| Age | Commit message (Collapse) | Author |
|---|
|
* Assert
* Calling `assert.fail()` with more than one argument is deprecated. #70dcacd710
* Calling `assert.ok()` with no arguments will now throw. #3cd7977a42
* Calling `assert.ifError()` will now throw with any argument other than `undefined` or `null`. Previously the method would throw with any truthy value. #e65a6e81ef
* The `assert.rejects()` and `assert.doesNotReject()` methods have been added for working with async functions. #599337f43e
* Async_hooks
* Older experimental async_hooks APIs have been removed. #1cc6b993b9
* Buffer
* Uses of `new Buffer()` and `Buffer()` outside of the `node_modules` directory will now emit a runtime deprecation warning. #9d4ab90117
* `Buffer.isEncoding()` now returns `undefined` for falsy values, including an empty string. #452eed956e
* `Buffer.fill()` will throw if an attempt is made to fill with an empty `Buffer`. #1e802539b2
* Child Process
* Undefined properties of env are ignored. #38ee25e2e2, #85739b6c5b
* Console
* The `console.table()` method has been added. #97ace04492
* Crypto
* The `crypto.createCipher()` and `crypto.createDecipher()` methods have been deprecated. Please use `crypto.createCipheriv()` and `crypto.createDecipheriv()` instead. #81f88e30dd
* The `decipher.finaltol()` method has been deprecated. #19f3927d92
* The `crypto.DEFAULT_ENCODING` property has been deprecated. #6035beea93
* The `ECDH.convertKey()` method has been added. #f2e02883e7
* The `crypto.fips` property has been deprecated. #6e7992e8b8
* Dependencies
* V8 has been updated to 6.6. #9daebb48d6
* OpenSSL has been updated to 1.1.0h. #66cb29e646
* EventEmitter
* The `EventEmitter.prototype.off()` method has been added as an alias for `EventEmitter.prototype.removeListener()`. #3bb6f07d52
* File System
* The `fs.promises` API provides experimental promisified versions of the `fs` functions. #329fc78e49
* Invalid path errors are now thrown synchronously. #d8f73385e2
* The `fs.readFile()` method now partitions reads to avoid thread pool exhaustion. #67a4ce1c6e
* HTTP
* Processing of HTTP Status codes `100`, `102-199` has been improved. #baf8495078
* Multi-byte characters in URL paths are now forbidden. #b961d9fd83
* N-API
* The n-api is no longer experimental. #cd7d7b15c1
* Net
* The `'close'` event will be emitted after `'end'`. #9b7a6914a7
* Perf_hooks
* The `PerformanceObserver` class is now an `AsyncResource` and can be monitored using `async_hooks`. #009e41826f
* Trace events are now emitted for performance events. #9e509b622b
* The `performance` API has been simplified. #2ec6995555
* Performance milestone marks will be emitted as trace events. #96cb4fb795
* Process
* Using non-string values for `process.env` is deprecated. #5826fe4e79
* The `process.assert()` method is deprecated. #703e37cf3f
* REPL
* REPL now experimentally supports top-level await when using the `--experimental-repl-await` flag. #eeab7bc068
* The previously deprecated "magic mode" has been removed. #4893f70d12
* The previously deprecated `NODE_REPL_HISTORY_FILE` environment variable has been removed. #60c9ad7979
* Proxy objects are shown as Proxy objects when inspected. #90a43906ab
* Streams
* The `'readable'` event is now always deferred with nextTick. #1e0f3315c7
* A new `pipeline()` method has been provided for building end-to-data stream pipelines. #a5cf3feaf1
* Experimental support for async for-await has been added to `stream.Readable`. #61b4d60c5d
* Timers
* The `enroll()` and `unenroll()` methods have been deprecated. #68783ae0b8
* TLS
* The `tls.convertNONProtocols()` method has been deprecated. #9204a0db6e
* Support for NPN (next protocol negotiation) has been dropped. #5bfbe5ceae
* The `ecdhCurve` default is now `'auto'`. #af78840b19
* Trace Events
* A new `trace_events` top-level module allows trace event categories to be enabled/disabld at runtime. #da5d818a54
* URL
* The WHATWG URL API is now a global. #312414662b
* Util
* `util.types.is[…]` type checks have been added. #b20af8088a
* Support for bigint formatting has been added to `util.inspect()`. #39dc947409
|
|
Notable changes:
An infrastructure issue caused a non-functioning msi installer for x64 to be promoted.
The patch release is to ensure that all binaries and installers work as expected.
|
|
Notable changes:
* deps:
- Updated ICU to 61.1 (Steven R. Loomis)
[#19621](https://github.com/nodejs/node/pull/19621)
Includes CLDR 33 (many new languages and data improvements).
* fs:
- Emit 'ready' event for `ReadStream` and `WriteStream` (Sameer
Srivastava) [#19408](https://github.com/nodejs/node/pull/19408)
* n-api:
- Bump version of n-api supported (Michael Dawson)
[#19497](https://github.com/nodejs/node/pull/19497)
* net:
- Emit 'ready' event for `Socket` (Sameer Srivastava)
[#19408](https://github.com/nodejs/node/pull/19408)
* Added new collaborators
- [mafintosh](https://github.com/mafintosh) Mathias Buus
|
|
Notable changes:
No additional commits.
Due to incorrect staging of the upgrade to the GCC 4.9.X compiler, the
latest releases for PPC little endian were built using GCC 4.9.X
instead of GCC 4.8.X. This caused an ABI breakage on PPCLE based
environments. This has been fixed in our infrastructure and we are
doing this release to ensure that the hosted binaries are adhering to
our platform support contract.
Note that Node.js versions 10.X and later will be built with version
4.9.X or later of the GCC compiler, and it is possible that Node.js
version 9.X may be built on the 4.9.X compiler at a later time as the
stated minimum compiler requirement for Node.js version 9.X is 4.9.4.
Refs: https://github.com/nodejs/node/blob/v9.x/BUILDING.md
PR-URL: https://github.com/nodejs/node/pull/19678
|
|
Notable changes:
No additional commits.
