| Age | Commit message (Collapse) | Author |
|---|
|
Update the changelog to mark Node.js 11 as End-of-Life. Remove the
column for Node.js 11 changelog entries from the table.
PR-URL: https://github.com/nodejs/node/pull/28076
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
|
|
Notable changes:
* doc:
* The JSON variant of the API documentation is no longer experimental
(Rich Trott) https://github.com/nodejs/node/pull/27842.
* esm:
* JSON module support is always enabled under
`--experimental-modules`. The `--experimental-json-modules` flag
has been removed (Myles Borins)
https://github.com/nodejs/node/pull/27752.
* http,http2:
* A new flag has been added for overriding the default HTTP server
socket timeout (which is two minutes). Pass
`--http-server-default-timeout=milliseconds`
or `--http-server-default-timeout=0` to respectively change or
disable the timeout. Starting with Node.js 13.0.0, the timeout will
be disabled by default
(Ali Ijaz Sheikh) https://github.com/nodejs/node/pull/27704.
* inspector:
* Added an experimental `--heap-prof` flag to start the V8 heap
profiler on startup and write the heap profile to disk before exit
(Joyee Cheung) https://github.com/nodejs/node/pull/27596.
* stream:
* The `readable.unshift()` method now correctly converts strings to
buffers. Additionally, a new optional argument is accepted to
specify the string's encoding, such as `'utf8'` or `'ascii'`
(Marcos Casagrande) https://github.com/nodejs/node/pull/27194.
* v8:
* The object returned by `v8.getHeapStatistics()` has two new
properties: `number_of_native_contexts` and
`number_of_detached_contexts` (Yuriy Vasiyarov)
https://github.com/nodejs/node/pull/27933.
PR-URL: https://github.com/nodejs/node/pull/28040
|
|
Notable changes:
- **deps**:
- update ICU to 64.2 (Ujjwal Sharma)
[#27361](https://github.com/nodejs/node/pull/27361)
- upgrade npm to 6.9.0 (Kat Marchán)
[#26244](https://github.com/nodejs/node/pull/26244)
- upgrade openssl sources to 1.1.1b (Sam Roberts)
[#26327](https://github.com/nodejs/node/pull/26327)
- upgrade to libuv 1.28.0 (cjihrig)
[#27241](https://github.com/nodejs/node/pull/27241)
- **events**:
- add once method to use promises with EventEmitter (Matteo Collina)
[#26078](https://github.com/nodejs/node/pull/26078)
- **n-api**:
- mark thread-safe function as stable (Gabriel Schulhof)
[#25556](https://github.com/nodejs/node/pull/25556)
- **repl**:
- support top-level for-await-of (Shelley Vohr)
[#23841](https://github.com/nodejs/node/pull/23841)
- **zlib**:
- add brotli support (Anna Henningsen)
[#24938](https://github.com/nodejs/node/pull/24938)
PR-URL: https://github.com/nodejs/node/pull/27514
|
|
Notable changes
* deps:
* Fix handling of +0/-0 when constant field tracking is enabled
(Michaël Zasso) https://github.com/nodejs/node/pull/27792
* Fix `os.freemem()` and `os.totalmem` correctness (cjihrig)
https://github.com/nodejs/node/pull/27718
* src:
* Fix v12.3.0 regression that prevents native addons from compiling
https://github.com/nodejs/node/pull/27804
PR-URL: https://github.com/nodejs/node/pull/27814
|
|
Notable changes:
* esm:
* Added the `--experimental-wasm-modules` flag to support
WebAssembly modules (Myles Borins & Guy Bedford)
https://github.com/nodejs/node/pull/27659
* process:
* Log errors using `util.inspect` in case of fatal exceptions
(Ruben Bridgewater) https://github.com/nodejs/node/pull/27243
* repl:
* Add `process.on('uncaughtException')` support (Ruben Bridgewater)
https://github.com/nodejs/node/pull/27151
* stream:
* Implemented `Readable.from` async iterator utility (Guy Bedford)
https://github.com/nodejs/node/pull/27660
* tls:
* Expose built-in root certificates (Ben Noordhuis)
https://github.com/nodejs/node/pull/26415
* Support `net.Server` options (Luigi Pinca)
https://github.com/nodejs/node/pull/27665
* Expose `keylog` event on TLSSocket (Alba Mendez)
https://github.com/nodejs/node/pull/27654
* worker:
* Added the ability to unshift messages from the `MessagePort`
(Anna Henningsen) https://github.com/nodejs/node/pull/27294
PR-URL: https://github.com/nodejs/node/pull/27799
|
|
PR-URL: https://github.com/nodejs/node/pull/27658
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
|
|
Notable changes:
* deps:
* Updated llhttp to 1.1.3. This fixes a bug that made Node.js' HTTP
parser refuse any request URL that contained the "|" (vertical bar)
character. https://github.com/nodejs/node/pull/27595
* tls:
* Added an `enableTrace()` method to `TLSSocket` and an `enableTrace`
option to `tls.createServer()`. When enabled, TSL packet trace
information is written to `stderr`. This can be used to debug TLS
connection problems. https://github.com/nodejs/node/pull/27497
https://github.com/nodejs/node/pull/27376
* cli:
* Added a `--trace-tls` command-line flag that enables tracing of TLS
connections without the need to modify existing application code.
https://github.com/nodejs/node/pull/27497
* Added a `--cpu-prof-interval` command-line flag. It can be used to
specify the sampling interval for the CPU profiles generated by
`--cpu-prof`. https://github.com/nodejs/node/pull/27535
* module:
* Added the `createRequire()` method. It allows to create a require
function from a file URL object, a file URL string or an absolute
path string. The existing `createRequireFromPath()` method is now
deprecated https://github.com/nodejs/node/pull/27405.
* Throw on `require('./path.mjs')`. This is technically a breaking
change that should have landed with Node.js 12.0.0. It is necessary
to have this to keep the possibility for a future minor version to
load ES Modules with the require function.
https://github.com/nodejs/node/pull/27417
* repl:
* The REPL now supports multi-line statements using `BigInt` literals
as well as public and private class fields and methods.
