-
Notifications
You must be signed in to change notification settings - Fork 29.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
deps: update openssl to quictls/openssl 3.0.0+quic #38512
Closed
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
build
Issues and PRs related to build files or the CI.
meta
Issues and PRs related to the general management of the project.
needs-ci
PRs that need a full CI run.
openssl
Issues and PRs related to the OpenSSL dependency.
labels
May 3, 2021
danbev
added
dont-land-on-v12.x
quic
Issues and PRs related to the QUIC implementation / HTTP/3.
labels
May 3, 2021
danbev
force-pushed
the
openssl-3.0-statically-linked
branch
from
May 3, 2021 16:30
bcc569a
to
2b5ef85
Compare
danbev
force-pushed
the
openssl-3.0-statically-linked
branch
from
May 26, 2021 10:49
2b5ef85
to
eaf8adc
Compare
danbev
changed the title
deps: update openssl to quictls/openssl 3.0.0-alpha15+quic (wip)
deps: update openssl to quictls/openssl 3.0.0-alpha17+quic (wip)
May 26, 2021
danbev
force-pushed
the
openssl-3.0-statically-linked
branch
from
May 31, 2021 06:50
04ac9e1
to
d6fb5d7
Compare
danbev
force-pushed
the
openssl-3.0-statically-linked
branch
from
May 31, 2021 11:34
d6fb5d7
to
d677da6
Compare
danbev
force-pushed
the
openssl-3.0-statically-linked
branch
from
June 1, 2021 05:57
d677da6
to
955920c
Compare
danbev
added a commit
to danbev/openssl
that referenced
this pull request
Jun 7, 2021
This commit adds an architecture named aix64-gcc-as which can generate assembler source code compatible with AIX assembler (as) instead of the GNU Assembler (gas). This architecture name is then used in a callback for the .p2align directive which is not available in AIX as. The motivation for this addition came out of an issue we ran into when working on upgrading OpenSSL in Node.js. We ran into the following compilation error on one of the CI machines that uses AIX: 05:39:05 Assembler: 05:39:05 crypto/bn/ppc64-mont-fixed.s: line 4: Error In Syntax This machine is using AIX Version 7.2 and does not have gas installed and the .p2align directive is causing this error. After asking around if it would be possible to install GAS on this machine I learned that AIX GNU utils are not maintained as well as the native AIX ones and we (Red Hat/IBM) have run into issues with the GNU utils in the past and if possible it would be preferable to be able to use the AIX native assembler. Refs: nodejs/node#38512
openssl-machine
pushed a commit
to openssl/openssl
that referenced
this pull request
Jun 8, 2021
This commit adds an architecture named aix64-gcc-as which can generate assembler source code compatible with AIX assembler (as) instead of the GNU Assembler (gas). This architecture name is then used in a callback for the .p2align directive which is not available in AIX as. The motivation for this addition came out of an issue we ran into when working on upgrading OpenSSL in Node.js. We ran into the following compilation error on one of the CI machines that uses AIX: 05:39:05 Assembler: 05:39:05 crypto/bn/ppc64-mont-fixed.s: line 4: Error In Syntax This machine is using AIX Version 7.2 and does not have gas installed and the .p2align directive is causing this error. After asking around if it would be possible to install GAS on this machine I learned that AIX GNU utils are not maintained as well as the native AIX ones and we (Red Hat/IBM) have run into issues with the GNU utils in the past and if possible it would be preferable to be able to use the AIX native assembler. Refs: nodejs/node#38512 Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from #15638)
Just a note that |
danbev
force-pushed
the
openssl-3.0-statically-linked
branch
2 times, most recently
from
June 17, 2021 05:06
c75fdea
to
a8ff58a
Compare
danbev
force-pushed
the
openssl-3.0-statically-linked
branch
from
June 23, 2021 10:15
ba291ca
to
a991d15
Compare
danbev
changed the title
deps: update openssl to quictls/openssl 3.0.0-alpha17+quic (wip)
deps: update openssl to quictls/openssl 3.0.0-beta1+quic (wip)
Jun 23, 2021
Remove semicolon.
