chore(deps): update node.js to v19.7.0
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
node | image | minor |
19.6.0 -> 19.7.0
|
Release Notes
nodejs/node
v19.7.0
Notable Changes
- [
60a612607e
] - deps: upgrade npm to 9.5.0 (npm team) #46673 - [
7d6c27eab1
] - deps: add ada as a dependency (Yagiz Nizipli) #46410 - [
a79a8bf85a
] - doc: add debadree25 to collaborators (Debadree Chatterjee) #46716 - [
0c2c322ee6
] - doc: add deokjinkim to collaborators (Deokjin Kim) #46444 - [
9b23309f53
] - doc,lib,src,test: rename --test-coverage (Colin Ihrig) #46017 - [
8590eb4830
] - (SEMVER-MINOR) lib: add aborted() utility function (Debadree Chatterjee) #46494 - [
164bfe82cc
] - (SEMVER-MINOR) src: add initial support for single executable applications (Darshan Sen) #45038 - [
f3908411fd
] - (SEMVER-MINOR) src: allow optional Isolate termination in node::Stop() (Shelley Vohr) #46583 - [
c34bac2fed
] - (SEMVER-MINOR) src: allow blobs in addition toFILE*
s in embedder snapshot API (Anna Henningsen) #46491 - [
683a1f8f3e
] - (SEMVER-MINOR) src: allow snapshotting from the embedder API (Anna Henningsen) #45888 - [
658d2f4710
] - (SEMVER-MINOR) src: make build_snapshot a per-Isolate option, rather than a global one (Anna Henningsen) #45888 - [
6801d3753c
] - (SEMVER-MINOR) src: add snapshot support for embedder API (Anna Henningsen) #45888 - [
e77d538d32
] - (SEMVER-MINOR) src: allow embedder control of code generation policy (Shelley Vohr) #46368 - [
633d3f292d
] - (SEMVER-MINOR) stream: add abort signal for ReadableStream and WritableStream (Debadree Chatterjee) #46273 - [
6119289251
] - test_runner: add initial code coverage support (Colin Ihrig) #46017 - [
a51fe3c663
] - url: replace url-parser with ada (Yagiz Nizipli) #46410
Commits
- [
731a7ae9da
] - async_hooks: add async local storage propagation benchmarks (Chengzhong Wu) #46414 - [
05ad792a07
] - async_hooks: remove experimental onPropagate option (James M Snell) #46386 - [
6b21170b10
] - benchmark: add trailing commas inbenchmark/path
(Antoine du Hamel) #46628 - [
4b89ec409f
] - benchmark: add trailing commas inbenchmark/http
(Antoine du Hamel) #46609 - [
ff95eb7386
] - benchmark: add trailing commas inbenchmark/crypto
(Antoine du Hamel) #46553 - [
638d9b8d4b
] - benchmark: add trailing commas inbenchmark/url
(Antoine du Hamel) #46551 - [
7524871a9b
] - benchmark: add trailing commas inbenchmark/http2
(Antoine du Hamel) #46552 - [
9d9b3f856f
] - benchmark: add trailing commas inbenchmark/process
(Antoine du Hamel) #46481 - [
6c69ad6d43
] - benchmark: add trailing commas inbenchmark/misc
(Antoine du Hamel) #46474 - [
7f8b292bee
] - benchmark: add trailing commas inbenchmark/buffers
(Antoine du Hamel) #46473 - [
897e3c2782
] - benchmark: add trailing commas inbenchmark/module
(Antoine du Hamel) #46461 - [
7760d40c04
] - benchmark: add trailing commas inbenchmark/net
(Antoine du Hamel) #46439 - [
8b88d605ca
] - benchmark: add trailing commas inbenchmark/util
(Antoine du Hamel) #46438 - [
2c8c9f978d
] - benchmark: add trailing commas inbenchmark/async_hooks
(Antoine du Hamel) #46424 - [
b364b9bd60
] - benchmark: add trailing commas inbenchmark/fs
(Antoine du Hamel) #46426 - [
e15ddba7e7
] - build: add GitHub Action for coverage with --without-intl (Rich Trott) #37954 - [
c781a48097
] - build: do not disable inspector when intl is disabled (Rich Trott) #37954 - [
b4deb2fcd5
] - crypto: don't assume FIPS is disabled by default (Michael Dawson) #46532 - [
