-
Notifications
You must be signed in to change notification settings - Fork 29.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
v14.19.0 proposal #41696
v14.19.0 proposal #41696
Conversation
PR-URL: #39635 Reviewed-By: Bradley Farias <bradley.meck@gmail.com>
PR-URL: #40041 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Geoffrey Booth <webmaster@geoffreybooth.com>
There is no reason to hide FIPS functionality behind build flags. OpenSSL always provide the information about FIPS availability via `FIPS_mode()` function. This makes the user experience more consistent, because the OpenSSL library is always queried and the `crypto.getFips()` always returns OpenSSL settings. Fixes: #34903 Backport-PR-URL: #40241 PR-URL: #36341 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
This commit turns on `-fno-strict-aliasing` in libuv. Fixes: #40368 Refs: libuv/libuv#1230 PR-URL: #40631 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Voltrex <mohammadkeyvanzade94@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
This updates all sources in deps/openssl/openssl by: $ cd deps/openssl/ $ rm -rf openssl $ tar zxf ~/tmp/openssl-1.1.1m.tar.gz $ mv openssl-1.1.1m openssl $ git add --all openssl $ git commit openssl PR-URL: #41173 Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000211.html Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
After an OpenSSL source update, all the config files need to be regenerated and committed by: $ make -C deps/openssl/config $ git add deps/openssl/config/archs $ git add deps/openssl/openssl/include/crypto/bn_conf.h $ git add deps/openssl/openssl/include/crypto/dso_conf.h $ git add deps/openssl/openssl/include/openssl/opensslconf.h $ git commit PR-URL: #41173 Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000211.html Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
Refs: https://github.com/unicode-org/icu/releases/tag/release-70-1 PR-URL: #40658 Backport-PR-URL: #41526 Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
PR-URL: #41603 Reviewed-By: Richard Lau <rlau@redhat.com>
Corepack provides shims for Yarn and pnpm in order to soften the developer experience when working on Node projects. Refs: #15244 Refs: nodejs/TSC#904 PR-URL: #39608 Backport-PR-URL: #40479 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
PR-URL: #40374 Backport-PR-URL: #40479 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
When the file read position is moved passing zero is not respected and `null` is used instead. PR fixes the issues by using nullish coalescing which will return the rhs only when the lhs is `null` or `undefined`; respecting the zero. Fixes: #40715 PR-URL: #40716 Fixes: #40699 Reviewed-By: Robert Nagy <ronagy@icloud.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Evan Lucas <evanlucas@me.com>
PR-URL: #39926 Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com>
This is the certdata.txt[0] from NSS 3.71, released on 2021-09-30. This is the version of NSS that will ship in Firefox 94 on 2021-11-02. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_71_RTM/lib/ckfw/builtins/certdata.txt PR-URL: #40280 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - Trustwave Global Certification Authority - Trustwave Global ECC P256 Certification Authority - Trustwave Global ECC P384 Certification Authority - NAVER Global Root Certification Authority - AC RAIZ FNMT-RCM SERVIDORES SEGUROS - GlobalSign Root R46 - GlobalSign Root E46 - GLOBALTRUST 2020 - ANF Secure Server Root CA - Certum EC-384 CA - Certum Trusted Root CA - TunTrust Root CA - HARICA TLS RSA Root CA 2021 - HARICA TLS ECC Root CA 2021 Certificates removed: - GeoTrust Global CA - GeoTrust Universal CA - GeoTrust Universal CA 2 - QuoVadis Root CA - Sonera Class 2 Root CA - Taiwan GRCA - GeoTrust Primary Certification Authority - thawte Primary Root CA - VeriSign Class 3 Public Primary Certification Authority - G5 - OISTE WISeKey Global Root GA CA - GeoTrust Primary Certification Authority - G3 - thawte Primary Root CA - G2 - thawte Primary Root CA - G3 - GeoTrust Primary Certification Authority - G2 - VeriSign Universal Root Certification Authority - VeriSign Class 3 Public Primary Certification Authority - G4 - Chambers of Commerce Root - 2008 - Global Chambersign Root - 2008 - Trustis FPS Root CA - EE Certification Centre Root CA - Staat der Nederlanden Root CA - G3 PR-URL: #40280 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
