The NetBSD Project

CVS log for pkgsrc/lang/nodejs/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / lang / nodejs

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.281 / (download) - annotate - [select for diffs], Thu Nov 23 16:57:37 2023 UTC (8 days, 13 hours ago) by jperkin
Branch: MAIN
CVS Tags: HEAD
Changes since 1.280: +2 -3 lines
Diff to previous 1.280 (colored)

nodejs*: Consolidate and fix python includes.

Ensures that PYTHON_FOR_BUILD_ONLY is set prior to including pyversion.mk,
and ensures python and its dependencies are not buildlinked.

Revision 1.280 / (download) - annotate - [select for diffs], Wed Nov 15 18:13:05 2023 UTC (2 weeks, 2 days ago) by adam
Branch: MAIN
Changes since 1.279: +2 -3 lines
Diff to previous 1.279 (colored)

nodejs: updated to 21.2.0

Version 21.2.0 (Current)

Notable Changes

- doc: add MrJithil to collaborators (Jithil P Ponnan)
- doc: add Ethan-Arrowood as a collaborator (Ethan Arrowood)
- (SEMVER-MINOR) esm: add import.meta.dirname and import.meta.filename (James Sumners)
- fs: add stacktrace to fs/promises (翠/ green)
- (SEMVER-MINOR) lib: add --no-experimental-global-navigator CLI flag (Antoine du Hamel)
- (SEMVER-MINOR) lib: add navigator.language & navigator.languages (Aras Abbasi)
- (SEMVER-MINOR) lib: add navigator.platform (Aras Abbasi)
- (SEMVER-MINOR) stream: add support for deflate-raw format to webstreams compression (Damian Krzeminski)
- stream: use Array for Readable buffer (Robert Nagy)
- stream: optimize creation (Robert Nagy)
- (SEMVER-MINOR) test_runner: adds built in lcov reporter (Phil Nash)
- (SEMVER-MINOR) test_runner: add Date to the supported mock APIs (Lucas Santos)
- (SEMVER-MINOR) test_runner, cli: add --test-timeout flag (Shubham Pandey)

Revision 1.279 / (download) - annotate - [select for diffs], Wed Nov 8 13:19:50 2023 UTC (3 weeks, 2 days ago) by wiz
Branch: MAIN
Changes since 1.278: +2 -1 lines
Diff to previous 1.278 (colored)

*: recursive bump for icu 74.1

Revision 1.278 / (download) - annotate - [select for diffs], Thu Nov 2 13:18:15 2023 UTC (4 weeks, 1 day ago) by adam
Branch: MAIN
Changes since 1.277: +2 -3 lines
Diff to previous 1.277 (colored)

nodejs: updated to 21.1.0

Version 21.1.0 (Current)

Notable Changes

Automatically detect and run ESM syntax

The new flag --experimental-detect-module can be used to automatically run ES modules when their syntax can be detected. For mbiguousfiles, which are .js or extensionless files with no package.json with a type field, Node.js will parse the file to detect ES module syntax; if found, it will run the file as an ES module, otherwise it will run the file as a CommonJS module. The same applies to string input via --eval or STDIN.

We hope to make detection enabled by default in a future version of Node.js. Detection increases startup time, so we encourage everyone especially package authors to add a type field to package.json, even for the default "type": "commonjs". The presence of a type field, or explicit extensions such as .mjs or .cjs, will opt out of detection.


vm: fix V8 compilation cache support for vm.Script

Previously repeated compilation of the same source code using vm.Script stopped hitting the V8 compilation cache after v16.x when support for importModuleDynamically was added to vm.Script, resulting in a performance regression that blocked users (in particular Jest users) from upgrading from v16.x.

The recent fixes landed in v21.1.0 allow the compilation cache to be hit again for vm.Script when --experimental-vm-modules is not used even in the presence of the importModuleDynamically option, so that users affected by the performance regression can now upgrade. Ongoing work is also being done to enable compilation cache support for vm.CompileFunction.

Revision 1.277 / (download) - annotate - [select for diffs], Tue Oct 24 22:09:37 2023 UTC (5 weeks, 3 days ago) by wiz
Branch: MAIN
Changes since 1.276: +2 -2 lines
Diff to previous 1.276 (colored)

*: bump for openssl 3

Revision 1.276 / (download) - annotate - [select for diffs], Mon Oct 23 06:37:47 2023 UTC (5 weeks, 5 days ago) by wiz
Branch: MAIN
Changes since 1.275: +4 -3 lines
Diff to previous 1.275 (colored)

*: update for Python base package change

Instead of depending on one of the removed packages (that are now included
in the base Python packages), include batteries-included.mk to require
a Python version that supplies them.

Remove now included packages.

Bump PKGREVISION.

Revision 1.275 / (download) - annotate - [select for diffs], Mon Oct 16 19:15:17 2023 UTC (6 weeks, 4 days ago) by adam
Branch: MAIN
Changes since 1.274: +2 -2 lines
Diff to previous 1.274 (colored)

nodejs: updated to 20.8.1

Version 20.8.1 (Current)

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

CVE-2023-44487: nghttp2 Security Release (High)
CVE-2023-45143: undici Security Release (High)
CVE-2023-39332: Path traversal through path stored in Uint8Array (High)
CVE-2023-39331: Permission model improperly protects against path traversal (High)
CVE-2023-38552: Integrity checks according to policies can be circumvented (Medium)
CVE-2023-39333: Code injection via WebAssembly export names (Low)

Revision 1.274 / (download) - annotate - [select for diffs], Sun Oct 1 16:00:13 2023 UTC (2 months ago) by adam
Branch: MAIN
Changes since 1.273: +2 -2 lines
Diff to previous 1.273 (colored)

nodejs: updated to 20.8.0

Version 20.8.0 (Current)

Notable Changes

Stream performance improvements

Performance improvements to writable and readable streams, improving the creation and destruction by ±15% and reducing the memory overhead each stream takes in Node.js

Performance improvements for readable webstream, improving readable stream async iterator consumption by ±140% and improving readable stream pipeTo consumption by ±60%

Rework of memory management in vm APIs with the importModuleDynamically option

This rework addressed a series of long-standing memory leaks and use-after-free issues in the following APIs that support importModuleDynamically:

vm.Script
vm.compileFunction
vm.SyntheticModule
vm.SourceTextModule
This should enable affected users to upgrade from older versions of Node.js.

Revision 1.273 / (download) - annotate - [select for diffs], Wed Sep 20 11:21:59 2023 UTC (2 months, 1 week ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2023Q3-base, pkgsrc-2023Q3
Changes since 1.272: +2 -2 lines
Diff to previous 1.272 (colored)

nodejs: updated to 20.7.0

Version 20.7.0 (Current)

Notable Changes

- src: support multiple --env-file declarations (Yagiz Nizipli)
- crypto: update root certificates to NSS 3.93 (Node.js GitHub Bot)
- deps: upgrade npm to 10.1.0 (npm team)
- (SEMVER-MINOR) deps: upgrade npm to 10.0.0 (npm team)
- doc: move and rename loaders section (Geoffrey Booth)
- doc: add release key for Ulises Gascon (Ulises Gascón)
- (SEMVER-MINOR) lib: add api to detect whether source-maps are enabled (/ green)
- src,permission: add multiple allow-fs-* flags (Carlos Espa)
- (SEMVER-MINOR) test_runner: expose location of tests (Colin Ihrig)

Revision 1.272 / (download) - annotate - [select for diffs], Wed Sep 13 09:55:45 2023 UTC (2 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.271: +2 -2 lines
Diff to previous 1.271 (colored)

nodejs: updated to 20.6.1

Version 20.6.1 (Current)
esm: fix loading of CJS modules from ESM

Revision 1.271 / (download) - annotate - [select for diffs], Wed Sep 6 19:28:20 2023 UTC (2 months, 3 weeks ago) by adam
Branch: MAIN
Changes since 1.270: +2 -3 lines
Diff to previous 1.270 (colored)

nodejs: updated to 20.6.0

Version 20.6.0 (Current)

Notable changes

built-in .env file support

Starting from Node.js v20.6.0, Node.js supports .env files for configuring environment variables.

