v15.14.0 proposal #38084
Merged
v15.14.0 proposal #38084
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original commit message: fix "the the" typo in README.md file Refs: nodejs/cjs-module-lexer@22093e7 PR-URL: #37895 Reviewed-By: Pooja D P <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Harshitha K P <[email protected]>
This completes code coverage for v8.js. Refs: https://coverage.nodejs.org/coverage-290c158018ac0277/lib/v8.js.html#L240 PR-URL: #37955 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Benjamin Gruenbaum <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Fixes: #37862 PR-URL: #37877 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Rich Trott <[email protected]>
Clarify the inner workings of .kill on Windows, since termination signals are not available there. Fixes: #34858 PR-URL: #34867 Reviewed-By: Juan José Arboleda <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Rich Trott <[email protected]>
This updates all sources in deps/openssl/openssl by:
$ git clone https://github.com/quictls/openssl
$ cd openssl
$ git checkout OpenSSL_1_1_1k+quic
$ cd ../node/deps/openssl
$ rm -rf openssl
$ cp -R ../openssl openssl
$ cd openssl && rm -rf .gitattributes .github/ .gitmodules .travis-apt-pin.preferences .travis-create-release.sh
$ cd ..
$ git add --all openssl
$ git commit openssl
PR-URL: #37916
Fixes: #37913
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl/include/crypto/bn_conf.h
$ git add deps/openssl/openssl/include/crypto/dso_conf.h
$ git add deps/openssl/openssl/include/openssl/opensslconf.h
$ git commit
PR-URL: #37916
Fixes: #37913
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Refs: #37916 PR-URL: #37927 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Jiawen Geng <[email protected]>
- Add a paragraph about case-insensitivity of encoding options. - Document "utf-8", "utf-16le" and "ucs-2" aliases. - Always use "utf8" in documentation for defaults and examples. PR-URL: #37945 Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Exporting a variable that will be mutated later doesn't work. Refs: #37937 PR-URL: #37966 Reviewed-By: Matteo Collina <[email protected]> Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Gerhard Stöbich <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
PR-URL: #37893 Reviewed-By: Pooja D P <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Trivikram Kamat <[email protected]> Reviewed-By: Zijian Liu <[email protected]>
PR-URL: #37992 Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Jiawen Geng <[email protected]>
PR-URL: #37949 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: James M Snell <[email protected]>
As suggested in #37849 (comment) improve the error presented when encountering a large number of invalid frames by giving this situation a specific error code (which we should have had from the beginning). PR-URL: #37936 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Yongsheng Zhang <[email protected]>
This was missed in the original PR. Refs: #34912 PR-URL: #37965 Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Anto Aravinth <[email protected]> Reviewed-By: James M Snell <[email protected]>
Add documentation for net.connect AbortSignal, and add the support to tls.connect as well PR-URL: #37735 Reviewed-By: Benjamin Gruenbaum <[email protected]> Reviewed-By: James M Snell <[email protected]>
Add abort signal support to Interface PR-URL: #37932 Reviewed-By: Benjamin Gruenbaum <[email protected]> Reviewed-By: James M Snell <[email protected]>
fix pre-aborted question handling PR-URL: #37929 Reviewed-By: Benjamin Gruenbaum <[email protected]> Reviewed-By: James M Snell <[email protected]>
Change the wording to make the language more Inclusive. PR-URL: #37903 Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Pooja D P <[email protected]> Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: James M Snell <[email protected]>
Change the wording to make the language more Inclusive. PR-URL: #37933 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Beth Griggs <[email protected]> Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Ruben Bridgewater <[email protected]>
PR-URL: #37950 Reviewed-By: Pooja D P <[email protected]> Reviewed-By: Harshitha K P <[email protected]> Reviewed-By: Rich Trott <[email protected]>
Signed-off-by: James M Snell <[email protected]> PR-URL: #37917 Reviewed-By: Matteo Collina <[email protected]>
Signed-off-by: James M Snell <[email protected]> PR-URL: #37917 Reviewed-By: Matteo Collina <[email protected]>
Signed-off-by: James M Snell <[email protected]> PR-URL: #37917 Reviewed-By: Matteo Collina <[email protected]>
The last als.run() will reactivate the als, hence the test should test for getting the object, not undefined PR-URL: #38008 Reviewed-By: Gerhard Stöbich <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Colin Ihrig <[email protected]>
nodejs-github-bot
added
doc
PR-URL: #38029 Refs: https://www.w3.org/TR/WebCryptoAPI/#rsassa-pkcs1 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Tobias Nießen <[email protected]>
