chore(deps): update node.js to v17 (!73) · Merge requests · Griefed / griefed-de

RenovateBot requested to merge renovate/node-17.x into master Nov 15, 2021

This MR contains the following updates:

Package	Type	Update	Change
node	stage	major	`16.6.1-alpine3.13` -> `17.1.0-alpine3.13`

Release Notes

nodejs/node

`v17.1.0`

Compare Source

Notable Changes

[89b34ecffb] - doc: add VoltrexMaster to collaborators (voltrexmaster) #40566
[95e4d29eb4] - (SEMVER-MINOR) esm: add support for JSON import assertion (Antoine du Hamel) #40250
[1ddbae2d76] - (SEMVER-MINOR) lib: add unsubscribe method to non-active DC channels (simon-id) #40433
[aa61551b49] - (SEMVER-MINOR) lib: add return value for DC channel.unsubscribe (simon-id) #40433
[fbeb895ca6] - (SEMVER-MINOR) v8: multi-tenant promise hook api (Stephen Belanger) #39283

Commits

[8a00dc5add] - build: skip long-running Actions for README-only modifications (Rich Trott) #40571
[9f46fca124] - build: disable v8 pointer compression on 32bit archs (Cheng Zhao) #40418
[5bef74395d] - deps: patch V8 to 9.5.172.25 (Michaël Zasso) #40604
[3805b806ee] - deps: upgrade npm to 8.1.2 (npm team) #40643
[c003ba131b] - deps: update c-ares to 1.18.1 (Richard Lau) #40660
[841f35cc52] - deps: upgrade npm to 8.1.1 (npm team) #40554
[8d16f0d2d3] - deps: V8: cherry-pick 422dc37 (Ray Wang) #40450
[cdf5c44d62] - deps: add riscv64 config into openssl gypi (Lu Yahan) #40473
[2b9fcdfe26] - deps: attempt to suppress macro-redefined warning (Daniel Bevenius) #40518
[d2839bfaa9] - deps: regenerate OpenSSL arch files (Daniel Bevenius) #40518
[5df8ce5cbe] - deps,build,tools: fix openssl-is-fips for ninja builds (Daniel Bevenius) #40518
[79bf429405] - dgram: fix send with out of bounds offset + length (Nitzan Uziely) #40568
[c29658fda7] - doc: update cjs-module-lexer repo link (Guy Bedford) #40707
[e374f3ddd9] - doc: fix lint re-enabling comment in README.md (Rich Trott) #40647
[ecccf48106] - doc: format v8.md in preparation for stricter linting (Rich Trott) #40647
[95a7117037] - doc: final round of markdown format changes (Rich Trott) #40645
[c104f5a9ab] - doc: remove --experimental-modules documentation (FrankQiu) #38974
[ac81f89bbf] - doc: update tracking issues of startup performance (Joyee Cheung) #40629
[65effa11fc] - doc: fix markdown syntax and HTML tag misses (ryan) #40608
[c78d708a16] - doc: use 'GitHub Actions workflow' instead (Mestery) #40586
[71bac70bf2] - doc: ref OpenSSL legacy provider from crypto docs (Tobias Nießen) #40593
[8f410229ac] - doc: add node: url scheme (Daniel Nalborczyk) #40573
[35dbed21f2] - doc: call cwd function (Daniel Nalborczyk) #40573
[4870a23ccc] - doc: remove unused imports (Daniel Nalborczyk) #40573
[5951ccc12e] - doc: simplify CHANGELOG.md (Rich Trott) #40475
[6ae134ecb7] - doc: correct esm spec scope lookup definition (Guy Bedford) #40592
[09239216f6] - doc: update CHANGELOG.md for Node.js 16.13.0 (Richard Lau) #40617
[46ec5ac4df] - doc: add info on project's usage of coverity (Michael Dawson) #40506
[7eb1a44410] - doc: fix typo in changelogs (Luigi Pinca) #40585
[132f6cba05] - doc: update onboarding task (Rich Trott) #40570
[5e2d0ed61e] - doc: simplify ccache instructions (Rich Trott) #40550
[c1c1738bfc] - doc: fix macOS environment variables for ccache (Rich Trott) #40550
[6e3e50f2ab] - doc: improve async_context introduction (Michaël Zasso) #40560
[1587fe62d4] - doc: use GFM footnotes in webcrypto.md (Rich Trott) #40477
[305c022db4] - doc: describe buffer limit of v8.serialize (Ray Wang) #40243
[6e39e0e10a] - doc: run license-builder (Rich Trott) #40540
[556e49ccb5] - doc: use GFM footnotes in maintaining-V8.md (#40476) (Rich Trott) #40476
[9c6a9fd5b1] - doc: use GFM footnotes in BUILDING.md (Rich Trott) #40474
[fd946215cc] - doc: fix fs.symlink code example (Juan José Arboleda) #40414
[404730ac1b] - doc: update for changed --dns-result-order default (Richard Lau) #40538
[acc22c7c4a] - doc: add missing entry in globals.md (Antoine du Hamel) #40531
[0375d958ef] - doc: explain backport labels (Stephen Belanger) #40520
[4993d87c49] - doc: fix entry for Slack channel in onboarding.md (Rich Trott) #40563
[89b34ecffb] - doc: add VoltrexMaster to collaborators (voltrexmaster) #40566
[6357ef15d0] - doc: document considerations for inclusion in core (Rich Trott) #40338
[ed04827373] - doc: update link in onboarding doc (Rich Trott) #40539
[34e244b8e9] - doc: clarify behavior of napi_extended_error_info (Michael Dawson) #40458
[5a588ff047] - doc: add updating expected assets to release guide (Richard Lau) #40470
[95e4d29eb4] - (SEMVER-MINOR) esm: add support for JSON import assertion (Antoine du Hamel) #40250
[825a683423] - http: response should always emit 'close' (Robert Nagy) #40543
[81cd7f3751] - lib: fix regular expression to detect `/` and `\` (Francesco Trotta) #40325
[1ddbae2d76] - (SEMVER-MINOR) lib: add unsubscribe method to non-active DC channels (simon-id) #40433
[aa61551b49] - (SEMVER-MINOR) lib: add return value for DC channel.unsubscribe (simon-id) #40433
[d97872dd98] - meta: use form schema for flaky test template (Michaël Zasso) #40737
[c2fabdbce8] - meta: update AUTHORS (Node.js GitHub Bot) #40668
[aa98c6bdce] - meta: consolidate AUTHORS entries for brettkiefer (Rich Trott) #40599
[18296c3d8e] - meta: consolidate AUTHORS entries for alexzherdev (Rich Trott) #40620
[88d812793d] - meta: consolidate AUTHORS entries for Azard (Rich Trott) #40619
[d81b65ca0e] - meta: move Fishrock123 to emeritus (Jeremiah Senkpiel) #40596
[ec02e7b68a] - meta: consolidate AUTHORS entries for clakech (Rich Trott) #40589
[08e7a2ff24] - meta: consolidate AUTHORS entries for darai0512 (Rich Trott) #40569
[488ee51f90] - meta: update AUTHORS (Node.js GitHub Bot) #40580
[ba9a6c5d06] - meta: consolidate AUTHORS entries for dfabulich (Rich Trott) #40527
[bd06e9945e] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #40464
[7cee125dcf] - meta: add Richard Lau to TSC list in README.md (Rich Trott) #40523
[6a771f8bcb] - meta: consolidate AUTHORS entries for dguo (Rich Trott) #40517
[e4c740646d] - meta: consolidate AUTHORS entries for cxreg (Rich Trott) #40490
[075cfbf941] - module: resolver & spec hardening /w refactoring (Guy Bedford) #40510
[b320387c83] - policy: fix message for invalid manifest specifier (Rich Trott) #40574
[ea968d54c5] - process: refactor execution (Voltrex) #40664
[fb7c437b0b] - src: make LoadEnvironment with string work with builtin modules path (Michaël Zasso) #40607
[e9388c87bf] - src: remove usage of AllocatedBuffer from node_http2 (Darshan Sen) #40584
[7a22f913b0] - src: fix #endif description in crypto_keygen.h (Tobias Nießen) #40639
[396342e26d] - src: throw error instead of assertion (Ray Wang) #40243
[accab383a1] - src: register external references in os bindings (Joyee Cheung) #40239
[a11f9ea4f0] - src: register external references in crypto bindings (Joyee Cheung) #40239
[ef1ace7e88] - src,crypto: use std::variant in DH params (Darshan Sen) #40457
[4433852f62] - src,crypto: remove AllocatedBuffer from crypto_cipher.cc (Darshan Sen) #40400
[814126c3ed] - src,fs: remove ToLocalChecked() call from fs::AfterMkdirp() (Darshan Sen) #40386
[d4b45cc249] - src,stream: remove *Check*() calls from non-Initialize() functions (Darshan Sen) #40425
[bac7fe0797] - stream: remove no longer necessary ComposeDuplex (Robert Nagy) #40545
[e58cce49fd] - test: disable warnings to fix flaky test (Antoine du Hamel) #40739
[8c103ab2ff] - test: skip macos sandbox test with builtin modules path (Michaël Zasso) #40607
[ac3bc6eed0] - test: add semicolon after chunk size (Luigi Pinca) #40487
[95fe9bb922] - test: deflake http2-cancel-while-client-reading (Luigi Pinca) #40659
[dfd0215266] - test: avoid deep comparisons with literals (Tobias Nießen) #40634
[5020f634b8] - test: mark test-policy-integrity flaky on Windows (Rich Trott) #40684
[8fa1c61e40] - test: fix test-datetime-change-notify after daylight change (Piotr Rybak) #40684
[179a5c5436] - test: test crypto.setEngine() using an actual engine (Darshan Sen) #40481
[cf6ded4db5] - test: use conventional argument order in assertion (Tobias Nießen) #40591
[aefb097d6a] - test: fix test description (Luigi Pinca) #40486
[126e669b84] - test,doc: correct documentation for runBenchmark() (Rich Trott) #40683
[1844463ce2] - test,tools: increase pummel/benchmark test timeout from 4x to 6x (Rich Trott) #40684
[f731f5ffb5] - test,tools: increase timeout for benchmark tests (Rich Trott) #40684
[bbc10f1849] - tools: simplify and fix commit queue (Michaël Zasso) #40742
[a3df50d810] - tools: ensure the MR was not pushed before merging (Antoine du Hamel) #40747
[306d953c15] - tools: update ESLint to 8.2.0 (Luigi Pinca) #40734
[b7e736843c] - tools: use GitHub Squash and Merge feature when using CQ (Antoine du Hamel) #40666
[50d102ec08] - tools: fix bug in prefer-primordials ESLint rule (Antoine du Hamel) #40628
[ec2cadef85] - tools: add script to update c-ares (Richard Lau) #40660
[5daa313215] - tools: notify user if format-md needs to be run (Rich Trott) #40647
[0787c781ce] - tools: abort CQ session when landing several commits (Antoine du Hamel) #40577
[ddc44ddfd9] - tools: fix commit-lint workflow (Antoine du Hamel) #40673
[47eddd7076] - tools: avoid unnecessary escaping in markdown formatter (Rich Trott) #40645
[c700de3705] - tools: avoid fetch extra commits when validating commit messages (Antoine du Hamel) #39128
[716963484b] - tools: update ESLint to 8.1.0 (Luigi Pinca) #40582
[9cb2116608] - tools: fix formatting of warning message in update-authors.js (Rich Trott) #40600
[507f1dbc8d] - tools: udpate doc tools to accommodate GFM footnotes (Rich Trott) #40477
[c2265a92c3] - tools: update license-builder.sh for OpenSSL (Rich Trott) #40540
[16624b404c] - tools,meta: remove exclusions from AUTHORS (Rich Trott) #40648
[a95e344fe5] - tty: support more CI services in getColorDepth (Richie Bendall) #40385
[b4194ff349] - typings: add more bindings typings (Mestery) #40415
[da859b56cb] - typings: add JSDoc typings for inspector (Voltrex) #38390
[90aa96dc44] - typings: improve internal bindings typings (Mestery) #40411
[1e9f3cc522] - typings: separate internalBinding typings (Mestery) #40409
[fbeb895ca6] - (SEMVER-MINOR) v8: multi-tenant promise hook api (Stephen Belanger) #39283

