Notable changes The following CVEs are fixed in this release: CVE-2022-32212: DNS rebinding in –inspect on macOS (High) CVE-2022-32213: bypass via obs-fold mechanic (Medium) CVE-2022-35256: HTTP Request Smuggling Due to Incorrect Parsing of Header Fields (Medium) More detailed information on each of the vulnerabilities can be found in September 22nd Read more…
Notable changes doc add daeyeon to collaborators (Daeyeon Jeong) #44355 lib (SEMVER-MINOR) add diagnostics channel for process and worker (theanarkh) #44045 os (SEMVER-MINOR) add machine method (theanarkh) #44416 report (SEMVER-MINOR) expose report public native apis (Chengzhong Wu) #44255 src (SEMVER-MINOR) expose environment RequestInterrupt api (Chengzhong Wu) #44362 vm include vm Read more…
Notable changes bootstrap: implement run-time user-land snapshots via –build-snapshot and –snapshot-blob This patch introduces 1–build-snapshot and 1–snapshot-blob options for creating and using user land snapshots. To generate a snapshot using snapshot.js as an entry point and write the snapshot blob to snapshot.blob: 12echo "globalThis.foo = ‘I am from the snapshot’" Read more…
Notable Changes Experimental command-line argument parser API Adds 1util.parseArgs helper for higher level command-line argument parsing. Contributed by Benjamin Coe, John Gee, Darcy Clarke, Joe Sepi, Kevin Gibbons, Aaron Casanova, Jessica Nahulan, and Jordan Harband – #42675 Experimental ESM Loader Hooks API Node.js ESM Loader hooks now support multiple custom Read more…
Notable changes doc: add F3n67u to collaborators (Feng Yu) #43953 deprecate coercion to integer in process.exit (Daeyeon Jeong) #43738 (SEMVER-MINOR) deprecate diagnostics_channel object subscribe method (Stephen Belanger) #42714 events: (SEMVER-MINOR) expose CustomEvent on global with CLI flag (Daeyeon Jeong) #43885 (SEMVER-MINOR) add 1CustomEvent (Daeyeon Jeong) #43514 http: (SEMVER-MINOR) add drop Read more…
Notable Changes Experimental ESM Loader Hooks API Node.js ESM Loader hooks now support multiple custom loaders, and composition is achieved via “chaining”: 1foo-loader calls 1bar-loader calls 1qux-loader (a custom loader must now signal a short circuit when intentionally not calling the next). See the ESM docs for details. Real-world use-cases Read more…
Notable Changes [ 13f0c3e142d ] – (SEMVER-MAJOR) src,deps,build,test: add OpenSSL config appname (Daniel Bevenius) #43124 [ 19578158ff8 ] – (SEMVER-MAJOR) src,doc,test: add –openssl-shared-config option (Daniel Bevenius) #43124 Node.js now reads 1nodejs_conf section in the 1openssl config [ 1dc7af13486 ] – deps: update archs files for quictls/openssl-3.0.5+quic (RafaelGSS) #43693 [ 1fa72c534eb Read more…
Notable Changes [ 18e8aef836c ] – (SEMVER-MAJOR) src,deps,build,test: add OpenSSL config appname (Daniel Bevenius) #43124 [ 198965b137d ] – deps: upgrade openssl sources to 1.1.1q (RafaelGSS) #43686 Commits [ 1b93e048bf6 ] – deps: update archs files for OpenSSL-1.1.1q (RafaelGSS) #43686 [ 198965b137d ] – deps: upgrade openssl sources to 1.1.1q Read more…
Notable changes deps: upgrade openssl sources to OpenSSL_1_1_1q (RafaelGSS) #43692 src: add OpenSSL config appname (Daniel Bevenius) #43124 Commits [ 12303fd3fe5 ] – deps: update archs files for OpenSSL-1.1.1q (RafaelGSS) #43692 [ 1b219a63c28 ] – deps: upgrade openssl sources to OpenSSL_1_1_1q (RafaelGSS) #43692 [ 1c6553a4ef5 ] – deps: update archs Read more…
Notable Changes crypto: remove Node.js-specific webcrypto extensions (Filip Skokan) #43310 add CFRG curves to Web Crypto API (Filip Skokan) #42507 dns: accept 1’IPv4′ and 1’IPv6′ for 1family (Antoine du Hamel) #43054 report: add more heap infos in process report (theanarkh) #43116 Commits [ 1702bfa0b7c ] – async_hooks: use 1kEmptyObject (LiviaMedeiros) Read more…
