VitePress

Appearance

Return to top
On this page

Node.js 12 ChangeLog

LTS 'Erbium'Current
12.22.12
12.22.11
12.22.10
12.22.9
12.22.8
12.22.7
12.22.6
12.22.5
12.22.4
12.22.3
12.22.2
12.22.1
12.22.0
12.21.0
12.20.2
12.20.1
12.20.0
12.19.1
12.19.0
12.18.4
12.18.3
12.18.2
12.18.1
12.18.0
12.17.0
12.16.3
12.16.2
12.16.1
12.16.0
12.15.0
12.14.1
12.14.0
12.13.1
12.13.0
12.12.0
12.11.1
12.11.0
12.10.0
12.9.1
12.9.0
12.8.1
12.8.0
12.7.0
12.6.0
12.5.0
12.4.0
12.3.1
12.3.0
12.2.0
12.1.0
12.0.0

2022-04-05, Version 12.22.12 'Erbium' (LTS), @richardlau

Notable Changes

This is planned to be the final Node.js 12 release. Node.js 12 will reach End-of-Life status on 30 April 2022, after which it will no receive updates. You are strongly advised to migrate your applications to Node.js 16 or 14 (both of which are Long Term Support (LTS) releases) to continue to receive future security updates beyond 30 April 2022.

This release fixes a shutdown crash in Node-API (formerly N-API) and a potential stack overflow when using vm.runInNewContext().

The list of GPG keys used to sign releases and instructions on how to fetch the keys for verifying binaries has been synchronized with the main branch.

Commits

2022-03-17, Version 12.22.11 'Erbium' (LTS), @richardlau

This is a security release.

Notable changes

Update to OpenSSL 1.1.1n, which addresses the following vulnerability:

Fix for building Node.js 12.x with Visual Studio 2019 to allow us to continue to run CI tests.

Commits

2022-02-01, Version 12.22.10 'Erbium' (LTS), @ruyadorno

Notable changes

  • Upgrade npm to 6.14.16
  • Updated ICU time zone data

Commits

2022-01-10, Version 12.22.9 'Erbium' (LTS), @richardlau

This is a security release.

Notable changes

Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)

Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. Node.js was accepting URI SAN types, which PKIs are often not defined to use. Additionally, when a protocol allows URI SANs, Node.js did not match the URI correctly.

Versions of Node.js with the fix for this disable the URI SAN type when checking a certificate against a hostname. This behavior can be reverted through the --security-revert command-line option.

More details will be available at CVE-2021-44531 after publication.

Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)

Node.js converts SANs (Subject Alternative Names) to a string format. It uses this string to check peer certificates against hostnames when validating connections. The string format was subject to an injection vulnerability when name constraints were used within a certificate chain, allowing the bypass of these name constraints.

Versions of Node.js with the fix for this escape SANs containing the problematic characters in order to prevent the injection. This behavior can be reverted through the --security-revert command-line option.

More details will be available at CVE-2021-44532 after publication.

Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)

Node.js did not handle multi-value Relative Distinguished Names correctly. Attackers could craft certificate subjects containing a single-value Relative Distinguished Name that would be interpreted as a multi-value Relative Distinguished Name, for example, in order to inject a Common Name that would allow bypassing the certificate subject verification.

Affected versions of Node.js do not accept multi-value Relative Distinguished Names and are thus not vulnerable to such attacks themselves. However, third-party code that uses node's ambiguous presentation of certificate subjects may be vulnerable.

More details will be available at CVE-2021-44533 after publication.

Prototype pollution via console.table properties (Low)(CVE-2022-21824)

Due to the formatting logic of the console.table() function it was not safe to allow user controlled input to be passed to the properties parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be __proto__. The prototype pollution has very limited control, in that it only allows an empty string to be assigned numerical keys of the object prototype.

Versions of Node.js with the fix for this use a null protoype for the object these properties are being assigned to.

More details will be available at CVE-2022-21824 after publication.

Thanks to Patrik Oldsberg (rugvip) for reporting this vulnerability.

Commits

2021-12-16, Version 12.22.8 'Erbium' (LTS), @richardlau

Notable Changes

This release contains a c-ares update to fix a regression introduced in Node.js 12.22.5 resolving CNAME records containing underscores #39780.

Root certificates have been updated to those from Mozilla's Network Security Services 3.71 #40281.

Commits

2021-10-12, Version 12.22.7 'Erbium' (LTS), @danielleadams

This is a security release.

Notable changes

  • CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium)
    • The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will be available at CVE-2021-22959 after publication.
  • CVE-2021-22960: HTTP Request Smuggling when parsing the body (Medium)
    • The http parser ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions. More details will be available at CVE-2021-22960 after publication.

Commits

2021-08-31, Version 12.22.6 'Erbium' (LTS), @MylesBorins

This is a security release.

Notable Changes

These are vulnerabilities in the node-tar, arborist, and npm cli modules which are related to the initial reports and subsequent remediation of node-tar vulnerabilities CVE-2021-32803 and CVE-2021-32804. Subsequent internal security review of node-tar and additional external bounty reports have resulted in another 5 CVE being remediated in core npm CLI dependencies including node-tar, and npm arborist.

You can read more about it in:

Commits

2021-08-11, Version 12.22.5 'Erbium' (LTS), @BethGriggs

This is a security release.

Notable Changes

  • CVE-2021-3672/CVE-2021-22931: Improper handling of untypical characters in domain names (High)
    • Node.js was vulnerable to Remote Code Execution, XSS, application crashes due to missing input validation of hostnames returned by Domain Name Servers in the Node.js DNS library which can lead to the output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library. You can read more about it at https://nvd.nist.gov/vuln/detail/CVE-2021-22931.
  • CVE-2021-22940: Use after free on close http2 on stream canceling (High)
    • Node.js was vulnerable to a use after free attack where an attacker might be able to exploit memory corruption to change process behavior. This release includes a follow-up fix for CVE-2021-22930 as the issue was not completely resolved by the previous fix. You can read more about it at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22940.
  • CVE-2021-22939: Incomplete validation of rejectUnauthorized parameter (Low)
    • If the Node.js HTTPS API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted. You can read more about it at https://nvd.nist.gov/vuln/detail/CVE-2021-22939.

Commits

2021-07-29, Version 12.22.4 'Erbium' (LTS), @richardlau

This is a security release.

Notable Changes

  • CVE-2021-22930: Use after free on close http2 on stream canceling (High)

Commits

2021-07-05, Version 12.22.3 'Erbium' (LTS), @richardlau

Notable Changes

Node.js 12.22.2 introduced a regression in the Windows installer on non-English locales that is being fixed in this release. There is no need to download this release if you are not using the Windows installer.

Commits

  • [182f86a4d4] - win,msi: use localized "Authenticated Users" name (Richard Lau) #39241

2021-07-01, Version 12.22.2 'Erbium' (LTS), @richardlau

This is a security release.

Notable Changes

Vulnerabilities fixed:

  • CVE-2021-22918: libuv upgrade - Out of bounds read (Medium)
    • Node.js is vulnerable to out-of-bounds read in libuv's uv__idna_toascii() function which is used to convert strings to ASCII. This is called by Node's dns module's lookup() function and can lead to information disclosures or crashes. You can read more about it in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22918
  • CVE-2021-22921: Windows installer - Node Installer Local Privilege Escalation (Medium)
    • Node.js is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PATH and DLL hijacking. You can read more about it in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22921
  • CVE-2021-27290: npm upgrade - ssri Regular Expression Denial of Service (ReDoS) (High)
  • CVE-2021-23362: npm upgrade - hosted-git-info Regular Expression Denial of Service (ReDoS) (Medium)

Commits

2021-04-06, Version 12.22.1 'Erbium' (LTS), @mylesborins

This is a security release.

Notable Changes

Vulnerabilities fixed:

  • CVE-2021-3450: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High)
  • CVE-2021-3449: OpenSSL - NULL pointer deref in signature_algorithms processing (High)
  • CVE-2020-7774: npm upgrade - Update y18n to fix Prototype-Pollution (High)

Commits

2021-03-30, Version 12.22.0 'Erbium' (LTS), @richardlau

Notable changes

The legacy HTTP parser is runtime deprecated

The legacy HTTP parser, selected by the --http-parser=legacy command line option, is deprecated with the pending End-of-Life of Node.js 10.x (where it is the only HTTP parser implementation provided) at the end of April 2021. It will now warn on use but otherwise continue to function and may be removed in a future Node.js 12.x release.

The default HTTP parser based on llhttp is not affected. By default it is stricter than the now deprecated legacy HTTP parser. If interoperability with HTTP implementations that send invalid HTTP headers is required, the HTTP parser can be started in a less secure mode with the --insecure-http-parser command line option.

Contributed by Beth Griggs #37603.

ES Modules

ES Modules are now considered stable.

Contributed by Guy Bedford #35781

node-api

Updated to node-api version 8 and added an experimental API to allow retrieval of the add-on file name.

Contributed by Gabriel Schulhof #37652 and #37195.

New API's to control code coverage data collection

v8.stopCoverage() and v8.takeCoverage() have been added.

Contributed by Joyee Cheung #33807.

New API to monitor event loop utilization by Worker threads

worker.performance.eventLoopUtilization() has been added.

Contributed by Trevor Norris #35664.

Commits

  • [1872625990] - (SEMVER-MINOR) deps: update to cjs-module-lexer@1.1.0 (Guy Bedford) #37712
  • [dfa04d9035] - deps: V8: cherry-pick beebee4f80ff (Peter Marshall) #37293
  • [bf8733fe22] - doc: mark modules implementation as stable (Guy Bedford) #35781
  • [0a35d49f56] - Revert "embedding: make Stop() stop Workers" (Anna Henningsen) #32623
  • [a0b610450a] - (SEMVER-MINOR) http: runtime deprecate legacy HTTP parser (Beth Griggs) #37603
  • [2da24ac302] - lib: add URI handling functions to primordials (Antoine du Hamel) #37394
  • [7b0ed4ba92] - module: improve support of data: URLs (Antoine du Hamel) #37392
  • [93dd799a86] - (SEMVER-MINOR) node-api: define version 8 (Gabriel Schulhof) #37652
  • [f5692093d3] - (SEMVER-MINOR) node-api: allow retrieval of add-on file name (Gabriel Schulhof) #37195
  • [6cef0e3678] - src,test: add regression test for nested Worker termination (Anna Henningsen) #32623
  • [364bf03a68] - test: fix races in test-performance-eventlooputil (Gerhard Stoebich) #36028
  • [d7a4ccdf09] - test: correct test-worker-eventlooputil (Gerhard Stoebich) #35891
  • [0f6d44500c] - test: add cpu-profiler-crash test (Santiago Gimeno) #37293
  • [86f34ee18c] - (SEMVER-MINOR) v8: implement v8.stopCoverage() (Joyee Cheung) #33807
  • [8ddea3f16d] - (SEMVER-MINOR) v8: implement v8.takeCoverage() (Joyee Cheung) #33807
  • [eec7542781] - (SEMVER-MINOR) worker: add eventLoopUtilization() (Trevor Norris) #35664

2021-02-23, Version 12.21.0 'Erbium' (LTS), @richardlau

This is a security release.

Notable changes

Vulnerabilities fixed:

  • CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion
    • Affected Node.js versions are vulnerable to denial of service attacks when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory.
  • CVE-2021-22884: DNS rebinding in --inspect
    • Affected Node.js versions are vulnerable to denial of service attacks when the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the “localhost6” domain. As long as the attacker uses the “localhost6” domain, they can still apply the attack described in CVE-2018-7160.
  • CVE-2021-23840: OpenSSL - Integer overflow in CipherUpdate

Commits

2021-02-10, Version 12.20.2 'Erbium' (LTS), @ruyadorno

Notable changes

  • deps:
    • upgrade npm to 6.14.11 (Ruy Adorno) #37173

Commits

2021-01-04, Version 12.20.1 'Erbium' (LTS), @richardlau

Notable changes

This is a security release.

Vulnerabilities fixed:

  • CVE-2020-8265: use-after-free in TLSWrap (High) Affected Node.js versions are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits
  • CVE-2020-8287: HTTP Request Smuggling in nodejs Affected versions of Node.js allow two copies of a header field in a http request. For example, two Transfer-Encoding header fields. In this case Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling (https://cwe.mitre.org/data/definitions/444.html).
  • CVE-2020-1971: OpenSSL - EDIPARTYNAME NULL pointer de-reference (High) This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20201208.txt

Commits

2020-11-24, Version 12.20.0 'Erbium' (LTS), @mylesborins

Notable Changes

Commits

2020-11-16, Version 12.19.1 'Erbium' (LTS), @BethGriggs

Notable changes

This is a security release.

Vulnerabilities fixed:

  • CVE-2020-8277: Denial of Service through DNS request (High). A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service by getting the application to resolve a DNS record with a larger number of responses.

Commits

2020-10-06, Version 12.19.0 'Erbium' (LTS), @codebytere

Notable Changes

Commits

2020-09-15, Version 12.18.4 'Erbium' (LTS), @BethGriggs prepared by @targos

Notable Changes

This is a security release.

Vulnerabilities fixed:

  • CVE-2020-8201: HTTP Request Smuggling due to CR-to-Hyphen conversion (High).
  • CVE-2020-8252: fs.realpath.native on may cause buffer overflow (Medium).

Commits

2020-07-22, Version 12.18.3 'Erbium' (LTS), @codebytere

Notable Changes

  • deps:
    • upgrade npm to 6.14.6 (claudiahdz) #34246
    • update node-inspect to v2.0.0 (Jan Krems) #33447
    • uvwasi: cherry-pick 9e75217 (Colin Ihrig) #33521

Commits

2020-06-30, Version 12.18.2 'Erbium' (LTS), @BethGriggs

Notable changes

  • deps: V8: backport fb26d0bb1835 (Matheus Marchini) #33573
    • Fixes memory leak in PrototypeUsers::Add
  • src: use symbol to store AsyncWrap resource (Anna Henningsen) #31745
    • Fixes reported memory leak in #33468

Commits

2020-06-17, Version 12.18.1 'Erbium' (LTS), @codebytere

Notable Changes

  • deps:
    • V8: cherry-pick 548f6c81d424 (Dominykas Blyžė) #33484
    • update to uvwasi 0.0.9 (Colin Ihrig) #33445
    • upgrade to libuv 1.38.0 (Colin Ihrig) #33446
    • upgrade npm to 6.14.5 (Ruy Adorno) #33239

Commits

  • [ba93c8d87d] - async_hooks: clear async_id_stack for terminations in more places (Anna Henningsen) #33347
  • [964adfafa5] - buffer: improve copy() performance (Nikolai Vavilov) #33214
  • [af95bd70bd] - deps: V8: cherry-pick 548f6c81d424 (Dominykas Blyžė) #33484
  • [5c7176bf90] - deps: update to uvwasi 0.0.9 (Colin Ihrig) #33445
  • [402aa1b840] - deps: upgrade to libuv 1.38.0 (Colin Ihrig) #33446
  • [4d6f56a76a] - deps: upgrade npm to 6.14.5 (Ruy Adorno) #33239
  • [98a7026311] - doc: document module.path (Antoine du Hamel) #33323
  • [9572701705] - doc: add fs.open() multiple constants example (Ethan Arrowood) #33281
  • [7d8a226958] - doc: fix typos in handle scope descriptions (Tobias Nießen) #33267
  • [0c9b826ef8] - doc: update function description for decipher.setAAD (Jonathan Buhacoff) #33095
  • [4749156f4b] - doc: add comment about highWaterMark limit (Benjamin Gruenbaum) #33432
  • [a48aeb3f74] - doc: clarify about the Node.js-only extensions in perf_hooks (Joyee Cheung) #33199
  • [a9ed287f00] - doc: fix extension in esm example (Gus Caplan) #33408
  • [d2897a2836] - doc: enhance guides by fixing and making grammar more consistent (Chris Holland) #33152
  • [3d8ba292e2] - doc: add examples for implementing ESM (unknown) #33168
  • [318fcf8188] - doc: add note about clientError writable handling (Paolo Insogna) #33308
  • [30c9cb556f] - doc: fix typo in n-api.md (Daniel Bevenius) #33319
  • [9dde1db332] - doc: add warning for socket.connect reuse (Robert Nagy) #33204
  • [0c7cf24431] - doc: correct description of decipher.setAuthTag in crypto.md (Jonathan Buhacoff)
  • [59619b0c9a] - doc: mention python3-distutils dependency in BUILDING.md (osher) #33174
  • [0cee4c3eae] - doc: removed unnecessary util imports from vm examples (Karol Walasek) #33179
  • [903862089b] - doc: update Buffer(size) documentation (Nikolai Vavilov) #33198
  • [8b44be9b26] - doc: add Uint8Array to end and write (Pranshu Srivastava) #33217
  • [4a584200f8] - doc: specify unit of time passed to fs.utimes (Simen Bekkhus) #33230
  • [ad7a890597] - doc: add troubleshooting guide for AsyncLocalStorage (Andrey Pechkurov) #33248
  • [2262962ab7] - doc: remove AsyncWrap mentions from async_hooks.md (Andrey Pechkurov) #33249
  • [ac5cdd682a] - doc: add warnings about transferring Buffers and ArrayBuffer (James M Snell) #33252
  • [033bc96ec1] - doc: update napi_async_init documentation (Michael Dawson) #33181
  • [ea3a68f74f] - doc: doc and test URLSearchParams discrepancy (James M Snell) #33236
  • [c6cf0483f2] - doc: explicitly doc package.exports is breaking (Myles Borins) #33074
  • [e572cf93e5] - doc: fix style and grammer in buffer.md (Nikolai Vavilov) #33194
  • [5d80576889] - errors: skip fatal error highlighting on windows (Thomas) #33132
  • [a029dca90e] - esm: improve commonjs hint on module not found (Antoine du Hamel) #33220
  • [c129e8809e] - fs: forbid concurrent operations on Dir handle (Anna Henningsen) #33274
  • [aa4611cccb] - fs: clean up Dir.read() uv_fs_t data before calling into JS (Anna Henningsen) #33274
  • [fa4a37c57b] - http2: comment on usage of Object.create(null) (Pranshu Srivastava) #33183
  • [66dbaff848] - http2: add bytesWritten test for Http2Stream (Pranshu Srivastava) #33162
  • [59769c4d14] - lib: fix typo in timers insert function comment (Daniel Bevenius) #33301
  • [6881410951] - lib: refactored scheduling policy assignment (Yash Ladha) #32663
  • [9017bce54b] - lib: fix grammar in internal/bootstrap/loaders.js (szTheory) #33211
  • [d64dbfa1e7] - meta: add issue template for API reference docs (Derek Lewis) #32944
  • [4f6e4ae49d] - module: add specific error for dir import (Antoine du HAMEL) #33220
  • [77caf92314] - module: better error for named exports from cjs (Myles Borins) #33256
  • [82da74b1cd] - n-api: add uint32 test for -1 (Gabriel Schulhof)
  • [68551d22d2] - perf_hooks: fix error message for invalid entryTypes (Michaël Zasso) #33285
  • [e67df04df2] - src: use BaseObjectPtr in StreamReq::Dispose (James M Snell) #33102
  • [c797c7c7ab] - src: reduce duplication in RegisterHandleCleanups (Daniel Bevenius) #33421
  • [548db2e5b9] - src: remove unused IsolateSettings variable (Daniel Bevenius) #33417
  • [e668376b5b] - src: remove unused misc variable (Daniel Bevenius) #33417
  • [9883ba6ddd] - src: add promise_resolve to SetupHooks comment (Daniel Bevenius) #33365
  • [b924910fe7] - src: distinguish refed/unrefed threadsafe Immediates (Anna Henningsen) #33320
  • [29d24db914] - src: add #include <string> in json_utils.h (Cheng Zhao) #33332
  • [a0bc2e3b64] - src: replace to CHECK_NOT_NULL in node_crypto (himself65) #33383
  • [1f159e45f2] - src: add primordials to arguments comment (Daniel Bevenius) #33318
  • [fe780a5fe0] - src: remove unused using declarations in node.cc (Daniel Bevenius) #33261
  • [82c43d1594] - src: delete unused variables to resolve compile time print warning (rickyes) #33358
  • [548672d39c] - src: use MaybeLocal.ToLocal instead of IsEmpty (Daniel Bevenius) #33312
  • [f27ae6ef46] - src: fix typo in comment in async_wrap.cc (Daniel Bevenius) #33350
  • [b6300793fb] - src: remove unnecessary Isolate::GetCurrent() calls (Anna Henningsen) #33298
  • [642f81317e] - src: fix invalid windowBits=8 gzip segfault (Ben Noordhuis) #33045
  • [a5e8c5ce0d] - src: split out callback queue implementation from Environment (Anna Henningsen) #33272
  • [ed62d43e79] - src: clean up large pages code (Gabriel Schulhof) #33255
  • [c05483483f] - Revert "src: add test/abort build tasks" (Richard Lau) #33196
  • [b43fc64aa7] - Revert "src: add aliased-buffer-overflow abort test" (Richard Lau) #33196
  • [edf75e4299] - src: use basename(argv0) for --trace-uncaught suggestion (Anna Henningsen) #32798
  • [4294d92b26] - stream: make from read one at a time (Robert Nagy) #33201
  • [194789f25b] - stream: make all streams error in a pipeline (Matteo Collina) #30869
  • [5da7d52a9f] - test: regression tests for async_hooks + Promise + Worker interaction (Anna Henningsen) #33347
  • [9f594be75a] - test: fix test-dns-idna2008 (Rich Trott) #33367
  • [33a787873f] - test: refactor WPTRunner (Joyee Cheung) #33297
  • [fa1631355f] - test: update WPT interfaces and hr-time (Joyee Cheung) #33297
  • [c459832e4b] - test: fix test-net-throttle (Rich Trott) #33329
  • [cd92052935] - test: add hr-time Web platform tests (Michaël Zasso) #33287
  • [0177cbf9e0] - test: rename test-lookupService-promises (rickyes) #33100
  • [139eb6bd68] - test: skip some console tests on dumb terminal (Adam Majer) #33165
  • [1766514c5b] - test: add tests for options.fs in fs streams (Julian Duque) #33185
  • [7315c2288a] - tls: fix --tls-keylog option (Alba Mendez) #33366
  • [e240d56983] - tools: update dependencies for markdown linting (Rich Trott) #33412
  • [2645b1c85b] - tools: update ESLint to 7.0.0 (Colin Ihrig) #33316
  • [cdd7d3a66d] - tools: remove obsolete no-restricted-syntax eslint rules (Ruben Bridgewater) #32161
  • [5d5e66c10c] - tools: add eslint rule to only pass through 'test' to debuglog (Ruben Bridgewater) #32161
  • [22f2c2c871] - wasi: fix poll_oneoff memory interface (Colin Ihrig) #33250
  • [33aacbefb1] - wasi: prevent syscalls before start (Tobias Nießen) #33235
  • [5eed20b3b7] - worker: fix race condition in node_messaging.cc (Anna Henningsen) #33429
  • [b4d903402b] - worker: fix crash when .unref() is called during exit (Anna Henningsen) #33394
  • [8a926982e5] - worker: call CancelTerminateExecution() before exiting Locker (Anna Henningsen) #33347
  • [631e433cf5] - zlib: reject windowBits=8 when mode=GZIP (Ben Noordhuis) #33045

2020-06-02, Version 12.18.0 'Erbium' (LTS), @targos

Notable changes

This is a security release.

Vulnerabilities fixed:

  • CVE-2020-8172: TLS session reuse can lead to host certificate verification bypass (High).
  • CVE-2020-11080: HTTP/2 Large Settings Frame DoS (Low).
  • CVE-2020-8174: napi_get_value_string_*() allows various kinds of memory corruption (High).

Commits

2020-05-26, Version 12.17.0 'Erbium' (LTS), @targos

Notable Changes

ECMAScript Modules - --experimental-modules flag removal

As of Node.js 12.17.0, the --experimental-modules flag is no longer necessary to use ECMAScript modules (ESM). However, the ESM implementation in Node.js remains experimental. As per our stability index: “The feature is not subject to Semantic Versioning rules. Non-backward compatible changes or removal may occur in any future release.” Users should be cautious when using the feature in production environments.

Unlike Node.js 14, using ESM will still emit a runtime experimental warning, either when a module is used at the application's entrypoint or the first time dynamic import() is called.

Please keep in mind that the implementation of ESM in Node.js differs from the developer experience you might be familiar with. Most transpilation workflows support features such as named exports from CommonJS module imports, optional file extensions or JSON modules that the Node.js ESM implementation does not support. It is highly likely that modules from transpiled environments will require a certain degree of refactoring to work in Node.js. It is worth mentioning that many of our design decisions were made with two primary goals. Spec compliance and Web Compatibility. It is our belief that the current implementation offers a future proof model to authoring ESM modules that paves the path to Universal JavaScript. Please read more in our documentation.

The ESM implementation in Node.js is still experimental but we do believe that we are getting very close to being able to call ESM in Node.js “stable”. Removing the flag is a huge step in that direction.

We expect to remove the warning Node.js 12 later this year, possibly in late October, when Node.js 14 will become LTS.

AsyncLocalStorage API (experimental)

The AsyncLocalStorage class has been introduced in the Async Hooks module.

This API allows keeping a context across asynchronous operations. For instance, if a sequence id is stored within an instance of AsyncLocalStorage for each HTTP request entering in a server, it will be possible to retrieve this id without having access the current HTTP request:

const http = require('http');
const { AsyncLocalStorage } = require('async_hooks');

const asyncLocalStorage = new AsyncLocalStorage();

function logWithId(msg) {
  const id = asyncLocalStorage.getStore();
  console.log(`${id !== undefined ? id : '-'}: `, msg);
}

let idSeq = 0;
http.createServer((req, res) => {
  asyncLocalStorage.run(idSeq++, () => {
    logWithId('start');
    // Imagine any chain of async operations here.
    setImmediate(() => {
      logWithId('finish');
      res.end();
    });
  });
}).listen(8080);

In this example, the logWithId function will always know what the current request id is, even when there are multiple requests in parallel.

What can this API be used for

Use cases of this API include:

  • Logging
  • User identification
  • Performance tracking
  • Error tracking and handling
  • Much more!

Note: This API is still experimental and some methods might change in future releases of Node.js

Contributed by Vladimir de Turckheim - #26540.

REPL previews

If further input is predicable, a suggestion is inserted as preview.

The REPL now supports previews similar to the Chrome DevTools console. An input suggestion is inserted as preview in case further input is predicable. The suggestion may be accepted by either pressing <TAB> or <RIGHT> at the end of the input. On top of that, output is previewed when entering variable names or function calls that have no side effect.

imageimage

Check the preview in action and try it out on your own. Just access the REPL on your terminal by starting the Node.js executable without any further command.

Contributed by Ruben Bridgewater - #30907, #30811.

The REPL supports bi-directional reverse-i-search similar to ZSH. It is triggered with <ctrl> + R to search backwards and <ctrl> + S to search forwards.

Entries are accepted as soon as any button is pressed that doesn't correspond with the reverse search. Cancelling is possible by pressing escape or <ctrl> + C.

Changing the direction immediately searches for the next entry in the expected direction from the current position on.

image

Reverse-i-search in action.

Contributed by Ruben Bridgewater - #31006.

It is now possible to access former history entries very fast by writing the first characters of the formerly entered code you are looking for. Then push <UP> or <DOWN> to go through the history entries that start with those characters.

It works similar to the Fish Shell substring-based history search.

Contributed by Ruben Bridgewater - #31112.

Error monitoring

Monitoring error events

It is now possible to monitor 'error' events on an EventEmitter without consuming the emitted error by installing a listener using the symbol EventEmitter.errorMonitor:

const myEmitter = new MyEmitter();

myEmitter.on(EventEmitter.errorMonitor, (err) => {
  MyMonitoringTool.log(err);
});

myEmitter.emit('error', new Error('whoops!'));
// Still throws and crashes Node.js

Contributed by Gerhard Stoebich - #30932.

Monitoring uncaught exceptions

It is now possible to monitor 'uncaughtException' events without overriding the default behavior that exits the process by installing an 'uncaughtExceptionMonitor' listener:

process.on('uncaughtExceptionMonitor', (err, origin) => {
  MyMonitoringTool.logSync(err, origin);
});

// Intentionally cause an exception, but do not catch it.
nonexistentFunc();
// Still crashes Node.js

Contributed by Gerhard Stoebich - #31257.

File system APIs

New function: fs.readv

This new function (along with its sync and promisified versions) takes an array of ArrayBufferView elements and will write the data it reads sequentially to the buffers.

Contributed by Sk Sajidul Kadir - #32356.

Optional parameters in fs.read

A new overload is available for fs.read (along with its sync and promisified versions), which allows to optionally pass any of the offset, length and position parameters.

Contributed by Lucas Holmquist - #31402.

Console groupIndentation option

The Console constructor (require('console').Console) now supports different group indentations.

This is useful in case you want different grouping width than 2 spaces.

const { Console } = require('console');
const customConsole = new Console({
  stdout: process.stdout,
  stderr: process.stderr,
  groupIndentation: 10
});

customConsole.log('foo');
// 'foo'
customConsole.group();
customConsole.log('foo');
//           'foo'

Contributed by rickyes - #32964.

maxStringLength option for util.inspect()

It is now possible to limit the length of strings while inspecting objects. This is possible by passing through the maxStringLength option similar to:

const { inspect } = require('util');

const string = inspect(['a'.repeat(1e8)], { maxStringLength: 10 });

console.log(string);
// "[ 'aaaaaaaaaa'... 99999990 more characters ]"

Contributed by rosaxny - #32392.

Stable N-API release 6

The following N-API features are now stable as part of the N-API 6 release:

Stable diagnostic reports

The Diagnostic Report feature is now stable and supports a new --report-compact flag to write the reports in a compact, single-line JSON format, more easily consumable by log processing systems than the default multi-line format designed for human consumption.

Increase of the default server headers timeout

The default value of server.headersTimeout for http and https servers was increased from 40000 to 60000 (60 seconds). This to accomodate for systems like AWS ELB that have a timeout of 60 seconds.

Contributed by Tim Costa - #30071.

Other changes

  • cli:
    • Added a --trace-sigint CLI flag that will print the current execution stack on SIGINT (legendecas) #29207.
  • crypto:
    • Various crypto APIs now support Diffie-Hellman secrets (Tobias Nießen) #31178.
  • dns:
    • Added the dns.ALL flag, that can be passed to dns.lookup() with dns.V4MAPPED to return resolved IPv6 addresses as well as IPv4 mapped IPv6 addresses (murgatroid99) #32183.
  • module
    • Added a new experimental API to interact with Source Map V3 data (Benjamin Coe) #31132.
  • worker:
    • Added support for passing a transferList along with workerData to the Worker constructor (Juan José Arboleda) #32278.

