alive.
Signed-off-by: Michael Dawson <mdawson@devrus.com>
PR-URL: https://github.com/nodejs/node/pull/42035
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/42063
Refs: https://github.com/nodejs/node/issues/42059
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Harshitha K P <harshitha014@gmail.com>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/42018
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41811
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Currently, specifying an `offset` without a `length`
throws an `ERR_OUT_OF_RANGE` error.
This commit provides a more sensible default.
This change should only affect cases
where no length is specified and a nonzero offset is,
which are currently throwing errors.
PR-URL: https://github.com/nodejs/node/pull/40349
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Add a rule to make sure deprecation codes are in order.
PR-URL: https://github.com/nodejs/node/pull/41992
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41956
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Documentation of deprecation notice `_getActiveRequestsInfo` and
`_getActiveHandlesInfo` since they are internal usage and can be removed
in future releases.
PR-URL: https://github.com/nodejs/node/pull/41587
Refs: https://github.com/nodejs/node/pull/40813
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Mary Marchini <oss@mmarchini.me>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41944
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41923
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Harshitha K P <harshitha014@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41943
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
I added support for x32 back in 2014 but it's been in a state of
disrepair ever since, not in the least because it was never a fully
supported architecture in upstream V8.
V8 dropped x32 support entirely in or around 2018 so the removal from
Node's build system is long overdue.
Refs: https://github.com/nodejs/node/issues/40576
PR-URL: https://github.com/nodejs/node/pull/41905
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Co-authored-by: Jacob Smith <3012099+JakobJingleheimer@users.noreply.github.com>
Co-authored-by: James M Snell <jasnell@gmail.com>
Co-authored-by: Jordan Harband <ljharb@gmail.com>
Co-authored-by: James Sumners <james@sumners.email>
PR-URL: https://github.com/nodejs/node/pull/36328
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
The ellipsis in `All together` is not needed. I've had it on my list of
"small things to take care of when you get a chance" for a while. The
Microsoft Style Guide says to not use ellipses except in certain cases,
and that reminded me to do it. The day has arrived!
PR-URL: https://github.com/nodejs/node/pull/41888
Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Deprecate the process multipleResolves event to detect when a promise is
resolved more than once because it never really worked.
Fixes: https://github.com/nodejs/node/issues/41554
PR-URL: https://github.com/nodejs/node/pull/41872
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
1. Any keystroke emits `0x1E` will do redo action.
2. Fix bug of undo/redo.
3. More detailed document.
4. Unit tests.
PR-URL: https://github.com/nodejs/node/pull/41662
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Continue iterator-helpers work by adding `find` to readable streams.
PR-URL: https://github.com/nodejs/node/pull/41849
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41875
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41796
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Mary Marchini <oss@mmarchini.me>
Reviewed-By: James M Snell <jasnell@gmail.com>
The cipher should be spelled "ChaCha20-Poly1305", i.e., with a hyphen
between the encryption and MAC algorithm names. Also change "when client
does" to "when the client does."
PR-URL: https://github.com/nodejs/node/pull/41866
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Make `Worker.prototype.kill` to be just `process.kill` without
preforming graceful disconnect beforehand.
Refs: https://github.com/nodejs/node/issues/33715
PR-URL: https://github.com/nodejs/node/pull/34312
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Added some hints that creation of an heap snapshot has significant
overhead on memory requirement and event loop utilization.
PR-URL: https://github.com/nodejs/node/pull/41822
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Added imports for packages that is mentioned in the example of
async_hooks context example.
PR-URL: https://github.com/nodejs/node/pull/39229
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
PR-URL: https://github.com/nodejs/node/pull/41797
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com>
(Arguably, the whole terminology is not perfect, but at least it will be
consistent with TCP now.)
PR-URL: https://github.com/nodejs/node/pull/41824
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Mestery <mestery@protonmail.com>
V8::ShutdownPlatform has been deprecated and does the same.
PR-URL: https://github.com/nodejs/node/pull/41610
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Spelling out numbers makes this part easier to read. Also remove the
unnecessary word 'last'.
PR-URL: https://github.com/nodejs/node/pull/41778
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Nitzan Uziely <linkgoron@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Notable changes:
Corepack:
Node.js now includes Corepack, a script that acts as a bridge between
Node.js projects and the package managers they are intended to be used
with during development.
In practical terms, Corepack will let you use Yarn and pnpm without
having to install them - just like what currently happens with npm,
which is shipped in Node.js by default.
Contributed by Maël Nison - https://github.com/nodejs/node/pull/39608
ICU updated:
ICU has been updated to 70.1. This updates timezone database to 2021a3,
including bringing forward the start for DST for Jordan from March to
February.