Your configuration file should follow the INI file format, with each line containing a key-value pair for an environment variable. To initialize your Node.js application with predefined configurations, use the following CLI command: node --env-file=config.env index.js.

For example, you can access the following environment variable using process.env.PASSWORD when your application is initialized:

PASSWORD=nodejs
In addition to environment variables, this change allows you to define your NODE_OPTIONS directly in the .env file, eliminating the need to include it in your package.json.


import.meta.resolve unflagged

In ES modules, import.meta.resolve(specifier) can be used to get an absolute URL string to which specifier resolves, similar to require.resolve in CommonJS. This aligns Node.js with browsers and other server-side runtimes.


New node:module API register for module customization hooks; new initialize hook

There is a new API register available on node:module to specify a file that exports module customization hooks, and pass data to the hooks, and establish communication channels with them. The efine the file with the hookspart was previously handled by a flag --experimental-loader, but when the hooks moved into a dedicated thread in 20.0.0 there was a need to provide a way to communicate between the main (application) thread and the hooks thread. This can now be done by calling register from the main thread and passing data, including MessageChannel instances.

We encourage users to migrate to an approach that uses --import with register, such as:

node --import ./file-that-calls-register.js ./app.js
Using --import ensures that the customization hooks are registered before any application code runs, even the entry point.


Module customization load hook can now support CommonJS

Revision 1.270 / (download) - annotate - [select for diffs], Mon Aug 14 05:24:45 2023 UTC (3 months, 2 weeks ago) by wiz
Branch: MAIN
Changes since 1.269: +2 -1 lines
Diff to previous 1.269 (colored)

*: recursive bump for Python 3.11 as new default

Revision 1.269 / (download) - annotate - [select for diffs], Fri Aug 11 05:25:17 2023 UTC (3 months, 3 weeks ago) by adam
Branch: MAIN
Changes since 1.268: +2 -2 lines
Diff to previous 1.268 (colored)

nodejs: updated to 20.5.1

Version 20.5.1 (Current)

Notable Changes

The following CVEs are fixed in this release:

CVE-2023-32002: Policies can be bypassed via Module._load (High)
CVE-2023-32558: process.binding() can bypass the permission model through path traversal (High)
CVE-2023-32004: Permission model can be bypassed by specifying a path traversal sequence in a Buffer (High)
CVE-2023-32006: Policies can be bypassed by module.constructor.createRequire (Medium)
CVE-2023-32559: Policies can be bypassed via process.binding (Medium)
CVE-2023-32005: fs.statfs can bypass the permission model (Low)
CVE-2023-32003: fs.mkdtemp() and fs.mkdtempSync() can bypass the permission model (Low)
OpenSSL Security Releases

Revision 1.268 / (download) - annotate - [select for diffs], Tue Jul 25 06:42:43 2023 UTC (4 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.267: +2 -3 lines
Diff to previous 1.267 (colored)

nodejs: updated to 20.5.0

Version 20.5.0 (Current)

Notable Changes

doc: add atlowChemi to collaborators (atlowChemi)
(SEMVER-MINOR) events: allow safely adding listener to abortSignal (Chemi Atlow)
fs: add a fast-path for readFileSync utf-8 (Yagiz Nizipli)
(SEMVER-MINOR) test_runner: add shards support (Raz Luvaton)

Revision 1.267 / (download) - annotate - [select for diffs], Tue Jul 18 18:25:29 2023 UTC (4 months, 2 weeks ago) by nia
Branch: MAIN
Changes since 1.266: +3 -2 lines
Diff to previous 1.266 (colored)

lang: Adapt packages to USE_(CC|CXX)_FEATURES where possible

Revision 1.266 / (download) - annotate - [select for diffs], Tue Jul 11 06:13:10 2023 UTC (4 months, 3 weeks ago) by adam
Branch: MAIN
Changes since 1.265: +2 -1 lines
Diff to previous 1.265 (colored)

revbump after nghttp3/ngtcp2 update

Revision 1.265 / (download) - annotate - [select for diffs], Thu Jul 6 10:02:08 2023 UTC (4 months, 3 weeks ago) by adam
Branch: MAIN
Changes since 1.264: +2 -2 lines
Diff to previous 1.264 (colored)

nodejs: updated to 20.4.0

Version 20.4.0 (Current)

Notable Changes

Mock Timers
Support to the explicit resource management proposal
crypto: update root certificates to NSS 3.90
doc: add vmoroz to collaborators
doc: add kvakil to collaborators
(SEMVER-MINOR) tls: add ALPNCallback server option for dynamic ALPN negotiation

Revision 1.264 / (download) - annotate - [select for diffs], Wed Jun 21 15:13:43 2023 UTC (5 months, 1 week ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2023Q2-base, pkgsrc-2023Q2
Changes since 1.263: +2 -2 lines
Diff to previous 1.263 (colored)

nodejs: updated to 20.3.1

Version 20.3.1 (Current)

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

CVE-2023-30581: mainModule.__proto__ Bypass Experimental Policy Mechanism (High)
CVE-2023-30584: Path Traversal Bypass in Experimental Permission Model (High)
CVE-2023-30587: Bypass of Experimental Permission Model via Node.js Inspector (High)
CVE-2023-30582: Inadequate Permission Model Allows Unauthorized File Watching (Medium)
CVE-2023-30583: Bypass of Experimental Permission Model via fs.openAsBlob() (Medium)
CVE-2023-30585: Privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process (Medium)
CVE-2023-30586: Bypass of Experimental Permission Model via Arbitrary OpenSSL Engines (Medium)
CVE-2023-30588: Process interuption due to invalid Public Key information in x509 certificates (Medium)
CVE-2023-30589: HTTP Request Smuggling via Empty headers separated by CR (Medium)
CVE-2023-30590: DiffieHellman does not generate keys after setting a private key (Medium)
OpenSSL Security Releases
OpenSSL security advisory 28th March.
OpenSSL security advisory 20th April.
OpenSSL security advisory 30th May

Revision 1.263 / (download) - annotate - [select for diffs], Tue Jun 13 15:45:55 2023 UTC (5 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.262: +2 -2 lines
Diff to previous 1.262 (colored)

nodejs: updated to 20.3.0

Version 20.3.0 (Current)

Notable Changes

- deps: upgrade to libuv 1.45.0, including significant performance improvements to file system operations on Linux (Santiago Gimeno)
- doc: add Ruy Adorno to list of TSC members (Michael Dawson)
- doc: mark Node.js 14 as End-of-Life (Richard Lau)
- (SEMVER-MINOR) lib: implement AbortSignal.any() (Chemi Atlow)
- module: change default resolver to not throw on unknown scheme (Gil Tayar)
- (SEMVER-MINOR) node-api: define version 9 (Chengzhong Wu)
- stream: deprecate asIndexedPairs (Chemi Atlow)

Revision 1.262 / (download) - annotate - [select for diffs], Tue Jun 6 12:41:44 2023 UTC (5 months, 3 weeks ago) by riastradh
Branch: MAIN
Changes since 1.261: +2 -2 lines
Diff to previous 1.261 (colored)

Mass-change BUILD_DEPENDS to TOOL_DEPENDS outside mk/.

Almost all uses, if not all of them, are wrong, according to the
semantics of BUILD_DEPENDS (packages built for target available for
use _by_ tools at build-time) and TOOL_DEPEPNDS (packages built for
host available for use _as_ tools at build-time).

No change to BUILD_DEPENDS as used correctly inside buildlink3.