This release fixes an issue introduced in Node.js v17.0.0, where some V8 headers were missing from the distributed tarball, making it impossible to build native addons. These headers are now included. #40526

Fixed stream issues

Fixed a regression in stream.promises.pipeline, which was introduced in version 16.10.0, is fixed. It is now possible again to pass an array of streams to the function. #40193
Fixed a bug in stream.Duplex.from, which didn't work properly when an async generator function was passed to it. #40499

Commits

[3f033556c3] - build: include missing V8 headers in distribution (Michaël Zasso) #40526
[adbd92ef1d] - crypto: avoid double free (Michael Dawson) #40380
[8dce85aadc] - doc: format doc/api/*.md with markdown formatter (Rich Trott) #40403
[977016a72f] - doc: specify that maxFreeSockets is per host (Luigi Pinca) #40483
[f9f2442739] - src: add missing inialization in agent.h (Michael Dawson) #40379
[111f0bd9b6] - stream: fix fromAsyncGen (Robert Nagy) #40499
[b84f101049] - stream: support array of streams in promises pipeline (Mestery) #40193
[3f7c503b69] - test: adjust CLI flags test to ignore blank lines in doc (Rich Trott) #40403
[7c42d9fcc6] - test: split test-crypto-dh.js (Joyee Cheung) #40451

`v17.0.0`

Compare Source

Notable Changes

Deprecations and Removals

[f182b9b29f] - (SEMVER-MAJOR) dns: runtime deprecate type coercion of dns.lookup options (Antoine du Hamel) #39793
[4b030d0573] - doc: deprecate (doc-only) http abort related (dr-js) #36670
[36e2ffe6dc] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) #40121
[64287e4d45] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (Guy Bedford) #40117

OpenSSL 3.0

Node.js now includes OpenSSL 3.0, specifically quictls/openssl which provides QUIC support. With OpenSSL 3.0 FIPS support is again available using the new FIPS module. For details about how to build Node.js with FIPS support please see BUILDING.md.

While OpenSSL 3.0 APIs should be mostly compatible with those provided by OpenSSL 1.1.1, we do anticipate some ecosystem impact due to tightened restrictions on the allowed algorithms and key sizes.

If you hit an ERR_OSSL_EVP_UNSUPPORTED error in your application with Node.js 17, it’s likely that your application or a module you’re using is attempting to use an algorithm or key size which is no longer allowed by default with OpenSSL 3.0. A command-line option, --openssl-legacy-provider, has been added to revert to the legacy provider as a temporary workaround for these tightened restrictions.

For details about all the features in OpenSSL 3.0 please see the OpenSSL 3.0 release blog.

Contributed in https://github.com/nodejs/node/pull/38512, https://github.com/nodejs/node/pull/40478

V8 9.5

The V8 JavaScript engine is updated to V8 9.5. This release comes with additional supported types for the Intl.DisplayNames API and Extended timeZoneName options in the Intl.DateTimeFormat API.

You can read more details in the V8 9.5 release post - https://v8.dev/blog/v8-release-95.

Contributed by Michaël Zasso - https://github.com/nodejs/node/pull/40178

Readline Promise API

The readline module provides an interface for reading data from a Readable stream (such as process.stdin) one line at a time.

The following simple example illustrates the basic use of the readline module:

import * as readline from 'node:readline/promises';
import { stdin as input, stdout as output } from 'process';

const rl = readline.createInterface({ input, output });

const answer = await rl.question('What do you think of Node.js? ');

console.log(`Thank you for your valuable feedback: ${answer}`);

rl.close();

Contributed by Antoine du Hamel - https://github.com/nodejs/node/pull/37947

Other Notable Changes

[1b2749ecbe] - (SEMVER-MAJOR) dns: default to verbatim=true in dns.lookup() (treysis) #39987
[59d3d542d6] - (SEMVER-MAJOR) errors: print Node.js version on fatal exceptions that cause exit (Divlo) #38332
[a35b7e0427] - deps: upgrade npm to 8.1.0 (npm team) #40463
[6cd12be347] - (SEMVER-MINOR) fs: add FileHandle.prototype.readableWebStream() (James M Snell) #39331
[d0a898681f] - (SEMVER-MAJOR) lib: add structuredClone() global (Ethan Arrowood) #39759
[e4b1fb5e64] - (SEMVER-MAJOR) lib: expose DOMException as global (Khaidi Chu) #39176
[0738a2b7bd] - (SEMVER-MAJOR) stream: finished should error on errored stream (Robert Nagy) #39235

Semver-Major Commits

[9dfa30bdd5] - (SEMVER-MAJOR) build: compile with C++17 (MSVC) (Richard Lau) #38807
[9f0bc602e4] - (SEMVER-MAJOR) build: compile with --gnu++17 (Richard Lau) #38807
[62719c5fd2] - (SEMVER-MAJOR) deps: update V8 to 9.5.172.19 (Michaël Zasso) #40178
[66da32c045] - (SEMVER-MAJOR) deps,test,src,doc,tools: update to OpenSSL 3.0 (Daniel Bevenius) #38512
[40c6e838df] - (SEMVER-MAJOR) dgram: tighten address validation in socket.send (Voltrex) #39190
[f182b9b29f] - (SEMVER-MAJOR) dns: runtime deprecate type coercion of dns.lookup options (Antoine du Hamel) #39793
[1b2749ecbe] - (SEMVER-MAJOR) dns: default to verbatim=true in dns.lookup() (treysis) #39987
[ae876d420c] - (SEMVER-MAJOR) doc: update minimum supported FreeBSD to 12.2 (Michaël Zasso) #40179
[59d3d542d6] - (SEMVER-MAJOR) errors: print Node.js version on fatal exceptions that cause exit (Divlo) #38332
[f9447b71a6] - (SEMVER-MAJOR) fs: fix rmsync error swallowing (Nitzan Uziely) #38684
[f27b7cf95c] - (SEMVER-MAJOR) fs: aggregate errors in fsPromises to avoid error swallowing (Nitzan Uziely) #38259
[d0a898681f] - (SEMVER-MAJOR) lib: add structuredClone() global (Ethan Arrowood) #39759
[e4b1fb5e64] - (SEMVER-MAJOR) lib: expose DOMException as global (Khaidi Chu) #39176
[36e2ffe6dc] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) #40121
[64287e4d45] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (Guy Bedford) #40117
[707dd77d86] - (SEMVER-MAJOR) readline: validate AbortSignals and remove unused event listeners (Antoine du Hamel) #37947
[8122d243ae] - (SEMVER-MAJOR) readline: introduce promise-based API (Antoine du Hamel) #37947
[592d1c3d44] - (SEMVER-MAJOR) readline: refactor Interface to ES2015 class (Antoine du Hamel) #37947
[3f619407fe] - (SEMVER-MAJOR) src: allow CAP_NET_BIND_SERVICE in SafeGetenv (Daniel Bevenius) #37727
[0a7f850123] - (SEMVER-MAJOR) src: return Maybe from a couple of functions (Darshan Sen) #39603
[bdaf51bae7] - (SEMVER-MAJOR) src: allow custom PageAllocator in NodePlatform (Shelley Vohr) #38362
[0c6f345cda] - (SEMVER-MAJOR) stream: fix highwatermark threshold and add the missing error (Rongjian Zhang) #38700
[0e841b45c2] - (SEMVER-MAJOR) stream: don't emit 'data' after 'error' or 'close' (Robert Nagy) #39639
[ef992f6de9] - (SEMVER-MAJOR) stream: do not emit end on readable error (Szymon Marczak) #39607
[efd40eadab] - (SEMVER-MAJOR) stream: forward errored to callback (Robert Nagy) #39364
[09d8c0c8d2] - (SEMVER-MAJOR) stream: destroy readable on read error (Robert Nagy) #39342
[a5dec3a470] - (SEMVER-MAJOR) stream: validate abort signal (Robert Nagy) #39346
[bb275ef2a4] - (SEMVER-MAJOR) stream: unify stream utils (Robert Nagy) #39294
[b2ae12d422] - (SEMVER-MAJOR) stream: throw on premature close in Readable[AsyncIterator] (Darshan Sen) #39117
[0738a2b7bd] - (SEMVER-MAJOR) stream: finished should error on errored stream (Robert Nagy) #39235
[954217adda] - (SEMVER-MAJOR) stream: error Duplex write/read if not writable/readable (Robert Nagy) #34385
[f4609bdf3f] - (SEMVER-MAJOR) stream: bypass legacy destroy for pipeline and async iteration (Robert Nagy) #38505
[e1e669b109] - (SEMVER-MAJOR) url: throw invalid this on detached accessors (James M Snell) #39752
[70157b9cb7] - (SEMVER-MAJOR) url: forbid certain confusable changes from being introduced by toASCII (Timothy Gu) #38631

Semver-Minor Commits

[6cd12be347] - (SEMVER-MINOR) fs: add FileHandle.prototype.readableWebStream() (James M Snell) #39331
[341312d78a] - (SEMVER-MINOR) readline: add autoCommit option (Antoine du Hamel) #37947
[1d2f37d970] - (SEMVER-MINOR) src: add --openssl-legacy-provider option (Daniel Bevenius) #40478
[3b72788afb] - (SEMVER-MINOR) src: add flags for controlling process behavior (Cheng Zhao) #40339
[8306051001] - (SEMVER-MINOR) stream: add readableDidRead (Robert Nagy) #36820
[08ffbd115e] - (SEMVER-MINOR) vm: add support for import assertions in dynamic imports (Antoine du Hamel) #40249

