v18.7.0 proposal by danielleadams · Pull Request #43993 · nodejs/node
and others added 30 commits
July 21, 2022 16:41
PR-URL: #43826 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com>
PR-URL: #43917 Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Mestery <mestery@protonmail.com> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
PR-URL: #43729 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
This change adds a new script that queries vulnerability databases in order to find if any of Node's dependencies is vulnerable. The `deps/` directory of Node's repo is scanned to gather the currently used version of each dependency, and if any vulnerability is found for that version a message is printed out with its ID and a link to a description of the issue. Refs: nodejs/security-wg#802 PR-URL: #43362 Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Fix uninitialized pointer field warning in test Signed-off-by: Michael Dawson <mdawson@devrus.com> PR-URL: #43631 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: #43758 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Signed-off-by: Varun Sharma <varunsh@stepsecurity.io> PR-URL: #43743 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
Move big and/or infrequently used functions from env-inl.h to env.cc to speed up build times and reduce binary bloat. This commit also touches async_wrap-inl.h and base_object-inl.h because those are closely interwined with env-inl.h. Non-functional change. Refs: #43712 PR-URL: #43745 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com>
PR-URL: #43769 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
PR-URL: #43515 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
This function returns a Proxy object that throws on attempt to mutate it Functions and primitives are returned directly PR-URL: #43196 Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
PR-URL: #43196 Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
PR-URL: #43770 Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
Original commit message:
[module] Fix aborts in terminated async module evaluation
SourceTextModule::ExecuteAsyncModule asserts the execution of
the module's async function to succeed without exception. However,
the problem is that TerminateExecution initiated by embedders is
breaking that assumption. The execution can be terminated with an
exception and the exception is not catchable by JavaScript.
The uncatchable exceptions during the async module evaluation need
to be raised to the embedder and not crash the process if possible.
Refs: #43182
Change-Id: Ifc152428b95945b6b49a2f70ba35018cfc0ce40b
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3696493
Reviewed-by: Camillo Bruni <cbruni@chromium.org>
Commit-Queue: Chengzhong Wu <legendecas@gmail.com>
Cr-Commit-Position: refs/heads/main@{#81307}
Refs: v8/v8@22698d2
PR-URL: #43751
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Gus Caplan <me@gus.host>
PR-URL: #43751 Refs: v8/v8@22698d2 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Gus Caplan <me@gus.host>
PR-URL: #43739 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Beth Griggs <bgriggs@redhat.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Myles Borins <myles.borins@gmail.com>
Signed-off-by: Matteo Collina <hello@matteocollina.com> PR-URL: #43775 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Beth Griggs <bgriggs@redhat.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Robert Nagy <ronagy@icloud.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
PR-URL: #43556 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
PR-URL: #43797 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Support for the 'node:' prefixed builtin module namespace was introduced for `require()` expressions in Node v16.0.0, and backported to v14.18.0. This was never supported in Node v15.x or chronologically older. All of the current API history notes in the docs using 'node:' prefixed module `require()`s happen to be documenting changes in Node versions from before the time when support was first introduced. This commit reverts those `require()`s in the history notes to be un-prefixed. (They were incorrect as written; The prefixed `require()`s would not work for those older Node versions.) This change prevents the API history notes from inaccurately implying 'node:' prefixed builtin modules were introduced many Node versions ago, or were `require()`-able with the 'node:' prefix in those Node versions. Refs: #35387 Refs: #37246 Refs: #42752 PR-URL: #43768 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
