Notable Changes [ 18a90f55a05 ] – (SEMVER-MINOR) fs: allow no-params fsPromises fileHandle read (Nitzan Uziely) #38287 Commits [ 128e16488cf ] – async_hooks,doc: replace process.stdout.fd with 1 (Darshan Sen) #38382 [ 1cbab7ec6e5 ] – benchmark: avoid using 1console.log() (Antoine du Hamel) #38370 [ 1ba15b20062 ] – benchmark: use 1process.hrtime.bigint() (Antoine du Read more…
Notable Changes Deprecations and Removals (SEMVER-MAJOR) fs: remove permissive rmdir recursive (Antoine du Hamel) #37216 (SEMVER-MAJOR) fs: runtime deprecate rmdir recursive option (Antoine du Hamel) #37302 (SEMVER-MAJOR) lib: runtime deprecate access to process.binding(‘http_parser’) (James M Snell) #37813 (SEMVER-MAJOR) lib: runtime deprecate access to process.binding(‘url’) (James M Snell) #37799 (SEMVER-MAJOR) lib: Read more…
Notable Changes Vulnerabilties Fixed: CVE-2021-3450: OpenSSL – CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt Impacts: All versions of the 15.x, 14.x, 12.x and 10.x releases lines CVE-2021-3449: OpenSSL – NULL Read more…
Notable Changes Vulnerabilities fixed: CVE-2021-3450: OpenSSL – CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt Impacts: All versions of the 15.x, 14.x, 12.x and 10.x releases lines CVE-2021-3449: OpenSSL – NULL Read more…
Notable Changes Vulnerabilities fixed: CVE-2021-3450: OpenSSL – CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt Impacts: All versions of the 15.x, 14.x, 12.x and 10.x releases lines CVE-2021-3449: OpenSSL – NULL Read more…
Notable Changes Vulerabilties fixed: CVE-2021-3450: OpenSSL – CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt Impacts: All versions of the 15.x, 14.x, 12.x and 10.x releases lines CVE-2021-3449: OpenSSL – NULL Read more…
Notable Changes buffer: implement btoa and atob (James M Snell) #37529 deps: upgrade npm to 7.7.6 (Ruy Adorno) #37968 This update adds workspaces support to 1npm run and 1npm exec doc: add legacy status to stability index (James M Snell) #37784 add @linkgoron to collaborators (Nitzan Uziely) #37817 http: add Read more…
Notable changes The legacy HTTP parser is runtime deprecated The legacy HTTP parser, selected by the 1–http-parser=legacy command line option, is deprecated with the pending End-of-Life of Node.js 10.x (where it is the only HTTP parser implementation provided) at the end of April 2021. It will now warn on use Read more…
Notable Changes crypto: add optional callback to crypto.sign and crypto.verify (Filip Skokan) #37500 support JWK objects in create*Key (Filip Skokan) #37254 deps: switch openssl to quictls/openssl (James M Snell) #37601 update to cjs-module-lexer@1.1.0 (Guy Bedford) #37712 fs: improve fsPromises writeFile performance (Nitzan Uziely) #37610 improve fsPromises readFile performance (Nitzan Uziely) Read more…
Notable Changes [ 1a3e3156b52 ] – (SEMVER-MINOR) crypto: make FIPS related options always awailable (Vít Ondruch) #36341 [ 19ba5c0f9ba ] – (SEMVER-MINOR) errors: remove experimental from –enable-source-maps (Benjamin Coe) #37362 Commits [ 1d039e6fa80 ] – assert: refactor to avoid unsafe array iteration (Antoine du Hamel) #37344 [ 1d2e5529e08 ] – Read more…
