PR-URL: #48283
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Debadree Chatterjee <debadree333@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>

PR-URL: #50274
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

PR-URL: #50027
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>

Signed-off-by: Ulises Gascon <UlisesGascon@users.noreply.github.com>

Refs: nodejs/build#3385
PR-URL: #48701
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>

Refs: nodejs/build#3385 (comment)
PR-URL: #50291
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Richard Lau <rlau@redhat.com>

PR-URL: #50390
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

PR-URL: #50389
Fixes: nodejs/build#3529
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

PR-URL: #49657
Backport-PR-URL: #50268
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Jacob Smith <jacob@frende.me>

PR-URL: #49665
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>

PR-URL: #49659
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>

PR-URL: #49523
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>

PR-URL: #49646
Fixes: #48937
Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

Migrate the remaining error tests in the `test/message` folder
from Python to JS.

Fixes: #47707
PR-URL: #49721
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Chemi Atlow <chemi@atlow.co.il>

Original commit message:

    fix: EmbeddedTargetOs on IBM i with Python 3.9

    For some context, Python 3.9 on IBM i returns "os400" for sys.platform
    instead of "aix". We used to build with Python 3.6 which returned "aix"
    as the platform

    When attempting to build Node.js with python 3.9 on IBM i we run into a
    build error.

    Ref: #48056
    Ref: #48056 (comment)

    I'm not quite sure where target_os is being passed down to the function ToEmbeddedTargetOs.
    It seems as though target_os is being generated from sys.platform or
    similar call from python as we started running into this issue after
    building with Python 3.9.

    This PR supersedes initial changes proposed in:
    https://chromium-review.googlesource.com/c/v8/v8/+/4259330

    This PR contains the minimal changes to successfully build Node.js (builds v8 as an internal dep)
    on IBM i with Python 3.9.

    Change-Id: I32d43197bce994a72a0d85091e91f80eeea4482d
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4846413
    Commit-Queue: Jakob Linke <jgruber@chromium.org>
    Reviewed-by: Michael Achenbach <machenbach@chromium.org>
    Reviewed-by: Jakob Linke <jgruber@chromium.org>
    Cr-Commit-Position: refs/heads/main@{#89981}

Refs: v8/v8@8ec2651
PR-URL: #49862
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>

PR-URL: #49654
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Raz Luvaton <rluvaton@gmail.com>

V8 will soon support typed arrays as large as the maximum array buffer
length. This patch replaces hardcoded values related to
Buffer.kMaxLength with the actual constant.
It also fixes a test that was passing by accident.

Refs: v8/v8@44b2995
PR-URL: #49876
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>

fixup

add test

lint

fixup

update doc/node.1

PR-URL: #49830
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>

PR-URL: #49877
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>

Pings for the website team aren't working because the team name
changed but it did not get updated in CODEOWNERS.

PR-URL: #49883
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Claudio Wunder <cwunder@gnome.org>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>

PR-URL: #49869
Reviewed-By: Guy Bedford <guybedford@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>

PR-URL: #49887
Fixes: #49724
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: LiviaMedeiros <livia@cirno.name>
Reviewed-By: Jacob Smith <jacob@frende.me>
Reviewed-By: Chemi Atlow <chemi@atlow.co.il>

PR-URL: #49566
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>

PR-URL: #49642
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: LiviaMedeiros <livia@cirno.name>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>

PR-URL: #49688
Refs: #48325
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>

There is an `if` statement that likely should have been
an `else` in the original PR.

Refs: #48915
PR-URL: #49943
Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Raz Luvaton <rluvaton@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: LiviaMedeiros <livia@cirno.name>

PR-URL: #49872
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

Much earlier, a design decision was made that the permission model
should not prevent following symbolic links to presumably inaccessible
locations. Recently, after some back and forth, it had been decided that
it is indeed a vulnerability that symbolic links, which currently point
to an accessible location, can potentially be re-targeted to point to a
presumably inaccessible location. Nevertheless, months later, no
solution has been found and the issue is deemed unfixable in the context
of the current permission model implementation, so it was decided to
disclose the vulnerability and to shift responsibiliy onto users who are
now responsible for ensuring that no potentially dangerous symlinks
exist in any directories that they grant access to.

I believe that this design issue might be surprising and that it comes
with significant security implications for users, so it should be
documented.