danbev
force-pushed
the
openssl-3.0-statically-linked
branch
from
October 10, 2021 13:47
1107e17
to
07ded8b
Compare
19 tasks
Re-run of failing node-test-commit-arm-fanned ✔️ |
danbev
added a commit
that referenced
this pull request
Oct 11, 2021
This pull request updates the OpenSSL version that is statically linked with Node.js from OpenSSl 1.1.1 to quictls OpenSSL 3.0.0+quic. This pull request will replace the OpenSSL version that is currently in the deps directory and when performing a normal build OpenSSL 3.0+quic will be statically linked to the Node.js executable. We will still be able to dynamically link to OpenSSL 1.1.1 and we have a CI job which dynamically links to OpenSSL 1.1.1 which is run for every pull request to make sure that we maintain backward compatibility. PR-URL: #38512 Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Landed in 66da32c. |
This was referenced Oct 13, 2021
2 tasks
23 tasks
BethGriggs
added a commit
that referenced
this pull request
Oct 15, 2021
Notable Changes: Deprecations and Removals: - (SEMVER-MAJOR) dns: runtime deprecate type coercion of `dns.lookup` options (Antoine du Hamel) [#39793] - doc: deprecate (doc-only) http abort related (dr-js) [#36670] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) [#40121] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (Guy Bedford) [#40117] - v8: remove --harmony-top-level-await (Geoffrey Booth) [#40226] OpenSSL 3.0: Node.js now includes OpenSSL 3.0, specifically https://github.com/quictls/openssl which provides QUIC support. For details about all the features in OpenSSL 3.0 please see https://www.openssl.org/blog/blog/2021/09/07/OpenSSL3.Final. (Daniel Bevenius) [#38512] V8 9.5: The V8 JavaScript engine is updated to V8 9.5. This release comes with additional supported types for th `Intl.DisplayNames` API and Extended `timeZoneName` options in the `Intl.DateTimeFormat` API. You can read more details in the V8 9.5 release post https://v8.dev/blog/v8-release-95. (Michaël Zasso) [#40178] Readline Promise API: The `readline` module provides an interface for reading data from a Readable stream (such as `process.stdin`) one line at a time. (Antoine du Hamel) [#37947] Other Notable Changes: - (SEMVER-MAJOR) dns: default to verbatim=true in dns.lookup() (treysis) [#39987] - (SEMVER-MINOR) fs: add FileHandle.prototype.readableWebStream() (James M Snell) [#39331] - (SEMVER-MAJOR) lib: add structuredClone() global (Ethan Arrowood) [#39759] - (SEMVER-MAJOR) lib: expose `DOMException` as global (Khaidi Chu) [#39176] - (SEMVER-MAJOR) stream: finished should error on errored stream (Robert Nagy) [#39235] Semver-Major Commits: - (SEMVER-MAJOR) build: compile with C++17 (MSVC) (Richard Lau) [#38807] - (SEMVER-MAJOR) build: compile with --gnu++17 (Richard Lau) [#38807] - (SEMVER-MAJOR) deps: update V8 to 9.5.172.19 (Michaël Zasso) [#40178] - (SEMVER-MAJOR) deps,test,src,doc,tools: update to OpenSSL 3.0 (Daniel Bevenius) [#38512] - (SEMVER-MAJOR) dgram: tighten `address` validation in `socket.send` (Voltrex) [#39190] - (SEMVER-MAJOR) dns: runtime deprecate type coercion of `dns.lookup` options (Antoine du Hamel) [#39793] - (SEMVER-MAJOR) dns: default to verbatim=true in dns.lookup() (treysis) [#39987] - (SEMVER-MAJOR) doc: update minimum supported FreeBSD to 12.2 (Michaël Zasso) [#40179] - (SEMVER-MAJOR) errors: disp ver on fatal except that causes exit (Divlo) [#38332] - (SEMVER-MAJOR) fs: fix rmsync error swallowing (Nitzan Uziely) [#38684] - (SEMVER-MAJOR) fs: aggregate errors in fsPromises to avoid error swallowing (Nitzan Uziely) [#38259] - (SEMVER-MAJOR) lib: add structuredClone() global (Ethan Arrowood) [#39759] - (SEMVER-MAJOR) lib: expose `DOMException` as global (Khaidi Chu) [#39176] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) [#40121] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (Guy Bedford) [#40117] - (SEMVER-MAJOR) readline: validate `AbortSignal`s and remove unused event listeners (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) readline: introduce promise-based API (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) readline: refactor `Interface` to ES2015 class (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) src: allow CAP\_NET\_BIND\_SERVICE in SafeGetenv (Daniel Bevenius) [#37727] - (SEMVER-MAJOR) src: return Maybe from a couple of functions (Darshan Sen) [#39603] - (SEMVER-MAJOR) src: allow custom PageAllocator in NodePlatform (Shelley Vohr) [#38362] - (SEMVER-MAJOR) stream: fix highwatermark threshold and add the missing error (Rongjian Zhang) [#38700] - (SEMVER-MAJOR) stream: don't emit 'data' after 'error' or 'close' (Robert Nagy) [#39639] - (SEMVER-MAJOR) stream: do not emit `end` on readable error (Szymon Marczak) [#39607] - (SEMVER-MAJOR) stream: forward errored to callback (Robert Nagy) [#39364] - (SEMVER-MAJOR) stream: destroy readable on read error (Robert Nagy) [#39342] - (SEMVER-MAJOR) stream: validate abort signal (Robert Nagy) [#39346] - (SEMVER-MAJOR) stream: unify stream utils (Robert Nagy) [#39294] - (SEMVER-MAJOR) stream: throw on premature close in Readable\ (Darshan Sen) [#39117] - (SEMVER-MAJOR) stream: finished should error on errored stream (Robert Nagy) [#39235] - (SEMVER-MAJOR) stream: error Duplex write/read if not writable/readable (Robert Nagy) [#34385] - (SEMVER-MAJOR) stream: bypass legacy destroy for pipeline and async iteration (Robert Nagy) [#38505] - (SEMVER-MAJOR) url: throw invalid this on detached accessors (James M Snell) [#39752] - (SEMVER-MAJOR) url: forbid certain confusable changes from being introduced by toASCII (Timothy Gu) [#38631] PR-URL: #40119
BethGriggs
added a commit
that referenced
this pull request
Oct 15, 2021
Notable Changes: Deprecations and Removals: - (SEMVER-MAJOR) dns: runtime deprecate type coercion of `dns.lookup` options (Antoine du Hamel) [#39793] - doc: deprecate (doc-only) http abort related (dr-js) [#36670] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) [#40121] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (Guy Bedford) [#40117] - v8: remove --harmony-top-level-await (Geoffrey Booth) [#40226] OpenSSL 3.0: Node.js now includes OpenSSL 3.0, specifically https://github.com/quictls/openssl which provides QUIC support. For details about all the features in OpenSSL 3.0 please see https://www.openssl.org/blog/blog/2021/09/07/OpenSSL3.Final. (Daniel Bevenius) [#38512] V8 9.5: The V8 JavaScript engine is updated to V8 9.5. This release comes with additional supported types for the `Intl.DisplayNames` API and Extended `timeZoneName` options in the `Intl.DateTimeFormat` API. You can read more details in the V8 9.5 release post https://v8.dev/blog/v8-release-95. (Michaël Zasso) [#40178] Readline Promise API: The `readline` module provides an interface for reading data from a Readable stream (such as `process.stdin`) one line at a time. (Antoine du Hamel) [#37947] Other Notable Changes: - (SEMVER-MAJOR) dns: default to verbatim=true in dns.lookup() (treysis) [#39987] - (SEMVER-MAJOR) errors: print Node.js version on fatal exceptions that cause exit (Divlo) [#38332] - (SEMVER-MINOR) fs: add FileHandle.prototype.readableWebStream() (James M Snell) [#39331] - (SEMVER-MAJOR) lib: add structuredClone() global (Ethan Arrowood) [#39759] - (SEMVER-MAJOR) lib: expose `DOMException` as global (Khaidi Chu) [#39176] - (SEMVER-MAJOR) stream: finished should error on errored stream (Robert Nagy) [#39235] Semver-Major Commits: - (SEMVER-MAJOR) build: compile with C++17 (MSVC) (Richard Lau) [#38807] - (SEMVER-MAJOR) build: compile with --gnu++17 (Richard Lau) [#38807] - (SEMVER-MAJOR) deps: update V8 to 9.5.172.19 (Michaël Zasso) [#40178] - (SEMVER-MAJOR) deps,test,src,doc,tools: update to OpenSSL 3.0 (Daniel Bevenius) [#38512] - (SEMVER-MAJOR) dgram: tighten `address` validation in `socket.send` (Voltrex) [#39190] - (SEMVER-MAJOR) dns: runtime deprecate type coercion of `dns.lookup` options (Antoine du Hamel) [#39793] - (SEMVER-MAJOR) dns: default to verbatim=true in dns.lookup() (treysis) [#39987] - (SEMVER-MAJOR) doc: update minimum supported FreeBSD to 12.2 (Michaël Zasso) [#40179] - (SEMVER-MAJOR) errors: disp ver on fatal except that causes exit (Divlo) [#38332] - (SEMVER-MAJOR) fs: fix rmsync error swallowing (Nitzan Uziely) [#38684] - (SEMVER-MAJOR) fs: aggregate errors in fsPromises to avoid error swallowing (Nitzan Uziely) [#38259] - (SEMVER-MAJOR) lib: add structuredClone() global (Ethan Arrowood) [#39759] - (SEMVER-MAJOR) lib: expose `DOMException` as global (Khaidi Chu) [#39176] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) [#40121] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (Guy Bedford) [#40117] - (SEMVER-MAJOR) readline: validate `AbortSignal`s and remove unused event listeners (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) readline: introduce promise-based API (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) readline: refactor `Interface` to ES2015 class (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) src: allow CAP\_NET\_BIND\_SERVICE in SafeGetenv (Daniel Bevenius) [#37727] - (SEMVER-MAJOR) src: return Maybe from a couple of functions (Darshan Sen) [#39603] - (SEMVER-MAJOR) src: allow custom PageAllocator in NodePlatform (Shelley Vohr) [#38362] - (SEMVER-MAJOR) stream: fix highwatermark threshold and add the missing error (Rongjian Zhang) [#38700] - (SEMVER-MAJOR) stream: don't emit 'data' after 'error' or 'close' (Robert Nagy) [#39639] - (SEMVER-MAJOR) stream: do not emit `end` on readable error (Szymon Marczak) [#39607] - (SEMVER-MAJOR) stream: forward errored to callback (Robert Nagy) [#39364] - (SEMVER-MAJOR) stream: destroy readable on read error (Robert Nagy) [#39342] - (SEMVER-MAJOR) stream: validate abort signal (Robert Nagy) [#39346] - (SEMVER-MAJOR) stream: unify stream utils (Robert Nagy) [#39294] - (SEMVER-MAJOR) stream: throw on premature close in Readable\ (Darshan Sen) [#39117] - (SEMVER-MAJOR) stream: finished should error on errored stream (Robert Nagy) [#39235] - (SEMVER-MAJOR) stream: error Duplex write/read if not writable/readable (Robert Nagy) [#34385] - (SEMVER-MAJOR) stream: bypass legacy destroy for pipeline and async iteration (Robert Nagy) [#38505] - (SEMVER-MAJOR) url: throw invalid this on detached accessors (James M Snell) [#39752] - (SEMVER-MAJOR) url: forbid certain confusable changes from being introduced by toASCII (Timothy Gu) [#38631] PR-URL: #40119
25 tasks
BethGriggs
added a commit
that referenced
this pull request
Oct 16, 2021
Notable Changes: Deprecations and Removals: - (SEMVER-MAJOR) dns: runtime deprecate type coercion of `dns.lookup` options (Antoine du Hamel) [#39793] - doc: deprecate (doc-only) http abort related (dr-js) [#36670] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) [#40121] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (Guy Bedford) [#40117] OpenSSL 3.0: Node.js now includes OpenSSL 3.0, specifically https://github.com/quictls/openssl which provides QUIC support. For details about all the features in OpenSSL 3.0 please see https://www.openssl.org/blog/blog/2021/09/07/OpenSSL3.Final. (Daniel Bevenius) [#38512] V8 9.5: The V8 JavaScript engine is updated to V8 9.5. This release comes with additional supported types for the `Intl.DisplayNames` API and Extended `timeZoneName` options in the `Intl.DateTimeFormat` API. You can read more details in the V8 9.5 release post https://v8.dev/blog/v8-release-95. (Michaël Zasso) [#40178] Readline Promise API: The `readline` module provides an interface for reading data from a Readable stream (such as `process.stdin`) one line at a time. (Antoine du Hamel) [#37947] Other Notable Changes: - (SEMVER-MAJOR) dns: default to verbatim=true in dns.lookup() (treysis) [#39987] - (SEMVER-MAJOR) errors: print Node.js version on fatal exceptions that cause exit (Divlo) [#38332] - (SEMVER-MINOR) fs: add FileHandle.prototype.readableWebStream() (James M Snell) [#39331] - (SEMVER-MAJOR) lib: add structuredClone() global (Ethan Arrowood) [#39759] - (SEMVER-MAJOR) lib: expose `DOMException` as global (Khaidi Chu) [#39176] - (SEMVER-MAJOR) stream: finished should error on errored stream (Robert Nagy) [#39235] Semver-Major Commits: - (SEMVER-MAJOR) build: compile with C++17 (MSVC) (Richard Lau) [#38807] - (SEMVER-MAJOR) build: compile with --gnu++17 (Richard Lau) [#38807] - (SEMVER-MAJOR) deps: update V8 to 9.5.172.19 (Michaël Zasso) [#40178] - (SEMVER-MAJOR) deps,test,src,doc,tools: update to OpenSSL 3.0 (Daniel Bevenius) [#38512] - (SEMVER-MAJOR) dgram: tighten `address` validation in `socket.send` (Voltrex) [#39190] - (SEMVER-MAJOR) dns: runtime deprecate type coercion of `dns.lookup` options (Antoine du Hamel) [#39793] - (SEMVER-MAJOR) dns: default to verbatim=true in dns.lookup() (treysis) [#39987] - (SEMVER-MAJOR) doc: update minimum supported FreeBSD to 12.2 (Michaël Zasso) [#40179] - (SEMVER-MAJOR) errors: disp ver on fatal except that causes exit (Divlo) [#38332] - (SEMVER-MAJOR) fs: fix rmsync error swallowing (Nitzan Uziely) [#38684] - (SEMVER-MAJOR) fs: aggregate errors in fsPromises to avoid error swallowing (Nitzan Uziely) [#38259] - (SEMVER-MAJOR) lib: add structuredClone() global (Ethan Arrowood) [#39759] - (SEMVER-MAJOR) lib: expose `DOMException` as global (Khaidi Chu) [#39176] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) [#40121] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (Guy Bedford) [#40117] - (SEMVER-MAJOR) readline: validate `AbortSignal`s and remove unused event listeners (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) readline: introduce promise-based API (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) readline: refactor `Interface` to ES2015 class (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) src: allow CAP\_NET\_BIND\_SERVICE in SafeGetenv (Daniel Bevenius) [#37727] - (SEMVER-MAJOR) src: return Maybe from a couple of functions (Darshan Sen) [#39603] - (SEMVER-MAJOR) src: allow custom PageAllocator in NodePlatform (Shelley Vohr) [#38362] - (SEMVER-MAJOR) stream: fix highwatermark threshold and add the missing error (Rongjian Zhang) [#38700] - (SEMVER-MAJOR) stream: don't emit 'data' after 'error' or 'close' (Robert Nagy) [#39639] - (SEMVER-MAJOR) stream: do not emit `end` on readable error (Szymon