As proposed on tech-pkg:
https://mail-index.netbsd.org/tech-pkg/2023/06/03/msg027632.html

Revision 1.261 / (download) - annotate - [select for diffs], Wed May 17 15:55:05 2023 UTC (6 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.260: +2 -2 lines
Diff to previous 1.260 (colored)

nodejs: updated to 20.2.0

Version 20.2.0 (Current)

doc: add ovflowd to collaborators (Claudio Wunder)
(SEMVER-MINOR) http: prevent writing to the body when not allowed by HTTP spec (Gerrard Lindsay)
(SEMVER-MINOR) sea: add option to disable the experimental SEA warning (Darshan Sen)
(SEMVER-MINOR) test_runner: add skip, todo, and only shorthands to test (Chemi Atlow)
(SEMVER-MINOR) url: add value argument to URLSearchParams has and delete methods (Sankalp Shubham)

Revision 1.260 / (download) - annotate - [select for diffs], Thu May 4 16:45:26 2023 UTC (6 months, 4 weeks ago) by adam
Branch: MAIN
Changes since 1.259: +2 -2 lines
Diff to previous 1.259 (colored)

nodejs: updated to 20.1.0

Version 20.1.0 (Current)

Notable Changes

- assert: deprecate CallTracker (Moshe Atlow)
- crypto: update root certificates to NSS 3.89 (Node.js GitHub Bot)
- (SEMVER-MINOR) dns: expose getDefaultResultOrder (btea)
- doc: add KhafraDev to collaborators (Matthew Aitken)
- (SEMVER-MINOR) fs: add recursive option to readdir and opendir (Ethan Arrowood)
- (SEMVER-MINOR) fs: add support for mode flag to specify the copy behavior of the cp methods (Tetsuharu Ohzeki)
- (SEMVER-MINOR) http: add highWaterMark option http.createServer (HinataKah0)
- (SEMVER-MINOR) stream: preserve object mode in compose (Raz Luvaton)
- (SEMVER-MINOR) test_runner: add testNamePatterns to run API (Chemi Atlow)
- (SEMVER-MINOR) test_runner: execute before hook on test (Chemi Atlow)
- (SEMVER-MINOR) test_runner: support combining coverage reports (Colin Ihrig)
- (SEMVER-MINOR) wasi: make returnOnExit true by default (Michael Dawson)

Revision 1.259 / (download) - annotate - [select for diffs], Wed May 3 14:03:09 2023 UTC (6 months, 4 weeks ago) by nikita
Branch: MAIN
Changes since 1.258: +2 -3 lines
Diff to previous 1.258 (colored)

nodejs: update to version 20.0.0

Changelog:

2023-04-18, Version 20.0.0 (Current), @RafaelGSS

We're excited to announce the release of Node.js 20! Highlights include the new Node.js Permission Model, a synchronous import.meta.resolve, a stable test_runner, updates of the V8 JavaScript engine to 11.3, Ada to 2.0, and more!

As a reminder, Node.js 20 will enter long-term support (LTS) in October, but until then, it will be the "Current" release for the next six months. We encourage you to explore the new features and benefits offered by this latest release and evaluate their potential impact on your applications.
Notable Changes
Permission Model

Node.js now has an experimental feature called the Permission Model. It allows developers to restrict access to specific resources during program execution, such as file system operations, child process spawning, and worker thread creation. The API exists behind a flag --experimental-permission which when enabled will restrict access to all available permissions. By using this feature, developers can prevent their applications from accessing or modifying sensitive data or running potentially harmful code. More information about the Permission Model can be found in the Node.js documentation.

The Permission Model was a contribution by Rafael Gonzaga in #44004.
Custom ESM loader hooks run on dedicated thread

ESM hooks supplied via loaders (--experimental-loader=foo.mjs) now run in a dedicated thread, isolated from the main thread. This provides a separate scope for loaders and ensures no cross-contamination between loaders and application code.

Synchronous import.meta.resolve()

In alignment with browser behavior, this function now returns synchronously. Despite this, user loader resolve hooks can still be defined as async functions (or as sync functions, if the author prefers). Even when there are async resolve hooks loaded, import.meta.resolve will still return synchronously for application code.

Contributed by Anna Henningsen, Antoine du Hamel, Geoffrey Booth, Guy Bedford, Jacob Smith, and Michaël Zasso in #44710
V8 11.3

The V8 engine is updated to version 11.3, which is part of Chromium 113. This version includes three new features to the JavaScript API:

    String.prototype.isWellFormed and toWellFormed
    Methods that change Array and TypedArray by copy
    Resizable ArrayBuffer and growable SharedArrayBuffer
    RegExp v flag with set notation + properties of strings
    WebAssembly Tail Call

The V8 update was a contribution by Michaël Zasso in #47251.
Stable Test Runner

The recent update to Node.js, version 20, includes an important change to the test_runner module. The module has been marked as stable after a recent update. Previously, the test_runner module was experimental, but this change marks it as a stable module that is ready for production use.

Contributed by Colin Ihrig in #46983
Ada 2.0

Node.js v20 comes with the latest version of the URL parser, Ada. This update brings significant performance improvements to URL parsing, including enhancements to the url.domainToASCII and url.domainToUnicode functions in node:url.

Ada 2.0 has been integrated into the Node.js codebase, ensuring that all parts of the application can benefit from the improved performance. Additionally, Ada 2.0 features a significant performance boost over its predecessor, Ada 1.0.4, while also eliminating the need for the ICU requirement for URL hostname parsing.

Contributed by Yagiz Nizipli and Daniel Lemire in #47339
Preparing single executable apps now requires injecting a Blob

Building a single executable app now requires injecting a blob prepared by Node.js from a JSON config instead of injecting the raw JS file. This opens up the possibility of embedding multiple co-existing resources into the SEA (Single Executable Apps).

Contributed by Joyee Cheung in #47125
Web Crypto API

Web Crypto API functions' arguments are now coerced and validated as per their WebIDL definitions like in other Web Crypto API implementations. This further improves interoperability with other implementations of Web Crypto API.

This change was made by Filip Skokan in #46067.
Official support for ARM64 Windows

Node.js now includes binaries for ARM64 Windows, allowing for native execution on the platform. The MSI, zip/7z packages, and executable are available from the Node.js download site along with all other platforms. The CI system was updated and all changes are now fully tested on ARM64 Windows, to prevent regressions and ensure compatibility.

ARM64 Windows was upgraded to tier 2 support by Stefan Stojanovic in #47233.
WASI version must now be specified

When new WASI() is called, the version option is now required and has no default value. Any code that relied on the default for the version will need to be updated to request a specific version.

This change was made by Michael Dawson in #47391.
Deprecations and Removals

    [3bed5f11e0] - (SEMVER-MAJOR) url: runtime-deprecate url.parse() with invalid ports (Rich Trott) #45526

url.parse() accepts URLs with ports that are not numbers. This behavior might result in host name spoofing with unexpected input. These URLs will throw an error in future versions of Node.js, as the WHATWG URL API does already. Starting with Node.js 20, these URLS cause url.parse() to emit a warning.
Semver-Major Commits