PR-URL: #38024 Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Filip Skokan <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Juan José Arboleda <[email protected]>
Fixes: #37391 PR-URL: #37490 Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: James M Snell <[email protected]>
PR-URL: #38011 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Michael Dawson <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Rich Trott <[email protected]>
MylesBorins
added a commit
that referenced
this pull request
Apr 5, 2021
Vulnerabilities fixed: - **CVE-2021-3450**: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) - **CVE-2021-3449**: OpenSSL - NULL pointer deref in signature_algorithms processing (High) - **CVE-2020-7774**: npm upgrade - Update y18n to fix Prototype-Pollution (High) Other Notable changes: fs: * (SEMVER-MINOR) add support for async iterators to `fsPromises.writeFile` (HiroyukiYagihashi) #37490 net: * (SEMVER-MINOR) allow net.BlockList to use net.SocketAddress objects (James M Snell) #37917 * (SEMVER-MINOR) add SocketAddress class (James M Snell) #37917 * (SEMVER-MINOR) make net.BlockList cloneable (James M Snell) #37917 net,tls: * (SEMVER-MINOR) add abort signal support to connect (Nitzan Uziely) #37735 readline: * (SEMVER-MINOR) add AbortSignal support to interface (Nitzan Uziely) #37932 PR-URL: #38084
MylesBorins
force-pushed
the
v15.14.0-proposal
branch
from
28cf81b to
02160fd
Compare
MylesBorins
added a commit
that referenced
this pull request
Apr 6, 2021
Notable Changes: This is a security release. Vulnerabilities fixed: - **CVE-2021-3450**: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) - **CVE-2021-3449**: OpenSSL - NULL pointer deref in signature_algorithms processing (High) - **CVE-2020-7774**: npm upgrade - Update y18n to fix Prototype-Pollution (High) Other Notable changes: fs: * (SEMVER-MINOR) add support for async iterators to `fsPromises.writeFile` (HiroyukiYagihashi) #37490 net: * (SEMVER-MINOR) allow net.BlockList to use net.SocketAddress objects (James M Snell) #37917 * (SEMVER-MINOR) add SocketAddress class (James M Snell) #37917 * (SEMVER-MINOR) make net.BlockList cloneable (James M Snell) #37917 net,tls: * (SEMVER-MINOR) add abort signal support to connect (Nitzan Uziely) #37735 readline: * (SEMVER-MINOR) add AbortSignal support to interface (Nitzan Uziely) #37932 PR-URL: #38084
MylesBorins
force-pushed
the
v15.14.0-proposal
branch
from
02160fd to
7f4f37c
Compare
Notable Changes: This is a security release. Vulnerabilities fixed: - **CVE-2021-3450**: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) - **CVE-2021-3449**: OpenSSL - NULL pointer deref in signature_algorithms processing (High) - **CVE-2020-7774**: npm upgrade - Update y18n to fix Prototype-Pollution (High) Other Notable changes: fs: * (SEMVER-MINOR) add support for async iterators to `fsPromises.writeFile` (HiroyukiYagihashi) #37490 net: * (SEMVER-MINOR) allow net.BlockList to use net.SocketAddress objects (James M Snell) #37917 * (SEMVER-MINOR) add SocketAddress class (James M Snell) #37917 * (SEMVER-MINOR) make net.BlockList cloneable (James M Snell) #37917 net,tls: * (SEMVER-MINOR) add abort signal support to connect (Nitzan Uziely) #37735 readline: * (SEMVER-MINOR) add AbortSignal support to interface (Nitzan Uziely) #37932 PR-URL: #38084
MylesBorins
force-pushed
the
v15.14.0-proposal
branch
from
7f4f37c to
1a34e9c
Compare
|
@bricss I unfortunately don't have time to add them back and re run all the testing. it will have to wait for the next release |
MylesBorins
added a commit
that referenced
this pull request
Apr 6, 2021
Notable Changes: This is a security release. Vulnerabilities fixed: - **CVE-2021-3450**: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) - **CVE-2021-3449**: OpenSSL - NULL pointer deref in signature_algorithms processing (High) - **CVE-2020-7774**: npm upgrade - Update y18n to fix Prototype-Pollution (High) Other Notable changes: fs: * (SEMVER-MINOR) add support for async iterators to `fsPromises.writeFile` (HiroyukiYagihashi) #37490 net: * (SEMVER-MINOR) allow net.BlockList to use net.SocketAddress objects (James M Snell) #37917 * (SEMVER-MINOR) add SocketAddress class (James M Snell) #37917 * (SEMVER-MINOR) make net.BlockList cloneable (James M Snell) #37917 net,tls: * (SEMVER-MINOR) add abort signal support to connect (Nitzan Uziely) #37735 readline: * (SEMVER-MINOR) add AbortSignal support to interface (Nitzan Uziely) #37932 PR-URL: #38084
MylesBorins
added a commit
to nodejs/nodejs.org
that referenced
this pull request
Apr 6, 2021
MylesBorins
added a commit
to nodejs/nodejs.org
that referenced
this pull request
Apr 6, 2021
richardlau
added a commit
to richardlau/nodejs.org
that referenced
this pull request
Apr 12, 2021
Add links for Windows 64-bit Installer and Source Code. Refs: nodejs/node#38084
richardlau
added a commit
to nodejs/nodejs.org
that referenced
this pull request
Apr 12, 2021
Add links for Windows 64-bit Installer and Source Code. Refs: nodejs/node#38084
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
2021-04-06, Version 15.14.0 (Current), @MylesBorins
This is a security release.