Marczak) [#39607] - (SEMVER-MAJOR) stream: forward errored to callback (Robert Nagy) [#39364] - (SEMVER-MAJOR) stream: destroy readable on read error (Robert Nagy) [#39342] - (SEMVER-MAJOR) stream: validate abort signal (Robert Nagy) [#39346] - (SEMVER-MAJOR) stream: unify stream utils (Robert Nagy) [#39294] - (SEMVER-MAJOR) stream: throw on premature close in Readable\ (Darshan Sen) [#39117] - (SEMVER-MAJOR) stream: finished should error on errored stream (Robert Nagy) [#39235] - (SEMVER-MAJOR) stream: error Duplex write/read if not writable/readable (Robert Nagy) [#34385] - (SEMVER-MAJOR) stream: bypass legacy destroy for pipeline and async iteration (Robert Nagy) [#38505] - (SEMVER-MAJOR) url: throw invalid this on detached accessors (James M Snell) [#39752] - (SEMVER-MAJOR) url: forbid certain confusable changes from being introduced by toASCII (Timothy Gu) [#38631] PR-URL: #40119
This was referenced Oct 17, 2021
BethGriggs
added a commit
that referenced
this pull request
Oct 18, 2021
Notable Changes: Deprecations and Removals: - (SEMVER-MAJOR) dns: runtime deprecate type coercion of `dns.lookup` options (Antoine du Hamel) [#39793] - doc: deprecate (doc-only) http abort related (dr-js) [#36670] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) [#40121] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (Guy Bedford) [#40117] OpenSSL 3.0: Node.js now includes OpenSSL 3.0, specifically https://github.com/quictls/openssl which provides QUIC support. While OpenSSL 3.0 APIs should be mostly compatible with those provided by OpenSSL 1.1.1, we do anticipate some ecosystem impact due to tightened restrictions on the allowed algorithms and key sizes. If you hit an `ERR_OSSL_EVP_UNSUPPORTED` error in your application with Node.js 17, it’s likely that your application or a module you’re using is attempting to use an algorithm or key size which is no longer allowed by default with OpenSSL 3.0. A command-line option, `--openssl-legacy-provider`, has been added to revert to the legacy provider as a temporary workaround for these tightened restrictions. For details about all the features in OpenSSL 3.0 please see https://www.openssl.org/blog/blog/2021/09/07/OpenSSL3.Final. (Daniel Bevenius) [#38512] Contributed in #38512, #40478 V8 9.5: The V8 JavaScript engine is updated to V8 9.5. This release comes with additional supported types for the `Intl.DisplayNames` API and Extended `timeZoneName` options in the `Intl.DateTimeFormat` API. You can read more details in the V8 9.5 release post https://v8.dev/blog/v8-release-95. (Michaël Zasso) [#40178] Readline Promise API: The `readline` module provides an interface for reading data from a Readable stream (such as `process.stdin`) one line at a time. (Antoine du Hamel) [#37947] Other Notable Changes: - (SEMVER-MAJOR) dns: default to verbatim=true in dns.lookup() (treysis) [#39987] - (SEMVER-MAJOR) errors: print Node.js version on fatal exceptions that cause exit (Divlo) [#38332] - deps: upgrade npm to 8.1.0 (npm team) [#40463] - (SEMVER-MINOR) fs: add FileHandle.prototype.readableWebStream() (James M Snell) [#39331] - (SEMVER-MAJOR) lib: add structuredClone() global (Ethan Arrowood) [#39759] - (SEMVER-MAJOR) lib: expose `DOMException` as global (Khaidi Chu) [#39176] - (SEMVER-MAJOR) stream: finished should error on errored stream (Robert Nagy) [#39235] Semver-Major Commits: - (SEMVER-MAJOR) build: compile with C++17 (MSVC) (Richard Lau) [#38807] - (SEMVER-MAJOR) build: compile with --gnu++17 (Richard Lau) [#38807] - (SEMVER-MAJOR) deps: update V8 to 9.5.172.19 (Michaël Zasso) [#40178] - (SEMVER-MAJOR) deps,test,src,doc,tools: update to OpenSSL 3.0 (Daniel Bevenius) [#38512] - (SEMVER-MAJOR) dgram: tighten `address` validation in `socket.send` (Voltrex) [#39190] - (SEMVER-MAJOR) dns: runtime deprecate type coercion of `dns.lookup` options (Antoine du Hamel) [#39793] - (SEMVER-MAJOR) dns: default to verbatim=true in dns.lookup() (treysis) [#39987] - (SEMVER-MAJOR) doc: update minimum supported FreeBSD to 12.2 (Michaël Zasso) [#40179] - (SEMVER-MAJOR) errors: disp ver on fatal except that causes exit (Divlo) [#38332] - (SEMVER-MAJOR) fs: fix rmsync error swallowing (Nitzan Uziely) [#38684] - (SEMVER-MAJOR) fs: aggregate errors in fsPromises to avoid error swallowing (Nitzan Uziely) [#38259] - (SEMVER-MAJOR) lib: add structuredClone() global (Ethan Arrowood) [#39759] - (SEMVER-MAJOR) lib: expose `DOMException` as global (Khaidi Chu) [#39176] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) [#40121] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (Guy Bedford) [#40117] - (SEMVER-MAJOR) readline: validate `AbortSignal`s and remove unused event listeners (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) readline: introduce promise-based