    [9fafb0a090] - (SEMVER-MAJOR) async_hooks: deprecate the AsyncResource.bind asyncResource property (James M Snell) #46432
    [1948d37595] - (SEMVER-MAJOR) buffer: check INSPECT_MAX_BYTES with validateNumber (Umuoy) #46599
    [7bc0e6a4e7] - (SEMVER-MAJOR) buffer: graduate File from experimental and expose as global (Khafra) #47153
    [671ffd7825] - (SEMVER-MAJOR) buffer: use min/max of validateNumber (Deokjin Kim) #45796
    [ab1614d280] - (SEMVER-MAJOR) build: reset embedder string to "-node.0" (Michaël Zasso) #47251
    [c1bcdbcf79] - (SEMVER-MAJOR) build: warn for gcc versions earlier than 10.1 (Richard Lau) #46806
    [649f68fc1e] - (SEMVER-MAJOR) build: reset embedder string to "-node.0" (Yagiz Nizipli) #45579
    [9374700d7a] - (SEMVER-MAJOR) crypto: remove DEFAULT_ENCODING (Tobias Nieen) #47182
    [1640aeb680] - (SEMVER-MAJOR) crypto: remove obsolete SSL_OP_* constants (Tobias Nieen) #47073
    [c2e4b1fa9a] - (SEMVER-MAJOR) crypto: remove ALPN_ENABLED (Tobias Nieen) #47028
    [3ef38c4bd7] - (SEMVER-MAJOR) crypto: use WebIDL converters in WebCryptoAPI (Filip Skokan) #46067
    [08af023b1f] - (SEMVER-MAJOR) crypto: runtime deprecate replaced rsa-pss keygen parameters (Filip Skokan) #45653
    [7eb0ac3cb6] - (SEMVER-MAJOR) deps: patch V8 to support compilation on win-arm64 (Michaël Zasso) #47251
    [a7c129f286] - (SEMVER-MAJOR) deps: silence irrelevant V8 warning (Michaël Zasso) #47251
    [6f5655a18e] - (SEMVER-MAJOR) deps: always define V8_EXPORT_PRIVATE as no-op (Michaël Zasso) #47251
    [f226350fcb] - (SEMVER-MAJOR) deps: update V8 to 11.3.244.4 (Michaël Zasso) #47251
    [d6dae7420e] - (SEMVER-MAJOR) deps: V8: cherry-pick f1c888e7093e (Michaël Zasso) #45579
    [56c436533e] - (SEMVER-MAJOR) deps: fix V8 build on Windows with MSVC (Michaël Zasso) #45579
    [51ab98c71b] - (SEMVER-MAJOR) deps: silence irrelevant V8 warning (Michaël Zasso) #45579
    [9f84d3eea8] - (SEMVER-MAJOR) deps: V8: fix v8-cppgc.h for MSVC (Jiawen Geng) #45579
    [f2318cd4b5] - (SEMVER-MAJOR) deps: fix V8 build issue with inline methods (Jiawen Geng) #45579
    [16e03e7968] - (SEMVER-MAJOR) deps: update V8 to 10.9.194.4 (Yagiz Nizipli) #45579
    [6473f5e7f7] - (SEMVER-MAJOR) doc: update toolchains used for Node.js 20 releases (Richard Lau) #47352
    [cc18fd9608] - (SEMVER-MAJOR) events: refactor to use validateNumber (Deokjin Kim) #45770
    [ff92b40ffc] - (SEMVER-MAJOR) http: close the connection after sending a body without declared length (Tim Perry) #46333
    [2a29df6464] - (SEMVER-MAJOR) http: keep HTTP/1.1 conns alive even if the Connection header is removed (Tim Perry) #46331
    [391dc74a10] - (SEMVER-MAJOR) http: throw error if options of http.Server is array (Deokjin Kim) #46283
    [ed3604cd64] - (SEMVER-MAJOR) http: server check Host header, to meet RFC 7230 5.4 requirement (wwwzbwcom) #45597
    [88d71dc301] - (SEMVER-MAJOR) lib: refactor to use min/max of validateNumber (Deokjin Kim) #45772
    [e4d641f02a] - (SEMVER-MAJOR) lib: refactor to use validators in http2 (Debadree Chatterjee) #46174
    [0f3e531096] - (SEMVER-MAJOR) lib: performance improvement on readline async iterator (Thiago Oliveira Santos) #41276
    [5b5898ac86] - (SEMVER-MAJOR) lib,src: update exit codes as per todos (Debadree Chatterjee) #45841
    [55321bafd1] - (SEMVER-MAJOR) net: enable autoSelectFamily by default (Paolo Insogna) #46790
    [2d0d99733b] - (SEMVER-MAJOR) process: remove process.exit(), process.exitCode coercion to integer (Daeyeon Jeong) #43716
    [dc06df31b6] - (SEMVER-MAJOR) readline: refactor to use validateNumber (Deokjin Kim) #45801
    [295b2f3ff4] - (SEMVER-MAJOR) src: update NODE_MODULE_VERSION to 115 (Michaël Zasso) #47251
    [3803b028dd] - (SEMVER-MAJOR) src: share common code paths for SEA and embedder script (Anna Henningsen) #46825
    [e8bddac3e9] - (SEMVER-MAJOR) src: apply ABI-breaking API simplifications (Anna Henningsen) #46705
    [f84de0ad4c] - (SEMVER-MAJOR) src: use uint32_t for process initialization flags enum (Anna Henningsen) #46427
    [a6242772ec] - (SEMVER-MAJOR) src: fix ArrayBuffer::Detach deprecation (Michaël Zasso) #45579
    [dd5c39a808] - (SEMVER-MAJOR) src: update NODE_MODULE_VERSION to 112 (Yagiz Nizipli) #45579
    [63eca7fec0] - (SEMVER-MAJOR) stream: validate readable defaultEncoding (Marco Ippolito) #46430
    [9e7093f416] - (SEMVER-MAJOR) stream: validate writable defaultEncoding (Marco Ippolito) #46322
    [fb91ee4f26] - (SEMVER-MAJOR) test: make trace-gc-flag tests less strict (Yagiz Nizipli) #45579
    [eca618071e] - (SEMVER-MAJOR) test: adapt test-v8-stats for V8 update (Michaël Zasso) #45579
    [c03354d3e0] - (SEMVER-MAJOR) test: test case for multiple res.writeHead and res.getHeader (Marco Ippolito) #45508
    [c733cc0c7f] - (SEMVER-MAJOR) test_runner: mark module as stable (Colin Ihrig) #46983
    [7ce223273d] - (SEMVER-MAJOR) tools: update V8 gypfiles for 11.1 (Michaël Zasso) #47251
    [ca4bd3023e] - (SEMVER-MAJOR) tools: update V8 gypfiles for 11.0 (Michaël Zasso) #47251
    [58b06a269a] - (SEMVER-MAJOR) tools: update V8 gypfiles (Michaël Zasso) #45579
    [027841c964] - (SEMVER-MAJOR) url: use private properties for brand check (Yagiz Nizipli) #46904
    [3bed5f11e0] - (SEMVER-MAJOR) url: runtime-deprecate url.parse() with invalid ports (Rich Trott) #45526
    [7c76fddf25] - (SEMVER-MAJOR) util,doc: mark parseArgs() as stable (Colin Ihrig) #46718
    [4b52727976] - (SEMVER-MAJOR) wasi: make version non-optional (Michael Dawson) #47391

Semver-Minor Commits

    [d4b440bfac] - (SEMVER-MINOR) fs: implement byob mode for readableWebStream() (Debadree Chatterjee) #46933
    [00c222593e] - (SEMVER-MINOR) src,process: add permission model (Rafael Gonzaga) #44004
    [978b57d750] - (SEMVER-MINOR) wasi: no longer require flag to enable wasi (Michael Dawson) #47286

