Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update root certs to NSS 3.71 #40280

Closed
wants to merge 2 commits into from
Closed

Conversation

richardlau
Copy link
Member

Update the root certs as per the instructions in https://github.com/nodejs/node/blob/master/doc/guides/maintaining-root-certs.md.

tools: update certdata.txt

This is the certdata.txt[0] from NSS 3.71, released on 2021-09-30.

This is the version of NSS that will ship in Firefox 94 on
2021-11-02.

[0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_71_RTM/lib/ckfw/builtins/certdata.txt

crypto: update root certificates

Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.

Certificates added:

  • Trustwave Global Certification Authority
  • Trustwave Global ECC P256 Certification Authority
  • Trustwave Global ECC P384 Certification Authority
  • NAVER Global Root Certification Authority
  • AC RAIZ FNMT-RCM SERVIDORES SEGUROS
  • GlobalSign Root R46
  • GlobalSign Root E46
  • GLOBALTRUST 2020
  • ANF Secure Server Root CA
  • Certum EC-384 CA
  • Certum Trusted Root CA
  • TunTrust Root CA
  • HARICA TLS RSA Root CA 2021
  • HARICA TLS ECC Root CA 2021

Certificates removed:

  • GeoTrust Global CA
  • GeoTrust Universal CA
  • GeoTrust Universal CA 2
  • QuoVadis Root CA
  • Sonera Class 2 Root CA
  • Taiwan GRCA
  • GeoTrust Primary Certification Authority
  • thawte Primary Root CA
  • VeriSign Class 3 Public Primary Certification Authority - G5
  • OISTE WISeKey Global Root GA CA
  • GeoTrust Primary Certification Authority - G3
  • thawte Primary Root CA - G2
  • thawte Primary Root CA - G3
  • GeoTrust Primary Certification Authority - G2
  • VeriSign Universal Root Certification Authority
  • VeriSign Class 3 Public Primary Certification Authority - G4
  • Chambers of Commerce Root - 2008
  • Global Chambersign Root - 2008
  • Trustis FPS Root CA
  • EE Certification Centre Root CA
  • Staat der Nederlanden Root CA - G3

This is the certdata.txt[0] from NSS 3.71, released on 2021-09-30.

This is the version of NSS that will ship in Firefox 94 on
2021-11-02.

[0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_71_RTM/lib/ckfw/builtins/certdata.txt
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.

Certificates added:
- Trustwave Global Certification Authority
- Trustwave Global ECC P256 Certification Authority
- Trustwave Global ECC P384 Certification Authority
- NAVER Global Root Certification Authority
- AC RAIZ FNMT-RCM SERVIDORES SEGUROS
- GlobalSign Root R46
- GlobalSign Root E46
- GLOBALTRUST 2020
- ANF Secure Server Root CA
- Certum EC-384 CA
- Certum Trusted Root CA
- TunTrust Root CA
- HARICA TLS RSA Root CA 2021
- HARICA TLS ECC Root CA 2021

Certificates removed:
- GeoTrust Global CA
- GeoTrust Universal CA
- GeoTrust Universal CA 2
- QuoVadis Root CA
- Sonera Class 2 Root CA
- Taiwan GRCA
- GeoTrust Primary Certification Authority
- thawte Primary Root CA
- VeriSign Class 3 Public Primary Certification Authority - G5
- OISTE WISeKey Global Root GA CA
- GeoTrust Primary Certification Authority - G3
- thawte Primary Root CA - G2
- thawte Primary Root CA - G3
- GeoTrust Primary Certification Authority - G2
- VeriSign Universal Root Certification Authority
- VeriSign Class 3 Public Primary Certification Authority - G4
- Chambers of Commerce Root - 2008
- Global Chambersign Root - 2008
- Trustis FPS Root CA
- EE Certification Centre Root CA
- Staat der Nederlanden Root CA - G3
@richardlau richardlau added the notable-change PRs with changes that should be highlighted in changelogs. label Oct 1, 2021
@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. labels Oct 1, 2021
Copy link
Member

@mhdawson mhdawson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rubber STAMP LGTM

@targos
Copy link
Member

targos commented Oct 2, 2021

should this be backported to LTS?

