| Age | Commit message (Collapse) | Author |
|---|
|
Notable changes:
assert: add `getCalls` and `reset` to callTracker (Moshe Atlow) https://github.com/nodejs/node/pull/44191
crypto: allow zero-length secret KeyObject (Filip Skokan) https://github.com/nodejs/node/pull/44201
crypto: allow zero-length IKM in HKDF and in webcrypto PBKDF2 (Filip Skokan) https://github.com/nodejs/node/pull/44201
doc: deprecate modp1, modp2, and modp5 groups (Tobias Nießen) https://github.com/nodejs/node/pull/44588
http: make idle http parser count configurable (theanarkh) https://github.com/nodejs/node/pull/43974
http: throw error on content-length mismatch (sidwebworks) https://github.com/nodejs/node/pull/44378
lib: add diagnostics channel for process and worker (theanarkh) https://github.com/nodejs/node/pull/44045
net,tls: pass a valid socket on `tlsClientError` (Daeyeon Jeong) https://github.com/nodejs/node/pull/44021
net: add local family (theanarkh) https://github.com/nodejs/node/pull/43975
report: expose report public native apis (Chengzhong Wu) https://github.com/nodejs/node/pull/44255
src: expose environment RequestInterrupt api (Chengzhong Wu) https://github.com/nodejs/node/pull/44362
stream: add `ReadableByteStream.tee()` (Daeyeon Jeong) https://github.com/nodejs/node/pull/44505
test_runner: add before/after/each hooks (Moshe Atlow) https://github.com/nodejs/node/pull/43730
util: add `maxArrayLength` option to Set and Map (Kohei Ueno) https://github.com/nodejs/node/pull/43576
PR-URL: https://github.com/nodejs/node/pull/44886
|
|
PR-URL: https://github.com/nodejs/node/pull/44201
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Backport-PR-URL: https://github.com/nodejs/node/pull/44872
|
|
PR-URL: https://github.com/nodejs/node/pull/44201
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Backport-PR-URL: https://github.com/nodejs/node/pull/44872
|
|
Deprecation should reference a valid deprecation code.
PR-URL: https://github.com/nodejs/node/pull/44624
Refs: https://github.com/nodejs/node/pull/36510
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Michael Dawson <midawson@redhat.com>
|
|
Remove redundant use of "currently" and fix a comma splice.
PR-URL: https://github.com/nodejs/node/pull/44789
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
Reviewed-By: Harshitha K P <harshitha014@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Daeyeon Jeong <daeyeon.dev@gmail.com>
|
|
Closes: https://github.com/nodejs/node/issues/44773
PR-URL: https://github.com/nodejs/node/pull/44774
Fixes: https://github.com/nodejs/node/issues/44773
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Daeyeon Jeong <daeyeon.dev@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44764
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44760
Reviewed-By: Ruy Adorno <ruyadorno@google.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44791
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
|
|
Signed-off-by: Daeyeon Jeong <daeyeon.dev@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/44761
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
|
|
doc/changelogs/CHANGELOG_V16.md is missing the security release header
prior to the "Notable changes" section.
PR-URL: https://github.com/nodejs/node/pull/44759
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Bryan English <bryan@bryanenglish.com>
Reviewed-By: Beth Griggs <bethanyngriggs@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
|
|
This updates the deprecation, DEP0164, to clarify its scope.
Previously, `process.exitCode` wasn't mentioned but it needs
to be applied with the same deprecation because its meaning
is the same as the `code` value and it's overridden with the
`code` value in `process.exit()`.
Signed-off-by: Daeyeon Jeong <daeyeon.dev@gmail.com>
Co-authored-by: Antoine du Hamel <duhamelantoine1995@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/44714
Refs: https://github.com/nodejs/node/pull/44712
Refs: https://github.com/nodejs/node/pull/43738
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
|
|
- updated based on decision to use node: prefix in
https://github.com/nodejs/TSC/pull/1206
- updated based on agreement in TSC meeting
on adding /promises to existing modules as per
minutes - https://github.com/nodejs/TSC/pull/1281
Signed-off-by: Michael Dawson <mdawson@devrus.com>
PR-URL: https://github.com/nodejs/node/pull/44576
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Beth Griggs <bethanyngriggs@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
|
|
PR-URL: https://github.com/nodejs/node/pull/44748
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
|
|
PR-URL: https://github.com/nodejs/node/pull/44733
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
|
|
Add missing examples for webstreams consumers
Doc URL: https://nodejs.org/api/webstreams.html#streamconsumerstextstream
PR-URL: https://github.com/nodejs/node/pull/44387
Reviewed-By: Erick Wendel <erick.workspace@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Daijiro Wachi <daijiro.wachi@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44691
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44734
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44652
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Co-authored-by: Antoine du Hamel <duhamelantoine1995@gmail.com>
Co-authored-by: Tobias Nießen <tniessen@tnie.de>
Co-authored-by: Luigi Pinca <luigipinca@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44378
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44665
Reviewed-By: Beth Griggs <bethanyngriggs@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
|
|
There are two lists of MODP groups, one of which is redundant and does
not mark weak groups as deprecated. Remove said list and refer readers
to the first list instead.
Refs: https://github.com/nodejs/node/pull/43986
Refs: https://github.com/nodejs/node/pull/44588
PR-URL: https://github.com/nodejs/node/pull/44644
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
|
|
Retrospectively document the changes history of the `inspector.close`
API.