API (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) readline: refactor `Interface` to ES2015 class (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) src: allow CAP\_NET\_BIND\_SERVICE in SafeGetenv (Daniel Bevenius) [#37727] - (SEMVER-MAJOR) src: return Maybe from a couple of functions (Darshan Sen) [#39603] - (SEMVER-MAJOR) src: allow custom PageAllocator in NodePlatform (Shelley Vohr) [#38362] - (SEMVER-MAJOR) stream: fix highwatermark threshold and add the missing error (Rongjian Zhang) [#38700] - (SEMVER-MAJOR) stream: don't emit 'data' after 'error' or 'close' (Robert Nagy) [#39639] - (SEMVER-MAJOR) stream: do not emit `end` on readable error (Szymon Marczak) [#39607] - (SEMVER-MAJOR) stream: forward errored to callback (Robert Nagy) [#39364] - (SEMVER-MAJOR) stream: destroy readable on read error (Robert Nagy) [#39342] - (SEMVER-MAJOR) stream: validate abort signal (Robert Nagy) [#39346] - (SEMVER-MAJOR) stream: unify stream utils (Robert Nagy) [#39294] - (SEMVER-MAJOR) stream: throw on premature close in Readable\ (Darshan Sen) [#39117] - (SEMVER-MAJOR) stream: finished should error on errored stream (Robert Nagy) [#39235] - (SEMVER-MAJOR) stream: error Duplex write/read if not writable/readable (Robert Nagy) [#34385] - (SEMVER-MAJOR) stream: bypass legacy destroy for pipeline and async iteration (Robert Nagy) [#38505] - (SEMVER-MAJOR) url: throw invalid this on detached accessors (James M Snell) [#39752] - (SEMVER-MAJOR) url: forbid certain confusable changes from being introduced by toASCII (Timothy Gu) [#38631] PR-URL: #40119
BethGriggs
added a commit
that referenced
this pull request
Oct 18, 2021
Notable Changes: Deprecations and Removals: - (SEMVER-MAJOR) dns: runtime deprecate type coercion of `dns.lookup` options (Antoine du Hamel) [#39793] - doc: deprecate (doc-only) http abort related (dr-js) [#36670] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) [#40121] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (Guy Bedford) [#40117] OpenSSL 3.0: Node.js now includes OpenSSL 3.0, specifically https://github.com/quictls/openssl which provides QUIC support. While OpenSSL 3.0 APIs should be mostly compatible with those provided by OpenSSL 1.1.1, we do anticipate some ecosystem impact due to tightened restrictions on the allowed algorithms and key sizes. If you hit an `ERR_OSSL_EVP_UNSUPPORTED` error in your application with Node.js 17, it’s likely that your application or a module you’re using is attempting to use an algorithm or key size which is no longer allowed by default with OpenSSL 3.0. A command-line option, `--openssl-legacy-provider`, has been added to revert to the legacy provider as a temporary workaround for these tightened restrictions. For details about all the features in OpenSSL 3.0 please see https://www.openssl.org/blog/blog/2021/09/07/OpenSSL3.Final. (Daniel Bevenius) [#38512] Contributed in #38512, #40478 V8 9.5: The V8 JavaScript engine is updated to V8 9.5. This release comes with additional supported types for the `Intl.DisplayNames` API and Extended `timeZoneName` options in the `Intl.DateTimeFormat` API. You can read more details in the V8 9.5 release post https://v8.dev/blog/v8-release-95. (Michaël Zasso) [#40178] Readline Promise API: The `readline` module provides an interface for reading data from a Readable stream (such as `process.stdin`) one line at a time. (Antoine du Hamel) [#37947] Other Notable Changes: - (SEMVER-MAJOR) dns: default to verbatim=true in dns.lookup() (treysis) [#39987] - (SEMVER-MAJOR) errors: print Node.js version on fatal exceptions that cause exit (Divlo) [#38332] - deps: upgrade npm to 8.1.0 (npm team) [#40463] - (SEMVER-MINOR) fs: add FileHandle.prototype.readableWebStream() (James M Snell) [#39331] - (SEMVER-MAJOR) lib: add structuredClone() global (Ethan Arrowood) [#39759] - (SEMVER-MAJOR) lib: expose `DOMException` as global (Khaidi Chu) [#39176] - (SEMVER-MAJOR) stream: finished should error on errored stream (Robert Nagy) [#39235] Semver-Major Commits: - (SEMVER-MAJOR) build: compile with C++17 (MSVC) (Richard Lau) [#38807] - (SEMVER-MAJOR) build: compile with --gnu++17 (Richard Lau) [#38807] - (SEMVER-MAJOR) deps: update V8 to 9.5.172.19 (Michaël Zasso) [#40178] - (SEMVER-MAJOR) deps,test,src,doc,tools: update to OpenSSL 3.0 (Daniel Bevenius) [#38512] - (SEMVER-MAJOR) dgram: tighten `address` validation in `socket.send` (Voltrex) [#39190] - (SEMVER-MAJOR) dns: runtime deprecate type coercion of `dns.lookup` options (Antoine du Hamel) [#39793] - (SEMVER-MAJOR) dns: default to verbatim=true in dns.lookup() (treysis) [#39987] - (SEMVER-MAJOR) doc: update minimum supported FreeBSD to 12.2 (Michaël Zasso) [#40179] - (SEMVER-MAJOR) errors: disp ver on fatal except that causes