Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

v18.7.0 proposal #43993

Merged
merged 125 commits into from
Jul 26, 2022
Merged

v18.7.0 proposal #43993

merged 125 commits into from
Jul 26, 2022

Conversation

danielleadams
Copy link
Contributor

@danielleadams danielleadams commented Jul 26, 2022

2022-07-26, Version 18.7.0 (Current), @danielleadams

Notable changes

  • doc:
    • add F3n67u to collaborators (Feng Yu) #43953
    • deprecate coercion to integer in process.exit (Daeyeon Jeong) #43738
    • (SEMVER-MINOR) deprecate diagnostics_channel object subscribe method (Stephen Belanger) #42714
  • events:
    • (SEMVER-MINOR) expose CustomEvent on global with CLI flag (Daeyeon Jeong) #43885
    • (SEMVER-MINOR) add CustomEvent (Daeyeon Jeong) #43514
  • http:
    • (SEMVER-MINOR) add drop request event for http server (theanarkh) #43806
  • lib:
    • (SEMVER-MINOR) improved diagnostics_channel subscribe/unsubscribe (Stephen Belanger) #42714
  • util:
    • (SEMVER-MINOR) add tokens to parseArgs (John Gee) #43459

Commits

npm-cli-bot and others added 30 commits July 21, 2022 16:41
PR-URL: #43826
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Mohammed Keyvanzadeh <[email protected]>
Reviewed-By: Darshan Sen <[email protected]>
PR-URL: #43917
Reviewed-By: Myles Borins <[email protected]>
Reviewed-By: Mestery <[email protected]>
Reviewed-By: Mohammed Keyvanzadeh <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Tobias Nießen <[email protected]>
PR-URL: #43729
Reviewed-By: Antoine du Hamel <[email protected]>
Reviewed-By: Benjamin Gruenbaum <[email protected]>
Treat redirects without Location and other 3xx responses as errors

PR-URL: #43742
Refs: #43689
Reviewed-By: Antoine du Hamel <[email protected]>
Reviewed-By: Jacob Smith <[email protected]>
This change adds a new script that queries vulnerability databases
in order to find if any of Node's dependencies is vulnerable.

The `deps/` directory of Node's repo is scanned to gather the
currently used version of each dependency, and if any vulnerability
is found for that version a message is printed out with its ID and
a link to a description of the issue.

Refs: nodejs/security-wg#802

PR-URL: #43362
Reviewed-By: Michael Dawson <[email protected]>
Reviewed-By: Vladimir de Turckheim <[email protected]>
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Refs: #43680

PR-URL: #43792
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
Fix uninitialized pointer field warning in test

Signed-off-by: Michael Dawson <[email protected]>

PR-URL: #43631
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Mohammed Keyvanzadeh <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
PR-URL: #43767
Fixes: #43766
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Darshan Sen <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Qingyu Deng <[email protected]>
PR-URL: #43758
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Ruben Bridgewater <[email protected]>
Signed-off-by: Varun Sharma <[email protected]>

PR-URL: #43743
Reviewed-By: Antoine du Hamel <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Move big and/or infrequently used functions from env-inl.h to env.cc to
speed up build times and reduce binary bloat.

This commit also touches async_wrap-inl.h and base_object-inl.h because
those are closely interwined with env-inl.h.

Non-functional change.

Refs: #43712

PR-URL: #43745
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Darshan Sen <[email protected]>
Reviewed-By: Richard Lau <[email protected]>
PR-URL: #43769
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Darshan Sen <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Antoine du Hamel <[email protected]>
Reviewed-By: Mohammed Keyvanzadeh <[email protected]>
PR-URL: #43515
Reviewed-By: Matteo Collina <[email protected]>
Reviewed-By: Benjamin Gruenbaum <[email protected]>
Reviewed-By: James M Snell <[email protected]>
This function returns a Proxy object that throws on attempt to mutate it
Functions and primitives are returned directly

PR-URL: #43196
Reviewed-By: Darshan Sen <[email protected]>
Reviewed-By: Antoine du Hamel <[email protected]>
PR-URL: #43770
Reviewed-By: Darshan Sen <[email protected]>
Reviewed-By: Michael Dawson <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Original commit message:

    [module] Fix aborts in terminated async module evaluation

    SourceTextModule::ExecuteAsyncModule asserts the execution of
    the module's async function to succeed without exception. However,
    the problem is that TerminateExecution initiated by embedders is
    breaking that assumption. The execution can be terminated with an
    exception and the exception is not catchable by JavaScript.

    The uncatchable exceptions during the async module evaluation need
    to be raised to the embedder and not crash the process if possible.