https://github.com/nodejs/node/pull/27400
* The REPL now supports tab autocompletion of file paths with `fs`
methods. https://github.com/nodejs/node/pull/26648
* meta:
* Added Christian Clauss (https://github.com/cclauss) to
collaborators. https://github.com/nodejs/node/pull/27554
PR-URL: https://github.com/nodejs/node/pull/27578
|
|
Notable changes:
* deps: add s390 asm rules for OpenSSL-1.1.1 (Shigeki Ohtsu) [#19794](https://github.com/nodejs/node/pull/19794)
* src: add .code and SSL specific error properties (Sam Roberts) [#25093](https://github.com/nodejs/node/pull/25093)
* tls:
* add --tls-min-v1.2 CLI switch (Sam Roberts) [#26951](https://github.com/nodejs/node/pull/26951)
* supported shared openssl 1.1.0 (Sam Roberts) [#26951](https://github.com/nodejs/node/pull/26951)
* revert default max toTLSv1.2 (Sam Roberts) [#26951](https://github.com/nodejs/node/pull/26951)
* revert change to invalid protocol error type (Sam Roberts) [#26951](https://github.com/nodejs/node/pull/26951)
* support TLSv1.3 (Sam Roberts) [#26209](https://github.com/nodejs/node/pull/26209)
* add code for ERR\_TLS\_INVALID\_PROTOCOL\_METHOD (Sam Roberts) [#24729](https://github.com/nodejs/node/pull/24729)
PR-URL: https://github.com/nodejs/node/pull/27314
|
|
Notable changes:
* intl:
* Update ICU to 64.2. This adds support for Japanese Era (Reiwa).
https://github.com/nodejs/node/pull/27361
* Fixes a bug in ICU that affected Node.js 12.0.0 in the case where
`new Date().toLocaleString()` was called with a non-default locale.
https://github.com/nodejs/node/pull/27415
* C++ API:
* Added an overload of `EmitAsyncDestroy` that can be used during
garbage collection.
https://github.com/nodejs/node/pull/27255
PR-URL: https://github.com/nodejs/node/pull/27440
|
|
PR-URL: https://github.com/nodejs/node/pull/27414
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
|
|
Notable changes:
* assert:
* validate required arguments (Ruben Bridgewater)
[#26641](https://github.com/nodejs/node/pull/26641)
* adjust loose assertions (Ruben Bridgewater)
[#25008](https://github.com/nodejs/node/pull/25008)
* async_hooks:
* remove deprecated `emitBefore` and `emitAfter` (Matteo Collina)
[#26530](https://github.com/nodejs/node/pull/26530)
* remove promise object from resource (Andreas Madsen)
[#23443](https://github.com/nodejs/node/pull/23443)
* bootstrap: make Buffer and process non-enumerable (Ruben Bridgewater)
[#24874](https://github.com/nodejs/node/pull/24874)
* buffer:
* use stricter range checks (Ruben Bridgewater)
[#27045](https://github.com/nodejs/node/pull/27045)
* harden `SlowBuffer` creation (ZYSzys)
[#26272](https://github.com/nodejs/node/pull/26272)
* harden validation of buffer allocation size (ZYSzys)
[#26162](https://github.com/nodejs/node/pull/26162)
* do proper error propagation in addon methods (Anna Henningsen)
[#23939](https://github.com/nodejs/node/pull/23939)
* child_process:
* remove `options.customFds` (cjihrig)
[#25279](https://github.com/nodejs/node/pull/25279)
* harden fork arguments validation (ZYSzys)
[#27039](https://github.com/nodejs/node/pull/27039)
* use non-infinite `maxBuffer` defaults (kohta ito)
[#23027](https://github.com/nodejs/node/pull/23027)
* console:
* don't use ANSI escape codes when `TERM=dumb` (Vladislav Kaminsky)
[#26261](https://github.com/nodejs/node/pull/26261)
* crypto:
* remove legacy native handles (Tobias Nießen)
[#27011](https://github.com/nodejs/node/pull/27011)
* decode missing passphrase errors (Tobias Nießen)
[#25208](https://github.com/nodejs/node/pull/25208)
* remove `Cipher.setAuthTag()` and `Decipher.getAuthTag()`
(Tobias Nießen)
[#26249](https://github.com/nodejs/node/pull/26249)
* remove deprecated `crypto._toBuf()` (Tobias Nießen)
[#25338](https://github.com/nodejs/node/pull/25338)
* set `DEFAULT\_ENCODING` property to non-enumerable
(Antoine du Hamel)
[#23222](https://github.com/nodejs/node/pull/23222)
* deps:
* update V8 to 7.4.288.13
(Michaël Zasso, cjihrig, Refael Ackermann)
(Anna Henningsen, Ujjwal Sharma)
[#26685](https://github.com/nodejs/node/pull/26685)
* bump minimum icu version to 63 (Ujjwal Sharma)
[#25852](https://github.com/nodejs/node/pull/25852)
* update OpenSSL to 1.1.1b (Sam Roberts, Shigeki Ohtsu)
[#26327](https://github.com/nodejs/node/pull/26327)
* errors:
* update error name (Ruben Bridgewater)
[#26738](https://github.com/nodejs/node/pull/26738)
* fs:
* use proper .destroy() implementation for SyncWriteStream
(Matteo Collina)
[#26690](https://github.com/nodejs/node/pull/26690)
* improve mode validation (Ruben Bridgewater)
[#26575](https://github.com/nodejs/node/pull/26575)
* harden validation of start option in `createWriteStream()`
(ZYSzys)
[#25579](https://github.com/nodejs/node/pull/25579)
* make writeFile consistent with readFile wrt fd
(Sakthipriyan Vairamani (thefourtheye))
[#23709](https://github.com/nodejs/node/pull/23709)
* http:
* validate timeout in `ClientRequest()` (cjihrig)
[#26214](https://github.com/nodejs/node/pull/26214)
* return HTTP 431 on `HPE_HEADER_OVERFLOW` error (Albert Still)
[#25605](https://github.com/nodejs/node/pull/25605)
* switch default parser to llhttp (Anna Henningsen)
[#24870](https://github.com/nodejs/node/pull/24870)
* Runtime-deprecate `outgoingMessage._headers` and
`outgoingMessage._headerNames` (Morgan Roderick)
[#24167](https://github.com/nodejs/node/pull/24167)
* lib:
* remove `Atomics.wake()` (Gus Caplan)
[#27033](https://github.com/nodejs/node/pull/27033)
* move DTRACE\_\* probes out of global scope (James M Snell)
[#26541](https://github.com/nodejs/node/pull/26541)
* deprecate `_stream_wrap` (Sam Roberts)
[#26245](https://github.com/nodejs/node/pull/26245)
* use ES6 class inheritance style (Ruben Bridgewater)
[#24755](https://github.com/nodejs/node/pull/24755)
* module:
* remove unintended access to deps/ (Anna Henningsen)
[#25138](https://github.com/nodejs/node/pull/25138)
* improve error message for MODULE\_NOT\_FOUND (Ali Ijaz Sheikh)
[#25690](https://github.com/nodejs/node/pull/25690)
* requireStack property for MODULE\_NOT\_FOUND (Ali Ijaz Sheikh)
[#25690](https://github.com/nodejs/node/pull/25690)
* remove dead code (Ruben Bridgewater)
[#26983](https://github.com/nodejs/node/pull/26983)
* make `require('.')` never resolve outside the current directory
(Ruben Bridgewater)
[#26973](https://github.com/nodejs/node/pull/26973)
* throw an error for invalid package.json main entries
(Ruben Bridgewater)
[#26823](https://github.com/nodejs/node/pull/26823)
* don't search in `require.resolve.paths` (cjihrig)
[#23683](https://github.com/nodejs/node/pull/23683)
* net:
* remove `Server.listenFD()` (cjihrig)
