The callback argument is required.
PR-URL: https://github.com/nodejs/node/pull/44311
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Instead of referring users to perl to find information about supported
MODP groups in crypto_groups.h, explicitly list the groups with their
respective strengths and with references to the defining RFC sections.
Refs: https://github.com/nodejs/node/pull/43896
PR-URL: https://github.com/nodejs/node/pull/43986
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Some core modules can be loaded with or without the `node:` prefix.
Using the prefix disambiguates which specifiers refer to core modules.
This commit updates the docs to use the prefix everywhere a core module
is referenced.
PR-URL: https://github.com/nodejs/node/pull/42752
Fixes: https://github.com/nodejs/node/issues/38343
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Notable Changes:
Deprecations and Removals:
- (SEMVER-MAJOR) fs: runtime deprecate string coercion in `fs.write`,
`fs.writeFileSync`
(Livia Medeiros) (https://github.com/nodejs/node/pull/42607)
- (SEMVER-MAJOR) dns: remove `dns.lookup` and `dnsPromises.lookup`
options type coercion
(Antoine du Hamel) (https://github.com/nodejs/node/pull/41431)
- (SEMVER-MAJOR) process: runtime deprecate multipleResolves
(Benjamin Gruenbaum) (https://github.com/nodejs/node/pull/41896)
- (SEMVER-MAJOR) stream: remove thenable support (Robert Nagy)
(https://github.com/nodejs/node/pull/40773)
- (SEMVER-MAJOR) tls: move tls.parseCertString to end-of-life
(Tobias Nießen) (https://github.com/nodejs/node/pull/41479)
fetch (experimental):
An experimental fetch API is available on the global scope by default.
The implementation is based upon https://undici.nodejs.org/#/,
an HTTP/1.1 client written for Node.js by contributors to the project.
Through this addition, the following globals are made available: `fetch`
, `FormData`, `Headers`, `Request`, `Response`.
Disable this API with the `--no-experimental-fetch` command-line flag.
Contributed by Michaël Zasso in https://github.com/nodejs/node/pull/41811.
HTTP Timeouts:
`server.headersTimeout`, which limits the amount of time the parser will
wait to receive the complete HTTP headers, is now set to `60000` (60
seconds) by default.
`server.requestTimeout`, which sets the timeout value in milliseconds
for receiving the entire request from the client, is now set to `300000`
(5 minutes) by default.
If these timeouts expire, the server responds with status 408 without
forwarding the request to the request listener and then closes the
connection.
Both timeouts must be set to a non-zero value to protect against
potential Denial-of-Service attacks in case the server is deployed
without a reverse proxy in front.
Contributed by Paolo Insogna in https://github.com/nodejs/node/pull/41263.
Test Runner module (experimental):
The `node:test` module facilitates the creation of JavaScript tests that
report results in TAP format. This module is only available under the
`node:` scheme.
Contributed by Colin Ihrig in https://github.com/nodejs/node/pull/42325.
Toolchain and Compiler Upgrades:
- Prebuilt binaries for Linux are now built on Red Hat Enterprise Linux
(RHEL) 8 and are compatible with Linux distributions based on glibc
2.28 or later, for example, Debian 10, RHEL 8, Ubuntu 20.04.
- Prebuilt binaries for macOS now require macOS 10.15 or later.
- For AIX the minimum supported architecture has been raised from Power
7 to Power 8.
Prebuilt binaries for 32-bit Windows will initially not be available due
to issues building the V8 dependency in Node.js. We hope to restore
32-bit Windows binaries for Node.js 18 with a future V8 update.
Node.js does not support running on operating systems that are no longer
supported by their vendor. For operating systems where their vendor has
planned to end support earlier than April 2025, such as Windows 8.1
(January 2023) and Windows Server 2012 R2 (October 2023), support for
Node.js 18 will end at the earlier date.
Full details about the supported toolchains and compilers are documented
in the Node.js `BUILDING.md` file.
Contributed by Richard Lau in https://github.com/nodejs/node/pull/42292,
https://github.com/nodejs/node/pull/42604 and https://github.com/nodejs/node/pull/42659
, and Michaël Zasso in https://github.com/nodejs/node/pull/42105 and
https://github.com/nodejs/node/pull/42666.
V8 10.1:
The V8 engine is updated to version 10.1, which is part of Chromium 101.