Contributed by Michaël Zasso - https://github.com/nodejs/node/pull/40658
New option to disable loading of native addons:
A new command line option `--no-addons` has been added to disallow
loading of native addons.
Contributed by Dominic Elm - https://github.com/nodejs/node/pull/39977
Updated Root Certificates:
Root certificates have been updated to those from Mozilla's Network
Security Services 3.71.
Contributed by Richard Lau - https://github.com/nodejs/node/pull/40280
Other Notable Changes:
crypto:
* (SEMVER-MINOR) make FIPS related options always available (Vít Ondruch) https://github.com/nodejs/node/pull/36341
lib:
* (SEMVER-MINOR) add unsubscribe method to non-active DC channels (simon-id) https://github.com/nodejs/node/pull/40433
* (SEMVER-MINOR) add return value for DC channel.unsubscribe (simon-id) https://github.com/nodejs/node/pull/40433
module:
* (SEMVER-MINOR) support pattern trailers (Guy Bedford) https://github.com/nodejs/node/pull/39635
src:
* (SEMVER-MINOR) make napi_create_reference accept symbol (JckXia) https://github.com/nodejs/node/pull/39926
PR-URL: https://github.com/nodejs/node/pull/41696
Swtich from `hasOwnProperty()` to `Object.hasOwn()`.
PR-URL: https://github.com/nodejs/node/pull/41780
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
The ECDH API changes were made more than six years ago and this
section is not helpful for new applications. The behavior of the ECDH
APIs should be explained in the relevant sections, not in a note.
Refs: https://github.com/nodejs/node/pull/3511
PR-URL: https://github.com/nodejs/node/pull/41773
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41720
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41728
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
The previous link led to an old page that does not document all the
`package.json` fields used by npm.
PR-URL: https://github.com/nodejs/node/pull/41712
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Tierney Cyren <hello@bnb.im>
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Applications should usually keep track of workers themselves to prevent
cross-referencing workers from different "groups" that are assigned to
separate tasks.
Additionally, it is unreasonable to assume that the 'data' event emitted
by a socket object will be an integer. While the example works when the
argument is a string (or Buffer), it can result in various issues (e.g.,
when id === '__proto__' since cluster.workers has a non-null prototype).
Refs: 5f08c3cfa1
PR-URL: https://github.com/nodejs/node/pull/41668
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Tierney Cyren <hello@bnb.im>
Fixes: https://github.com/nodejs/node/issues/41294
Signed-off-by: Darshan Sen <raisinten@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41329
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41649
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
This adds the `drop` and `take` methods to readable streams allowing
users easily drop and take items from the stream.
This continues the iterator-helper proposal alignment task.
Co-Authored-By: Robert Nagy <ronagy@icloud.com>
PR-URL: https://github.com/nodejs/node/pull/41630
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41615
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Support the `flatMap` method from the iterator helper TC39 proposal on
readable streams.
Co-Authored-By: Robert Nagy <ronagy@icloud.com>
PR-URL: https://github.com/nodejs/node/pull/41612
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
The current documentation is incorrect in that it says "A single
instance of Node.js runs in a single thread," which is not true due
to the addition of worker threads.
This patch removes the incorrect statement and instead suggests that
applications consider using worker threads when process isolation is
not needed.
Refs: https://github.com/nodejs/node/pull/20876
PR-URL: https://github.com/nodejs/node/pull/41616
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
This changes the default behavior of the X509Certificate functions
checkHost and checkEmail to match the default behavior of OpenSSL's
X509_check_host and X509_check_email functions, respectively, which
is also what RFC 2818 mandates for HTTPS.
Refs: https://github.com/nodejs/node/pull/36804
Refs: https://github.com/nodejs/node/pull/41569
PR-URL: https://github.com/nodejs/node/pull/41600
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
1. `Ctrl-Y` to yank previously deleted text
2. `Meta-Y` to do yank pop (cycle among deleted texts)
3. Use `getCursorPos().rows` to check if we have reached a new line,
instead of `getCursorPos().cols === 0`.
4. document and unittests.
PR-URL: https://github.com/nodejs/node/pull/41301
Fixes: https://github.com/nodejs/node/issues/41252
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Qingyu Deng <i@ayase-lab.com>
Refs: https://github.com/nodejs/node/issues/14802
PR-URL: https://github.com/nodejs/node/pull/41438
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Adrian Estrada <edsadr@gmail.com>
Reviewed-By: Mary Marchini <oss@mmarchini.me>
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41596
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41624
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
This continues on the iterator-helpers work by adding `.some` and
`.every` to readable streams.