[#27127](https://github.com/nodejs/node/pull/27127)
* do not add `.host` and `.port` properties to DNS error
(Ruben Bridgewater)
[#26751](https://github.com/nodejs/node/pull/26751)
* emit "write after end" errors in the next tick (Ouyang Yadong)
[#24457](https://github.com/nodejs/node/pull/24457)
* deprecate `_setSimultaneousAccepts()` undocumented function
(James M Snell)
[#23760](https://github.com/nodejs/node/pull/23760)
* os:
* implement `os.type()` using `uv_os_uname()` (cjihrig)
[#25659](https://github.com/nodejs/node/pull/25659)
* remove `os.getNetworkInterfaces()` (cjihrig)
[#25280](https://github.com/nodejs/node/pull/25280)
* process:
* make global.process, global.Buffer getters (Guy Bedford)
[#26882](https://github.com/nodejs/node/pull/26882)
* move DEP0062 (node --debug) to end-of-life (Joyee Cheung)
[#25828](https://github.com/nodejs/node/pull/25828)
* exit on --debug and --debug-brk after option parsing
(Joyee Cheung)
[#25828](https://github.com/nodejs/node/pull/25828)
* improve `--redirect-warnings` handling (Ruben Bridgewater)
[#24965](https://github.com/nodejs/node/pull/24965)
* readline:
* support TERM=dumb (Vladislav Kaminsky)
[#26261](https://github.com/nodejs/node/pull/26261)
* repl:
* add welcome message (gengjiawen)
[#25947](https://github.com/nodejs/node/pull/25947)
* fix terminal default setting (Ruben Bridgewater)
[#26518](https://github.com/nodejs/node/pull/26518)
* check colors with `.getColorDepth()` (Vladislav Kaminsky)
[#26261](https://github.com/nodejs/node/pull/26261)
* deprecate REPLServer.rli (Ruben Bridgewater)
[#26260](https://github.com/nodejs/node/pull/26260)
* src:
* remove unused `INT_MAX` constant (Sam Roberts)
[#27078](https://github.com/nodejs/node/pull/27078)
* update `NODE_MODULE_VERSION` to 72 (Ujjwal Sharma)
[#26685](https://github.com/nodejs/node/pull/26685)
* remove `AddPromiseHook()` (Anna Henningsen)
[#26574](https://github.com/nodejs/node/pull/26574)
* clean up `MultiIsolatePlatform` interface (Anna Henningsen)
[#26384](https://github.com/nodejs/node/pull/26384)
* properly configure default heap limits (Ali Ijaz Sheikh)
[#25576](https://github.com/nodejs/node/pull/25576)
* remove `icuDataDir` from node config (GauthamBanasandra)
[#24780](https://github.com/nodejs/node/pull/24780)
* tls:
* support TLSv1.3 (Sam Roberts)
[#26209](https://github.com/nodejs/node/pull/26209)
* return correct version from `getCipher()` (Sam Roberts)
[#26625](https://github.com/nodejs/node/pull/26625)
* check arg types of renegotiate() (Sam Roberts)
[#25876](https://github.com/nodejs/node/pull/25876)
* add code for `ERR_TLS_INVALID_PROTOCOL_METHOD` (Sam Roberts)
[#24729](https://github.com/nodejs/node/pull/24729)
* emit a warning when servername is an IP address (Rodger Combs)
[#23329](https://github.com/nodejs/node/pull/23329)
* disable TLS v1.0 and v1.1 by default (Ben Noordhuis)
[#23814](https://github.com/nodejs/node/pull/23814)
* remove unused arg to createSecureContext() (Sam Roberts)
[#24241](https://github.com/nodejs/node/pull/24241)
* deprecate `Server.prototype.setOptions()` (cjihrig)
[#23820](https://github.com/nodejs/node/pull/23820)
* load `NODE_EXTRA_CA_CERTS` at startup (Ouyang Yadong)
[#23354](https://github.com/nodejs/node/pull/23354)
* util:
* remove `util.print()`, `util.puts()`, `util.debug()`
and `util.error()` (cjihrig)
[#25377](https://github.com/nodejs/node/pull/25377)
* change inspect compact and breakLength default
(Ruben Bridgewater)
[#27109](https://github.com/nodejs/node/pull/27109)
* improve inspect edge cases (Ruben Bridgewater)
[#27109](https://github.com/nodejs/node/pull/27109)
* only the first line of the error message (Simon Zünd)
[#26685](https://github.com/nodejs/node/pull/26685)
* don't set the prototype of callbackified functions
(Ruben Bridgewater)
[#26893](https://github.com/nodejs/node/pull/26893)
* rename callbackified function (Ruben Bridgewater)
[#26893](https://github.com/nodejs/node/pull/26893)
* increase function length when using `callbackify()`
(Ruben Bridgewater)
[#26893](https://github.com/nodejs/node/pull/26893)
* prevent tampering with internals in `inspect()`
(Ruben Bridgewater)
[#26577](https://github.com/nodejs/node/pull/26577)
* prevent Proxy traps being triggered by `.inspect()`
(Ruben Bridgewater)
[#26241](https://github.com/nodejs/node/pull/26241)
* prevent leaking internal properties (Ruben Bridgewater)
[#24971](https://github.com/nodejs/node/pull/24971)
* protect against monkeypatched Object prototype for inspect()
(Rich Trott)
[#25953](https://github.com/nodejs/node/pull/25953)
* treat format arguments equally (Roman Reiss)
[#23162](https://github.com/nodejs/node/pull/23162)
* win, fs:
* detect if symlink target is a directory (Bartosz Sosnowski)
[#23724](https://github.com/nodejs/node/pull/23724)
* zlib:
* throw TypeError if callback is missing (Anna Henningsen)
[#24929](https://github.com/nodejs/node/pull/24929)
* make “bare” constants un-enumerable (Anna Henningsen)
[#24824](https://github.com/nodejs/node/pull/24824)
PR-URL: https://github.com/nodejs/node/pull/26930
|
|
Notable Changes:
* n-api:
- add API for asynchronous functions (Gabriel Schulhof)
https://github.com/nodejs/node/pull/17887
- mark thread-safe function as stable (Gabriel Schulhof)
https://github.com/nodejs/node/pull/25556
PR-URL: https://github.com/nodejs/node/pull/26933
|
|
Notable changes:
- child_process: doc deprecate ChildProcess.\_channel (cjihrig)
[#26982](https://github.com/nodejs/node/pull/26982)
- deps: update nghttp2 to 1.37.0 (gengjiawen)
[#26990](https://github.com/nodejs/node/pull/26990)
- dns:
- make dns.promises enumerable (cjihrig)
[#26592](https://github.com/nodejs/node/pull/26592)
- remove dns.promises experimental warning (cjihrig)
[#26592](https://github.com/nodejs/node/pull/26592)
- fs: remove experimental warning for fs.promises (Anna Henningsen)
[#26581] (https://github.com/nodejs/node/pull/26581)
- stream: make Symbol.asyncIterator support stable (Matteo Collina)
[#26989](https://github.com/nodejs/node/pull/26989)
- worker: use copy of process.env (Anna Henningsen)
[#26544](https://github.com/nodejs/node/pull/26544)
PR-URL: https://github.com/nodejs/node/pull/27163
|
|
Notable changes:
- http:
- fix error check in `Execute()` (Brian White)
[#25939](https://github.com/nodejs/node/pull/25939)
PR-URL: https://github.com/nodejs/node/pull/26684
|
|
PR-URL: https://github.com/nodejs/node/pull/26931
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
|
|
Notable changes:
* crypto
* Allow deriving public from private keys (Tobias Nießen)
[#26278](https://github.com/nodejs/node/pull/26278).