PR-URL: https://github.com/nodejs/node/pull/44628
Refs: https://github.com/nodejs/node/pull/44489
Refs: https://github.com/nodejs/node/pull/13228
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Daeyeon Jeong <daeyeon.dev@gmail.com>
Reviewed-By: Kohei Ueno <kohei.ueno119@gmail.com>
|
|
Signed-off-by: Daeyeon Jeong daeyeon.dev@gmail.com
PR-URL: https://github.com/nodejs/node/pull/44608
Reviewed-By: theanarkh <theratliter@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
|
|
Signed-off-by: Daeyeon Jeong daeyeon.dev@gmail.com
PR-URL: https://github.com/nodejs/node/pull/44609
Reviewed-By: theanarkh <theratliter@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Akhil Marsonya <akhil.marsonya27@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Harshitha K P <harshitha014@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44617
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Daeyeon Jeong <daeyeon.dev@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
|
|
Workers can open their own inspector agent with `inspector.open`.
They should be able to close their own inspector agent too with
`inspector.close`.
PR-URL: https://github.com/nodejs/node/pull/44489
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
|
|
These MODP groups should not be used by new applications, and existing
applications should attempt to migrate to stronger groups (or different
key exchange mechanisms).
Some applications still rely on these particular groups, so Node.js will
likely maintain support, directly or indirectly, for the foreseeable
future.
Refs: https://github.com/nodejs/node/issues/44539
PR-URL: https://github.com/nodejs/node/pull/44588
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
|
|
These constants have not existed since OpenSSL 1.1.0 reached EOL a few
years ago.
Refs: https://github.com/nodejs/node/pull/19794
PR-URL: https://github.com/nodejs/node/pull/44589
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
|
|
before/after/beforeEach/afterEach are exported directly from `node:test`
and should not be indented under `it.todo`.
PR-URL: https://github.com/nodejs/node/pull/44603
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
|
|
Fixes: https://github.com/nodejs/node/issues/44567
PR-URL: https://github.com/nodejs/node/pull/44587
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Mestery <mestery@protonmail.com>
|
|
`Script.createCachedData` and `SourceTextModule.createCachedData`
doesn't serialize JavaScript variables.
PR-URL: https://github.com/nodejs/node/pull/44487
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44572
Reviewed-By: Beth Griggs <bethanyngriggs@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Ruy Adorno <ruyadorno@google.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44594
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
|
|
As a first, small step toward deprecating modp1, stop using it in an
example that users might copy.
Refs: https://github.com/nodejs/node/issues/44539
PR-URL: https://github.com/nodejs/node/pull/44585
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: theanarkh <theratliter@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44549
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
|
|
This supports teeing readable byte streams to meet
the latest web streams standards.
Signed-off-by: Daeyeon Jeong daeyeon.dev@gmail.com
PR-URL: https://github.com/nodejs/node/pull/44505
Refs: https://streams.spec.whatwg.org/#readable-stream-tee
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
|
|
The current documentation clearly states that createCipher() and
createDecipher() should not be used with ciphers in counter mode, but
(1) this is an understatement, and (2) these functions are
(semantically) insecure for ciphers in any other supported block cipher
mode as well.
Semantic security requires IND-CPA, but a deterministic cipher with
fixed key and IV, such as those generated by these functions, does not
fulfill IND-CPA.
Are there justified use cases for createCipher() and createDecipher()?
Yes and no. The only case in which these functions can be used in a
semantically secure manner arises only when the password argument is
not actually a password but rather a random or pseudo-random sequence
that is unpredictable and that is never reused (e.g., securely derived
from a password with a proper salt). Insofar, it is possible to use
these APIs without immediately creating a vulnerability. However,
- any application that manages to fulfill this requirement should also
be able to fulfill the similar requirements of crypto.createCipheriv()
and those of crypto.createDecipheriv(), which give much more control
over key and initialization vector, and
- the MD5-based key derivation step generally does not help and might
even reduce the overall security due to its many weaknesses.
Refs: https://github.com/nodejs/node/pull/13821
Refs: https://github.com/nodejs/node/pull/19343
Refs: https://github.com/nodejs/node/pull/22089
PR-URL: https://github.com/nodejs/node/pull/44538
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44420
Refs: https://github.com/nodejs/node/pull/33010
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
|
|
Explicitly document the attribute `Script.cachedDataRejected` in a
dedicated section.
Removes the documented option `produceCachedData` and the description
of `cachedDataRejected` in `vm.runInContext`, `vm.runInNewContext`,
and `vm.runInThisContext` as the created `vm.Script` instance is not
accessible from userland in these methods.
PR-URL: https://github.com/nodejs/node/pull/44451
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44222
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44045
Reviewed-By: James M Snell <jasnell@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44416
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
|
|
If `--max-old-space-size` is passed on the command line, it takes
precedence over `resourceLimits.maxOldSpaceSizeMb` passed to the worker
thread. IMO this is a bug, but seems unlikely to change(?), so let's
start by documenting it. See the attached issue for more details.
Refs: https://github.com/nodejs/node/issues/43991
PR-URL: https://github.com/nodejs/node/pull/43992
Reviewed-By: James M Snell <jasnell@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/43817
Reviewed-By: Ben Coe <bencoe@gmail.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/43576
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/43974
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Feng Yu <F3n67u@outlook.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/43975
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
|
|
PR-URL: https://github.com/nodejs/node/pull/44057
Reviewed-By: James M Snell <jasnell@gmail.com>
|
|
This changeset fixes two consistency issues in this single example that
guides releasers on how to push the tag to the remote repo.
The first issue is that the remote git reference is consistently
referred as `upstream` elsewhere in the guide.
The second issue being that the version example used in the rest of the
guide should be a fictional `v1.2.3` as stated in the "How to create a
release" guide notes:
> * Examples will use the fictional release version `1.2.3`.
PR-URL: https://github.com/nodejs/node/pull/44385
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
|