@richardlau richardlau added the request-ci Add this label to start a Jenkins CI on a PR. label Oct 2, 2021
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Oct 2, 2021
@nodejs-github-bot

This comment has been minimized.

@richardlau
Copy link
Member Author

should this be backported to LTS?

Maybe? We did backport the last root cert upate (#35546) to LTS (12).

@nodejs-github-bot

This comment has been minimized.

@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Oct 2, 2021

@richardlau richardlau added the commit-queue Add this label to land a pull request using GitHub Actions. label Oct 4, 2021
@github-actions github-actions bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Oct 4, 2021
@github-actions
Copy link
Contributor

github-actions bot commented Oct 4, 2021

Landed in 4bd8e0e...7f2cb44

@github-actions github-actions bot closed this Oct 4, 2021
nodejs-github-bot pushed a commit that referenced this pull request Oct 4, 2021
This is the certdata.txt[0] from NSS 3.71, released on 2021-09-30.

This is the version of NSS that will ship in Firefox 94 on
2021-11-02.

[0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_71_RTM/lib/ckfw/builtins/certdata.txt

PR-URL: #40280
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
nodejs-github-bot pushed a commit that referenced this pull request Oct 4, 2021
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.

Certificates added:
- Trustwave Global Certification Authority
- Trustwave Global ECC P256 Certification Authority
- Trustwave Global ECC P384 Certification Authority
- NAVER Global Root Certification Authority
- AC RAIZ FNMT-RCM SERVIDORES SEGUROS
- GlobalSign Root R46
- GlobalSign Root E46
- GLOBALTRUST 2020
- ANF Secure Server Root CA
- Certum EC-384 CA
- Certum Trusted Root CA
- TunTrust Root CA
- HARICA TLS RSA Root CA 2021
- HARICA TLS ECC Root CA 2021

Certificates removed:
- GeoTrust Global CA
- GeoTrust Universal CA
- GeoTrust Universal CA 2
- QuoVadis Root CA
- Sonera Class 2 Root CA
- Taiwan GRCA
- GeoTrust Primary Certification Authority
- thawte Primary Root CA
- VeriSign Class 3 Public Primary Certification Authority - G5
- OISTE WISeKey Global Root GA CA
- GeoTrust Primary Certification Authority - G3
- thawte Primary Root CA - G2
- thawte Primary Root CA - G3
- GeoTrust Primary Certification Authority - G2
- VeriSign Universal Root Certification Authority
- VeriSign Class 3 Public Primary Certification Authority - G4
- Chambers of Commerce Root - 2008
- Global Chambersign Root - 2008
- Trustis FPS Root CA
- EE Certification Centre Root CA
- Staat der Nederlanden Root CA - G3

PR-URL: #40280
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
targos pushed a commit that referenced this pull request Oct 4, 2021
This is the certdata.txt[0] from NSS 3.71, released on 2021-09-30.

This is the version of NSS that will ship in Firefox 94 on
2021-11-02.

[0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_71_RTM/lib/ckfw/builtins/certdata.txt

PR-URL: #40280
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
danielleadams added a commit that referenced this pull request Oct 8, 2021
    Notable changes:

    * crypto:
      * update root certificates (Richard Lau) #40280
    * deps:
      * upgrade npm to 8.0.0 (npm team) #40369
      * update `nghttp2` to v1.45.1 (thunder-coding) #40206
      * update V8 to 9.4.146.19 (Michaël Zasso) #40285
    * tools:
      * update certdata.txt (Richard Lau) #40280

    PR-URL: #40319
danielleadams added a commit that referenced this pull request Oct 8, 2021
    Notable changes:

    * crypto:
      * update root certificates (Richard Lau) #40280
    * deps:
      * upgrade npm to 8.0.0 (npm team) #40369
      * update `nghttp2` to v1.45.1 (thunder-coding) #40206
      * update V8 to 9.4.146.19 (Michaël Zasso) #40285
    * tools:
      * update certdata.txt (Richard Lau) #40280

    PR-URL: #40319
@richardlau richardlau deleted the certs branch November 25, 2021 19:24
richardlau added a commit to richardlau/node-1 that referenced this pull request Dec 9, 2021
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.