* events
* Added a `once` function to use `EventEmitter` with promises
(Matteo Collina) [#26078](https://github.com/nodejs/node/pull/26078).
* tty
* Added a `hasColors` method to `WriteStream` (Ruben Bridgewater)
[#26247](https://github.com/nodejs/node/pull/26247).
* Added NO_COLOR and FORCE_COLOR support (Ruben Bridgewater)
[#26485](https://github.com/nodejs/node/pull/26485).
* v8
* Added `v8.getHeapSnapshot` and `v8.writeHeapSnapshot` to generate snapshots
in the format used by tools such as Chrome DevTools (James M Snell)
[#26501](https://github.com/nodejs/node/pull/26501).
* worker
* Added `worker.moveMessagePortToContext`. This enables using MessagePorts in
different vm.Contexts, aiding with the isolation that the vm module seeks to
provide (Anna Henningsen)
[#26497](https://github.com/nodejs/node/pull/26497).
* C++ API
* `AddPromiseHook` is now deprecated. This API was added to fill an use case
that is served by `async_hooks`, since that has `Promise` support
(Anna Henningsen) [#26529](https://github.com/nodejs/node/pull/26529).
* Added a `Stop` API to shut down Node.js while it is running
(Gireesh Punathil) [#21283](https://github.com/nodejs/node/pull/21283).
* meta
* [Gireesh Punathil](https://github.com/gireeshpunathil) is now a member of
the Technical Steering Committee
[#26657](https://github.com/nodejs/node/pull/26657).
* Added [Yongsheng Zhang](https://github.com/ZYSzys) to collaborators
[#26730](https://github.com/nodejs/node/pull/26730).
PR-URL: https://github.com/nodejs/node/pull/26949
|
|
Notable Changes
* bootstrap:
* Add experimental `--frozen-intrinsics` flag (Guy Bedford)
https://github.com/nodejs/node/pull/25685
* build:
* Enable v8's siphash for hash seed creation (Rod Vagg)
https://github.com/nodejs/node/pull/26367
* deps:
* Upgrade openssl to 1.1.1b (Sam Roberts)
https://github.com/nodejs/node/pull/26327
* process:
* Make `process[Symbol.toStringTag]` writable again
(Ruben Bridgewater) https://github.com/nodejs/node/pull/26488
* repl:
* Add `util.inspect.replDefaults` to customize the writer
(Ruben Bridgewater) https://github.com/nodejs/node/pull/26375
* report:
* Rename `triggerReport()` to `writeReport()` (Colin Ihrig)
https://github.com/nodejs/node/pull/26527
|
|
Notable Changes
* n-api:
* Implement date object (Jarrod Connolly)
https://github.com/nodejs/node/pull/25917
* util:
* Add compact depth mode for `util.inspect()` (Ruben Bridgewater)
https://github.com/nodejs/node/pull/26269
* worker:
* Improve integration with native addons (Anna Henningsen)
https://github.com/nodejs/node/pull/26175
* MessagePort.prototype.onmessage takes arguments closer to the Web
specification now (Anna Henningsen)
https://github.com/nodejs/node/pull/26082
|
|
Notable Changes
* **doc**
* add antsmartian to collaborators (Anto Aravinth)
[#24655](https://github.com/nodejs/node/pull/24655)
* **http**
* fix error check in Execute() (Brian White)
[#25863](https://github.com/nodejs/node/pull/25863)
* **stream**
* fix end-of-stream for HTTP/2 (Anna Henningsen)
[#24926](https://github.com/nodejs/node/pull/24926)
PR-URL: https://github.com/nodejs/node/pull/26063
|
|
This is a security release. All Node.js users should consult the security
release summary at:
https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
for details on patched vulnerabilities.
Fixes for the following CVEs are included in this release:
* Node.js: Denial of Service with keep-alive HTTP connections
(CVE-2019-5739)
* Node.js: Slowloris HTTP Denial of Service with keep-alive
(CVE-2019-5737)
* OpenSSL: 0-byte record padding oracle (CVE-2019-1559)
Notable Changes:
* deps: OpenSSL has been upgraded to 1.0.2r which contains a fix for
CVE-2019-1559 (https://www.openssl.org/news/secadv/20190226.txt). Under
certain circumstances, a TLS server can be forced to respond differently to
a client if a zero-byte record is received with an invalid padding
compared to a zero-byte record with an invalid MAC. This can be used as the
basis of a padding oracle attack to decrypt data.
* http:
- Backport `server.keepAliveTimeout` to prevent keep-alive HTTP and HTTPS
connections remaining open and inactive for an extended period of time,
leading to a potential Denial of Service (DoS).
(CVE-2019-5739 / Timur Shemsedinov, Matteo Collina)
- Further prevention of "Slowloris" attacks on HTTP and HTTPS
connections by consistently applying the receive timeout set by
`server.headersTimeout` to connections in keep-alive mode. Reported by
Marco Pracucci (https://voxnest.com). (CVE-2019-5737 / Matteo Collina)
PR-URL: https://github.com/nodejs-private/node-private/pull/169
|
|
This is a security release. All Node.js users should consult the security
release summary at:
https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
for details on patched vulnerabilities.
Fixes for the following CVEs are included in this release:
* Node.js: Slowloris HTTP Denial of Service with keep-alive
(CVE-2019-5737)
* OpenSSL: 0-byte record padding oracle (CVE-2019-1559)
Notable Changes:
* deps: OpenSSL has been upgraded to 1.0.2r which contains a fix for
CVE-2019-1559 (https://www.openssl.org/news/secadv/20190226.txt). Under
certain circumstances, a TLS server can be forced to respond differently to
a client if a zero-byte record is received with an invalid padding
compared to a zero-byte record with an invalid MAC. This can be used as the
basis of a padding oracle attack to decrypt data.