Commits

Semver-minor commits

  • [a35e88caf5] - (SEMVER-MINOR) async_hooks: merge run and exit methods (Andrey Pechkurov) #31950
  • [3eb34068a2] - (SEMVER-MINOR) async_hooks: prevent sync methods of async storage exiting outer context (Stephen Belanger) #31950
  • [22db34caa7] - (SEMVER-MINOR) async_hooks: add sync enterWith to ALS (Stephen Belanger) #31945
  • [16e8b11708] - (SEMVER-MINOR) async_hooks: introduce async-context API (Vladimir de Turckheim) #26540
  • [f7adfcc1df] - (SEMVER-MINOR) async_hooks: add executionAsyncResource (Matteo Collina) #30959
  • [984ae304f2] - (SEMVER-MINOR) build: make --without-report a no-op (Colin Ihrig) #32242
  • [e67b97ee53] - (SEMVER-MINOR) cli: allow --huge-max-old-generation-size in NODE_OPTIONS (Anna Henningsen) #32251
  • [154b18ffca] - (SEMVER-MINOR) console: support console constructor groupIndentation option (rickyes) #32964
  • [40253cc1c8] - (SEMVER-MINOR) crypto: add crypto.diffieHellman (Tobias Nießen) #31178
  • [1977136a19] - (SEMVER-MINOR) crypto: add DH support to generateKeyPair (Tobias Nießen) #31178
  • [9f85585b13] - (SEMVER-MINOR) crypto: add key type 'dh' (Tobias Nießen) #31178
  • [6ffe4ed3b5] - (SEMVER-MINOR) deps: upgrade to libuv 1.37.0 (Colin Ihrig) #32866
  • [2d7a7592ec] - (SEMVER-MINOR) deps: upgrade to libuv 1.36.0 (Colin Ihrig) #32866
  • [ae83f0f993] - (SEMVER-MINOR) deps: upgrade to libuv 1.35.0 (Colin Ihrig) #32204
  • [b7d264edaf] - (SEMVER-MINOR) dns: add dns.ALL hints flag constant (murgatroid99) #32183
  • [fd2486ea44] - (SEMVER-MINOR) doc: update stability of report features (Colin Ihrig) #32242
  • [90d35adccd] - (SEMVER-MINOR) doc,lib,src,test: make --experimental-report a nop (Colin Ihrig) #32242
  • [93226a5097] - (SEMVER-MINOR) esm: unflag --experimental-modules (Guy Bedford) #29866
  • [8c497f8969] - (SEMVER-MINOR) events: allow monitoring error events (Gerhard Stoebich) #30932
  • [a100709fa8] - (SEMVER-MINOR) fs: make parameters optional for readSync (Lucas Holmquist) #32460
  • [6601fac06a] - (SEMVER-MINOR) fs: add fs.readv() (Sk Sajidul Kadir) #32356
  • [16a913f702] - (SEMVER-MINOR) fs: make fs.read params optional (Lucas Holmquist) #31402
  • [7260ede9e6] - (SEMVER-MINOR) fs: return first folder made by mkdir recursive (Benjamin Coe) #31530
  • [a15e712ef6] - (SEMVER-MINOR) fs: allow overriding fs for streams (Robert Nagy) #29083
  • [b5983213c1] - (SEMVER-MINOR) lib: add option to disable __proto__ (Gus Caplan) #32279
  • [784fb8f08c] - (SEMVER-MINOR) module: add API for interacting with source maps (Benjamin Coe) #31132
  • [e22d853c5d] - (SEMVER-MINOR) n-api: define release 6 (Gabriel Schulhof) #32058
  • [f56c4dd933] - (SEMVER-MINOR) n-api: add napi_get_all_property_names (himself65) #30006
  • [9eeee0d9f2] - (SEMVER-MINOR) perf_hooks: add property flags to GCPerformanceEntry (Kirill Fomichev) #29547
  • [5ec9295034] - (SEMVER-MINOR) process: report ArrayBuffer memory in memoryUsage() (Anna Henningsen) #31550
  • [de3603f0a6] - (SEMVER-MINOR) process: allow monitoring uncaughtException (Gerhard Stoebich) #31257
  • [cf28afeeb6] - (SEMVER-MINOR) readline,repl: improve history up/previous (Ruben Bridgewater) #31112
  • [a0eb3e4ed2] - (SEMVER-MINOR) readline,repl: skip history entries identical to the current line (Ruben Bridgewater) #31112
  • [d7e153bddb] - (SEMVER-MINOR) readline,repl: add substring based history search (Ruben Bridgewater) #31112
  • [936c85c309] - (SEMVER-MINOR) repl: implement reverse search (Ruben Bridgewater) #31006
  • [bf9ff16412] - (SEMVER-MINOR) repl: add completion preview (Ruben Bridgewater) #30907
  • [b14440fb5c] - (SEMVER-MINOR) repl: support previews by eager evaluating input (Ruben Bridgewater) #30811
  • [0b310df532] - (SEMVER-MINOR) src: unconditionally include report feature (Colin Ihrig) #32242
  • [394487e3e8] - (SEMVER-MINOR) src: create a getter for kernel version (Juan José Arboleda) #31732
  • [4ec25b4865] - (SEMVER-MINOR) src,cli: support compact (one-line) JSON reports (Sam Roberts) #32254
  • [b038ad91f5] - (SEMVER-MINOR) src,lib: make ^C print a JS stack trace (legendecas) #29207
  • [6348fae690] - (SEMVER-MINOR) tls: expose SSL_export_keying_material (simon) #31814
  • [6aa3869688] - (SEMVER-MINOR) util: add maxStrLength option to inspect function (unknown) #32392
  • [eda6665799] - (SEMVER-MINOR) vm: add code cache support for SourceTextModule (Gus Caplan) #31278
  • [5c81b8d814] - (SEMVER-MINOR) wasi: add returnOnExit option (Colin Ihrig) #32101
  • [ca4e65273f] - (SEMVER-MINOR) worker: support MessagePort to workers data (Juan José Arboleda) #32278
  • [217e3dfea6] - (SEMVER-MINOR) worker: allow URL in Worker constructor (Antoine du HAMEL) #31664
  • [ab8f38b551] - (SEMVER-MINOR) worker: add ability to take heap snapshot from parent thread (Anna Henningsen) #31569

Semver-patch commits

  • [06d607d50f] - async_hooks: fix ctx loss after nested ALS calls (Andrey Pechkurov) #32085
  • [96d1f14005] - async_hooks: add store arg in AsyncLocalStorage (Andrey Pechkurov) #31930
  • [b4ca132254] - async_hooks: executionAsyncResource matches in hooks (Gerhard Stoebich) #31821
  • [02f99d289d] - buffer: add type check in bidirectionalIndexOf (Gerhard Stoebich) #32770
  • [b53193a33b] - buffer: mark pool ArrayBuffer as untransferable (Anna Henningsen) #32759
  • [b555a772cc] - build: fix vcbuild error for missing Visual Studio (Thomas) #32658
  • [6f1931de25] - build: remove .git folders when testing V8 (Richard Lau) #32877
  • [c0805f0cab] - build: add configure flag to build V8 with DCHECKs (Anna Henningsen) #32787
  • [60660c35ee] - build: use same flags as V8 for ASAN (Matheus Marchini) #32776
  • [26fee8b323] - build: remove .txt files from .gitignore (Rich Trott) #32710
  • [70eaba12a1] - build: remove node_report option in node.gyp (Colin Ihrig) #32242
  • [e765d597fd] - build: add missing comma in node.gyp (Colin Ihrig) #31959
  • [49ddd36f13] - build: fix building with ninja (Richard Lau) #32071
  • [e097980cfe] - build: warn upon --use-largepages config option (Gabriel Schulhof) #31103
  • [c3efd2cb9a] - build: switch realpath to pwd (Benjamin Coe) #31095
  • [0190a62f58] - build: re-introduce --use-largepages as no-op (Gabriel Schulhof)
  • [e2a090b693] - build: enable loading internal modules from disk (Gus Caplan) #31321
  • [c4da682437] - cli, report: move --report-on-fatalerror to stable (Colin Ihrig) #32496
  • [e05c29db3f] - cluster: fix error on worker disconnect/destroy (Santiago Gimeno) #32793
  • [d217b792bc] - cluster: removed unused addressType argument from constructor (Yash Ladha) #32963
  • [71bccdde76] - crypto: check DiffieHellman p and g params (Ben Noordhuis) #32739
  • [c1b767471a] - crypto: generator must be int32 in DiffieHellman() (Ben Noordhuis) #32739
  • [4236175878] - crypto: key size must be int32 in DiffieHellman() (Ben Noordhuis) #32739
  • [0847bc3788] - crypto: simplify exportKeyingMaterial (Tobias Nießen) #31922
  • [907252d4cf] - crypto: improve errors in DiffieHellmanGroup (Tobias Nießen) #31445
  • [30633acf20] - crypto: assign and use ERR_CRYPTO_UNKNOWN_CIPHER (Tobias Nießen) #31437
  • [5dab489d50] - crypto: simplify DH groups (Tobias Nießen) #31178
  • [5c0232a632] - deps: backport ICU-21081 for ICU 67.x (constexpr) (Steven R. Loomis) #33337
  • [2d76ae7497] - deps: update to ICU 67.1 (Michaël Zasso) #33337
  • [e073da095e] - deps: update to uvwasi 0.0.8 (Colin Ihrig) #33078
  • [eb33d523da] - deps: V8: backport 3f8dc4b2e5ba (Ujjwal Sharma) #32993
  • [56313daff6] - deps: V8: cherry-pick e1eac1b16c96 (Milad Farazmand) #32974
  • [65db9b210d] - deps: fix zlib compilation for CPUs without SIMD features (Anna Henningsen) #32627
  • [1b53e179b8] - deps: update zlib to upstream d7f3ca9 (Sam Roberts) #31800
  • [9a89718410] - deps: move zlib maintenance info to guides (Sam Roberts) #31800
  • [9e33f97c4e] - deps: switch to chromium's zlib implementation (Brian White) #31201
  • [322a9986fe] - dgram: make UDPWrap more reusable (Anna Henningsen) #31871
  • [ea4302bd46] - errors: drop pronouns from ERR_WORKER_PATH message (Colin Ihrig) #32285
  • [daf1d842cc] - esm: improve commonjs hint on module not found (Daniele Belardi) #31906
  • [7410e8d63a] - esm: port loader code to JS (Anna Henningsen) #32201
  • [3241aee0f7] - events: convert errorMonitor to a normal property (Gerhard Stoebich) #31848
  • [2093f13333] - fs: update validateOffsetLengthRead in utils.js (daemon1024) #32896
  • [9c18838e8e] - fs: remove unnecessary else statement (Jesus Hernandez) #32662
  • [6d6bb2a3dc] - fs: use finished over destroy w/ cb (Robert Nagy) #32809
  • [bde08377a1] - fs: fix fs.read when passing null value (himself65) #32479
  • [ebd9090240] - http: disable headersTimeout check when set to zero (Paolo Insogna) #33307
  • [a3decf5e59] - http: simplify sending header (Robert Nagy) #33200
  • [12b8345db8] - http, async_hooks: remove unneeded reference to wrapping resource (Gerhard Stoebich) #32054
  • [d60988161d] - http,https: increase server headers timeout (Tim Costa) #30071
  • [d883024884] - http2: wait for secureConnect before initializing (Benjamin Coe) #32958
  • [79e95e49f7] - inspector: only write coverage in fully bootstrapped Environments (Joyee Cheung) #32960
  • [9570644194] - lib: cosmetic change to builtinLibs list for maintainability (James M Snell) #33106
  • [6356ad42ab] - lib: fix validateport error message when allowZero is false (rickyes) #32861
  • [698e21b346] - lib: add warning on dynamic import es modules (Juan José Arboleda) #30720
  • [4dba3fcafd] - lib: unnecessary const assignment for class (Yash Ladha) #32962
  • [84571cec7e] - lib: remove unnecesary else block (David Daza) #32644
  • [5885b37bcc] - lib: created isValidCallback helper (Yash Ladha) #32665
  • [5b1c34651e] - lib: removed unused error code (Yash Ladha) #32481
  • [965452dbad] - lib: replace Array to ArrayIsArray by primordials (himself65) #32258
  • [434ca8766a] - lib: move isLegalPort to validators, refactor (James M Snell) #31851
  • [65ebfb2f12] - lib: delete dead code in SourceMap (Justin Ridgewell) #31512
  • [b1f08b8359] - module: no type module resolver side effects (Guy Bedford) #33086
  • [a1fa180079] - module: partial doc removal of --experimental-modules (Myles Borins) #32915
  • [195043f910] - module: refactor condition (Myles Borins) #32989
  • [1811a10415] - module: exports not exported for null resolutions (Guy Bedford) #32838
  • [3dc3772bb0] - module: improve error for invalid package targets (Myles Borins) #32052
  • [6489a5b1d8] - module: fix memory leak when require error occurs (Qinhui Chen) #32837
  • [b62910c851] - module: expose exports conditions to loaders (Jan Krems) #31303
  • [b62db597af] - module: port source map sort logic from chromium (Benjamin Coe) #31927
  • [4d7f9869f3] - n-api: simplify uv_idle wrangling (Ben Noordhuis) #32997
  • [d08be9c8ca] - n-api: fix false assumption on napi_async_context structures (legendecas) #32928
  • [fbd39436a0] - n-api: fix comment on expected N-API version (Michael Dawson) #32236
  • [d50fe6c1ea] - path: fix comment grammar (thecodrr) #32942
  • [8dcb22f735] - perf_hooks: remove unnecessary assignment when name is undefined (rickyes) #32910
  • [f537377957] - process: fix two overflow cases in SourceMap VLQ decoding (Justin Ridgewell) #31490
  • [7582bce58d] - readline: improve unicode support and tab completion (Ruben Bridgewater) #31288
  • [5231c84396] - readline: move charLengthLeft() and charLengthAt() (Ruben Bridgewater) #31112
  • [03efa716f0] - readline: improve getStringWidth() (Ruben Bridgewater) #31112
  • [e894eeb22d] - readline: set null as callback return in case there's no error (Ruben Bridgewater) #31006
  • [3946cadf89] - readline: small refactoring (Ruben Bridgewater) #31006
  • [0bafe087e4] - readline: update ansi-regex (Ruben Bridgewater) #30907
  • [4e9e4402c5] - readline,repl: support tabs properly (Ruben Bridgewater) #31112
  • [3903aec0b4] - repl: align preview with the actual executed code (Ruben Bridgewater) #32154
  • [709d3e5eb3] - repl: eager-evaluate input in parens (Shelley Vohr) #31943
  • [ce5c9d771c] - repl: do not preview while pasting code (Ruben Bridgewater) #31315
  • [3867f2095e] - repl: fix preview cursor position (Ruben Bridgewater) #31293
  • [ee40b67413] - repl: change preview default in case of custom eval functions (Ruben Bridgewater) #31259
  • [a4ca3787ea] - repl: activate previews for lines exceeding the terminal columns (Ruben Bridgewater) #31112
  • [a892b4d00c] - repl: improve preview length calculation (Ruben Bridgewater) #31112
  • [9abe0e32d8] - repl: use public getCursorPos() (Colin Ihrig) #31091
  • [85f8654415] - repl: fix preview of lines that exceed the terminal columns (Ruben Bridgewater) #31006
  • [47dfa22adb] - repl: fix preview bug in case of long lines (Ruben Bridgewater) #30907
  • [7131de5f77] - repl: improve completion (Ruben Bridgewater) #30907
  • [61886507ce] - repl: simplify code (Ruben Bridgewater) #30907
  • [9b893e1bee] - repl: simplify repl autocompletion (Ruben Bridgewater) #30907
  • [78dcdee35f] - repl: remove dead code (Ruben Bridgewater) #30907
  • [f588301f2d] - repl,readline: clean up code (Ruben Bridgewater) #31288
  • [8be00314a6] - repl,readline: refactor for simplicity (Ruben Bridgewater) #30907
  • [6eda28c69f] - repl,readline: refactor common code (Ruben Bridgewater) #30907
  • [f945a5e3e1] - report: fix stderr matching for fatal error (gengjiawen) #32699
  • [4b96fc522c] - report: add missing locks for report_on_fatalerror accessors (Anna Henningsen) #32535
  • [c126d28c2e] - report: handle on-fatalerror better (Harshitha KP) #32207
  • [85ef383bc5] - src: remove unused v8 Message namespace (Adrian Estrada) #33180
  • [ffca498ca2] - src: use unique_ptr for CachedData in ContextifyScript::New (Anna Henningsen) #33113
  • [b3f0417830] - src: return undefined when validation err == 0 (James M Snell) #33107
  • [1436977984] - src: crypto::UseSNIContext to use BaseObjectPtr (James M Snell) #33107
  • [6b1e2359c2] - src: separate out NgLibMemoryManagerBase (James M Snell) #33104
  • [8864353c6e] - src: remove unnecessary fully qualified names (rickyes) #33077
  • [62f29534de] - src: add AsyncWrapObject constructor template factory (Stephen Belanger) #33051
  • [08b66f223d] - src: do not compare against wide characters (Christopher Beeson) #32921
  • [60db9afde5] - src: fix empty-named env var assertion failure (Christopher Beeson) #32921
  • [b893c5b7ba] - src: assignment to valid type (Yash Ladha) #32879
  • [846d7bdbbf] - src: delete MicroTaskPolicy namespace (Juan José Arboleda) #32853
  • [05059a2469] - src: use using NewStringType (rickyes) #32843
  • [cf16cb7ed5] - src: fix null deref in AllocatedBuffer::clear (Matt Kulukundis) #32892
  • [0745f8884c] - src: remove validation of unreachable code (Juan José Arboleda) #32818
  • [9c216640d7] - src: elevate v8 namespaces (Nimit) #32872
  • [71bdcaeac7] - src: remove redundant v8::HeapSnapshot namespace (Juan José Arboleda) #32854
  • [bb1481fd23] - src: remove unused using in node_worker.cc (Daniel Bevenius) #32840
  • [8a38726826] - src: ignore GCC -Wcast-function-type for v8.h (Daniel Bevenius) #32679
  • [c26637b7da] - src: remove unused v8 Array namespace (Juan José Arboleda) #32749
  • [c0d3fc28ec] - src: sync access for report and openssl options (Sam Roberts) #32618
  • [9a010a3ea5] - src: munmap(2) upon class instance destructor (Gabriel Schulhof) #32570
  • [06953df051] - src: fix extra includes of "env.h" and "env-inl.h" (Nick Kreeger) #32293
  • [7432d0a170] - src: avoid using elevated v8 namespaces in node_perf.h (James M Snell) #32468
  • [6175a22b87] - src: avoid using elevated v8 namespaces in node_errors.h (James M Snell) #32468
  • [464ff85ddd] - src: remove loop_init_failed_ from Worker class (Anna Henningsen) #32562
  • [9f6ed724e0] - src: clean up worker thread creation code (Anna Henningsen) #32562
  • [73c55d39f3] - src: include AsyncWrap provider strings in snapshot (Anna Henningsen) #32572
  • [29eca36ea8] - src: move JSONWriter into its own file (Anna Henningsen) #32552
  • [8e3dd47db7] - src: handle report options on fatalerror (Sam Roberts) #32497
  • [e0351945bc] - src: refactoring and cleanup of node_i18n (James M Snell) #32438
  • [23f8f35022] - src: unify Linux and FreeBSD large pages implem (Gabriel Schulhof) #32534
  • [16d85d9328] - src: fix compiler warnings in node_report_module (Daniel Bevenius) #32498
  • [58aadcdacf] - src: simplify large pages mapping code (Gabriel Schulhof) #32396
  • [2da974e15e] - src: use single ObjectTemplate for TextDecoder (Anna Henningsen) #32426
  • [8f7f4e5aba] - src: avoid Isolate::GetCurrent() for platform implementation (Anna Henningsen) #32269
  • [df046dec97] - src: add debug option to report large page stats (Gabriel Schulhof) #32331
  • [43e9ae8317] - src: prefer OnScopeLeave over shared_ptr<void> (Anna Henningsen) #32247
  • [2f976d783f] - src: find .text section using dl_iterate_phdr (Gabriel Schulhof) #32244
  • [40c5d58095] - Revert "src: keep main-thread Isolate attached to platform during Dispose" (Anna Henningsen) #31853
  • [51a345674e] - src: handle NULL env scenario (Harshitha KP) #31899
  • [154da1f0d3] - src: add missing namespace using statements in node_watchdog.h (legendecas) #32117
  • [83c47b6079] - src: introduce node_sockaddr (James M Snell) #32070
  • [c979aeaf26] - src: improve handling of internal field counting (James M Snell) #31960
  • [38de40ac50] - src: do not unnecessarily re-assign uv handle data (Anna Henningsen) #31696
  • [e204dba3f3] - src: pass resource object along with InternalMakeCallback (Anna Henningsen) #32063
  • [ffefb059e2] - src: move InternalCallbackScope to StartExecution (Shelley Vohr) #31944
  • [178c682ad1] - src: start the .text section with an asm symbol (Gabriel Schulhof) #31981
  • [809d8b5036] - src: include large pages source unconditionally (Gabriel Schulhof) #31904
  • [5ea3d60db1] - src: use __executable_start for linux hugepages (Ben Noordhuis) #31547
  • [1e95bb85a9] - src: make large_pages node.cc include conditional (Denys Otrishko) #31078
  • [6dcb868a0a] - src: make --use-largepages a runtime option (Gabriel Schulhof) #30954
  • [f3fb6a11fe] - src: change GetStringWidth's expand_emoji_sequence option default (Ruben Bridgewater) #31112
  • [4f6300f804] - src: improve GetColumnWidth performance (Ruben Bridgewater) #31112
  • [98297b92f5] - src: inline SetSNICallback (Anna Henningsen) #30548
  • [ce8d8c06ac] - src: use BaseObjectPtr to store SNI context (Anna Henningsen) #30548
  • [c86883e4fe] - stream: add null check in Readable.from (Pranshu Srivastava) #32873
  • [5df8ab16f2] - stream: close iterator in Readable.from (Vadzim Zieńka) #32844
  • [c8b4ab0978] - stream: fix readable state awaitDrain increase in recursion (ran) #27572
  • [becbe9e246] - tls: move getAllowUnauthorized to internal/options (James M Snell) #32917
  • [dec8a21cc8] - tls: provide default cipher list from command line (Anna Henningsen) #32760
  • [8961d33aff] - tls: add memory tracking support to SSLWrap (Anna Henningsen) #30548
  • [1b41829828] - util: improve unicode support (Ruben Bridgewater) #31319
  • [a0b1a06fff] - util: add todo comments for inspect to add unicode support (Ruben Bridgewater) #31112
  • [e0e8a9af6f] - util,readline: NFC-normalize strings before getStringWidth (Anna Henningsen) #33052
  • [6a9f867e56] - vm: throw error when duplicated exportNames in SyntheticModule (himself65) #32810
  • [02de66a110] - vm: lazily initialize primordials for vm contexts (Joyee Cheung) #31738
  • [843a54fd33] - wasi: use free() to release preopen array (Anna Henningsen) #33110
  • [7f845e614b] - wasi: update start() behavior to match spec (Colin Ihrig) #33073
  • [e1fe0b66b5] - wasi: rename __wasi_unstable_reactor_start() (Colin Ihrig) #33073
  • [7c723af3ae] - wasi: clean up options validation (Denys Otrishko) #31797
  • [9ce6e363f4] - worker: fix process.env var empty key access (Christopher Beeson) #32921
  • [57cd7d2faa] - worker: fix type check in receiveMessageOnPort (Anna Henningsen) #32745
  • [ade4ec6f9a] - worker: runtime error on pthread creation (Harshitha KP) #32344

Documentation commits

Other commits

  • [cdf4f4875d] - benchmark: use let instead of var in worker (Daniele Belardi) #31794
  • [c572218552] - benchmark: use let instead of var in util (Daniele Belardi) #31794
  • [862aeae238] - benchmark: use let instead of var in url (Daniele Belardi) #31794
  • [e68c21f079] - benchmark: use let instead of var in tls (Daniele Belardi) #31794
  • [f3ef8946d0] - benchmark: use let instead of var in timers (Daniele Belardi) #31794
  • [33858fa917] - benchmark: use let instead of var in run.js (Daniele Belardi) #31794
  • [a05f22647a] - benchmark: use let instead of var in dns (Daniele Belardi) #31794
  • [2d7c52d729] - benchmark: use let instead of var in common.js (Daniele Belardi) #31794
  • [d205bc91d4] - benchmark: use const instead of var in async_hooks (Daniele Belardi) #31794
  • [d7f1add038] - benchmark: add no-var rule in .eslintrc.yaml (Daniele Belardi) #31794
  • [b4a6351634] - benchmark: remove special test entries (Ruben Bridgewater) #31755
  • [71397885b2] - benchmark: add test and all options and improve errors" (Ruben Bridgewater) #31755
  • [011e3dec00] - benchmark: refactor helper into a class (Ruben Bridgewater) #31755
  • [cf2ca11828] - Revert "benchmark: refactor helper into a class" (Anna Henningsen) #31722
  • [ef80c02794] - Revert "benchmark: remove special test entries" (Anna Henningsen) #31722
  • [3861c69b02] - benchmark: fix error on server close in AsyncLocalStorage benchmark (Andrey Pechkurov) #32503
  • [daf6e1702f] - benchmark: use let instead of var in zlib (Daniele Belardi) #31794
  • [6b02359dbf] - test: update c8 ignore comment (Benjamin Coe) #33151
  • [d7b13abbf8] - test: skip memory usage tests when ASAN is enabled (Anna Henningsen) #33129
  • [238353839c] - test: move test-process-title to sequential (Anna Henningsen) #33150
  • [13cae34484] - test: fix out-of-bound reads from invalid sizeof usage (Anna Henningsen) #33115
  • [08e01a12d0] - test: add missing calls to napi_async_destroy (Anna Henningsen) #33114
  • [3015887019] - test: check args on SourceTextModule cachedData (Juan José Arboleda) #32956
  • [dad82173cd] - test: mark test flaky on freebsd (Sam Roberts) #32849
  • [4ab6643abb] - test: flaky test-stdout-close-catch on freebsd (Sam Roberts) #32849
  • [60550f35ac] - test: refactor test-async-hooks-constructor (himself65) #33063
  • [83520451cc] - test: remove timers-blocking-callback (Jeremiah Senkpiel) #32870
  • [579f68c5fd] - test: better error validations for event-capture (Adrian Estrada) #32771
  • [dacd27927a] - test: refactor events tests for invalid listeners (Adrian Estrada) #32769
  • [4c67568148] - test: test-async-wrap-constructor prefer forEach (Daniel Estiven Rico Posada) #32631
  • [0bae243438] - test: mark test-child-process-fork-args as flaky on Windows (Andrey Pechkurov) #32950
  • [f181b5996a] - test: changed function to arrow function (Nimit) #32875
  • [68e3954d1a] - test: replace console.log/error() with debuglog (daemon1024) #32692
  • [c566906789] - test: only detect uname on supported os (Xu Meng) #32833
  • [50130f0e23] - test: mark cpu-prof-dir-worker flaky on all (Sam Roberts) #32828
  • [96c93113a8] - test: replace equal with strictEqual (Jesus Hernandez) #32727
  • [e839a71ca8] - test: mark test-worker-prof flaky on arm (Sam Roberts) #32826
  • [44ca47904d] - test: mark test-http2-reset-flood flaky on all (Sam Roberts) #32825
  • [271b309c91] - test: cover node entry type in perf_hooks (Julian Duque) #32751
  • [769ac24eba] - test: use symlinks to copy shells (John Kleinschmidt) #32129
  • [b3ac840b97] - test: save test file in temporary directory (Luigi Pinca) #32670
  • [c5e0615942] - test: refactor test-worker (himself65) #32509
  • [8eb6807dfe] - test: replace flag expose_internals to expose-internals (Juan José Arboleda) #32542
  • [5598dd14df] - test: fix a typo on test-fs-read-optional-params (himself65) #32461
  • [30207985cc] - test: als variant of test-timers-clearImmediate (Harshitha KP) #32303
  • [e3baee6c3d] - test: refactoring / cleanup on child-process tests (James M Snell) #32078
  • [6a0bc83370] - test: remove common.skipIfReportDisabled() (Colin Ihrig) #32242
  • [4a08b85fc8] - test: make test-memory-usage predictable (Matheus Marchini) #32239
  • [efc844d00d] - test: verify that WASI errors are rethrown (Colin Ihrig) #32157
  • [10ee89a8d5] - test: refactor and simplify test-repl-preview (Ruben Bridgewater) #32154
  • [5a8e54b6de] - test: refactor all benchmark tests to use the new test option (Ruben Bridgewater) #31755
  • [d1d22fa86e] - test: add secp224k1 check in crypto-dh-stateless (Daniel Bevenius) #31715
  • [8a044cb9ae] - test: fix flaky parallel/test-repl-history-navigation test (Ruben Bridgewater) #31708
  • [2fc72cac97] - test: fix flaky test-trace-sigint-on-idle (Anna Henningsen) #31645
  • [a4ee930d71] - test: improve logged errors (Ruben Bridgewater) #31425
  • [4aaf4075e9] - test: show child stderr output in largepages test (Ben Noordhuis) #31612
  • [2508e1321f] - test: add new scenario for async-local storage (Harshitha KP) #32082
  • [52a11544cf] - test: add GC test for disabled AsyncLocalStorage (Andrey Pechkurov) #31995
  • [98ece74dc7] - test: improve disable AsyncLocalStorage test (Andrey Pechkurov) #31998
  • [e5a64e5def] - test: fix flaky test-memory-usage (Anna Henningsen) #31602
  • [02ec03ce27] - test: cover property n-api null cases (Gabriel Schulhof) #31488
  • [733002b081] - test: skip keygen tests on arm systems (Tobias Nießen) #31178
  • [5e5d053585] - test: add repl tests to verify unicode support in previews (Ruben Bridgewater) #31112
  • [f1624bbafa] - test: add multiple repl preview tests (Ruben Bridgewater) #30907
  • [9dcf137623] - test,benchmark: fix test-benchmark-zlib (Rich Trott) #31538
  • [94e4847142] - tools: bump remark-preset-lint-node to 1.15.0 (Rich Trott) #33157
  • [58bd92aa26] - tools: update remark-preset-lint-node@1.14.0 (Rich Trott) #33072
  • [b9d9c24cfc] - tools: update broken types in type parser (Colin Ihrig) #33068
  • [3dafc1460d] - tools: fix mkcodecache when run with ASAN (Anna Henningsen) #32850
  • [1c010b41a1] - tools: update ESLint to 7.0.0-rc.0 (himself65) #33062
  • [5f79ab2239] - tools: remove unused code in doc generation tool (Rich Trott) #32913
  • [576a62688f] - tools: decrease timeout in test.py (Anna Henningsen) #32868
  • [9cf9cb436b] - tools: remove prefer-common-expectserror lint rule (Colin Ihrig) #31147

2020-04-28, Version 12.16.3 'Erbium' (LTS), @targos

Notable Changes

  • Dependencies:
    • Updated OpenSSL to 1.1.1g (Hassaan Pasha) #32971.
    • Updated c-ares to 1.16.0 (Anna Henningsen) #32246.
    • Updated experimental uvwasi to 0.0.6 (Colin Ihrig) #32309.
  • ESM (experimental):
    • Additional warnings are no longer printed for modules that use conditional exports or package name self resolution (Guy Bedford) #31845.

Commits

2020-04-08, Version 12.16.2 'Erbium' (LTS), @codebytere

Notable Changes

  • doc:
    • add ronag to collaborators (Robert Nagy) #31498
    • add GeoffreyBooth to collaborators (Geoffrey Booth) #31306
  • deps:
    • upgrade npm to 6.13.6 (Ruy Adorno) #31304
    • update openssl to 1.1.1e (Hassaan Pasha) #32328

Commits

2020-02-18, Version 12.16.1 'Erbium' (LTS), @MylesBorins

Notable changes

Node.js 12.16.0 included 6 regressions that are being fixed in this release

Accidental Unflagging of Self Resolving Modules:

12.16.0 included a large update to the ESM implementation. One of the new features, Self Referential Modules, was accidentally released without requiring the --experimental-modules flag. This release is being made to appropriately flag the feature.

Process Cleanup Changed Introduced WASM-Related Assertion:

A change during Node.js process cleanup led to a crash in combination with specific usage of WASM. This has been fixed by partially reverted said change. A regression test and a full fix are being worked on and will likely be included in future 12.x and 13.x releases.