Semver-Patch Commits

[ed01811e71] - benchmark: increase crypto DSA keygen params (Brian White) #40416
[cb93fdbba5] - build: reset embedder string to "-node.0" (Michaël Zasso) #40178
[ed76b49834] - build: fix actions pull request's branch (Mestery) #40494
[6baea14506] - build: avoid run find inactive authors on forked repo (Jiawen Geng) #40465
[f9996d5b80] - build: include new public V8 headers in distribution (Michaël Zasso) #40423
[983b757f3f] - build: update codeowners-validator to 0.6 (FrankQiu) #40307
[73c3885e10] - build: remove duplicate check for authors.yml (Rich Trott) #40393
[92090d3435] - build: make scripts in gyp run with right python (Cheng Zhao) #39730
[28f711b552] - crypto: remove incorrect constructor invocation (gc) #40300
[228e703ded] - deps: workaround debug link error on Windows (Richard Lau) #38807
[a35b7e0427] - deps: upgrade npm to 8.1.0 (npm team) #40463
[d434c5382a] - deps: regenerate OpenSSL arch files (Daniel Bevenius) #40478
[2cebd5f02b] - deps: add missing legacyprov.c source (Daniel Bevenius) #40478
[bf82dcd5ba] - deps: patch V8 to 9.5.172.21 (Michaël Zasso) #40432
[795108a63d] - deps: V8: make V8 9.5 ABI-compatible with 9.6 (Michaël Zasso) #40422
[5d7bd8616e] - deps: suppress zlib compiler warnings (Daniel Bevenius) #40343
[fe84cd453d] - deps: upgrade Corepack to 0.10 (Maël Nison) #40374
[2d503ed3ff] - deps: V8: backport 239898e (Felix Yan) #39827
[c9296b190f] - deps: V8: cherry-pick 2a0bc36 (Michaël Zasso) #40178
[5b358370ad] - deps: V8: cherry-pick cf21eb3 (Michaël Zasso) #40178
[228e703ded] - deps: workaround debug link error on Windows (Richard Lau) #38807
[cca9b95523] - dgram: add nread assertion to UDPWrap::OnRecv (Darshan Sen) #40295
[7c77db0243] - dns: refactor and use validators (Voltrex) #40022
[a278117f28] - doc: update Collaborator guide to reflect GitHub web UI update (Antoine du Hamel) #40456
[4cf5563147] - doc: indicate n-api out params that may be NULL (Isaac Brodsky) #40371
[15ce81a464] - doc: remove ESLint comments which were breaking the CJS/ESM toggles (Mark Skelton) #40408
[54a85d6bb5] - doc: add pronouns for tniessen to README (Tobias Nießen) #40412
[40db88b7b5] - doc: format changelogs (Rich Trott) #40388
[4f68839910] - doc: fix missing variable in deepStrictEqual example (OliverOdo) #40396
[ca6adcf37e] - doc: fix asyncLocalStorage.run() description (Constantine Kim) #40381
[7dd3adf6dd] - doc: fix typos in n-api docs (Ignacio Carbajo) #40402
[eb65871ab4] - doc: format doc/guides using format-md task (Rich Trott) #40358
[0d50dfdf61] - doc: improve phrasing in fs.md (Arslan Ali) #40255
[7723148758] - doc: add link to core promises tracking issue (Michael Dawson) #40355
[ccee352630] - doc: esm resolver spec refactoring for deprecations (Guy Bedford) #40314
[1fc1b0f5f2] - doc: claim ABI version for Electron v17 (Milan Burda) #40320
[0d2b6aca60] - doc: assign missing deprecation number (Michaël Zasso) #40324
[4bd8e0efa0] - doc: fix typo in ESM example (Tobias Nießen) #40275
[03d25fe816] - doc: fix typo in esm.md (Mason Malone) #40273
[6199441b00] - doc: correct ESM load hook table header (Jacob) #40234
[78962d1ca1] - doc: mark readline promise implementation as experimental (Antoine du Hamel) #40211
[4b030d0573] - doc: deprecate (doc-only) http abort related (dr-js) #36670
[bbd4c6eee9] - doc: claim ABI version for Electron v15 and v16 (Samuel Attard) #39950
[3e774a0500] - doc: fix history for fs.WriteStream open event (Antoine du Hamel) #39972
[6fdd5827f0] - doc: anchor link parity between markdown and html-generated docs (foxxyz) #39304
[7b7a0331f4] - doc: reset added: version to REPLACEME (Luigi Pinca) #39901
[58257b7c61] - doc: fix typo in webstreams.md (Luigi Pinca) #39898
[df22736d80] - esm: consolidate ESM loader hooks (Jacob) #37468
[ac4f5e2437] - lib: refactor to use let (gdccwxx) #40364
[3d11bafaa0] - lib: make structuredClone spec compliant (voltrexmaster) #40251
[48655e17e1] - lib,url: correct URL's argument to pass idlharness (Khaidi Chu) #39848
[c0a70203de] - meta: update AUTHORS (Node.js GitHub Bot) #40485
[cbc7b5d424] - meta: consolidate AUTHORS entries for emanuelbuholzer (Rich Trott) #40469
[881174e016] - meta: consolidate AUTHORS entries for ebickle (Rich Trott) #40447
[b80b85e130] - meta: add typings to label-pr-config (Mestery) #40401
[95cf944736] - meta: consolidate AUTHORS entries for evantorrie (Rich Trott) #40430
[c350c217f4] - meta: consolidate AUTHORS entries for gabrielschulhof (Rich Trott) #40420
[a9411891cf] - meta: consolidate AUTHORS information for geirha (Rich Trott) #40406
[0cc37209fa] - meta: consolidate duplicate AUTHORS entries for hassaanp (Rich Trott) #40391
[49b7ec96a4] - meta: update AUTHORS (Node.js GitHub Bot) #40392
[a3c0713d9e] - meta: consolidate AUTHORS entry for thw0rted (Rich Trott) #40387
[eaa59571e0] - meta: update label-pr-config (Mestery) #40199
[6a205d7a56] - meta: use .mailmap to consolidate AUTHORS entries for ide (Rich Trott) #40367
[f570109094] - net: check if option is undefined (Daijiro Wachi) #40344
[119558b6a2] - net: remove unused ObjectKeys (Daijiro Wachi) #40344
[c7cd8ef6c6] - net: check objectMode first and then readble || writable (Daijiro Wachi) #40344
[46446623f5] - net: throw error to object mode in Socket (Daijiro Wachi) #40344
[38aa7cc7c7] - src: get embedder options on-demand (Joyee Cheung) #40357
[ad4e70c817] - src: ensure V8 initialized before marking milestone (Shelley Vohr) #40405
[a784258444] - src: remove usage of AllocatedBuffer from stream_* (Darshan Sen) #40293
[f11493dfc9] - src: add missing initialization (Michael Dawson) #40370
[5e248eceb6] - src: update NODE_MODULE_VERSION to 102 (Michaël Zasso) #40178
[3f0b62375b] - stream: convert premature close to AbortError (Robert Nagy) #39524
[79f4d5a345] - stream: fix toWeb typo (Robert Nagy) #39496
[44ee6c2623] - stream: call done() in consistent fashion (Rich Trott) #39475
[09ad64d66d] - stream: add CompressionStream and DecompressionStream (James M Snell) #39348
[a99c230305] - stream: implement streams to webstreams adapters (James M Snell) #39134
[a5ba28dda2] - stream: fix performance regression (Brian White) #39254
[ce00381751] - stream: use finished for async iteration (Robert Nagy) #39282
[e0faf8c3e9] - test: replace common port with specific number (Daijiro Wachi) #40344
[8068f40313] - test: fix typos in whatwg-webstreams explanations (Tobias Nießen) #40389
[eafdeab97b] - test: add test for readStream.path when fd is specified (Qingyu Deng) #40359
[24f045dae2] - test: replace .then chains with await (gdccwxx) #40348
[5b4ba52786] - test: fix "test/common/debugger" identify async function (gdccwxx) #40348
[1d84e916d6] - test: improve test coverage of fs.ReadStream with FileHandle (Antoine du Hamel) #40018
[b63e449b2e] - test: pass URL's toascii.window.js WPT (Khaidi Chu) #39910
[842fd234b7] - test: adapt test-repl to V8 9.5 (Michaël Zasso) #40178
[d7b9b9f8d7] - test: remove test-v8-untrusted-code-mitigations (Ross McIlroy) #40178
[7624917069] - tools: update tools/lint-md dependencies to support GFM footnotes (Rich Trott) #40445
[350a95b89f] - tools: update lint-md dependencies (Rich Trott) #40404
[012152d7d6] - tools: udpate @babel/eslint-parser (Rich Trott) #40394
[43c780e741] - tools: remove @babel/plugin-syntax-import-assertions (Rich Trott) #40394
[b39db95737] - tools: remove @bable/plugin-syntax-class-properties (Rich Trott) #40394
[a6fd39f44f] - tools: remove @babel/plugin-syntax-top-level-await (Rich Trott) #40394
[8ca76eba73] - tools: update ESLint to 8.0.0 (Rich Trott) #40394
[dd8e219d71] - tools: prepare ESLint rules for 8.0.0 requirements (Rich Trott) #40394
[0a1b399781] - tools: fix ESLint update scripts (Rich Trott) #40394
[d6d6b050ff] - tools: warn about duplicates when generating AUTHORS file (Rich Trott) #40304
[1fd984581c] - tools: update V8 gypfiles for 9.5 (Michaël Zasso) #40178
[a8a86387fa] - tty: enable buffering (Robert Nagy) #39253
[9467cbadcb] - typings: define types for os binding (Michaël Zasso) #40222
[70a5b86049] - typings: add missing types to options and util bindings (Michaël Zasso) #40222
[3815a21beb] - typings: define types for timers binding (Michaël Zasso) #40222
[9e64336fbf] - typings: fix declaration of primordials (Michaël Zasso) #40222
[f581f6da94] - url: fix performance regression (Brian White) #39778
[02de40246f] - v8: remove --harmony-top-level-await (Geoffrey Booth) #40226

`v16.13.0`

Compare Source

Notable Changes

This release marks the transition of Node.js 16.x into Long Term Support (LTS) with the codename 'Gallium'. The 16.x release line now moves into "Active LTS" and will remain so until October 2022. After that time, it will move into "Maintenance" until end of life in April 2024.

`v16.12.0`

Compare Source

Notable Changes

Experimental ESM Loader Hooks API

Node.js ESM Loader hooks have been consolidated to represent the steps involved needed to facilitate future loader chaining:

resolve: resolve [+ getFormat]
load: getFormat + getSource + transformSource

For consistency, getGlobalPreloadCode has been renamed to globalPreload.