* http: Further prevention of "Slowloris" attacks on HTTP and HTTPS
connections by consistently applying the receive timeout set by
`server.headersTimeout` to connections in keep-alive mode. Reported by
Marco Pracucci (https://voxnest.com). (CVE-2019-5737 / Matteo Collina)
PR-URL: https://github.com/nodejs-private/node-private/pull/165
|
|
This is a security release. All Node.js users should consult the security
release summary at:
https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
for details on patched vulnerabilities.
A fix for the following CVE is included in this release:
* Node.js: Slowloris HTTP Denial of Service with keep-alive
(CVE-2019-5737)
Notable Changes:
* http: Further prevention of "Slowloris" attacks on HTTP and HTTPS
connections by consistently applying the receive timeout set by
`server.headersTimeout` to connections in keep-alive mode. Reported by
Marco Pracucci (https://voxnest.com). (CVE-2019-5737 / Matteo Collina)
PR-URL: https://github.com/nodejs-private/node-private/pull/164
|
|
This is a security release. All Node.js users should consult the security
release summary at:
https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
for details on patched vulnerabilities.
A fix for the following CVE is included in this release:
* Node.js: Slowloris HTTP Denial of Service with keep-alive
(CVE-2019-5737)
Notable Changes:
* http: Further prevention of "Slowloris" attacks on HTTP and HTTPS
connections by consistently applying the receive timeout set by
`server.headersTimeout` to connections in keep-alive mode. Reported by
Marco Pracucci (https://voxnest.com). (CVE-2019-5737 / Matteo Collina)
PR-URL: https://github.com/nodejs-private/node-private/pull/163
|
|
Notable changes:
deps:
* Updated libuv to 1.26.0.
* Updated npm to 6.7.0.
http, http2:
* `response.writeHead` now returns the response object.
perf_hooks:
* Implemented a histogram based API.
process:
* Exposed `process.features.inspector`.
repl:
* Added `repl.setupHistory` for programmatic repl.
tls:
* Introduced client "session" event.
PR-URL: https://github.com/nodejs/node/pull/26098
|
|
Notable changes:
* deps:
* OpenSSL has been updated to 1.1.1a, which is API/ABI compatible with
the previous OpenSSL 1.1.0j. Note that while OpenSSL 1.1.1a supports
TLS1.3, Node.js still does not.
https://github.com/nodejs/node/pull/25582
PR-URL: https://github.com/nodejs/node/pull/25802
|
|
* doc:
* add oyyd to collaborators (Ouyang Yadong) [#24300](https://github.com/nodejs/node/pull/24300)
* tls:
* throw if protocol too long (Andre Jodat-Danbrani) [#23606](https://github.com/nodejs/node/pull/23606)
PR-URL: https://github.com/nodejs/node/pull/25346
|
|
Notable Changes:
* events:
* For unhandled `error` events with an argument that is not an
`Error` object, the resulting exeption will have more information
about the argument.
https://github.com/nodejs/node/pull/25621
* child_process:
* When the `maxBuffer` option is passed, `stdout` and `stderr` will
be truncated rather than unavailable in case of an error.
https://github.com/nodejs/node/pull/24951
* policy:
* Experimental support for module integrity checks through a manifest
file is implemented now.
https://github.com/nodejs/node/pull/23834
* n-api:
* The `napi_threadsafe_function` feature is now stable.
https://github.com/nodejs/node/pull/25556
* report:
* An experimental diagnostic API for capturing process state is
available as `process.report` and through command line flags.
https://github.com/nodejs/node/pull/22712
* tls:
* `tls.connect()` takes a `timeout` option analogous to the
`net.connect()` one.
https://github.com/nodejs/node/pull/25517
* worker:
* `process.umask()` is available as a read-only function inside Worker
threads now.
https://github.com/nodejs/node/pull/25526
* An `execArgv` option that supports a subset of Node.js command line
options is supported now.
https://github.com/nodejs/node/pull/25467
PR-URL: https://github.com/nodejs/node/pull/25687
|
|
Notable Changes
* compression / zlib:
* Added brotli support (Anna Henningsen and Zach Vacura)
https://github.com/nodejs/node/pull/24938
* console:
* Added `inspectOptions` option (Ruben Bridgewater)
https://github.com/nodejs/node/pull/24978
* crypto:
* Always accept private keys as public keys (Tobias Nießen)
https://github.com/nodejs/node/pull/25217
* deps:
* Upgrade npm to v6.5.0 (Jordan Harband)
https://github.com/nodejs/node/pull/25234
* fs:
* Use internalBinding('fs') internally instead of
process.binding('fs') (Masashi Hirano)
https://github.com/nodejs/node/pull/22478
* http(s):
* Support overriding http\\s.globalAgent (Roy Sommer)
https://github.com/nodejs/node/pull/25170
* util:
* Inspect ArrayBuffers contents closely (Ruben Bridgewater)
https://github.com/nodejs/node/pull/25006
* worker:
* Expose workers by default and remove `--experimental-worker` flag
(Anna Henningsen) https://github.com/nodejs/node/pull/25361
PR-URL: https://github.com/nodejs/node/pull/25537
|
|
Notable Changes:
* cli:
- add --max-http-header-size flag (cjihrig)
https://github.com/nodejs/node/pull/24811
* crypto:
- always accept certificates as public keys (Tobias Nießen)
https://github.com/nodejs/node/pull/24234
- add key object API (Tobias Nießen) [#24234](https://github.com/nodejs/node/pull/24234)
- update root certificates (Sam Roberts)
https://github.com/nodejs/node/pull/25113
* deps:
- upgrade to libuv 1.24.1 (cjihrig)
https://github.com/nodejs/node/pull/25078
- upgrade npm to 6.5.0 (Audrey Eschright)
https://github.com/nodejs/node/pull/24734
* http:
- add maxHeaderSize property (cjihrig)
https://github.com/nodejs/node/pull/24860
PR-URL: https://github.com/nodejs/node/pull/25175
|
|
The 10.14.0 security release introduced some unexpected breakages on
the 10.x release line. This is a special release to fix a regression
in the HTTP binary upgrade response body and add a missing CLI flag
to adjust the max header size of the http parser.
Notable Changes:
* cli:
- add --max-http-header-size flag (cjihrig)
https://github.com/nodejs/node/pull/24811
* http:
- add maxHeaderSize property (cjihrig)
https://github.com/nodejs/node/pull/24860
PR-URL: https://github.com/nodejs/node/pull/25176
|
|
The 8.14.0 security release introduced some unexpected breakages on
the 8.x release line. This is a special release to fix a regression
in the HTTP binary upgrade response body and add a missing CLI flag
to adjust the max header size of the http parser.
Notable changes:
* cli:
- add --max-http-header-size flag (cjihrig)
https://github.com/nodejs/node/pull/24811
* http:
- add maxHeaderSize property (cjihrig)
https://github.com/nodejs/node/pull/24860
PR-URL: https://github.com/nodejs/node/pull/25177
|
|
The 6.15.0 security release introduced some unexpected breakages on
the 6.x release line. This is a special release to fix a regression
in the HTTP binary upgrade response body and add a missing CLI flag
to adjust the max header size of the http parser.