Certificates added:
- Trustwave Global Certification Authority
- Trustwave Global ECC P256 Certification Authority
- Trustwave Global ECC P384 Certification Authority
- NAVER Global Root Certification Authority
- AC RAIZ FNMT-RCM SERVIDORES SEGUROS
- GlobalSign Root R46
- GlobalSign Root E46
- GLOBALTRUST 2020
- ANF Secure Server Root CA
- Certum EC-384 CA
- Certum Trusted Root CA
- TunTrust Root CA
- HARICA TLS RSA Root CA 2021
- HARICA TLS ECC Root CA 2021

Certificates removed:
- GeoTrust Global CA
- GeoTrust Universal CA
- GeoTrust Universal CA 2
- QuoVadis Root CA
- Sonera Class 2 Root CA
- Taiwan GRCA
- GeoTrust Primary Certification Authority
- thawte Primary Root CA
- VeriSign Class 3 Public Primary Certification Authority - G5
- OISTE WISeKey Global Root GA CA
- GeoTrust Primary Certification Authority - G3
- thawte Primary Root CA - G2
- thawte Primary Root CA - G3
- GeoTrust Primary Certification Authority - G2
- VeriSign Universal Root Certification Authority
- VeriSign Class 3 Public Primary Certification Authority - G4
- Chambers of Commerce Root - 2008
- Global Chambersign Root - 2008
- Trustis FPS Root CA
- EE Certification Centre Root CA
- Staat der Nederlanden Root CA - G3

PR-URL: nodejs#40280
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
richardlau added a commit to richardlau/node-1 that referenced this pull request Dec 9, 2021
This is the certdata.txt[0] from NSS 3.71, released on 2021-09-30.

This is the version of NSS that will ship in Firefox 94 on
2021-11-02.

[0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_71_RTM/lib/ckfw/builtins/certdata.txt

PR-URL: nodejs#40280
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
richardlau added a commit to richardlau/node-1 that referenced this pull request Dec 9, 2021
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.

Certificates added:
- Trustwave Global Certification Authority
- Trustwave Global ECC P256 Certification Authority
- Trustwave Global ECC P384 Certification Authority
- NAVER Global Root Certification Authority
- AC RAIZ FNMT-RCM SERVIDORES SEGUROS
- GlobalSign Root R46
- GlobalSign Root E46
- GLOBALTRUST 2020
- ANF Secure Server Root CA
- Certum EC-384 CA
- Certum Trusted Root CA
- TunTrust Root CA
- HARICA TLS RSA Root CA 2021
- HARICA TLS ECC Root CA 2021

Certificates removed:
- GeoTrust Global CA
- GeoTrust Universal CA
- GeoTrust Universal CA 2
- QuoVadis Root CA
- Sonera Class 2 Root CA
- Taiwan GRCA
- GeoTrust Primary Certification Authority
- thawte Primary Root CA
- VeriSign Class 3 Public Primary Certification Authority - G5
- OISTE WISeKey Global Root GA CA
- GeoTrust Primary Certification Authority - G3
- thawte Primary Root CA - G2
- thawte Primary Root CA - G3
- GeoTrust Primary Certification Authority - G2
- VeriSign Universal Root Certification Authority
- VeriSign Class 3 Public Primary Certification Authority - G4
- Chambers of Commerce Root - 2008
- Global Chambersign Root - 2008
- Trustis FPS Root CA
- EE Certification Centre Root CA
- Staat der Nederlanden Root CA - G3

PR-URL: nodejs#40280
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
richardlau added a commit that referenced this pull request Dec 13, 2021
This is the certdata.txt[0] from NSS 3.71, released on 2021-09-30.

This is the version of NSS that will ship in Firefox 94 on
2021-11-02.

[0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_71_RTM/lib/ckfw/builtins/certdata.txt

PR-URL: #40280
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
richardlau added a commit that referenced this pull request Dec 13, 2021
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.