Compared to the version included in Node.js 17.9.0, the following new
features are included:
- The `findLast` and `findLastIndex` array methods.
- Improvements to the `Intl.Locale` API.
- The `Intl.supportedValuesOf` function.
- Improved performance of class fields and private class methods (the
initialization of them is now as fast as ordinary property stores).
The data format returned by the serialization API (`v8.serialize(value)`)
has changed, and cannot be deserialized by earlier versions of Node.js.
On the other hand, it is still possible to deserialize the previous
format, as the API is backwards-compatible.
Contributed by Michaël Zasso in https://github.com/nodejs/node/pull/42657.
Web Streams API (experimental):
Node.js now exposes the experimental implementation of the Web Streams
API on the global scope. This means the following APIs are now globally
available:
- `ReadableStream`, `ReadableStreamDefaultReader`,
`ReadableStreamBYOBReader`, `ReadableStreamBYOBRequest`,
`ReadableByteStreamController`, `ReadableStreamDefaultController`,
`TransformStream`, `TransformStreamDefaultController`, `WritableStream`,
`WritableStreamDefaultWriter`, `WritableStreamDefaultController`,
`ByteLengthQueuingStrategy`, `CountQueuingStrategy`, `TextEncoderStream`,
`TextDecoderStream`, `CompressionStream`, `DecompressionStream`.
Contributed James Snell in https://github.com/nodejs/node/pull/39062,
and Antoine du Hamel in https://github.com/nodejs/node/pull/42225.
Other Notable Changes:
- (SEMVER-MAJOR) buffer: expose Blob as a global
(James M Snell) (https://github.com/nodejs/node/pull/41270)
- (SEMVER-MAJOR) child\_process: improve argument validation
(Rich Trott) (https://github.com/nodejs/node/pull/41305)
- doc: add RafaelGSS to collaborators
(RafaelGSS) (https://github.com/nodejs/node/pull/42718)
- (SEMVER-MAJOR) http: make TCP noDelay enabled by default
(Paolo Insogna) (https://github.com/nodejs/node/pull/42163)
- (SEMVER-MAJOR) net: make `server.address()` return an integer for
`family`
(Antoine du Hamel) (https://github.com/nodejs/node/pull/41431)
- (SEMVER-MAJOR) worker: expose BroadcastChannel as a global
(James M Snell) (https://github.com/nodejs/node/pull/41271)
- (SEMVER-MAJOR) worker: graduate BroadcastChannel to supported
(James M Snell) (https://github.com/nodejs/node/pull/41271)
Semver-Major Commits:
- (SEMVER-MAJOR) assert,util: compare RegExp.lastIndex while using deep
equal checks
(Ruben Bridgewater) (https://github.com/nodejs/node/pull/41020)
- (SEMVER-MAJOR) buffer: refactor `byteLength` to remove outdated
optimizations
(Rongjian Zhang) (https://github.com/nodejs/node/pull/38545)
- (SEMVER-MAJOR) buffer: expose Blob as a global
(James M Snell) (https://github.com/nodejs/node/pull/41270)
- (SEMVER-MAJOR) buffer: graduate Blob from experimental
(James M Snell) (https://github.com/nodejs/node/pull/41270)
- (SEMVER-MAJOR) build: make x86 Windows support temporarily
experimental
(Michaël Zasso) (https://github.com/nodejs/node/pull/42666)
- (SEMVER-MAJOR) build: bump macOS deployment target to 10.15
(Richard Lau) (https://github.com/nodejs/node/pull/42292)
- (SEMVER-MAJOR) build: downgrade Windows 8.1 and server 2012 R2 to
experimental
(Michaël Zasso) (https://github.com/nodejs/node/pull/42105)
- (SEMVER-MAJOR) child\_process: improve argument validation
(Rich Trott) (https://github.com/nodejs/node/pull/41305)
- (SEMVER-MAJOR) cluster: make `kill` to be just `process.kill`
(Bar Admoni) (https://github.com/nodejs/node/pull/34312)
- (SEMVER-MAJOR) crypto: cleanup validation
(Mohammed Keyvanzadeh) (https://github.com/nodejs/node/pull/39841)
- (SEMVER-MAJOR) crypto: prettify othername in PrintGeneralName
(Tobias Nießen) (https://github.com/nodejs/node/pull/42123)
- (SEMVER-MAJOR) crypto: fix X509Certificate toLegacyObject
(Tobias Nießen) (https://github.com/nodejs/node/pull/42124)
- (SEMVER-MAJOR) crypto: use RFC2253 format in PrintGeneralName
(Tobias Nießen) (https://github.com/nodejs/node/pull/42002)
