Notable Changes This release marks the transition of Node.js 16.x into Long Term Support (LTS) with the codename ‘Gallium’. The 16.x release line now moves into “Active LTS” and will remain so until October 2022. After that time, it will move into “Maintenance” until end of life in April 2024. Read more…
Notable Changes Fixed distribution for native addon builds This release fixes an issue introduced in Node.js v17.0.0, where some V8 headers were missing from the distributed tarball, making it impossible to build native addons. These headers are now included. #40526 Fixed stream issues Fixed a regression in 1stream.promises.pipeline , which Read more…
Notable Changes Experimental ESM Loader Hooks API Node.js ESM Loader hooks have been consolidated to represent the steps involved needed to facilitate future loader chaining: 1resolve : 1resolve [+ 1getFormat ] 1load : 1getFormat + 1getSource + 1transformSource For consistency, 1getGlobalPreloadCode has been renamed to 1globalPreload . A loader exporting Read more…
Notable Changes Deprecations and Removals [ 1f182b9b29f ] – (SEMVER-MAJOR) dns: runtime deprecate type coercion of 1dns.lookup options (Antoine du Hamel) #39793 [ 14b030d0573 ] – doc: deprecate (doc-only) http abort related (dr-js) #36670 [ 136e2ffe6dc ] – (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) #40121 [ 164287e4d45 ] Read more…
Notable changes CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium) The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will be available at CVE-2021-22959 after publication. CVE-2021-22960: HTTP Request Smuggling Read more…
Notable changes CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium) The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will be available at CVE-2021-22959 after publication. CVE-2021-22960: HTTP Request Smuggling Read more…
Notable changes CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium) The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will be available at CVE-2021-22959 after publication. CVE-2021-22960: HTTP Request Smuggling Read more…
Notable Changes crypto update root certificates (Richard Lau) #40280 deps upgrade npm to 8.0.0 (npm team) #40369 update 1nghttp2 to v1.45.1 (thunder-coding) #40206 update V8 to 9.4.146.19 (Michaël Zasso) #40285 tools update certdata.txt (Richard Lau) #40280 Commits [ 134f3021ca3 ] – benchmark: add 1util.toUSVString() ‘s benchmark (Khaidi Chu) #40203 [ Read more…
Notable Changes [ 13a60de0135 ] – assert: change status of legacy asserts (James M Snell) #38113 [ 1df37c106a7 ] – (SEMVER-MINOR) buffer: introduce Blob (James M Snell) #36811 [ 1223494c548 ] – (SEMVER-MINOR) buffer: add base64url encoding option (Filip Skokan) #36952 [ 114fc4ddabc ] – (SEMVER-MINOR) child_process: allow 1options.cwd receive Read more…
Notable Changes [ 1fb226ff2ee ] – (SEMVER-MINOR) crypto: add rsa-pss keygen parameters (Filip Skokan) #39927 [ 185206b7311 ] – deps: upgrade npm to 7.24.0 (npm team) #40167 [ 198f56d179c ] – deps: update Acorn to v8.5.0 (Michaël Zasso) #40015 [ 19655329772 ] – doc: add Ayase-252 to collaborators (Qingyu Deng) Read more…