Certificates added:
- Trustwave Global Certification Authority
- Trustwave Global ECC P256 Certification Authority
- Trustwave Global ECC P384 Certification Authority
- NAVER Global Root Certification Authority
- AC RAIZ FNMT-RCM SERVIDORES SEGUROS
- GlobalSign Root R46
- GlobalSign Root E46
- GLOBALTRUST 2020
- ANF Secure Server Root CA
- Certum EC-384 CA
- Certum Trusted Root CA
- TunTrust Root CA
- HARICA TLS RSA Root CA 2021
- HARICA TLS ECC Root CA 2021

Certificates removed:
- GeoTrust Global CA
- GeoTrust Universal CA
- GeoTrust Universal CA 2
- QuoVadis Root CA
- Sonera Class 2 Root CA
- Taiwan GRCA
- GeoTrust Primary Certification Authority
- thawte Primary Root CA
- VeriSign Class 3 Public Primary Certification Authority - G5
- OISTE WISeKey Global Root GA CA
- GeoTrust Primary Certification Authority - G3
- thawte Primary Root CA - G2
- thawte Primary Root CA - G3
- GeoTrust Primary Certification Authority - G2
- VeriSign Universal Root Certification Authority
- VeriSign Class 3 Public Primary Certification Authority - G4
- Chambers of Commerce Root - 2008
- Global Chambersign Root - 2008
- Trustis FPS Root CA
- EE Certification Centre Root CA
- Staat der Nederlanden Root CA - G3

PR-URL: #40280
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
richardlau added a commit that referenced this pull request Dec 13, 2021
Notable changes:
This release contains a c-ares update to fix a regression introduced in
Node.js 12.22.5 resolving CNAME records containing underscores
(#39780).

Root certificates have been updated to those from Mozilla's Network
Security Services 3.71 (#40280).

PR-URL: TODO
@richardlau richardlau mentioned this pull request Dec 13, 2021
richardlau added a commit that referenced this pull request Dec 13, 2021
Notable changes:
This release contains a c-ares update to fix a regression introduced in
Node.js 12.22.5 resolving CNAME records containing underscores
(#39780).

Root certificates have been updated to those from Mozilla's Network
Security Services 3.71 (#40280).

PR-URL: #41161
richardlau added a commit that referenced this pull request Dec 14, 2021
Notable changes:
This release contains a c-ares update to fix a regression introduced in
Node.js 12.22.5 resolving CNAME records containing underscores
(#39780).

Root certificates have been updated to those from Mozilla's Network
Security Services 3.71 (#40280).

PR-URL: #41161
richardlau added a commit that referenced this pull request Dec 15, 2021
Notable changes:
This release contains a c-ares update to fix a regression introduced in
Node.js 12.22.5 resolving CNAME records containing underscores
(#39780).

Root certificates have been updated to those from Mozilla's Network
Security Services 3.71 (#40280).

PR-URL: #41161
richardlau added a commit that referenced this pull request Dec 16, 2021
Notable changes:
This release contains a c-ares update to fix a regression introduced in
Node.js 12.22.5 resolving CNAME records containing underscores
(#39780).

Root certificates have been updated to those from Mozilla's Network
Security Services 3.71 (#40280).

PR-URL: #41161
richardlau added a commit that referenced this pull request Jan 25, 2022
This is the certdata.txt[0] from NSS 3.71, released on 2021-09-30.

This is the version of NSS that will ship in Firefox 94 on
2021-11-02.

[0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_71_RTM/lib/ckfw/builtins/certdata.txt

PR-URL: #40280
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
richardlau added a commit that referenced this pull request Jan 25, 2022
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.