Use Largepages Runtime Option Introduced Linking Failure:

A Semver-Minor change to introduce --use-largepages as a runtime option introduced a linking failure. This had been fixed in master but regressed as the fix has not yet gone out in a Current release. The feature has been reverted, but will be able to reland with a fix in a future Semver-Minor release.

Async Hooks was Causing an Exception When Handling Errors:

Changes in async hooks internals introduced a case where an internal api call could be called with undefined causing a process to crash. The change to async hooks was reverted. A regression test and fix has been proposed and the change could re-land in a future Semver-Patch release if the regression is reliably fixed.

New Enumerable Read-Only Property on EventEmitter breaks @types/extend

A new property for enumerating events was added to the EventEmitter class. This broke existing code that was using the @types/extend module for extending classses as @types/extend was attemping to write over the existing field which the new change made read-only. As this is the first property on EventEmitter that is read-only this feature could be considered Semver-Major. The new feature has been reverted but could re-land in a future Semver-Minor release if a non breaking way of applying it is found.

Exceptions in the HTTP parser were not emitting an uncaughtException

A refactoring to Node.js interanls resulted in a bug where errors in the HTTP parser were not being emitted by process.on('uncaughtException') when the async_hooks after hook exists. The fix to this bug has been included in this release.

Commits

  • [51fdd759b9] - async_hooks: ensure event after been emitted on runInAsyncScope (legendecas) #31784
  • [7a1b0ac06f] - Revert "build: re-introduce --use-largepages as no-op" (Myles Borins) #31782
  • [a53eeca2a9] - Revert "build: switch realpath to pwd" (Myles Borins) #31782
  • [6d432994e6] - Revert "build: warn upon --use-largepages config option" (Myles Borins) #31782
  • [a5bc00af12] - Revert "events: allow monitoring error events" (Myles Borins)
  • [f0b2d875d9] - module: 12.x self resolve flag as experimental modules (Guy Bedford) #31757
  • [42b68a4e24] - src: inform callback scopes about exceptions in HTTP parser (Anna Henningsen) #31801
  • [065a32f064] - Revert "src: make --use-largepages a runtime option" (Myles Borins) #31782
  • [3d5beebc62] - Revert "src: make large_pages node.cc include conditional" (Myles Borins) #31782
  • [43d02e20e0] - src: keep main-thread Isolate attached to platform during Dispose (Anna Henningsen) #31795
  • [7a5954ef26] - src: fix -Winconsistent-missing-override warning (Colin Ihrig) #30549

2020-02-11, Version 12.16.0 'Erbium' (LTS), @targos

Notable changes

New assert APIs

The assert module now provides experimental assert.match() and assert.doesNotMatch() methods. They will validate that the first argument is a string and matches (or does not match) the provided regular expression:

const assert = require('assert').strict;

assert.match('I will fail', /pass/);
// AssertionError [ERR_ASSERTION]: The input did not match the regular ...

assert.doesNotMatch('I will fail', /fail/);
// AssertionError [ERR_ASSERTION]: The input was expected to not match the ...

This is an experimental feature.

Ruben Bridgewater #30929.

Advanced serialization for IPC

The child_process and cluster modules now support a serialization option to change the serialization mechanism used for IPC. The option can have one of two values:

  • 'json' (default): JSON.stringify() and JSON.parse() are used. This is how message serialization was done before.
  • 'advanced': The serialization API of the v8 module is used. It is based on the HTML structured clone algorithm and is able to serialize more built-in JavaScript object types, such as BigInt, Map, Set etc. as well as circular data structures.

Anna Henningsen #30162.

CLI flags

The new --trace-exit CLI flag makes Node.js print a stack trace whenever the Node.js environment is exited proactively (i.e. by invoking the process.exit() function or pressing Ctrl+C).

legendecas #30516.

The new --trace-uncaught CLI flag makes Node.js print a stack trace at the time of throwing uncaught exceptions, rather than at the creation of the Error object, if there is any. This option is not enabled by default because it may affect garbage collection behavior negatively.

Anna Henningsen #30025.

The --disallow-code-generation-from-strings V8 CLI flag is now whitelisted in the NODE_OPTIONS environment variable.

Shelley Vohr #30094.

New crypto APIs

For DSA and ECDSA, a new signature encoding is now supported in addition to the existing one (DER). The verify and sign methods accept a dsaEncoding option, which can have one of two values:

  • 'der' (default): DER-encoded ASN.1 signature structure encoding (r, s).
  • 'ieee-p1363': Signature format r || s as proposed in IEEE-P1363.

Tobias Nießen #29292.

A new method was added to Hash: Hash.prototype.copy. It makes it possible to clone the internal state of a Hash object into a new Hash object, allowing to compute the digest between updates:

// Calculate a rolling hash.
const crypto = require('crypto');
const hash = crypto.createHash('sha256');

hash.update('one');
console.log(hash.copy().digest('hex'));

hash.update('two');
console.log(hash.copy().digest('hex'));

hash.update('three');
console.log(hash.copy().digest('hex'));

// Etc.

Ben Noordhuis #29910.

Dependency updates

libuv was updated to 1.34.0. This includes fixes to uv_fs_copyfile() and uv_interface_addresses() and adds two new functions: uv_sleep() and uv_fs_mkstemp().

Colin Ihrig #30783.

V8 was updated to 7.8.279.23. This includes performance improvements to object destructuring, RegExp match failures and WebAssembly startup time. The official release notes are available at https://v8.dev/blog/v8-release-78.

Michaël Zasso #30109.

New EventEmitter APIs

The new EventEmitter.on static method allows to async iterate over events:

const { on, EventEmitter } = require('events');

(async () => {

  const ee = new EventEmitter();

  // Emit later on
  process.nextTick(() => {
    ee.emit('foo', 'bar');
    ee.emit('foo', 42);
  });

  for await (const event of on(ee, 'foo')) {
    // The execution of this inner block is synchronous and it
    // processes one event at a time (even with await). Do not use
    // if concurrent execution is required.
    console.log(event); // prints ['bar'] [42]
  }

})();

Matteo Collina #27994.

It is now possible to monitor 'error' events on an EventEmitter without consuming the emitted error by installing a listener using the symbol EventEmitter.errorMonitor:

const myEmitter = new MyEmitter();

myEmitter.on(EventEmitter.errorMonitor, (err) => {
  MyMonitoringTool.log(err);
});

myEmitter.emit('error', new Error('whoops!'));
// Still throws and crashes Node.js

Gerhard Stoebich #30932.

Using async functions with event handlers is problematic, because it can lead to an unhandled rejection in case of a thrown exception:

const ee = new EventEmitter();

ee.on('something', async (value) => {
  throw new Error('kaboom');
});

The experimental captureRejections option in the EventEmitter constructor or the global setting change this behavior, installing a .then(undefined, handler) handler on the Promise. This handler routes the exception asynchronously to the Symbol.for('nodejs.rejection') method if there is one, or to the 'error' event handler if there is none.

const ee1 = new EventEmitter({ captureRejections: true });
ee1.on('something', async (value) => {
  throw new Error('kaboom');
});

ee1.on('error', console.log);

const ee2 = new EventEmitter({ captureRejections: true });
ee2.on('something', async (value) => {
  throw new Error('kaboom');
});

ee2[Symbol.for('nodejs.rejection')] = console.log;

Setting EventEmitter.captureRejections = true will change the default for all new instances of EventEmitter.

EventEmitter.captureRejections = true;
const ee1 = new EventEmitter();
ee1.on('something', async (value) => {
  throw new Error('kaboom');
});

ee1.on('error', console.log);

This is an experimental feature.

Matteo Collina #27867.

Performance Hooks are no longer experimental

The perf_hooks module is now considered a stable API.

legendecas #31101.

Introduction of experimental WebAssembly System Interface (WASI) support

A new core module, wasi, is introduced to provide an implementation of the WebAssembly System Interface specification. WASI gives sandboxed WebAssembly applications access to the underlying operating system via a collection of POSIX-like functions.

This is an experimental feature.

Colin Ihrig #30258.

Commits

  • [fc7b27ea78] - (SEMVER-MINOR) assert: implement assert.match() and assert.doesNotMatch() (Ruben Bridgewater) #30929
  • [7d6c963b9d] - assert: DRY .throws code (Ruben Bridgewater) #28263
  • [749bc16cca] - assert: fix generatedMessage property (Ruben Bridgewater) #28263
  • [6909e3e656] - assert: use for...of (Soar) #30983
  • [b4e8f0de12] - assert: fix line number calculation after V8 upgrade (Michaël Zasso) #29694
  • [a0f338ecc1] - assert,util: stricter type comparison using deep equal comparisons (Ruben Bridgewater) #30764
  • [a9fad8524c] - async_hooks: ensure proper handling in runInAsyncScope (Anatoli Papirovski) #30965
  • [73e3c15a70] - benchmark: add more util inspect and format benchmarks (Ruben Bridgewater) #30767
  • [634389b3ee] - benchmark: use let instead of var in dgram (dnlup) #31175
  • [b55420889c] - benchmark: add benchmark on async_hooks enabled http server (legendecas) #31100
  • [1c97163f76] - benchmark: use let instead of var in crypto (dnlup) #31135
  • [3de7713aa5] - benchmark: replace var with let/const in cluster benchmark (dnlup) #31042
  • [471c59b4ba] - benchmark: include writev in benchmark (Robert Nagy) #31066
  • [c73256460d] - benchmark: use let instead of var in child_process (dnlup) #31043
  • [aa973c5cd9] - benchmark: add clear connections to secure-pair (Diego Lafuente) #27971
  • [d5bebc3be8] - benchmark: update manywrites back pressure (Robert Nagy) #30977
  • [baabf3e764] - benchmark: use let/const instead of var in buffers (dnlup) #30945
  • [667471ee8b] - benchmark: improve --filter pattern matching (Matheus Marchini) #29987
  • [b4509170f4] - bootstrap: use different scripts to setup different configurations (Joyee Cheung) #30862
  • [655d0685c4] - buffer: release buffers with free callbacks on env exit (Anna Henningsen) #30551
  • [ae3459af9f] - buffer: improve .from() error details (Ruben Bridgewater) #29675
  • [ada7624e6b] - build: auto-load ICU data from --with-icu-default-data-dir (Stephen Gallagher) #30825
  • [d66996ce0d] - build: remove (almost) unused macros/constants (Benjamin Coe) #30755
  • [ca432d756e] - build: do not build mksnapshot and mkcodecache for --shared (Joyee Cheung) #30647
  • [30096ef5a4] - build: add --without-node-code-cache configure option (Joyee Cheung) #30647
  • [cb89fbcafc] - build: don't use -latomic on macOS (Ryan Schmidt) #30099
  • [b1b7f6746c] - build: fixes build for some os versions (David Carlier)
  • [dc7a2320ff] - build: fix missing x64 arch suffix in binary tar name (legendecas) #30877
  • [ebe6a55ba8] - build: on Android, use android log library to print stack traces (Giovanni Campagna) #29388
  • [fbf5beee56] - build: fix library version and compile flags on Android (Giovanni Campagna) #29388
  • [c8c22b8d4c] - build: ease DragonFlyBSD build (David Carlier) #30201
  • [766c2abff3] - build: warn upon --use-largepages config option (Gabriel Schulhof) #31103
  • [e67b3608af] - build: switch realpath to pwd (Benjamin Coe) #31095
  • [332b343f50] - build: re-introduce --use-largepages as no-op (Gabriel Schulhof)
  • [a91ed2eada] - build: reset embedder string to "-node.0" (Michaël Zasso) #30109
  • [0b3951a8e7] - build,win: fix goto exit in vcbuild (João Reis) #30931
  • [df1e183e3f] - child_process,cluster: allow using V8 serialization API (Anna Henningsen) #30162
  • [8dc4e4ecb7] - cli: add --trace-exit cli option (legendecas) #30516
  • [ba289ffb4e] - cli: whitelist new V8 flag in NODE_OPTIONS (Shelley Vohr) #30094
  • [dc58731e28] - cli: add --trace-uncaught flag (Anna Henningsen) #30025
  • [2d23502121] - cluster: remove unnecessary bind (Anatoli Papirovski) #28131
  • [f54dc362a9] - console: unregister temporary error listener (Robert Nagy) #30852
  • [9bc5c9fbc3] - crypto: cast oaepLabel to unsigned char* (Shelley Vohr) #30917
  • [dd118b7272] - crypto: automatically manage memory for ECDSA_SIG (Tobias Nießen) #30641
  • [df54ec3eb2] - crypto: add support for IEEE-P1363 DSA signatures (Tobias Nießen) #29292
  • [5dd72a67c4] - crypto: add Hash.prototype.copy() method (Ben Noordhuis) #29910
  • [e2cd110c0a] - deps: V8: cherry-pick 0dfd9ea51241 (Benjamin Coe) #30713
  • [b724eaf66d] - deps: V8: cherry-pick d89f4ef1cd62 (Milad Farazmand) #31354
  • [6de77d3f09] - deps: uvwasi: cherry-pick 75b389c (Colin Ihrig) #31076
  • [8f4339b8af] - deps: uvwasi: cherry-pick 64e59d5 (Colin Ihrig) #31076
  • [63f85d52de] - deps: update uvwasi (Anna Henningsen) #30745
  • [317c3dffbb] - deps: V8: cherry-pick b38dfaf3a633 (Matheus Marchini) #30870
  • [554c7c2c98] - deps: V8: cherry-pick cc5016e1b702 (Matheus Marchini) #30870
  • [250198220d] - deps: V8: backport a4545db (David Carlier) #31127
  • [76eaf24f8f] - deps: V8: cherry-pick d406bfd64653 (Sam Roberts) #30819
  • [c004cf51c6] - deps: V8: cherry-pick d3a1a5b6c491 (Michaël Zasso) #31005
  • [850cb15ae8] - deps: upgrade to libuv 1.34.0 (Colin Ihrig) #30783
  • [ff82ccb151] - deps: fix OPENSSLDIR on Windows (Shigeki Ohtsu) #29456
  • [6bee6878ba] - deps: V8: cherry-pick ca5b0ec (Anna Henningsen) #30708
  • [c4074e37e2] - deps: V8: backport 777fa98 (Michaël Zasso) #30062
  • [45240a1325] - deps: V8: cherry-pick 53e62af (Michaël Zasso) #29898
  • [b335529803] - deps: patch V8 to be API/ABI compatible with 7.4 (from 7.7) (Michaël Zasso) #29241
  • [499ccdcf03] - deps: patch V8 to be API/ABI compatible with 7.4 (from 7.6) (Michaël Zasso) #28955
  • [bb616bb06b] - deps: patch V8 to be API/ABI compatible with 7.4 (from 7.5) (Michaël Zasso) #28005
  • [18c713da2c] - deps: update V8's postmortem script (Colin Ihrig) #29694
  • [593d989e8e] - deps: V8: cherry-pick a7dffcd767be (Christian Clauss) #30218
  • [5e1da86d9b] - deps: V8: cherry-pick 0a055086c377 (Michaël Zasso) #30109
  • [25dd890847] - deps: V8: cherry-pick e5dbc95 (Gabriel Schulhof) #30130
  • [98dfe272b0] - deps: V8: cherry-pick ed40ab1 (Michaël Zasso) #30064
  • [4cdccbda80] - deps: V8: cherry-pick 716875d (Myles Borins) #29694
  • [667b9a409b] - deps: V8: cherry-pick 35c6d4d (Sam Roberts) #29585
  • [c43f5be7cf] - deps: V8: cherry-pick deac757 (Benjamin Coe) #29626
  • [d89f874871] - deps: V8: fix linking issue for MSVS (Refael Ackermann) #28016
  • [0d20a85b8e] - deps: V8: fix BUILDING_V8_SHARED issues (Refael Ackermann) #27375
  • [3d11924917] - deps: V8: add workaround for MSVC optimizer bug (Refael Ackermann) #28016
  • [9135bc219b] - deps: V8: use ATOMIC_VAR_INIT instead of std::atomic_init (Refael Ackermann) #27375
  • [d98789b348] - deps: V8: forward declaration of Rtl\*FunctionTable (Refael Ackermann) #27375
  • [5a31dc8177] - deps: V8: patch register-arm64.h (Refael Ackermann) #27375
  • [fe18796b03] - deps: V8: silence irrelevant warning (Michaël Zasso) #26685
  • [4bf6e025a7] - deps: V8: un-cherry-pick bd019bd (Refael Ackermann) #26685
  • [fdad5b6f38] - deps: V8: fix filename manipulation for Windows (Refael Ackermann) #28016
  • [35f289260e] - (SEMVER-MINOR) deps: update V8 to 7.8.279.23 (Michaël Zasso) #30109
  • [614ce0c51a] - deps,http: http_parser set max header size to 8KB (Matteo Collina) nodejs-private/node-private#143
  • [8d336ff796] - deps,src: patch V8 to be API/ABI compatible with 7.4 (from 7.8) (Anna Henningsen) #30109
  • [bf4f516eea] - deps,src,test: update to uvwasi 0.0.3 (Colin Ihrig) #30980
  • [25d96ecd4b] - dgram: test to add and to drop specific membership (A. Volgin) #31047
  • [b7ff93f45d] - dgram: use for...of (Trivikram Kamat) #30999
  • [b560f7b9d6] - (SEMVER-MINOR) dgram: add source-specific multicast support (Lucas Pardue) #15735
  • [9a6aff8517] - doc: make AssertionError a link (Ruben Bridgewater) #28263
  • [08b5a2fcb4] - doc: update assert.throws() examples (Ruben Bridgewater) #28263
  • [fd78d04188] - doc: remove extra backtick (Colin Ihrig) #31186
  • [808f025bea] - doc: use code markup/markdown in headers (Ruben Bridgewater) #31149
  • [95eb1c2884] - doc: add note about fs.close() about undefined behavior (Robert Nagy) #30966
  • [cfe30aebe1] - doc: add code example to inspector.url() method (Juan José Arboleda) #29496
  • [79521d304c] - doc: deprecate http finished (Robert Nagy) #28679
  • [2c85dd91d6] - doc: update REPL documentation to instantiate the REPL (Ruben Bridgewater) #30928
  • [deb1a591f5] - doc: improve explanation of package.json "type" field (Ronald J Kimball) #27516
  • [37560cdf81] - doc: clarify role of writable.cork() (Colin Grant) #30442
  • [5648f5ec6e] - doc: de-duplicate security release processes (Sam Roberts) #30996
  • [2d9d59f427] - doc: fix createDiffieHellman generator type (Tobias Nießen) #31121
  • [6df270451a] - doc: update mode type for mkdir() functions (Colin Ihrig) #31115
  • [1d7ff3d673] - doc: update mode type for process.umask() (Colin Ihrig) #31115
  • [f851d9fbd8] - doc: update mode type for fs open() functions (Colin Ihrig) #31115
  • [e104e72f58] - doc: update mode type for fchmod() functions (Colin Ihrig) #31115
  • [13fe137791] - doc: update parameter type for fsPromises.chmod() (Colin Ihrig) #31115
  • [ddad6eb90f] - doc: improve dns introduction (Rich Trott) #31090
  • [a192afc2aa] - doc: update parameter type for fs.chmod() (Santosh Yadav) #31085
  • [fd0565c91c] - doc: add --inspect-publish-uid man page entry (Colin Ihrig) #31077
  • [39e2af67e2] - doc: add --force-context-aware man page entry (Colin Ihrig) #31077
  • [1d28db1007] - doc: add --enable-source-maps man page entry (Colin Ihrig) #31077
  • [5796ec757f] - doc: fix anchors and subtitle in BUILDING.md (sutangu) #30296
  • [4f95213b83] - doc: standardize usage of hostname vs. host name (Rich Trott) #31073
  • [7b567bdd49] - doc: add unrepresented flags docs for configure (Pranshu Srivastava) #28069
  • [f0994940f0] - doc: improve doc net:server.listen (dev-313) #31064
  • [f8530128bd] - doc: implement minor improvements to BUILDING.md text (Rich Trott) #31070
  • [53403619ad] - doc: avoid using v8::Persistent in addon docs (Anna Henningsen) #31018
  • [d3c969547a] - doc: reference worker threads on signal events (legendecas) #30990
  • [55360487b7] - doc: update message.url example in http.IncomingMessage (Tadao Iseki) #30830
  • [178acac7d5] - doc: explain napi_run_script (Tobias Nießen) #30918
  • [fb3af1b23a] - doc: add "Be direct." to the style guide (Rich Trott) #30935
  • [0688c99823] - doc: clarify expectations for PR commit messages (Derek Lewis) #30922
  • [28a8247918] - doc: fix description of N-API exception handlers (Tobias Nießen) #30893
  • [be4fffe396] - doc: improve doc writable streams: 'finish' event (dev-313) #30889
  • [21ea47a08e] - doc: clarify build support text (Rich Trott) #30899
  • [fc0c7286c8] - doc: edit colorMode information (Rich Trott) #30887
  • [22f83598d9] - doc: fix argument type of setAAD (Tobias Nießen) #30863
  • [7b3e26987d] - doc: clarify Tier 2 implications in BUILDING.md (Rich Trott) #30866
  • [e0811cd8cc] - doc: improve doc Http2Stream: FrameError, Timeout and Trailers (dev-313) #30373
  • [6db2562796] - doc: include line/cursor in readline documentation (Jeremy Albright) #30667
  • [5d56e85f84] - doc: improve napi formatting (Ruben Bridgewater) #30772
  • [998d04d792] - doc: add documentation about node_mksnapshot and mkcodecache (Joyee Cheung) #30773
  • [73427af3c8] - doc: remove imprecise and redundant testing text (Rich Trott) #30763
  • [6418b939e3] - doc: remove usage of "Node" in favor of "Node.js" (Rich Trott) #30758
  • [a500eee3e7] - doc: revise addons introduction for brevity and clarity (Rich Trott) #30756
  • [005b601aa1] - doc: fix up N-API doc (NickNaso) #30656
  • [420d793f9a] - doc: adds assert doc for strict mode with pointer to strict equality (Shobhit Chittora) #30486
  • [ab7304767e] - doc: Buffer.toString(): add note about invalid data (Jan-Philip Gehrcke) #30706
  • [a152458e6e] - doc: clarify text about using 'session' event for compatibility (Rich Trott) #30746
  • [c79f485af9] - doc: fix worker.resourceLimits indentation (Daniel Nalborczyk) #30663
  • [1a6443dfde] - doc: fix worker.resourceLimits type (Daniel Nalborczyk) #30664
  • [b7bd84f7d2] - doc: simplify "is recommended" language in assert documentation (Rich Trott) #30558
  • [9b7bde14c3] - doc: update http.md mention of socket (Jesse O'Connor) #30155
  • [2cbb358c23] - doc: clarify required flag for extensionless esm (Lucas Azzola) #30657
  • [de3fdfaa6f] - doc: avoid proposal syntax in code example (Alex Zherdev) #30685
  • [138a905b15] - doc: esm: improve dual package hazard docs (Geoffrey Booth) #30345
  • [5687a3178d] - doc: fix some recent doc nits (vsemozhetbyt) #30341
  • [007dab8f25] - doc: update outdated commonjs compat info (Geoffrey Booth) #30512
  • [d0f4a2f14a] - doc: update divergent specifier hazard guidance (Geoffrey Booth) #30051
  • [1f46eea24d] - doc: include --experimental-resolve-self in manpage (Guy Bedford) #29978
  • [30edcc03aa] - doc: update vm.md for link linting (Rich Trott) #29982
  • [426ed0dffa] - doc: make YAML matter consistent in crypto.md (Rich Trott) #30016
  • [2d5aec013c] - doc: fix numbering in require algorithm (Jan Krems) #30117
  • [9023c59a8d] - doc: use code markup/markdown in headers in globals documentation (Rich Trott) #31086
  • [448a1178fa] - doc: use code markup/markdown in headers in deprecations documentation (Rich Trott) #31086
  • [b5a19bcf65] - doc: use code markup/markdown in headers in addons documentation (Rich Trott) #31086
  • [2f2f79d8eb] - doc: allow <code> in header elements (Rich Trott) #31086
  • [2885bdbc56] - doc,assert: use code markup/markdown in headers (Rich Trott) #31086
  • [da25662fc8] - doc,async_hooks: use code markup/markdown in headers (Rich Trott) #31086
  • [54c60d2e57] - doc,benchmark: move benchmark guide to benchmark directory (Rich Trott) #30781
  • [a96590a69f] - doc,buffer: use code markup/markdown in headers (Rich Trott) #31086
  • [8a5fe08fd4] - doc,child_process: use code markup/markdown in headers (Rich Trott) #31086
  • [8eecc56cd3] - doc,cluster: use code markup/markdown in headers (Rich Trott) #31086
  • [54e41cebbd] - doc,console: use code markup/markdown in headers (Rich Trott) #31086
  • [67637c652b] - doc,crypto: use code markup/markdown in headers (Rich Trott) #31086
  • [c2ad43af89] - doc,dgram: use code markup/markdown in headers (Rich Trott) #31086
  • [135097f845] - doc,dns: use code markup/markdown in headers (Rich Trott) #31086
  • [0a29db286d] - doc,domain: use code markup/markdown in headers (Rich Trott) #31086
  • [69da6110ab] - doc,errors: use code markup/markdown in headers (Rich Trott) #31086
  • [c4503ea987] - doc,esm: use code markup/markdown in headers (Rich Trott) #31086
  • [c4c10d1c09] - doc,events: use code markup/markdown in headers (Rich Trott) #31086
  • [8848062bc4] - doc,fs: use code markup/markdown in headers (Rich Trott) #31086
  • [25b30e4b61] - doc,http: use code markup/markdown in headers (Rich Trott) #31086
  • [be7d4dea4b] - doc,http2: use code markup/markdown in headers (Rich Trott) #31086
  • [2449d5fee6] - doc,https: use code markup/markdown in headers (Rich Trott) #31086
  • [f7255c12a8] - doc,inspector: use code markup/markdown in headers (Rich Trott) #31086
  • [3454f65ebe] - doc,lib,src,test: rename WASI CLI flag (Colin Ihrig) #30980
  • [bd5ae0a140] - doc,module: use code markup/markdown in headers (Rich Trott) #31086
  • [2697c0d008] - doc,n-api: mark napi_detach_arraybuffer as experimental (legendecas) #30703
  • [bff03ca2cb] - doc,net: use code markup/markdown in headers (Rich Trott) #31086
  • [4fa99591b0] - doc,os: use code markup/markdown in headers (Rich Trott) #31086
  • [b18c128aff] - doc,path: use code markup/markdown in headers (Rich Trott) #31086
  • [77813e0426] - doc,perf_hooks: use code markup/markdown in headers (Rich Trott) #31086
  • [84e3a86bd5] - doc,process: use code markup/markdown in headers (Rich Trott) #31086
  • [7f2625f5df] - doc,punycode: use code markup/markdown in headers (Rich Trott) #31086
  • [6de05ecf23] - doc,querystring: use code markup/markdown in headers (Rich Trott) #31086
  • [4dc930cdd9] - doc,readline: use code markup/markdown in headers (Rich Trott) #31086
  • [55a269ce7c] - doc,repl: use code markup/markdown in headers (Rich Trott) #31086
  • [8a98243fc6] - doc,stream: use code markup/markdown in headers (Rich Trott) #31086
  • [b0e4a02dca] - doc,string_decoder: use code markup/markdown in headers (Rich Trott) #31086
  • [ad48c27fe9] - doc,timers: use code markup/markdown in headers (Rich Trott) #31086
  • [fd0a3cbfd1] - doc,tls: use code markup/markdown in headers (Rich Trott) #31086
  • [38bcd45b4c] - doc,tty: use code markup/markdown in headers (Rich Trott) #31086
  • [4f564e77f7] - doc,url: use code markup/markdown in headers (Rich Trott) #31086
  • [1b2c0a9c43] - doc,util: use code markup/markdown in headers (Rich Trott) #31086
  • [9dfe436588] - doc,v8: use code markup/markdown in headers (Rich Trott) #31086
  • [930cf99345] - doc,vm: use code markup/markdown in headers (Rich Trott) #31086
  • [ffe92267fc] - doc,vm,test: remove _sandbox_ from vm documentation (Rich Trott) #31057
  • [255e3cdd40] - doc,wasi: use code markup/markdown in headers (Rich Trott) #31086
  • [a361a7356d] - doc,worker: use code markup/markdown in headers (Rich Trott) #31086
  • [367143ee33] - doc,zlib: use code markup/markdown in headers (Rich Trott) #31086
  • [df94cfb67c] - errors: improve ERR_INVALID_ARG_TYPE (Ruben Bridgewater) #29675
  • [2986982459] - errors: support prepareSourceMap with source-maps (Benjamin Coe) #31143
  • [a2ac9d3098] - esm: better error message for unsupported URL (Thomas) #31129
  • [298fdbe442] - esm: empty ext from pkg type/main doesnt affect format (Bradley Farias) #31021
  • [fa96f54028] - esm: make specifier flag clearly experimental (Myles Borins) #30678
  • [05172951ac] - esm: data URLs should ignore unknown parameters (Bradley Farias) #30593
  • [2275da52a0] - esm: disable non-js exts outside package scopes (Guy Bedford) #30501
  • [7b46b20947] - esm: exit the process with an error if loader has an issue (Michaël Zasso) #30219
  • [d6e69fbd25] - (SEMVER-MINOR) esm: unflag --experimental-exports (Guy Bedford) #29867
  • [eb82683538] - (SEMVER-MINOR) events: add EventEmitter.on to async iterate over events (Matteo Collina) #27994
  • [5cb0de948d] - (SEMVER-MINOR) events: allow monitoring error events (Gerhard Stoebich) #30932
  • [9f81da5883] - (SEMVER-MINOR) events: add captureRejection option (Matteo Collina) #27867
  • [578d12fa10] - fs: synchronize close with other I/O for streams (Anna Henningsen) #30837
  • [55c5baf413] - fs: retry unlink operations in rimraf (Colin Ihrig) #30569
  • [edc9efa5c8] - fs: only operate on buffers in rimraf (Colin Ihrig) #30569
  • [465a1cf8b9] - fs: use consistent defaults in sync stat functions (Colin Ihrig) #31097
  • [cc9712d7b3] - fs: remove unnecessary bind (Anatoli Papirovski) #28131
  • [1d4e3d50ab] - fs: reduce unnecessary sync rimraf retries (Colin Ihrig) #30785
  • [5d39527b22] - fs: add synchronous retries to rimraf (Colin Ihrig) #30785
  • [366a45be2a] - fs: fix existsSync for invalid symlink at win32 (Rongjian Zhang) #30556
  • [4fffb42939] - fs: add ENFILE to rimraf retry logic (Colin Ihrig) #30644
  • [f9d8494410] - fs: add retryDelay option to rimraf (Colin Ihrig) #30644
  • [7a321989ac] - fs: remove rimraf's emfileWait option (Colin Ihrig) #30644
  • [ccc228b438] - fs: make rimraf default to 0 retries (Colin Ihrig) #30644
  • [3a70185c16] - fs: rename rimraf's maxBusyTries to maxRetries (Colin Ihrig) #30644
  • [785aa86b94] - (SEMVER-MINOR) fs: add bufferSize option to fs.opendir() (Anna Henningsen) #30114
  • [73717f2d7e] - http: http_outgoing rename var to let and const (telenord) #30284
  • [350cfa7333] - http: free listeners on free sockets (Robert Nagy) #29259
  • [4cc10d5fd4] - http: use for...of in http library code (Trivikram Kamat) #30958
  • [35a33f6e01] - http: add captureRejection support to OutgoingMessage (Matteo Collina) #27867
  • [f7d128ad48] - http: implement capture rejections for 'request' event (Matteo Collina) #27867
  • [8111d69635] - http: remove unnecessary bind (Anatoli Papirovski) #28131
  • [4f85f52933] - http: improve performance caused by primordials (Lucas Recknagel) #30416
  • [db8144be31] - (SEMVER-MINOR) http: outgoing cork (Robert Nagy) #29053
  • [86369e4ac5] - (SEMVER-MINOR) http: support readable hwm in IncomingMessage (Colin Ihrig) #30135
  • [b9ffca1a00] - (SEMVER-MINOR) http: add reusedSocket property on client request (themez) #29715
  • [2445bc0d48] - http: fix monkey-patching of http_parser (Jimb Esser) #30222
  • [92a9dacce9] - http2: make HTTP2ServerResponse more streams compliant (Robert Nagy)
  • [5dd7c92b41] - http2: set default enableConnectProtocol to 0 (Yongsheng Zhang) #31174
  • [d7d7cf7513] - http2: implement capture rection for 'request' and 'stream' events (Matteo Collina) #27867
  • [84603ec3ee] - http2: remove unnecessary bind from setImmediate (Anatoli Papirovski) #28131
  • [081e488871] - http2: forward debug message in debugStreamObj (Denys Otrishko) #30840
  • [b2a2c6c032] - http2: track nghttp2-allocated memory in heap snapshot (Anna Henningsen) #30745
  • [9be789e632] - http2: use shared memory tracking implementation (Anna Henningsen) #30745
  • [53c691c390] - http2: streamline OnStreamRead streamline memory accounting (Denys Otrishko) #30351
  • [da9fffa6a0] - http2: small clean up in OnStreamRead (Denys Otrishko) #30351
  • [a4ae272c5b] - (SEMVER-MINOR) http2: make maximum tolerated rejected streams configurable (Denys Otrishko) #30534
  • [7b2660630c] - (SEMVER-MINOR) http2: allow to configure maximum tolerated invalid frames (Denys Otrishko) #30534
  • [7998fbb7e9] - http2: replace direct array usage with struct for js_fields_ (Denys Otrishko) #30534
  • [06bcd1ab9b] - https: prevent options object from being mutated (Vighnesh Raut) #31151
  • [dbee78caa4] - (SEMVER-MINOR) https: add client support for TLS keylog events (Sam Roberts) #30053
  • [9908bd0dc2] - inspector: do not access queueMicrotask from global (Michaël Zasso) #30732
  • [367484dbe1] - lib: move initialization of APIs for changing process state (Anna Henningsen) #31172
  • [7f70c2431c] - lib: do not catch user errors (Ruben Bridgewater) #31159
  • [59101b5a2a] - lib: replace var with let/const (kresimirfranin) #30394
  • [e7829758dd] - lib: further simplify assertions in vm/module (Anna Henningsen) #30815
  • [02fc95d3d7] - lib: improve spelling and grammar in comment (David Newman) #31026
  • [d19316d2d9] - lib: change var to let/const (rene.herrmann) #30910
  • [84c9e4f1b5] - lib: refactor NativeModule (Joyee Cheung) #30856
  • [168dd92537] - lib: replace var with let/const (jens-cappelle) #30384
  • [abfb8c11b5] - lib: delay access to CLI option to pre-execution (Joyee Cheung) #30778
  • [947d066da7] - lib: replace Map global by the primordials (Sebastien Ahkrin) #31155
  • [dc9a51d72b] - lib: replace use of Error with primordials (Sebastien Ahkrin) #31163
  • [131d961845] - lib: replace Set global by the primordials (Sebastien Ahkrin) #31154
  • [e955606a1e] - lib: replace WeakSet global by the primordials (Sebastien Ahkrin) #31157
  • [d5d0744d1a] - lib: replace WeakMap global by the primordials (Sebastien Ahkrin) #31158
  • [61e794b243] - lib: replace Set.prototype with SetPrototype primordial (Sebastien Ahkrin) #31161
  • [0229a24b47] - lib: replace Symbol.species by SymbolSpecies (Sebastien Ahkrin) #30950
  • [e01433db8b] - lib: replace Symbol.hasInstance by SymbolHasInstance (Sebastien Ahkrin) #30948
  • [497a1c8405] - lib: replace Symbol.asyncIterator by SymbolAsyncIterator (Sebastien Ahkrin) #30947
  • [a8a04efac8] - lib: enforce use of Promise from primordials (Michaël Zasso) #30936
  • [1092e0b6fb] - lib: add TypedArray constructors to primordials (Sebastien Ahkrin) #30740
  • [3348fe40e4] - lib: replace Symbol.toPrimitive to SymbolToPrimitive primordials (Sebastien Ahkrin) #30905
  • [06776496b4] - lib: update Symbol.toStringTag by SymbolToStringTag primordial (Sebastien Ahkrin) #30908
  • [b92511d8e6] - lib: enforce use of BigInt from primordials (Michaël Zasso) #30882
  • [fb18ad4e60] - lib: replace Symbol.iterator by SymbolIterator (Sebastien Ahkrin) #30859
  • [993c419ce7] - lib: replace every Symbol.for by SymbolFor primordials (Sebastien Ahkrin) #30857
  • [b95c50b392] - lib: replace Symbol global by the primordials Symbol (Sebastien Ahkrin) #30737
  • [8f911fe747] - lib: enforce use of primordial Number (Sebastien Ahkrin) #30700
  • [099edea144] - lib: use static Number properties from primordials (Michaël Zasso) #30686
  • [41510491f2] - lib: enforce use of Boolean from primordials (Michaël Zasso) #30698
  • [d3e1c5864b] - lib: replace Date.now function by primordial DateNow (Tchoupinax) #30689
  • [e53f5afdbe] - lib: replace ArrayBuffer.isView by primordial ArrayBuffer (Vincent Dhennin) #30692
  • [9260844e91] - lib: enforce use of Array from primordials (Michaël Zasso) #30635
  • [e2ae4c1aa1] - lib: flatten access to primordials (Michaël Zasso) #30610
  • [1c2d699ed8] - lib: use strict equality comparison (Donggeon Lim) #30898
  • [1698a53ed1] - lib: add parent to ERR_UNKNOWN_FILE_EXTENSION (qualitymanifest) #30728
  • [bcd27f7300] - lib: no need to strip BOM or shebang for scripts (Refael Ackermann) #27375
  • [1c50714729] - lib: rework logic of stripping BOM+Shebang from commonjs (Gus Caplan) #27768
  • [e98509b67c] - lib,test: improves ERR_REQUIRE_ESM message (Juan José Arboleda) #30694
  • [1607d38b22] - meta: clarify scope of new nodejs.org issue choice (Derek Lewis) #31123
  • [624ed0eed4] - module: fix check exports issue in cjs module loading (Guy Bedford) #31427
  • [60490f441a] - (SEMVER-MINOR) module: unflag conditional exports (Guy Bedford) #31001
  • [fcbc7756fe] - module: logical conditional exports ordering (Guy Bedford) #31008
  • [c6300e15bc] - module: loader getSource, getFormat, transform hooks (Geoffrey Booth) #30986
  • [e5437ef355] - module: fix require in node repl (Yongsheng Zhang) #30835
  • [3d1ca78144] - module: reduce circular dependency of internal/modules/cjs/loader (Joyee Cheung) #30349
  • [cad5c2bc6e] - module: fix dynamic import from eval (Corey Farrell) #30624
  • [77c69f51a3] - module: fixup lint and test regressions (Guy Bedford) #30802
  • [d65566a052] - module: fix specifier resolution algorithm (Rongjian Zhang) #30574
  • [657a8af8a9] - module: unflag resolve self (Guy Bedford) #31002
  • [7f4ee67435] - module: self resolve bug fix and esm ordering (Guy Bedford) #31009
  • [bb06225341] - module: conditional exports import condition (Guy Bedford) #30799
  • [b830f44ade] - module: ignore resolution failures for inspect-brk (Maël Nison) #30336
  • [dc084f9e33] - module: add warnings for experimental flags (Rongjian Zhang) #30617
  • [680ae770ab] - module: conditional exports with flagged conditions (Guy Bedford) #29978
  • [02c4d27007] - module: refactor modules bootstrap (Bradley Farias) #29937
  • [121c845714] - (SEMVER-MINOR) module: resolve self-references (Jan Krems) #29327
  • [b5d42aeac4] - (SEMVER-MINOR) n-api: implement napi_is_detached_arraybuffer (Denys Otrishko) #30613
  • [af5c489f39] - n-api: keep napi_env alive while it has finalizers (Anna Henningsen) #31140
  • [cab905f5ef] - (SEMVER-MINOR) n-api: add napi\_detach\_arraybuffer (legendecas) #29768
  • [7952154e5e] - net: remove duplicate _undestroy (Robert Nagy) #30833
  • [75972da470] - net: implement capture rejections for 'connection' event (Matteo Collina) #27867
  • [35b7ba6e7a] - perf_hooks: use for...of (Trivikram Kamat) #31049
  • [61a8af78fe] - (SEMVER-MINOR) perf_hooks: move perf_hooks out of experimental (legendecas) #31101
  • [25ba7f4d7c] - perf_hooks: remove unnecessary bind (Anatoli Papirovski) #28131
  • [1bcbc70ea8] - process: refs --unhandled-rejections documentation in warning message (Antoine du HAMEL) #30564
  • [5eafe3b5cb] - process: fix promise catching (Rongjian Zhang) #30957
  • [7a8232a041] - (SEMVER-MINOR) readline: promote _getCursorPos to public api (Jeremy Albright) #30687
  • [835151dadd] - readline: eagerly load string_decoder (Ruben Bridgewater) #30807
  • [c978396ee1] - repl: use better uncaught exceptions indicator (Ruben Bridgewater) #29676
  • [5ee105c9af] - repl: fix autocomplete when useGlobal is false (Michaël Zasso) #30883
  • [106e5ce581] - repl: fix referrer for dynamic import (Corey Farrell) #30609
  • [7fc6984c83] - (SEMVER-MINOR) repl: check for NODE_REPL_EXTERNAL_MODULE (Gus Caplan) #29778
  • [7a855f57b8] - src: accept single argument in getProxyDetails (Ruben Bridgewater) #30858
  • [9d60499bfb] - src: mark ArrayBuffers with free callbacks as untransferable (Anna Henningsen) #30475
  • [a4c7eba474] - src: prevent hard coding stack trace limit (legendecas) #30752
  • [65e5a8a90c] - src: unregister Isolate with platform before disposing (Anna Henningsen) #30909
  • [bf789145d9] - src: free preopen memory in WASI::New() (Colin Ihrig) #30809
  • [e9bda6618d] - src: use checked allocations in WASI::New() (Colin Ihrig) #30809
  • [29608beb82] - Revert "src: update v8abbr.h for V8 7.7" (Matheus Marchini) #30870
  • [5edd1a229b] - src: suppress warning in src/node_env_var.cc (Harshitha KP) #31136
  • [1b04e678ed] - src: enable stack trace printing for V8 check failures (Anna Henningsen) #31079
  • [715c158f2c] - src: port --bash-completion to C++ (Joyee Cheung) #25901
  • [f71b09fb27] - src: list used functions on headers (Juan José Arboleda) #30827
  • [91b72b3794] - src: fix compiler warning in env.cc (Anna Henningsen) #31020
  • [24a5929fae] - src: make debug_options getters public (Shelley Vohr) #30494
  • [e00c4e41b8] - src: fix the false isatty() issue on IBMi (Xu Meng) #30829
  • [d3c792997a] - src: improve checked uv loop close output (Anna Henningsen) #30814
  • [0c066dc610] - src: port memory-tracking allocator from QUIC repo (Anna Henningsen) #30745
  • [721ebf0487] - src: don't use deprecated OpenSSL APIs (Rosen Penev) #30812
  • [b233c36c10] - src: delete redundant method in node_dir.h (gengjiawen) #30747
  • [214042cd2f] - src: remove redundant cast in node_dir.cc (gengjiawen) #30747
  • [bd380d55d0] - src: improve node_crypto.cc memory allocation (Priyanka Kore) #30751
  • [19eb8e0268] - src: fix node_dir.cc memory allocation (Priyanka Kore) #30750
  • [78098d3859] - src: change header file in node_stat_watcher.cc (Reza Fatahi) #29976
  • [33064a14e4] - src: clean up node_file.h (Anna Henningsen) #30530
  • [3513243998] - src: fix -Wsign-compare warnings (Colin Ihrig) #30565
  • [50b7f840a1] - src: use uv_async_t for WeakRefs (Anna Henningsen) #30616
  • [8d6a90384d] - (SEMVER-MINOR) src: expose ArrayBuffer version of Buffer::New() (Anna Henningsen) #30476
  • [a81eae67ec] - (SEMVER-MINOR) src: expose ability to set options (Shelley Vohr) #30466
  • [af787b87ae] - (SEMVER-MINOR) src: allow adding linked bindings to Environment (Anna Henningsen) #30274
  • [60ac18ccd7] - (SEMVER-MINOR) src: deprecate two- and one-argument AtExit() (Anna Henningsen) #30227
  • [455a643c33] - (SEMVER-MINOR) src: expose granular SetIsolateUpForNode (Shelley Vohr) #30150
  • [a5d2b66bdc] - src: do not use std::function for OnScopeLeave (Anna Henningsen) #30134
  • [08e55e302b] - src: remove AsyncScope and AsyncCallbackScope (Anna Henningsen) #30236
  • [ce13d43819] - src: use callback scope for main script (Anna Henningsen) #30236
  • [e11a376677] - src: fix crash with SyntheticModule#setExport (Michaël Zasso) #30062
  • [e7c9042c72] - src: implement v8 host weakref hooks (Gus Caplan) #29874
  • [330eb10404] - src: make large_pages node.cc include conditional (Denys Otrishko) #31078
  • [84863994a3] - src: make --use-largepages a runtime option (Gabriel Schulhof) #30954
  • [ec3c39f54b] - src,test: use v8::Global instead of v8::Persistent (Anna Henningsen) #31018
  • [aad2578325] - stream: group all properties using defineProperties (antsmartian) #31144
  • [823ee2be05] - stream: reset flowing state if no 'readable' or 'data' listeners (Robert Nagy) #31036
  • [b12b9305f0] - stream: simplify isBuf (Robert Nagy) #31067
  • [3872a02020] - stream: use for...of (Trivikram Kamat) #30960
  • [322912aa65] - stream: do not chunk strings and Buffer in Readable.from (Matteo Collina) #30912
  • [d627724e9d] - stream: add support for captureRejection option (Matteo Collina) #27867
  • [369b7c235f] - stream: use more accurate end-of-stream writable and readable detection (Stewart X Addison) #29409
  • [55ca3a86b7] - (SEMVER-MINOR) stream: add writableCorked to Duplex (Anna Henningsen) #29053
  • [af960d7f22] - (SEMVER-MINOR) stream: add writableCorked property (Robert Nagy) #29012
  • [6e17ea4788] - test: change buffer offset to accommodate V8 BackingStore (Thang Tran) #31171
  • [b3e0bc2e91] - test: get lib/wasi.js coverage to 100% (Colin Ihrig) #31039
  • [07d195ab5f] - test: cover vm with negative tests (Andrew Kuzmenko) #31028
  • [b2caac25a7] - test: remove obsolete WASI test (Colin Ihrig) #30980
  • [ceca54940b] - test: simplify test-wasi-start-validation.js (Colin Ihrig) #30972
  • [be3fd2e714] - test: improve WASI start() coverage (Colin Ihrig) #30972
  • [a4b6668877] - test: add missing test flags (Colin Ihrig) #30971
  • [8f5ffffb61] - test: add test for validation for wasi.start() argument (Rich Trott) #30919
  • [5fff46a531] - test: work around ENOTEMPTY when cleaning tmp dir (Ben Noordhuis) #30849
  • [5bffe11cab] - test: wait for stream close before writing to file (Anna Henningsen) #30836
  • [6725fa11c7] - test: use fs rimraf to refresh tmpdir (Colin Ihrig) #30569
  • [b5d59a726b] - test: improve WASI options validation (Rich Trott) #30800
  • [6086a1dd61] - test: run more assert tests (Ruben Bridgewater) #30764
  • [45b74fbb5b] - test: improve wasi test coverage (Rich Trott) #30770
  • [fd33df7f33] - test: simplify tmpdir import in wasi tests (Rich Trott) #30770
  • [25b88acd0f] - test: use arrow functions in addons tests (garygsc) #30131
  • [023a802f20] - Revert "test: update postmortem metadata test for V8 7.7" (Matheus Marchini) #30870
  • [05ef4bdd35] - test: use spread object (Fran Herrero) #30423
  • [1d3405b05a] - test: log errors in test-http2-propagate-session-destroy-code (Denys Otrishko) #31072
  • [c7dafd8958] - test: skip the unsupported test cases for IBM i (Xu Meng) #30819
  • [2de25f18cd] - test: unflake async hooks statwatcher test (Denys Otrishko) #30362
  • [e68d86c195] - test: fix common.enoughTestMem (Rich Trott) #31035
  • [027a2dc3ec] - test: fix long lines (Colin Ihrig) #31014
  • [fa677ca5c5] - test: fix flaky test-http2-client-upload (Gerhard Stoebich) #29889
  • [d633ba07e3] - test: improve test coverage in child_process (Juan José Arboleda) #26282
  • [87543f024b] - test: improve dns lookup coverage (Kirill Ponomarev) #30777
  • [54a1078e76] - test: avoid leftover report file (Gerhard Stoebich) #30925
  • [d75a3f61d7] - test: improve assertion error message in test-debug-usage (Rich Trott) #30913
  • [768a53f219] - test: disable colorMode in test-console-group (Rich Trott) #30886
  • [a22d5e78e1] - test: assert: fix deepStrictEqual comparing a real array and fake array (Jordan Harband) #30743
  • [0dae8feefd] - test: refactor test-accessor-properties (himself65) #29943
  • [55a1a90fed] - test: scale keepalive timeouts for slow machines (Ben Noordhuis) #30834
  • [2d39ed97b9] - test: mark tests as flaky (João Reis) #30848
  • [fe3818e016] - test: mark addons/openssl-bindings/test flaky on arm (Richard Lau) #30838
  • [d15a2b6c19] - test: remove common.busyLoop() (Colin Ihrig) #30787
  • [4bb8d6aa03] - test: use callback arguments in getconnections test (Rich Trott) #30775
  • [35919999ce] - test: remove duplicate entries from root.status (Richard Lau) #30769
  • [d3004aacbf] - test: increase debugging information in subprocess test (Rich Trott) #30761
  • [7dc8237de1] - test: use block-scoping in test-net-server-address (Rich Trott) #30754
  • [13629368a4] - test: move test-child-process-fork-getconnections to parallel (Rich Trott) #30749
  • [096e3378ec] - test: change common.PORT to arbitrary port (Rich Trott) #30749
  • [860139408d] - test: update and harden http2-reset-flood (Denys Otrishko) #30534
  • [24f7335772] - test: cover 'close' method in Dir class (Artem Maksimov) #30310
  • [b87ae6dd43] - test: use tmpdir.refresh() in test-esm-windows.js (Richard Lau) #30997
  • [0ca80446c4] - test: make test-os-checked-function work without test harness (Rich Trott) #30914
  • [20c8a0a5ac] - test: delay loading 'os' in test/common module (Rich Trott) #30914
  • [71a3f485ba] - test: remove AtExit() addon test (Anna Henningsen) #30275
  • [e0eb670f0e] - test: revert 6d022c13 (Anna Henningsen) #30708
  • [ac9a8933c9] - test,module: add test for exports cjs loader check (Rich Trott) #31427
  • [f86862a2f5] - timers: fix refresh for expired timers (Anatoli Papirovski) #27345
  • [a4cbd57356] - timers: do less work in insert (Anatoli Papirovski) #27345
  • [cd700ffcba] - tls: for...of in _tls_common.js (Trivikram Kamat) #30961
  • [ba18406402] - tls: implement capture rejections for 'secureConnection' event (Matteo Collina) #27867
  • [b94172c9f7] - (SEMVER-MINOR) tls: add PSK support (Denys Otrishko) #23188
  • [693099cfae] - (SEMVER-MINOR) tls: expose IETF name for current cipher suite (Sam Roberts) #30637
  • [8a9243afce] - tls: introduce ERR_TLS_INVALID_CONTEXT (Rich Trott) #30718
  • [e80103a4cb] - (SEMVER-MINOR) tls: cli option to enable TLS key logging to file (Sam Roberts) #30055
  • [1974fd94ed] - tools: allow the travis commit message job to fail (Ruben Bridgewater) #31116
  • [340ce925a8] - tools: fix Raspbian armv7 build (Andrey Hohutkin) #31041
  • [56fb29a146] - tools: update ESLint to 6.8.0 (Colin Ihrig) #31044
  • [f2cc093d4a] - tools: enable Markdown linter's usage information (Derek Lewis) #30216
  • [7fabf77f7d] - tools: update link to google styleguide for cpplint (Daniel Bevenius) #30876
  • [21ccbddd5a] - tools: use CC instead of CXX when pointing to gcc (Milad Farazmand) #30817
  • [1f138f3450] - tools: update remark-preset-lint-node to 1.11.0 (Rich Trott) #30789
  • [fcecd09d6d] - tools: update ESLint to 6.7.2 (Rich Trott) #30762
  • [b09eda55f7] - tools: update remark-preset-lint-node to 1.10.1 (Rich Trott) #29982
  • [9acff553f9] - tools: update remark-preset-lint-node to 1.10.0 (Rich Trott) #29594
  • [e8176b0841] - tools: apply more stringent blank-line linting for markdown files (Rich Trott) #29447
  • [a19e9bd933] - tools: patch V8 to run on older XCode versions (Ujjwal Sharma) #29694
  • [0df49106d5] - tools: update V8 gypfiles (Michaël Zasso) #29694
  • [9b1aff4448] - tools,src: forbid usage of v8::Persistent (Anna Henningsen) #31018
  • [6d674d476e] - url: declare iterator inside loop (Trivikram Kamat) #30509
  • [a1d36db9d8] - util: improve prototype inspection using inspect() and showHidden (Ruben Bridgewater) #31113
  • [d3c0f46054] - util: add (typed) array length to the default output (Ruben Bridgewater) #31027
  • [19a3f8b8b5] - util: refactor inspect code for constistency (Ruben Bridgewater) #30225
  • [7686865174] - (SEMVER-MINOR) util: inspect (user defined) prototype properties (Ruben Bridgewater) #30768
  • [0376e1cf4d] - util: fix built-in detection (Ruben Bridgewater) #30768
  • [c6193fe009] - util: never trigger any proxy traps using format() (Ruben Bridgewater) #30767
  • [963c14c05c] - util: improve performance inspecting proxies (Ruben Bridgewater) #30767
  • [0074790b9c] - util: fix .format() not always calling toString when it should be (Ruben Bridgewater) #30343
  • [6a5580299e] - (SEMVER-MINOR) util: add more predefined color codes to inspect.colors (Ruben Bridgewater) #30659
  • [68f6841ca1] - (SEMVER-MINOR) util: improve inspect's customInspect performance (Ruben Bridgewater) #30659
  • [fe0c830864] - util: add internal sleep() function (Colin Ihrig) #30787
  • [fbd9ea8471] - v8: use of TypedArray constructors from primordials (Sebastien Ahkrin) #30740
  • [c802c998bf] - (SEMVER-MINOR) vm: add Synthetic modules (Gus Caplan) #29864
  • [8c34a14d89] - wasi: refactor destructuring object on constructor (himself65) #31185
  • [6bec620efc] - wasi: fix serdes bugs from snapshot1 migration (Colin Ihrig) #31122
  • [0d212fc9c1] - wasi: throw on failed uvwasi_init() (Colin Ihrig) #31076
  • [d31e6d9ee6] - wasi: require CLI flag to require() wasi module (Colin Ihrig) #30963
  • [bf789b5e3c] - wasi: use memory-tracking allocator (Anna Henningsen) #30745
  • [e2cb5d0754] - (SEMVER-MINOR) wasi: introduce initial WASI support (Colin Ihrig) #30258
  • [4ea1b816a4] - (SEMVER-MINOR) worker: add argv constructor option (legendecas) #30559
  • [7a8b659379] - (SEMVER-MINOR) worker: allow specifying resource limits (Anna Henningsen) #26628
  • [a2fa0318be] - zlib: use for...of (Trivikram Kamat) #31051
  • [7cad756e0c] - zlib: allow writes after readable 'end' to finish (Anna Henningsen) #31082

2020-02-06, Version 12.15.0 'Erbium' (LTS), @BethGriggs

Notable changes

This is a security release.

Vulnerabilities fixed:

  • CVE-2019-15606: HTTP header values do not have trailing OWS trimmed.
  • CVE-2019-15605: HTTP request smuggling using malformed Transfer-Encoding header.
  • CVE-2019-15604: Remotely trigger an assertion on a TLS server with a malformed certificate string.

Also, HTTP parsing is more strict to be more secure. Since this may cause problems in interoperability with some non-conformant HTTP implementations, it is possible to disable the strict checks with the --insecure-http-parser command line flag, or the insecureHTTPParser http option. Using the insecure HTTP parser should be avoided.

Commits

2020-01-07, Version 12.14.1 'Erbium' (LTS), @BethGriggs

Notable changes

  • crypto: fix key requirements in asymmetric cipher (Tobias Nießen) #30249
  • deps:
    • update llhttp to 2.0.1 (Fedor Indutny) #30553
    • update nghttp2 to 1.40.0 (gengjiawen) #30493
  • v8: mark serdes API as stable (Anna Henningsen) #30234

Commits

2019-12-17, Version 12.14.0 'Erbium' (LTS), @MylesBorins

This is a security release.

For more details about the vulnerability please consult the npm blog:

https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli

Notable changes

  • deps: update npm to 6.13.4 #30904

Commits

2019-11-19, Version 12.13.1 'Erbium' (LTS), @targos

Notable changes

  • Experimental support for building Node.js with Python 3 is improved.
  • ICU time zone data is updated to version 2019c. This fixes the date offset in Brazil.

Commits

2019-10-21, Version 12.13.0 'Erbium' (LTS), @targos

This release marks the transition of Node.js 12.x into Long Term Support (LTS) with the codename 'Erbium'. The 12.x release line now moves into "Active LTS" and will remain so until October 2020. After that time, it will move into "Maintenance" until end of life in April 2022.

Notable changes

npm was updated to 6.12.0. It now includes a version of node-gyp that supports Python 3 for building native modules.

Commits

2019-10-11, Version 12.12.0 (Current), @BridgeAR

Notable changes

  • build:
    • Add --force-context-aware flag to prevent usage of native node addons that aren't context aware #29631
  • deprecations:
    • Add documentation-only deprecation for process._tickCallback() #29781
  • esm:
    • Using JSON modules is experimental again #29754
  • fs:
    • Introduce opendir() and fs.Dir to iterate through directories #29349
  • process:
    • Add source-map support to stack traces by using --enable-source-maps#29564
  • tls:
    • Honor pauseOnConnect option #29635
    • Add option for private keys for OpenSSL engines #28973

Commits

2019-10-01, Version 12.11.1 (Current), @targos

Notable changes

  • build:
    • This release fixes a regression that prevented from building Node.js using the official source tarball (Richard Lau) #29712.
  • deps:
    • Updated small-icu data to support "unit" style in the Intl.NumberFormat API (Michaël Zasso) #29735.

Commits

  • [35e1d8c5ba] - build: include deps/v8/test/torque in source tarball (Richard Lau) #29712
  • [ae461964a7] - build,win: goto lint only after defining node_exe (João Reis) #29616
  • [588b388181] - crypto: use byteLength in timingSafeEqual (Tobias Nießen) #29657
  • [298d92785c] - deps: enable unit data in small-icu (Michaël Zasso) #29735
  • [0041f1c0d3] - doc: sync security policy with nodejs.org (Sam Roberts) #29682
  • [038cbb08de] - doc: fix output in inspector HeapProfile example (Kirill Fomichev) #29711
  • [d86f10cf0b] - doc: add KeyObject to type for crypto.createDecipheriv() argument (exoego) #29689
  • [1303e3551f] - doc: clarify description of readable.push() method (imhype) #29687
  • [d258e0242c] - doc: clarify stream errors while reading and writing (Robert Nagy) #29653
  • [0fc85ff96a] - doc: specify display=fallback for Google Fonts (XhmikosR) #29688
  • [c2791dcd9c] - doc: fix some recent nits (Vse Mozhet Byt) #29670
  • [7a6b05a26f] - doc: fix 404 links (XhmikosR) #29661
  • [2b76cb6dda] - doc: remove align from tables (XhmikosR) #29668
  • [3de1fc6958] - doc: document that iv may be null when using createCipheriv() (Ruben Bridgewater) #29684
  • [91e4cc7500] - doc: update AUTHORS list (Anna Henningsen) #29608
  • [2ea4cc0732] - doc: clarify pipeline stream cleanup (Robert Nagy) #29738
  • [ab060bfdab] - doc: clarify fs.symlink() usage (Simon A. Eugster) #29700
  • [b5c24dfbe8] - doc: fix type of atime/mtime (TATSUNO Yasuhiro) #29666
  • [6579b1a547] - doc,http: indicate callback is optional for message.setTimeout() (Trivikram Kamat) #29654
  • [a04fc86723] - http2: optimize the altsvc Max bytes limit, define and use constants (rickyes) #29673
  • [d1f4befd09] - module: pass full URL to loader for top-level load (Guy Bedford) #29736
  • [3f028551a8] - module: move cjs type check behind flag (Guy Bedford) #29732
  • [c3a1303bc2] - src: rename --loader to --experimental-loader (Alex Aubuchon) #29752
  • [17c3478d78] - src: fix asan build for gcc/clang (David Carlier) #29383
  • [64740d44b5] - src: fix compiler warning in inspector_profiler.cc (Daniel Bevenius) #29660
  • [a86b71f745] - src: disconnect inspector before exiting out of fatal exception (Joyee Cheung) #29611
  • [8d88010277] - src: try showing stack traces when process._fatalException is not set (Joyee Cheung) #29624
  • [2a6b7b0476] - test: fix flaky test-cluster-net-listen-ipv6only-none (Rich Trott) #29681
  • [69f26340e9] - tls: simplify setSecureContext() option parsing (cjihrig) #29704
  • [c361180c07] - tools: make mailmap processing for author list case-insensitive (Anna Henningsen) #29608
  • [ef033d046a] - worker: fix process._fatalException return type (Ruben Bridgewater) #29706
  • [04df7dbadb] - worker: keep allocators for transferred SAB instances alive longer (Anna Henningsen) #29637

2019-09-25, Version 12.11.0 (Current), @BridgeAR

Notable changes

  • crypto:
  • deps:
    • Update V8 to 7.7.299.11 #28918
      • More efficient memory handling
      • Stack trace serialization got faster
      • The Intl.NumberFormat API gained new functionality
      • For more information: https://v8.dev/blog/v8-release-77
  • events:
    • Add support for EventTarget in once #29498
  • fs:
    • Expose memory file mapping flag UV_FS_O_FILEMAP #29260
  • inspector:
    • New API - Session.connectToMainThread #28870
  • process:
    • Initial SourceMap support via env.NODE_V8_COVERAGE #28960
  • stream:
    • Make _write() optional when _writev() is implemented #29639
  • tls:
    • Add option to override signature algorithms #29598
  • util:
    • Add encodeInto to TextEncoder #29524
  • worker:
    • The worker_thread module is now stable #29512

Commits

  • [b9c7c9002f] - benchmark: improve process.env benchmarks (Anna Henningsen) #29188
  • [6b8951231c] - bootstrap: add exception handling for profiler bootstrap (Shobhit Chittora) #29552
  • [c052967636] - bootstrap: provide usable error on missing internal module (Jeremiah Senkpiel) #29593
  • [5c24bc6c68] - build: do not indent assignments in Makefile (Joyee Cheung) #29623
  • [f90740d734] - build: allow clang 10+ in configure.py (Kamil Rytarowski) #29541
  • [c304594536] - build: re-run configure on node_version.h change (Anna Henningsen) #29510
  • [f622771079] - build: improve make coverage (Anna Henningsen) #29487
  • [c1695c6635] - build: add comment to .travis.yml on how to test Py3 (cclauss) #29473
  • [6f50c3f391] - build: update minimum AIX OS level (Michael Dawson) #29476
  • [ee18238f55] - build: remove experimental Python 3 tests (Christian Clauss) #29413
  • [fe46054b14] - (SEMVER-MINOR) build: reset embedder string to "-node.0" (Michaël Zasso) #28918
  • [42fd139279] - build,win: fix Python detection on localized OS (João Reis) #29423
  • [f61c5097e2] - console: skip/strip %c formatting (Gus Caplan) #29606
  • [68630c5b65] - console,util: fix missing recursion end while inspecting prototypes (Ruben Bridgewater) #29647
  • [99c2cd8f08] - crypto: use BoringSSL-compatible flag getter (Shelley Vohr) #29604
  • [dd5d944005] - (SEMVER-MINOR) crypto: fix OpenSSL return code handling (Tobias Nießen) #29489
  • [54f327b4dc] - (SEMVER-MINOR) crypto: add oaepLabel option (Tobias Nießen) #29489
  • [5d60adf38b] - deps: patch V8 to 7.7.299.11 (Michaël Zasso) #29628
  • [c718c606c8] - deps: V8: cherry-pick deac757 (Benjamin Coe) #29626
  • [e4a51ad980] - deps: patch V8 to 7.7.299.10 (Thomas) #29472
  • [bc3c0b2d65] - deps: V8: cherry-pick 35c6d4d (Sam Roberts) #29585
  • [fa7de9b27f] - deps: update npm to 6.11.3 (claudiahdz) #29430
  • [f5f238de6c] - deps: upgrade to libuv 1.32.0 (cjihrig) #29508
  • [7957b392e4] - deps: patch V8 to 7.7.299.8 (Michaël Zasso) #29336
  • [90713c6697] - (SEMVER-MINOR) deps: patch V8 to be API/ABI compatible with 7.4 (from 7.7) (Michaël Zasso) #29241
  • [e95f866956] - deps: patch V8 to be API/ABI compatible with 7.4 (from 7.6) (Michaël Zasso) #28955
  • [4eeb2a99e5] - (SEMVER-MINOR) deps: patch V8 to be API/ABI compatible with 7.4 (from 7.5) (Michaël Zasso) #28005
  • [60efc5fd52] - deps: V8: cherry-pick e3d7f8a (cclauss) #29105
  • [d1bedbe717] - (SEMVER-MINOR) deps: V8: fix linking issue for MSVS (Refael Ackermann) #28016
  • [19e38e0def] - (SEMVER-MINOR) deps: V8: fix BUILDING_V8_SHARED issues (Refael Ackermann) #27375
  • [8aaa0abd26] - (SEMVER-MINOR) deps: V8: add workaround for MSVC optimizer bug (Refael Ackermann) #28016
  • [07ed874446] - (SEMVER-MINOR) deps: V8: use ATOMIC_VAR_INIT instead of std::atomic_init (Refael Ackermann) #27375
  • [1ed3909ca3] - (SEMVER-MINOR) deps: V8: forward declaration of Rtl*FunctionTable (Refael Ackermann) #27375
  • [242f6174e5] - (SEMVER-MINOR) deps: V8: patch register-arm64.h (Refael Ackermann) #27375
  • [63093e9d49] - (SEMVER-MINOR) deps: V8: update postmortem metadata generation script (cjihrig) #28918
  • [b54ee2185e] - (SEMVER-MINOR) deps: V8: silence irrelevant warning (Michaël Zasso) #26685
  • [c6f97bb7ce] - (SEMVER-MINOR) deps: V8: un-cherry-pick bd019bd (Refael Ackermann) #26685
  • [5df55c2626] - (SEMVER-MINOR) deps: V8: fix filename manipulation for Windows (Refael Ackermann) #28016
  • [80ccae000e] - (SEMVER-MINOR) deps: update V8 to 7.7.299.4 (Michaël Zasso) #28918
  • [325de437b3] - doc: update N-API version matrix (Gabriel Schulhof) #29461
  • [2707beb8b8] - doc: add code example to process.throwDeprecation property (Juan José Arboleda) #29495
  • [edaa2eebd6] - doc: fix some signatures of .end() methods (Vse Mozhet Byt) #29615
  • [13d173f131] - doc: remove the suffix number of the anchor link (Maledong) #29468
  • [3ba64646ed] - doc: explain stream.finished cleanup (Robert Nagy) #28935
  • [84b353cf5d] - doc: fix require call for spawn() in code example (Marian Rusnak) #29621
  • [39b17706ea] - doc: make minor improvements to stream.md (Robert Nagy) #28970
  • [50b5ad1638] - doc: fix nits in net.md (Vse Mozhet Byt) #29577
  • [4954792991] - doc: correct trivial misspelling in AUTHORS (gcr) #29597
  • [0074c8adb7] - doc: update list style in misc README docs (Rich Trott) #29594
  • [38028ef818] - doc: add missing complete property to http2 docs (Javier Ledezma) #29571
  • [55631f4f0a] - doc: add leap second behavior notes for napi methods (Levhita) #29569
  • [7fd32619c1] - doc: explain esm options for package authors (Geoffrey Booth) #29497
  • [f2217cdafe] - doc: update experimental loader hooks example code (Denis Zavershinskiy) #29373
  • [bf08c08384] - doc: use consistent unordered list style (Nick Schonning) #29516
  • [ca8e87a6d3] - doc: add Bethany to TSC (Michael Dawson) #29546
  • [aa541bbc88] - doc: add Tobias to the TSC (Michael Dawson) #29545
  • [9abee075ad] - doc: mention unit for process.hrtime.bigint() (Anna Henningsen) #29482
  • [3aea277b72] - doc: add documentation for stream readableFlowing (Chetan Karande) #29506
  • [a262e2f8d4] - doc: indent child list items for remark-lint (Nick Schonning) #29488
  • [2a5340144c] - doc: space around lists (Nick Schonning) #29467
  • [9e63f914da] - doc: exitedAfterDisconnect value can be false (Nimit Aggarwal) #29404
  • [b1509e8f8e] - doc: remove wrong escapes (XhmikosR) #29452
  • [7dd897f49a] - doc: prepare markdown files for more stringent blank-line linting (Rich Trott) #29447
  • [a9d16b5e30] - doc: simplify wording in n-api doc (Michael Dawson) #29441
  • [c95e9ca6dc] - doc: update release guide with notes for major releases (James M Snell) #25497
  • [a7331da863] - doc: indent ordered list child content (Nick Schonning) #29332
  • [32bb58ba9c] - doc: fix unsafe writable stream code example (Chetan Karande) #29425
  • [735ef8b235] - doc: async_hooks.createHook promiseResolve option (Ben Noordhuis) #29405
  • [844b45bf4f] - doc: change urls directly from 'http' to 'https' (Maledong) #29422
  • [4374d28c52] - doc: use consistent indenting for unordered list items (Nick Schonning) #29390
  • [835d1cabf6] - doc: start unorded lists at start of line (Nick Schonning) #29390
  • [8023e43e1d] - doc: change the 'txt' to 'console' for a command (Maledong) #29389
  • [b9c082d764] - esm: make dynamic import work in the REPL (Bradley Farias) #29437
  • [0a47d06150] - events: improve performance of EventEmitter.emit (Matteo Collina) #29633
  • [9150c4dc72] - (SEMVER-MINOR) events: add support for EventTarget in once (Jenia) #29498
  • [67f5de9b34] - fs: remove unnecessary argument check (Robert Nagy) #29043
  • [a20a8f48f7] - gyp: make StringIO work in ninja.py (Christian Clauss) #29414
  • [31b0b52a71] - http: refactor responseKeepAlive() (Robert Nagy) #28700
  • [6a7d24b69c] - http2: do not crash on stream listener removal w/ destroyed session (Anna Henningsen) #29459
  • [fa949ca365] - http2: send out pending data earlier (Anna Henningsen) #29398
  • [d6ba106f8c] - http2: do not start reading after write if new write is on wire (Anna Henningsen) #29399
  • [a268658496] - (SEMVER-MINOR) inspector: new API - Session.connectToMainThread (Eugene Ostroukhov) #28870
  • [144aeeac68] - lib: remove the use of util.isFunction (himself65) #29566
  • [91d99ce41c] - (SEMVER-MINOR) lib,test: fix error message check after V8 update (Michaël Zasso) #28918
  • [13fa966b7b] - module: error for CJS .js load within type: module (Guy Bedford) #29492
  • [ce45aae2ab] - module: reintroduce package exports dot main (Guy Bedford) #29494
  • [8474b82e35] - n-api: delete callback bundle via reference (Gabriel Schulhof) #29479
  • [50d7c39d91] - n-api: mark version 5 N-APIs as stable (Gabriel Schulhof) #29401
  • [6b30802471] - perf_hooks: remove non-existent entries from inspect (Kirill Fomichev) #29528
  • [c146fff307] - perf_hooks: ignore duplicated entries in observer (Kirill Fomichev) #29442
  • [9b4a49c844] - perf_hooks: remove GC callbacks on zero observers count (Kirill Fomichev) #29444
  • [b30c40bd5d] - perf_hooks: import http2 only once (Kirill Fomichev) #29419
  • [95431eace9] - policy: minor perf opts and cleanup (Bradley Farias) #29322
  • [6ba39d4fe4] - (SEMVER-MINOR) process: initial SourceMap support via NODE_V8_COVERAGE (Benjamin Coe) #28960
  • [03a3468666] - process: use public readableFlowing property (Chetan Karande) #29502
  • [a5bd7e3b2a] - repl: convert var to let and const (Lucas Holmquist) #29575
  • [7eae707fd9] - repl: fix bug in fs module autocompletion (zhangyongsheng) #29555
  • [596dd9fe34] - repl: add autocomplete support for fs.promises (antsmartian) #29400
  • [70a0c170d4] - repl: add missing variable declaration (Lucas Holmquist) #29535
  • [3878e1ed31] - src: perform check before running in runMicrotasks() (Jeremy Apthorp) #29581
  • [6f8ef2cbab] - src: discard remaining foreground tasks on platform shutdown (Anna Henningsen) #29587
  • [f84f1dbd98] - src: fix closing weak HandleWraps on GC (Anna Henningsen) #29640
  • [6284b498b4] - src: use libuv to get env vars (Anna Henningsen) #29188
  • [3a6bc90c29] - src: re-delete Atomics.wake (Gus Caplan) #29586
  • [51a1dfab94] - src: print exceptions from PromiseRejectCallback (Anna Henningsen) #29513
  • [4a5ba60e00] - src: modified RealEnvStore methods to use libuv functions (Devendra Satram) #27310
  • [67aa5ef12b] - src: make ELDHistogram a HandleWrap (Anna Henningsen) #29317
  • [5c3d484c21] - src: check microtasks before running them (Shelley Vohr) #29434
  • [010d29d74f] - src: fix ValidateDSAParameters when fips is enabled (Daniel Bevenius) #29407
  • [59b464026f] - (SEMVER-MINOR) src: update v8abbr.h for V8 7.7 (cjihrig) #28918
  • [78af92dda5] - (SEMVER-MINOR) src,lib: expose memory file mapping flag (João Reis) #29260
  • [f016823929] - stream: add test for multiple .push(null) (Chetan Karande) #29645
  • [b1008973e9] - stream: cleanup use of internal ended state (Chetan Karande) #29645
  • [e71bdadf52] - (SEMVER-MINOR) stream: make _write() optional when _writev() is implemented (Robert Nagy) #29639
  • [123437bcc3] - stream: apply special logic in removeListener for readable.off() (Robert Nagy) #29486
  • [322bc6f0a6] - stream: do not call _read() after destroy() (Robert Nagy) #29491
  • [78cbdf3286] - stream: optimize creation (Robert Nagy) #29135
  • [2dc52ad09c] - stream: simplify isUint8Array helper (Anna Henningsen) #29514
  • [560511924f] - test: fix race condition in test-worker-process-cwd.js (Ruben Bridgewater) #28609
  • [78ee065a11] - test: fix flaky test-inspector-connect-main-thread (Anna Henningsen) #29588
  • [87fd55c387] - test: unmark test-worker-prof as flaky (Anna Henningsen) #29511
  • [79a277ed10] - test: improve test-worker-message-port-message-before-close (Anna Henningsen) #29483
  • [909c669c04] - test: disable core dumps before running crash test (Ben Noordhuis) #29478
  • [561d504d71] - test: permit test-signalwrap to work without test runner (Rich Trott) #28306
  • [75c559dc3a] - test: remove flaky status for test-statwatcher (Rich Trott) #29392
  • [f056d55346] - (SEMVER-MINOR) test: update postmortem metadata test for V8 7.7 (cjihrig) #28918
  • [b43d2dd852] - timers: set _destroyed even if there are no destroy-hooks (Jeremiah Senkpiel) #29595
  • [6272f82c07] - (SEMVER-MINOR) tls: add option to override signature algorithms (Anton Gerasimov) #29598
  • [b7488c2a5c] - tools: cleanup getnodeversion.py for readability (Christian Clauss) #29648
  • [7bc2f06e0b] - tools: update ESLint to 6.4.0 (zhangyongsheng) #29553
  • [0db7ebe073] - tools: fix iculslocs to support ICU 65.1 (Steven R. Loomis) #29523
  • [bc7cc348cc] - tools: python3 compat for inspector code generator (Ben Noordhuis) #29340
  • [9de417ad59] - tools: delete v8_external_snapshot.gypi (Ujjwal Sharma) #29369
  • [2f81d59e75] - tools: fix GYP ninja generator for Python 3 (Michaël Zasso) #29416
  • [027dcff207] - (SEMVER-MINOR) tools: sync gypfiles with V8 7.7 (Michaël Zasso) #28918
  • [bbf209b5df] - tty: add color support for mosh (Aditya) #27843
  • [ced89ad75d] - util: include reference anchor for circular structures (Ruben Bridgewater) #27685
  • [772a5e0658] - (SEMVER-MINOR) util: add encodeInto to TextEncoder (Anna Henningsen) #29524
  • [97d8b33ffc] - (SEMVER-MINOR) worker: mark as stable (Anna Henningsen) #29512
  • [fa77dc5f3b] - worker: make terminate() resolve for unref’ed Workers (Anna Henningsen) #29484
  • [53f23715df] - worker: prevent event loop starvation through MessagePorts (Anna Henningsen) #29315
  • [d2b0568890] - worker: make transfer list behave like web MessagePort (Anna Henningsen) #29319

2019-09-03, Version 12.10.0 (Current), @BridgeAr

Notable changes

  • deps:
    • Update npm to 6.10.3 (isaacs) #29023
  • fs:
    • Add recursive option to rmdir() (cjihrig) #29168
    • Allow passing true to emitClose option (Giorgos Ntemiris) #29212
    • Add *timeNs properties to BigInt Stats objects (Joyee Cheung) #21387
  • net:
    • Allow reading data into a static buffer (Brian White) #25436

Commits

2019-08-26, Version 12.9.1 (Current), @targos

Notable changes

This release fixes two regressions in the http module:

  • Fixes an event listener leak in the HTTP client. This resulted in lots of warnings during npm/yarn installs (Robert Nagy) #29245.
  • Fixes a regression preventing the 'end' event from being emitted for keepalive requests in case the full body was not parsed (Matteo Collina) #29263.

Commits

  • [3cc8fca299] - crypto: handle i2d_SSL_SESSION() error return (Ben Noordhuis) #29225
  • [ae0a0e97ba] - http: reset parser.incoming when server request is finished (Anna Henningsen) #29297
  • [dedbd119c5] - http: fix event listener leak (Robert Nagy) #29245
  • [f8f8754d43] - Revert "http: reset parser.incoming when server response is finished" (Matteo Collina) #29263
  • [a6abfcb423] - src: remove unused using declarations (Daniel Bevenius) #29222
  • [ff6330a6ac] - test: fix 'timeout' typos (cjihrig) #29234
  • [3c7a1a9090] - test, http: add regression test for keepalive 'end' event (Matteo Collina) #29263

2019-08-20, Version 12.9.0 (Current), @targos

Notable changes

  • crypto:
    • Added an oaepHash option to asymmetric encryption which allows users to specify a hash function when using OAEP padding (Tobias Nießen) #28335.
  • deps:
    • Updated V8 to 7.6.303.29 (Michaël Zasso) #28955.
    • Updated libuv to 1.31.0 (cjihrig) #29070.
      • UV_FS_O_FILEMAP has been added for faster access to memory mapped files on Windows.
      • uv_fs_mkdir() now returns UV_EINVAL for invalid filenames on Windows. It previously returned UV_ENOENT.
      • The uv_fs_statfs() API has been added.
      • The uv_os_environ() and uv_os_free_environ() APIs have been added.
  • fs:
    • Added fs.writev, fs.writevSync and filehandle.writev (promise version) methods. They allow to write an array of ArrayBufferViews to a file descriptor (Anas Aboureada) #25925, (cjihrig) #29186.
  • http:
    • Added three properties to OutgoingMessage.prototype: writableObjectMode, writableLength and writableHighWaterMark #29018.
  • stream:
    • Added an new property readableEnded to readable streams. Its value is set to true when the 'end' event is emitted. (Robert Nagy) #28814.
    • Added an new property writableEnded to writable streams. Its value is set to true after writable.end() has been called. (Robert Nagy) #28934.

Commits

2019-08-15, Version 12.8.1 (Current), @targos

Notable changes

This is a security release.

Node.js, as well as many other implementations of HTTP/2, have been found vulnerable to Denial of Service attacks. See https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md for more information.

Vulnerabilities fixed:

  • CVE-2019-9511 “Data Dribble”: The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.
  • CVE-2019-9512 “Ping Flood”: The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.
  • CVE-2019-9513 “Resource Loop”: The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU, potentially leading to a denial of service.
  • CVE-2019-9514 “Reset Flood”: The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both, potentially leading to a denial of service.
  • CVE-2019-9515 “Settings Flood”: The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.
  • CVE-2019-9516 “0-Length Headers Leak”: The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory, potentially leading to a denial of service.
  • CVE-2019-9517 “Internal Data Buffering”: The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both, potentially leading to a denial of service.
  • CVE-2019-9518 “Empty Frames Flood”: The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU, potentially leading to a denial of service. (Discovered by Piotr Sikora of Google)

Commits

  • [bfeb5fc07f] - deps: update nghttp2 to 1.39.2 (Anna Henningsen) #29122
  • [08021fac59] - http2: allow security revert for Ping/Settings Flood (Anna Henningsen) #29122
  • [bbb4769cc1] - http2: pause input processing if sending output (Anna Henningsen) #29122
  • [f64515b05e] - http2: stop reading from socket if writes are in progress (Anna Henningsen) #29122
  • [ba332df5d2] - http2: consider 0-length non-end DATA frames an error (Anna Henningsen) #29122
  • [23b0db58ca] - http2: shrink default vector::reserve() allocations (Anna Henningsen) #29122
  • [4f10ac3623] - http2: handle 0-length headers better (Anna Henningsen) #29122
  • [a21a1c007b] - http2: limit number of invalid incoming frames (Anna Henningsen) #29122
  • [4570ed10d7] - http2: limit number of rejected stream openings (Anna Henningsen) #29122
  • [88726f2384] - http2: do not create ArrayBuffers when no DATA received (Anna Henningsen) #29122
  • [530004ef32] - http2: only call into JS when necessary for session events (Anna Henningsen) #29122
  • [58d8c9ef48] - http2: improve JS-side debug logging (Anna Henningsen) #29122

2019-08-06, Version 12.8.0 (Current), @BridgeAR

Notable changes

  • assert:
    • Legacy mode deprecation (DEP0089) is revoked (Colin Ihrig) #28892
  • crypto:
    • The outputLength option is added to crypto.createHash (Tobias Nießen) #28805
    • The maxmem range is increased from 32 to 53 bits (Tobias Nießen) #28799
  • n-api:
    • Added APIs for per-instance state management (Gabriel Schulhof) #28682
  • report:
    • Network interfaces get included in the report (Colin Ihrig) #28911
  • src:
    • v8.getHeapCodeStatistics() is now exported (Yuriy Vasiyarov) #27978

Commits

  • [d3426ee9f1] - assert: avoid potentially misleading reference to object identity (Anna Henningsen) #28824
  • [bbcf9f0625] - benchmark: swap var for let in buffer benchmarks (Alex Ramirez) #28867
  • [f2c1f3613b] - benchmark: swap var for let in util benchmarks (Alex Ramirez) #28867
  • [048db38ada] - benchmark: swap var for let in url benchmarks (Alex Ramirez) #28867
  • [391fe46378] - benchmark, http: refactor for code consistency (Alex Ramirez) #28791
  • [dcef7b8cc1] - build: include stubs in shared library (Jeroen Ooms) #28897
  • [470db47cb4] - build: remove support for s390 (but not s390x) (Ben Noordhuis) #28883
  • [25aa2228e4] - build: generate openssl config for BSD-x86 (Ben Noordhuis) #28806
  • [fb57bc4be4] - build: do not mix spaces and tabs in Makefile (Luigi Pinca) #28881
  • [9e7c66280e] - build: ignore backup files (Adam Majer) #28865
  • [24b9d29650] - build: uname -m is amd64 on freebsd, not x86_64 (Ben Noordhuis) #28804
  • [82f263d022] - build,tools: support building with Visual Studio 2019 (Michaël Zasso) #28781
  • [a7ef102a66] - crypto: add null check to outputLength logic (Colin Ihrig) #28864
  • [3a62202a54] - crypto: fix handling of malicious getters (scrypt) (Tobias Nießen) #28838
  • [b7c6ad595b] - (SEMVER-MINOR) crypto: add outputLength option to crypto.createHash (Tobias Nießen) #28805
  • [86f4c68d6a] - crypto: update root certificates (Sam Roberts) #28808
  • [e0e776331a] - (SEMVER-MINOR) crypto: increase maxmem range from 32 to 53 bits (Tobias Nießen) #28799
  • [11470d5c26] - deps: upgrade npm to 6.10.2 (isaacs) #28853
  • [9b02f3623b] - deps: dlloads node static linked executable (Luca Lindhorst) #28045
  • [24b8f2000c] - deps: remove backup files (Adam Majer) #28865
  • [ae56a232e1] - deps: backport b107214 from upstream V8 (Anna Henningsen) #28850
  • [19dad196e0] - deps: float 15d7e79 from openssl (Tobias Nießen) #28796
  • [9dfa636083] - dgram: changed 'var' to 'let' and 'const' (Manuel Ochoa Loaiza) #28357
  • [02a50c3b42] - doc: remove use of you (Michael Dawson) #28919
  • [bdd442fe35] - doc: describe NODE_OPTIONS interop w/cmd line opts (Alex Aubuchon) #28928
  • [57f5d50a3b] - doc: fix sorting nit in sections of http.md (Vse Mozhet Byt) #28943
  • [f4abf17d36] - doc: remove legacy mode deprecation in assert (Rich Trott) #28909
  • [0ac6d28f80] - doc: writableFinished is true before 'finish' (Robert Nagy) #28811
  • [7c80963d98] - doc: include "exports" resolver specification (guybedford) #28899
  • [5f07f49933] - doc: revoke DEP0089 (Colin Ihrig) #28892
  • [3e6342958b] - doc: add example about emitter.emit in events documentation (Felipe Duitama) #28374
  • [a28db5f470] - doc: add example of event close for child_process (Laura Ciro) #28376
  • [085eb4828b] - doc: fixup esm resolver spec formatting (Guy Bedford) #28885
  • [5533d48290] - doc: correct import statement (himself65) #28876
  • [ffc7a00c10] - doc: add documentation for stream.destroyed (Robert Nagy) #28815
  • [454e879a4a] - doc: fix incorrect name in report docs (Colin Ihrig) #28830
  • [881e345e0c] - doc: describe why new Buffer() is problematic (Sam Roberts) #28825
  • [95b87ce24a] - doc: claim NODE_MODULE_VERSION=76 for Electron 8 (Samuel Attard) #28809
  • [0667d0c6c2] - doc: add documentation for response.flushHeaders() (Luigi Pinca) #28807
  • [c0a044849d] - doc: fix type in NSS update instructions (Sam Roberts) #28808
  • [d0b1fb3311] - doc: api/stream.md typo from writeable to writable (Cotton Hou) #28822
  • [727ffe4720] - domain: use strong reference to domain while active (Anna Henningsen) #28313
  • [c9c7256f50] - http: reset parser.incoming when server response is finished (Anna Henningsen) #28646
  • [7d9eb17d30] - http2: destroy when settingsFn throws an error (himself65) #28908
  • [fa82cbc6cb] - http2: destructure constants from require call (Daniel Nalborczyk) #28176
  • [d0d31498d1] - http2: add constant to already destructured constants (Daniel Nalborczyk) #28176
  • [d72b6820bd] - inspector: report all workers (Eugene Ostroukhov) #28872
  • [464136fbc2] - lib: replace var with let in loaders.js (mbj36) #28081
  • [386d5d70fb] - lib: support min/max values in validateInteger() (Colin Ihrig) #28810
  • [2236affbf8] - module: exports error as MODULE_NOT_FOUND (Guy Bedford) #28905
  • [d9084d29fe] - module: unify package exports test for CJS and ESM (Jan Krems) #28831
  • [2262526562] - module: implement "exports" proposal for CommonJS (Jan Krems) #28759
  • [c93df0cfc3] - n-api: refactoring napi_create_function testing (Octavian Soldea) #28894
  • [e6b3bfe111] - n-api: refactor a previous commit (Octavian Soldea) #28848
  • [860c0d89b6] - (SEMVER-MINOR) n-api: add APIs for per-instance state management (Gabriel Schulhof) #28682
  • [3c52dbe15b] - net: shallow copy option when create Server (himself65) #28924
  • [1f82929ed0] - path: improve normalization performance (Brian White) #28948
  • [5d5c89a8f7] - policy: add dependencies map for resources (Bradley Farias) #28767
  • [4b91e4dafd] - (SEMVER-MINOR) report: include network interfaces in report (Colin Ihrig) #28911
  • [e0951c80f6] - report: loop over uv_cpu_info() results (Colin Ihrig) #28829
  • [4a747f6037] - Revert "src: remove trace_sync_io_ from env" (Сковорода Никита Андреевич) #28926
  • [d601a0a9c0] - src: allow generic C++ callables in SetImmediate() (Anna Henningsen) #28704
  • [3d51d3039c] - src: large pages fix FreeBSD fix region size (David Carlier) #28735
  • [cce208794e] - (SEMVER-MINOR) src: export v8.GetHeapCodeAndMetadataStatistics() (Yuriy Vasiyarov) #27978
  • [32cf344f8e] - src: readlink("/proc/self/exe") -> uv_exename() (Ben Noordhuis) #28333
  • [1b0d67b1e7] - src: fix OpenBSD build (David Carlier) #28384
  • [406c50c1d4] - src: read break_node_first_line from the inspect options (Samuel Attard) #28034
  • [8db43b1ff5] - src: move relative uptime init (Micha Hanselmann) #28849
  • [e334c1f13b] - src: fix type name in comment (Ben Noordhuis) #28320
  • [cf071a01f2] - stream: resolve perf regression introduced by V8 7.3 (Matteo Collina) #28842
  • [0f8f552105] - test: refactor test-fs-stat.js (Rich Trott) #28929
  • [c38952610e] - test: add tests for spaces in folder names (PaulBags) #28819
  • [efe9b97d40] - test: refactor test-beforeexit-event-exit using mustNotCall (himself65) #28901
  • [c42eb5dd55] - test: refactoring test_error testing (himself65) #28902
  • [b6e174b4f5] - test: use assert.throws() in test-require-json.js (Alejandro Nanez) #28358
  • [19070e442d] - test: fix nits in test/fixtures/tls-connect.js (Luigi Pinca) #28880
  • [31aa33bdcb] - test: fix race in test-http2-origin (Alba Mendez) #28903
  • [9b47f77571] - test: udpate test comment description (Andres Bedoya) #28351
  • [a0f89a2845] - test: refactor test using assert instead of try/catch (Juan Bedoya) #28346
  • [2142b6d3d1] - test: improve test-async-hooks-http-parser-destroy (Gerhard Stoebich) #28253
  • [f6051f9506] - test: specialize OOM check for AIX (Sam Roberts) #28857
  • [84efadf263] - test, util: refactor isObject in test-util (Alex Ramirez) #28878
  • [0b6a84a861] - test,report: relax CPU match requirements (Anna Henningsen) #28884
  • [a38fecdb20] - tools: update certdata.txt (Sam Roberts) #28808
  • [b282c8512b] - vm: increase code coverage of source_text_module.js (kball) #28350
  • [43acce1925] - worker: handle calling terminate when kHandler is null (elyalvarado) #28370

2019-07-23, Version 12.7.0 (Current), @targos

Notable changes

  • deps:
    • Updated nghttp2 to 1.39.1 (gengjiawen) #28448.
    • Updated npm to 6.10.0 (isaacs) #28525.
  • esm:
    • Implemented experimental "pkg-exports" proposal. A new "exports" field can be added to a module's package.json file to provide custom subpath aliasing. See proposal-pkg-exports for more information (Guy Bedford) #28568.
  • http:
    • Added response.writableFinished (Robert Nagy) #28681.
    • Exposed headers, rawHeaders and other fields on an http.ClientRequest"information" event (Austin Wright) #28459.
  • inspector:
    • Added inspector.waitForDebugger() (Aleksei Koziatinskii) #28453.
  • policy:
    • Added --policy-integrity=sri CLI option to mitigate policy tampering. If a policy integrity is specified and the policy does not have that integrity, Node.js will error prior to running any code (Bradley Farias) #28734.
  • readline,tty:
    • Exposed stream API from various methods which write characters (cjihrig) #28674, #28721.
  • src:
    • Use cgroups to get memory limits. This improves the way we set the memory ceiling for a Node.js process. Previously we would use the physical memory size to estimate the necessary V8 heap sizes. The physical memory size is not necessarily the correct limit, e.g. if the process is running inside a docker container or is otherwise constrained. This change adds the ability to get a memory limit set by linux cgroups, which is used by docker containers to set resource constraints (Kelvin Jin) #27508.