- (SEMVER-MAJOR) crypto: change default check(Host|Email) behavior
(Tobias Nießen) (https://github.com/nodejs/node/pull/41600)
- (SEMVER-MAJOR) deps: V8: cherry-pick semver-major commits from 10.2
(Michaël Zasso) (https://github.com/nodejs/node/pull/42657)
- (SEMVER-MAJOR) deps: update V8 to 10.1.124.6
(Michaël Zasso) (https://github.com/nodejs/node/pull/42657)
- (SEMVER-MAJOR) deps: update V8 to 9.8.177.9
(Michaël Zasso) (https://github.com/nodejs/node/pull/41610)
- (SEMVER-MAJOR) deps: update V8 to 9.7.106.18
(Michaël Zasso) (https://github.com/nodejs/node/pull/40907)
- (SEMVER-MAJOR) dns: remove `dns.lookup` and `dnsPromises.lookup`
options type coercion
(Antoine du Hamel) (https://github.com/nodejs/node/pull/41431)
- (SEMVER-MAJOR) doc: update minimum glibc requirements for Linux
(Richard Lau) (https://github.com/nodejs/node/pull/42659)
- (SEMVER-MAJOR) doc: update AIX minimum supported arch
(Richard Lau) (https://github.com/nodejs/node/pull/42604)
- (SEMVER-MAJOR) fs: runtime deprecate string coercion in `fs.write`,
`fs.writeFileSync`
(Livia Medeiros) (https://github.com/nodejs/node/pull/42607)
- (SEMVER-MAJOR) http: refactor headersTimeout and requestTimeout logic
(Paolo Insogna) (https://github.com/nodejs/node/pull/41263)
- (SEMVER-MAJOR) http: make TCP noDelay enabled by default
(Paolo Insogna) (https://github.com/nodejs/node/pull/42163)
- (SEMVER-MAJOR) lib: enable fetch by default
(Michaël Zasso) (https://github.com/nodejs/node/pull/41811)
- (SEMVER-MAJOR) lib: replace validator and error
(Mohammed Keyvanzadeh) (https://github.com/nodejs/node/pull/41678)
- (SEMVER-MAJOR) module,repl: support 'node:'-only core modules
(Colin Ihrig) (https://github.com/nodejs/node/pull/42325)
- (SEMVER-MAJOR) net: make `server.address()` return an integer for
`family`
(Antoine du Hamel) (https://github.com/nodejs/node/pull/41431)
- (SEMVER-MAJOR) process: disallow some uses of Object.defineProperty()
on process.env
(Himself65) (https://github.com/nodejs/node/pull/28006)
- (SEMVER-MAJOR) process: runtime deprecate multipleResolves
(Benjamin Gruenbaum) (https://github.com/nodejs/node/pull/41896)
- (SEMVER-MAJOR) readline: fix question still called after closed
(Xuguang Mei) (https://github.com/nodejs/node/pull/42464)
- (SEMVER-MAJOR) stream: remove thenable support
(Robert Nagy) (https://github.com/nodejs/node/pull/40773)
- (SEMVER-MAJOR) stream: expose web streams globals, remove runtime
experimental warning
(Antoine du Hamel) (https://github.com/nodejs/node/pull/42225)
- (SEMVER-MAJOR) stream: need to cleanup event listeners if last stream
is readable
(Xuguang Mei) (https://github.com/nodejs/node/pull/41954)
- (SEMVER-MAJOR) stream: revert revert `map` spec compliance
(Benjamin Gruenbaum) (https://github.com/nodejs/node/pull/41933)
- (SEMVER-MAJOR) stream: throw invalid arg type from End Of Stream
(Jithil P Ponnan) (https://github.com/nodejs/node/pull/41766)
- (SEMVER-MAJOR) stream: don't emit finish after destroy
(Robert Nagy) (https://github.com/nodejs/node/pull/40852)
- (SEMVER-MAJOR) stream: add errored and closed props
(Robert Nagy) (https://github.com/nodejs/node/pull/40696)
- (SEMVER-MAJOR) test: add initial test module
(Colin Ihrig) (https://github.com/nodejs/node/pull/42325)
- (SEMVER-MAJOR) timers: refactor internal classes to ES2015 syntax
(Rabbit) (https://github.com/nodejs/node/pull/37408)
- (SEMVER-MAJOR) tls: represent registeredID numerically always
(Tobias Nießen) (https://github.com/nodejs/node/pull/41561)
- (SEMVER-MAJOR) tls: move tls.parseCertString to end-of-life
(Tobias Nießen) (https://github.com/nodejs/node/pull/41479)
- (SEMVER-MAJOR) url: throw on NULL in IPv6 hostname
(Rich Trott) (https://github.com/nodejs/node/pull/42313)
- (SEMVER-MAJOR) v8: make v8.writeHeapSnapshot() error codes consistent
(Darshan Sen) (https://github.com/nodejs/node/pull/42577)
- (SEMVER-MAJOR) v8: make writeHeapSnapshot throw if fopen fails
(Antonio Román) (https://github.com/nodejs/node/pull/41373)
- (SEMVER-MAJOR) worker: expose BroadcastChannel as a global