Certificates added:
- Trustwave Global Certification Authority
- Trustwave Global ECC P256 Certification Authority
- Trustwave Global ECC P384 Certification Authority
- NAVER Global Root Certification Authority
- AC RAIZ FNMT-RCM SERVIDORES SEGUROS
- GlobalSign Root R46
- GlobalSign Root E46
- GLOBALTRUST 2020
- ANF Secure Server Root CA
- Certum EC-384 CA
- Certum Trusted Root CA
- TunTrust Root CA
- HARICA TLS RSA Root CA 2021
- HARICA TLS ECC Root CA 2021

Certificates removed:
- GeoTrust Global CA
- GeoTrust Universal CA
- GeoTrust Universal CA 2
- QuoVadis Root CA
- Sonera Class 2 Root CA
- Taiwan GRCA
- GeoTrust Primary Certification Authority
- thawte Primary Root CA
- VeriSign Class 3 Public Primary Certification Authority - G5
- OISTE WISeKey Global Root GA CA
- GeoTrust Primary Certification Authority - G3
- thawte Primary Root CA - G2
- thawte Primary Root CA - G3
- GeoTrust Primary Certification Authority - G2
- VeriSign Universal Root Certification Authority
- VeriSign Class 3 Public Primary Certification Authority - G4
- Chambers of Commerce Root - 2008
- Global Chambersign Root - 2008
- Trustis FPS Root CA
- EE Certification Centre Root CA
- Staat der Nederlanden Root CA - G3

PR-URL: #40280
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
richardlau added a commit that referenced this pull request Jan 25, 2022
Notable changes:

Corepack:
Node.js now includes Corepack, a script that acts as a bridge between
Node.js projects and the package managers they are intended to be used
with during development.
In practical terms, Corepack will let you use Yarn and pnpm without
having to install them - just like what currently happens with npm,
which is shipped in Node.js by default.

Contributed by Maël Nison - #39608

ICU updated:
ICU has been updated to 70.1. This updates timezone database to 2021a3,
including bringing forward the start for DST for Jordan from March to
February.

Contributed by Michaël Zasso - #40658

New option to disable loading of native addons:
A new command line option `--no-addons` has been added to disallow
loading of native addons.

Contributed by Dominic Elm - #39977

Updated Root Certificates:
Root certificates have been updated to those from Mozilla's Network
Security Services 3.71.

Contributed by Richard Lau - #40280

Other Notable Changes:

crypto:
  * (SEMVER-MINOR) make FIPS related options always available (Vít Ondruch) #36341
lib:
  * (SEMVER-MINOR) add unsubscribe method to non-active DC channels (simon-id) #40433
  * (SEMVER-MINOR) add return value for DC channel.unsubscribe (simon-id) #40433
module:
  * (SEMVER-MINOR) support pattern trailers (Guy Bedford) #39635
src:
  * (SEMVER-MINOR) make napi_create_reference accept symbol (JckXia) #39926

PR-URL: #41696
@richardlau richardlau mentioned this pull request Jan 25, 2022
Linkgoron pushed a commit to Linkgoron/node that referenced this pull request Jan 31, 2022
Notable changes:
This release contains a c-ares update to fix a regression introduced in
Node.js 12.22.5 resolving CNAME records containing underscores
(nodejs#39780).

Root certificates have been updated to those from Mozilla's Network
Security Services 3.71 (nodejs#40280).

PR-URL: nodejs#41161
richardlau added a commit that referenced this pull request Feb 1, 2022
Notable changes:

Corepack:
Node.js now includes Corepack, a script that acts as a bridge between
Node.js projects and the package managers they are intended to be used
with during development.
In practical terms, Corepack will let you use Yarn and pnpm without
having to install them - just like what currently happens with npm,
which is shipped in Node.js by default.

Contributed by Maël Nison - #39608

ICU updated:
ICU has been updated to 70.1. This updates timezone database to 2021a3,
including bringing forward the start for DST for Jordan from March to
February.

Contributed by Michaël Zasso - #40658

New option to disable loading of native addons:
A new command line option `--no-addons` has been added to disallow
loading of native addons.

Contributed by Dominic Elm - #39977

Updated Root Certificates:
Root certificates have been updated to those from Mozilla's Network
Security Services 3.71.