Due to incorrect staging of the upgrade to the GCC 4.9.X compiler, the
latest releases for PPC little endian were built using GCC 4.9.X
instead of GCC 4.8.X. This caused an ABI breakage on PPCLE based
environments. This has been fixed in our infrastructure and we are
doing this release to ensure that the hosted binaries are adhering to
our platform support contract.
Note that Node.js versions 10.X and later will be built with version
4.9.X or later of the GCC compiler, and it is possible that Node.js
version 8.X may be built on the 4.9.X compiler at a later time as the
stated minimum compiler requirement for Node.js version 8.X is 4.9.4.
Refs: https://github.com/nodejs/node/blob/v8.x/BUILDING.md
PR-URL: https://github.com/nodejs/node/pull/19679
|
|
Notable changes:
No additional commits.
Due to incorrect staging of the upgrade to the GCC 4.9.X compiler, the
latest releases for PPC little endian were built using GCC 4.9.X
instead of GCC 4.8.X. This caused an ABI breakage on PPCLE based
environments. This has been fixed in our infrastructure and we are
doing this release to ensure that the hosted binaries are adhering to
our platform support contract.
PR-URL: https://github.com/nodejs/node/pull/19680
|
|
Notable changes:
No additional commits.
Due to incorrect staging of the upgrade to the GCC 4.9.X compiler, the
latest releases for PPC little endian were built using GCC 4.9.X
instead of GCC 4.8.X. This caused an ABI breakage on PPCLE based
environments. This has been fixed in our infrastructure and we are
doing this release to ensure that the hosted binaries are adhering to
our platform support contract.
PR-URL: https://github.com/nodejs/node/pull/19681
|
|
This is a security release. All Node.js users should consult the
security release summary at:
https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
for details on patched vulnerabilities.
Fixes for the following CVEs are included in this release:
* CVE-2018-7158
* CVE-2018-7159
* CVE-2018-7160
Notable changes:
* Upgrade to OpenSSL 1.0.2o: Does not contain any security fixes that
are known to impact Node.js.
* **Fix for inspector DNS rebinding vulnerability (CVE-2018-7160)**:
A malicious website could use a DNS rebinding attack to trick a web
browser to bypass same-origin-policy checks and allow HTTP
connections to localhost or to hosts on the local network,
potentially to an open inspector port as a debugger, therefore
gaining full code execution access. The inspector now only allows
connections that have a browser `Host` value of `localhost` or
`localhost6`.
* **Fix for `'path'` module regular expression denial of service
(CVE-2018-7158)**: A regular expression used for parsing POSIX an
Windows paths could be used to cause a denial of service if an
attacker were able to have a specially crafted path string passed
through one of the impacted `'path'` module functions.
* **Reject spaces in HTTP `Content-Length` header values
(CVE-2018-7159)**: The Node.js HTTP parser allowed for spaces inside
`Content-Length` header values. Such values now lead to rejected
connections in the same way as non-numeric values.
* **Update root certificates**: 5 additional root certificates have
been added to the Node.js binary and 30 have been removed.
* cluster:
- Add support for `NODE_OPTIONS="--inspect"` (Sameer Srivastava)
https://github.com/nodejs/node/pull/19165
* crypto:
- Expose the public key of a certificate (Hannes Magnusson)
https://github.com/nodejs/node/pull/17690
* n-api:
- Add `napi_fatal_exception` to trigger an `uncaughtException` in
JavaScript (Mathias Buus)
https://github.com/nodejs/node/pull/19337
* path:
- Fix regression in `posix.normalize` (Michaël Zasso)
https://github.com/nodejs/node/pull/19520
* stream:
- Improve stream creation performance (Brian White)
https://github.com/nodejs/node/pull/19401
* Added new collaborators
- [BethGriggs](https://github.com/BethGriggs) Beth Griggs
PR-URL: https://github.com/nodejs-private/node-private/pull/111
|
|
This is a security release. All Node.js users should consult the
security release summary at:
https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
for details on patched vulnerabilities.
Fixes for the following CVEs are included in this release:
* CVE-2018-7158
* CVE-2018-7159
* CVE-2018-7160
Notable changes:
* Upgrade to OpenSSL 1.0.2o: Does not contain any security fixes that
are known to impact Node.js.
* **Fix for inspector DNS rebinding vulnerability (CVE-2018-7160)**:
A malicious website could use a DNS rebinding attack to trick a web
browser to bypass same-origin-policy checks and allow HTTP
connections to localhost or to hosts on the local network,
potentially to an open inspector port as a debugger, therefore
gaining full code execution access. The inspector now only allows
connections that have a browser `Host` value of `localhost` or
`localhost6`.
* **Fix for `'path'` module regular expression denial of service
(CVE-2018-7158)**: A regular expression used for parsing POSIX an
Windows paths could be used to cause a denial of service if an
attacker were able to have a specially crafted path string passed
through one of the impacted `'path'` module functions.
* **Reject spaces in HTTP `Content-Length` header values
(CVE-2018-7159)**: The Node.js HTTP parser allowed for spaces inside
`Content-Length` header values. Such values now lead to rejected
connections in the same way as non-numeric values.
* **Update root certificates**: 5 additional root certificates have
been added to the Node.js binary and 30 have been removed.
PR-URL: https://github.com/nodejs-private/node-private/pull/112
|
|
This is a security release. All Node.js users should consult the
security release summary at:
https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
for details on patched vulnerabilities.
Fixes for the following CVEs are included in this release:
* CVE-2018-7158
* CVE-2018-7159
* CVE-2018-7160
Notable changes:
* Upgrade to OpenSSL 1.0.2o: Does not contain any security fixes that
are known to impact Node.js.
* **Fix for inspector DNS rebinding vulnerability (CVE-2018-7160)**:
A malicious website could use a DNS rebinding attack to trick a web
browser to bypass same-origin-policy checks and allow HTTP
connections to localhost or to hosts on the local network,
potentially to an open inspector port as a debugger, therefore
gaining full code execution access. The inspector now only allows
connections that have a browser `Host` value of `localhost` or
`localhost6`.
* **Fix for `'path'` module regular expression denial of service
(CVE-2018-7158)**: A regular expression used for parsing POSIX an
Windows paths could be used to cause a denial of service if an
attacker were able to have a specially crafted path string passed
through one of the impacted `'path'` module functions.