Commits

2019-07-03, Version 12.6.0 (Current), @targos

Notable changes

  • build:
    • Experimental support for building Node.js on MIPS architecture is back #27992.
  • child_process:
    • The promisified versions of child_process.exec and child_process.execFile now both return a Promise which has the child instance attached to their child property #28325.
  • deps:
    • Updated libuv to 1.30.1 #28449, #28511.
      • Support for the Haiku platform has been added.
      • The maximum UV_THREADPOOL_SIZE has been increased from 128 to 1024.
      • uv_fs_copyfile() now works properly when the source and destination files are the same.
  • process:
    • A new method, process.resourceUsage() was added. It returns resource usage for the current process, such as CPU time #28018.
  • src:
    • Fixed an issue related to stdio that could lead to a crash of the process in some circumstances #28490.
  • stream:
    • Added a writableFinished property to writable streams. It indicates that all the data has been flushed to the underlying system #28007.
  • worker:
    • Fixed an issue that prevented worker threads to listen for data on stdin #28153.
  • meta:

Commits

2019-06-27, Version 12.5.0 (Current), @BridgeAR

Notable changes

  • build:
    • The startup time is reduced by enabling V8 snapshots by default #28181
  • deps:
  • inspector:
    • The --inspect-publish-uid flag was added to specify ways of the inspector web socket url exposure #27741
  • n-api:
    • Accessors on napi_define_* are now ECMAScript-compliant #27851
  • report:
    • The cpu info got added to the report output #28188
  • src:
    • Restore the original state of the stdio file descriptors on exit to prevent leaving stdio in raw or non-blocking mode #24260
  • tools,gyp:
  • util:
    • inspect:
      • Array grouping became more compact and uses more columns than before #28059#28070
      • Long strings will not be split at 80 characters anymore. Instead they will be split on new lines #28055
  • worker:
    • worker.terminate() now returns a promise and using the callback is deprecated #28021

Commits

  • [f03241fc0a] - (SEMVER-MINOR) assert: add partial support for evaluated code in simple assert (Ruben Bridgewater) #27781
  • [ef8f147b7e] - (SEMVER-MINOR) assert: improve regular expression validation (Ruben Bridgewater) #27781
  • [8157a50161] - assert: print more lines in the error diff (Ruben Bridgewater) #28058
  • [82174412a5] - assert: fix error diff (Ruben Bridgewater) #28058
  • [1ee7ce6092] - assert: limit string inspection when logging assertion errors (Ruben Bridgewater) #28058
  • [ddef3d0560] - build: fix cctest target for --without-report (Richard Lau) #28238
  • [7cf79fa1c9] - build: guard test-doc recipe with node_use_openssl (Daniel Bevenius) #28199
  • [32b0803ef3] - build: turn on custom V8 snapshot by default (Joyee Cheung) #28181
  • [6a2d8e2579] - build: unbreak --with-intl=system-icu build (Ben Noordhuis) #28118
  • [eb89c06b95] - build: fix icu-i18n pkg-config version check (Ben Noordhuis) #28118
  • [02fdf5c14c] - build: don't swallow pkg-config warnings (Ben Noordhuis) #28118
  • [48d7d7c53e] - build: lint all docs under doc (Richard Lau) #28128
  • [d3207912fb] - build: fix configure script to work with Apple Clang 11 (Saagar Jha) #28071
  • [21bcfb67f6] - (SEMVER-MINOR) build: reset embedder string to "-node.0" (Refael Ackermann) #27375
  • [e5c26753e9] - build,meta: rearrange and narrow git ignore rules (Refael Ackermann) #27954
  • [5101e4c2a2] - (SEMVER-MINOR) build,v8: sync V8 gypfiles with 7.5 (Refael Ackermann) #27375
  • [5a7154ef32] - build,win: delegate lint-cpp to make (Refael Ackermann) #28102
  • [3f1787b47d] - crypto: add debug info client emit secureConnect (Daniel Bevenius) #28067
  • [9ea74b7bff] - deps: update archs files for OpenSSL-1.1.1c (Sam Roberts) #28211
  • [9c7ea2c9d9] - deps: upgrade openssl sources to 1.1.1c (Sam Roberts) #28211
  • [9419daf503] - deps: updated openssl upgrade instructions (Sam Roberts) #28211
  • [084ffd8c2f] - deps: update llhttp to 1.1.4 (Fedor Indutny) #28154
  • [9382b3be9c] - deps: V8: cherry-pick e0a109c (Joyee Cheung) #27533
  • [b690e19a9a] - deps: ignore deps/.cipd fetched by deps/v8/tools/node/fetch_deps.py (Joyee Cheung) #28095
  • [d42ad64253] - deps: update node-inspect to v1.11.6 (Jan Krems) #28039
  • [40a1a11542] - (SEMVER-MINOR) deps: patch V8 to be API/ABI compatible with 7.4 (Michaël Zasso) #28005
  • [ad3a164ec3] - (SEMVER-MINOR) deps: bump minimum icu version to 64 (Michaël Zasso) #27375
  • [e4aa869726] - (SEMVER-MINOR) deps: V8: backport 3a75c1f (Refael Ackermann) #27375
  • [bb729a415a] - (SEMVER-MINOR) deps: V8: fix BUILDING_V8_SHARED issues (Refael Ackermann) #27375
  • [f8a33abe0c] - (SEMVER-MINOR) deps: V8: workaround for MSVC 14.20 optimizer bug (Refael Ackermann) #27375
  • [0a5ff4cb33] - (SEMVER-MINOR) deps: V8: template explicit instantiation for GCC-8 (Refael Ackermann) #27375
  • [b411114a52] - (SEMVER-MINOR) deps: V8: use ATOMIC_VAR_INIT instead of std::atomic_init (Refael Ackermann) #27375
  • [c08d94baef] - (SEMVER-MINOR) deps: V8: forward declaration of Rtl*FunctionTable (Refael Ackermann) #27375
  • [445bb81ab6] - (SEMVER-MINOR) deps: V8: patch register-arm64.h (Refael Ackermann) #27375
  • [fa6dfec186] - (SEMVER-MINOR) deps: V8: backport f89e555 (Michaël Zasso) #27375
  • [8b8fe87e54] - deps: V8: cherry-pick cca9ae3c9a (Benedikt Meurer) #27729
  • [55e99448c8] - (SEMVER-MINOR) deps: V8: update postmortem metadata generation script (cjihrig) #26685
  • [2f92b15435] - (SEMVER-MINOR) deps: V8: silence irrelevant warning (Michaël Zasso) #26685
  • [ca8e5aa77b] - (SEMVER-MINOR) deps: V8: un-cherry-pick bd019bd (Refael Ackermann) #26685
  • [4a61bdbc1f] - (SEMVER-MINOR) deps: V8: fix filename manipulation for Windows (Refael Ackermann) #27375
  • [86a8bb7612] - (SEMVER-MINOR) deps: update V8 to 7.5.288.22 (Refael Ackermann) #27375
  • [47366d7cc6] - deps: V8: extend workaround for MSVC optimizer bug (Michaël Zasso) #28286
  • [071694472f] - dgram: fix abort on bad args (cjihrig) #28135
  • [8aeb9cc10f] - doc: revise intro sentence for assert (Rich Trott) #28226
  • [60156274b1] - doc: improve assert strict-mode text (Rich Trott) #28239
  • [39b10abf63] - doc: clarify commit message format in pull-requests.md (rexagod) #28125
  • [dba5983b00] - doc: add missing options allowed in NODE_OPTIONS (Richard Lau) #28179
  • [4cadddc6a7] - doc: document behavior of family:0 in dns.lookup() (cjihrig) #28163
  • [694faf13fb] - doc: pass path in URL constructor (Daniel Nalborczyk) #28161
  • [81a1a13efd] - doc: update kernel and glibc reqs for PPCle (Michael Dawson) #28162
  • [abe5d05523] - (SEMVER-MINOR) doc: update assert's validation functions (Ruben Bridgewater) #27781
  • [ecb963dd44] - doc: document trace-events category for dns requests (vmarchaud) #28100
  • [8c277555b7] - doc: add Buffer#subarray() and add note about Uint8Array#slice() (FUJI Goro (gfx)) #28101
  • [4d6262fb56] - doc: update broken/foundation links in README.md (Tierney Cyren) #28119
  • [00e6c9d2dd] - doc: add tls-min/max options to NODE_OPTIONS (Daniel Bevenius) #28146
  • [705f259142] - doc: split example into two (Ruben Bridgewater) #27670
  • [69af43ead9] - doc: clarify N-API version Matrix (Michael Dawson) #27942
  • [56b150b3d7] - doc: add current recommendation for ESM/CommonJS dual packages (Geoffrey Booth) #27957
  • [360c708f64] - doc: document Http2Stream#id property (murgatroid99) #28074
  • [5fc4e48fdd] - doc: add note about AsyncResource for Worker pooling (Anna Henningsen) #28023
  • [d1c53fc54e] - doc: fix prohibited-strings warning in pull-requests.md (rexagod) #28127
  • [e6ecc13cfa] - doc: improve synopsis.md (Rich Trott) #28115
  • [eb05db907a] - doc: edit reason-for-deprecation text (Rich Trott) #28098
  • [5ad0d047c6] - doc: improve DEP0090 text (Rich Trott) #28097
  • [9074f9b4e5] - doc: clarify special schemes (Rich Trott) #28091
  • [f95a52cb1e] - doc: clarify weak keys text (Rich Trott) #28090
  • [eb73ed8158] - doc: remove superfluous filenaming convention (Rich Trott) #28089
  • [f7d8384af2] - doc: mark Node.js 11 as EOL in changelog (Richard Lau) #28076
  • [87c55ea0ef] - doc: adjust TOC margins (Roman Reiss) #28075
  • [9dd4813008] - doc: order deprecation reasons (Trivikram Kamat) #27960
  • [e3f905ac7e] - doc: remove "encouraged" as hedging in fs.md (Rich Trott) #28027
  • [df22b96cb0] - doc: remove "strongly recommended" as hedging in fs.md (Rich Trott) #28028
  • [049429bd97] - doc: remove "strongly recommended" hedging from tls.md (Rich Trott) #28029
  • [79d4f285be] - doc: remove "strongly recommended" hedging in deprecations.md (Rich Trott) #28031
  • [613064699e] - doc,n-api: fix typo (Richard Lau) #28178
  • [5ee6ecd979] - doc,test: test documentation consistency for NODE_OPTIONS (Richard Lau) #28179
  • [e1fc9b987a] - http2: do not register unnecessary listeners (Antonio Kukas) #27987
  • [faeed804c7] - https: do not automatically use invalid servername (Sam Roberts) #28209
  • [f8c9a58bf5] - inspector: added --inspect-publish-uid (Aleksei Koziatinskii) #27741
  • [9b248e33de] - module: prevent race condition while combining import and require (Ruben Bridgewater) #27674
  • [6014429580] - module: handle empty require.resolve() options (cjihrig) #28078
  • [9c19c4b6a3] - n-api: define ECMAScript-compliant accessors on napi_define_class (legendecas) #27851
  • [b60287d188] - n-api: define ECMAScript-compliant accessors on napi_define_properties (legendecas) #27851
  • [a40cfb32d2] - n-api: defer Buffer finalizer with SetImmediate (Anna Henningsen) #28082
  • [dfbbfbb765] - net: make writeAfterFIN() return false (Luigi Pinca) #27996
  • [2515df029a] - perf_hooks,trace_events: use stricter equality (cjihrig) #28166
  • [43fa824a3b] - process: refactor unhandled rejection handling (Joyee Cheung) #28228
  • [b491eabff1] - process: improve queueMicrotask performance (Anatoli Papirovski) #28093
  • [460cc6285a] - process: code cleanup for nextTick (Anatoli Papirovski) #28047
  • [4eaac83c5f] - report: add cpu info to report output (Christopher Hiller) #28188
  • [029b50dab4] - src: fix compiler warning in node_worker.cc (Daniel Bevenius) #28198
  • [a5998152d5] - src: fix off-by-one error in native SetImmediate (Anna Henningsen) #28082
  • [c67642ae03] - src: do not use pointer for loop in node_watchdog (Anna Henningsen) #28020
  • [b5dda32b8a] - src: restore stdio on program exit (Ben Noordhuis) #24260
  • [8984b73033] - src: remove TLS code for unsupported OpenSSLs (Sam Roberts) #28085
  • [8849eb24c1] - src: handle exceptions from ToDetailString() (Anna Henningsen) #28019
  • [8a032fc50c] - src: expose DOMException to internalBinding('message') for testing (Joyee Cheung) #28072
  • [a5fdedb3d5] - src: only run preloadModules if the preload array is not empty (Samuel Attard) #28012
  • [c821eefa5f] - src: add napi_define_class() null checks (Octavian Soldea) #27945
  • [95ee3b55d3] - src: use RAII in setgroups implementation (Anna Henningsen) #28022
  • [d81c67bd8f] - src: fix unused private field warning (cjihrig) #28036
  • [e8bedd2009] - src: split RunBootstrapping() (Joyee Cheung) #27539
  • [c20c6e55b5] - src: reorganize inspector and diagnostics initialization (Joyee Cheung) #27539
  • [c086736a49] - src: create Environment properties in Environment::CreateProperties() (Joyee Cheung) #27539
  • [70f8e71a0d] - src: inline ProcessCliArgs in the Environment constructor (Joyee Cheung) #27539
  • [174b3c4b1b] - test: add eval ESM module tests (Evgenii Shchepotev) #27956
  • [aa3c41fe40] - test: fix NODE_OPTIONS feature check (Richard Lau) #28225
  • [9edf69545d] - test: move --cpu-prof tests to sequential (Joyee Cheung) #28210
  • [df9b253e2c] - test: skip test-worker-prof as flaky for all (Milad Farazmand) #28175
  • [bd16f9b2da] - test: remove FIB environment variable from cpu-prof.js (Rich Trott) #28183
  • [a3f8385d7f] - test: remove unused output argument for getFrames() (Rich Trott) #28183
  • [58eccb1213] - test: document cpu-prof module (Rich Trott) #28183
  • [318328f6b7] - test: improve unexpected warnings error (Ruben Bridgewater) #28138
  • [31ccd36668] - test: mark test-fs-stat-bigint as flaky (Rich Trott) #28156
  • [de6627f9a4] - test: remove duplicate test-child-process-execfilesync-maxBuffer.js (Joyee Cheung) #28139
  • [2353c63dc2] - test: split test-cpu-prof.js (Joyee Cheung) #28170
  • [186e94c322] - test: add github refs to flaky tests (Sam Roberts) #28123
  • [d8061dc1a0] - test: remove test-gc-http-client from status file (Rich Trott) #28130
  • [d6791d1cb8] - test: remove test-tty-wrap from status file (Rich Trott) #28129
  • [b0bc23c572] - test: add comments to the foaf+ssl fixtures (Alex Aubuchon) #27962
  • [189d6af2b3] - test: change formatting of fixtures/keys/Makefile (Alex Aubuchon) #27962
  • [94a6d7a518] - test: change fixtures.readSync to fixtures.readKey (Alex Aubuchon) #27962
  • [c82023a173] - test: remove uneeded agent keypair in fixtures/ (Alex Aubuchon) #27962
  • [74e6109f39] - test: move foafssl certs to fixtures/keys/ (Alex Aubuchon) #27962
  • [78f39c91ac] - test: remove uneeded alice certs in fixtures/ (Alex Aubuchon) #27962
  • [5d0737735b] - test: remove uneeded certs in fixtures/ (Alex Aubuchon) #27962
  • [d757e0b6d4] - test: move dherror.pem to fixtures/keys/ (Alex Aubuchon) #27962
  • [f9ddcc6305] - test: remove pass-* certs (Alex Aubuchon) #27962
  • [e673b57055] - test: move test_[key|ca|cert] to fixtures/keys/ (Alex Aubuchon) #27962
  • [8670f6dd22] - test: move spkac certs to fixtures/keys/ (Alex Aubuchon) #27962
  • [7d1f15fba1] - test: move x448 keypairs to fixtures/keys/ (Alex Aubuchon) #27962
  • [22bbdc5068] - test: move ed448 keypairs to fixtures/keys/ (Alex Aubuchon) #27962
  • [9de9d55bfc] - test: move dsa keypairs to fixtures/keys/ (Alex Aubuchon) #27962
  • [9684842023] - test: move rsa keypairs to fixtures/keys/ (Alex Aubuchon) #27962
  • [7ae23abc01] - test: move x25519 keypair to fixtures/keys/ (Alex Aubuchon) #27962
  • [adb0197d6d] - test: move ed25519 keypair to fixtures/keys/ (Alex Aubuchon) #27962
  • [14bd26c8da] - test: remove workaround for unsupported OpenSSLs (Sam Roberts) #28085
  • [d4bb88eed8] - test: simplify tests code (himself65) #28065
  • [87e977ae42] - test: make sure vtable is generated in addon test with LTO (Anna Henningsen) #28057
  • [3feaf3ddbe] - test: mark test-worker-debug as flaky (Refael Ackermann) #28035
  • [098cf74292] - test: regression test tmpdir (Refael Ackermann) #28035
  • [e08a98fa43] - test: always suffix tmpdir (Refael Ackermann) #28035
  • [f33623662f] - test: shell out to rmdir first on Windows (Refael Ackermann) #28035
  • [1ef2811236] - test: only assert on first lines of TLS trace (Sam Roberts) #28043
  • [62de36e8d3] - Revert "test: move all test keys/certs under test/fixtures/keys/" (Sam Roberts) #28083
  • [2331e9c380] - test: add comments to the foaf+ssl fixtures (Alex Aubuchon) #27962
  • [8e28259bf8] - test: change formatting of fixtures/keys/Makefile (Alex Aubuchon) #27962
  • [d258504a31] - test: change fixtures.readSync to fixtures.readKey (Alex Aubuchon) #27962
  • [328b2d0c88] - test: remove uneeded agent keypair in fixtures/ (Alex Aubuchon) #27962
  • [a0d2862b1e] - test: move foafssl certs to fixtures/keys/ (Alex Aubuchon) #27962
  • [af9eb9648e] - test: remove uneeded alice certs in fixtures/ (Alex Aubuchon) #27962
  • [ee62fa172c] - test: remove uneeded certs in fixtures/ (Alex Aubuchon) #27962
  • [f41dfd71a0] - test: move dherror.pem to fixtures/keys/ (Alex Aubuchon) #27962
  • [98f7ae9e7b] - test: remove pass-* certs (Alex Aubuchon) #27962
  • [27d6b28943] - test: move test_[key|ca|cert] to fixtures/keys/ (Alex Aubuchon) #27962
  • [5ac6dddb83] - test: move spkac certs to fixtures/keys/ (Alex Aubuchon) #27962
  • [03b92e93b1] - test: move x448 keypairs to fixtures/keys/ (Alex Aubuchon) #27962
  • [4155bbaeab] - test: move ed448 keypairs to fixtures/keys/ (Alex Aubuchon) #27962
  • [9209698139] - test: move dsa keypairs to fixtures/keys/ (Alex Aubuchon) #27962
  • [ad42258d5a] - test: move rsa keypairs to fixtures/keys/ (Alex Aubuchon) #27962
  • [686cb13f78] - test: move x25519 keypair to fixtures/keys/ (Alex Aubuchon) #27962
  • [1f2de2fbe1] - test: move ed25519 keypair to fixtures/keys/ (Alex Aubuchon) #27962
  • [687e57fe19] - test: rename worker MessagePort test (Anna Henningsen) #28024
  • [7165254f8b] - test: more tls hostname verification coverage (Ben Noordhuis) #27999
  • [92d1ca9645] - (SEMVER-MINOR) test: fail test-worker-prof on internal timeout (Refael Ackermann) #27375
  • [ab1a4eb12d] - (SEMVER-MINOR) test: drain platform before unregistering isolate (Refael Ackermann) #27375
  • [b6bdf752d6] - test,v8: skip less and stabilize test-linux-perf.js (Refael Ackermann) #27364
  • [7044a7a302] - tls: remove unnecessary set of DEFAULT_MAX_VERSION (Daniel Bevenius) #28147
  • [6b9d477520] - tls: rename validateKeyCert in _tls_common.js (Daniel Bevenius) #28116
  • [aeda0c3d35] - tools: assert that the snapshot can be rehashed in node_mksnapshot (Joyee Cheung) #28181
  • [a0c5b58b44] - tools: fix update-babel-eslint.sh script (RubenBridgewater) #27670
  • [6460d071d2] - tools: increase the maximum number of files to lint per worker (Ruben Bridgewater) #27670
  • [bf76823a47] - tools: ignore node_modules when linting (Ruben Bridgewater) #27670
  • [52564dbb28] - tools: update babel-eslint (Ruben Bridgewater) #27670
  • [9be67b2cbc] - tools: activate more eslint rules (Ruben Bridgewater) #27670
  • [739c2a3336] - tools: update eslint config (Ruben Bridgewater) #27670
  • [adfbd362fc] - tools: update eslint (Ruben Bridgewater) #27670
  • [018159d734] - (SEMVER-MINOR) tools,gyp: introduce MSVS 2019 (Refael Ackermann) #27375
  • [9dd840dff5] - trace_events: respect inspect() depth (cjihrig) #28037
  • [b6f113bc15] - util: use average bias while grouping arrays (Ruben Bridgewater) #28070
  • [7e617606b0] - util: improve .inspect() array grouping (Ruben Bridgewater) #28070
  • [9ced334a6c] - util: refactor inspecting long lines (Ruben Bridgewater) #28055
  • [dfdf742fd1] - util: use Set to store deprecation codes (Daniel Nalborczyk) #28113
  • [c3243de47a] - util: special handle maxArrayLength while grouping arrays (Ruben Bridgewater) #28059
  • [f897860427] - util: support AsyncGeneratorFunction in .inspect (Ruben Bridgewater) #28056
  • [d659ed6dbe] - worker: refactor worker.terminate() (Anna Henningsen) #28021
  • [303a9a3d06] - worker: make MessagePort constructor non-callable (Anna Henningsen) #28032
  • [79a8cd0dec] - worker: add typechecking for postMessage transfer list (Anna Henningsen) #28033
  • [d7641d833c] - worker: use DataCloneError for unknown native objects (Anna Henningsen) #28025

2019-06-04, Version 12.4.0 (Current), @targos

Notable changes

  • doc:
    • The JSON variant of the API documentation is no longer experimental (Rich Trott) #27842.
  • esm:
    • JSON module support is always enabled under --experimental-modules. The --experimental-json-modules flag has been removed (Myles Borins) #27752.
  • http,http2:
    • A new flag has been added for overriding the default HTTP server socket timeout (which is two minutes). Pass --http-server-default-timeout=milliseconds or --http-server-default-timeout=0 to respectively change or disable the timeout. Starting with Node.js 13.0.0, the timeout will be disabled by default (Ali Ijaz Sheikh) #27704.
  • inspector:
    • Added an experimental --heap-prof flag to start the V8 heap profiler on startup and write the heap profile to disk before exit (Joyee Cheung) #27596.
  • stream:
    • The readable.unshift() method now correctly converts strings to buffers. Additionally, a new optional argument is accepted to specify the string's encoding, such as 'utf8' or 'ascii' (Marcos Casagrande) #27194.
  • v8:
    • The object returned by v8.getHeapStatistics() has two new properties: number_of_native_contexts and number_of_detached_contexts (Yuriy Vasiyarov) #27933.

Commits

  • [5bbc6d79c3] - assert: remove unreachable code (Rich Trott) #27840
  • [530e63a4eb] - assert: remove unreachable code (Rich Trott) #27786
  • [9b08c458be] - build,aix: link with noerrmsg to eliminate warnings (Refael Ackermann) #27773
  • [08b0ca9645] - build,win: create junction instead of symlink to out\%config% (Refael Ackermann) #27736
  • [ea2d550507] - child_process: move exports to bottom for consistent code style (himself65) #27845
  • [a9f95572c3] - child_process: remove extra shallow copy (zero1five) #27801
  • [449ee8dd42] - console: fix table() output (Brian White) #27917
  • [9220a68a76] - crypto: fix KeyObject handle type error message (Alexander Avakov) #27904
  • [3b6424fa29] - deps: histogram: unexport symbols (Ben Noordhuis) #27779
  • [ef25ac5223] - doc: clarify wording in modules.md (Alex Temny) #27853
  • [c683cd99d7] - doc: improve explanation for directory with fs.rename() (Rich Trott) #27963
  • [70b485478c] - doc: fix the wrong name of AssertionError (Kyle Zhang) #27982
  • [11c3ddb4cb] - doc: simplify system call material in doc overview (Rich Trott) #27966
  • [c56640138a] - doc: warn about relying on fs gc close behavior (Benjamin Gruenbaum) #27972
  • [bab9f5a891] - doc: add information to revoked deprecations (cjihrig) #27952
  • [f4fc75d245] - doc: add missing status to DEP0121 (cjihrig) #27950
  • [77ff597faa] - doc: add missing --experimental-wasm-modules docs (cjihrig) #27948
  • [6ca4f03ccf] - doc: revise additional Experimental status text (Rich Trott) #27931
  • [a1788de0a4] - doc: adds link to nightly code coverage report (Tariq Ramlall) #27922
  • [b7cd0de145] - doc: fix typo in pipe from async iterator example (Luigi Pinca) #27870
  • [f621b8f178] - doc: reword Experimental stability index (Rich Trott) #27879
  • [7a7fc4e7e6] - doc: update n-api support matrix (teams2ua) #27567
  • [9d9b32eff5] - doc: fix for OutgoingMessage.prototype._headers/_headerNames (Daniel Nalborczyk) #27574
  • [263e53317b] - doc: reposition "How to Contribute" README section (Anish Asrani) #27811
  • [85f505c292] - doc: add version info for types (Michael Dawson) #27754
  • [e3bb2aef60] - doc: remove experimental status for JSON documentation (Rich Trott) #27842
  • [6981565c20] - doc: edit stability index overview (Rich Trott) #27831
  • [1a8e67cc1f] - doc: simplify contributing documentation (Rich Trott) #27785
  • [041b2220be] - doc,n-api: fix typo in N-API introduction (Richard Lau) #27833
  • [6cd64c8279] - doc,test: clarify that Http2Stream is destroyed after data is read (Alba Mendez) #27891
  • [cc69d5af8e] - doc,tools: get altDocs versions from CHANGELOG.md (Richard Lau) #27661
  • [e72d4aa522] - errors: create internal connResetException (Rich Trott) #27953
  • [be1166fd01] - esm: refactor createDynamicModule() (cjihrig) #27809
  • [e66648e887] - (SEMVER-MINOR) esm: remove experimental status from JSON modules (Myles Borins) #27752
  • [d948656635] - http: fix deferToConnect comments (Robert Nagy) #27876
  • [24eaeed393] - http: fix socketOnWrap edge cases (Anatoli Papirovski) #27968
  • [8b38dfbf39] - http: call write callback even if there is no message body (Luigi Pinca) #27777
  • [588fd0c20d] - (SEMVER-MINOR) http, http2: flag for overriding server timeout (Ali Ijaz Sheikh) #27704
  • [799aeca134] - http2: respect inspect() depth (cjihrig) #27983
  • [83aaef87d0] - http2: fix tracking received data for maxSessionMemory (Anna Henningsen) #27914
  • [8c35198499] - http2: support net.Server options (Luigi Pinca) #27782
  • [23119cacf8] - inspector: supported NodeRuntime domain in worker (Aleksei Koziatinskii) #27706
  • [89483be254] - inspector: more conservative minimum stack size (Ben Noordhuis) #27855
  • [512ab1fddf] - inspector: removing checking of non existent field in lib/inspector.js (Keroosha) #27919
  • [d99e70381e] - SEMVER-MINOR inspector: implement --heap-prof (Joyee Cheung) #27596
  • [25eb05a97a] - lib: removed unnecessary fs.realpath options arg check + tests (Alex Pry) #27909
  • [9b90385825] - Revert "lib: print to stdout/stderr directly instead of using console" (Richard Lau) #27823
  • [18650579e8] - meta: correct personal info (Refael Ackermann (רפאל פלחי)) #27940
  • [d982f0b7e2] - meta: create github support file (Gus Caplan) #27926
  • [2b7ad122b2] - n-api: DRY napi_coerce_to_x() API methods (Ben Noordhuis) #27796
  • [1da5acbf91] - os: assume UTF-8 for hostname (Anna Henningsen) #27849
  • [d406785814] - src: unimplement deprecated v8-platform methods (Michaël Zasso) #27872
  • [33236b7c54] - (SEMVER-MINOR) src: export number_of_native_contexts and number_of_detached_contexts (Yuriy Vasiyarov) #27933
  • [1a179e1736] - src: use ArrayBufferViewContents more frequently (Anna Henningsen) #27920
  • [b9cc4072e6] - src: make UNREACHABLE variadic (Refael Ackermann) #27877
  • [44846aebd2] - src: move DiagnosticFilename inlines into a -inl.h (Sam Roberts) #27839
  • [d774ea5cce] - src: remove env-inl.h from header files (Sam Roberts) #27755
  • [02f794a53f] - src: remove memory_tracker-inl.h from header files (Sam Roberts) #27755
  • [940577bd76] - src: move ThreadPoolWork inlines into a -inl.h (Sam Roberts) #27755
  • [c0cf17388c] - src: ignore SIGXFSZ, don't terminate (ulimit -f) (Ben Noordhuis) #27798
  • [a47ee80114] - (SEMVER-MINOR) stream: convert string to Buffer when calling unshift(<string>) (Marcos Casagrande) #27194
  • [5eccd642ef] - stream: convert existing buffer when calling .setEncoding (Anna Henningsen) #27936
  • [6a5ce36fb8] - test: handle unknown message type in worker threads (Rich Trott) #27995
  • [182725651b] - test: add coverage for unserializable worker thread error (Rich Trott) #27995
  • [887dd604f1] - test: simplify fs promises test (Daniel Nalborczyk) #27242
  • [9229825496] - test: covering destroying when worker already disconnected (Keroosha) #27896
  • [10bdd13972] - test: rename test-performance to test-perf-hooks (Ujjwal Sharma) #27969
  • [6129376cd9] - test: add coverage for sparse array maxArrayLength (went.out) #27901
  • [38e3827ca8] - test: add util inspect null getter test (Mikhail Kuklin) #27884
  • [0e1ce2055e] - test: rsa-pss generateKeyPairSync invalid option hash (Evgenii Shchepotev) #27883
  • [0d74198123] - test: cover import of a *.node file with a policy manifest (Evgenii Shchepotev) #27903
  • [6f9aa3f722] - test: add test cases for paramEncoding 'explicit' (oksana) #27900
  • [682319f449] - test: switch assertEqual arguments (Evgenii Shchepotev) #27910
  • [b5b234deff] - test: add testcase for SourceTextModule custom inspect (Grigory Gorshkov) #27889
  • [630cc3ac30] - test: cover util.inspect on boxed primitive with colors (Alexander Avakov) #27897
  • [67b692bdb9] - test: add test case for checking typeof mgf1Hash (Levin Eugene) #27892
  • [2a509d40f4] - test: switch assertEqual arguments (Evgenii Shchepotev) #27912
  • [3ba354aaaa] - test: add test for util.inspect (Levin Eugene) #27906
  • [313077ea62] - test: expect wpt/encoding/encodeInto.any.js to fail (Joyee Cheung) #27860
  • [8fc6914d09] - test: update wpt/encoding to 7287608f90 (Joyee Cheung) #27860
  • [0f86c2b185] - test: run WPT in subdirectories (Joyee Cheung) #27860
  • [51ccdae445] - test: expect wpt/encoding/streams to fail (Joyee Cheung) #27860
  • [652cadba1c] - test: fix arguments order of comparsion functions (martyns0n) #27907
  • [b117f6d5d8] - test: switch assertEqual arguments (Evgenii Shchepotev) #27913
  • [e7966bcb80] - test: unhardcode server port (MurkyMeow) #27908
  • [b83571d236] - test: add a test case for the path.posix.resolve (Grigorii K. Shartsev) #27905
  • [f5bb1b380f] - test: switch actual value argument and expected in deepStrictEqual call (Kopachyov Vitaliy) #27888
  • [531669b917] - test: fix test-http2-multiheaders-raw (Grigorii K. Shartsev) #27885
  • [724d9c89bc] - test: change expected and actual values in assert call (oksana) #27881
  • [34ef9e4a2b] - test: detect missing postmortem metadata (cjihrig) #27828
  • [bfcbab4c0c] - test: fix test-https-agent-additional-options (Rich Trott) #27830
  • [a4c1fd5ffc] - test: refactor test-https-agent-additional-options (Rich Trott) #27830
  • [17abc8c942] - test: favor arrow functions for anonymous callbacks (Rich Trott) #27830
  • [155b947251] - test: replace flag with option (Rich Trott) #27830
  • [144db48b6d] - test: update wpt/url to 418f7fabeb (Joyee Cheung) #27822
  • [65d4f734e0] - test: use ShellTestEnvironment in WPT (Joyee Cheung) #27822
  • [a9a400e604] - test: update wpt/resources to e1fddfbf80 (Joyee Cheung) #27822
  • [8040d8b321] - test: increase debugging information on failure (Rich Trott) #27790
  • [6548b91835] - tls: trace errors can show up as SSL errors (Sam Roberts) #27841
  • [0fe16edfab] - tls: group chunks into TLS segments (Alba Mendez) #27861
  • [e8fa0671a4] - tls: destroy trace BIO instead of leaking it (Sam Roberts) #27834
  • [10e0d7f2ac] - tls: support the hints option (Luigi Pinca) #27816
  • [4716caa12e] - tls: set tlsSocket.servername as early as possible (oyyd) #27759
  • [2ce24a9452] - tools: fix js2c regression (Refael Ackermann) #27980
  • [a75a59d3e3] - tools: update inspector_protocol to 0aafd2 (Michaël Zasso) #27770
  • [728bc2f59a] - tools: update dependencies in tools/doc (Rich Trott) #27927
  • [b54f3e0405] - tools: edit .eslintrc.js for minor maintainability improvements (Rich Trott) #27789