Semver-Patch Commits

    [e50c6b9a22] - bootstrap: do not expand process.argv[1] for snapshot entry points (Joyee Cheung) #47466
    [c81e1143e4] - bootstrap: store internal loaders in C++ via a binding (Joyee Cheung) #47215
    [8e673bdb84] - build: add node-core-utils to setup (Jiawen Geng) #47442
    [5b561d72a6] - build: sync cares source change (Jiawen Geng) #47359
    [8e6ee53e4e] - build: remove non-exist build file (Jiawen Geng) #47361
    [9a4d21d1d9] - build, deps, tools: avoid excessive LTO (Konstantin Demin) #47313
    [48c01485cd] - crypto: replace THROW with CHECK for scrypt keylen (Tobias Nieen) #47407
    [4c1a27716b] - crypto: re-add padding for AES-KW wrapped JWKs (Filip Skokan) #46563
    [b66eb15d12] - deps: update simdutf to 3.2.7 (Node.js GitHub Bot) #47473
    [3fc11477ba] - deps: update corepack to 0.17.2 (Node.js GitHub Bot) #47474
    [c1776531ab] - deps: upgrade npm to 9.6.4 (npm team) #47432
    [e7ca09f310] - deps: update zlib to upstream 5edb52d4 (Luigi Pinca) #47151
    [88387ccd12] - deps: update ada to 2.0.0 (Node.js GitHub Bot) #47339
    [9f468cc37e] - deps: cherry-pick Windows ARM64 fix for openssl (Richard Lau) #46570
    [eeab210b1b] - deps: update archs files for quictls/openssl-3.0.8+quic (RafaelGSS) #46570
    [d93d7716c7] - deps: upgrade openssl sources to quictls/openssl-3.0.8+quic (RafaelGSS) #46571
    [0f69ec4dd7] - deps: patch V8 to 10.9.194.9 (Michaël Zasso) #45995
    [5890d09644] - deps: patch V8 to 10.9.194.6 (Michaël Zasso) #45748
    [c02a7e7e93] - diagnostics_channel: fix ref counting bug when reaching zero subscribers (Stephen Belanger) #47520
    [c7ad5bb37d] - doc: info on handling unintended breaking changes (Michael Dawson) #47426
    [7d2d40ed0d] - doc: add performance initiative (Yagiz Nizipli) #47424
    [d56c0f7318] - doc: do not create a backup file (Luigi Pinca) #47151
    [412d27b65b] - doc: add MoLow to the TSC (Colin Ihrig) #47436
    [f131cca0c0] - doc: reserve 116 for Electron 25 (Keeley Hammond) #47375
    [1022c6f424] - doc: add experimental stages (Geoffrey Booth) #46100
    [42d3d74717] - doc: clarify release notes for Node.js 16.19.0 (Richard Lau) #45846
    [533c6512da] - doc: clarify release notes for Node.js 14.21.2 (Richard Lau) #45846
    [97165fc1a6] - doc: fix doc metadata for Node.js 16.19.0 (Richard Lau) #45863
    [a266b8b702] - doc: add registry number for Electron 23 & 24 (Keeley Hammond) #45661
    [2613a9ced9] - esm: move hook execution to separate thread (Jacob Smith) #44710
    [841f6b3abf] - esm: increase test coverage of edge cases (Antoine du Hamel) #47033
    [0d575fe61a] - gyp: put filenames in variables (Cheng Zhao) #46965
    [41b186722c] - lib: distinguish webidl interfaces with the extended property "Exposed" (Chengzhong Wu) #46809
    [9b7db62276] - lib: makeRequireFunction patch when experimental policy (RafaelGSS) nodejs-private/node-private#358
    [d43b532789] - lib: refactor to use validateBuffer (Deokjin Kim) #46489
    [9a76a2521b] - meta: ping security-wg team on permission model changes (Rafael Gonzaga) #47483
    [a4dadde1ba] - meta: ping startup and realm team on src/node_realm* changes (Joyee Cheung) #47448
    [631c3ef3de] - module: do less CJS module loader initialization at run time (Joyee Cheung) #47194
    [8bcf0a42f7] - permission: fix chmod,chown improve fs coverage (Rafael Gonzaga) #47529
    [54d17ff4b5] - permission: support fs.mkdtemp (Rafael Gonzaga) #47470
    [b441b5dc65] - permission: drop process.permission.deny (Rafael Gonzaga) #47335
    [aa30e16716] - permission: fix some vulnerabilities in fs (Tobias Nieen) #47091
    [1726da9300] - permission: add path separator to loader check (Rafael Gonzaga) #47030
    [b164038c86] - permission: fix spawnSync permission check (RafaelGSS) #46975
    [af91400886] - policy: makeRequireFunction on mainModule.require (RafaelGSS) nodejs-private/node-private#358
    [f8b4e26aee] - quic: add more QUIC impl (James M Snell) #47348
    [d65ae9f678] - quic: add additional quic implementation utilities (James M Snell) #47289
    [9b104be502] - quic: do not dereference shared_ptr after move (Tobias Nieen) #47294
    [09a4bb152f] - quic: add multiple internal utilities (James M Snell) #47263
    [2bde0059ca] - sea: use JSON configuration and blob content for SEA (Joyee Cheung) #47125
    [78c7475493] - src: allow simdutf::convert_* functions to return zero (Daniel Lemire) #47471
    [5250947a53] - src: track ShadowRealm native objects correctly in the heap snapshot (Joyee Cheung) #47389
    [8059764621] - src: use the internal field to determine if an object is a BaseObject (Joyee Cheung) #47217
    [698508afa8] - src: bootstrap prepare stack trace callback in shadow realm (Chengzhong Wu) #47107
    [e6b4d30a2f] - src: bootstrap Web [Exposed=*] APIs in the shadow realm (Chengzhong Wu) #46809
    [3646a66044] - src: fix AliasedBuffer memory attribution in heap snapshots (Joyee Cheung) #46817
    [8b2126f63f] - src: move AliasedBuffer implementation to -inl.h (Joyee Cheung) #46817
    [3abbc3829a] - src: fix useless call in permission.cc (Tobias Nieen) #46833
    [7b1e153530] - src: simplify exit code accesses (Daeyeon Jeong) #45125
    [7359b92a41] - test: remove unnecessary status check on test-release-npm (RafaelGSS) #47516
    [a5a5d2fb7e] - test: mark test/parallel/test-file-write-stream4 as flaky (Yagiz Nizipli) #47423
    [81ad73a205] - test: remove unused callback variables (angellovc) #47167
    [757a586ead] - test: migrate test runner message tests to snapshot (Moshe Atlow) #47392
    [86f890539f] - test: remove stale entry from known_issues.status (Richard Lau) #47454
    [1f3773d0c1] - test: move more inspector sequential tests to parallel (Joyee Cheung) #47412
    [617b8d44c6] - test: use random port in test-inspector-enabled (Joyee Cheung) #47412
    [ade0170c4f] - test: use random port in test-inspector-debug-brk-flag (Joyee Cheung) #47412
    [1a78632cd3] - test: use random port in NodeInstance.startViaSignal() (Joyee Cheung) #47412
    [23f66b137e] - test: move test-shadow-realm-gc.js to known_issues (Joyee Cheung) #47355
    [9dfd0394c5] - test: remove useless WPT init scripts (Khafra) #47221
    [1cfe058778] - test: fix test-permission-deny-fs-wildcard (win32) (Tobias Nieen) #47095
    [b8ef1b476e] - test: add coverage for custom loader hooks with permission model (Antoine du Hamel) #46977
    [4a7c3e9c50] - test: fix file path in permission symlink test (Livia Medeiros) #46859
    [10005de6a8] - tools: make js2c.py usable for other build systems (Cheng Zhao) #46930
    [1e2f9aca72] - tools: move update-acorn.sh to dep_updaters and create maintaining md (Marco Ippolito) #47382
    [174662a463] - tools: update eslint to 8.38.0 (Node.js GitHub Bot) #47475
    [a58ca61f35] - tools: update eslint to 8.38.0 (Node.js GitHub Bot) #47475
    [37d12730ab] - tools: automate cjs-module-lexer dependency update (Marco Ippolito) #47446
    [4fbfa3c9f2] - tools: fix notify-on-push Slack messages (Antoine du Hamel) #47453
    [b1f2ff1242] - tools: update lint-md-dependencies to @rollup/plugin-node-resolve@15.0.2 (Node.js GitHub Bot) #47431
    [26b2584b84] - tools: add root certificate update script (Richard Lau) #47425
    [553b052648] - tools: remove targets for individual test suites in Makefile (Antoine du Hamel) #46892
    [747ff43e5b] - url: more sophisticated brand check for URLSearchParams (Timothy Gu) #47414
    [e727eb066f] - url: do not use object as hashmap (Timothy Gu) #47415
    [81c7875eb7] - url: drop ICU requirement for parsing hostnames (Yagiz Nizipli) #47339
    [a4895df94a] - url: use ada::url_aggregator for parsing urls (Yagiz Nizipli) #47339