* **Reject spaces in HTTP `Content-Length` header values
(CVE-2018-7159)**: The Node.js HTTP parser allowed for spaces inside
`Content-Length` header values. Such values now lead to rejected
connections in the same way as non-numeric values.
* **Update root certificates**: 5 additional root certificates have
been added to the Node.js binary and 30 have been removed.
PR-URL: https://github.com/nodejs-private/node-private/pull/113
|
|
This is a security release. All Node.js users should consult the
security release summary at:
https://nodejs.org/en/blog/vulnerability/march-2018-security-releases/
for details on patched vulnerabilities.
Fixes for the following CVEs are included in this release:
* CVE-2018-7158
* CVE-2018-7159
Notable Changes:
* Upgrade to OpenSSL 1.0.2o: Does not contain any security fixes that
are known to impact Node.js.
* **Fix for `'path'` module regular expression denial of service
(CVE-2018-7158)**: A regular expression used for parsing POSIX an
Windows paths could be used to cause a denial of service if an
attacker were able to have a specially crafted path string passed
through one of the impacted `'path'` module functions.
* **Reject spaces in HTTP `Content-Length` header values
(CVE-2018-7159)**: The Node.js HTTP parser allowed for spaces inside
`Content-Length` header values. Such values now lead to rejected
connections in the same way as non-numeric values.
* **Update root certificates**: 5 additional root certificates have
been added to the Node.js binary and 30 have been removed.
PR-URL: https://github.com/nodejs-private/node-private/pull/110
|
|
s/9\.7\.1/9\.8\.0
PR-URL: https://github.com/nodejs/node/pull/19515
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
|
|
Notable changes:
* assert:
- From now on all error messages produced by `assert` in strict mode
will produce a error diff. (Ruben Bridgewater)
https://github.com/nodejs/node/pull/17615
- From now on it is possible to use a validation object in throws
instead of the other possibilities. (Ruben Bridgewater)
https://github.com/nodejs/node/pull/17584
* crypto:
- allow passing null as IV unless required (Tobias Nießen)
https://github.com/nodejs/node/pull/18644
* fs:
- support as and as+ flags in stringToFlags() (Sarat Addepalli)
https://github.com/nodejs/node/pull/18801
* tls:
- expose Finished messages in TLSSocket (Anton Salikhmetov)
https://github.com/nodejs/node/pull/19102
* tty:
- Add getColorDepth function to determine if terminal supports colors
(Ruben Bridgewater) https://github.com/nodejs/node/pull/17615
* util:
- add util.inspect compact option (Ruben Bridgewater)
https://github.com/nodejs/node/pull/17576
* **Added new collaborators**
- [watson](https://github.com/watson) Thomas Watson
PR-URL: https://github.com/nodejs/node/pull/19428
|
|
Notable Changes:
* crypto:
- add cert.fingerprint256 as SHA256 fingerprint (Hannes Magnusson)
https://github.com/nodejs/node/pull/17690
* http2:
- Fixed issues with aborted connections in the HTTP/2 implementation
(Anna Henningsen)
https://github.com/nodejs/node/pull/18987
https://github.com/nodejs/node/pull/19002
* loader:
- --inspect-brk now works properly for esmodules (Gus Caplan)
https://github.com/nodejs/node/pull/18949
* src:
- make process.dlopen() load well-known symbol (Ben Noordhuis)
https://github.com/nodejs/node/pull/18934
* trace_events:
- add file pattern cli option (Andreas Madsen)
https://github.com/nodejs/node/pull/18480
* Added new collaborators:
- Chen Gang (MoonBall) https://github.com/MoonBall
PR-URL: https://github.com/nodejs/node/pull/19181
|
|
Notable changes:
* deps:
* update V8 to 6.2.414.46 (Michaël Zasso) [#16413](https://github.com/nodejs/node/pull/16413)
* revert ABI breaking changes in V8 6.2 (Anna Henningsen) [#16413](https://github.com/nodejs/node/pull/16413)
* upgrade libuv to 1.19.1 (cjihrig) [#18260](https://github.com/nodejs/node/pull/18260)
* re land npm 5.6.0 (Myles Borins) [#18625](https://github.com/nodejs/node/pull/18625)
* ICU 60 bump (Steven R. Loomis) [#16876](https://github.com/nodejs/node/pull/16876)
* crypto:
* Support both OpenSSL 1.1.0 and 1.0.2 (David Benjamin) [#16130](https://github.com/nodejs/node/pull/16130)
* warn on invalid authentication tag length (Tobias Nießen) [#17566](https://github.com/nodejs/node/pull/17566)
* async_hooks:
* update defaultTriggerAsyncIdScope for perf (Anatoli Papirovski) [#18004](https://github.com/nodejs/node/pull/18004)
* use typed array stack as fast path (Anna Henningsen) [#17780](https://github.com/nodejs/node/pull/17780)
* use scope for defaultTriggerAsyncId (Andreas Madsen) [#17273](https://github.com/nodejs/node/pull/17273)
* separate missing from default context (Andreas Madsen) [#17273](https://github.com/nodejs/node/pull/17273)
* rename initTriggerId (Andreas Madsen) [#17273](https://github.com/nodejs/node/pull/17273)
* deprecate undocumented API (Andreas Madsen) [#16972](https://github.com/nodejs/node/pull/16972)
* add destroy event for gced AsyncResources (Sebastian Mayr) [#16998](https://github.com/nodejs/node/pull/16998)
* add trace events to async_hooks (Andreas Madsen) [#15538](https://github.com/nodejs/node/pull/15538)
* set HTTPParser trigger to socket (Andreas Madsen) [#18003](https://github.com/nodejs/node/pull/18003)
* add provider types for net server (Andreas Madsen) [#17157](https://github.com/nodejs/node/pull/17157)
* n-api:
* add helper for addons to get the event loop (Anna Henningsen) [#17109](https://github.com/nodejs/node/pull/17109)
* cli:
* add --stack-trace-limit to NODE_OPTIONS (Anna Henningsen) [#16495](https://github.com/nodejs/node/pull/16495)
* console:
* add support for console.debug (Benjamin Zaslavsky) [#17033](https://github.com/nodejs/node/pull/17033)
* module:
* add builtinModules (Jon Moss) [#16386](https://github.com/nodejs/node/pull/16386)
* replace default paths in require.resolve() (cjihrig) [#17113](https://github.com/nodejs/node/pull/17113)
* src:
* add helper for addons to get the event loop (Anna Henningsen) [#17109](https://github.com/nodejs/node/pull/17109)
* add process.ppid (cjihrig) [#16839](https://github.com/nodejs/node/pull/16839)
* http:
* support generic `Duplex` streams (Anna Henningsen) [#16267](https://github.com/nodejs/node/pull/16267)
* add rawPacket in err of `clientError` event (XadillaX) [#17672](https://github.com/nodejs/node/pull/17672)
* better support for IPv6 addresses (Mattias Holmlund) [#14772](https://github.com/nodejs/node/pull/14772)
* net:
* remove ADDRCONFIG DNS hint on Windows (Bartosz Sosnowski) [#17662](https://github.com/nodejs/node/pull/17662)
* process:
* fix reading zero-length env vars on win32 (Anna Henningsen) [#18463](https://github.com/nodejs/node/pull/18463)
* tls:
* unconsume stream on destroy (Anna Henningsen) [#17478](https://github.com/nodejs/node/pull/17478)
* process:
* improve unhandled rejection message (Madara Uchiha) [#17158](https://github.com/nodejs/node/pull/17158)
* stream:
* remove usage of *State.highWaterMark (Calvin Metcalf) [#12860](https://github.com/nodejs/node/pull/12860)
* trace_events:
* add executionAsyncId to init events (Andreas Madsen) [#17196](https://github.com/nodejs/node/pull/17196)
PR-URL: https://github.com/nodejs/node/pull/18336
|
|
Notable Changes:
* http, tls:
- better support for IPv6 addresses (Mattias Holmlund)
https://github.com/nodejs/node/pull/14772
PR-URL: https://github.com/nodejs/node/pull/19027
|
|
Notable Changes:
* **libuv**:
- Updated to libuv 1.19.2 (Colin Ihrig) [#18918](https://github.com/nodejs/node/pull/18918)
* **src**:
- Add initial support for Node.js-specific post-mortem metadata (Matheus Marchini) [#14901](https://github.com/nodejs/node/pull/14901)
* **timers**:
- The return value of `setImmediate()` now has `ref()` and `unref()` methods (Anatoli Papirovski) [#18139](https://github.com/nodejs/node/pull/18139)
* **util**:
- It is now possible to get the name for a numerical platform-specific error code as a string (Joyee Cheung) [#18186](https://github.com/nodejs/node/pull/18186)
PR-URL: https://github.com/nodejs/node/pull/19040
Prepared-By: Anna Henningsen <anna@addaleax.net>
|
|
Add 80 characters limit to docs.
Change docs to fit 80 characters per row.
PR-URL: https://github.com/nodejs/node/pull/18726
Fixes: https://github.com/nodejs/node/issues/18703
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
|
|
Notable changes:
* events:
- `events.usingDomains` being set to false by default was removed in
9.6.0 which was a change in behavior compared to 9.5.0. This
behavior change has been reverted and the `events` object now has
`usingDomains` preset to `false`, which is the behavior in 9.x
prior to 9.6.0 (Myles Borins)
https://github.com/nodejs/node/pull/18944
PR-URL: https://github.com/nodejs/node/pull/18946
|
|
Notable changes:
* async_hooks:
- deprecate unsafe emit{Before,After} (Ali Ijaz Sheikh)
https://github.com/nodejs/node/pull/18513
- rename PromiseWrap.parentId to PromiseWrap.isChainedPromise
(Ali Ijaz Sheikh) https://github.com/nodejs/node/pull/18633
* deps:
- update node-inspect to 1.11.3 (Jan Krems)
https://github.com/nodejs/node/pull/18354
- ICU 60.2 bump (Steven R. Loomis)
https://github.com/nodejs/node/pull/17687
- Introduce ScriptOrModule and HostDefinedOptions to V8 (Jan Krems)
https://github.com/nodejs/node/pull/16889
* http:
- add options to http.createServer() for `IncomingMessage` and
`ServerReponse` (Peter Marton)
https://github.com/nodejs/node/pull/15752
* http2:
- add http fallback options to .createServer (Peter Marton)
https://github.com/nodejs/node/pull/15752
* https:
- Adds the remaining options from tls.createSecureContext() to the
string generated by Agent#getName(). This allows https.request()
to accept the options and generate unique sockets appropriately.
(Jeff Principe)
https://github.com/nodejs/node/pull/16402
* inspector:
- --inspect-brk for es modules (Guy Bedford)
https://github.com/nodejs/node/pull/18194
* lib:
- allow process kill by signal number (Sam Roberts)
https://github.com/nodejs/node/pull/16944
* module:
- enable dynamic import (Myles Borins)
https://github.com/nodejs/node/pull/18387
- dynamic import is now supported (Jan Krems)
https://github.com/nodejs/node/pull/15713
* napi:
- add methods to open/close callback scope (Michael Dawson)
https://github.com/nodejs/node/pull/18089
* src:
- allow --perf-(basic-)?prof in NODE_OPTIONS (Leko)
https://github.com/nodejs/node/pull/17600
* vm:
- add support for es modules (Gus Caplan)
https://github.com/nodejs/node/pull/17560
PR-URL: https://github.com/nodejs/node/pull/18902
|
|
This LTS release comes with 112 commits, 17 of which are considered
Semver-Minor. This includes 32 which are doc related, 30 which are test
related, 8 which are build / tool related and 1 commit which updates
a dependency.