exit (Divlo) [#38332] - (SEMVER-MAJOR) fs: fix rmsync error swallowing (Nitzan Uziely) [#38684] - (SEMVER-MAJOR) fs: aggregate errors in fsPromises to avoid error swallowing (Nitzan Uziely) [#38259] - (SEMVER-MAJOR) lib: add structuredClone() global (Ethan Arrowood) [#39759] - (SEMVER-MAJOR) lib: expose `DOMException` as global (Khaidi Chu) [#39176] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) [#40121] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (Guy Bedford) [#40117] - (SEMVER-MAJOR) readline: validate `AbortSignal`s and remove unused event listeners (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) readline: introduce promise-based API (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) readline: refactor `Interface` to ES2015 class (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) src: allow CAP\_NET\_BIND\_SERVICE in SafeGetenv (Daniel Bevenius) [#37727] - (SEMVER-MAJOR) src: return Maybe from a couple of functions (Darshan Sen) [#39603] - (SEMVER-MAJOR) src: allow custom PageAllocator in NodePlatform (Shelley Vohr) [#38362] - (SEMVER-MAJOR) stream: fix highwatermark threshold and add the missing error (Rongjian Zhang) [#38700] - (SEMVER-MAJOR) stream: don't emit 'data' after 'error' or 'close' (Robert Nagy) [#39639] - (SEMVER-MAJOR) stream: do not emit `end` on readable error (Szymon Marczak) [#39607] - (SEMVER-MAJOR) stream: forward errored to callback (Robert Nagy) [#39364] - (SEMVER-MAJOR) stream: destroy readable on read error (Robert Nagy) [#39342] - (SEMVER-MAJOR) stream: validate abort signal (Robert Nagy) [#39346] - (SEMVER-MAJOR) stream: unify stream utils (Robert Nagy) [#39294] - (SEMVER-MAJOR) stream: throw on premature close in Readable\ (Darshan Sen) [#39117] - (SEMVER-MAJOR) stream: finished should error on errored stream (Robert Nagy) [#39235] - (SEMVER-MAJOR) stream: error Duplex write/read if not writable/readable (Robert Nagy) [#34385] - (SEMVER-MAJOR) stream: bypass legacy destroy for pipeline and async iteration (Robert Nagy) [#38505] - (SEMVER-MAJOR) url: throw invalid this on detached accessors (James M Snell) [#39752] - (SEMVER-MAJOR) url: forbid certain confusable changes from being introduced by toASCII (Timothy Gu) [#38631] PR-URL: #40119
BethGriggs
added a commit
that referenced
this pull request
Oct 19, 2021
Notable Changes: Deprecations and Removals: - (SEMVER-MAJOR) dns: runtime deprecate type coercion of `dns.lookup` options (Antoine du Hamel) [#39793] - doc: deprecate (doc-only) http abort related (dr-js) [#36670] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) [#40121] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (Guy Bedford) [#40117] OpenSSL 3.0: Node.js now includes OpenSSL 3.0, specifically https://github.com/quictls/openssl which provides QUIC support. While OpenSSL 3.0 APIs should be mostly compatible with those provided by OpenSSL 1.1.1, we do anticipate some ecosystem impact due to tightened restrictions on the allowed algorithms and key sizes. If you hit an `ERR_OSSL_EVP_UNSUPPORTED` error in your application with Node.js 17, it’s likely that your application or a module you’re using is attempting to use an algorithm or key size which is no longer allowed by default with OpenSSL 3.0. A command-line option, `--openssl-legacy-provider`, has been added to revert to the legacy provider as a temporary workaround for these tightened restrictions. For details about all the features in OpenSSL 3.0 please see https://www.openssl.org/blog/blog/2021/09/07/OpenSSL3.Final. (Daniel Bevenius) [#38512] Contributed in #38512, #40478 V8 9.5: The V8 JavaScript engine is updated to V8 9.5. This release comes with additional supported types for the `Intl.DisplayNames` API and Extended `timeZoneName` options in the `Intl.DateTimeFormat` API. You can read more details in the V8 9.5 release post https://v8.dev/blog/v8-release-95. (Michaël Zasso) [#40178] Readline Promise API: The `readline` module provides an interface for reading data from a Readable stream (such as `process.stdin`) one line at a time. (Antoine du Hamel) [#37947] Other Notable Changes: - (SEMVER-MAJOR) dns: default to verbatim=true in dns.lookup() (treysis) [#39987] - (SEMVER-MAJOR) errors: print Node.js version on fatal exceptions that cause exit (Divlo) [#38332] - deps: upgrade npm to 8.1.0 (npm team) [#40463] - (SEMVER-MINOR) fs: add FileHandle.prototype.readableWebStream() (James M Snell) [#39331] - (SEMVER-MAJOR) lib: add structuredClone() global (Ethan Arrowood) [#39759] - (SEMVER-MAJOR) lib: expose `DOMException` as global (Khaidi Chu) [#39176] - (SEMVER-MAJOR) stream: finished should error on errored stream (Robert Nagy) [#39235] Semver-Major Commits: - (SEMVER-MAJOR) build: compile with C++17 (MSVC) (Richard