Revision 1.258 / (download) - annotate - [select for diffs], Thu Apr 27 12:15:11 2023 UTC (7 months ago) by wiz
Branch: MAIN
Changes since 1.257: +2 -2 lines
Diff to previous 1.257 (colored)

*: recursive bump for nghttp3 shlib major change

Revision 1.257 / (download) - annotate - [select for diffs], Wed Apr 26 19:44:09 2023 UTC (7 months ago) by wiz
Branch: MAIN
Changes since 1.256: +2 -1 lines
Diff to previous 1.256 (colored)

*: recursive bump for ngtcp2 shlib major bump

Revision 1.256 / (download) - annotate - [select for diffs], Wed Apr 19 17:38:35 2023 UTC (7 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.255: +3 -14 lines
Diff to previous 1.255 (colored)

nodejs: updated to 19.9.0

Version 19.9.0 (Current)

Notable Changes

Tracing Channel in diagnostic_channel
New URL.canParse API
(SEMVER-MINOR) add getMaxListeners method (Khafra)
(SEMVER-MINOR) migrate to WiX4 (Stefan Stojanovic)
(SEMVER-MINOR) deprecate napi_module_register (Vladimir Morozov)
(SEMVER-MINOR) add setter & getter for default highWaterMark (Robert Nagy)
(SEMVER-MINOR) expose reporter for use in run api (Chemi Atlow)

Revision 1.255 / (download) - annotate - [select for diffs], Mon Feb 27 13:52:03 2023 UTC (9 months ago) by gdt
Branch: MAIN
CVS Tags: pkgsrc-2023Q1-base, pkgsrc-2023Q1
Changes since 1.254: +2 -1 lines
Diff to previous 1.254 (colored)

lang/nodejs: Require GCC 8

GCC 7 fails due to <charconv>, even if gcc's page says 7 supports C++17.
(Build tested on netbsd-9 amd64.)

Revision 1.254 / (download) - annotate - [select for diffs], Thu Feb 23 07:55:49 2023 UTC (9 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.253: +2 -2 lines
Diff to previous 1.253 (colored)

nodejs: updated to 19.7.0

Version 19.7.0 (Current)

Notable Changes

- deps: upgrade npm to 9.5.0 (npm team)
- deps: add ada as a dependency (Yagiz Nizipli)
- doc: add debadree25 to collaborators (Debadree Chatterjee)
- doc: add deokjinkim to collaborators (Deokjin Kim)
- doc,lib,src,test: rename --test-coverage (Colin Ihrig)
- (SEMVER-MINOR) lib: add aborted() utility function (Debadree Chatterjee)
- (SEMVER-MINOR) src: add initial support for single executable applications (Darshan Sen)
- (SEMVER-MINOR) src: allow optional Isolate termination in node::Stop() (Shelley Vohr)
- (SEMVER-MINOR) src: allow blobs in addition to FILE*s in embedder snapshot API (Anna Henningsen)
- (SEMVER-MINOR) src: allow snapshotting from the embedder API (Anna Henningsen)
- (SEMVER-MINOR) src: make build_snapshot a per-Isolate option, rather than a global one (Anna Henningsen)
- (SEMVER-MINOR) src: add snapshot support for embedder API (Anna Henningsen)
- (SEMVER-MINOR) src: allow embedder control of code generation policy (Shelley Vohr)
- (SEMVER-MINOR) stream: add abort signal for ReadableStream and WritableStream (Debadree Chatterjee)
- test_runner: add initial code coverage support (Colin Ihrig)
- url: replace url-parser with ada (Yagiz Nizipli)

Revision 1.253 / (download) - annotate - [select for diffs], Fri Feb 17 11:57:44 2023 UTC (9 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.252: +2 -2 lines
Diff to previous 1.252 (colored)

nodejs: updated to 19.6.1

Version 19.6.1 (Current)

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

CVE-2023-23919: OpenSSL errors not cleared in error stack (Medium)
CVE-2023-23918: Experimental Policies bypass via process.mainModule.require(High)
CVE-2023-23920: Insecure loading of ICU data through ICU_DATA environment variable (Low)

Revision 1.252 / (download) - annotate - [select for diffs], Fri Feb 3 11:48:22 2023 UTC (9 months, 4 weeks ago) by adam
Branch: MAIN
Changes since 1.251: +2 -2 lines
Diff to previous 1.251 (colored)

nodejs: updated to 19.6.0

Version 19.6.0 (Current)

Notable changes

ESM: Leverage loaders when resolving subsequent loaders

Loaders now apply to subsequent loaders, for example: --experimental-loader ts-node --experimental-loader loader-written-in-typescript.

Upgrade npm to 9.4.0

Added --install-strategy=linked option for installations similar to pnpm.

Other notable changes

(SEMVER-MINOR) fs: add statfs() functions (Colin Ihrig)
(SEMVER-MINOR) vm: expose cachedDataRejected for vm.compileFunction (Anna Henningsen)
(SEMVER-MINOR) v8: support gc profile (theanarkh)
(SEMVER-MINOR) src,lib: add constrainedMemory API for process (theanarkh)
(SEMVER-MINOR) buffer: add isAscii method (Yagiz Nizipli)
(SEMVER-MINOR) test_runner: add reporters (Moshe Atlow)

Revision 1.251 / (download) - annotate - [select for diffs], Thu Jan 26 07:56:38 2023 UTC (10 months ago) by adam
Branch: MAIN
Changes since 1.250: +2 -2 lines
Diff to previous 1.250 (colored)

nodejs: updated to 19.5.0

Version 19.5.0 (Current), @RafaelGSS

Notable Changes

http:
(SEMVER-MINOR) join authorization headers (Marco Ippolito)

lib::
add webstreams to Duplex.from() (Debadree Chatterjee)

stream:
implement finished() for ReadableStream and WritableStream

Revision 1.250 / (download) - annotate - [select for diffs], Wed Jan 11 17:32:32 2023 UTC (10 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.249: +2 -2 lines
Diff to previous 1.249 (colored)

nodejs: updated to 19.4.0

Version 19.4.0 (Current)

Notable Changes

buffer:
(SEMVER-MINOR) add buffer.isUtf8 for utf8 validation (Yagiz Nizipli)
http:
(SEMVER-MINOR) improved timeout defaults handling (Paolo Insogna)
net:
add autoSelectFamily global getter and setter (Paolo Insogna)
os:
(SEMVER-MINOR) add availableParallelism() (Colin Ihrig)
util:
add fast path for text-decoder fatal flag (Yagiz Nizipli)

Revision 1.249 / (download) - annotate - [select for diffs], Tue Jan 3 21:18:53 2023 UTC (10 months, 4 weeks ago) by adam
Branch: MAIN
Changes since 1.248: +2 -2 lines
Diff to previous 1.248 (colored)

nodejs: updated to 19.3.0

Version 19.3.0 (Current)

Notable Changes

Updated npm to 9.2.0
build: disable v8 snapshot compression by default (Joyee Cheung)
doc: add doc-only deprecation for headers/trailers setters (Rich Trott)
doc: add Rafael Gonzaga to the TSC (Michael Dawson)
(SEMVER-MINOR) net: add autoSelectFamily and autoSelectFamilyAttemptTimeout options (Paolo Insogna)
(SEMVER-MINOR) src: add uvwasi version (Jithil P Ponnan)
(SEMVER-MINOR) test_runner: add t.after() hook (Colin Ihrig)
(SEMVER-MINOR) test_runner: don't use a symbol for runHook() (Colin Ihrig)
tls: remove trustcor root ca certificates (Ben Noordhuis)

Revision 1.248 / (download) - annotate - [select for diffs], Sat Dec 3 17:07:13 2022 UTC (11 months, 4 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q4-base, pkgsrc-2022Q4
Changes since 1.247: +8 -3 lines
Diff to previous 1.247 (colored)

nodejs: updated to 19.2.0

Version 19.2.0 (Current)

Notable changes

Time zone update

Time zone data has been updated to 2022f. This includes changes to Daylight Savings Time (DST) for Fiji and Mexico. For more information, see https://mm.icann.org/pipermail/tz-announce/2022-October/000075.html.