A loader exporting obsolete hook(s) will trigger a single deprecation warning (per loader) listing the errant hooks.

Contributed by Jacob Smith, Geoffrey Booth, and Bradley Farias - https://github.com/nodejs/node/pull/37468

Other Notable Changes

[8fdabcb918] - deps: upgrade npm to 8.1.0 (npm team) #40463
[d1d9f2de30] - doc: deprecate (doc-only) http abort related (dr-js) #36670
[4116b6c907] - (SEMVER-MINOR) vm: add support for import assertions in dynamic imports (Antoine du Hamel) #40249

Commits

[8bb3951e41] - build: remove duplicate check for authors.yml (Rich Trott) #40393
[2de57edced] - build: make scripts in gyp run with right python (Cheng Zhao) #39730
[a8926d199d] - crypto: remove incorrect constructor invocation (gc) #40300
[8fdabcb918] - deps: upgrade npm to 8.1.0 (npm team) #40463
[dca5ac1539] - deps: suppress zlib compiler warnings (Daniel Bevenius) #40343
[91c3bf6a7f] - deps: upgrade Corepack to 0.10 (Maël Nison) #40374
[7e02124a06] - dgram: add nread assertion to UDPWrap::OnRecv (Darshan Sen) #40295
[2d409ed29e] - dns: refactor and use validators (Voltrex) #40022
[dc7291dab8] - doc: remove ESLint comments which were breaking the CJS/ESM toggles (Mark Skelton) #40408
[85b7385115] - doc: add pronouns for tniessen to README (Tobias Nießen) #40412
[1d5857c9f4] - doc: format changelogs (Rich Trott) #40388
[5eb9402b50] - doc: fix missing variable in deepStrictEqual example (OliverOdo) #40396
[6f77d1a1d5] - doc: fix asyncLocalStorage.run() description (Constantine Kim) #40381
[93a48e02dc] - doc: fix typos in n-api docs (Ignacio Carbajo) #40402
[fb7afb91c2] - doc: format doc/guides using format-md task (Rich Trott) #40358
[6c091c7878] - doc: improve phrasing in fs.md (Arslan Ali) #40255
[38d81380ac] - doc: add link to core promises tracking issue (Michael Dawson) #40355
[71a94aa82a] - doc: correct ESM load hook table header (Jacob Smith) #40234
[5b074affb4] - doc: fix typo in esm.md (Mason Malone) #40273
[3b3aaa0a37] - doc: fix typo in ESM example (Tobias Nießen) #40275
[f848553fb8] - doc: assign missing deprecation number (Michaël Zasso) #40324
[d1d9f2de30] - doc: deprecate (doc-only) http abort related (dr-js) #36670
[1ef2cf8413] - doc: anchor link parity between markdown and html-generated docs (foxxyz) #39304
[3743406b0a] - (SEMVER-MINOR) esm: consolidate ESM loader hooks (Jacob Smith) #37468
[168020e1c8] - lib: refactor to use let (gdccwxx) #40364
[bcd59d70bb] - meta: consolidate AUTHORS entries for gabrielschulhof (Rich Trott) #40420
[80b4245db8] - meta: consolidate AUTHORS information for geirha (Rich Trott) #40406
[93cecb4700] - meta: consolidate duplicate AUTHORS entries for hassaanp (Rich Trott) #40391
[fff3135909] - meta: update AUTHORS (Node.js GitHub Bot) #40392
[122481713d] - meta: consolidate AUTHORS entry for thw0rted (Rich Trott) #40387
[7f50313fcc] - meta: update label-pr-config (Mestery) #40199
[5668182665] - meta: use .mailmap to consolidate AUTHORS entries for ide (Rich Trott) #40367
[bc86084a3e] - net: check if option is undefined (Daijiro Wachi) #40344
[4564a93e5e] - net: remove unused ObjectKeys (Daijiro Wachi) #40344
[dbb2e6f429] - net: check objectMode first and then readble || writable (Daijiro Wachi) #40344
[a672be57c8] - net: throw error to object mode in Socket (Daijiro Wachi) #40344
[faf9e28c36] - src: remove usage of AllocatedBuffer from stream_* (Darshan Sen) #40293
[857af2ba99] - src: add missing initialization (Michael Dawson) #40370
[2bfa87edbc] - stream: fix fromAsyncGen (Robert Nagy) #40499
[1e15137e71] - test: replace common port with specific number (Daijiro Wachi) #40344
[6f6b99c302] - test: fix typos in whatwg-webstreams explanations (Tobias Nießen) #40389
[641b1bb052] - test: add test for readStream.path when fd is specified (Qingyu Deng) #40359
[07dae7ff50] - test: replace .then chains with await (gdccwxx) #40348
[d8a36ee1de] - test: fix "test/common/debugger" identify async function (gdccwxx) #40348
[13d6a56c7d] - test: improve test coverage of fs.ReadStream with FileHandle (Antoine du Hamel) #40018
[50f91ab059] - tools: udpate @babel/eslint-parser (Rich Trott) #40394
[3611073145] - tools: remove @babel/plugin-syntax-import-assertions (Rich Trott) #40394
[b72d693a3a] - tools: remove @bable/plugin-syntax-class-properties (Rich Trott) #40394
[d6a99b77da] - tools: remove @babel/plugin-syntax-top-level-await (Rich Trott) #40394
[d9157aa5fe] - tools: update ESLint to 8.0.0 (Rich Trott) #40394
[43b97c7984] - tools: prepare ESLint rules for 8.0.0 requirements (Rich Trott) #40394
[282b6eb4b0] - tools: fix ESLint update scripts (Rich Trott) #40394
[c3a744f7bf] - tools: warn about duplicates when generating AUTHORS file (Rich Trott) #40304
[7733b5e55d] - typings: define types for os binding (Michaël Zasso) #40222
[ca9a854877] - typings: add missing types to options and util bindings (Michaël Zasso) #40222
[c3a7a0bd59] - typings: define types for timers binding (Michaël Zasso) #40222
[65b51d05fa] - typings: fix declaration of primordials (Michaël Zasso) #40222
[5f3f3a5128] - v8: remove --harmony-top-level-await (Geoffrey Booth) #40226
[4116b6c907] - (SEMVER-MINOR) vm: add support for import assertions in dynamic imports (Antoine du Hamel) #40249

`v16.11.1`

Compare Source

This is a security release.

Notable changes

CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium)
- The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will be available at CVE-2021-22959 after publication.
CVE-2021-22960: HTTP Request Smuggling when parsing the body (Medium)
- The parse ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions. More details will be available at CVE-2021-22960 after publication.

Commits

[af488f8dc8] - deps: update llhttp to 6.0.4 (Matteo Collina) nodejs-private/node-private#284
[2d1eefad98] - http: add regression test for smuggling content length (Matteo Collina) nodejs-private/node-private#284
[45d419ab1c] - http: add regression test for chunked smuggling (Matteo Collina) nodejs-private/node-private#284

`v16.11.0`

Compare Source

Notable Changes

crypto
- update root certificates (Richard Lau) #40280
deps
- upgrade npm to 8.0.0 (npm team) #40369
- update nghttp2 to v1.45.1 (thunder-coding) #40206
- update V8 to 9.4.146.19 (Michaël Zasso) #40285
tools
- update certdata.txt (Richard Lau) #40280