Notable changes:
* cli:
- add --max-http-header-size flag (cjihrig)
https://github.com/nodejs/node/pull/24811
* http:
- add maxHeaderSize property (cjihrig)
https://github.com/nodejs/node/pull/24860
PR-URL: https://github.com/nodejs/node/pull/25178
|
|
Notable changes:
* **tls**:
* support "BEGIN TRUSTED CERTIFICATE" for ca: (Sam Roberts)
[#24733](https://github.com/nodejs/node/pull/24733)
* **util**:
* add inspection getter option (Ruben Bridgewater)
[#24852](https://github.com/nodejs/node/pull/24852)
PR-URL: https://github.com/nodejs/node/pull/25102
|
|
Notable changes:
* **assert**:
- revert breaking change (Ruben Bridgewater)
[#24786](https://github.com/nodejs/node/pull/24786)
* **http2**:
- fix sequence of error/close events (Gerhard Stoebich)
[#24789](https://github.com/nodejs/node/pull/24789)
PR-URL: https://github.com/nodejs/node/pull/24832
|
|
Notable changes:
* deps:
* upgrade to c-ares v1.15.0 (Ben Noordhuis)
https://github.com/nodejs/node/pull/23854
* Windows:
* A crashing process will now show the names of stack frames if the node.pdb
file is available. (Refael Ackermann)
https://github.com/nodejs/node/pull/23822
* Added new collaborators:
* Peter Marshall. https://github.com/nodejs/node/pull/24170
* Masashi Hirano. https://github.com/nodejs/node/pull/24136
PR-URL: https://github.com/nodejs/node/pull/24727
|
|
Notable Changes:
* console,util:
* `console` functions now handle symbols as defined in the spec.
https://github.com/nodejs/node/pull/23708
* The inspection `depth` default is now back at 2.
https://github.com/nodejs/node/pull/24326
* dgram,net:
* Added ipv6Only option for `net` and `dgram`.
https://github.com/nodejs/node/pull/23798
* http:
* Chosing between the http parser is now possible per runtime flag.
https://github.com/nodejs/node/pull/24739
* readline:
* The `readline` module now supports async iterators.
https://github.com/nodejs/node/pull/23916
* repl:
* The multiline history feature is removed.
https://github.com/nodejs/node/pull/24804
* tls:
* Added min/max protocol version options.
https://github.com/nodejs/node/pull/24405
* The X.509 public key info now includes the RSA bit size and the
elliptic curve. https://github.com/nodejs/node/pull/24358
* url:
* `pathToFileURL()` now supports LF, CR and TAB.
https://github.com/nodejs/node/pull/23720
* Windows:
* Tools are not installed using Boxstarter anymore.
https://github.com/nodejs/node/pull/24677
* The install-tools scripts or now included in the dist.
https://github.com/nodejs/node/pull/24233
* Added new collaborator:
* [antsmartian](https://github.com/antsmartian) - Anto Aravinth.
https://github.com/nodejs/node/pull/24655
PR-URL: https://github.com/nodejs/node/pull/24854
|
|
Notable Changes:
This is a patch release to address a bad backport of the fix for "Slowloris
HTTP Denial of Service" (CVE-2018-12122). Node.js 6.15.0 misapplies the headers
timeout to an entire keep-alive HTTP session, resulting in prematurely
disconnected sockets.
PR-URL: https://github.com/nodejs/node/pull/24803
Refs: https://github.com/nodejs/node/pull/24796
Refs: https://github.com/nodejs/node/issues/24760
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
|
|
Notable Changes:
* **win/msi**: Revert changes to installer causing issues on Windows systems.
PR-URL: https://github.com/nodejs/node/pull/24711
|
|
This is a security release. All Node.js users should consult the security
release summary at:
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
for details on patched vulnerabilities.
Fixes for the following CVEs are included in this release:
* Node.js: Denial of Service with large HTTP headers (CVE-2018-12121)
* Node.js: Slowloris HTTP Denial of Service (CVE-2018-12122 / Node.js)
* Node.js: Hostname spoofing in URL parser for javascript protocol
(CVE-2018-12123)
* OpenSSL: Timing vulnerability in DSA signature generation (CVE-2018-0734)
* OpenSSL: Timing vulnerability in ECDSA signature generation (CVE-2019-0735)
Notable Changes:
* deps: Upgrade to OpenSSL 1.1.0j, fixing CVE-2018-0734 and CVE-2019-0735
* http:
* Headers received by HTTP servers must not exceed 8192 bytes in total to
prevent possible Denial of Service attacks. Reported by Trevor Norris.
(CVE-2018-12121 / Matteo Collina)
* A timeout of 40 seconds now applies to servers receiving HTTP headers. This
value can be adjusted with `server.headersTimeout`. Where headers are not
completely received within this period, the socket is destroyed on the next
received chunk. In conjunction with `server.setTimeout()`, this aids in
protecting against excessive resource retention and possible Denial of
Service. Reported by Jan Maybach (liebdich.com).
* url: Fix a bug that would allow a hostname being spoofed when parsing URLs
with `url.parse()` with the `'javascript:'` protocol. Reported by
Martin Bajanik (kenticocloud.com). (CVE-2018-12123 / Matteo Collina)
PR-URL: https://github.com/nodejs-private/node-private/pull/156/
|
|
This is a security release. All Node.js users should consult the security
release summary at:
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
for details on patched vulnerabilities.
Fixes for the following CVEs are included in this release:
* Node.js: Denial of Service with large HTTP headers (CVE-2018-12121)
* Node.js: Slowloris HTTP Denial of Service (CVE-2018-12122 / Node.js)
* Node.js: Hostname spoofing in URL parser for javascript protocol
(CVE-2018-12123)
* OpenSSL: Timing vulnerability in DSA signature generation (CVE-2018-0734)
* OpenSSL: Timing vulnerability in ECDSA signature generation (CVE-2019-0735)
Notable Changes:
* deps: Upgrade to OpenSSL 1.1.0j, fixing CVE-2018-0734 and CVE-2019-0735
* http:
* Headers received by HTTP servers must not exceed 8192 bytes in total to
prevent possible Denial of Service attacks. Reported by Trevor Norris.
(CVE-2018-12121 / Matteo Collina)
* A timeout of 40 seconds now applies to servers receiving HTTP headers. This
value can be adjusted with `server.headersTimeout`. Where headers are not
completely received within this period, the socket is destroyed on the next
received chunk. In conjunction with `server.setTimeout()`, this aids in
protecting against excessive resource retention and possible Denial of
Service. Reported by Jan Maybach (liebdich.com).