(James M Snell) (https://github.com/nodejs/node/pull/41271)
- (SEMVER-MAJOR) worker: graduate BroadcastChannel to supported
(James M Snell) (https://github.com/nodejs/node/pull/41271)
PR-URL: https://github.com/nodejs/node/pull/42262
Recommend using x509.fingerprint256 instead of x509.fingerprint and
x509.fingerprint512 and suggest using it instead of x509.serialNumber
in order to uniquely identify certificates.
PR-URL: https://github.com/nodejs/node/pull/42516
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tierney Cyren <hello@bnb.im>
The last release line that did not support the new openssl list command
was OpenSSL 1.1.0, which reached its end-of-life status years ago.
PR-URL: https://github.com/nodejs/node/pull/42235
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41875
Reviewed-By: Mestery <mestery@protonmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
The cipher should be spelled "ChaCha20-Poly1305", i.e., with a hyphen
between the encryption and MAC algorithm names. Also change "when client
does" to "when the client does."
PR-URL: https://github.com/nodejs/node/pull/41866
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Mestery <mestery@protonmail.com>
The ECDH API changes were made more than six years ago and this
section is not helpful for new applications. The behavior of the ECDH
APIs should be explained in the relevant sections, not in a note.
Refs: https://github.com/nodejs/node/pull/3511
PR-URL: https://github.com/nodejs/node/pull/41773
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
This changes the default behavior of the X509Certificate functions
checkHost and checkEmail to match the default behavior of OpenSSL's
X509_check_host and X509_check_email functions, respectively, which
is also what RFC 2818 mandates for HTTPS.
Refs: https://github.com/nodejs/node/pull/36804
Refs: https://github.com/nodejs/node/pull/41569
PR-URL: https://github.com/nodejs/node/pull/41600
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41507
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
The 'subject' option should not only accept the values 'always' and
'never' because neither is compatible with RFC 2818, i.e., HTTPS. This
change adds a third value 'default', which implies the behavior that
HTTPS mandates.
The new 'default' case matches the default behavior of OpenSSL for both
DNS names and email addresses.
Future Node.js versions should change the default option value from
'always' to 'default'.
Refs: https://github.com/nodejs/node/pull/36804
PR-URL: https://github.com/nodejs/node/pull/41569
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
The current documentation is inaccurate in that checkHost does not
necessarily return the given host name, but instead returns the subject
name that matched the given host name.
Refs: https://github.com/nodejs/node/pull/36804
PR-URL: https://github.com/nodejs/node/pull/41468
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
This is a security release.
Notable changes:
Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
- Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI
is specifically defined to use a particular SAN type, can result in
bypassing name-constrained intermediates. Node.js was accepting URI SAN
types, which PKIs are often not defined to use. Additionally, when a
protocol allows URI SANs, Node.js did not match the URI correctly.
- Versions of Node.js with the fix for this disable the URI SAN type when
checking a certificate against a hostname. This behavior can be
reverted through the `--security-revert` command-line option.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
- Node.js converts SANs (Subject Alternative Names) to a string format.
It uses this string to check peer certificates against hostnames when
validating connections. The string format was subject to an injection
vulnerability when name constraints were used within a certificate
chain, allowing the bypass of these name constraints.