Commits

[34f3021ca3] - benchmark: add util.toUSVString()'s benchmark (Khaidi Chu) #40203
[f83b9bcb6f] - build: support Python 3.10.0 (FrankQiu) #40296
[3148f9b64e] - build: check for duplicates in new AUTHORS entries (Rich Trott) #40264
[48c162d457] - build: set DESTCPU correctly for 'make binary' on Apple Silicon (Chris Heisterkamp) #40147
[7fbfb66d41] - build: limit update authors CI scope (Jiawen Geng) #40219
[a1bee94502] - build: pass a tuple of alternatives to str.endswith() (Christian Clauss) #40017
[eaf9d08332] - build: add --no-user for pip commands in Makefile (Rich Trott) #40169
[e22ca06ac4] - build: fix "test-internet.yml" workflows (SURYAMRATAP SINGH SURYAVANSHI) #40177
[4da73d09bf] - (SEMVER-MINOR) build: reset embedder string to "-node.0" (Michaël Zasso) #40285
[4b117fbc81] - console: use validators for consistency (Voltrex) #39812
[6489423187] - console: avoid unnecessary variables (Pancake) #40183
[9af2592e69] - crypto: update root certificates (Richard Lau) #40280
[2fa5e5011f] - crypto: handle initEDRaw pkey failure (Shelley Vohr) #40188
[7968c79301] - crypto: don't call callback twice in case crypto.randomBytes fails (Guilherme Bernal) #40157
[b89c7ae297] - deps: upgrade npm to 8.0.0 (npm team) #40369
[947f3dc9af] - deps: V8: patch jinja2 for Python 3.10 compat (Michaël Zasso) #40296
[685c7d43a5] - (SEMVER-MINOR) deps: update nghttp2 to v1.45.1 (thunder-coding) #40206
[e7046e0ff1] - deps: restore minimum ICU version to 68 (Michaël Zasso) #39470
[a3db2033d4] - (SEMVER-MINOR) deps: make V8 9.4 abi-compatible with 9.0 (Michaël Zasso) #40285
[5cc24e6d76] - deps: V8: cherry-pick 9a60704 (Jiawen Geng) #40046
[8de5eb88d3] - deps: V8: cherry-pick 5681a65 (Michaël Zasso) #39945
[150d816edb] - deps: V8: cherry-pick bdcda72 (Michaël Zasso) #39945
[807b68b430] - deps: V8: cherry-pick 00bb1a7 (Darshan Sen) #39829
[be016948df] - deps: silence irrelevant V8 warning (Michaël Zasso) #38990
[22dcd3e4dc] - deps: silence irrelevant V8 warnings (Michaël Zasso) #37587
[1aea6a771b] - deps: fix V8 build issue with inline methods (Jiawen Geng) #40060
[e9812157f0] - deps: make v8.h compatible with VS2015 (Joao Reis) #32116
[88ae710057] - deps: V8: forward declaration of Rtl*FunctionTable (Refael Ackermann) #32116
[e810f0766f] - deps: V8: patch register-arm64.h (Refael Ackermann) #32116
[b8aabd5622] - deps: V8: un-cherry-pick bd019bd (Refael Ackermann) #32116
[309c4f05df] - (SEMVER-MINOR) deps: update V8 to 9.4.146.19 (Michaël Zasso) #40285
[69eaaf6321] - doc: format general markdown files (Rich Trott) #40322
[dc9c31985c] - doc: fix the inline code-block at the NodeDhKeyGenParams class (Justin) #40341
[8d0546db39] - doc: correct the codeblock for hmacImportParams.hash (Justin) #40340
[1db2ffd008] - doc: fix typo in stream docs (Juan José Arboleda) #40337
[abfcbcd14c] - doc: update fast-track approval comment request (voltrexmaster) #40316
[e2cd2f44f2] - doc: fix CVE-2021-22940 references (Michaël Zasso) #40308
[88bdbf1e29] - doc: format markdown files in test directory (Rich Trott) #40290
[f71ac57a86] - doc: add triagers to the table of contents (FrankQiu) #39969
[a5218b5313] - doc: update Forrest Norvell's pronouns (Forrest L Norvell) #40292
[d2e54e5d0c] - doc: reorder stream 'readable' paragraphs (Vincent Weevers) #40212
[1d0a3e1a0c] - doc: fix typo in fs (Brian White) #40257
[66edb7bfe1] - doc: fix typo in fs.md (Arslan Ali) #40254
[614a7c21f8] - doc: fix typo in packages.md (Arslan Ali) #40230
[9fa6dfbe76] - doc: fix example of crypto.generateKeySync (Gary Ho) #40225
[9a2b94a142] - doc: update fs.watchFile doc (Clément Nardi) #40134
[a68f91c884] - doc: add version when diagnostics_channel APIs were added (Gerhard Stöbich) #40208
[6bf67909ad] - doc: fix typo in 'maxHeaderSize' (Rebhi Alfa) #40164
[73a127ba7b] - doc: fix buffer api example code's token error (m3m0ry) #40125
[59db8293f4] - doc: fix typo in async_hooks.md (xuchaobei) #40187
[779dfd199b] - doc: make version picker usable on mobile (Evan Lucas) #39958
[7bd62f4809] - doc: fix typos in http.md (Luigi Pinca) #40161
[94b415b980] - doc: add blank line between comments (Rich Trott) #40160
[847b451d88] - doc: update markdown files in src for upcoming linting/formatting (Rich Trott) #40159
[cea7395858] - doc: update benchmarks README.md for upcoming linting/formatting (Rich Trott) #40158
[c231745837] - doc: prepare markdown file for upcoming formatting/linting (Rich Trott) #40156
[7e58cda6e0] - doc: update tools .md files for upcoming lint/formatting (Rich Trott) #40155
[02a87b096c] - doc: update markdown formatting for *.md files (Rich Trott) #40154
[9b0e61a67f] - doc,src: update crypto/README.md (Tobias Nießen) #40332
[88e7bd073a] - events: allow dispatch many times without listener (MrBBot) #39772
[c7f3294d02] - (SEMVER-MINOR) fs: add stream utilities to FileHandle (Antoine du Hamel) #40009
[555af5b808] - http: remove 'data' and 'end' listener if client parser error (Matteo Collina) #40244
[22725f5bdd] - http: use 0 as default for requests limit (Artur K) #40192
[3d5eba8042] - lib: refactor to avoid unsafe array iteration (Antoine du Hamel) #40271
[547fc86371] - lib: use validateArray (Voltrex) #39774
[a37527ce8f] - meta: add mailmap entry for ratracegrad (Rich Trott) #40291
[a75a8f2ca0] - meta: update AUTHORS (Node.js GitHub Bot) #40289
[66ab278bae] - meta: add .mailmap entry for Jimbly (Rich Trott) #40267
[e040f2cf0d] - meta: add .mailmap entry for daguej (Rich Trott) #40223
[d64740fbb3] - meta: update AUTHORS (Node.js GitHub Bot) #40217
[9ee9e41f5c] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #40115
[da6c82b425] - meta: update gdams contact information (Rich Trott) #40233
[a660017915] - meta: add .mailmap entry for kunalspathak (Rich Trott) #40202
[4d46bde22e] - meta: add mailmap entry for ralphtheninja (Rich Trott) #40153
[b856886d00] - meta: update mailmap for LakshmiSwethaG (Rich Trott) #40172
[972d921855] - module: fix ERR_REQUIRE_ESM for parentPath null (Guy Bedford) #40145
[344c03b2e6] - repl: skip EmptyStatements and return result with TLA (Mestery) #40194
[b694b0ca52] - src: use As() instead of Cast() for conversions (Darshan Sen) #40287
[383dbe940d] - src: implement changes suggested by @addaleax (kokke) #40128
[a6112dd1de] - src: fix time-of-use vs time-of-check "bugs" (kokke) #40128
[bbf1ed7c78] - src: remove AllocatedBuffer from crypto_common.cc (Darshan Sen) #40213
[528f9228fd] - src: remove usage of AllocatedBuffer from udp_wrap.cc (Darshan Sen) #40151
[d36127d862] - src: move ToUSVString() to node_util.cc (Khaidi Chu) #40204
[bddf8c28d9] - src,crypto: eliminate code duplication between StatelessDiffieHellman* (Darshan Sen) #40084
[6a8689f1f9] - test: fix typo in test/common/index.js (Tobias Nießen) #40297
[dc0c2744cf] - test: suppress compiler warning in test_bigint (Daniel Bevenius) #40253
[18820bfa58] - tools: patch jinja2 for Python 3.10 compat (Michaël Zasso) #40296
[8d7710e6c3] - tools: update rollup entry in lint-md package.json (FrankQiu) #40281
[7bb4dc2406] - tools: update certdata.txt (Richard Lau) #40280
[f31b0c9700] - tools: update remark-preset-lint-node to 3.2.0 (Rich Trott) #40278
[9c4e7a5158] - tools: fix lint-md autolinking (Rich Trott) #40181
[26db6db87f] - tools: implement markdown formatting (Rich Trott) #40181
[67812e8c65] - tools: re-implement lint-md without unified-args (Rich Trott) #40180
[0232f94175] - tools: update remark-preset-lint-node to 3.1.0 (Rich Trott) #40166
[80fdedd184] - tools: fix find-inactive-collaborators for recent README change (Rich Trott) #40163
[ebf17102d1] - tools: extend default yamllint config (Michaël Zasso) #40150
[f7c82749a7] - tools: update V8 gypfiles for 9.4 (Michaël Zasso) #39945
[dd39422b8b] - typings: define types for symbols binding (Michaël Zasso) #40143
[ced8467e20] - typings: define types for worker and messaging bindings (Michaël Zasso) #40143
[66d3101677] - (SEMVER-MINOR) util: improve ansi escape code regex (Colin Ihrig) #40214
[f4164fa4c3] - (SEMVER-MINOR) util: expose stripVTControlCharacters() (Colin Ihrig) #40214

`v16.10.0`

Compare Source

Notable Changes

[fb226ff2ee] - (SEMVER-MINOR) crypto: add rsa-pss keygen parameters (Filip Skokan) #39927
[85206b7311] - deps: upgrade npm to 7.24.0 (npm team) #40167
[98f56d179c] - deps: update Acorn to v8.5.0 (Michaël Zasso) #40015
[9655329772] - doc: add Ayase-252 to collaborators (Qingyu Deng) #40078
[59fff925be] - (SEMVER-MINOR) fs: make open and close stream override optional when unused (Antoine du Hamel) #40013
[a63a4bce90] - (SEMVER-MINOR) http: limit requests per connection (Artur K) #40082
- The maximum number of requests a socket can handle before closing keep alive connection can be set with server.maxRequestsPerSocket.
[9a672961fa] - (SEMVER-MINOR) src: add --no-global-search-paths cli option (Cheng Zhao) #39754
- Adds the --no-global-search-paths command-line option to not search modules from global paths like $HOME/.node_modules and $NODE_PATH.
[fe920b6cbf] - (SEMVER-MINOR) src: make napi_create_reference accept symbol (JckXia) #39926
[97f3072ceb] - (SEMVER-MINOR) stream: add signal support to pipeline generators (Robert Nagy) #39067