Co-Authored-By: Robert Nagy <ronagy@icloud.com>
PR-URL: https://github.com/nodejs/node/pull/41573
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41507
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Add the toArray method from the TC39 iterator helper proposal to
Readable streams. This also enables a common-use case of converting a
stream to an array.
Co-Authored-By: Robert Nagy <ronagy@icloud.com>
PR-URL: https://github.com/nodejs/node/pull/41553
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
This simplifies the example and makes it runnable. (The current example
has a magic function.) (This also removes an assignment in a condition
which will be flagged if we enable ESLint's no-cond-assign rule.)
PR-URL: https://github.com/nodejs/node/pull/41574
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41593
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Qingyu Deng <i@ayase-lab.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
The 'subject' option should not only accept the values 'always' and
'never' because neither is compatible with RFC 2818, i.e., HTTPS. This
change adds a third value 'default', which implies the behavior that
HTTPS mandates.
The new 'default' case matches the default behavior of OpenSSL for both
DNS names and email addresses.
Future Node.js versions should change the default option value from
'always' to 'default'.
Refs: https://github.com/nodejs/node/pull/36804
PR-URL: https://github.com/nodejs/node/pull/41569
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Make the text more concise and clear.
PR-URL: https://github.com/nodejs/node/pull/41550
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41560
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
subtle.sign is not supposed to support strings, and in most Web Crypto
implementations, it does not. Passing a string as the 'data' argument
only works in Node.js, and users should not rely on that oddity. The
Web Crypto spec requires the data argument to be a BufferSource, i.e.,
an ArrayBuffer or an ArrayBufferView.
PR-URL: https://github.com/nodejs/node/pull/41556
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
This is part of an effort to get our code to comply with ESLint
no-cond-assign so that we don't have to disable that rule in our config.
PR-URL: https://github.com/nodejs/node/pull/41510
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Add a `forEach` method to readable streams to enable concurrent
iteration and align with the iterator-helpers proposal.
Co-Authored-By: Robert Nagy <ronagy@icloud.com>
PR-URL: https://github.com/nodejs/node/pull/41445
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
This statement is misleading in that it says "key generation is
expensive". ECDHE key generation (over the elliptic curves that are
commonly used for TLS) is insanely fast compared to most other types
of key generation.
This statement is irrelevant for TLS 1.3, which requires (EC)DHE.
Even if this statement is somewhat true for TLS 1.2, it does not
justify discouraging the use of (EC)DHE.
PR-URL: https://github.com/nodejs/node/pull/41528
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
This statement was objectively false. Clients usually only need to
generate and/or own a private key if the server sends a
CertificateRequest during the TLS handshake, which is not a common case.
PR-URL: https://github.com/nodejs/node/pull/41505
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
The internal use of tls.parseCertString was removed in
a336444c7f. The function does not handle
multi-value RDNs correctly, leading to incorrect representations and
security concerns.
This change is breaking in two ways: tls.parseCertString is removed
(but has been runtime-deprecated since Node.js 9) and
_tls_common.translatePeerCertificate does not translate the `subject`
and `issuer` properties anymore.
This change also removes the recommendation to use querystring.parse
instead, which is similarly dangerous.
PR-URL: https://github.com/nodejs/node/pull/41479
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
This adds a missing _is_ in the readable.read() text and makes
small style adjustments.
PR-URL: https://github.com/nodejs/node/pull/41524
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
The current documentation is inaccurate in that checkHost does not
necessarily return the given host name, but instead returns the subject
name that matched the given host name.
Refs: https://github.com/nodejs/node/pull/36804
PR-URL: https://github.com/nodejs/node/pull/41468
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41477
Refs: https://github.com/nodejs/node/pull/24358
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Tierney Cyren <hello@bnb.im>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Referring to `Object.is()` will be more clear and direct. The
`Object.is()` reference in turn refers to `SameValue` so people can dig
deeper there if they want or need to.
PR-URL: https://github.com/nodejs/node/pull/41460
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Harshitha K P <harshitha014@gmail.com>
If the file fails to be written (e.g. missing permissions, no space left
on device, etc), `writeHeapSnapshot` will now throw an exception.
This commit also adds error handling for the `fclose` call, returning
false if a non-zero value was returned.
Fixes: https://github.com/nodejs/node/issues/41346
PR-URL: https://github.com/nodejs/node/pull/41373
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
This is a security release.
Notable changes:
Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
- Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI
is specifically defined to use a particular SAN type, can result in
bypassing name-constrained intermediates. Node.js was accepting URI SAN
types, which PKIs are often not defined to use. Additionally, when a
protocol allows URI SANs, Node.js did not match the URI correctly.
- Versions of Node.js with the fix for this disable the URI SAN type when
checking a certificate against a hostname. This behavior can be
reverted through the `--security-revert` command-line option.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
- Node.js converts SANs (Subject Alternative Names) to a string format.
It uses this string to check peer certificates against hostnames when
validating connections. The string format was subject to an injection
vulnerability when name constraints were used within a certificate
chain, allowing the bypass of these name constraints.
- Versions of Node.js with the fix for this escape SANs containing the
problematic characters in order to prevent the injection. This
behavior can be reverted through the `--security-revert` command-line
option.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
- Node.js did not handle multi-value Relative Distinguished Names
correctly. Attackers could craft certificate subjects containing a
single-value Relative Distinguished Name that would be interpreted as a
multi-value Relative Distinguished Name, for example, in order to inject
a Common Name that would allow bypassing the certificate subject
verification.
- Affected versions of Node.js do not accept multi-value Relative
Distinguished Names and are thus not vulnerable to such attacks
themselves. However, third-party code that uses node's ambiguous
presentation of certificate subjects may be vulnerable.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
Prototype pollution via `console.table` properties (Low)(CVE-2022-21824)
- Due to the formatting logic of the `console.table()` function it was
not safe to allow user controlled input to be passed to the `properties`
parameter while simultaneously passing a plain object with at least one
property as the first parameter, which could be `__proto__`. The
prototype pollution has very limited control, in that it only allows an
empty string to be assigned numerical keys of the object prototype.
- Versions of Node.js with the fix for this use a null protoype for the
object these properties are being assigned to.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
PR-URL: https://github.com/nodejs-private/node-private/pull/311
This is a security release.
Notable changes:
Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
- Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI
is specifically defined to use a particular SAN type, can result in
bypassing name-constrained intermediates. Node.js was accepting URI SAN
types, which PKIs are often not defined to use. Additionally, when a
protocol allows URI SANs, Node.js did not match the URI correctly.
- Versions of Node.js with the fix for this disable the URI SAN type when
checking a certificate against a hostname. This behavior can be
reverted through the `--security-revert` command-line option.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
- Node.js converts SANs (Subject Alternative Names) to a string format.
It uses this string to check peer certificates against hostnames when
validating connections. The string format was subject to an injection
vulnerability when name constraints were used within a certificate
chain, allowing the bypass of these name constraints.
- Versions of Node.js with the fix for this escape SANs containing the
problematic characters in order to prevent the injection. This
behavior can be reverted through the `--security-revert` command-line
option.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
- Node.js did not handle multi-value Relative Distinguished Names
correctly. Attackers could craft certificate subjects containing a
single-value Relative Distinguished Name that would be interpreted as a
multi-value Relative Distinguished Name, for example, in order to inject
a Common Name that would allow bypassing the certificate subject
verification.
- Affected versions of Node.js do not accept multi-value Relative
Distinguished Names and are thus not vulnerable to such attacks
themselves. However, third-party code that uses node's ambiguous
presentation of certificate subjects may be vulnerable.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
Prototype pollution via `console.table` properties (Low)(CVE-2022-21824)
- Due to the formatting logic of the `console.table()` function it was
not safe to allow user controlled input to be passed to the `properties`
parameter while simultaneously passing a plain object with at least one
property as the first parameter, which could be `__proto__`. The
prototype pollution has very limited control, in that it only allows an
empty string to be assigned numerical keys of the object prototype.
- Versions of Node.js with the fix for this use a null protoype for the
object these properties are being assigned to.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
PR-URL: https://github.com/nodejs-private/node-private/pull/312
This is a security release.
Notable changes:
Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
- Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI
is specifically defined to use a particular SAN type, can result in
bypassing name-constrained intermediates. Node.js was accepting URI SAN
types, which PKIs are often not defined to use. Additionally, when a
protocol allows URI SANs, Node.js did not match the URI correctly.
- Versions of Node.js with the fix for this disable the URI SAN type when
checking a certificate against a hostname. This behavior can be
reverted through the `--security-revert` command-line option.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
- Node.js converts SANs (Subject Alternative Names) to a string format.
It uses this string to check peer certificates against hostnames when
validating connections. The string format was subject to an injection
vulnerability when name constraints were used within a certificate
chain, allowing the bypass of these name constraints.
- Versions of Node.js with the fix for this escape SANs containing the
problematic characters in order to prevent the injection. This
behavior can be reverted through the `--security-revert` command-line
option.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
- Node.js did not handle multi-value Relative Distinguished Names
correctly. Attackers could craft certificate subjects containing a
single-value Relative Distinguished Name that would be interpreted as a
multi-value Relative Distinguished Name, for example, in order to inject
a Common Name that would allow bypassing the certificate subject
verification.
- Affected versions of Node.js do not accept multi-value Relative
Distinguished Names and are thus not vulnerable to such attacks
themselves. However, third-party code that uses node's ambiguous
presentation of certificate subjects may be vulnerable.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
Prototype pollution via `console.table` properties (Low)(CVE-2022-21824)
- Due to the formatting logic of the `console.table()` function it was
not safe to allow user controlled input to be passed to the `properties`
parameter while simultaneously passing a plain object with at least one
property as the first parameter, which could be `__proto__`. The
prototype pollution has very limited control, in that it only allows an
empty string to be assigned numerical keys of the object prototype.
- Versions of Node.js with the fix for this use a null protoype for the
object these properties are being assigned to.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
PR-URL: https://github.com/nodejs-private/node-private/pull/310
This is a security release.
Notable changes:
Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
- Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI
is specifically defined to use a particular SAN type, can result in
bypassing name-constrained intermediates. Node.js was accepting URI SAN
types, which PKIs are often not defined to use. Additionally, when a
protocol allows URI SANs, Node.js did not match the URI correctly.
- Versions of Node.js with the fix for this disable the URI SAN type when
checking a certificate against a hostname. This behavior can be
reverted through the `--security-revert` command-line option.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
- Node.js converts SANs (Subject Alternative Names) to a string format.
It uses this string to check peer certificates against hostnames when
validating connections. The string format was subject to an injection
vulnerability when name constraints were used within a certificate
chain, allowing the bypass of these name constraints.
- Versions of Node.js with the fix for this escape SANs containing the
problematic characters in order to prevent the injection. This
behavior can be reverted through the `--security-revert` command-line
option.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
- Node.js did not handle multi-value Relative Distinguished Names
correctly. Attackers could craft certificate subjects containing a
single-value Relative Distinguished Name that would be interpreted as a
multi-value Relative Distinguished Name, for example, in order to inject
a Common Name that would allow bypassing the certificate subject
verification.
- Affected versions of Node.js do not accept multi-value Relative
Distinguished Names and are thus not vulnerable to such attacks
themselves. However, third-party code that uses node's ambiguous
presentation of certificate subjects may be vulnerable.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
Prototype pollution via `console.table` properties (Low)(CVE-2022-21824)
- Due to the formatting logic of the `console.table()` function it was
not safe to allow user controlled input to be passed to the `properties`
parameter while simultaneously passing a plain object with at least one
property as the first parameter, which could be `__proto__`. The
prototype pollution has very limited control, in that it only allows an
empty string to be assigned numerical keys of the object prototype.
- Versions of Node.js with the fix for this use a null protoype for the
object these properties are being assigned to.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
PR-URL: https://github.com/nodejs-private/node-private/pull/309
Previously, Node.js incorrectly accepted uniformResourceIdentifier (URI)
subject alternative names in checkServerIdentity regardless of the
application protocol. This was incorrect even in the most common cases.
For example, RFC 2818 specifies (and RFC 6125 confirms) that HTTP over
TLS only uses dNSName and iPAddress subject alternative names, but not
uniformResourceIdentifier subject alternative names.
Additionally, name constrained certificate authorities might not be
constrained to specific URIs, allowing them to issue certificates for
URIs that specify hosts that they would not be allowed to issue dNSName
certificates for.
Even for application protocols that make use of URI subject alternative
names (such as SIP, see RFC 5922), Node.js did not implement the
required checks correctly, for example, because checkServerIdentity
ignores the URI scheme.
As a side effect, this also fixes an edge case. When a hostname is not
an IP address and no dNSName subject alternative name exists, the
subject's Common Name should be considered even when an iPAddress
subject alternative name exists.
It remains possible for users to pass a custom checkServerIdentity
function to the TLS implementation in order to implement custom identity
verification logic.
This addresses CVE-2021-44531.
CVE-ID: CVE-2021-44531
PR-URL: https://github.com/nodejs-private/node-private/pull/300
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
This change introduces JSON-compatible escaping rules for strings that
include X.509 GeneralName components (see RFC 5280). This non-standard
format avoids ambiguities and prevents injection attacks that could
previously lead to X.509 certificates being accepted even though they
were not valid for the target hostname.
These changes affect the format of subject alternative names and the
format of authority information access. The checkServerIdentity function
has been modified to safely handle the new format, eliminating the
possibility of injecting subject alternative names into the verification
logic.
Because each subject alternative name is only encoded as a JSON string
literal if necessary for security purposes, this change will only be
visible in rare cases.
This addresses CVE-2021-44532.
CVE-ID: CVE-2021-44532
PR-URL: https://github.com/nodejs-private/node-private/pull/300
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41434
Reviewed-By: Guy Bedford <guybedford@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
* Remove link to ECMAScript specification because the term Abstract
Equality Comparison is no longer used there.