Version 19.1.0 (Current)

Notable changes

Support function mocking on Node.js test runner
fs.watch recursive support on Linux


Version 19.0.1 (Current)

This is a security release.

Notable changes

The following CVEs are fixed in this release:

CVE-2022-3602: X.509 Email Address 4-byte Buffer Overflow (High)
CVE-2022-3786: X.509 Email Address Variable Length Buffer Overflow (High)
CVE-2022-43548: DNS rebinding in --inspect via invalid octal IP address (Medium)


Version 19.0.0 (Current)

Node.js 19 is here! Highlights include the update of the V8 JavaScript engine to 10.7, HTTP(s)/1.1 KeepAlive enabled by default, and ESM Resolution adjusts.

Node.js 19 will replace Node.js 18 as our Ϥurrentrelease line when Node.js 18 enters long-term support (LTS) later this month. As per the release schedule, Node.js 19 will be Ϥurrent' release for the next 6 months, until April 2023.

Revision 1.247 / (download) - annotate - [select for diffs], Wed Nov 23 12:09:44 2022 UTC (12 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.246: +2 -3 lines
Diff to previous 1.246 (colored)

nodejs: updated to 18.12.1

Version 18.12.1 'Hydrogen' (LTS)

This is a security release.

Notable changes

The following CVEs are fixed in this release:

CVE-2022-3602: X.509 Email Address 4-byte Buffer Overflow (High)
CVE-2022-3786: X.509 Email Address Variable Length Buffer Overflow (High)
CVE-2022-43548: DNS rebinding in --inspect via invalid octal IP address (Medium)

Revision 1.246 / (download) - annotate - [select for diffs], Sun Nov 6 16:28:29 2022 UTC (12 months, 3 weeks ago) by triaxx
Branch: MAIN
Changes since 1.245: +2 -2 lines
Diff to previous 1.245 (colored)

nodejs: Fix building with python311

Node.js v18 does not want to build with Python 3.11.

Revision 1.245 / (download) - annotate - [select for diffs], Tue Nov 1 17:58:22 2022 UTC (13 months ago) by schmonz
Branch: MAIN
Changes since 1.244: +11 -2 lines
Diff to previous 1.244 (colored)

lang/nodejs{,16}: as expected by upstream, install corepack (and bump
PKGREVISION). For earlier versions, no change.

Revision 1.244 / (download) - annotate - [select for diffs], Mon Oct 31 15:19:06 2022 UTC (13 months ago) by adam
Branch: MAIN
Changes since 1.243: +2 -2 lines
Diff to previous 1.243 (colored)

nodejs: updated to 18.12.0

Version 18.12.0 'Hydrogen' (LTS)

Notable Changes

This release marks the transition of Node.js 18.x into Long Term Support (LTS) with the codename 'Hydrogen'. The 18.x release line now moves into "Active LTS" and will remain so until October 2023. After that time, it will move into "Maintenance" until end of life in April 2025.

Revision 1.243 / (download) - annotate - [select for diffs], Mon Oct 17 11:03:07 2022 UTC (13 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.242: +2 -2 lines
Diff to previous 1.242 (colored)

nodejs: updated to 18.11.0

Version 18.11.0 (Current)

Notable changes

watch mode (experimental)

Running in 'watch' mode using node --watch restarts the process when an imported file is changed.

Contributed by Moshe Atlow in

Other notable changes

fs:
(SEMVER-MINOR) add FileHandle.prototype.readLines (Antoine du Hamel)
http:
(SEMVER-MINOR) add writeEarlyHints function to ServerResponse (Wing)
http2:
(SEMVER-MINOR) make early hints generic (Yagiz Nizipli)
lib:
(SEMVER-MINOR) refactor transferable AbortSignal (flakey5)
src:
(SEMVER-MINOR) add detailed embedder process initialization API (Anna Henningsen)
util:
(SEMVER-MINOR) add default value option to parsearg (Manuel Spigolon)

Revision 1.240.2.1 / (download) - annotate - [select for diffs], Mon Oct 3 15:32:47 2022 UTC (13 months, 4 weeks ago) by bsiegert
Branch: pkgsrc-2022Q3
Changes since 1.240: +5 -5 lines
Diff to previous 1.240 (colored) next main 1.241 (colored)

Pullup ticket #6678 - requested by taca
lang/nodejs: security fix

Revisions pulled up:
- lang/nodejs/Makefile                                          1.241
- lang/nodejs/PLIST                                             1.65
- lang/nodejs/distinfo                                          1.222

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Tue Sep 27 07:59:10 UTC 2022

   Modified Files:
   	pkgsrc/lang/nodejs: Makefile PLIST distinfo

   Log Message:
   nodejs: updated to 18.9.1

   Version 18.9.1 (Current)

   This is a security release.

   Notable changes

   The following CVEs are fixed in this release:

   CVE-2022-32212: DNS rebinding in --inspect on macOS (High)
   Insufficient fix for macOS devices on v18.5.0
   CVE-2022-32222: Node 18 reads openssl.cnf from /home/iojs/build/ upon startup on MacOS (Medium)
   CVE-2022-32213: HTTP Request Smuggling - Flawed Parsing of Transfer-Encoding (Medium)
   Insufficient fix on v18.5.0
   CVE-2022-32215: HTTP Request Smuggling - Incorrect Parsing of Multi-line Transfer-Encoding (Medium)
   Insufficient fix on v18.5.0
   CVE-2022-35256: HTTP Request Smuggling - Incorrect Parsing of Header Fields (Medium)
   CVE-2022-35255: Weak randomness in WebCrypto keygen

Revision 1.242 / (download) - annotate - [select for diffs], Thu Sep 29 19:38:07 2022 UTC (14 months ago) by adam
Branch: MAIN
Changes since 1.241: +2 -2 lines
Diff to previous 1.241 (colored)

nodejs: updated to 18.10.0

Version 18.10.0 (Current)

Notable changes

doc:
(SEMVER-MINOR) deprecate modp1, modp2, and modp5 groups (Tobias Nieen)
add legendecas to TSC list (Michael Dawson)
move policy docs to the permissions scope (Rafael Gonzaga)
gyp:
libnode for ios app embedding (chexiongsheng)
http:
(SEMVER-MINOR) throw error on content-length mismatch (sidwebworks)
stream:
(SEMVER-MINOR) add ReadableByteStream.tee() (Daeyeon Jeong)

Revision 1.241 / (download) - annotate - [select for diffs], Tue Sep 27 07:59:10 2022 UTC (14 months ago) by adam
Branch: MAIN
Changes since 1.240: +5 -5 lines
Diff to previous 1.240 (colored)

nodejs: updated to 18.9.1

Version 18.9.1 (Current)

This is a security release.