PR-URL: #39775 Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Adds a new top-level subscribe/unsubscribe which will ref/unref the channel WeakReference to prevent subscriptions from getting garbage collected. PR-URL: #42714 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com>
PR-URL: #42714 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com>
Instead of accepting either a std::string or a mysterious Local<Value>, accept any std::string_view, which can trivially be constructed from both strings and ArrayBufferViews. This also removes the need to check IsArrayBufferView() inside of SetALPN, which was dead code anyway. PR-URL: #43756 Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Rewrite FindDiffieHellmanGroup() using OpenSSL helper functions to obtain the required constants directly, instead of loading them from our own crypto_groups.h and converting them to BIGNUMs. This also removes the need for the struct modp_group, so we can delete crypto_groups.h altogether. PR-URL: #43896 Reviewed-By: Filip Skokan <panva.ip@gmail.com>
PR-URL: #43985 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
nodejs-github-bot
added
meta
labels
Jul 26, 2022danielleadams added a commit that referenced this pull request
Jul 26, 2022
Notable changes: * doc: * add F3n67u to collaborators (Feng Yu)#43953 * deprecate coercion to integer in process.exit (Daeyeon Jeong) #43738 * (SEMVER-MINOR) deprecate diagnostics_channel object subscribe method (Stephen Belanger) #42714 * events: * (SEMVER-MINOR) expose CustomEvent on global with CLI flag (Daeyeon Jeong) #43885 * (SEMVER-MINOR) add `CustomEvent` (Daeyeon Jeong) #43514 * http: * (SEMVER-MINOR) add drop request event for http server (theanarkh) #43806 * lib: * (SEMVER-MINOR) improved diagnostics_channel subscribe/unsubscribe (Stephen Belanger) #42714 * util: * (SEMVER-MINOR) add tokens to parseArgs (John Gee) #43459 PR-URL: #43993
Notable changes: * doc: * add F3n67u to collaborators (Feng Yu) #43953 * deprecate coercion to integer in process.exit (Daeyeon Jeong) #43738 * (SEMVER-MINOR) deprecate diagnostics_channel object subscribe method (Stephen Belanger) #42714 * events: * (SEMVER-MINOR) expose CustomEvent on global with CLI flag (Daeyeon Jeong) #43885 * (SEMVER-MINOR) add `CustomEvent` (Daeyeon Jeong) #43514 * http: * (SEMVER-MINOR) add drop request event for http server (theanarkh) #43806 * lib: * (SEMVER-MINOR) improved diagnostics_channel subscribe/unsubscribe (Stephen Belanger) #42714 * util: * (SEMVER-MINOR) add tokens to parseArgs (John Gee) #43459 PR-URL: #43993
danielleadams added a commit that referenced this pull request
Jul 26, 2022
Notable changes: * doc: * add F3n67u to collaborators (Feng Yu) #43953 * deprecate coercion to integer in process.exit (Daeyeon Jeong) #43738 * (SEMVER-MINOR) deprecate diagnostics_channel object subscribe method (Stephen Belanger) #42714 * events: * (SEMVER-MINOR) expose CustomEvent on global with CLI flag (Daeyeon Jeong) #43885 * (SEMVER-MINOR) add `CustomEvent` (Daeyeon Jeong) #43514 * http: * (SEMVER-MINOR) add drop request event for http server (theanarkh) #43806 * lib: * (SEMVER-MINOR) improved diagnostics_channel subscribe/unsubscribe (Stephen Belanger) #42714 * util: * (SEMVER-MINOR) add tokens to parseArgs (John Gee) #43459 PR-URL: #43993
This was referenced
Jul 27, 2022Fyko pushed a commit to Fyko/node that referenced this pull request
Sep 15, 2022
Notable changes: * doc: * add F3n67u to collaborators (Feng Yu) nodejs#43953 * deprecate coercion to integer in process.exit (Daeyeon Jeong) nodejs#43738 * (SEMVER-MINOR) deprecate diagnostics_channel object subscribe method (Stephen Belanger) nodejs#42714 * events: * (SEMVER-MINOR) expose CustomEvent on global with CLI flag (Daeyeon Jeong) nodejs#43885 * (SEMVER-MINOR) add `CustomEvent` (Daeyeon Jeong) nodejs#43514 * http: * (SEMVER-MINOR) add drop request event for http server (theanarkh) nodejs#43806 * lib: * (SEMVER-MINOR) improved diagnostics_channel subscribe/unsubscribe (Stephen Belanger) nodejs#42714 * util: * (SEMVER-MINOR) add tokens to parseArgs (John Gee) nodejs#43459 PR-URL: nodejs#43993
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters