Node v18.15.0 (LTS)

Notable Changes [ 163563f8a7a ] – doc,lib,src,test: rename –test-coverage (Colin Ihrig) #46017 [ 128a775b32f ] – test_runner: add initial code coverage support (Colin Ihrig) #46017 [ 14d50db14b3 ] – (SEMVER-MINOR) test_runner: add reporters (Moshe Atlow) #45712 [ 1643545ab79 ] – (SEMVER-MINOR) fs: add statfs() functions (Colin Ihrig) #46358 [ 1110ead9abb Read more…

Node v19.7.0 (Current)

Notable Changes [ 160a612607e ] – deps: upgrade npm to 9.5.0 (npm team) #46673 [ 17d6c27eab1 ] – deps: add ada as a dependency (Yagiz Nizipli) #46410 [ 1a79a8bf85a ] – doc: add debadree25 to collaborators (Debadree Chatterjee) #46716 [ 10c2c322ee6 ] – doc: add deokjinkim to collaborators (Deokjin Kim) Read more…

Node v18.14.2 (LTS)

Notable Changes [ 1f864bef32a ] – deps: upgrade npm to 9.5.0 (npm team) #46673 Commits [ 1880a65d7ff ] – build: delete 1snapshot.blob file from the project (Juan José Arboleda) #46626 [ 1cbea56efda ] – deps: update undici to 5.20.0 (Node.js GitHub Bot) #46711 [ 1f864bef32a ] – deps: upgrade npm Read more…

Node v18.14.1 (LTS)

Notable Changes The following CVEs are fixed in this release: CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High) CVE-2023-23919: Node.js OpenSSL error handling issues in nodejs crypto library (Medium) CVE-2023-23936: Fetch API in Node.js did not protect against CRLF injection in host headers (Medium) CVE-2023-24807: Regular Expression Denial Read more…

Node v19.6.1 (Current)

Notable Changes The following CVEs are fixed in this release: CVE-2023-23919: OpenSSL errors not cleared in error stack (Medium) CVE-2023-23918: Experimental Policies bypass via 1process.mainModule.require (High) CVE-2023-23920: Insecure loading of ICU data through ICU_DATA environment variable (Low) More detailed information on each of the vulnerabilities can be found in February Read more…

Node v16.19.1 (LTS)

Notable Changes The following CVEs are fixed in this release: CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High) CVE-2023-23919: Node.js OpenSSL error handling issues in nodejs crypto library (Medium) CVE-2023-23920: Node.js insecure loading of ICU data through ICU_DATA environment variable (Low) Fixed by an update to undici: CVE-2023-23936: Read more…

Node v14.21.3 (LTS)

Notable Changes The following CVEs are fixed in this release: CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High) CVE-2023-23920: Node.js insecure loading of ICU data through ICU_DATA environment variable (Low) More detailed information on each of the vulnerabilities can be found in February 2023 Security Releases blog post. Read more…

Node v18.14.0 (LTS)

Notable changes Updated npm to 9.3.1 Based on the list of guidelines we’ve established on integrating 1npm and 1node , here is a grouped list of the breaking changes with the reasoning as to why they fit within the guidelines linked above. Note that all the breaking changes were made Read more…

Node v19.6.0 (Current)

Notable changes ESM: Leverage loaders when resolving subsequent loaders Loaders now apply to subsequent loaders, for example: 1–experimental-loader ts-node –experimental-loader loader-written-in-typescript . Upgrade npm to 9.4.0 Added 1–install-strategy=linked option for installations similar to pnpm. Other notable changes [ 1a7c9daa497 ] – (SEMVER-MINOR) fs: add statfs() functions (Colin Ihrig) #46358 [ Read more…