Contributed by Richard Lau - #40280

Other Notable Changes:

crypto:
  * (SEMVER-MINOR) make FIPS related options always available (Vít Ondruch) #36341
lib:
  * (SEMVER-MINOR) add unsubscribe method to non-active DC channels (simon-id) #40433
  * (SEMVER-MINOR) add return value for DC channel.unsubscribe (simon-id) #40433
module:
  * (SEMVER-MINOR) support pattern trailers (Guy Bedford) #39635
src:
  * (SEMVER-MINOR) make napi_create_reference accept symbol (JckXia) #39926

PR-URL: #41696
mwalbeck pushed a commit to mwalbeck/docker-jellyfin-livestream that referenced this pull request Mar 16, 2022
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [node](https://github.com/nodejs/node) | stage | minor | `14.18.3-bullseye-slim` -> `14.19.0-bullseye-slim` |

---

### Release Notes

<details>
<summary>nodejs/node</summary>

### [`v14.19.0`](https://github.com/nodejs/node/releases/v14.19.0)

[Compare Source](nodejs/node@v14.18.3...v14.19.0)

##### Notable Changes

##### Corepack

Node.js now includes Corepack, a script that acts as a bridge between Node.js projects and the package managers they are intended to be used with during development.
In practical terms, **Corepack will let you use Yarn and pnpm without having to install them** - just like what currently happens with npm, which is shipped in Node.js by default.
Please head over to the [Corepack documentation page](https://nodejs.org/dist/latest-v14.x/docs/api/corepack.html) for more information on how to use it.

Contributed by Maël Nison - [#&#8203;39608](nodejs/node#39608)

##### ICU updated

ICU has been updated to 70.1. This updates timezone database to 2021a3, including bringing forward the start for DST for Jordan from March to February.

Contributed by Michaël Zasso - [#&#8203;40658](nodejs/node#40658)

##### New option to disable loading of native addons

A new command line option `--no-addons` has been added to disallow loading of native addons.

Contributed by Dominic Elm - [#&#8203;39977](nodejs/node#39977)

##### Updated Root Certificates

Root certificates have been updated to those from Mozilla's Network Security Services 3.71.

Contributed by Richard Lau - [#&#8203;40280](nodejs/node#40280)

##### Other Notable Changes

-   \[[`0d448eaab5`](nodejs/node@0d448eaab5)] - **(SEMVER-MINOR)** **crypto**: make FIPS related options always available (Vít Ondruch) [#&#8203;36341](nodejs/node#36341)
-   \[[`004eafbebf`](nodejs/node@004eafbebf)] - **(SEMVER-MINOR)** **lib**: add unsubscribe method to non-active DC channels (simon-id) [#&#8203;40433](nodejs/node#40433)
-   \[[`625be7585d`](nodejs/node@625be7585d)] - **(SEMVER-MINOR)** **lib**: add return value for DC channel.unsubscribe (simon-id) [#&#8203;40433](nodejs/node#40433)
-   \[[`607bc74eae`](nodejs/node@607bc74eae)] - **(SEMVER-MINOR)** **module**: support pattern trailers (Guy Bedford) [#&#8203;39635](nodejs/node#39635)
-   \[[`f74fe2a59c`](nodejs/node@f74fe2a59c)] - **(SEMVER-MINOR)** **src**: make napi_create_reference accept symbol (JckXia) [#&#8203;39926](nodejs/node#39926)