* url: Fix a bug that would allow a hostname being spoofed when parsing URLs
with `url.parse()` with the `'javascript:'` protocol. Reported by
Martin Bajanik (kenticocloud.com). (CVE-2018-12123 / Matteo Collina)
PR-URL: https://github.com/nodejs-private/node-private/pull/155/
|
|
This is a security release. All Node.js users should consult the security
release summary at:
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
for details on patched vulnerabilities.
Fixes for the following CVEs are included in this release:
* Node.js: Denial of Service with large HTTP headers (CVE-2018-12121)
* Node.js: Slowloris HTTP Denial of Service (CVE-2018-12122 / Node.js)
* Node.js: Hostname spoofing in URL parser for javascript protocol
(CVE-2018-12123)
* Node.js: HTTP request splitting (CVE-2018-12116)
* OpenSSL: Timing vulnerability in DSA signature generation (CVE-2018-0734)
* OpenSSL: Microarchitecture timing vulnerability in ECC scalar multiplication
(CVE-2018-5407)
Notable Changes:
* deps: Upgrade to OpenSSL 1.0.2q, fixing CVE-2018-0734 and CVE-2018-5407
* http:
* Headers received by HTTP servers must not exceed 8192 bytes in total to
prevent possible Denial of Service attacks. Reported by Trevor Norris.
(CVE-2018-12121 / Matteo Collina)
* A timeout of 40 seconds now applies to servers receiving HTTP headers. This
value can be adjusted with `server.headersTimeout`. Where headers are not
completely received within this period, the socket is destroyed on the next
received chunk. In conjunction with `server.setTimeout()`, this aids in
protecting against excessive resource retention and possible Denial of
Service. Reported by Jan Maybach (liebdich.com).
* Two-byte characters are now strictly disallowed for the `path` option in
HTTP client requests. Paths containing characters outside of the range
`\u0021` - `\u00ff` will now be rejected with a `TypeError`. This behavior
can be reverted if necessary by supplying the
`--security-revert=CVE-2018-12116` command line argument (this is not
recommended). Reported as security concern for Node.js 6 and 8 by
Arkadiy Tetelman (lob.com), fixed by backporting a change by Benno
Fünfstück applied to Node.js 10 and later.
(CVE-2018-12116 / Matteo Collina)
* url: Fix a bug that would allow a hostname being spoofed when parsing URLs
with `url.parse()` with the `'javascript:'` protocol. Reported by
Martin Bajanik (kenticocloud.com). (CVE-2018-12123 / Matteo Collina)
PR-URL: https://github.com/nodejs-private/node-private/pull/154
|
|
This is a security release. All Node.js users should consult the security
release summary at:
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
for details on patched vulnerabilities.
Fixes for the following CVEs are included in this release:
* Node.js: Debugger port 5858 listens on any interface by default
(CVE-2018-12120)
* Node.js: Denial of Service with large HTTP headers (CVE-2018-12121)
* Node.js: Slowloris HTTP Denial of Service (CVE-2018-12122 / Node.js)
* Node.js: Hostname spoofing in URL parser for javascript protocol
(CVE-2018-12123)
* Node.js: HTTP request splitting (CVE-2018-12116)
* OpenSSL: Timing vulnerability in DSA signature generation (CVE-2018-0734)
* OpenSSL: Microarchitecture timing vulnerability in ECC scalar multiplication
(CVE-2018-5407)
Notable Changes:
* debugger: Backport of https://github.com/nodejs/node/pull/8106 to
prevent the debugger from listening on `0.0.0.0`. It now defaults to
`127.0.0.1`. Reported by Ben Noordhuis. (CVE-2018-12120 / Ben Noordhuis).
* deps: Upgrade to OpenSSL 1.0.2q, fixing CVE-2018-0734 and CVE-2018-5407
* http:
* Headers received by HTTP servers must not exceed 8192 bytes in total to
prevent possible Denial of Service attacks. Reported by Trevor Norris.
(CVE-2018-12121 / Matteo Collina)
* A timeout of 40 seconds now applies to servers receiving HTTP headers. This
value can be adjusted with `server.headersTimeout`. Where headers are not
completely received within this period, the socket is destroyed on the next
received chunk. In conjunction with `server.setTimeout()`, this aids in
protecting against excessive resource retention and possible Denial of
Service. Reported by Jan Maybach (liebdich.com).
(CVE-2018-12122 / Matteo Collina)
* Two-byte characters are now strictly disallowed for the `path` option in
HTTP client requests. Paths containing characters outside of the range
`\u0021` - `\u00ff` will now be rejected with a `TypeError`. This behavior
can be reverted if necessary by supplying the
`--security-revert=CVE-2018-12116` command line argument (this is not
recommended). Reported as security concern for Node.js 6 and 8 by
Arkadiy Tetelman (lob.com), fixed by backporting a change by Benno
Fünfstück applied to Node.js 10 and later.
(CVE-2018-12116 / Matteo Collina)
* url: Fix a bug that would allow a hostname being spoofed when parsing
URLs with `url.parse()` with the `'javascript:'` protocol. Reported by
Martin Bajanik (kenticocloud.com). (CVE-2018-12123 / Matteo Collina)
PR-URL: https://github.com/nodejs-private/node-private/pull/153
|
|
Notable changes:
* **assert**:
- backport some assert commits (Ruben Bridgewater)
[#23223](https://github.com/nodejs/node/pull/23223)
* **deps**:
- upgrade to libuv 1.23.2 (cjihrig)
[#23336](https://github.com/nodejs/node/pull/23336)
- V8: cherry-pick 64-bit hash seed commits (Yang Guo)
[#23274](https://github.com/nodejs/node/pull/23274)
* **http**:
- added aborted property to request (Robert Nagy)
[#20094](https://github.com/nodejs/node/pull/20094)
* **http2**:
- graduate from experimental (James M Snell)
[#22466](https://github.com/nodejs/node/pull/22466)
PR-URL: https://github.com/nodejs/node/pull/23974
|
|
Notable changes:
* deps:
* A new experimental HTTP parser (`llhttp`) is now supported.
https://github.com/nodejs/node/pull/24059
* timers:
* Fixed an issue that could cause setTimeout to stop working as
expected. https://github.com/nodejs/node/pull/24322
* Windows
* A crashing process will now show the names of stack frames if the
node.pdb file is available.
https://github.com/nodejs/node/pull/23822
* Continued effort to improve the installer's new stage that installs
native build tools.
https://github.com/nodejs/node/pull/23987,
https://github.com/nodejs/node/pull/24348
* child_process:
* On Windows the `windowsHide` option default was restored to
`false`. This means `detached` child processes and GUI apps will
once again start in a new window.
https://github.com/nodejs/node/pull/24034
* Added new collaborators:
* [oyyd](https://github.com/oyyd) - Ouyang Yadong.
https://github.com/nodejs/node/pull/24300
* [psmarshall](https://github.com/psmarshall) - Peter Marshall.
https://github.com/nodejs/node/pull/24170
* [shisama](https://github.com/shisama) - Masashi Hirano.
https://github.com/nodejs/node/pull/24136
PR-URL: https://github.com/nodejs/node/pull/24350
|
|
PR-URL: https://github.com/nodejs/node/pull/24094
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
|
|
Notable changes:
* deps
* Updated ICU to 63.1. https://github.com/nodejs/node/pull/23715
* repl
* Top-level for-await-of is now supported in the REPL.
https://github.com/nodejs/node/pull/23841
* timers
* Fixed an issue that could cause timers to enter an infinite loop.
https://github.com/nodejs/node/pull/23870
PR-URL: https://github.com/nodejs/node/pull/23922
|
|
Make the text shorter and clearer.