60a612607e
] - deps: upgrade npm to 9.5.0 (npm team) #46673 - [
6c997035fc
] - deps: update corepack to 0.16.0 (Node.js GitHub Bot) #46710 - [
2ed3875eee
] - deps: update undici to 5.20.0 (Node.js GitHub Bot) #46711 - [
20cb13bf7f
] - deps: update ada to v1.0.1 (Yagiz Nizipli) #46550 - [
c0983cfc06
] - deps: copypostject-api.h
andLICENSE
to thedeps
folder (Darshan Sen) #46582 - [
7d6c27eab1
] - deps: add ada as a dependency (Yagiz Nizipli) #46410 - [
7e7e2d037b
] - deps: update c-ares to 1.19.0 (Michaël Zasso) #46415 - [
a79a8bf85a
] - doc: add debadree25 to collaborators (Debadree Chatterjee) #46716 - [
6a8b04d709
] - doc: move bcoe to emeriti (Benjamin Coe) #46703 - [
a0a6ee0f54
] - doc: add response.strictContentLength to documentation (Marco Ippolito) #46627 - [
ffdd64dce3
] - doc: remove unused functions from example ofstreamConsumers.text
(Deokjin Kim) #46581 - [
c771d66864
] - doc: fix test runner examples (Richie McColl) #46565 - [
375bb22df9
] - doc: update test concurrency description / default values (richiemccoll) #46457 - [
a7beac04ba
] - doc: enrich test command with executable (Tony Gorez) #44347 - [
aef57cd290
] - doc: fix wrong location ofrequestTimeout
's default value (Deokjin Kim) #46423 - [
0c2c322ee6
] - doc: add deokjinkim to collaborators (Deokjin Kim) #46444 - [
31d3e3c486
] - doc: fix -C flag usage (三咲智子 Kevin Deng) #46388 - [
905a6756a3
] - doc: add note about major release rotation (Rafael Gonzaga) #46436 - [
33a98c42fa
] - doc: update threat model based on discussions (Michael Dawson) #46373 - [
9b23309f53
] - doc,lib,src,test: rename --test-coverage (Colin Ihrig) #46017 - [
f192b83800
] - esm: misc test refactors (Geoffrey Booth) #46631 - [
7f2cdd36cf
] - http: add note about clientError event (Paolo Insogna) #46584 - [
d8c527f24f
] - http: use v8::Array::New() with a prebuilt vector (Joyee Cheung) #46447 - [
fa600fe003
] - lib: add trailing commas ininternal/process
(Antoine du Hamel) #46687 - [
4aebee63f0
] - lib: do not crash using workers with disabled shared array buffers (Ruben Bridgewater) #41023 - [
a740908588
] - lib: delete module findPath unused params (sinkhaha) #45371 - [
8b46c763d9
] - lib: enforce use of trailing commas in more files (Antoine du Hamel) #46655 - [
aae0020e27
] - lib: enforce use of trailing commas for functions (Antoine du Hamel) #46629 - [
da9ebaf138
] - lib: predeclare Event.isTrusted prop descriptor (Santiago Gimeno) #46527 - [
35570e970e
] - lib: tightenAbortSignal.prototype.throwIfAborted
implementation (Antoine du Hamel) #46521 - [
8590eb4830
] - (SEMVER-MINOR) lib: add aborted() utility function (Debadree Chatterjee) #46494 - [
5d1a729f76
] - meta: update AUTHORS (Node.js GitHub Bot) #46624 - [
cb9b9ad879
] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #46513 - [
17b82c85d9
] - meta: update AUTHORS (Node.js GitHub Bot) #46504 - [
bb14a2b098
] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #46411 - [
152a3c7d1d
] - process: print versions by sort (Himself65) #46428 - [
164bfe82cc
] - (SEMVER-MINOR) src: add initial support for single executable applications (Darshan Sen) #45038 - [
f3908411fd
] - (SEMVER-MINOR) src: allow optional Isolate termination in node::Stop() (Shelley Vohr) #46583 - [
bdba600d32
] - src: remove icu usage from node_string.cc (Yagiz Nizipli) #46548 - [
31fb2e22a0
] - src: add fflush() to SnapshotData::ToFile() (Anna Henningsen) #46531 - [
c34bac2fed