Commits

[b7dc651884] - build: run modified internet tests on GitHub Actions (Rich Trott) #40100
[8d5787a043] - build: add .mailmap/AUTHORS to paths-ignore for test-macos (Rich Trott) #40109
[9793e7ff08] - build: add .mailmap/AUTHORS to path-ignore for test-asan (Rich Trott) #40109
[886921de38] - build: add paths-ignore for build-tarball workflow (Rich Trott) #40109
[01b1946b38] - build: only lint version numbers for pull requests (Michaël Zasso) #40027
[c804d070a6] - build: add daily/on-demand internet test workflow (Rich Trott) #40086
[7bddaecbf4] - build: add YAML linting to GitHub Actions (Rich Trott) #40007
[5a20f9055c] - build: add YAML linting (Rich Trott) #40007
[0b30867c08] - build: run AUTHORS update weekly (Rich Trott) #40004
[22a78a75ee] - build: preserves symbols during LTO with macOS linker (Jesse Chan) #39839
[f0dec58d43] - crypto: fix webcrypto ed(25519|448) spki/pkcs8 import (Filip Skokan) #40131
[d80082f3eb] - crypto: use validateObject (Voltrex) #39872
[d657ae6f8a] - crypto: fix RSA-PSS default saltLength (Tobias Nießen) #39999
[fc45cbe7a8] - crypto: fix default MGF1 hash for OpenSSL 3 (Tobias Nießen) #40031
[105c9e6d3b] - crypto: check webcrypto asymmetric key types during importKey (Filip Skokan) #39962
[fb226ff2ee] - (SEMVER-MINOR) crypto: add rsa-pss keygen parameters (Filip Skokan) #39927
[85206b7311] - deps: upgrade npm to 7.24.0 (npm team) #40167
[06f6e01f37] - deps: add riscv64 into openssl Makefile and gen openssl-riscv64 (Lu Yahan) #40063
[9c76c69972] - deps: patch V8 to 9.3.345.19 (Michaël Zasso) #40108
[0df47d5843] - deps: upgrade npm to 7.23.0 (npm team) #40055
[b3843bf417] - deps: patch v8 for vs2019 in std17 (Jiawen Geng) #40060
[67759585a0] - deps: patch for v8 on windows (Jiawen Geng) #40010
[98f56d179c] - deps: update Acorn to v8.5.0 (Michaël Zasso) #40015
[5c6708582e] - dns: cleanup validation (Voltrex) #40061
[e4825dcfd5] - doc: changes default values for fs.read fns (RISHABH BUDHIRAJA) #39163
[0254b4b0d3] - doc: fix markdown indentation in lists (Michaël Zasso) #40142
[b6939a3419] - doc: prepare README.md for stricter linting (Rich Trott) #40137
[a07d8444f9] - doc: fix comma splice (Rich Trott) #40133
[2488bc0c4f] - doc: clean up weird notes about reentrancy (Anna Henningsen) #40107
[8b80dcbc30] - doc: correct parameters in fs and stream documentation (vipul kumar) #39984
[1ced732078] - doc: fix CJS-ESM selector in Safari (Bradley Farias) #40135
[7fdb12739d] - doc: add timeout.close (Nikita Galkin) #40036
[81cb14bb58] - doc: clarify that ObjectWrap requires manual cleanup on shutdown (Gerhard Stöbich) #40074
[8aad81dd99] - doc: add full list of subsystems (FrankQiu) #39971
[9655329772] - doc: add Ayase-252 to collaborators (Qingyu Deng) #40078
[6d399e11e9] - doc: fix CCM cipher example in MJS (Tobias Nießen) #39949
[d426ee9b17] - doc: fix property name 'detail' of performanceEntry (Christian Boehlke) #40019
[846e7e880e] - doc: fix list indentation in corepack.md (Alexey Ten) #40029
[b6dd2ea930] - doc: fix missing history version in fs.md (Antoine du Hamel) #39972
[f666f5a8d1] - events: fix duplicate require which cause performance penalty (wwwzbwcom) #39892
[59fff925be] - (SEMVER-MINOR) fs: make open and close stream override optional when unused (Antoine du Hamel) #40013
[a63a4bce90] - (SEMVER-MINOR) http: limit requests per connection (Artur K) #40082
[bc9c2ca6af] - http: remove CRLF variable (shfshanyue) #40101
[dd50b91f77] - lib: remove useless statement (Maledong) #39983
[608528028c] - lib: avoid creating a throw away object in validateObject (Antoine du Hamel) #39807
[edcfffeaea] - lib: use standard property names (null) #39981
[640353af86] - lib,repl: ignore non-canBeRequiredByUsers built-in (Khaidi Chu) #39942
[4444b5c938] - meta: update AUTHORS (Node.js GitHub Bot) #40148
[4993318862] - meta: update GeoffreyBooth email addresses in AUTHORS and .mailmap (Rich Trott) #40132
[98d42fa1f4] - meta: add mailmap entry for LPardue (Rich Trott) #40129
[effdfa91be] - meta: update GeoffreyBooth email address (Geoffrey Booth) #40102
[588257c00a] - meta: add .mailmap entry for arcanis (Rich Trott) #40103
[7ee3fbd1e0] - meta: update AUTHORS (Node.js GitHub Bot) #40087
[2a41530a5e] - meta: consolidate AUTHORS entry for mikemaccana (Rich Trott) #40051
[a71579b05e] - meta: add more mailmap entries for bajtos (Rich Trott) #40023
[29104f5e64] - meta: consolidate AUTHORS entries for mithunsasidharan (Rich Trott) #40003
[381293f54a] - meta: update AUTHORS (Node.js GitHub Bot) #39957
[1eca9bc5b2] - module: support pattern trailers for imports field (Guy Bedford) #40041
[7376edca6d] - module: deprecate trailing slash pattern mappings (Guy Bedford) #40039
[92f182b23d] - module: fix $ pattern replacements (Guy Bedford) #40044
[d6124d8259] - repl: fix top level await with surrogate characters (Mestery) #39931
[9a672961fa] - (SEMVER-MINOR) src: add --no-global-search-paths cli option (Cheng Zhao) #39754
[51f9ad4897] - (SEMVER-MINOR) src: add option to disable global search paths (Cheng Zhao) #39754
[95528b284d] - src: remove unnecessary comment and add a CHECK in crypto_tls.cc (Darshan Sen) #39991
[31994fbf8e] - src: register zlib external references for snapshot (Joyee Cheung) #40050
[cfcd57182b] - src: fix -Wunreachable-code-return error (Shelley Vohr) #40034
[9f3a015b60] - src: add option to disable loading native addons (Dominic Elm) #39977
[570bef1710] - Revert "src: skip test_fatal/test_threads for Debug builds" (Anna Henningsen) #39954
[842f936e04] - src: use Isolate::TryGetCurrent where appropriate (Anna Henningsen) #39954
[fe920b6cbf] - (SEMVER-MINOR) src: make napi_create_reference accept symbol (JckXia) #39926
[73aa4e34ff] - src: fix C4805 MSVC warning (Michaël Zasso) #39998
[826eee363c] - src: register external references of PipeWrap for snapshot (Joyee Cheung) #39961
[7a17cbfdea] - src: register external references of TTYWrap for snapshot (Joyee Cheung) #39961
[00cca48081] - src: register external references of TCPWrap for snapshot (Joyee Cheung) #39961
[6095fb07b6] - src: register external references of SignalWrap for snapshot (Joyee Cheung) #39961
[db75711c5c] - src: register missing process methods external references (Joyee Cheung) #39961
[b4e074c295] - src: register missing stream wrap external references (Joyee Cheung) #39961
[a2c1c3ef64] - src: register external references of BaseObject for snapshot (Joyee Cheung) #39961
[6fdf02523e] - src: register external references of node-report for snapshot (Joyee Cheung) #39961
[bef78a2f88] - src: register external references of dtrace for snapshot (Joyee Cheung) #39961
[97f3072ceb] - (SEMVER-MINOR) stream: add signal support to pipeline generators (Robert Nagy) #39067
[6be405bd7b] - test: fix test-dgram-udp6-link-local-address on Windows (Michaël Zasso) #40005
[ec94bec9a3] - test: do not run test-corepack-yarn-install with no internet (Antoine du Hamel) #40090
[4aa2610252] - test: update OpenSSL3 error messages for 3.0.0+quic (Daniel Bevenius) #40093
[4367a61a9b] - test: mark test-crypto-timing-safe-equal-benchmarks flaky (Richard Lau) #40065
[5b5e27281c] - test: fix internet/test-dns (Rich Trott) #40083
[67bbfeb7e1] - test: make tests pass on Windows with Unix EOL (Michaël Zasso) #40002
[a8c99d9f09] - tools: update doc generator dependencies (Michaël Zasso) #40042
[ec6de1195a] - tools: update ansi-regex in lint-md rollup (Rich Trott) #40112
[d55804ca4e] - tools: update all dependencies of markdown linter (Michaël Zasso) #40035
[f03bae7c82] - tools: update remark-html to v13.0.2 (Michaël Zasso) #40043
[99af21292f] - tools,build: update YAML files in preparation for linting (Rich Trott) #40007
[590ace418d] - tools,doc: fix misrendering of consecutive JS blocks (Rich Trott) #40146
[5983568204] - worker: avoid potential deadlock on NearHeapLimit (Santiago Gimeno) #38403

`v16.9.1`

Compare Source

Notable Changes

This release fixes a regression introduced by the V8 9.3 update in Node.js 16.9.0.

Commits

[04f1943109] - deps: V8: cherry-pick 9a60704 (Jiawen Geng) #40046

`v16.9.0`

Compare Source

Notable Changes

Corepack

Node.js now includes Corepack, a script that acts as a bridge between Node.js projects and the package managers they are intended to be used with during development. In practical terms, Corepack will let you use Yarn and pnpm without having to install them - just like what currently happens with npm, which is shipped in Node.js by default. Please head over to the Corepack documentation page for more information on how to use it.

Contributed by Maël Nison - #39608

V8 9.3

V8 is updated to version 9.3, which includes performance improvements and new JavaScript features.

`Object.hasOwn`

Object.hasOwn is a static alias for Object.prototype.hasOwnProperty.call:

Object.hasOwn({ value: 42 }, 'value'); // Returns `true`.

Error cause

Errors can now be optionally constructed with a cause option, pointing to another error. This adds a cause property on the new error:

const error1 = new Error('Error one');
const error2 = new Error('Error two', { cause: error1 });
// error2.cause === error1

Contributed by Michaël Zasso - #39947

Other Notable Changes

[34c627e4bc] - (SEMVER-MINOR) crypto: add RSA-PSS params to asymmetricKeyDetails (Tobias Nießen) #39851
[20da0a5379] - (SEMVER-MINOR) module: support pattern trailers (Guy Bedford) #39635
[cb44781371] - (SEMVER-MINOR) stream: add stream.compose (Robert Nagy) #39029