    Refs: #43182

    Change-Id: Ifc152428b95945b6b49a2f70ba35018cfc0ce40b
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3696493
    Reviewed-by: Camillo Bruni <[email protected]>
    Commit-Queue: Chengzhong Wu <[email protected]>
    Cr-Commit-Position: refs/heads/main@{#81307}

Refs: v8/v8@22698d2

PR-URL: #43751
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Gus Caplan <[email protected]>
PR-URL: #43751
Refs: v8/v8@22698d2
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Gus Caplan <[email protected]>
PR-URL: #43739
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Myles Borins <[email protected]>
Disable prebuilds for pull requests.

addComment now defaults to false so we don't need to set it anymore.

Refs: #43789 (comment)
Refs: https://www.gitpod.io/docs/prebuilds#github-specific-configuration

PR-URL: #43829
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Darshan Sen <[email protected]>
PR-URL: #43505
Refs: #43490
Reviewed-By: Benjamin Gruenbaum <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Signed-off-by: Matteo Collina <[email protected]>

PR-URL: #43775
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Antoine du Hamel <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Darshan Sen <[email protected]>
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Robert Nagy <[email protected]>
Reviewed-By: Tobias Nießen <[email protected]>
PR-URL: #43556
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Chengzhong Wu <[email protected]>
PR-URL: #43797
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Tobias Nießen <[email protected]>
Support for the 'node:' prefixed builtin module namespace was introduced
for `require()` expressions in Node v16.0.0, and backported to v14.18.0.
This was never supported in Node v15.x or chronologically older.

All of the current API history notes in the docs using 'node:' prefixed
module `require()`s happen to be documenting changes in Node versions
from before the time when support was first introduced.

This commit reverts those `require()`s in the history notes to be
un-prefixed. (They were incorrect as written; The prefixed `require()`s
would not work for those older Node versions.)

This change prevents the API history notes from inaccurately implying
'node:' prefixed builtin modules were introduced many Node versions ago,
or were `require()`-able with the 'node:' prefix in those Node versions.

Refs: #35387
Refs: #37246
Refs: #42752

PR-URL: #43768
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Darshan Sen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Adds a new top-level subscribe/unsubscribe which will ref/unref the
channel WeakReference to prevent subscriptions from getting garbage
collected.

PR-URL: #42714
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Chengzhong Wu <[email protected]>
Reviewed-By: Gerhard Stöbich <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Vladimir de Turckheim <[email protected]>
PR-URL: #42714
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Chengzhong Wu <[email protected]>
Reviewed-By: Gerhard Stöbich <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Vladimir de Turckheim <[email protected]>
This fixes a comparison failure occurring when the upper value of a
type tag is 0, or a type tag value is 0.

Signed-off-by: Daeyeon Jeong [email protected]

PR-URL: #43788
Fixes: #43786
Reviewed-By: Michael Dawson <[email protected]>
Reviewed-By: Chengzhong Wu <[email protected]>
Instead of accepting either a std::string or a mysterious Local<Value>,
accept any std::string_view, which can trivially be constructed from
both strings and ArrayBufferViews.

This also removes the need to check IsArrayBufferView() inside of
SetALPN, which was dead code anyway.

PR-URL: #43756
Reviewed-By: Darshan Sen <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Joyee Cheung <[email protected]>
tniessen and others added 2 commits July 25, 2022 21:44
Rewrite FindDiffieHellmanGroup() using OpenSSL helper functions to
obtain the required constants directly, instead of loading them from
our own crypto_groups.h and converting them to BIGNUMs.

This also removes the need for the struct modp_group, so we can delete
crypto_groups.h altogether.

PR-URL: #43896
Reviewed-By: Filip Skokan <[email protected]>
PR-URL: #43985
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/actions

@nodejs-github-bot nodejs-github-bot added meta Issues and PRs related to the general management of the project. tools Issues and PRs related to the tools directory. v18.x Issues that can be reproduced on v18.x or PRs targeting the v18.x-staging branch. labels Jul 26, 2022
danielleadams added a commit that referenced this pull request Jul 26, 2022
Notable changes:

* doc:
  * add F3n67u to collaborators (Feng Yu)#43953
  * deprecate coercion to integer in process.exit (Daeyeon Jeong) #43738
  * (SEMVER-MINOR) deprecate diagnostics_channel object subscribe method
  (Stephen Belanger) #42714
* events:
  * (SEMVER-MINOR) expose CustomEvent on global with CLI flag (Daeyeon
  Jeong) #43885
  * (SEMVER-MINOR) add `CustomEvent` (Daeyeon Jeong) #43514
* http:
  * (SEMVER-MINOR) add drop request event for http server (theanarkh) #43806
* lib:
  * (SEMVER-MINOR) improved diagnostics_channel subscribe/unsubscribe
  (Stephen Belanger) #42714
* util:
  * (SEMVER-MINOR) add tokens to parseArgs (John Gee) #43459