] - (SEMVER-MINOR) src: allow blobs in addition toFILE*
s in embedder snapshot API (Anna Henningsen) #46491 - [
c3325bfc0d
] - src: make edge names in BaseObjects more descriptive in heap snapshots (Joyee Cheung) #46492 - [
3c5db8f419
] - src: avoid leaking snapshot fp on error (Tobias Nießen) #46497 - [
1a808a4aad
] - src: check return value of ftell() (Tobias Nießen) #46495 - [
f72f643549
] - src: remove unused includes from main thread (Yagiz Nizipli) #46471 - [
60c2a863da
] - src: use string_view instead of std::string& (Yagiz Nizipli) #46471 - [
f35f6d2218
] - src: use simdutf utf8 to utf16 instead of icu (Yagiz Nizipli) #46471 - [
00b81c7afe
] - src: replace icu with simdutf for char counts (Yagiz Nizipli) #46472 - [
683a1f8f3e
] - (SEMVER-MINOR) src: allow snapshotting from the embedder API (Anna Henningsen) #45888 - [
658d2f4710
] - (SEMVER-MINOR) src: make build_snapshot a per-Isolate option, rather than a global one (Anna Henningsen) #45888 - [
6801d3753c
] - (SEMVER-MINOR) src: add snapshot support for embedder API (Anna Henningsen) #45888 - [
95065c3185
] - src: add additional utilities to crypto::SecureContext (James M Snell) #45912 - [
efc59d0843
] - src: add KeyObjectHandle::HasInstance (James M Snell) #45912 - [
a8a2d0e2b1
] - src: add GetCurrentCipherName/Version to crypto_common (James M Snell) #45912 - [
6cf860d3d6
] - src: back snapshot I/O with a std::vector sink (Joyee Cheung) #46463 - [
e77d538d32
] - (SEMVER-MINOR) src: allow embedder control of code generation policy (Shelley Vohr) #46368 - [
7756438c81
] - stream: add trailing commas in webstream source files (Antoine du Hamel) #46685 - [
6b64a945c6
] - stream: add trailing commas in stream source files (Antoine du Hamel) #46686 - [
633d3f292d
] - (SEMVER-MINOR) stream: add abort signal for ReadableStream and WritableStream (Debadree Chatterjee) #46273 - [
f91260b32a
] - stream: refactor to usevalidateAbortSignal
(Antoine du Hamel) #46520 - [
6bf7388b62
] - stream: allow transfer of readable byte streams (MrBBot) #45955 - [
c2068537fa
] - stream: add pipeline() for webstreams (Debadree Chatterjee) #46307 - [
4cf4b41c56
] - stream: add suport for abort signal in finished() for webstreams (Debadree Chatterjee) #46403 - [
b844a09fa5
] - stream: dont access Object.prototype.type during TransformStream init (Debadree Chatterjee) #46389 - [
6ad01fd7b5
] - test: fixtest-net-autoselectfamily
for kernel without IPv6 support (Livia Medeiros) #45856 - [
2239e24306
] - test: fix assertions in test-snapshot-dns-lookup* (Tobias Nießen) #46618 - [
c4ca98e786
] - test: cover publicExponent validation in OpenSSL (Tobias Nießen) #46632 - [
e60d3f2b1d
] - test: add WPTRunner support for variants and generating WPT reports (Filip Skokan) #46498 - [
217f2f6e2a
] - test: add trailing commas intest/pummel
(Antoine du Hamel) #46610 - [
641e1771c8
] - test: enable api-invalid-label.any.js in encoding WPTs (Filip Skokan) #46506 - [
89aa161173
] - test: fix tap parser fails if a test logs a number (Pulkit Gupta) #46056 - [
faba8d4a30
] - test: add trailing commas intest/js-native-api
(Antoine du Hamel) #46385 - [
d556ccdd26
] - test: make more crypto tests work with BoringSSL (Shelley Vohr) #46429 - [
c7f29b24a6
] - test: add trailing commas intest/known_issues
(Antoine du Hamel) #46408 - [
a66e7ca6c5
] - test: add trailing commas intest/internet
(Antoine du Hamel) #46407 - [
0f75633086
] - test,crypto: update WebCryptoAPI WPT (Filip Skokan) #46575 - [