Original vulnerability report: https://hackerone.com/reports/1961655

PR-URL: #49154
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>

Notable changes:

deps:
  * (SEMVER-MINOR) update uvwasi to 0.0.19 (Node.js GitHub Bot) #49908
doc:
  * add H4ad to collaborators (Vinícius Lourenço) #50217
esm:
  * (SEMVER-MINOR) detect ESM syntax in ambiguous JavaScript (Geoffrey Booth) #50096
  * use import attributes instead of import assertions (Antoine du Hamel) #50140
  * --experimental-default-type flag to flip module defaults (Geoffrey Booth) #49869
fs:
  * (SEMVER-MINOR) add flush option to appendFile() functions (Colin Ihrig) #50095
  * add flush option to writeFile() functions (Colin Ihrig) #50009
lib:
  * (SEMVER-MINOR) add WebSocket client (Matthew Aitken) #49830
stream:
  * (SEMVER-MINOR) allow pass stream class to `stream.compose` (Alex Yang) #50187
  * call helper function from push and unshift (Raz Luvaton) #50173
  * optimize Writable (Robert Nagy) #50012
test_runner, cli:
  * (SEMVER-MINOR) add --test-concurrency flag (Colin Ihrig) #49996
vm:
  * (SEMVER-MINOR) use import attributes instead of import assertions (Antoine du Hamel) #50141
  * use default HDO when importModuleDynamically is not set (Joyee Cheung) #49950
wasi:

PR-URL: #50682

Notable changes:

deps:
  * (SEMVER-MINOR) update uvwasi to 0.0.19 (Node.js GitHub Bot) nodejs#49908
doc:
  * add H4ad to collaborators (Vinícius Lourenço) nodejs#50217
esm:
  * (SEMVER-MINOR) detect ESM syntax in ambiguous JavaScript (Geoffrey Booth) nodejs#50096
  * use import attributes instead of import assertions (Antoine du Hamel) nodejs#50140
  * --experimental-default-type flag to flip module defaults (Geoffrey Booth) nodejs#49869
fs:
  * (SEMVER-MINOR) add flush option to appendFile() functions (Colin Ihrig) nodejs#50095
  * add flush option to writeFile() functions (Colin Ihrig) nodejs#50009
lib:
  * (SEMVER-MINOR) add WebSocket client (Matthew Aitken) nodejs#49830
stream:
  * (SEMVER-MINOR) allow pass stream class to `stream.compose` (Alex Yang) nodejs#50187
  * call helper function from push and unshift (Raz Luvaton) nodejs#50173
  * optimize Writable (Robert Nagy) nodejs#50012
test_runner, cli:
  * (SEMVER-MINOR) add --test-concurrency flag (Colin Ihrig) nodejs#49996
vm:
  * (SEMVER-MINOR) use import attributes instead of import assertions (Antoine du Hamel) nodejs#50141
  * use default HDO when importModuleDynamically is not set (Joyee Cheung) nodejs#49950
wasi:

PR-URL: nodejs#50682

Notable changes:

deps:
  * (SEMVER-MINOR) update uvwasi to 0.0.19 (Node.js GitHub Bot) nodejs#49908
doc:
  * add H4ad to collaborators (Vinícius Lourenço) nodejs#50217
esm:
  * (SEMVER-MINOR) detect ESM syntax in ambiguous JavaScript (Geoffrey Booth) nodejs#50096
  * use import attributes instead of import assertions (Antoine du Hamel) nodejs#50140
  * --experimental-default-type flag to flip module defaults (Geoffrey Booth) nodejs#49869
fs:
  * (SEMVER-MINOR) add flush option to appendFile() functions (Colin Ihrig) nodejs#50095
  * add flush option to writeFile() functions (Colin Ihrig) nodejs#50009
lib:
  * (SEMVER-MINOR) add WebSocket client (Matthew Aitken) nodejs#49830
stream:
  * (SEMVER-MINOR) allow pass stream class to `stream.compose` (Alex Yang) nodejs#50187
  * call helper function from push and unshift (Raz Luvaton) nodejs#50173
  * optimize Writable (Robert Nagy) nodejs#50012
test_runner, cli:
  * (SEMVER-MINOR) add --test-concurrency flag (Colin Ihrig) nodejs#49996
vm:
  * (SEMVER-MINOR) use import attributes instead of import assertions (Antoine du Hamel) nodejs#50141
  * use default HDO when importModuleDynamically is not set (Joyee Cheung) nodejs#49950
wasi:

PR-URL: nodejs#50682