Node v14.18.1 (LTS)

Notable changes CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium) The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will be available at CVE-2021-22959 after publication. CVE-2021-22960: HTTP Request Smuggling Read more…

Node v16.11.1 (Current)

Notable changes CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium) The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will be available at CVE-2021-22959 after publication. CVE-2021-22960: HTTP Request Smuggling Read more…

Node v16.11.0 (Current)

Notable Changes crypto update root certificates (Richard Lau) #40280 deps upgrade npm to 8.0.0 (npm team) #40369 update 1nghttp2 to v1.45.1 (thunder-coding) #40206 update V8 to 9.4.146.19 (Michaël Zasso) #40285 tools update certdata.txt (Richard Lau) #40280 Commits [ 134f3021ca3 ] – benchmark: add 1util.toUSVString() ‘s benchmark (Khaidi Chu) #40203 [ Read more…

Is Node really ‘hated’?

#​408 — October 7, 2021 Read on the Web Node Weekly Writing Clean JavaScript Tests with the BASIC Principles — An introduction to applying several key principles to shorten, clean, and simplify JavaScript and Node.js-based test suites. Yoni Goldberg Eleventy 1.0 Beta 1 Released — Eleventy (a.k.a. 11ty) is a very Read more…

October 12th 2021 Security Releases

Summary The Node.js project will release new versions of the 12.x, 14.x, and 16.x releases lines on or shortly after Tuesday October 12th, 2021 in order to address: Two medium severity issues Impact The 16.x release line of Node.js is vulnerable to two medium severity issues. The 14.x release line Read more…

Node v14.18.0 (LTS)

Notable Changes [ 13a60de0135 ] – assert: change status of legacy asserts (James M Snell) #38113 [ 1df37c106a7 ] – (SEMVER-MINOR) buffer: introduce Blob (James M Snell) #36811 [ 1223494c548 ] – (SEMVER-MINOR) buffer: add base64url encoding option (Filip Skokan) #36952 [ 114fc4ddabc ] – (SEMVER-MINOR) child_process: allow 1options.cwd receive Read more…

Node v16.10.0 (Current)

Notable Changes [ 1fb226ff2ee ] – (SEMVER-MINOR) crypto: add rsa-pss keygen parameters (Filip Skokan) #39927 [ 185206b7311 ] – deps: upgrade npm to 7.24.0 (npm team) #40167 [ 198f56d179c ] – deps: update Acorn to v8.5.0 (Michaël Zasso) #40015 [ 19655329772 ] – doc: add Ayase-252 to collaborators (Qingyu Deng) Read more…

Deno 1.14 extends Web Crypto API

Deno 1.14, the latest update to the TypeScript/JavaScript runtime and rival to Node.js, features a number of new additions to the Web Crypto API. The Web Crypto API is a standard JavaScript API for performing cryptographic operations such as hashing, signature generation, and encryption and decryption.  Published September 14, Deno Read more…