2019-05-22, Version 12.3.1 (Current), @BridgeAR

Notable changes

  • deps:
    • Fix handling of +0/-0 when constant field tracking is enabled (Michaël Zasso) #27792
    • Fix os.freemem() and os.totalmem correctness (cjihrig) #27718
  • src:
    • Fix v12.3.0 regression that prevents native addons from compiling #27804

Commits

2019-05-21, Version 12.3.0 (Current), @BridgeAR

Notable changes

  • esm:
    • Added the --experimental-wasm-modules flag to support WebAssembly modules (Myles Borins & Guy Bedford) #27659
  • process:
    • Log errors using util.inspect in case of fatal exceptions (Ruben Bridgewater) #27243
  • repl:
    • Add process.on('uncaughtException') support (Ruben Bridgewater) #27151
  • stream:
    • Implemented Readable.from async iterator utility (Guy Bedford) #27660
  • tls:
    • Expose built-in root certificates (Ben Noordhuis) #26415
    • Support net.Server options (Luigi Pinca) #27665
    • Expose keylog event on TLSSocket (Alba Mendez) #27654
  • worker:
    • Added the ability to unshift messages from the MessagePort (Anna Henningsen) #27294

Commits

  • [7cc21d8afa] - assert: remove unused code (Ruben Bridgewater) #27676
  • [6983a0c336] - assert: add compatibility for older Node.js versions (Ruben Bridgewater) #27672
  • [493ead144d] - assert: loose deep equal should not compare symbol properties (Ruben Bridgewater) #27653
  • [ec642f18cc] - assert: use less read operations (Ruben Bridgewater) #27525
  • [3367bad080] - assert: refine assertion message (Ruben Bridgewater) #27525
  • [e573c99bfd] - assert: fix assert.fail() stack (Ruben Bridgewater) #27525
  • [6070e8872d] - async_hooks: don't reuse resource in HttpAgent (Gerhard Stoebich) #27581
  • [e74e661044] - async_hooks: only disable promise hook if wanted (Anna Henningsen) #27590
  • [026bebfcbc] - bootstrap: --frozen-intrinsics unfreeze console (Guy Bedford) #27663
  • [e0589006a8] - build: add arm64 to vcbuild.bat help message (Jon Kunkee) #27683
  • [766a731137] - build: export OpenSSL UI symbols (Sam Roberts) #27586
  • [2bc177aa4f] - child_process: setup stdio on error when possible (cjihrig) #27696
  • [b380c0f311] - child_process: refactor stdioStringToArray function (zero1five) #27657
  • [da102cda54] - console: don't attach unnecessary error handlers (cjihrig) #27691
  • [83f243038f] - deps: V8: cherry-pick cca9ae3c9a (Benedikt Meurer) #27729
  • [750556dcfd] - deps: update OpenSSL configs' timestamps (Jon Kunkee) #27544
  • [314fdda0c3] - deps: regenerate OpenSSL configs with fixed tooling (Jon Kunkee) #27544
  • [c7e5fca32c] - deps: make VC-WIN config generation deterministic (Jon Kunkee) #27543
  • [76c9e86609] - deps: patch V8 to 7.4.288.27 (Matheus Marchini) #27615
  • [9f5b6900e7] - doc: corrected tlsSocket.getPeerCertificate response type (Dan Beglin) #27757
  • [d1da11765d] - doc: correct parameter type on 'subprocess.kill([signal])' (himself65) #27760
  • [7e750868c6] - doc: replace createRequireFromPath() references (cjihrig) #27762
  • [55fe340dc2] - doc: improve createRequire() example (cjihrig) #27762
  • [378f44c2ed] - doc: update util.format formatters documentation (Ruben Bridgewater) #27621
  • [f663e74d0b] - doc: remove stability highlight for stable functions (Michael Dawson) #27753
  • [cf516f7b6a] - doc: rewrite "About this Documentation" section (Rich Trott) #27725
  • [df01645c7c] - doc: correct entry for electron v4.0.4 (Jacob) #27394
  • [1f7a527f04] - doc: clarify behavior of fs.mkdir (Gaelan) #27505
  • [d570995427] - doc: remove non-existent entry-type flag (dnalborczyk) #27678
  • [da4a3797cb] - doc: format correction for experimental loader hooks (Daniel Nalborczyk) #27537
  • [cc45080109] - doc: dns.lookup() documentation error code (jvelezpo) #27625
  • [7923b4a407] - doc: add call-once note to napi_queue_async_work (Gabriel Schulhof) #27582
  • [8d448be9fd] - doc: simplify test/README.md (Rich Trott) #27630
  • [172fa639a6] - doc: simplify About This Documentation text (Rich Trott) #27619
  • [66cf89f57d] - doc: move Rod Vagg to TSC emeritus (Rod Vagg) #27633
  • [8a1f2d0bfc] - doc: doc deprecate the legacy http parser (cjihrig) #27498
  • [a23e86f029] - doc: add Sam Roberts to TSC (Rod Vagg) #27606
  • [c53a674be7] - doc: add example to test doc for clarity (Aditya Pratap Singh) #27561
  • [c0cdf30e6e] - doc: improve CCM example (Tobias Nießen) #27396
  • [b5498ed19b] - doc,meta: codify security release commit message (Richard Lau) #27643
  • [6e2c8d0e18] - doc,n-api: update N-API version matrix for v12.x (Richard Lau) #27745
  • [767889b0a3] - doc,n-api: fix introduced_in metadata (Richard Lau) #27745
  • [4ed8a9ba7e] - doc,tools: updates for 6.x End-of-Life (Richard Lau) #27658
  • [80f30741bd] - esm: use correct error arguments (cjihrig) #27763
  • [47f913bedc] - (SEMVER-MINOR) esm: --experimental-wasm-modules integration support (Myles Borins) #27659
  • [89fda94b6a] - esm: fix esm load bug (ZYSzys) #25491
  • [1f935f899f] - events: improve max listeners warning (Ruben Bridgewater) #27694
  • [6f23816bcf] - fs: extract path conversion and validation to getValidatedPath (ZYSzys) #27656
  • [206ae31a7e] - http: always call response.write() callback (Luigi Pinca) #27709
  • [bfb9356942] - http: do not default to chunked encoding for TRACE (Luigi Pinca) #27673
  • [4a9af1778d] - http: add an alias at addListener on Server connection socket (himself65) #27325
  • [a66b391d20] - http2: do no throw in writeHead if state.closed (Matteo Collina) #27682
  • [74046cee72] - http2: do not override the allowHalfOpen option (Luigi Pinca) #27623
  • [c7461567ce] - inspector: mark profile type const (gengjiawen) #27712
  • [24b26c0687] - inspector: fix typo (gengjiawen) #27712
  • [700459e008] - inspector: added NodeRuntime domain (Aleksei Koziatinskii) #27600
  • [d2d3bf8b3b] - inspector: code cleanup (Eugene Ostroukhov) #27591
  • [4dbebfd464] - lib: fix typo in pre_execution.js (gengjiawen) #27649
  • [88b4d00fc6] - lib: restore global.module after --eval code is run (Anna Henningsen) #27587
  • [3ac4a7122b] - meta: move jhamhader to Collaborator Emeriti list (Rich Trott) #27707
  • [9f9871c4b2] - meta: move chrisdickinson to Collaborator Emeriti list (Rich Trott) #27703
  • [2e85642f4a] - meta: move whitlockjc to Collaborator Emeriti list (Rich Trott) #27702
  • [fc8ad7731f] - meta: move estliberitas to Collaborator Emeriti list (Rich Trott) #27697
  • [ea62149212] - meta: move firedfox to Collaborator Emeriti list (Rich Trott) #27618
  • [6bef4c0083] - meta: move AnnaMag to Collaborator Emeriti list (Rich Trott) #27603
  • [14d58c2f95] - meta: move pmq20 to Collaborator Emeriti list (Rich Trott) #27602
  • [876441eefb] - meta: move orangemocha to Collaborator Emeriti list (Rich Trott) #27626
  • [140b44f3ea] - module: fix createRequireFromPath() slash logic (cjihrig) #27634
  • [8a96182827] - module: add missing space in error message (cjihrig) #27627
  • [c33e83497e] - module: simplify createRequire() validation (cjihrig) #27629
  • [119a590f84] - module: improve resolve paths validation (cjihrig) #27613
  • [2f512e32a7] - module: handle relative paths in resolve paths (cjihrig) #27598
  • [74feb0b81e] - process: mark process.env as side-effect-free (Anna Henningsen) #27684
  • [0393045198] - (SEMVER-MINOR) process: inspect error in case of a fatal exception (Ruben Bridgewater) #27243
  • [688a0bd2b8] - repl: do not run --eval code if there is none (Anna Henningsen) #27587
  • [c78de13238] - (SEMVER-MINOR) repl: handle uncaughtException properly (Ruben Bridgewater) #27151
  • [d21e066f5a] - src: update UNREACHABLE macro to take a string (Nitish Sakhawalkar) #26502
  • [ae8b64df78] - src: remove util-inl.h from header files (Sam Roberts) #27631
  • [e736e20e87] - src: declare unused priv argument (Sam Roberts) #27631
  • [d2e1efe8a3] - src: fix warnings about redefined BSWAP macros (Sam Roberts) #27631
  • [3c707976da] - src: remove extra semicolons after macros (gengjiawen) #27579
  • [a18692c4df] - src: extract common macro to util.h (gengjiawen) #27512
  • [f6642e90b2] - src: elevate namespaces in node_worker.cc (Preveen Padmanabhan) #27568
  • [62fe3422fb] - src: refactor deprecated UVException usage in pipe-wrap.cc (gengjiawen) #27562
  • [b338d53916] - src: fix typos (gengjiawen) #27580
  • [32fd0ac901] - stream: use readableObjectMode public api for js stream (Anto Aravinth) #27655
  • [05c3d53ecc] - (SEMVER-MINOR) stream: implement Readable.from async iterator utility (Guy Bedford) #27660
  • [f872210ffd] - test: relax check in verify-graph (Gerhard Stoebich) #27742
  • [8b4101a97f] - test: un-mark worker syntax error tests as flaky (Anna Henningsen) #27705
  • [1757250997] - test: clearing require cache crashes esm loader (Antoine du HAMEL) #25491
  • [7252a64a23] - test: pass null params to napi_xxx_property() (Octavian Soldea) #27628
  • [9ed5882dec] - test: use common.PORT instead of an extraneous variable (Benjamin Ki) #27565
  • [f01183c29a] - test: move dgram invalid host test to internet tests (Benjamin Ki) #27565
  • [8cba1affe3] - test: better assertion for async hook tests (Ali Ijaz Sheikh) #27601
  • [0c7f18ebd3] - test: test error when breakOnSigint is not a boolean for evaluate (Ruwan Geeganage) #27503
  • [3801859032] - test: add tests for hasItems method in FreeList (Ruwan Geeganage) #27588
  • [691866f124] - test: fix test-linux-perf flakiness (Matheus Marchini) #27615
  • [d7fcd75f62] - test: remove unneeded --expose-internals (Rich Trott) #27608
  • [815a95734e] - test: refactor test-tls-enable-trace-cli.js (cjihrig) #27553
  • [b6e540a9a2] - test: fix flaky test-tls-multiple-cas-as-string (Luigi Pinca) #27569
  • [a5dab9e85a] - test: deflake test-tls-js-stream (Luigi Pinca) #27478
  • [bdd75d0622] - (SEMVER-MINOR) tls: expose built-in root certificates (Ben Noordhuis) #26415
  • [e61823c43a] - (SEMVER-MINOR) tls: support net.Server options (Luigi Pinca) #27665
  • [eb1f4e50c7] - (SEMVER-MINOR) tls: expose keylog event on TLSSocket (Alba Mendez) #27654
  • [6624f802d9] - tls: fix createSecureContext() cipher list filter (Sam Roberts) #27614
  • [b8b02c35ee] - tls: add missing 'new' (cjihrig) #27614
  • [a8a11862e0] - tools: update markdown linter for Windows line endings (Rich Trott) #27756
  • [c3d16756f2] - tools: remove unneeded dependency files (Rich Trott) #27730
  • [0db846f734] - tools: refactor js2c.py for maximal Python3 compatibility (Refael Ackermann) #25518
  • [0e16b352b4] - tools: decrease code duplication for isString() in lint rules (cjihrig) #27719
  • [47184d1a0a] - tools: update capitalized-comments eslint rule (Ruben Bridgewater) #27675
  • [ea62f4a820] - tools: update dmn to 2.2.2 (Rich Trott) #27686
  • [d2dad0b4b8] - tools: DRY isRequireCall() in lint rules (cjihrig) #27680
  • [1b8bc77990] - tools: add 12.x to alternative docs versions (Richard Lau) #27658
  • [1365683c23] - tools: allow RegExp in required-modules eslint rule (Richard Lau) #27647
  • [169ddc5097] - tools: force common be required before any other modules (ZYSzys) #27650
  • [c6ab6b279c] - tools: enable block-scoped-var eslint rule (Roman Reiss) #27616
  • [fd823ea7a8] - tools: enable camelcase linting in tools (Rich Trott) #27607
  • [217e6b5a06] - tools: switch to camelcasing in apilinks.js (Rich Trott) #27607
  • [10b4a8103d] - util: if present, fallback to toString using the %s formatter (Ruben Bridgewater) #27621
  • [5205902762] - util: remove outdated comment (Ruben Bridgewater) #27733
  • [099c9ce1a1] - util: unify constructor inspection in util.inspect (Ruben Bridgewater) #27733
  • [d8b48675a7] - util: simplify inspection limit handling (Ruben Bridgewater) #27733
  • [6984ca1c2f] - util: reconstruct constructor in more cases (Ruben Bridgewater) #27668
  • [8f48edd28f] - vm: mark global proxy as side-effect-free (Anna Henningsen) #27523
  • [c7cf8d9b74] - (SEMVER-MINOR) worker: add ability to unshift message from MessagePort (Anna Henningsen) #27294
  • [e004d427ce] - worker: use special message as MessagePort close command (Anna Henningsen) #27705
  • [b7ed4d7187] - worker: move receiving_messages_ field to MessagePort (Anna Henningsen) #27705

2019-05-07, Version 12.2.0 (Current), @targos

Notable changes

  • deps:
    • Updated llhttp to 1.1.3. This fixes a bug that made Node.js' HTTP parser refuse any request URL that contained the "|" (vertical bar) character (Fedor Indutny) #27595.
  • tls:
    • Added an enableTrace() method to TLSSocket and an enableTrace option to tls.createServer(). When enabled, TSL packet trace information is written to stderr. This can be used to debug TLS connection problems (cjihrig) #27497, (Sam Roberts) #27376.
  • cli:
    • Added a --trace-tls command-line flag that enables tracing of TLS connections without the need to modify existing application code (cjihrig) #27497.
    • Added a --cpu-prof-interval command-line flag. It can be used to specify the sampling interval for the CPU profiles generated by --cpu-prof (Joyee Cheung) #27535.
  • module:
    • Added the createRequire() method. It allows to create a require function from a file URL object, a file URL string or an absolute path string. The existing createRequireFromPath() method is now deprecated (Myles Borins) #27405.
    • Throw on require('./path.mjs'). This is technically a breaking change that should have landed with Node.js 12.0.0. It is necessary to have this to keep the possibility for a future minor version to load ES Modules with the require function (Myles Borins) #27417.
  • repl:
    • The REPL now supports multi-line statements using BigInt literals as well as public and private class fields and methods (Ruben Bridgewater) #27400.
    • The REPL now supports tab autocompletion of file paths with fs methods (Anto Aravinth) #26648.
  • meta:

Commits

  • [c0ab2a141b] - assert: use new language features (Ruben Bridgewater) #27400
  • [4b3d0d1953] - async_hooks: fixup do not reuse HTTPParser (Gerhard Stoebich) #27477
  • [cfc7bdd303] - benchmark: add benchmark for node -p (Joyee Cheung) #27320
  • [53eefeb73e] - buffer: remove unreachable code (Rich Trott) #27445
  • [cac584d260] - buffer,errors: improve bigint, big numbers and more (Ruben Bridgewater) #27228
  • [22a5a05785] - build: delegate building from Makefile to ninja (Refael Ackermann) #27504
  • [67205f5941] - build: remove unsupported Python 2.6 from configure (cclauss) #27381
  • [615d386390] - child_process: only stop readable side of stream passed to proc (Anna Henningsen) #27373
  • [8e876e60aa] - console: use consolePropAttributes for k-bind properties (reland) (Ruben Bridgewater) #27352
  • [55804e1726] - deps: update llhttp to 1.1.2 (Fedor Indutny) #27513
  • [f142363cfa] - deps: update llhttp to 1.1.3 (Fedor Indutny) #27595
  • [5f72246499] - deps: add acorn stage-3 plugins (Ruben Bridgewater) #27400
  • [230a773e32] - (SEMVER-MINOR) deps: update archs files for OpenSSL-1.1.1b (Sam Roberts) #27376
  • [b68132e01a] - (SEMVER-MINOR) deps: configure OpenSSL's SSL_trace to be built (Sam Roberts) #27376
  • [7c25dce7ba] - deps: V8: cherry-pick 5d0cf6b (Joyee Cheung) #27423
  • [2c3c0d7d3e] - doc: add cclauss to collaborators (cclauss) #27554
  • [b51dcf62b8] - doc: add Electron 6 to abi_version_registry (Jeremy Apthorp) #27288
  • [cb97de7a9b] - doc: move James back onto TSC (Michael Dawson) #27411
  • [a9748bc124] - doc: describe API ERR_INVALID_PROTOCOL context (Sam Roberts) #27393
  • [a0353fdbe2] - fs: align fs.ReadStream buffer pool writes to 8-byte boundary (ptaylor) #24838
  • [7be1e0af44] - fs: added tests for util file preprocessSymlinkDestination (Ruwan Geeganage) #27468
  • [f882c9b09b] - (SEMVER-MINOR) http: servername === false should disable SNI (Fedor Indutny) #27316
  • [de337bb37c] - (SEMVER-MINOR) inspector: implement --cpu-prof-interval (Joyee Cheung) #27535
  • [9c842f4119] - lib: remove Reflect.apply where appropriate (Anatoli Papirovski) #27349
  • [47d311b3f0] - lib: remove outdated optimizations (Weijia Wang) #27380
  • [c2a03d58c3] - lib: print to stdout/stderr directly instead of using console (Joyee Cheung) #27320
  • [b68ecf3e17] - meta: move andrasq to Collaborator Emeriti list (Rich Trott) #27546
  • [fd17f37a83] - meta: move stefanmb to Collaborator Emeriti list (Rich Trott) #27502
  • [8495e8bceb] - meta: move Forrest Norvell to Collaborator Emeriti list (Rich Trott) #27437
  • [7d1c90b614] - meta: move @vsemozhetbyt to collaborator emeriti (Vse Mozhet Byt) #27412
  • [014a9fd46f] - module: throw on require('./path.mjs'); (Myles Borins) #27417
  • [5bcd7700ca] - (SEMVER-MINOR) module: add createRequire method (Myles Borins) #27405
  • [be9a1ec1d1] - module: allow passing a directory to createRequireFromPath (Gilles De Mey) #23818
  • [e5fdc30bd1] - n-api: make napi_get_property_names return strings (Anna Henningsen) #27524
  • [826fb66729] - process: compatibility patch to backport 1d022e8 (Ruben Bridgewater) #27483
  • [91b7f5e103] - process: improve cwd performance (Ruben Bridgewater) #27224
  • [05cea679a3] - repl: handle stage-3 language features properly (Ruben Bridgewater) #27400
  • [01d632d7e8] - repl: add new language features to top level await statements (Ruben Bridgewater) #27400
  • [149412ca02] - repl: add autocomplete for filesystem modules (Anto Aravinth) #26648
  • [a55457c713] - report: use const reference in node_report.cc (gengjiawen) #27479
  • [8724229155] - src: make deleted function public in node_native_module.h (gengjiawen) #27509
  • [1489d12735] - src: make deleted function public in node_main_instance.h (gengjiawen) #27509
  • [294d2ea71d] - (SEMVER-MINOR) src: refactor V8ProfilerConnection::DispatchMessage() (Joyee Cheung) #27535
  • [a758f9bdf5] - src: remove node_options-inl.h from header files (Sam Roberts) #27538
  • [bb373d0def] - src: remove unnecessary semicolons after macros (Yang Guo) #27529
  • [0c9bc02b96] - src: refactor V8ProfilerConnection to be more reusable (Joyee Cheung) #27475
  • [c787bb85cd] - src: refactor profile initialization (Joyee Cheung) #27475
  • [600048b1b7] - src: move Environment::context out of strong properties (Joyee Cheung) #27430
  • [33702913b1] - src: prefer v8::Global over node::Persistent (Anna Henningsen) #27287
  • [9d6d45e7d2] - stream: remove TODO and add a description instead (Ruben Bridgewater) #27086
  • [bb1eaeec75] - test: mark test-tls-enable-trace-cli flaky (cjihrig) #27559
  • [d648ecc488] - test: improve test-async-hooks-http-parser-destroy (Rich Trott) #27319
  • [ca720b3a55] - test: converting NghttpError to string in HTTP2 module (Ruwan Geeganage) #27506
  • [99e4a576eb] - test: add mustCall to openssl-client-cert-engine (Boxuan Li) #27474
  • [e1d88aa880] - test: document NODE_COMMON_PORT env var (cjihrig) #27507
  • [66cf706521] - test: allow EAI_FAIL in test-http-dns-error.js (cjihrig) #27500
  • [df4246e3b6] - test: refactor and deflake test-tls-sni-server-client (Luigi Pinca) #27426
  • [a278814818] - test: make sure weak references are not GCed too early (Ruben Bridgewater) #27482
  • [aa281d284a] - test: better output for test-report-uv-handles.js (gengjiawen) #27479
  • [86c27c6005] - test: add mustcall in test-net-bytes-read.js (imhype) #27471
  • [33fead3f5e] - Revert "test: skip test-cpu-prof in debug builds with code cache" (Anna Henningsen) #27469
  • [a9a85d6271] - test: check napi_get_reference_value() during finalization (Anna Henningsen) #27470
  • [16af9435a0] - test: remove flaky designation for test-tls-sni-option (Luigi Pinca) #27425
  • [1b94d025bc] - test: add missing line breaks to keep-alive header of slow headers test (Shuhei Kagawa) #27442
  • [fefbbd90af] - test: add tests for new language features (Ruben Bridgewater) #27400
  • [3711684ccf] - test: add mustCall for parallel/test-net-connect-paused-connection (sujunfei) #27463
  • [0e4f8788eb] - test: add mustCallAtLeast to test-fs-read-stream-resume.js (heben) #27456
  • [e89b6fee3a] - test: adding mustCall in test-fs-readfile-empty.js (陈健) #27455
  • [457549b67d] - test: add common.mustCall in test-http-abort-client.js (OneNail) #27449
  • [f4124d5ba5] - test: add mustCall to http-abort-queued test (Yaphet Ye) #27447
  • [e21f035666] - test: add mustCall in test-fs-readfilesync-pipe-large.js (sinoon) #27458
  • [1dd0205f10] - test: add mustCall to test-dgram-connect-send-multi-buffer-copy.js (XGHeaven) #27465
  • [0dfe5bebb2] - test: add test of policy about parse error (Daiki Ihara) #26873
  • [eeab007b25] - test: add mustCall to test-net-after-close test (xuqinggang) #27459
  • [c1b04652f5] - test: add "mustCall" to test-fs-readfile-unlink (wuchenkai) #27453
  • [b6c65c1351] - test: add missing ToC entries (cjihrig) #27434
  • [66bff5071f] - test: document report helper module (cjihrig) #27434
  • [2c335928cd] - test: document NODE_SKIP_FLAG_CHECK (cjihrig) #27434
  • [115d06cdbb] - test: document NODE_TEST_KNOWN_GLOBALS (cjihrig) #27434
  • [51fc672da9] - test: add mustCallAtLeast to test-fs-read-stream-inherit (nilianzhu) #27457
  • [4b9d109518] - test: add mustCall to test-dgram-implicit-bind.js (Chenxi Yuan) #27452
  • [c4d67f2af5] - test: add common.mustCall test-dgram-listen-after-bind (zhoujiamin) #27454
  • [23fb430e03] - test: add mustCall to test-dgram-connect-send-callback-buffer (shenchen) #27466
  • [a37ca245ff] - test: add mustCallAtLeast to test-fs-read-stream-fd test (hardfist) #27461
  • [cf84f20453] - test: skip fs-copyfile-respect-permission if root (Daniel Bevenius) #27378
  • [7d80999454] - test: add mustCall to net-can-reset-timeout (xinyulee) #27462
  • [9fa5ba8b3c] - test: add mustCall to test-fs-readfile-pipe-large (luoyu) #27460
  • [e8d5b6226a] - test: add "mustCall" for test-net-buffersize (lixin.atom) #27451
  • [d784ecb1ad] - test: add mustCall to test-net-eaddrinuse test (tongshouyu) #27448
  • [6fd1384a43] - test: add mustcall in test-dgram-connect-send-callback-buffer-length (jyjunyz) #27464
  • [7a35077197] - test: add mustCall to test-fs-readfile-pipe (tonyhty) #27450
  • [af29ae0344] - test: add mustCall to net-connect-buffer test (Rongjian Zhang) #27446
  • [bdabf699eb] - (SEMVER-MINOR) tls: add --tls-min-v1.2 CLI switch (Sam Roberts) #27520
  • [7bbf951095] - tls: disallow conflicting TLS protocol options (Sam Roberts) #27521
  • [84a2768c25] - (SEMVER-MINOR) tls: support enableTrace in TLSSocket() (cjihrig) #27497
  • [576fe339a1] - (SEMVER-MINOR) tls: simplify enableTrace logic (cjihrig) #27497
  • [30a72e8c7b] - (SEMVER-MINOR) tls: allow enabling the TLS debug trace (Sam Roberts) #27376
  • [f1efe6dae0] - (SEMVER-MINOR) tls,cli: add --trace-tls command-line flag (cjihrig) #27497
  • [3d37414002] - tools: fix node-core/required-modules eslint rule (Ben Noordhuis) #27545
  • [29e2793a87] - tools: add Release and Debug symlinks to .gitignore (Gerhard Stoebich) #27484
  • [76af4f0d05] - tools: prohibit assert.doesNotReject() in Node.js core (Ruben Bridgewater) #27402
  • [95498df1cf] - util: inspect constructor closer (Ruben Bridgewater) #27522
  • [7b5bd93ced] - util: compatibility patch to backport d0667e8 (Ruben Bridgewater) #27570
  • [52d4f1febf] - util: improve function inspection (Ruben Bridgewater) #27227
  • [caab7d4664] - util: better number formatters (Ruben Bridgewater) #27499

2019-04-29, Version 12.1.0 (Current), @targos

Notable changes

  • intl:
    • Update ICU to 64.2. This adds support for Japanese Era (Reiwa) (Ujjwal Sharma) #27361.
    • Fixes a bug in ICU that affected Node.js 12.0.0 in the case where new Date().toLocaleString() was called with a non-default locale (Steven R. Loomis) #27415.
  • C++ API:
    • Added an overload EmitAsyncDestroy that can be used during garbage collection (Anna Henningsen) #27255.