Notable Changes
Vulnerabilties Fixed:
Other Notable Changes:
b6f4901221] - (SEMVER-MINOR) fs: add support for async iterators tofsPromises.writeFile(HiroyukiYagihashi) #374900709cbb7fe] - (SEMVER-MINOR) net: allow net.BlockList to use net.SocketAddress objects (James M Snell) #37917daa8a7bbcf] - (SEMVER-MINOR) net: add SocketAddress class (James M Snell) #37917a4169ce519] - (SEMVER-MINOR) net: make net.BlockList cloneable (James M Snell) #37917669b81c68b] - (SEMVER-MINOR) net,tls: add abort signal support to connect (Nitzan Uziely) #37735a1123f0a29] - (SEMVER-MINOR) readline: add AbortSignal support to interface (Nitzan Uziely) #37932Commits
ac69b95e47] - crypto: use correct webcrypto RSASSA-PKCS1-v1_5 algorithm name (Filip Skokan) #38029960c6be229] - crypto: add buffering to randomInt (Tobias Nießen) #351104ef102d34e] - deps: update to [email protected] (Guy Bedford) #37992f0e77149a4] - deps: update archs files for OpenSSL-1.1.1k (Hassaan Pasha) #37916bbdcdad2c6] - deps: upgrade openssl sources to 1.1.1k+quic (Hassaan Pasha) #37916913ec56798] - deps: cjs-module-lexer: cherry-pick 22093e765f (pezhmanparsaee) #37895afc6ab2122] - doc: fix asyncLocalStorage.run() description (Darkripper214) #38023b40d35d649] - doc: document how to unref stdin when using readline.Interface (Anu Pasumarthy) #38019ce14080473] - doc: move psmarshall to collaborators emeriti (Peter Marshall) #37994ae70aa3c63] - doc: add distinctive color for code elements inside links (Antoine du Hamel) #379508792c7c96b] - doc: add missing events.on metadata (Anna Henningsen) #37965a57dc06adf] - doc: improve Buffer's encoding documentation (Michaël Zasso) #37945f3fabb57cf] - doc: add missing cleanup step in OpenSSL upgrade (Tobias Nießen) #3792713c3924af8] - doc: add Windows-specific info to subprocess.kill() (João Lucas Lucchetta) #34867b6f4901221] - (SEMVER-MINOR) fs: add support for async iterators tofsPromises.writeFile(HiroyukiYagihashi) #37490ad7e34446c] - fs: fix chown abort (Darshan Sen) #38004d86aca9a77] - http: optimize debug function correctly (Michaël Zasso) #37966062541aae5] - http2: add specific error code for custom frames (Anna Henningsen) #379368525231902] - lib: change wording in lib/domain.js comment (Akhil Marsonya) #3793321e399be4c] - lib: change wording in lib/internal/child_process comment (Akhil Marsonya) #379033ab9619e56] - module: improve error message for invalid data URL (Antoine du Hamel) #377010709cbb7fe] - (SEMVER-MINOR) net: allow net.BlockList to use net.SocketAddress objects (James M Snell) #37917daa8a7bbcf] - (SEMVER-MINOR) net: add SocketAddress class (James M Snell) #37917a4169ce519] - (SEMVER-MINOR) net: make net.BlockList cloneable (James M Snell) #37917669b81c68b] - (SEMVER-MINOR) net,tls: add abort signal support to connect (Nitzan Uziely) #37735a94cc27cbe] - path: refactor to use more primordials (Akhil Marsonya) #378936cc1e15669] - readline: fix pre-aborted signal question handling (Nitzan Uziely) #37929a1123f0a29] - (SEMVER-MINOR) readline: add AbortSignal support to interface (Nitzan Uziely) #37932629e72e9f4] - src: fix typo in node_mutex (Tobias Nießen) #38011e61cc0bfb0] - src: fix typos in crypto comments (Tobias Nießen) #380246ad0b6f0f5] - src: fix error handling for CryptoJob::ToResult (Tobias Nießen) #370763175559bed] - test: add extra space in test failure output (Qingyu Deng) #379570243376cfc] - test: use faster variant for rss (Pooja D P) #36839b02c352ad6] - test: fix test-tls-no-sslv3 for OpenSSL 3 (Richard Lau) #380270db1a1eacf] - test: deflake test-fs-read-optional-params (Luigi Pinca) #379914d50975cd7] - test: improve clarity of ALS-enable-disable.js (Darkripper214) #380085e15ae05d0] - test: add DataView test case for v8 serdes (Rich Trott) #379556d28a24f1c] - tools: update ESLint to 7.23.0 (Luigi Pinca) #3797951e7a33d54] - tools,doc: add "legacy" badge in the TOC (Antoine du Hamel) #37949570fbcef93] - url: forbid pipe in URL host (Darshan Sen) #37877