Lau) [#38807] - (SEMVER-MAJOR) build: compile with --gnu++17 (Richard Lau) [#38807] - (SEMVER-MAJOR) deps: update V8 to 9.5.172.19 (Michaël Zasso) [#40178] - (SEMVER-MAJOR) deps,test,src,doc,tools: update to OpenSSL 3.0 (Daniel Bevenius) [#38512] - (SEMVER-MAJOR) dgram: tighten `address` validation in `socket.send` (Voltrex) [#39190] - (SEMVER-MAJOR) dns: runtime deprecate type coercion of `dns.lookup` options (Antoine du Hamel) [#39793] - (SEMVER-MAJOR) dns: default to verbatim=true in dns.lookup() (treysis) [#39987] - (SEMVER-MAJOR) doc: update minimum supported FreeBSD to 12.2 (Michaël Zasso) [#40179] - (SEMVER-MAJOR) errors: disp ver on fatal except that causes exit (Divlo) [#38332] - (SEMVER-MAJOR) fs: fix rmsync error swallowing (Nitzan Uziely) [#38684] - (SEMVER-MAJOR) fs: aggregate errors in fsPromises to avoid error swallowing (Nitzan Uziely) [#38259] - (SEMVER-MAJOR) lib: add structuredClone() global (Ethan Arrowood) [#39759] - (SEMVER-MAJOR) lib: expose `DOMException` as global (Khaidi Chu) [#39176] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) [#40121] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (Guy Bedford) [#40117] - (SEMVER-MAJOR) readline: validate `AbortSignal`s and remove unused event listeners (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) readline: introduce promise-based API (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) readline: refactor `Interface` to ES2015 class (Antoine du Hamel) [#37947] - (SEMVER-MAJOR) src: allow CAP\_NET\_BIND\_SERVICE in SafeGetenv (Daniel Bevenius) [#37727] - (SEMVER-MAJOR) src: return Maybe from a couple of functions (Darshan Sen) [#39603] - (SEMVER-MAJOR) src: allow custom PageAllocator in NodePlatform (Shelley Vohr) [#38362] - (SEMVER-MAJOR) stream: fix highwatermark threshold and add the missing error (Rongjian Zhang) [#38700] - (SEMVER-MAJOR) stream: don't emit 'data' after 'error' or 'close' (Robert Nagy) [#39639] - (SEMVER-MAJOR) stream: do not emit `end` on readable error (Szymon Marczak) [#39607] - (SEMVER-MAJOR) stream: forward errored to callback (Robert Nagy) [#39364] - (SEMVER-MAJOR) stream: destroy readable on read error (Robert Nagy) [#39342] - (SEMVER-MAJOR) stream: validate abort signal (Robert Nagy) [#39346] - (SEMVER-MAJOR) stream: unify stream utils (Robert Nagy) [#39294] - (SEMVER-MAJOR) stream: throw on premature close in Readable\ (Darshan Sen) [#39117] - (SEMVER-MAJOR) stream: finished should error on errored stream (Robert Nagy) [#39235] - (SEMVER-MAJOR) stream: error Duplex write/read if not writable/readable (Robert Nagy) [#34385] - (SEMVER-MAJOR) stream: bypass legacy destroy for pipeline and async iteration (Robert Nagy) [#38505] - (SEMVER-MAJOR) url: throw invalid this on detached accessors (James M Snell) [#39752] - (SEMVER-MAJOR) url: forbid certain confusable changes from being introduced by toASCII (Timothy Gu) [#38631] PR-URL: #40119
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
build
Issues and PRs related to build files or the CI.
meta
Issues and PRs related to the general management of the project.
needs-ci
PRs that need a full CI run.
openssl
Issues and PRs related to the OpenSSL dependency.
quic
Issues and PRs related to the QUIC implementation / HTTP/3.
semver-major
PRs that contain breaking changes and should be released in the next major version.
tsc-agenda
Issues and PRs to discuss during the meetings of the TSC.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request updates the OpenSSL version that is statically linked with Node.js from OpenSSl 1.1.1 to quictls OpenSSL 3.0.0+quic.
This pull request will replace the OpenSSL version that is currently in the
deps
directory and when performing a normal build OpenSSL 3.0+quic will be statically linked to the Node.js executable. We will still be able to dynamically link to OpenSSL 1.1.1 and we have a CI job which dynamically links to OpenSSL 1.1.1 which is run for every pull request to make sure that we maintain backward compatibility.The question is when does the community think that we should make this switch to OpenSSL 3.0+quic?
Building
Verify that OpenSSL is statically linked
Building with FIPS support
The above command will build and install the FIPS module into the
out
directory.This includes building
fips.so
, running theinstallfips
command that generates the FIPS configuration file (fipsmodule.cnf
), copying and updatingopenssl.cnf
to include the correct path tofipsmodule.cnf
and finally uncomment the fips section.We can then run node specifying
--enable-fips
:The above will use the Node's default locations for OpenSSL 3.0:
Hopefully having these defaults will enable for CI jobs to be configured without too much trouble, and also enable developers to configure FIPS for development/testing.