* Edit surprising-results material
* Other minor edits
PR-URL: https://github.com/nodejs/node/pull/41375
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41341
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
Reviewed-By: Harshitha K P <harshitha014@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Implement the map method on readable stream. This starts the alignment
with the tc39-iterator-helpers proposal and adds a `.map` method to
every Node.js readable stream.
Co-Authored-By: Robert Nagy <ronag@icloud.com>
PR-URL: https://github.com/nodejs/node/pull/40815
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
The aliases allow code written to assume that `crypto.subtle` and
`crypto.getRandomValues()` exist on the `crypto` global to just work.
Signed-off-by: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41266
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
These have been around long enough to warrant graduation.
Signed-off-by: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41267
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Use autogenerated id attributes.
PR-URL: https://github.com/nodejs/node/pull/41291
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Signed-off-by: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41271
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Signed-off-by: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41271
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
`Blob` is defined as a global in the spec. We have WPT's for it,
and it's graduated experimental. Time to expose it as a global.
Signed-off-by: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41270
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
It's time.
Signed-off-by: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41270
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Fixes: https://github.com/nodejs/node/issues/39564
Signed-off-by: Michael Dawson <mdawson@devrus.com>
PR-URL: https://github.com/nodejs/node/pull/41264
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: Harshitha K P <harshitha014@gmail.com>
Signd-off-by: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41246
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41242
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
PR-URL: https://github.com/nodejs/node/pull/41183
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ricky Zhou <0x19951125@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
* The createHistogram(options) options weren't actually implemented
* Add a new count property that tracks the number of samples
* Adds BigInt options for relevant properties
* Adds add(other) method for RecordableHistogram
* Cleans up and expands tests
* Eliminates unnecessary ELDHistogram native class
* Improve/Simplify histogram transfer impl
Signed-off-by: James M Snell <jasnell@gmail.com>
perf_hooks: simplify Histogram constructor options
Signed-off-by: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41153
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
`lib/internal/process/promises.js` contains the following comment
about --unhandled-rejections=strict. This commit updates the
docs to reflect this:
// --unhandled-rejections=strict:
// Emit 'uncaughtException'. If it's not handled, print
// the error to stderr and exit the process.
// Otherwise, emit 'unhandledRejection'. If
// 'unhandledRejection' is not
// handled, emit 'UnhandledPromiseRejectionWarning'.
Fixes: https://github.com/nodejs/node/issues/41184
PR-URL: https://github.com/nodejs/node/pull/41194
Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41205
Reviewed-By: Guy Bedford <guybedford@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Adrian Estrada <edsadr@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41190
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
This is supposed to be a public alternative of the private APIs,
`process._getActiveResources()` and `process._getActiveHandles()`. When
called, it returns an array of strings containing the types of the
active resources that are currently keeping the event loop alive.
Signed-off-by: Darshan Sen <darshan.sen@postman.com>
PR-URL: https://github.com/nodejs/node/pull/40813
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
These changes are in preparation for enabling a JSDoc lint rule.
PR-URL: https://github.com/nodejs/node/pull/41109
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Adds experimental implementations of the yield and wait APIs being
explored at https://github.com/WICG/scheduling-apis.
When I asked the WHATWG folks about the possibility of standardizing the
[awaitable versions of setTimeout/setImmediate](https://github.com/whatwg/html/issues/7340)
that we have implemented in `timers/promises`, they pointed at the work
in progress scheduling APIs draft as they direction they'll be going.
While there is definitely a few thing in that draft that have
questionable utility to Node.js, the yield and wait APIs map cleanly to
the setImmediate and setTimeout we already have.
Signed-off-by: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40909
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
In example of implementing a writable stream with extending on
Writable add explicit declaration of 'fd' (file descriptor)
variable with null value.
It will make this example more similar to readable stream's one.
And will make it easier to figure out in topic.
PR-URL: https://github.com/nodejs/node/pull/40704
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Fixes: https://github.com/nodejs/abi-stable-node/issues/252
I've been through the Node-api methods and I believe
this is the last places where optional parameters
were not documented.
Signed-off-by: Michael Dawson <mdawson@devrus.com>
PR-URL: https://github.com/nodejs/node/pull/41021
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
This adds the `numericSeparator` option to util.inspect. Using it
separates numbers by thousands adding the underscore accordingly.
Signed-off-by: Ruben Bridgewater <ruben@bridgewater.de>
PR-URL: https://github.com/nodejs/node/pull/41003
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Compare the `lastIndex` property of regular expressions next to the
flags and source property.