Notable Changes:
* console:
- added console.count() and console.clear() (James M Snell)
https://github.com/nodejs/node/pull/12678
* crypto:
- expose ECDH class (Bryan English)
https://github.com/nodejs/node/pull/8188
- added cypto.randomFill() and crypto.randomFillSync() (Evan Lucas)
https://github.com/nodejs/node/pull/10209
- warn on invalid authentication tag length (Tobias Nießen)
https://github.com/nodejs/node/pull/17566
* deps:
- upgrade libuv to 1.16.1 (cjihrig)
https://github.com/nodejs/node/pull/16835
* dgram:
- added socket.setMulticastInterface() (Will Young)
https://github.com/nodejs/node/pull/7855
* http:
- add agent.keepSocketAlive and agent.reuseSocket as to allow
overridable keep-alive behavior of `Agent` (Fedor Indutny)
https://github.com/nodejs/node/pull/13005
* lib:
- return this from net.Socket.end() (Sam Roberts)
https://github.com/nodejs/node/pull/13481
* module:
- add builtinModules api that provides list of all builtin modules in
Node (Jon Moss)
https://github.com/nodejs/node/pull/16386
* net:
- return this from getConnections() (Sam Roberts)
https://github.com/nodejs/node/pull/13553
* promises:
- more robust stringification for unhandled rejections (Timothy Gu)
https://github.com/nodejs/node/pull/13784
* repl:
- improve require() autocompletion (Alexey Orlenko)
https://github.com/nodejs/node/pull/14409
* src:
- add openssl-system-ca-path configure option (Daniel Bevenius)
https://github.com/nodejs/node/pull/16790
- add --use-bundled-ca --use-openssl-ca check (Daniel Bevenius)
https://github.com/nodejs/node/pull/12087
- add process.ppid (cjihrig)
https://github.com/nodejs/node/pull/16839
* tls:
- accept `lookup` option for `tls.connect()` (Fedor Indutny)
https://github.com/nodejs/node/pull/12839
* tools, build:
- a new macOS installer! (JP Wesselink)
https://github.com/nodejs/node/pull/15179
* url:
- WHATWG URL api support (James M Snell)
https://github.com/nodejs/node/pull/7448
* util:
- add %i and %f formatting specifiers (Roman Reiss)
https://github.com/nodejs/node/pull/10308
PR-URL: https://github.com/nodejs/node/pull/18342
|
|
Notable changes:
* cluster
- add cwd to cluster.settings (cjihrig) [#18399](https://github.com/nodejs/node/pull/18399)
* deps
- upgrade libuv to 1.19.1 (cjihrig) [#18260](https://github.com/nodejs/node/pull/18260)
* meta
- add Leko to collaborators (Leko) [#18117](https://github.com/nodejs/node/pull/18117)
- add vdeturckheim as collaborator (vdeturckheim) [#18432](https://github.com/nodejs/node/pull/18432)
* n-api
- expose n-api version in process.versions (Michael Dawson) [#18067](https://github.com/nodejs/node/pull/18067)
* perf_hooks
- add performance.clear() (James M Snell) [#18046](https://github.com/nodejs/node/pull/18046)
* stream
- avoid writeAfterEnd() while ending (陈刚) [#18170](https://github.com/nodejs/node/pull/18170)
PR-URL: https://github.com/nodejs/node/pull/18464
|
|
Notable change:
* async_hooks:
- deprecate AsyncHooks Sensitive API and runInAsyncIdScope. Neither
API were documented. (Andreas Madsen)
https://github.com/nodejs/node/pull/16972
* deps:
- update nghttp2 to 1.29.0 (James M Snell)
https://github.com/nodejs/node/pull/17908
- upgrade npm to 5.6.0 (Kat Marchán)
https://github.com/nodejs/node/pull/17535
- cherry-pick 50f7455 from upstream V8 (Michaël Zasso)
https://github.com/nodejs/node/pull/16591
* events:
- remove reaches into _events internals (Anatoli Papirovski)
https://github.com/nodejs/node/pull/17440
* http:
- add rawPacket in err of `clientError` event (XadillaX)
https://github.com/nodejs/node/pull/17672
* http2:
- implement maxSessionMemory (James M Snell)
https://github.com/nodejs/node/pull/17967
- add initial support for originSet (James M Snell)
https://github.com/nodejs/node/pull/17935
- add altsvc support (James M Snell)
https://github.com/nodejs/node/pull/17917
- perf_hooks integration (James M Snell)
https://github.com/nodejs/node/pull/17906
- Refactoring and cleanup of Http2Session and Http2Stream destroy
(James M Snell) https://github.com/nodejs/node/pull/17406
* net:
- remove Socket.prototype.write (Anna Henningsen)
https://github.com/nodejs/node/pull/17644
- remove Socket.prototype.listen (Ruben Bridgewater)
https://github.com/nodejs/node/pull/13735
* repl:
- show lexically scoped vars in tab completion (Michaël Zasso)
https://github.com/nodejs/node/pull/16591
* stream:
- rm {writeable/readable}State.length (Calvin Metcalf)
https://github.com/nodejs/node/pull/12857
- add flow and buffer properties to streams (Calvin Metcalf)
https://github.com/nodejs/node/pull/12855
* util:
- allow wildcards in NODE_DEBUG variable (Tyler)
https://github.com/nodejs/node/pull/17609
* zlib:
- add ArrayBuffer support (Jem Bezooyen)
https://github.com/nodejs/node/pull/16042
* Addedew collaborator**
- [starkwang](https://github.com/starkwang) Weijia Wang
* Addedew TSC member**
- [danbev](https://github.com/danbev) Daniel Bevenius
PR-URL: https://github.com/nodejs/node/pull/18069
|
|
PR-URL: https://github.com/nodejs/node/pull/17774
Notable Changes:
* deps:
* upgrade npm to 5.6.0 (Kat Marchán) [#17535](https://github.com/nodejs/node/pull/17535)
* build:
* configure can now be run from any directory (Gibson Fahnestock) [#17321](https://github.com/nodejs/node/pull/17321)
|
|
Notable Changes:
* build:
- configure can now be run from any directory (Gibson Fahnestock)
https://github.com/nodejs/node/pull/17321
PR-URL: https://github.com/nodejs/node/pull/17776