PR-URL: https://github.com/nodejs/node/pull/23988
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
|
|
This release marks the transition of Node.js 10.x into Long Term
Support (LTS) with the codename 'Dubnium'. The 10.x release line
now moves in to "Active LTS" and will remain so until April 2020.
After that time it will move in to "Maintenance" until end of
life in April 2021.
Notable Changes:
This release only includes minimal changes necessary to fix known
regressions prior to LTS.
PR-URL: https://github.com/nodejs/node/pull/23831
|
|
Notable changes:
* Build
* FreeBSD 10 is no longer supported.[#22617](https://github.com/nodejs/node/pull/22617)
* `child_process`
* The default value of the `windowsHide` option has been changed
to `true`. [#21316](https://github.com/nodejs/node/pull/21316)
* `console`
* `console.countReset()` will emit a warning if the timer
being reset does not exist. [#21649](https://github.com/nodejs/node/pull/21649)
* `console.time()` will no longer reset a timer if it already
exists. [#20442](https://github.com/nodejs/node/pull/20442)
* Dependencies
* V8 has been updated to 7.0.
[#22754](https://github.com/nodejs/node/pull/22754)
* `fs`
* The `fs.read()` method now requires a callback.
[#22146](https://github.com/nodejs/node/pull/22146)
* The previously deprecated `fs.SyncWriteStream` utility has been
removed.[#20735](https://github.com/nodejs/node/pull/20735)
* `http`
* The `http`, `https`, and `tls` modules now use the WHATWG URL parser
by default. [#20270](https://github.com/nodejs/node/pull/20270)
* General
* Use of `process.binding()` has been deprecated. Userland code using
`process.binding()` should re-evaluate that use and begin migrating. If
there are no supported API alternatives, please open an issue in the
Node.js GitHub repository so that a suitable alternative may be discussed.
* An experimental implementation of `queueMicrotask()` has been added.
[#22951](https://github.com/nodejs/node/pull/22951)
* Internal
* Windows performance-counter support has been removed.
[#22485](https://github.com/nodejs/node/pull/22485)
* The `--expose-http2` command-line option has been removed.
[#20887](https://github.com/nodejs/node/pull/20887)
* Timers
* Interval timers will be rescheduled even if previous interval threw
an error. [#20002](https://github.com/nodejs/node/pull/20002)
* `util`
* The WHATWG `TextEncoder` and `TextDecoder` are now globals.
[#22281](https://github.com/nodejs/node/pull/22281)
* `util.inspect()` output size is limited to 128 MB by default.
[#22756](https://github.com/nodejs/node/pull/22756)
* A runtime warning will be emitted when `NODE_DEBUG` is set for
either `http` or `http2`. [#21914](https://github.com/nodejs/node/pull/21914)
|
|
Notable changes:
* assert
* The diff output is now a tiny bit improved by sorting object
properties when inspecting the values that are compared with each
other. https://github.com/nodejs/node/pull/22788
* cli
* The options parser now normalizes `_` to `-` in all multi-word
command-line flags, e.g. `--no_warnings` has the same effect as
`--no-warnings`. https://github.com/nodejs/node/pull/23020
* Added bash completion for the `node` binary. To generate a bash
completion script, run `node --completion-bash`. The output can be
saved to a file which can be sourced to enable completion.
https://github.com/nodejs/node/pull/20713
* crypto
* Added support for PEM-level encryption.
https://github.com/nodejs/node/pull/23151
* Added an API asymmetric key pair generation. The new methods
`crypto.generateKeyPair` and `crypto.generateKeyPairSync` can be
used to generate public and private key pairs. The API supports
RSA, DSA and EC and a variety of key encodings (both PEM and DER).
https://github.com/nodejs/node/pull/22660
* fs
* Added a `recursive` option to `fs.mkdir` and `fs.mkdirSync`. If
this option is set to true, non-existing parent folders will be
automatically created. https://github.com/nodejs/node/pull/21875
* http2
* Added a `'ping'` event to `Http2Session` that is emitted whenever a
non-ack `PING` is received.
https://github.com/nodejs/node/pull/23009
* Added support for the `ORIGIN` frame.
https://github.com/nodejs/node/pull/22956
* Updated nghttp2 to 1.34.0. This adds RFC 8441 extended connect
protocol support to allow use of WebSockets over HTTP/2.
https://github.com/nodejs/node/pull/23284
* module
* Added `module.createRequireFromPath(filename)`. This new method can
be used to create a custom require function that will resolve
modules relative to the filename path.
https://github.com/nodejs/node/pull/19360
* process
* Added a `'multipleResolves'` process event that is emitted whenever
a `Promise` is attempted to be resolved multiple times, e.g. if the
`resolve` and `reject` functions are both called in a `Promise`
executor. https://github.com/nodejs/node/pull/22218
* url
* Added `url.fileURLToPath(url)` and `url.pathToFileURL(path)`. These
methods can be used to correctly convert between file: URLs and
absolute paths. https://github.com/nodejs/node/pull/22506
* util
* Added the `sorted` option to `util.inspect()`. If set to `true`,
all properties of an object and Set and Map entries will be sorted
in the returned string. If set to a function, it is used as a
compare function. https://github.com/nodejs/node/pull/22788
* The `util.instpect.custom` symbol is now defined in the global
symbol registry as `Symbol.for('nodejs.util.inspect.custom')`.
https://github.com/nodejs/node/pull/20857
* Added support for `BigInt` numbers in `util.format()`.
https://github.com/nodejs/node/pull/22097
* V8 API
* A number of V8 C++ APIs have been marked as deprecated since they
have been removed in the upstream repository. Replacement APIs
are added where necessary. https://github.com/nodejs/node/pull/23159
* Windows
* The Windows msi installer now provides an option to automatically
install the tools required to build native modules.
https://github.com/nodejs/node/pull/22645
* Workers
* Debugging support for Workers using the DevTools protocol has been
implemented. https://github.com/nodejs/node/pull/21364
* The public `inspector` module is now enabled in Workers.
https://github.com/nodejs/node/pull/22769
* Added new collaborators:
* digitalinfinity - Hitesh Kanwathirtha
PR-URL: https://github.com/nodejs/node/pull/23313
|