Commits

  • [8ca110cc6f] - benchmark: fix http bench-parser.js (Rich Trott) #27359
  • [2f9bafba08] - bootstrap: delay the instantiation of maps in per-context scripts (Joyee Cheung) #27371
  • [e7026f1428] - build: allow icu download to use other hashes besides md5 (Steven R. Loomis) #27370
  • [50234460f9] - build: disable custom v8 snapshot by default (Joyee Cheung) #27365
  • [b21b28f653] - crypto: update root certificates (Sam Roberts) #27374
  • [3282ccb845] - deps: backport ICU-20575 to fix err/crasher (Steven R. Loomis) #27435
  • [e922a22725] - deps: backport ICU-20558 to fix Intl crasher (Steven R. Loomis) #27415
  • [d852d9e904] - deps: update ICU to 64.2 (Ujjwal Sharma) #27361
  • [ee80a210ff] - dgram: change 'this' to 'self' for 'isConnected' (MaleDong) #27338
  • [8302148c83] - doc: add Node 12 to the first list of versions (Rivaldo Junior) #27414
  • [f6ceefa4bd] - doc: update comment in bootstrap for primordials (Myles Borins) #27398
  • [9c30806fb5] - doc: simplify GOVERNANCE.md text (Rich Trott) #27354
  • [453510c7ef] - doc: fix pull request number (Ruben Bridgewater) #27336
  • [36762883a0] - doc: clarify behaviour of writeFile(fd) (Sam Roberts) #27282
  • [f70588fb67] - doc: fix v12.0.0 changelog id (Beth Griggs) #27368
  • [a6d1fa5954] - doc: simplify Collaborator pre-nomination text (Rich Trott) #27348
  • [dd709fc84a] - lib: throw a special error in internal/assert (Joyee Cheung) #26635
  • [4dfe54a89a] - module: initialize module_wrap.callbackMap during pre-execution (Joyee Cheung) #27323
  • [8b5d73867f] - (SEMVER-MINOR) n-api: do not require JS Context for napi_async_destroy() (Anna Henningsen) #27255
  • [d00014e599] - process: reduce the number of internal frames in async stack trace (Joyee Cheung) #27392
  • [dc510fb435] - report: print common items first for readability (gengjiawen) #27367
  • [3614a00276] - src: refactor deprecated UVException in node_file.cc (gengjiawen) #27280
  • [071300b39d] - src: move OnMessage to node_errors.cc (Joyee Cheung) #27304
  • [81e7b49c8f] - src: use predefined AliasedBuffer types in the code base (Joyee Cheung) #27334
  • [8089d29567] - src: apply clang-tidy modernize-deprecated-headers found by Jenkins CI (gengjiawen) #27279
  • [619c5b6eb3] - (SEMVER-MINOR) src: do not require JS Context for ~AsyncResoure() (Anna Henningsen) #27255
  • [809cf595eb] - (SEMVER-MINOR) src: add Environment overload of EmitAsyncDestroy (Anna Henningsen) #27255
  • [7bc47cba2e] - src: apply clang-tidy rule modernize-use-equals-default (gengjiawen) #27264
  • [ad42cd69cf] - src: use std::vector<size_t> instead of IndexArray (Joyee Cheung) #27321
  • [228127fc67] - src: enable context snapshot after running per-context scripts (Joyee Cheung) #27321
  • [45d6106129] - src: enable snapshot with per-isolate data (Joyee Cheung) #27321
  • [631bea8fd2] - src: implement IsolateData serialization and deserialization (Joyee Cheung) #27321
  • [a636338945] - src: allow creating NodeMainInstance that does not own the isolate (Joyee Cheung) #27321
  • [50732c1b3f] - test: refactor net-connect-handle-econnrefused (Luigi Pinca) #27014
  • [e9021cc498] - test: move test-net-connect-handle-econnrefused (Luigi Pinca) #27014
  • [ebbed6047d] - test: rework to remove flakiness, and be parallel (Sam Roberts) #27300
  • [f0b2992f5c] - test: fix ineffective error tests (Masashi Hirano) #27333
  • [d84a6d05a1] - test: make test-worker-esm-missing-main more robust (Rich Trott) #27340
  • [8486917b9a] - test: increase coverage in lib/internal/dns/promises.js (Rich Trott) #27330
  • [6ca0270320] - tls: include invalid method name in thrown error (Sam Roberts) #27390
  • [dcbe5b9dff] - tools: update certdata.txt (Sam Roberts) #27374
  • [53f0ef36c0] - tools: update LICENSE and tools/icu/current_ver.dep (Ujjwal Sharma) #27361
  • [481789c235] - tools: fix use-after-free mkcodecache warning (Ben Noordhuis) #27332
  • [d62a3243b1] - tools: update tools/license-builder.sh (Ujjwal Sharma) #27362
  • [b44323f3de] - tools: implement node_mksnapshot (Joyee Cheung) #27321
  • [ae2333db65] - util: add prototype support for boxed primitives (Ruben Bridgewater) #27351
  • [8f3442809a] - util: rename setIteratorBraces to getIteratorBraces (Ruben Bridgewater) #27342
  • [973d705aa9] - util: improve Symbol.toStringTag handling (Ruben Bridgewater) #27342

2019-04-23, Version 12.0.0 (Current), @BethGriggs

Notable Changes

  • assert:
    • validate required arguments (Ruben Bridgewater) #26641
    • adjust loose assertions (Ruben Bridgewater) #25008
  • async_hooks:
    • remove deprecated emitBefore and emitAfter (Matteo Collina) #26530
    • remove promise object from resource (Andreas Madsen) #23443
  • bootstrap: make Buffer and process non-enumerable (Ruben Bridgewater) #24874
  • buffer:
    • use stricter range checks (Ruben Bridgewater) #27045
    • harden SlowBuffer creation (ZYSzys) #26272
    • harden validation of buffer allocation size (ZYSzys) #26162
    • do proper error propagation in addon methods (Anna Henningsen) #23939
  • child_process:
    • remove options.customFds (cjihrig) #25279
    • harden fork arguments validation (ZYSzys) #27039
    • use non-infinite maxBuffer defaults (kohta ito) #23027
  • console: don't use ANSI escape codes when TERM=dumb (Vladislav Kaminsky) #26261
  • crypto:
    • remove legacy native handles (Tobias Nießen) #27011
    • decode missing passphrase errors (Tobias Nießen) #25208
    • remove Cipher.setAuthTag() and Decipher.getAuthTag() (Tobias Nießen) #26249
    • remove deprecated crypto._toBuf() (Tobias Nießen) #25338
    • set DEFAULT_ENCODING property to non-enumerable (Antoine du Hamel) #23222
  • deps:
    • update V8 to 7.4.288.13 (Michaël Zasso, cjihrig, Refael Ackermann, Anna Henningsen, Ujjwal Sharma) #26685
    • bump minimum icu version to 63 (Ujjwal Sharma) #25852
    • update OpenSSL to 1.1.1b (Sam Roberts, Shigeki Ohtsu) #26327
  • errors: update error name (Ruben Bridgewater) #26738
  • fs:
    • use proper .destroy() implementation for SyncWriteStream (Matteo Collina) #26690
    • improve mode validation (Ruben Bridgewater) #26575
    • harden validation of start option in createWriteStream() (ZYSzys) #25579
    • make writeFile consistent with readFile wrt fd (Sakthipriyan Vairamani (thefourtheye)) #23709
  • http:
    • validate timeout in ClientRequest() (cjihrig) #26214
    • return HTTP 431 on HPE_HEADER_OVERFLOW error (Albert Still) #25605
    • switch default parser to llhttp (Anna Henningsen) #24870
    • Runtime-deprecate outgoingMessage._headers and outgoingMessage._headerNames (Morgan Roderick) #24167
  • lib:
    • remove Atomics.wake() (Gus Caplan) #27033
    • move DTRACE_* probes out of global scope (James M Snell) #26541
    • deprecate _stream_wrap (Sam Roberts) #26245
    • use ES6 class inheritance style (Ruben Bridgewater) #24755
  • module:
    • remove unintended access to deps/ (Anna Henningsen) #25138
    • improve error message for MODULE_NOT_FOUND (Ali Ijaz Sheikh) #25690
    • requireStack property for MODULE_NOT_FOUND (Ali Ijaz Sheikh) #25690
    • remove dead code (Ruben Bridgewater) #26983
    • make require('.') never resolve outside the current directory (Ruben Bridgewater) #26973
    • throw an error for invalid package.json main entries (Ruben Bridgewater) #26823
    • don't search in require.resolve.paths (cjihrig) #23683
  • net:
    • remove Server.listenFD() (cjihrig) #27127
    • do not add .host and .port properties to DNS error (Ruben Bridgewater) #26751
    • emit "write after end" errors in the next tick (Ouyang Yadong) #24457
    • deprecate _setSimultaneousAccepts() undocumented function (James M Snell) #23760
  • os:
    • implement os.type() using uv_os_uname() (cjihrig) #25659
    • remove os.getNetworkInterfaces() (cjihrig) #25280
  • process:
    • make global.process, global.Buffer getters (Guy Bedford) #26882
    • move DEP0062 (node --debug) to end-of-life (Joyee Cheung) #25828
    • exit on --debug and --debug-brk after option parsing (Joyee Cheung) #25828
    • improve --redirect-warnings handling (Ruben Bridgewater) #24965
  • readline: support TERM=dumb (Vladislav Kaminsky) #26261
  • repl:
    • add welcome message (gengjiawen) #25947
    • fix terminal default setting (Ruben Bridgewater) #26518
    • check colors with .getColorDepth() (Vladislav Kaminsky) #26261
    • deprecate REPLServer.rli (Ruben Bridgewater) #26260
  • src:
    • remove unused INT_MAX constant (Sam Roberts) #27078
    • update NODE_MODULE_VERSION to 72 (Ujjwal Sharma) #26685
    • remove AddPromiseHook() (Anna Henningsen) #26574
    • clean up MultiIsolatePlatform interface (Anna Henningsen) #26384
    • properly configure default heap limits (Ali Ijaz Sheikh) #25576
    • remove icuDataDir from node config (GauthamBanasandra) #24780
  • tls:
    • support TLSv1.3 (Sam Roberts) #26209
    • return correct version from getCipher() (Sam Roberts) #26625
    • check arg types of renegotiate() (Sam Roberts) #25876
    • add code for ERR_TLS_INVALID_PROTOCOL_METHOD (Sam Roberts) #24729
    • emit a warning when servername is an IP address (Rodger Combs) #23329
    • disable TLS v1.0 and v1.1 by default (Ben Noordhuis) #23814
    • remove unused arg to createSecureContext() (Sam Roberts) #24241
    • deprecate Server.prototype.setOptions() (cjihrig) #23820
    • load NODE_EXTRA_CA_CERTS at startup (Ouyang Yadong) #23354
  • util:
    • remove util.print(), util.puts(), util.debug() and util.error() (cjihrig) #25377
    • change inspect compact and breakLength default (Ruben Bridgewater) #27109
    • improve inspect edge cases (Ruben Bridgewater) #27109
    • only the first line of the error message (Simon Zünd) #26685
    • don't set the prototype of callbackified functions (Ruben Bridgewater) #26893
    • rename callbackified function (Ruben Bridgewater) #26893
    • increase function length when using callbackify() (Ruben Bridgewater) #26893
    • prevent tampering with internals in inspect() (Ruben Bridgewater) #26577
    • prevent Proxy traps being triggered by .inspect() (Ruben Bridgewater) #26241
    • prevent leaking internal properties (Ruben Bridgewater) #24971
    • protect against monkeypatched Object prototype for inspect() (Rich Trott) #25953
    • treat format arguments equally (Roman Reiss) #23162
  • win, fs: detect if symlink target is a directory (Bartosz Sosnowski) #23724
  • zlib:
    • throw TypeError if callback is missing (Anna Henningsen) #24929
    • make “bare” constants un-enumerable (Anna Henningsen) #24824

Semver-Major Commits

  • [afce912193] - (SEMVER-MAJOR) assert: improve performance to instantiate errors (Ruben Bridgewater) #26738
  • [5a3623af74] - (SEMVER-MAJOR) assert: validate required arguments (Ruben Bridgewater) #26641
  • [7493db21b6] - (SEMVER-MAJOR) assert: adjust loose assertions (Ruben Bridgewater) #25008
  • [9d064439e5] - (SEMVER-MAJOR) async_hooks: remove deprecated emitBefore and emitAfter (Matteo Collina) #26530
  • [1a2cf6696f] - (SEMVER-MAJOR) async_hooks: remove promise object from resource (Andreas Madsen) #23443
  • [c992639fbd] - (SEMVER-MAJOR) bootstrap: make Buffer and process non-enumerable (Ruben Bridgewater) #24874
  • [693401d0dd] - (SEMVER-MAJOR) buffer: use stricter range checks (Ruben Bridgewater) #27045
  • [6113ba96cb] - (SEMVER-MAJOR) buffer: harden SlowBuffer creation (ZYSzys) #26272
  • [6fb7baf935] - (SEMVER-MAJOR) buffer: harden validation of buffer allocation size (ZYSzys) #26162
  • [c6d29ccf5a] - (SEMVER-MAJOR) buffer: do proper error propagation in addon methods (Anna Henningsen) #23939
  • [a7d7d4dfb7] - (SEMVER-MAJOR) build: increase MACOS_DEPLOYMENT_TARGET to 10.10 (Rod Vagg) #27275
  • [561327702d] - (SEMVER-MAJOR) build: reset embedder string to "-node.0" (Ujjwal Sharma) #26685
  • [dfcc918e65] - (SEMVER-MAJOR) build: reset embedder string to "-node.0" (Michaël Zasso) #25852
  • [9334e45aa0] - (SEMVER-MAJOR) build: remove mips support (Ben Noordhuis) #26192
  • [bb564a3688] - (SEMVER-MAJOR) build: update prerequisites on progress towards Python 3 (cclauss) #25766
  • [3c332abe28] - (SEMVER-MAJOR) build: reset embedder string to "-node.0" (Michaël Zasso) #23423
  • [765766be64] - (SEMVER-MAJOR) build: add common defines (Refael Ackermann) #23426
  • [3b5773fee3] - (SEMVER-MAJOR) build,deps: move gypfiles out 2/2 - moving (Refael Ackermann) #26685
  • [3531fe9320] - (SEMVER-MAJOR) build,deps: add NOMINMAX to V8 Windows builds (Refael Ackermann) #25852
  • [ff5d632a83] - (SEMVER-MAJOR) build,deps: fix V8 snapshot gyp dependencies (Refael Ackermann) #25852
  • [ecf98b0839] - (SEMVER-MAJOR) build,meta: quiet/pretty make output by default (Refael Ackermann) #26740
  • [2f477bd34d] - (SEMVER-MAJOR) build,win: mark x86 image as not SAFESEH (Refael Ackermann) #25852
  • [652877e3a9] - (SEMVER-MAJOR) child_process: change the defaults maxBuffer size (kohta ito) #27179
  • [9ad5106934] - (SEMVER-MAJOR) child_process: harden fork arguments validation (ZYSzys) #27039
  • [eb8a51a35c] - (SEMVER-MAJOR) child_process: use non-infinite maxBuffer defaults (kohta ito) #23027
  • [99523758dc] - (SEMVER-MAJOR) console: don't use ANSI escape codes when TERM=dumb (Vladislav Kaminsky) #26261
  • [2f1ed5c063] - (SEMVER-MAJOR) crypto: remove legacy native handles (Tobias Nießen) #27011
  • [2e2c015422] - (SEMVER-MAJOR) crypto: decode missing passphrase errors (Tobias Nießen) #25208
  • [b8018f407b] - (SEMVER-MAJOR) crypto: move DEP0113 to End-of-Life (Tobias Nießen) #26249
  • [bf3cb3f9b1] - (SEMVER-MAJOR) crypto: remove deprecated crypto._toBuf (Tobias Nießen) #25338
  • [0f63d84f80] - (SEMVER-MAJOR) crypto: set DEFAULT_ENCODING property to non-enumerable (Antoine du Hamel) #23222
  • [95e779a6e9] - (SEMVER-MAJOR) deps: silence irrelevant V8 warning (Michaël Zasso) #26685
  • [08efd3060d] - (SEMVER-MAJOR) deps: update postmortem metadata generation script (cjihrig) #26685
  • [0da7e99f98] - (SEMVER-MAJOR) deps: V8: un-cherry-pick bd019bd (Refael Ackermann) #26685
  • [b1015e0de8] - (SEMVER-MAJOR) deps: V8: cherry-pick 6 commits (Michaël Zasso) #26685
  • [8181811d73] - (SEMVER-MAJOR) deps: V8: cherry-pick d82c9af (Anna Henningsen) #26685
  • [1f03fb4d49] - (SEMVER-MAJOR) deps: V8: cherry-pick e5f01ba (Anna Henningsen) #26685
  • [e6af2207a9] - (SEMVER-MAJOR) deps: V8: cherry-pick d5f08e4 (Anna Henningsen) #26685
  • [963061bc02] - (SEMVER-MAJOR) deps: V8: cherry-pick 6b09d21 (Anna Henningsen) #26685
  • [b7338b700f] - (SEMVER-MAJOR) deps: V8: cherry-pick f0bb5d2 (Anna Henningsen) #26685
  • [02171949a0] - (SEMVER-MAJOR) deps: V8: cherry-pick 5b0510d (Anna Henningsen) #26685
  • [bf572c7831] - (SEMVER-MAJOR) deps: V8: cherry-pick 91f0cd0 (Anna Henningsen) #26685
  • [09f134fccf] - (SEMVER-MAJOR) deps: V8: cherry-pick 392316d (Anna Henningsen) #26685
  • [53ea813d5c] - (SEMVER-MAJOR) deps: V8: cherry-pick 2f79d68 (Anna Henningsen) #26685
  • [cc75ba3f14] - (SEMVER-MAJOR) deps: sync V8 gypfiles with 7.4 (Ujjwal Sharma) #26685
  • [f579e11940] - (SEMVER-MAJOR) deps: update V8 to 7.4.288.13 (Ujjwal Sharma) #26685
  • [e0b3de1e90] - (SEMVER-MAJOR) deps: bump minimum icu version to 63 (Ujjwal Sharma) #25852
  • [1c494b0a95] - (SEMVER-MAJOR) deps: silence irrelevant V8 warnings (Michaël Zasso) #25852
  • [cec35a5eb9] - (SEMVER-MAJOR) deps: V8: cherry-pick 7803fa6 (Jon Kunkee) #25852
  • [0d4d6b39a7] - (SEMVER-MAJOR) deps: V8: cherry-pick 58cefed (Jon Kunkee) #25852
  • [bea1a386a3] - (SEMVER-MAJOR) deps: V8: cherry-pick d3308d0 (Michaël Zasso) #25852
  • [cf649c9b02] - (SEMVER-MAJOR) deps: V8: cherry-pick 74571c8 (Michaël Zasso) #25852
  • [44d5401b8d] - (SEMVER-MAJOR) deps: cherry-pick fc0ddf5 from upstream V8 (Anna Henningsen) #25852
  • [cefb8029cd] - (SEMVER-MAJOR) deps: sync V8 gypfiles with 7.3 (Ujjwal Sharma) #25852
  • [d266e3e2cf] - (SEMVER-MAJOR) deps: sync V8 gypfiles with 7.2 (Michaël Zasso) #25852
  • [7b48713334] - (SEMVER-MAJOR) deps: update V8 to 7.3.492.25 (Michaël Zasso) #25852
  • [6df7bd6c3b] - (SEMVER-MAJOR) deps: add s390 asm rules for OpenSSL-1.1.1 (Shigeki Ohtsu) #19794
  • [5620727f30] - (SEMVER-MAJOR) deps: sync V8 gypfiles with 7.1 (Refael Ackermann) #23423
  • [9b4bf7de6c] - (SEMVER-MAJOR) deps: update V8 to 7.1.302.28 (Michaël Zasso) #23423
  • [3d8b844112] - (SEMVER-MAJOR) deps,build: move gypfiles out 1/2 - required changes (Refael Ackermann) #26685
  • [fff922afee] - (SEMVER-MAJOR) deps,build: compute torque_outputs in v8.gyp (Refael Ackermann) #26685
  • [4507246adc] - (SEMVER-MAJOR) deps,build: refactor v8 gypfiles (Refael Ackermann) #26685
  • [b581d59655] - (SEMVER-MAJOR) doc: update supported platforms for Node.js 12 (Rod Vagg) #26714
  • [309e7723ea] - (SEMVER-MAJOR) doc: update behaviour of fs.writeFile (Sakthipriyan Vairamani (thefourtheye)) #25080
  • [89740a4f0e] - (SEMVER-MAJOR) doc: add internal functionality details of util.inherits (Ruben Bridgewater) #24755
  • [1ed3c54ecb] - (SEMVER-MAJOR) errors: update error name (Ruben Bridgewater) #26738
  • [abafd38c8d] - (SEMVER-MAJOR) fs: use proper .destroy() implementation for SyncWriteStream (Matteo Collina) #26690
  • [1cdeb9f956] - (SEMVER-MAJOR) fs: improve mode validation (Ruben Bridgewater) #26575
  • [70f4f08a9f] - (SEMVER-MAJOR) fs: harden validation of start option in createWriteStream (ZYSzys) #25579
  • [8f4b924f4a] - (SEMVER-MAJOR) fs: make writeFile consistent with readFile wrt fd (Sakthipriyan Vairamani (thefourtheye)) #23709
  • [907941d48e] - (SEMVER-MAJOR) http: validate timeout in ClientRequest() (cjihrig) #26214
  • [bcf2886a84] - (SEMVER-MAJOR) http: return HTTP 431 on HPE_HEADER_OVERFLOW error (Albert Still) #25605
  • [2cb8f24751] - (SEMVER-MAJOR) http: switch default parser to llhttp (Anna Henningsen) #24870
  • [91748dd89c] - (SEMVER-MAJOR) http: change DEP0066 to a runtime deprecation (Morgan Roderick) #24167
  • [f3b49cfa7b] - (SEMVER-MAJOR) http: else case is not reachable (szabolcsit) #24176
  • [bd9109c241] - (SEMVER-MAJOR) lib: move DEP0021 to end of life (cjihrig) #27127
  • [15c0947fee] - (SEMVER-MAJOR) lib: remove Atomics.wake (Gus Caplan) #27033
  • [3fe1e80896] - (SEMVER-MAJOR) lib: validate Error.captureStackTrace() calls (Ruben Bridgewater) #26738
  • [bfbce289c3] - (SEMVER-MAJOR) lib: refactor Error.captureStackTrace() usage (Ruben Bridgewater) #26738
  • [f9ddbb6b2f] - (SEMVER-MAJOR) lib: move DTRACE_* probes out of global scope (James M Snell) #26541
  • [c7e628f8b3] - (SEMVER-MAJOR) lib: deprecate _stream_wrap (Sam Roberts) #26245
  • [be78266fb3] - (SEMVER-MAJOR) lib: don't use util.inspect() internals (Ruben Bridgewater) #24971
  • [a02e3e2d5f] - (SEMVER-MAJOR) lib: improve error message for MODULE_NOT_FOUND (Ali Ijaz Sheikh) #25690
  • [05cd1a0929] - (SEMVER-MAJOR) lib: requireStack property for MODULE_NOT_FOUND (Ali Ijaz Sheikh) #25690
  • [29d3d1ea13] - (SEMVER-MAJOR) lib: move DEP0029 to end of life (cjihrig) #25377
  • [a665d13ad9] - (SEMVER-MAJOR) lib: move DEP0028 to end of life (cjihrig) #25377
  • [10df21b071] - (SEMVER-MAJOR) lib: move DEP0027 to end of life (cjihrig) #25377
  • [2d578ad996] - (SEMVER-MAJOR) lib: move DEP0026 to end of life (cjihrig) #25377
  • [853bee0acf] - (SEMVER-MAJOR) lib: move DEP0023 to end of life (cjihrig) #25280
  • [d4934ae6f2] - (SEMVER-MAJOR) lib: move DEP0006 to end of life (cjihrig) #25279
  • [4100001624] - (SEMVER-MAJOR) lib: remove unintended access to deps/ (Anna Henningsen) #25138
  • [b416dafb87] - (SEMVER-MAJOR) lib: move DEP0120 to end of life (cjihrig) #24862
  • [59257543c3] - (SEMVER-MAJOR) lib: use ES6 class inheritance style (Ruben Bridgewater) #24755
  • [dcc82b37b6] - (SEMVER-MAJOR) lib: remove inherits() usage (Ruben Bridgewater) #24755
  • [d11c4beb4b] - (SEMVER-MAJOR) module: remove dead code (Ruben Bridgewater) #26983
  • [75007d64c0] - (SEMVER-MAJOR) module: mark DEP0019 as End-of-Life (Ruben Bridgewater) #26973
  • [115f0f5a57] - (SEMVER-MAJOR) module: throw an error for invalid package.json main entries (Ruben Bridgewater) #26823
  • [60ce2fd827] - (SEMVER-MAJOR) module: don't search in require.resolve.paths (cjihrig) #23683
  • [f0f26cedcc] - (SEMVER-MAJOR) n-api: remove code from error name (Ruben Bridgewater) #26738
  • [96204c3c71] - (SEMVER-MAJOR) net: do not manipulate potential user code (Ruben Bridgewater) #26751
  • [9389b464ea] - (SEMVER-MAJOR) net: emit "write after end" errors in the next tick (Ouyang Yadong) #24457
  • [1523111250] - (SEMVER-MAJOR) net: deprecate _setSimultaneousAccepts() undocumented function (James M Snell) #23760
  • [802ea05a37] - (SEMVER-MAJOR) net,http2: merge setTimeout code (ZYSzys) #25084
  • [16e4cd19f2] - (SEMVER-MAJOR) os: implement os.type() using uv_os_uname() (cjihrig) #25659
  • [53ebd3311d] - (SEMVER-MAJOR) process: global.process, global.Buffer getters (Guy Bedford) #26882
  • [fa5e097530] - (SEMVER-MAJOR) process: move DEP0062 (node --debug) to end-of-life (Joyee Cheung) #25828
  • [154efc9bde] - (SEMVER-MAJOR) process: exit on --debug and --debug-brk after option parsing (Joyee Cheung) #25828
  • [3439c955ab] - (SEMVER-MAJOR) process: improve --redirect-warnings handling (Ruben Bridgewater) #24965
  • [d3a62fe7fc] - (SEMVER-MAJOR) readline: support TERM=dumb (Vladislav Kaminsky) #26261
  • [fe963149f6] - (SEMVER-MAJOR) repl: add welcome message (gengjiawen) #25947
  • [97737fd5fb] - (SEMVER-MAJOR) repl: fix terminal default setting (Ruben Bridgewater) #26518
  • [82b3ee776b] - (SEMVER-MAJOR) repl: check colors with .getColorDepth() (Vladislav Kaminsky) #26261
  • [584305841d] - (SEMVER-MAJOR) repl: deprecate REPLServer.rli (Ruben Bridgewater) #26260
  • [bf766c1b44] - (SEMVER-MAJOR) src: remove unused INT_MAX constant (Sam Roberts) #27078
  • [7df9e77236] - (SEMVER-MAJOR) src: update NODE_MODULE_VERSION to 72 (Ujjwal Sharma) #26685
  • [96c3224de0] - (SEMVER-MAJOR) src: remove AddPromiseHook() (Anna Henningsen) #26574
  • [9577f7724d] - (SEMVER-MAJOR) src: update NODE_MODULE_VERSION to 71 (Michaël Zasso) #25852
  • [6d9aa73b1f] - (SEMVER-MAJOR) src: clean up MultiIsolatePlatform interface (Anna Henningsen) #26384
  • [1d996f58af] - (SEMVER-MAJOR) src: properly configure default heap limits (Ali Ijaz Sheikh) #25576
  • [9021b0d3fc] - (SEMVER-MAJOR) src: remove icuDataDir from node config (GauthamBanasandra) #24780
  • [a6f69ebc05] - (SEMVER-MAJOR) src: explicitly allow JS in ReadHostObject (Yang Guo) #23423
  • [3d25544148] - (SEMVER-MAJOR) src: update postmortem constant (cjihrig) #23423
  • [23603447ad] - (SEMVER-MAJOR) src: update NODE_MODULE_VERSION to 68 (Michaël Zasso) #23423
  • [afad3b443e] - (SEMVER-MAJOR) test: update postmortem metadata test for V8 7.4 (cjihrig) #26685
  • [e96e3f9eb0] - (SEMVER-MAJOR) test: remove redundant common.mustCall (Ruben Bridgewater) #26738
  • [01b112a031] - (SEMVER-MAJOR) test: update postmortem metadata test for V8 7.3 (cjihrig) #25852
  • [38ad285a2e] - (SEMVER-MAJOR) test: fix tests after V8 update (Michaël Zasso) #25852
  • [260d5f8c3b] - (SEMVER-MAJOR) test: update test-v8-stats (Michaël Zasso) #25852
  • [78c8491a7e] - (SEMVER-MAJOR) test: remove apply calls over 65534 arg limit (Peter Marshall) #25852
  • [22a9fe3552] - (SEMVER-MAJOR) test: add test for net-socket-setTimeout callback (ZYSzys) #25084
  • [379bf1aa8e] - (SEMVER-MAJOR) test: update postmortem metadata test for V8 7.1 (cjihrig) #23423
  • [624a242b05] - (SEMVER-MAJOR) test: simplify regression test for SEGV (Sam Roberts) #24241
  • [42dbaed460] - (SEMVER-MAJOR) tls: support TLSv1.3 (Sam Roberts) #26209
  • [0f745bf9bd] - (SEMVER-MAJOR) tls: return correct version from getCipher() (Sam Roberts) #26625
  • [6b7c402518] - (SEMVER-MAJOR) tls: check arg types of renegotiate() (Sam Roberts) #25876
  • [b05b330025] - (SEMVER-MAJOR) tls: add code for ERR_TLS_INVALID_PROTOCOL_METHOD (Sam Roberts) #24729
  • [9b2ffff62c] - (SEMVER-MAJOR) tls: emit a warning when servername is an IP address (Rodger Combs) #23329
  • [60eca6a5d4] - (SEMVER-MAJOR) tls: disable TLS v1.0 and v1.1 by default (Ben Noordhuis) #23814
  • [3b4159c8ed] - (SEMVER-MAJOR) tls: remove unused arg to createSecureContext() (Sam Roberts) #24241
  • [246a6fc107] - (SEMVER-MAJOR) tls: deprecate Server.prototype.setOptions() (cjihrig) #23820
  • [87719d792b] - (SEMVER-MAJOR) tls: load NODE_EXTRA_CA_CERTS at startup (Ouyang Yadong) #23354
  • [c9fece38c8] - (SEMVER-MAJOR) util: change inspect compact and breakLength default (Ruben Bridgewater) #27109
  • [892c51f330] - (SEMVER-MAJOR) util: improve inspect edge cases (Ruben Bridgewater) #27109
  • [63e13fd220] - (SEMVER-MAJOR) util: only the first line of the error message (Simon Zünd) #26685
  • [b5ea925c8e] - (SEMVER-MAJOR) util: don't set the prototype of callbackified functions (Ruben Bridgewater) #26893
  • [46bf0d0f4f] - (SEMVER-MAJOR) util: rename callbackified function (Ruben Bridgewater) #26893
  • [61d1334e5b] - (SEMVER-MAJOR) util: increase function length when using callbackify() (Ruben Bridgewater) #26893
  • [5672ab7668] - (SEMVER-MAJOR) util: prevent tampering with internals in inspect() (Ruben Bridgewater) #26577
  • [a32cbe1597] - (SEMVER-MAJOR) util: fix proxy inspection (Ruben Bridgewater) #26241
  • [7b674697d8] - (SEMVER-MAJOR) util: prevent leaking internal properties (Ruben Bridgewater) #24971
  • [1847696f4b] - (SEMVER-MAJOR) util: protect against monkeypatched Object prototype for inspect() (Rich Trott) #25953
  • [c1b9be53c8] - (SEMVER-MAJOR) util: treat format arguments equally (Roman Reiss) #23162
  • [cda6b20816] - (SEMVER-MAJOR) win, fs: detect if symlink target is a directory (Bartosz Sosnowski) #23724
  • [9a2654601e] - (SEMVER-MAJOR) zlib: throw TypeError if callback is missing (Anna Henningsen) #24929
  • [4eee55d354] - (SEMVER-MAJOR) zlib: make “bare” constants un-enumerable (Anna Henningsen) #24824

Semver-Minor Commits

  • [3d8532f851] - (SEMVER-MINOR) buffer: add {read|write}Big[U]Int64{BE|LE} methods (Nikolai Vavilov) #19691
  • [969bd1eb7b] - (SEMVER-MINOR) crypto: add support for RSA-PSS keys (Tobias Nießen) #26960
  • [7d0e50dcfe] - (SEMVER-MINOR) crypto: add crypto.sign() and crypto.verify() (Brian White) #26611
  • [bcbd35a48d] - (SEMVER-MINOR) crypto: add openssl specific error properties (Sam Roberts) #26868
  • [85fda7e848] - (SEMVER-MINOR) crypto: add support for x25119 and x448 KeyObjects (Filip Skokan) #26774
  • [3a9592496c] - (SEMVER-MINOR) crypto: add support for EdDSA key pair generation (Tobias Nießen) #26554
  • [4895927a0a] - (SEMVER-MINOR) crypto: add KeyObject.asymmetricKeySize (Patrick Gansterer) #26387
  • [2161690024] - (SEMVER-MINOR) deps: update nghttp2 to 1.38.0 (gengjiawen) #27295
  • [ffd2df063c] - (SEMVER-MINOR) doc: update util colors (Ruben Bridgewater) #27052
  • [b1094dbe19] - (SEMVER-MINOR) esm: phase two of new esm implementation (guybedford) #26745
  • [e0e3084482] - (SEMVER-MINOR) inspector: implement --cpu-prof[-path] (Joyee Cheung) #27147
  • [9f1282d536] - (SEMVER-MINOR) lib: move queueMicrotask to stable (Gus Caplan) #25594
  • [9b6b567bc4] - (SEMVER-MINOR) lib,src,doc: add --heapsnapshot-signal CLI flag (cjihrig) #27133
  • [9dcc9b6a6b] - (SEMVER-MINOR) process: add --unhandled-rejections flag (Ruben Bridgewater) #26599
  • [ece507394a] - (SEMVER-MINOR) src: do not reuse async resource in http parsers (Daniel Beckert) #25094
  • [2755471bf3] - (SEMVER-MINOR) src: print error before aborting (Ruben Bridgewater) #26599
  • [ca9c0c90c2] - (SEMVER-MINOR) src: add .code and SSL specific error properties (Sam Roberts) #25093
  • [8c69e06972] - (SEMVER-MINOR) tls: return an OpenSSL error from renegotiate (Sam Roberts) #26868
  • [90e958aa4d] - (SEMVER-MINOR) util: only sort weak entries once (Ruben Bridgewater) #27052
  • [1940114ac3] - (SEMVER-MINOR) util: highlight stack frames (Ruben Bridgewater) #27052

Semver-Patch Commits