ddf5002782
] - test_runner: parse non-ascii character correctly (Mert Can Altın) #45736 - [
5b748114d2
] - test_runner: allow nesting test within describe (Moshe Atlow) #46544 - [
c526f9f70a
] - test_runner: fix missing test diagnostics (Moshe Atlow) #46450 - [
b31aabb101
] - test_runner: top-level diagnostics not ommited when running with --test (Pulkit Gupta) #46441 - [
6119289251
] - test_runner: add initial code coverage support (Colin Ihrig) #46017 - [
6f24f0621e
] - timers: cleanup no-longer relevant TODOs in timers/promises (James M Snell) #46499 - [
1cd22e7d19
] - tools: fix bug inprefer-primordials
lint rule (Antoine du Hamel) #46659 - [
87df34ac28
] - tools: fix update-ada script (Yagiz Nizipli) #46550 - [
f62b58a623
] - tools: add a daily wpt.fyi synchronized report upload (Filip Skokan) #46498 - [
803f00aa32
] - tools: update eslint to 8.34.0 (Node.js GitHub Bot) #46625 - [
f87216bdb2
] - tools: update lint-md-dependencies to rollup@3.15.0 to-vfile@7.2.4 (Node.js GitHub Bot) #46623 - [
8ee9e48560
] - tools: update doc to remark-html@15.0.2 to-vfile@7.2.4 (Node.js GitHub Bot) #46622 - [
148c5d9239
] - tools: update lint-md-dependencies to rollup@3.13.0 vfile-reporter@7.0.5 (Node.js GitHub Bot) #46503 - [
51c6c61a58
] - tools: update ESLint custom rules to not use the deprecated format (Antoine du Hamel) #46460 - [
a51fe3c663
] - url: replace url-parser with ada (Yagiz Nizipli) #46410 - [
129c9e7180
] - url: remove unusedURL::ToFilePath()
(Yagiz Nizipli) #46487 - [
9a604d67c3
] - url: remove unusedURL::toObject
(Yagiz Nizipli) #46486 - [
d6fbebda54
] - url: remove unusedsetURLConstructor
function (Yagiz Nizipli) #46485 - [
17b3ee33c2
] - vm: properly support symbols on globals (Nicolas DUBIEN) #46458
v19.6.1
This is a security release.
Notable Changes
The following CVEs are fixed in this release:
- CVE-2023-23919: OpenSSL errors not cleared in error stack (Medium)
-
CVE-2023-23918: Experimental Policies bypass via
process.mainModule.require
(High) - CVE-2023-23920: Insecure loading of ICU data through ICU_DATA environment variable (Low)
More detailed information on each of the vulnerabilities can be found in February 2023 Security Releases blog post.
This security release includes OpenSSL security updates as outlined in the recent
OpenSSL security advisory and undici
security update.
Commits
- [
97d9d55d2f
] - build: build ICU with ICU_NO_USER_DATA_OVERRIDE (RafaelGSS) nodejs-private/node-private#374 - [
8ac90e6372
] - crypto: clear OpenSSL error on invalid ca cert (RafaelGSS) nodejs-private/node-private#368 - [
10a4c47e3a
] - deps: update undici to 5.19.1 (Node.js GitHub Bot) #46634 - [
b10fc75e4a
] - deps: update undici to 5.18.0 (Node.js GitHub Bot) #46502 - [
e9b64ea8b9
] - deps: update undici to 5.17.1 (Node.js GitHub Bot) #46502 - [
66a24cec47
] - deps: cherry-pick Windows ARM64 fix for openssl (Richard Lau) #46573 - [
d8559aa6f5
] - deps: update archs files for quictls/openssl-3.0.8+quic (RafaelGSS) #46573 - [
dc477f547d
] - deps: upgrade openssl sources to quictls/openssl-3.0.8+quic (RafaelGSS) #46573 - [
2aae197670
] - lib: makeRequireFunction patch when experimental policy (RafaelGSS) nodejs-private/node-private#358 - [
6d17b693ec
] - policy: makeRequireFunction on mainModule.require (RafaelGSS) nodejs-private/node-private#358
Configuration
-
If you want to rebase/retry this MR, click this checkbox.
This MR has been generated by Renovate Bot.
Edited by Kubitus Bot