|
|
Notable changes:
* async\_hooks:
- add trace events to async_hooks (Andreas Madsen)
https://github.com/nodejs/node/pull/15538
- add provider types for net server (Andreas Madsen)
https://github.com/nodejs/node/pull/17157
* console:
- console.debug can now be used outside of the inspector
(Benjamin Zaslavsky) https://github.com/nodejs/node/pull/17033
* deps:
- upgrade libuv to 1.18.0 (cjihrig)
https://github.com/nodejs/node/pull/17282
- patch V8 to 6.2.414.46 (Myles Borins)
https://github.com/nodejs/node/pull/17206
* module:
- module.builtinModules will return a list of built in modules
(Jon Moss) https://github.com/nodejs/node/pull/16386
* n-api:
- add helper for addons to get the event loop (Anna Henningsen)
https://github.com/nodejs/node/pull/17109
* process:
- process.setUncaughtExceptionCaptureCallback can now be used to
customize behavior for `--abort-on-uncaught-exception`
(Anna Henningsen) https://github.com/nodejs/node/pull/17159
- A signal handler is now able to receive the signal code that
triggered the handler. (Robert Rossmann)
https://github.com/nodejs/node/pull/15606
* src:
- embedders can now use Node::CreatePlatform to create an instance of
NodePlatform (Cheng Zhao)
https://github.com/nodejs/node/pull/16981
* stream:
- writable.writableHighWaterMark and readable.readableHighWaterMark
will return the values the stream object was instantiated with
(Calvin Metcalf) https://github.com/nodejs/node/pull/12860
* **Added new collaborators**
* [maclover7](https://github.com/maclover7) Jon Moss
* [guybedford](https://github.com/guybedford) Guy Bedford
* [hashseed](https://github.com/hashseed) Yang Guo
PR-URL: https://github.com/nodejs/node/pull/17631
|
|
Notable changes:
* **buffer**:
* buffer allocated with an invalid content will now be zero filled (Anna Henningsen) https://github.com/nodejs/node/pull/17428
* **deps**:
* openssl updated to 1.0.2n (Shigeki Ohtsu) https://github.com/nodejs/node/pull/17526
PR-URL: https://github.com/nodejs/node/pull/17531
|
|
This is a security release. All Node.js users should consult the
security release summary at
https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/
for details on patched vulnerabilities.
Fixes for the following CVEs are included in this release:
* CVE-2017-15896
* CVE-2017-15897
* CVE-2017-3738 (from the openssl project)
Notable Changes:
* buffer:
* buffer allocated with an invalid content will now be zero filled
(Anna Henningsen)
https://github.com/nodejs/node/pull/17428
* deps:
* openssl updated to 1.0.2n (Shigeki Ohtsu)
https://github.com/nodejs/node/pull/17526
PR-URL: https://github.com/nodejs/node/pull/17532
|
|
This is a security release. All Node.js users should consult the
security release summary at
https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/
for details on patched vulnerabilities.
Fixes for the following CVEs are included in this release:
* CVE-2017-15896
* CVE-2017-3738 (from the openssl project)
Notable Changes:
* deps:
* openssl updated to 1.0.2n (Shigeki Ohtsu)
https://github.com/nodejs/node/pull/17526
PR-URL: https://github.com/nodejs/node/pull/17533
|
|
This is a security release. All Node.js users should consult the
security release summary at
https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/
for details on patched vulnerabilities.
Fixes for the following CVEs are included in this release:
* CVE-2017-15896
* CVE-2017-3738 (from the openssl project)
Notable Changes:
* deps:
* openssl updated to 1.0.2n (Shigeki Ohtsu)
https://github.com/nodejs/node/pull/17526
PR-URL: https://github.com/nodejs/node/pull/17534
|
|
Notable Changes:
- **console**:
- avoid adding infinite error listeners (Matteo Collina) [#16770](https://github.com/nodejs/n
de/pull/16770)
- **http2**:
- improve errors thrown in header validation (Joyee Cheung) [#16718](https://github.com/nodej
s/node/pull/16718)
PR-URL: https://github.com/nodejs/node/pull/17204
|
|
Notable Changes:
* build:
- fix npm install with --shared (Ben Noordhuis)
https://github.com/nodejs/node/pull/16438
* build:
- building with python 3 is now supported (Emily Marigold Klassen)
https://github.com/nodejs/node/pull/16058
* src:
- v8 options can be specified with either '\_' or '-' in NODE_OPTIONS
(Sam Roberts) https://github.com/nodejs/node/pull/14093
PR-URL: https://github.com/nodejs/node/pull/17180
|
|
Notable changes:
* **crypto**:
- Support building with both 1.1.0 and 1.0.2 (David Benjamin) https://github.com/nodejs/node/pull/16130
* **fs**:
- fs.realpathSync.native and fs.realpath.native are now exposed (Ben Noordhuis) https://github.com/nodejs/node/pull/15776
* **process**:
- expose process.ppid (cjihrig) https://github.com/nodejs/node/pull/16839
PR-URL: https://github.com/nodejs/node/pull/16992
|
|
Notable Changes:
- **openssl**:
- upgrade openssl sources to 1.0.2m (Shigeki Ohtsu) [#16691](https://github.com/nodejs/node/pull/16691)
- ***Revert*** "**https**:
- refactor to use http internals" (Myles Borins) [#16660](https://github.com/nodejs/node/pull/16660)
PR-URL: https://github.com/nodejs/node/pull/16783
|
|
Notable changes:
* CLI:
- NODE_OPTIONS now supports the --stack-trace-limit option.
https://github.com/nodejs/node/pull/16495
* deps:
- OpenSSL is upgraded to 1.0.2m
https://github.com/nodejs/node/pull/16691
* http:
- A 'connect' event handler leak has been fixed.
https://github.com/nodejs/node/pull/16725
- The 103 Early Hints status code is now supported.