PR-URL: #40433 Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com> Reviewed-By: Stephen Belanger <admin@stephenbelanger.com> Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de> Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Bryan English <bryan@bryanenglish.com> Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
PR-URL: #40433 Reviewed-By: Vladimir de Turckheim <vlad2t@hotmail.com> Reviewed-By: Stephen Belanger <admin@stephenbelanger.com> Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de> Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: Bryan English <bryan@bryanenglish.com> Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
PR-URL: #40762 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Juan José Arboleda <soyjuanarbol@gmail.com> Reviewed-By: Voltrex <mohammadkeyvanzade94@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Notable changes: Corepack: Node.js now includes Corepack, a script that acts as a bridge between Node.js projects and the package managers they are intended to be used with during development. In practical terms, Corepack will let you use Yarn and pnpm without having to install them - just like what currently happens with npm, which is shipped in Node.js by default. Contributed by Maël Nison - #39608 ICU updated: ICU has been updated to 70.1. This updates timezone database to 2021a3, including bringing forward the start for DST for Jordan from March to February. Contributed by Michaël Zasso - #40658 New option to disable loading of native addons: A new command line option `--no-addons` has been added to disallow loading of native addons. Contributed by Dominic Elm - #39977 Updated Root Certificates: Root certificates have been updated to those from Mozilla's Network Security Services 3.71. Contributed by Richard Lau - #40280 Other Notable Changes: crypto: * (SEMVER-MINOR) make FIPS related options always available (Vít Ondruch) #36341 lib: * (SEMVER-MINOR) add unsubscribe method to non-active DC channels (simon-id) #40433 * (SEMVER-MINOR) add return value for DC channel.unsubscribe (simon-id) #40433 module: * (SEMVER-MINOR) support pattern trailers (Guy Bedford) #39635 src: * (SEMVER-MINOR) make napi_create_reference accept symbol (JckXia) #39926 PR-URL: #41696
This comment has been minimized.
This comment has been minimized.
CI: https://ci.nodejs.org/job/node-test-pull-request/42153/ RC.0 build on 9beb4f8: https://ci-release.nodejs.org/job/iojs+release/8224/ CITGM |
In terms of notable changes, does anyone want to contribute a summary for the pattern trailers feature (#39635)? @nodejs/modules |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
Binaries for release candidate |
Thank you for doing this @richardlau, I'll let you know if anything comes to mind for the release blog post, but so far the notable changes look pretty good. |
Release build with 9beb4f8: https://ci-release.nodejs.org/job/iojs+release/8234/ |
Notable changes: Corepack: Node.js now includes Corepack, a script that acts as a bridge between Node.js projects and the package managers they are intended to be used with during development. In practical terms, Corepack will let you use Yarn and pnpm without having to install them - just like what currently happens with npm, which is shipped in Node.js by default. Contributed by Maël Nison - #39608 ICU updated: ICU has been updated to 70.1. This updates timezone database to 2021a3, including bringing forward the start for DST for Jordan from March to February. Contributed by Michaël Zasso - #40658 New option to disable loading of native addons: A new command line option `--no-addons` has been added to disallow loading of native addons. Contributed by Dominic Elm - #39977 Updated Root Certificates: Root certificates have been updated to those from Mozilla's Network Security Services 3.71. Contributed by Richard Lau - #40280 Other Notable Changes: crypto: * (SEMVER-MINOR) make FIPS related options always available (Vít Ondruch) #36341 lib: * (SEMVER-MINOR) add unsubscribe method to non-active DC channels (simon-id) #40433 * (SEMVER-MINOR) add return value for DC channel.unsubscribe (simon-id) #40433 module: * (SEMVER-MINOR) support pattern trailers (Guy Bedford) #39635 src: * (SEMVER-MINOR) make napi_create_reference accept symbol (JckXia) #39926 PR-URL: #41696
🎉 |
Release candidate
rc.0
binaries: https://nodejs.org/download/rc/v14.19.0-rc.0/2022-02-01, Version 14.19.0 'Fermium' (LTS), @richardlau
Notable Changes
Corepack
Node.js now includes Corepack, a script that acts as a bridge between Node.js projects and the package managers they are intended to be used with during development.