PR-URL: #43993
Notable changes:

* doc:
  * add F3n67u to collaborators (Feng Yu) #43953
  * deprecate coercion to integer in process.exit (Daeyeon Jeong)
  #43738
  * (SEMVER-MINOR) deprecate diagnostics_channel object subscribe method
  (Stephen Belanger) #42714
* events:
  * (SEMVER-MINOR) expose CustomEvent on global with CLI flag (Daeyeon
  Jeong) #43885
  * (SEMVER-MINOR) add `CustomEvent` (Daeyeon Jeong) #43514
* http:
  * (SEMVER-MINOR) add drop request event for http server (theanarkh)
  #43806
* lib:
  * (SEMVER-MINOR) improved diagnostics_channel subscribe/unsubscribe
  (Stephen Belanger) #42714
* util:
  * (SEMVER-MINOR) add tokens to parseArgs (John Gee) #43459

PR-URL: #43993
@nodejs-github-bot

This comment was marked as outdated.

@danielleadams danielleadams added the release Issues and PRs related to Node.js releases. label Jul 26, 2022
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Jul 26, 2022

Copy link
Member

@RafaelGSS RafaelGSS left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

@danielleadams
Copy link
Contributor Author

@F3n67u
Copy link
Member

F3n67u commented Jul 26, 2022

I have a question about releases process: I see https://ci.nodejs.org/job/citgm-smoker/2971/ has 70+ failures. Do we need resolve all of those before releasing?

@richardlau
Copy link
Member

I have a question about releases process: I see https://ci.nodejs.org/job/citgm-smoker/2971/ has 70+ failures. Do we need resolve all of those before releasing?

No. We need to check if there are regressions from the previous release and then, if any, decide if those are intentional. 70+ failures is a lot of noise to have to filter, so anyone with spare cycles that wants to look into some of those failures would be welcome. The important takeaway is CITGM is unlike other tests we run in the CI that have to not fail --- CITGM is more of an early warning system that we may have broken the ecosystem.

@danielleadams danielleadams merged commit 75b68c6 into v18.x Jul 26, 2022
@danielleadams danielleadams deleted the v18.7.0-proposal branch July 26, 2022 22:06
danielleadams added a commit that referenced this pull request Jul 26, 2022
danielleadams added a commit that referenced this pull request Jul 26, 2022
Notable changes:

* doc:
  * add F3n67u to collaborators (Feng Yu) #43953
  * deprecate coercion to integer in process.exit (Daeyeon Jeong)
  #43738
  * (SEMVER-MINOR) deprecate diagnostics_channel object subscribe method
  (Stephen Belanger) #42714
* events:
  * (SEMVER-MINOR) expose CustomEvent on global with CLI flag (Daeyeon
  Jeong) #43885
  * (SEMVER-MINOR) add `CustomEvent` (Daeyeon Jeong) #43514
* http:
  * (SEMVER-MINOR) add drop request event for http server (theanarkh)
  #43806
* lib:
  * (SEMVER-MINOR) improved diagnostics_channel subscribe/unsubscribe
  (Stephen Belanger) #42714
* util:
  * (SEMVER-MINOR) add tokens to parseArgs (John Gee) #43459

PR-URL: #43993
danielleadams added a commit to nodejs/nodejs.org that referenced this pull request Jul 26, 2022
danielleadams added a commit to nodejs/nodejs.org that referenced this pull request Jul 26, 2022
Fyko pushed a commit to Fyko/node that referenced this pull request Sep 15, 2022
Notable changes:

* doc:
  * add F3n67u to collaborators (Feng Yu) nodejs#43953
  * deprecate coercion to integer in process.exit (Daeyeon Jeong)
  nodejs#43738
  * (SEMVER-MINOR) deprecate diagnostics_channel object subscribe method
  (Stephen Belanger) nodejs#42714
* events:
  * (SEMVER-MINOR) expose CustomEvent on global with CLI flag (Daeyeon
  Jeong) nodejs#43885
  * (SEMVER-MINOR) add `CustomEvent` (Daeyeon Jeong) nodejs#43514
* http:
  * (SEMVER-MINOR) add drop request event for http server (theanarkh)
  nodejs#43806
* lib:
  * (SEMVER-MINOR) improved diagnostics_channel subscribe/unsubscribe
  (Stephen Belanger) nodejs#42714
* util:
  * (SEMVER-MINOR) add tokens to parseArgs (John Gee) nodejs#43459

PR-URL: nodejs#43993
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
meta Issues and PRs related to the general management of the project. release Issues and PRs related to Node.js releases. tools Issues and PRs related to the tools directory. v18.x Issues that can be reproduced on v18.x or PRs targeting the v18.x-staging branch.
Projects
None yet
Development

Successfully merging this pull request may close these issues.