Fixes: https://github.com/nodejs/node/issues/28766
Signed-off-by: Ruben Bridgewater <ruben@bridgewater.de>
PR-URL: https://github.com/nodejs/node/pull/41020
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Anto Aravinth <anto.aravinth.cse@gmail.com>
The `socket` property of the `IncomingMessage` object is nulled on the
server after calling `message.destroy()` and on the client after a
request completes and the socket is kept alive.
Fixes: https://github.com/nodejs/node/issues/41011
PR-URL: https://github.com/nodejs/node/pull/41014
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
PR-URL: https://github.com/nodejs/node/pull/40984
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40959
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Deprecate support for returning thenables in stream
implementation methods. This is causing more confusion
and issues than it's worth, and never was documented.
Refs: https://github.com/nodejs/node/issues/39535
Co-authored-by: Antoine du Hamel <duhamelantoine1995@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40860
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/38968
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
PR-URL: https://github.com/nodejs/node/pull/40785
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Bradley Farias <bradley.meck@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Guy Bedford <guybedford@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40785
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Bradley Farias <bradley.meck@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Guy Bedford <guybedford@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
A new reason property was recently added to the AbortSignal spec.
```js
const ac = new AbortController();
ac.abort(new Error('boom!'));
console.loc(ac.signal.reason); // Error('boom!');
```
Signed-off-by: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40807
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Signed-off-by: Michael Dawson <mdawson@devrus.com>
PR-URL: https://github.com/nodejs/node/pull/40821
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Both of these should always refer to the same error, hence
there is no reason to separate them.
PR-URL: https://github.com/nodejs/node/pull/40799
Refs: https://github.com/nodejs/node/pull/40696
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40696
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
docs: add asyncWrapProviders api doc
tests(async_hooks): use internalBinding for comparisson
fix(test-async-wrap): lint error
docs: use REPLACEME for asyncWrapProviders
update: use freeze and copy for asyncWrapProviders
update(async_hooks): use primordials on asyncWrapProviders
fix: use common to expect error
docs(asyncWrapProviders): rephrase return type
fix: lint md
fix: lint md
docs(async_hooks): typo
Co-authored-by: Stephen Belanger <admin@stephenbelanger.com>
update(asyncWrapProviders): add __proto__ as null
Co-authored-by: Simone Busoli <simone.busoli@gmail.com>
Co-authored-by: Michaël Zasso <targos@protonmail.com>
test: adjust __proto__ assertion
docs: add DEP0111 link
PR-URL: https://github.com/nodejs/node/pull/40760
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
There was a missing callback in the Transform#flush example
implementation.
PR-URL: https://github.com/nodejs/node/pull/40777
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
The markdown-linter (lint-md) is failing because of a missing newline
caused by 79d681501d.
PR-URL: https://github.com/nodejs/node/pull/40780
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
PR-URL: https://github.com/nodejs/node/pull/39809
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Remove V8 flag for import assertions, enabling support for the syntax;
require the import assertion syntax for imports of JSON.
Support import assertions in user loaders.
Use both resolved module URL and import assertion type as the key for
caching modules.
Co-authored-by: Geoffrey Booth <webadmin@geoffreybooth.com>
PR-URL: https://github.com/nodejs/node/pull/40250
Reviewed-By: Bradley Farias <bradley.meck@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
PR-URL: https://github.com/nodejs/node/pull/39283
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Update mdast-util-to-markdown to 1.2.4 which reduces unnecessary
escaping of `_` and some other characters. Re-run markdown formatter.
PR-URL: https://github.com/nodejs/node/pull/40645
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Once the README and find-inactive-collaborators.mjs changes land here,
we can introduce markdown formatting as a step in the toolchain
somewhere.
Before this lands, https://github.com/nodejs/node-core-utils/pull/578
will need to land and be included in a node-core-utils release.
PR-URL: https://github.com/nodejs/node/pull/40645
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
This adds a link to the --openssl-legacy-provider flag to the
"Support for weak or compromised algorithms" section.
PR-URL: https://github.com/nodejs/node/pull/40593
Refs: https://github.com/nodejs/node/pull/40478
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Voltrex <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Beth Griggs <bgriggs@redhat.com>
PR-URL: https://github.com/nodejs/node/pull/40573
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Voltrex <mohammadkeyvanzade94@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40573
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Voltrex <mohammadkeyvanzade94@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40573
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Voltrex <mohammadkeyvanzade94@gmail.com>
- Rename "Async_context" to "Asynchronous context tracking" in toc.
- Use named imports to show how `AsyncLocalStorage` and `AsyncResource`
can be imported.