In practical terms, Corepack will let you use Yarn and pnpm without having to install them - just like what currently happens with npm, which is shipped in Node.js by default.
Please head over to the Corepack documentation page for more information on how to use it.
Contributed by Maël Nison - #39608
ICU updated
ICU has been updated to 70.1. This updates timezone database to 2021a3, including bringing forward the start for DST for Jordan from March to February.
Contributed by Michaël Zasso - #40658
New option to disable loading of native addons
A new command line option
--no-addons
has been added to disallow loading of native addons.Contributed by Dominic Elm - #39977
Updated Root Certificates
Root certificates have been updated to those from Mozilla's Network Security Services 3.71.
Contributed by Richard Lau - #40280
Other Notable Changes
0d448eaab5
] - (SEMVER-MINOR) crypto: make FIPS related options always available (Vít Ondruch) #36341004eafbebf
] - (SEMVER-MINOR) lib: add unsubscribe method to non-active DC channels (simon-id) #40433625be7585d
] - (SEMVER-MINOR) lib: add return value for DC channel.unsubscribe (simon-id) #40433607bc74eae
] - (SEMVER-MINOR) module: support pattern trailers (Guy Bedford) #39635f74fe2a59c
] - (SEMVER-MINOR) src: make napi_create_reference accept symbol (JckXia) #39926Commits
0231ffa501
] - build: add--without-corepack
(Jonah Snider) #410605389b8ab05
] - crypto: update root certificates (Richard Lau) #402800d448eaab5
] - (SEMVER-MINOR) crypto: make FIPS related options always available (Vít Ondruch) #36341cd20ecc7cb
] - deps: upgrade Corepack to 0.10 (Maël Nison) #40374737df75e17
] - (SEMVER-MINOR) deps: add corepack (Maël Nison) #39608b85aa5a143
] - deps: upgrade npm to 6.14.16 (Ruy Adorno) #416032755d391a5
] - deps: update ICU to 70.1 (Michaël Zasso) #406583089326d89
] - deps: update archs files for OpenSSL-1.1.1m (Richard Lau) #4117359da7c12aa
] - deps: upgrade openssl sources to 1.1.1m (Richard Lau) #41173cede1f26f6
] - deps: add -fno-strict-aliasing flag to libuv (Daniel Bevenius) #406314477da858f
] - doc: fix corepack grammar for--force
flag (Steven) #407625971d58600
] - doc: add missing YAML tag inesm.md
(Antoine du Hamel) #41516e903798ae1
] - doc: add note regarding unfinished TLA (Antoine du Hamel) #41434a90defebcf
] - esm: makeprocess.exit()
default to exit code 0 (Gang Chen) #41388fc328f1ab0
] - fs: nullish coalescing to respect zero positional reads (Omar El-Mihilmy) #40716004eafbebf
] - (SEMVER-MINOR) lib: add unsubscribe method to non-active DC channels (simon-id) #40433625be7585d
] - (SEMVER-MINOR) lib: add return value for DC channel.unsubscribe (simon-id) #404332c365961d0
] - module: support pattern trailers for imports field (Guy Bedford) #40041607bc74eae
] - (SEMVER-MINOR) module: support pattern trailers (Guy Bedford) #39635f74fe2a59c
] - (SEMVER-MINOR) src: make napi_create_reference accept symbol (JckXia) #39926b050c65885
] - src: add option to disable loading native addons (Dominic Elm) #39977c1695ac68a
] - tools: update certdata.txt (Richard Lau) #40280