https://github.com/nodejs/node/pull/16644
PR-URL: https://github.com/nodejs/node/pull/16851
|
|
Notable Changes:
* assert:
- assert.fail() can now take one or two arguments (Rich Trott)
https://github.com/nodejs/node/pull/12293
* crypto:
- add sign/verify support for RSASSA-PSS (Tobias Nießen)
https://github.com/nodejs/node/pull/11705
* deps:
- upgrade openssl sources to 1.0.2m (Shigeki Ohtsu)
https://github.com/nodejs/node/pull/16691
- upgrade libuv to 1.15.0 (cjihrig)
https://github.com/nodejs/node/pull/15745
- upgrade libuv to 1.14.1 (cjihrig)
https://github.com/nodejs/node/pull/14866
- upgrade libuv to 1.13.1 (cjihrig)
https://github.com/nodejs/node/pull/14117
- upgrade libuv to 1.12.0 (cjihrig)
https://github.com/nodejs/node/pull/13306
* fs:
- Add support for fs.write/fs.writeSync(fd, buffer, cb) and
fs.write/fs.writeSync(fd, buffer, offset, cb) as documented
(Andreas Lind) https://github.com/nodejs/node/pull/7856
* inspector:
- enable --inspect-brk (Refael Ackermann)
https://github.com/nodejs/node/pull/12615
* process:
- add --redirect-warnings command line argument (James M Snell)
https://github.com/nodejs/node/pull/10116
* src:
- allow CLI args in env with NODE_OPTIONS (Sam Roberts)
https://github.com/nodejs/node/pull/12028)
- --abort-on-uncaught-exception in NODE_OPTIONS (Sam Roberts)
https://github.com/nodejs/node/pull/13932
- allow --tls-cipher-list in NODE_OPTIONS (Sam Roberts)
https://github.com/nodejs/node/pull/13172
- use SafeGetenv() for NODE_REDIRECT_WARNINGS (Sam Roberts)
https://github.com/nodejs/node/pull/12677
* test:
- remove common.fail() (Rich Trott)
https://github.com/nodejs/node/pull/12293
PR-URL: https://github.com/nodejs/node/pull/16263
|
|
Notable Changes:
* **crypto**:
- update root certificates (Ben Noordhuis)
https://github.com/nodejs/node/pull/13279
- update root certificates (Ben Noordhuis)
https://github.com/nodejs/node/pull/12402
* **deps**:
- add support for more modern versions of INTL (Bruno Pagani)
https://github.com/nodejs/node/pull/13040
- upgrade openssl sources to 1.0.2m (Shigeki Ohtsu)
https://github.com/nodejs/node/pull/16691
- upgrade openssl sources to 1.0.2l (Daniel Bevenius)
https://github.com/nodejs/node/pull/13233
PR-URL: https://github.com/nodejs/node/pull/16500
|
|
PR-URL: https://github.com/nodejs/node/pull/16632
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Khaidi Chu <i@2333.moe>
Reviewed-By: Brian White <mscdex@mscdex.net>
|
|
* Older experimental APIs have been removed.
[[`d731369b1d`](https://github.com/nodejs/node/commit/d731369b1d)]
[#14414](https://github.com/nodejs/node/pull/14414)
* **Errors**
* Improvements have been made to `buffer` module error messages.
* The assignment of static error codes to Node.js error continues:
* `buffer`
* `child_process`
* `console`
* `crypto`
* `dns`
* `events`
* `fs`
* `http`
* `inspector`
* `net`
* `path`
* `process`
* `querystring`
* `readline`
* `repl`
* `streams`
* `string_decoder`
* `timers`
* `tls`
* `url`
* `util`
* `v8`
* `zlib`
* **Child Processes**
* Errors are emitted on process nextTick.
* **Domains**
* The long-deprecated `.dispose()` method has been removed.
* **fs**
* The `fs.ReadStream` and `fs.WriteStream` classes now use `destroy()`.
* `fs` module callbacks are now invoked with an undefined context.
* **HTTP/1**
* A 400 Bad Request response will now be sent when parsing fails.
* Socket timeout will be set when the socket connects.
* A bug causing the request `'error'` event to fire twice was fixed.
* HTTP clients may now use generic `Duplex` streams in addition to `net.Socket`.
* **Intl**
* The deprecated `Intl.v8BreakIterator` has been removed.
* **Modules**
* The `require.resolve()` method now supports using custom lookup paths.
* **OS**
* The `os.EOL` property is now read-only.
* **Timers**
* `setTimeout()` will emit a warning if the timeout is larger that the maximum
32-bit unsigned integer.
|
|
This LTS release comes with 87 commits. This includes 30 that are
updates to lib/ or src/, 20 that are test related, 13 that are doc
related, 19 which are build / tools related, and 4 commits which are
updates to dependencies.
Notable Changes:
* doc:
- add Gibson Fahnestock to Release team (Gibson Fahnestock)
https://github.com/nodejs/node/pull/16620
* deps:
- update npm to 5.5.1 (Myles Borins)
https://github.com/nodejs/node/pull/16509
* http2:
- The exposed http2 socket is no longer manipulatable
(Anatoli Papirovski)
https://github.com/nodejs/node/pull/16330
* module:
- support custom paths to require.resolve() (cjihrig)
https://github.com/nodejs/node/pull/16397
* util:
- util.TextEncoder and util.TextDecoder are no longer experimental.
There will no longer be a warning when they are used
(James M Snell)
https://github.com/nodejs/node/pull/15743
PR-URL: https://github.com/nodejs/node/pull/16630
|
|
Notable changes:
* net:
- Fix timeout with null handle issue. This is a regression in
Node 8.8.0. https://github.com/nodejs/node/pull/16489
|
|
This is a security release. All Node.js users should consult the
security release summary at:
https://nodejs.org/en/blog/vulnerability/oct-2017-dos/
for details on patched vulnerabilities.
Notable Changes:
* zlib:
- CVE-2017-14919 - In zlib v1.2.9, a change was made that causes an
error to be raised when a raw deflate stream is initialized with
windowBits set to 8. On some versions this crashes Node and you
cannot recover from it, while on some versions it throws an
exception. Node.js will now gracefully set windowBits to 9
replicating the legacy behavior to avoid a DOS vector.
https://github.com/nodejs-private/node-private/pull/95
PR-URL: https://github.com/nodejs-private/node-private/pull/96
|
|
This is a security release. All Node.js users should consult the
security release summary at:
https://nodejs.org/en/blog/vulnerability/oct-2017-dos/
for details on patched vulnerabilities.