##### Commits

-   \[[`0231ffa501`](nodejs/node@0231ffa501)] - **build**: add `--without-corepack` (Jonah Snider) [#&#8203;41060](nodejs/node#41060)
-   \[[`5389b8ab05`](nodejs/node@5389b8ab05)] - **crypto**: update root certificates (Richard Lau) [#&#8203;40280](nodejs/node#40280)
-   \[[`0d448eaab5`](nodejs/node@0d448eaab5)] - **(SEMVER-MINOR)** **crypto**: make FIPS related options always available (Vít Ondruch) [#&#8203;36341](nodejs/node#36341)
-   \[[`cd20ecc7cb`](nodejs/node@cd20ecc7cb)] - **deps**: upgrade Corepack to 0.10 (Maël Nison) [#&#8203;40374](nodejs/node#40374)
-   \[[`737df75e17`](nodejs/node@737df75e17)] - **(SEMVER-MINOR)** **deps**: add corepack (Maël Nison) [#&#8203;39608](nodejs/node#39608)
-   \[[`b85aa5a143`](nodejs/node@b85aa5a143)] - **deps**: upgrade npm to 6.14.16 (Ruy Adorno) [#&#8203;41603](nodejs/node#41603)
-   \[[`2755d391a5`](nodejs/node@2755d391a5)] - **deps**: update ICU to 70.1 (Michaël Zasso) [#&#8203;40658](nodejs/node#40658)
-   \[[`3089326d89`](nodejs/node@3089326d89)] - **deps**: update archs files for OpenSSL-1.1.1m (Richard Lau) [#&#8203;41173](nodejs/node#41173)
-   \[[`59da7c12aa`](nodejs/node@59da7c12aa)] - **deps**: upgrade openssl sources to 1.1.1m (Richard Lau) [#&#8203;41173](nodejs/node#41173)
-   \[[`cede1f26f6`](nodejs/node@cede1f26f6)] - **deps**: add -fno-strict-aliasing flag to libuv (Daniel Bevenius) [#&#8203;40631](nodejs/node#40631)
-   \[[`4477da858f`](nodejs/node@4477da858f)] - **doc**: fix corepack grammar for `--force` flag (Steven) [#&#8203;40762](nodejs/node#40762)
-   \[[`5971d58600`](nodejs/node@5971d58600)] - **doc**: add missing YAML tag in `esm.md` (Antoine du Hamel) [#&#8203;41516](nodejs/node#41516)
-   \[[`e903798ae1`](nodejs/node@e903798ae1)] - **doc**: add note regarding unfinished TLA (Antoine du Hamel) [#&#8203;41434](nodejs/node#41434)
-   \[[`a90defebcf`](nodejs/node@a90defebcf)] - **esm**: make `process.exit()` default to exit code 0 (Gang Chen) [#&#8203;41388](nodejs/node#41388)
-   \[[`fc328f1ab0`](nodejs/node@fc328f1ab0)] - **fs**: nullish coalescing to respect zero positional reads (Omar El-Mihilmy) [#&#8203;40716](nodejs/node#40716)
-   \[[`004eafbebf`](nodejs/node@004eafbebf)] - **(SEMVER-MINOR)** **lib**: add unsubscribe method to non-active DC channels (simon-id) [#&#8203;40433](nodejs/node#40433)
-   \[[`625be7585d`](nodejs/node@625be7585d)] - **(SEMVER-MINOR)** **lib**: add return value for DC channel.unsubscribe (simon-id) [#&#8203;40433](nodejs/node#40433)
-   \[[`2c365961d0`](nodejs/node@2c365961d0)] - **module**: support pattern trailers for imports field (Guy Bedford) [#&#8203;40041](nodejs/node#40041)
-   \[[`607bc74eae`](nodejs/node@607bc74eae)] - **(SEMVER-MINOR)** **module**: support pattern trailers (Guy Bedford) [#&#8203;39635](nodejs/node#39635)
-   \[[`f74fe2a59c`](nodejs/node@f74fe2a59c)] - **(SEMVER-MINOR)** **src**: make napi_create_reference accept symbol (JckXia) [#&#8203;39926](nodejs/node#39926)
-   \[[`b050c65885`](nodejs/node@b050c65885)] - **src**: add option to disable loading native addons (Dominic Elm) [#&#8203;39977](nodejs/node#39977)
-   \[[`c1695ac68a`](nodejs/node@c1695ac68a)] - **tools**: update certdata.txt (Richard Lau) [#&#8203;40280](nodejs/node#40280)

</details>

---

### Configuration

📅 **Schedule**: At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

Reviewed-on: https://git.walbeck.it/mwalbeck/docker-jellyfin-livestream/pulls/97
Co-authored-by: renovate-bot <bot@walbeck.it>
Co-committed-by: renovate-bot <bot@walbeck.it>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. notable-change PRs with changes that should be highlighted in changelogs.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

8 participants