Commits

[2343c394fb] - async_hooks: use resource stack for AsyncLocalStorage run (Stephen Belanger) #39890
[00951827cd] - Revert "build: add windows-2022 to GitHub test matrix" (Michaël Zasso) #39982
[e7834535b3] - build: add windows-2022 to GitHub test matrix (Michaël Zasso) #39857
[c49b0c0dd4] - build: add support for Visual Studio 2022 (Michaël Zasso) #39857
[afdb665e57] - build: fix find-inactive-collaborators workflow token (Rich Trott) #39909
[0ff88f362f] - build: update token used for pull requests (Rich Trott) #39907
[beca890330] - build: adapt v8_pch.h to V8 9.3 (Michaël Zasso) #39469
[2170346aa3] - build: reset embedder string to "-node.0" (Michaël Zasso) #39947
[d33ab968ab] - cluster: fix comment regarding child_process file (Yash Ladha) #39308
[585199497f] - crypto: fix regression in RSA-PSS keygen (Tobias Nießen) #39937
[34c627e4bc] - (SEMVER-MINOR) crypto: add RSA-PSS params to asymmetricKeyDetails (Tobias Nießen) #39851
[1dd91582da] - crypto: fix rsa-pss one-shot sign/verify error handling (Filip Skokan) #39830
[20cf47004e] - crypto: fix JWK RSA-PSS SubtleCrypto.exportKey (Filip Skokan) #39828
[e25dc8e470] - deps: upgrade npm to 7.21.1 (npm team) #39904
[9270684837] - deps: update archs files for OpenSSL-1.1.1l+quic (Richard Lau) #39867
[4b5bbec6cc] - deps: upgrade openssl sources to OpenSSL_1_1_1l+quic (Richard Lau) #39867
[71659fd4ba] - (SEMVER-MINOR) deps: add corepack (Maël Nison) #39608
[7470db0dfb] - deps: restore minimum ICU version to 68 (Michaël Zasso) #39470
[92d83d18d2] - deps: make V8 9.3 abi-compatible with 9.0 (Michaël Zasso) #39947
[0140face81] - deps: V8: cherry-pick 00bb1a7 (Darshan Sen) #39829
[3e1053e755] - deps: V8: cherry-pick 81814ed (Stephen Belanger) #39719
[d9d0104878] - deps: silence irrelevant V8 warning (Michaël Zasso) #38990
[cd9b03ea40] - deps: silence irrelevant V8 warnings (Michaël Zasso) #37587
[b83cab712f] - deps: fix V8 build issue with inline methods (Jiawen Geng) #35415
[068824d754] - deps: make v8.h compatible with VS2015 (Joao Reis) #32116
[54f4f1af50] - deps: V8: forward declaration of Rtl*FunctionTable (Refael Ackermann) #32116
[10ba1cb8b2] - deps: V8: patch register-arm64.h (Refael Ackermann) #32116
[3ce6f72124] - deps: V8: un-cherry-pick bd019bd (Refael Ackermann) #32116
[f43c292520] - (SEMVER-MINOR) deps: update V8 to 9.3.345.16 (Michaël Zasso) #39947
[9e782eb758] - doc: remove {C,Dec}ompressionStream documentation (Luigi Pinca) #39899
[7857e9cc77] - doc: add descriptions about when options.mode is ignored (Ray) #39881
[d43b555047] - doc: remove danbev from TSC member list (Daniel Bevenius) #39978
[fc01dd916e] - doc: add missing changes to generateKeyPair(Sync) (Tobias Nießen) #39963
[953f2e9f88] - doc: add nodejs/tweet issue creation to sec. doc (Daniel Bevenius) #39940
[29c4b07716] - doc: update WASI example to use import.meta.url (Guy Bedford) #39925
[9eb4a70c14] - doc: move reference to OpenSSL flags SSL_OP_* (Tobias Nießen) #39935
[8ea4befc82] - doc: add docs for duplex.allowHalfOpen property (Tim Perry) #39126
[bc2b73ec9b] - doc: add FrankQiu to a triager (FrankQiu) #39922
[8b68f8ec38] - doc: add VoltrexMaster to triagers (voltrexmaster) #39920
[3a8f77ac0d] - doc: document JavaScript tool for benchmark comparison (Michaël Zasso) #39835
[4ac703ca8e] - doc: add Mesteery to triagers (Mestery) #39887
[d059a5186b] - doc: update maintaining openssl guide (Richard Lau) #39878
[486150580c] - doc: move ERR_WORKER_UNSPPORTED_EXTENSION to legacy (Qingyu Deng) #39788
[a4b8c13798] - events: protect property defs against prototype polution (James M Snell) #39773
[cfbe9065ae] - events: add brand checks for detached accessors (James M Snell) #39773
[112af69194] - fs: add docs and tests for AsyncIterable support in fh.writeFile (Antoine du Hamel) #39836
[402071bc45] - meta: remove duplicate AUTHORS entry for NigelKibodeaux (Rich Trott) #39967
[3588f07603] - meta: add mailmap entry for Ethan-Arrowood (Rich Trott) #39930
[259e0cf4d7] - meta: add mailmap entry for branisha (Rich Trott) #39889
[bc236a6714] - meta: update .mailmap to remove duplicate AUTHORS entry for addaleax (Rich Trott) #39880
[20da0a5379] - (SEMVER-MINOR) module: support pattern trailers (Guy Bedford) #39635
[879dc4658e] - src: remove usage of AllocatedBuffer from src/node_buffer.cc (Darshan Sen) #39941
[79ce096470] - src: remove extra semicolons outside fns (Shelley Vohr) #39800
[cb44781371] - (SEMVER-MINOR) stream: add stream.compose (Robert Nagy) #39029
[ca9b781d20] - test: use assert.match instead of regexp.test (Michaël Zasso) #39928
[007e2855af] - test: use error code mapping in place of raw errno (Darshan Sen) #38675
[00529b0ef2] - test: add test to verify other extension can be loaded by worker (Qingyu Deng) #39788
[4e7212c88c] - test: update error message keywords (leeight) #39826
[549d717722] - test: adapt test-fs-read to V8 9.3 (Michaël Zasso) #39469
[644b25e068] - test: adapt test-util-inspect to V8 9.3 (Michaël Zasso) #39469
[105bff9ea5] - test: adapt test-v8-flags to V8 9.3 (Michaël Zasso) #39469
[d92bd9a982] - tools: add support for import assertions in linter (Antoine du Hamel) #39924
[9763561e30] - tools: update gyp-next to v0.10.0 (Michaël Zasso) #39857
[9f105c73fc] - tools: update V8 gypfiles for 9.3 (Michaël Zasso) #39469
[16271d2f50] - worker: remove file extension check (Qingyu Deng) #39788
[3b1ce93e03] - worker: add brand checks for detached MessageEvent accessors (James M Snell) #39773

`v16.8.0`

Compare Source

Notable Changes

[2e90b10f35] - doc: deprecate type coercion for dns.lookup options (Antoine du Hamel) #38906
[a6d50a18a0] - (SEMVER-MINOR) stream: add stream.Duplex.from utility (Robert Nagy) #39519
[af7047a815] - (SEMVER-MINOR) stream: add isDisturbed helper (Robert Nagy) #39628
[66400374de] - (SEMVER-MINOR) util: expose toUSVString (Robert Nagy) #39814

Commits

[90bf247a55] - build: fix update authors commit (Mestery) #39858
[c968372e37] - build: add authors.yml (Tierney Cyren) #35831
[3f284cf65c] - build: add option to hide console window (Cheng Zhao) #39712
[a01e3ab41d] - deps: V8: cherry-pick 00bb1a7 (Darshan Sen) #39829
[cce95c4c5b] - deps: upgrade npm to 7.21.0 (Myles Borins) #39813
[254810a22e] - doc: add duplicate CVE check in sec. release doc (Daniel Bevenius) #39845
[8c50d16712] - doc: improve description of the triagers team (Michaël Zasso) #39833
[c02165d992] - doc: update instructions for cc (Michael Dawson) #39674
[208305fd8f] - doc: move util.toUSVString() outside of deprecated group (Luigi Pinca) #39840
[2e90b10f35] - doc: deprecate type coercion for dns.lookup options (Antoine du Hamel) #38906
[8460a3216c] - doc: deprecate using non-boolean values in the verbatim option (Antoine du Hamel) #38906
[3041d57201] - doc: fix malformed changelog entries (Rich Trott) #39791
[2b02f747c3] - doc: fix lint errors in packages.md (Rich Trott) #39792
[a387600d8f] - doc: add example of self-reference in scoped packages (Jesús Leganés-Combarro 'piranna) #37630
[7a25bf3a6d] - doc: add himadriganguly as a triager (Himadri Ganguly) #39757
[d1900f43ce] - fs: combine require() and destructure (Colin Ihrig) #39806
[158d4464d2] - meta: add gyp as owner of gyp files and tools/gyp (Mary Marchini) #34847
[8fa38500f2] - policy: canonicalize before resolving specifiers (Bradley Farias) #37863
[a7a217be13] - repl: fix tla function hoisting (Don Jayamanne) #39745
[3a8399ee61] - src: return Maybe<bool> from InitializeContextRuntime() (Darshan Sen) #39695
[a704c9dfce] - (SEMVER-MINOR) src: call overload ctor from the original ctor (Darshan Sen) #39768
[0918ea0683] - (SEMVER-MINOR) src: add a constructor overload for CallbackScope (Darshan Sen) #39768
[a6d50a18a0] - (SEMVER-MINOR) stream: duplexify (Robert Nagy) #39519
[af7047a815] - (SEMVER-MINOR) stream: add isDisturbed helper (Robert Nagy) #39628
[f98311a7c8] - tools: update workflow to open a pull request (Rich Trott) #39825
[d33f897509] - tools: use find-inactive-collaborators to modify README.md (Rich Trott) #39825
[d82ee96861] - tools: update gyp-next to v0.9.5 (Jiawen Geng) #39818
[79079ea01b] - tools: fix markdown linting (Rich Trott) #39832
[01093b07cc] - tools: update markdown linter dependencies and move to ESM (Antoine du Hamel) #39801
[9dc0c91392] - tools: update rollup to latest version in markdown linter (Rich Trott) #39797
[c34e2534ab] - tools: update markdown lint dependencies (Rich Trott) #39770
[66400374de] - (SEMVER-MINOR) util: expose toUSVString (Robert Nagy) #39814