- Versions of Node.js with the fix for this escape SANs containing the
problematic characters in order to prevent the injection. This
behavior can be reverted through the `--security-revert` command-line
option.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
- Node.js did not handle multi-value Relative Distinguished Names
correctly. Attackers could craft certificate subjects containing a
single-value Relative Distinguished Name that would be interpreted as a
multi-value Relative Distinguished Name, for example, in order to inject
a Common Name that would allow bypassing the certificate subject
verification.
- Affected versions of Node.js do not accept multi-value Relative
Distinguished Names and are thus not vulnerable to such attacks
themselves. However, third-party code that uses node's ambiguous
presentation of certificate subjects may be vulnerable.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
Prototype pollution via `console.table` properties (Low)(CVE-2022-21824)
- Due to the formatting logic of the `console.table()` function it was
not safe to allow user controlled input to be passed to the `properties`
parameter while simultaneously passing a plain object with at least one
property as the first parameter, which could be `__proto__`. The
prototype pollution has very limited control, in that it only allows an
empty string to be assigned numerical keys of the object prototype.
- Versions of Node.js with the fix for this use a null protoype for the
object these properties are being assigned to.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
PR-URL: https://github.com/nodejs-private/node-private/pull/311
This is a security release.
Notable changes:
Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
- Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI
is specifically defined to use a particular SAN type, can result in
bypassing name-constrained intermediates. Node.js was accepting URI SAN
types, which PKIs are often not defined to use. Additionally, when a
protocol allows URI SANs, Node.js did not match the URI correctly.
- Versions of Node.js with the fix for this disable the URI SAN type when
checking a certificate against a hostname. This behavior can be
reverted through the `--security-revert` command-line option.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44531
Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
- Node.js converts SANs (Subject Alternative Names) to a string format.
It uses this string to check peer certificates against hostnames when
validating connections. The string format was subject to an injection
vulnerability when name constraints were used within a certificate
chain, allowing the bypass of these name constraints.
- Versions of Node.js with the fix for this escape SANs containing the
problematic characters in order to prevent the injection. This
behavior can be reverted through the `--security-revert` command-line
option.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44532
Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
- Node.js did not handle multi-value Relative Distinguished Names
correctly. Attackers could craft certificate subjects containing a
single-value Relative Distinguished Name that would be interpreted as a
multi-value Relative Distinguished Name, for example, in order to inject
a Common Name that would allow bypassing the certificate subject
verification.
- Affected versions of Node.js do not accept multi-value Relative
Distinguished Names and are thus not vulnerable to such attacks
themselves. However, third-party code that uses node's ambiguous
presentation of certificate subjects may be vulnerable.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44533
Prototype pollution via `console.table` properties (Low)(CVE-2022-21824)
- Due to the formatting logic of the `console.table()` function it was
not safe to allow user controlled input to be passed to the `properties`
parameter while simultaneously passing a plain object with at least one
property as the first parameter, which could be `__proto__`. The
prototype pollution has very limited control, in that it only allows an
empty string to be assigned numerical keys of the object prototype.
- Versions of Node.js with the fix for this use a null protoype for the
object these properties are being assigned to.
- More details will be available at
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21824
PR-URL: https://github.com/nodejs-private/node-private/pull/312
This change introduces JSON-compatible escaping rules for strings that
include X.509 GeneralName components (see RFC 5280). This non-standard
format avoids ambiguities and prevents injection attacks that could
previously lead to X.509 certificates being accepted even though they
were not valid for the target hostname.
These changes affect the format of subject alternative names and the
format of authority information access. The checkServerIdentity function
has been modified to safely handle the new format, eliminating the
possibility of injecting subject alternative names into the verification
logic.
Because each subject alternative name is only encoded as a JSON string
literal if necessary for security purposes, this change will only be
visible in rare cases.
This addresses CVE-2021-44532.
CVE-ID: CVE-2021-44532
PR-URL: https://github.com/nodejs-private/node-private/pull/300
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
The aliases allow code written to assume that `crypto.subtle` and
`crypto.getRandomValues()` exist on the `crypto` global to just work.
Signed-off-by: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/41266
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
The markdown-linter (lint-md) is failing because of a missing newline
caused by 79d681501d.
PR-URL: https://github.com/nodejs/node/pull/40780
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
PR-URL: https://github.com/nodejs/node/pull/39809
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