Notable Changes:
* zlib:
- CVE-2017-14919 - In zlib v1.2.9, a change was made that causes an
error to be raised when a raw deflate stream is initialized with
windowBits set to 8. On some versions this crashes Node and you
cannot recover from it, while on some versions it throws an
exception. Node.js will now gracefully set windowBits to 9
replicating the legacy behavior to avoid a DOS vector.
https://github.com/nodejs-private/node-private/pull/95
PR-URL: https://github.com/nodejs-private/node-private/pull/97
|
|
Notable Changes:
* crypto:
- expose ECDH class
https://github.com/nodejs/node/pull/8188
* http2:
- http2 is now exposed by defualt without the need for a flag
https://github.com/nodejs/node/pull/15685
- a new environment varible NODE\_NO\_HTTP2 has been added to allow
userland http2 to be required
https://github.com/nodejs/node/pull/15685
- support has been added for generic `Duplex` streams
https://github.com/nodejs/node/pull/16269
* module:
- resolve and instantiate loader pipeline hooks have been added to
the ESM lifecycle
https://github.com/nodejs/node/pull/15445
* zlib:
- CVE-2017-14919 - In zlib v1.2.9, a change was made that causes an
error to be raised when a raw deflate stream is initialized with
windowBits set to 8. On some versions this crashes Node and you
cannot recover from it, while on some versions it throws an
exception. Node.js will now gracefully set windowBits to 9
replicating the legacy behavior to avoid a DOS vector.
https://github.com/nodejs-private/node-private/pull/95
PR-URL: https://github.com/nodejs-private/node-private/pull/98
|
|
Notable Changes:
* deps:
* update npm to 5.4.2
https://github.com/nodejs/node/pull/15600
* upgrade libuv to 1.15.0
https://github.com/nodejs/node/pull/15745
* update V8 to 6.1.534.42
https://github.com/nodejs/node/pull/15393
* dgram:
* support for setting dgram socket buffer size
https://github.com/nodejs/node/pull/13623
* fs:
* add support O_DSYNC file open constant
https://github.com/nodejs/node/pull/15451
* util:
* deprecate obj.inspect for custom inspection
https://github.com/nodejs/node/pull/15631
* tools, build:
* there is a fancy new macOS installer
https://github.com/nodejs/node/pull/15179
* Added new collaborator
* bmeurer - Benedikt Meurer - https://github.com/bmeurer
* kfarnung - Kyle Farnung - https://github.com/kfarnung
PR-URL: https://github.com/nodejs/node/pull/15762
|
|
Notable Changes:
* net:
- support passing undefined to listen() to match behavior in v4.x
and v8.x (Sam Roberts)
https://github.com/nodejs/node/pull/14234
PR-URL: https://github.com/nodejs/node/pull/15506
|
|
* **crypto**
* Support for multiple ECDH curves. [#15206](https://github.com/nodejs/node/pull/15206)
* **dgram**
* Added `setMulticastInterface()` API. [#7855](https://github.com/nodejs/node/pull/7855)
* Custom lookup functions are now supported. [#14560](https://github.com/nodejs/node/pull/14560)
* **n-api**
* The command-line flag is no longer required to use N-API. [#14902](https://github.com/nodejs/node/pull/14902)
* **tls**
* Docs-only deprecation of `parseCertString()`. [#14245](https://github.com/nodejs/node/pull/14245)
* **New Contributors**
* Welcome Sebastiaan Deckers (@sebdeckers) as a new Collaborator! [#15354](https://github.com/nodejs/node/pull/15354)
|
|
Notable Changes
* build:
* Snapshots are now re-enabled in V8
https://github.com/nodejs/node/pull/14875
* console:
* Implement minimal `console.group()`.
https://github.com/nodejs/node/pull/14910
* deps:
* upgrade libuv to 1.14.1
https://github.com/nodejs/node/pull/14866
* update nghttp2 to v1.25.0
https://github.com/nodejs/node/pull/14955
* dns:
* Add `verbatim` option to dns.lookup(). When true, results from the
DNS resolver are passed on as-is, without the reshuffling that
Node.js otherwise does that puts IPv4 addresses before IPv6
addresses.
https://github.com/nodejs/node/pull/14731
* fs:
* add fs.copyFile and fs.copyFileSync which allows for more efficient
copying of files.
https://github.com/nodejs/node/pull/15034
* inspector:
* Enable async stack traces
https://github.com/nodejs/node/pull/13870
* module:
* Add support for ESM. This is currently behind the
`--experimental-modules` flag and requires the .mjs extension.
`node --experimental-modules index.mjs`
https://github.com/nodejs/node/pull/14369
* napi:
* implement promise
https://github.com/nodejs/node/pull/14365
* os:
* Add support for CIDR notation to the output of the
networkInterfaces() method.
https://github.com/nodejs/node/pull/14307
* perf_hooks:
* An initial implementation of the Performance Timing API for
Node.js. This is the same Performance Timing API implemented by
modern browsers with a number of Node.js specific properties. The
User Timing mark() and measure() APIs are implemented, as is a
Node.js specific flavor of the Frame Timing for measuring event
loop duration.
https://github.com/nodejs/node/pull/14680
* tls:
* multiple PFX in createSecureContext
[#14793](https://github.com/nodejs/node/pull/14793)
* Added new collaborators:
* BridgeAR – Ruben Bridgewater
PR-URL: https://github.com/nodejs/node/pull/15308
|
|
This LTS release comes with 152 commits. This includes 75 which are
test related, 25 which are doc related, 21 which are build / tool
related and 3 commits which are updates to dependencies.
Notable Changes:
* build:
- Codesigning is fixed on macOS (Evan Lucas)
https://github.com/nodejs/node/pull/14179
* deps:
- Snapshots are turned back on!!! (Yang Guo)
https://github.com/nodejs/node/pull/14385
* path:
- win32 volume-relative paths are working again! (Timothy Gu)
https://github.com/nodejs/node/pull/14440
* tools:
- v6.x can now build with ICU 59 (Steven R. Loomis)
https://github.com/nodejs/node/pull/12078
PR-URL: https://github.com/nodejs/node/pull/14852
|
|
PR-URL: https://github.com/nodejs/node/pull/15064
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
|