`v16.7.0`

Compare Source

Notable Changes

fs:
- experimental: add recursive cp method (Benjamin Coe) #39372

Commits

[a80c989306] - async_hooks: merge resource_symbol with owner_symbol (Darshan Sen) #38468
[69a2a6b6c3] - bootstrap: call _undestroy() inside _destroy for stdout and stderr (Matteo Collina) #39685
[5bc31ea0aa] - buffer: add endings option, remove Node.js specific encoding option (James M Snell) #39708
[091a579275] - (SEMVER-MINOR) buffer: add Blob.prototype.stream method and other cleanups (James M Snell) #39693
[097d898e58] - build: run coverage for inspector protocol changes (Richard Lau) #39725
[cf028df0ed] - build: fix V8 build with pointer compression (Michaël Zasso) #39664
[9d38400de1] - build: exclude markdown files from some GitHub Actions (Rich Trott) #39565
[eeb804a7b7] - build: use lts shorthand in GitHub Actions (Rich Trott) #39538
[93a904d0ba] - (SEMVER-MINOR) crypto: implement webcrypto.randomUUID (Michaël Zasso) #39648
[3321b65a5a] - debugger: prevent simultaneous heap snapshots (Rich Trott) #39638
[6c375e18b6] - debugger: remove undefined parameter (Rich Trott) #39570
[103bf20988] - deps: V8: cherry-pick 81814ed (Stephen Belanger) #39719
[cf5e5b5711] - deps: upgrade to libuv 1.42.0 (Luigi Pinca) #39525
[5f92d2fe6d] - dgram: use simplified validator (Voltrex) #39753
[c7e918b06a] - (SEMVER-MINOR) dns: add "tries" option to Resolve options (Luan Devecchi) #39610
[5d66646b71] - doc: correct cjs code to match mjs code (Raz Luvaton) #39509
[f18bb2a0f1] - doc: fix typo in hmac.paramNames default (Justin) #39766
[338a166e83] - doc: fix fs.rmdir recursive option deprecation history (Antoine du Hamel) #39728
[bfb1dc0a2c] - doc: fixed variable names in queueMicrotask example (ashish maurya) #39634
[08b31f12f8] - doc: change "Version 4 UUID" to "version 4 UUID" (Tobias Nießen) #39682
[f5200f9785] - doc: update debugger.md description and examples (Rich Trott) #39661
[4700f1e529] - doc: fix color contrast issue in light mode (Rich Trott) #39660
[88c83a4698] - (SEMVER-MINOR) doc: add missing change to resolver ctor (Luan Devecchi) #39610
[760cafa5ed] - doc: fix typo in url.md (Howie Zhao) #39666
[9ab5503693] - doc: add point to ask H1 reporter about credit (Daniel Bevenius) #39585
[7514405456] - doc: update min mac ver + move mac arm64 to tier 1 (Ash Cripps) #39586
[d7c8c6dcee] - doc: add missing introduced_in metadata (Richard Lau) #39575
[8072517097] - doc: add code examples to Writable.destroy() and Writable.destroyed (Juan José Arboleda) #39491
[55f47cc2d0] - doc: add String.prototype.at and %TypedArray%.prototype.at (Jordan Harband) #39583
[0c0412e2c4] - doc: move NODE_MODULE_VERSION in release guide (Richard Lau) #39544
[5df74f9b21] - doc: remove outdated ARM information from release guide (Richard Lau) #39544
[8eccb11ea0] - doc: fence command examples in release guide (Richard Lau) #39544
[0bd97e1f2d] - doc: update backport labels in release guide (Richard Lau) #39544
[2129ad6a0a] - doc: add code example to fs.truncate method (Juan José Arboleda) #39454
[3ff5e153ef] - doc: add code example to http.createServer method (Juan José Arboleda) #39455
[7d0c869cfa] - doc: add PerformanceObserver buffered document (legendecas) #39514
[0dc167a03f] - (SEMVER-MINOR) fs: add recursive cp method (Benjamin Coe) #39372
[54dd3df943] - http: decodes url.username and url.password for authorization header (Lew Gordon) #39310
[81e62f67bf] - inspector: update inspector_protocol to 89c4adf (Rich Trott) #39650
[793fee4915] - inspector: update inspector_protocol to 8ec18cf (Rich Trott) #39614
[5afdc1f4c0] - lib: simplify validators (Voltrex) #39753
[ca3cb96d25] - lib: cleanup validation (Voltrex) #39652
[cc08d3062f] - lib: cleanup instance validation (Voltrex) #39656
[2751cdf6f9] - lib: use helper for readability (Voltrex) #39649
[c68415cba2] - lib: use validators (Voltrex) #39663
[be2d60dd1d] - lib: use validator (Voltrex) #39547
[486d51ac0c] - lib: use validateObject (Voltrex) #39605
[058e882a2a] - lib: use ERR_ILLEGAL_CONSTRUCTOR (Mestery) #39556
[07cadc4432] - meta: consolidate AUTHORS entries for ooHmartY (Rich Trott) #39705
[6c788b8030] - meta: consolidate AUTHORS entries for homosaur (Rich Trott) #39705
[07351edebe] - meta: consolidate AUTHORS entries for Ayase-252 (Rich Trott) #39705
[5fe282769b] - meta: consolidate AUTHORS entries for robin-drexler (Rich Trott) #39705
[fc2a626357] - meta: consolidate AUTHORS entries for samshull (Rich Trott) #39705
[67cfc66a47] - meta: update AUTHORS (Rich Trott) #39705
[91008fbdeb] - meta: consolidate email addresses for MarshallOfSound (Rich Trott) #39651
[a76b63536a] - meta: consolidate email addresses for tadjik1 (Rich Trott) #39651
[aaab2095db] - meta: consolidate email addresses for szmarczak (Rich Trott) #39651
[f413a9d83c] - meta: update AUTHORS (Rich Trott) #39636
[7a91d4bfe9] - meta: simplify mailmap (Rich Trott) #39612
[4ec5d2de5d] - meta: consolidate emails for tadhgcreedon (Rich Trott) #39611
[bb88c38eac] - meta: consolidate emails for timcosta (Rich Trott) #39611
[0920a8cf6f] - meta: consolidate emails for timruffles (Rich Trott) #39611
[1474a9d4b1] - meta: update AUTHORS (Rich Trott) #39629
[c59e3ec685] - meta: add mailmap entry for ryzokuken (Rich Trott) #39596
[34f4bb8277] - meta: add mailmap entry for uttampawar (Rich Trott) #39596
[fd213edda2] - meta: add mailmap entry for dmabupt (Rich Trott) #39596
[6b664e224b] - meta: align README/.mailmap/AUTHORS email entries (Rich Trott) #39505
[96d8ecbd66] - meta: add mailmap entry for garygsc (Rich Trott) #39588
[16d85f3f48] - meta: add mailmap entry for ttzztztz (Rich Trott) #39588
[60ab111fdb] - meta: update AUTHORS (Rich Trott) #39587
[b43f87d729] - meta: update .mailmap to remove duplication in AUTHORS (Rich Trott) #39561
[6f4a2aa5a4] - meta: add .mailmap entries to remove AUTHORS duplicates (Rich Trott) #39560
[86d144c500] - meta: add .mailmap entry to remove duplication in AUTHORS (Rich Trott) #39559
[110c088f02] - meta: update collaborator email in AUTHORS/.mailmap (Rich Trott) #39521
[72af147bb5] - meta: update collaborator email in README (Rich Trott) #39521
[23bc4cfb21] - meta: update collaborator email in AUTHORS/.mailmap (Rich Trott) #39521
[e4289728c7] - meta: move gdams to emeritus (Rich Trott) #39539
[4df59bc727] - module: add some typings to internal/modules/esm/resolve (Antoine du Hamel) #39504
[b5858589d0] - node-api: handle pending exception in cb wrapper (Michael Dawson) #39476
[016b7ba616] - perf_hooks: fix PerformanceObserver gc crash (James M Snell) #39550
[b37575b67c] - perf_hooks: fix performance timeline wpt failures (legendecas) #39532
[64c02eb3cc] - (SEMVER-MINOR) perf_hooks: web performance timeline compliance (legendecas) #39297
[7ff21397d6] - policy: fix integrity when DEFAULT_ENCODING is set (Tobias Nießen) #39750
[03be967cad] - src: fix TextDecoder final flush size calculation (James M Snell) #39737
[9046e78943] - src: fix crash in AfterGetAddrInfo (Anna Henningsen) #39735
[2a00ef5ede] - (SEMVER-MINOR) src: fix align in cares_wrap.h (Luan) #39610
[60a2b31c68] - src: add cosmetic space character to async_wrap.h file (Juan José Arboleda) #39459
[cd9b0bf68c] - stream: ensure text() stream consumer flushes correctly (James M Snell) #39737
[f57a0e4d8b] - (SEMVER-MINOR) stream: utility consumers for web and node.js streams (James M Snell) #39594
[975edf5330] - stream: clean endWritableNT (Mestery) #39645
[9e38fc6757] - (SEMVER-MINOR) stream: add readableDidRead if has been read from (Robert Nagy) #39589
[a5ded4a85a] - test: use simplfied validator (voltrexmaster) #39753
[53cf53c95a] - (SEMVER-MINOR) test: enable blob.prototype.stream tests (James M Snell) #39693
[7e9884598f] - test: update WPT abort tests (Michaël Zasso) #39697
[94381fbdf5] - test: update WPT common and resources (Michaël Zasso) #39697
[34a041a846] - test: fix test-debugger-heap-profiler for workers (Richard Lau) #39687
[9f5acfa90e] - test: increase memory for coverage action (Benjamin Coe) #39690
[0be15cedc4] - test: use template to concatenate string (Himadri Ganguly) #39621
[952a5282e2] - (SEMVER-MINOR) test: pull Web Platform Tests for WebCryptoAPI (Michaël Zasso) #39648
[3622fb1e03] - test: deflake test-http2-buffersize (Luigi Pinca) #39591
[1962c7c7b3] - test: convert anonymous function to arrow function (Himadri Ganguly) #39604
[635e1a0274] - test: add test-debugger-breakpoint-exists (Rich Trott) #39570
[cff2aea5df] - test: add known issues test for debugger heap snapshot race (Rich Trott) #39557
[5e1011238a] - tools: bump remark-preset-lint-node to 3.0.0 (Rich Trott) #39755
[eb741253fd] - tools: update path-parse in markdown linter package-lock file (Rich Trott) #39729
[52a172f983] - tools: fix more build warnings in inspector_protocol (Richard Lau) #39725
[77f9c1fa98] - tools: cherry-pick ffb34b6 (Darshan Sen) #39725
[b9510d21c9] - tools: update inspector_protocol to e8ba1a7 (Rich Trott) #39694
[8d509d8773] - tools: update inspector_protocol to 39ca567 (Rich Trott) #39694
[ee7142fa37] - tools: update inspector_protocol to 97d3146 (Rich Trott) #39694
[c6323d847d] - Revert "tools: fix compiler warning in inspector_protocol" (Rich Trott) #39694
[6e19c166e4] - tools: update inspector_protocol to a53e96d (Rich Trott) #39694
[61c53f39d2] - tools: update inspector_protocol to fe0467f (Rich Trott) #39694
[b1b6f20353] - tools: improve error detection in find-inactive-collaborators (Rich Trott) #39617
[d1360fcf48] - tools: update ESLint to 7.32.0 (Luigi Pinca) #39602
[af1c782cad] - tools: update ESLint to 7.31.0 (Colin Ihrig) #39424
[37dda19461] - (SEMVER-MINOR) url,buffer: implement URL.createObjectURL (James M Snell) #39693
[dcab88ad38] - worker: add brand checks for detached properties/methods (James M Snell) #39763

`v16.6.2`

Compare Source

This is a security release.

Notable Changes

CVE-2021-3672/CVE-2021-22931: Improper handling of untypical characters in domain names (High)
- Node.js was vulnerable to Remote Code Execution, XSS, application crashes due to missing input validation of hostnames returned by Domain Name Servers in the Node.js DNS library which can lead to the output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library. You can read more about it at https://nvd.nist.gov/vuln/detail/CVE-2021-22931.
CVE-2021-22940: Use after free on close http2 on stream canceling (High)
- Node.js was vulnerable to a use after free attack where an attacker might be able to exploit memory corruption to change process behavior. This release includes a follow-up fix for CVE-2021-22930 as the issue was not completely resolved by the previous fix. You can read more about it at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22940.
CVE-2021-22939: Incomplete validation of rejectUnauthorized parameter (Low)
- If the Node.js HTTPS API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted. You can read more about it at https://nvd.nist.gov/vuln/detail/CVE-2021-22939.

Commits

[054537cdc2] - deps: update c-ares to 1.17.2 (Beth Griggs) #39724
[ac544905b6] - deps: reflect c-ares source tree (Beth Griggs) #39653
[a914b23cbc] - deps: apply missed updates from c-ares 1.17.1 (Beth Griggs) #39653
[31d5773654] - http2: add tests for cancel event while client is paused reading (Akshay K) #39622
[a3c33d4ce7] - http2: update handling of rst_stream with error code NGHTTP2_CANCEL (Akshay K) #39622
[6c7fff6f1d] - tls: validate "rejectUnauthorized: undefined" (Matteo Collina) nodejs-private/node-private#276

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

If you want to rebase/retry this MR, click this checkbox.

This MR has been generated by Renovate Bot.

Edited Nov 17, 2021 by Griefed

chore(deps): update node.js to v17

Release Notes

Notable Changes

Commits

Notable Changes

Fixed distribution for native addon builds

Fixed stream issues

Commits

Notable Changes

Deprecations and Removals

OpenSSL 3.0

V8 9.5

Readline Promise API

Other Notable Changes

Semver-Major Commits

Semver-Minor Commits

Semver-Patch Commits

Notable Changes

Notable Changes

Experimental ESM Loader Hooks API

Other Notable Changes

Commits

Notable changes

Commits

Notable Changes

Commits

Notable Changes

Commits

Notable Changes

Commits

Notable Changes

Corepack

V8 9.3

Other Notable Changes

Commits

Notable Changes

Commits

Notable Changes

Commits

Notable Changes

Commits

Configuration

Merge request reports