PR-URL: https://github.com/nodejs/node/pull/40560
Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Voltrex <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
Update documentation to match the changed `--dns-result-order` default
value in Node.js 17.
Refs: https://github.com/nodejs/node/pull/39987
PR-URL: https://github.com/nodejs/node/pull/40538
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Fix up example and make it more explicit on how
you need to use napi_extended_error_info in order to
help people avoid what might be a common mistake that
we made in node-addon-api.
Refs: https://github.com/nodejs/node-addon-api/issues/1089
Signed-off-by: Michael Dawson <mdawson@devrus.com>
PR-URL: https://github.com/nodejs/node/pull/40458
Reviewed-By: Gabriel Schulhof <gabrielschulhof@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Notable Changes:
Experimental ESM Loader Hooks API:
Node.js ESM Loader hooks have been consolidated to represent the steps involved needed to facilitate future loader chaining:
1. `resolve`: `resolve` [+ `getFormat`]
2. `load`: `getFormat` + `getSource` + `transformSource`
For consistency, `getGlobalPreloadCode` has been renamed to `globalPreload`.
A loader exporting obsolete hook(s) will trigger a single deprecation warning (per loader) listing the errant hooks.
Contributed by Jacob Smith, Geoffrey Booth, and Bradley Farias - https://github.com/nodejs/node/pull/37468
Other Notable Changes:
deps:
* upgrade npm to 8.1.0 (npm team) https://github.com/nodejs/node/pull/40463
doc:
* deprecate (doc-only) http abort related (dr-js) https://github.com/nodejs/node/pull/36670
vm:
* (SEMVER-MINOR) add support for import assertions in dynamic imports (Antoine du Hamel) https://github.com/nodejs/node/pull/40249
PR-URL: https://github.com/nodejs/node/pull/40504
PR-URL: https://github.com/nodejs/node/pull/40403
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40433
Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com>
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Bryan English <bryan@bryanenglish.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40433
Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com>
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Bryan English <bryan@bryanenglish.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
This is useful information to have for applications that don't need to read the other properties. The implementation checks for `nullptr`, see: https://github.com/nodejs/node/blob/master/src/js_native_api_v8.cc#L2879
PR-URL: https://github.com/nodejs/node/pull/40371
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40408
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
The description that store is not available
when asynchronous operation is created within
the callback is not accurate
PR-URL: https://github.com/nodejs/node/pull/40381
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
PR-URL: https://github.com/nodejs/node/pull/40402
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40255
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40337
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Harshitha K P <harshitha014@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
Refs: https://github.com/nodejs/node/pull/37468
PR-URL: https://github.com/nodejs/node/pull/40275
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
_subpath_ is not defined in this context. This is pretty clearly meant
to be _packageSubpath_, which is the second argument to
`PACKAGE_SELF_RESOLVE`
PR-URL: https://github.com/nodejs/node/pull/40273
Reviewed-By: Guy Bedford <guybedford@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
`resolve` does not return a `source` property
PR-URL: https://github.com/nodejs/node/pull/40234
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit exposes the existing stripVTControlCharacters()
method with docs and some additional input validation.
PR-URL: https://github.com/nodejs/node/pull/40214
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
doc: fix the example of crypto.generateKeySync
The "options" argument must be an object.
PR-URL: https://github.com/nodejs/node/pull/40225
Reviewed-By: Qingyu Deng <i@ayase-lab.com>
Reviewed-By: Harshitha K P <harshitha014@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Refs: https://github.com/nodejs/node/pull/36641
Refs: https://github.com/nodejs/node/issues/36617#issuecomment-751443964
Documentation-only deprecate `.aborted` property and `'abort'`,
`'aborted'` event in `http`, and suggest using the corresponding
Stream API instead.
Co-authored-by: Michaël Zasso <targos@protonmail.com>
Co-authored-by: Rich Trott <rtrott@gmail.com>
Co-authored-by: Robert Nagy <ronagy@icloud.com>
Co-authored-by: Antoine du Hamel <duhamelantoine1995@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/36670
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
The current wording suggests to compare Date objects, which won't work.
PR-URL: https://github.com/nodejs/node/pull/40134
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Add a yaml section to document when diagnostics_channel APIs were
introduced.
PR-URL: https://github.com/nodejs/node/pull/40208
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40164
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Buffer's Blob api example code has some token error
PR-URL: https://github.com/nodejs/node/pull/40125
Reviewed-By: Qingyu Deng <i@ayase-lab.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40187
Reviewed-By: Qingyu Deng <i@ayase-lab.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40161
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Upcoming remark-based formatting/linting will add a blank line between
comments in markdown. This is in preparation for that change.
PR-URL: https://github.com/nodejs/node/pull/40160
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/40133
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
