Notable changes watch mode (experimental) Running in ‘watch’ mode using 1node –watch restarts the process when an imported file is changed. Contributed by Moshe Atlow in #44366 Other notable changes fs: (SEMVER-MINOR) add 1FileHandle.prototype.readLines (Antoine du Hamel) #42590 http: (SEMVER-MINOR) add writeEarlyHints function to ServerResponse (Wing) #44180 http2: (SEMVER-MINOR) make Read more…
Notable changes [ 11cc050eaa8 ] – (SEMVER-MINOR) assert: add 1getCalls and 1reset to callTracker (Moshe Atlow) #44191 [ 1e5c9975f11 ] – (SEMVER-MINOR) crypto: allow zero-length secret KeyObject (Filip Skokan) #44201 [ 1317cd051ce ] – (SEMVER-MINOR) crypto: allow zero-length IKM in HKDF and in webcrypto PBKDF2 (Filip Skokan) #44201 [ 1f80bdc5ef3 Read more…
Notable changes doc: (SEMVER-MINOR) deprecate modp1, modp2, and modp5 groups (Tobias Nießen) #44588 add legendecas to TSC list (Michael Dawson) #44662 move 1policy docs to the 1permissions scope (Rafael Gonzaga) #44222 gyp: libnode for ios app embedding (chexiongsheng) #44210 http: (SEMVER-MINOR) throw error on content-length mismatch (sidwebworks) #44588 stream: (SEMVER-MINOR) Read more…
Notable changes The following CVEs are fixed in this release: CVE-2022-32212: DNS rebinding in –inspect on macOS (High) Insufficient fix for macOS devices on v18.5.0 CVE-2022-32222: Node 18 reads openssl.cnf from /home/iojs/build/ upon startup on MacOS (Medium) CVE-2022-32213: HTTP Request Smuggling – Flawed Parsing of Transfer-Encoding (Medium) Insufficient fix on Read more…
This is a security release. Notable changes The following CVEs are fixed in this release: CVE-2022-32212: DNS rebinding in –inspect on macOS (High) CVE-2022-32213: bypass via obs-fold mechanic (Medium) CVE-2022-35255: Weak randomness in WebCrypto keygen CVE-2022-35256: HTTP Request Smuggling – Incorrect Parsing of Header Fields (Medium) More detailed information on Read more…
Notable changes The following CVEs are fixed in this release: CVE-2022-32212: DNS rebinding in –inspect on macOS (High) CVE-2022-32213: bypass via obs-fold mechanic (Medium) CVE-2022-35256: HTTP Request Smuggling Due to Incorrect Parsing of Header Fields (Medium) More detailed information on each of the vulnerabilities can be found in September 22nd Read more…
Notable changes doc add daeyeon to collaborators (Daeyeon Jeong) #44355 lib (SEMVER-MINOR) add diagnostics channel for process and worker (theanarkh) #44045 os (SEMVER-MINOR) add machine method (theanarkh) #44416 report (SEMVER-MINOR) expose report public native apis (Chengzhong Wu) #44255 src (SEMVER-MINOR) expose environment RequestInterrupt api (Chengzhong Wu) #44362 vm include vm Read more…
Notable changes bootstrap: implement run-time user-land snapshots via –build-snapshot and –snapshot-blob This patch introduces 1–build-snapshot and 1–snapshot-blob options for creating and using user land snapshots. To generate a snapshot using snapshot.js as an entry point and write the snapshot blob to snapshot.blob: 12echo "globalThis.foo = ‘I am from the snapshot’" Read more…
Notable Changes Experimental command-line argument parser API Adds 1util.parseArgs helper for higher level command-line argument parsing. Contributed by Benjamin Coe, John Gee, Darcy Clarke, Joe Sepi, Kevin Gibbons, Aaron Casanova, Jessica Nahulan, and Jordan Harband – #42675 Experimental ESM Loader Hooks API Node.js ESM Loader hooks now support multiple custom Read more…
Notable changes doc: add F3n67u to collaborators (Feng Yu) #43953 deprecate coercion to integer in process.exit (Daeyeon Jeong) #43738 (SEMVER-MINOR) deprecate diagnostics_channel object subscribe method (Stephen Belanger) #42714 events: (SEMVER-MINOR) expose CustomEvent on global with CLI flag (Daeyeon Jeong) #43885 (SEMVER-MINOR) add 1CustomEvent (Daeyeon Jeong) #43514 http: (SEMVER-MINOR) add drop Read more…