Notable changes

The following CVEs are fixed in this release:

CVE-2022-32212: DNS rebinding in --inspect on macOS (High)
Insufficient fix for macOS devices on v18.5.0
CVE-2022-32222: Node 18 reads openssl.cnf from /home/iojs/build/ upon startup on MacOS (Medium)
CVE-2022-32213: HTTP Request Smuggling - Flawed Parsing of Transfer-Encoding (Medium)
Insufficient fix on v18.5.0
CVE-2022-32215: HTTP Request Smuggling - Incorrect Parsing of Multi-line Transfer-Encoding (Medium)
Insufficient fix on v18.5.0
CVE-2022-35256: HTTP Request Smuggling - Incorrect Parsing of Header Fields (Medium)
CVE-2022-35255: Weak randomness in WebCrypto keygen

Revision 1.240 / (download) - annotate - [select for diffs], Mon Aug 29 06:30:11 2022 UTC (15 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q3-base
Branch point for: pkgsrc-2022Q3
Changes since 1.239: +2 -2 lines
Diff to previous 1.239 (colored)

nodejs: updated to 18.8.0

Version 18.8.0 (Current)

Notable changes

bootstrap: implement run-time user-land snapshots via --build-snapshot and --snapshot-blob

crypto:
(SEMVER-MINOR) allow zero-length IKM in HKDF and in webcrypto PBKDF2
(SEMVER-MINOR) allow zero-length secret KeyObject
deps:
upgrade npm to 8.18.0 (npm team)
doc:
add Erick Wendel to collaborators
add theanarkh to collaborators
add MoLow to collaborators
add cola119 to collaborators
deprecate --trace-atomics-wait
http:
(SEMVER-MINOR) make idle http parser count configurable
net:
(SEMVER-MINOR) add local family
src:
(SEMVER-MINOR) print source map error source on demand
tls:
(SEMVER-MINOR) pass a valid socket on tlsClientError

Revision 1.239 / (download) - annotate - [select for diffs], Wed Jul 27 08:42:23 2022 UTC (16 months ago) by adam
Branch: MAIN
Changes since 1.238: +2 -2 lines
Diff to previous 1.238 (colored)

nodejs: updated to 18.7.0

Version 18.7.0 (Current)

Notable changes

doc:
add F3n67u to collaborators (Feng Yu)
deprecate coercion to integer in process.exit (Daeyeon Jeong)
(SEMVER-MINOR) deprecate diagnostics_channel object subscribe method (Stephen Belanger)
events:
(SEMVER-MINOR) expose CustomEvent on global with CLI flag (Daeyeon Jeong)
(SEMVER-MINOR) add CustomEvent (Daeyeon Jeong)
http:
(SEMVER-MINOR) add drop request event for http server (theanarkh)
lib:
(SEMVER-MINOR) improved diagnostics_channel subscribe/unsubscribe (Stephen Belanger)
util:
(SEMVER-MINOR) add tokens to parseArgs (John Gee)

Revision 1.236.2.1 / (download) - annotate - [select for diffs], Sat Jul 23 16:54:32 2022 UTC (16 months, 1 week ago) by spz
Branch: pkgsrc-2022Q2
Changes since 1.236: +2 -2 lines
Diff to previous 1.236 (colored) next main 1.237 (colored)

Pullup ticket #6652 - requested by khorben
lang/nodejs: security update

Revisions pulled up:
- lang/nodejs/Makefile                                          1.237
- lang/nodejs/distinfo                                          1.217

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   adam
   Date:           Fri Jul  8 13:31:15 UTC 2022

   Modified Files:
           pkgsrc/lang/nodejs: Makefile distinfo

   Log Message:
   nodejs: updated to 18.5.0

   Version 18.5.0 (Current), @RafaelGSS

   This is a security release.

   Notable Changes

   - (SEMVER-MAJOR) src,deps,build,test: add OpenSSL config appname (Daniel Bevenius)
   - (SEMVER-MAJOR) src,doc,test: add --openssl-shared-config option (Daniel Bevenius)
   Node.js now reads nodejs_conf section in the openssl config
   - deps: update archs files for quictls/openssl-3.0.5+quic (RafaelGSS)
   - deps: upgrade openssl sources to quictls/openssl-3.0.5+quic (RafaelGSS)


   To generate a diff of this commit:
   cvs rdiff -u -r1.236 -r1.237 pkgsrc/lang/nodejs/Makefile
   cvs rdiff -u -r1.216 -r1.217 pkgsrc/lang/nodejs/distinfo

Revision 1.238 / (download) - annotate - [select for diffs], Thu Jul 14 07:10:40 2022 UTC (16 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.237: +2 -2 lines
Diff to previous 1.237 (colored)

nodejs: updated to 18.6.0

Version 18.6.0 (Current)

Notable Changes

Experimental ESM Loader Hooks API

Node.js ESM Loader hooks now support multiple custom loaders, and composition is achieved via "chaining": foo-loader calls bar-loader calls qux-loader (a custom loader must now signal a short circuit when intentionally not calling the next). See the ESM docs for details.

Revision 1.237 / (download) - annotate - [select for diffs], Fri Jul 8 13:31:15 2022 UTC (16 months, 3 weeks ago) by adam
Branch: MAIN
Changes since 1.236: +2 -2 lines
Diff to previous 1.236 (colored)

nodejs: updated to 18.5.0

Version 18.5.0 (Current), @RafaelGSS

This is a security release.

Notable Changes

- (SEMVER-MAJOR) src,deps,build,test: add OpenSSL config appname (Daniel Bevenius)
- (SEMVER-MAJOR) src,doc,test: add --openssl-shared-config option (Daniel Bevenius)
Node.js now reads nodejs_conf section in the openssl config
- deps: update archs files for quictls/openssl-3.0.5+quic (RafaelGSS)
- deps: upgrade openssl sources to quictls/openssl-3.0.5+quic (RafaelGSS)

Revision 1.236 / (download) - annotate - [select for diffs], Fri Jun 17 08:02:48 2022 UTC (17 months, 2 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base
Branch point for: pkgsrc-2022Q2
Changes since 1.235: +2 -2 lines
Diff to previous 1.235 (colored)

nodejs: updated to 18.4.0

Version 18.4.0 (Current)

Notable Changes

crypto:
remove Node.js-specific webcrypto extensions
add CFRG curves to Web Crypto API
dns:
accept 'IPv4' and 'IPv6' for family
report:
add more heap infos in process report

Revision 1.235 / (download) - annotate - [select for diffs], Thu Jun 2 09:46:41 2022 UTC (18 months ago) by adam
Branch: MAIN
Changes since 1.234: +2 -2 lines
Diff to previous 1.234 (colored)

nodejs: updated to 18.3.0

Version 18.3.0 (Current)

Notable Changes

- deps: update undici to 5.4.0 (Node.js GitHub Bot)
- (SEMVER-MINOR) util: add parseArgs module (Benjamin Coe)
- (SEMVER-MINOR) http: add uniqueHeaders option to request and createServer (Paolo Insogna)
- deps: upgrade npm to 8.11.0 (npm team)
- deps: patch V8 to 10.2.154.4 (Michaël Zasso)
- (SEMVER-MINOR) deps: update V8 to 10.2.154.2 (Michaël Zasso)
- (SEMVER-MINOR) fs: make params in writing methods optional (LiviaMedeiros)
- (SEMVER-MINOR) http: add uniqueHeaders option to request and createServer (Paolo Insogna)
- (SEMVER-MINOR) net: add ability to reset a tcp socket (pupilTong)
- (SEMVER-MINOR) Revert "build: make x86 Windows support temporarily experimental" (Michaël Zasso)

Revision 1.234 / (download) - annotate - [select for diffs], Wed May 18 18:26:51 2022 UTC (18 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.233: +2 -2 lines
Diff to previous 1.233 (colored)

nodejs: updated to 18.2.0

Version 18.2.0
This update can be treated as a security release as the issues addressed in OpenSSL 3.0.3 slightly affect Node.js 18.

Revision 1.233 / (download) - annotate - [select for diffs], Thu May 5 07:08:06 2022 UTC (18 months, 4 weeks ago) by adam
Branch: MAIN
Changes since 1.232: +3 -3 lines
Diff to previous 1.232 (colored)

nodejs: updated to 18.1.0

Version 18.1.0 (Current)

Notable Changes
- doc: add @kuriyosh to collaborators (Yoshiki Kurihara)
- (SEMVER-MINOR) lib,src: implement WebAssembly Web API (Tobias Nieen)
- (SEMVER-MINOR) test_runner: add initial CLI runner (Colin Ihrig)
- (SEMVER-MINOR) worker: add hasRef() to MessagePort (Darshan Sen)


Version 18.0.0 (Current)

Node.js 18 is here! Highlights include the update of the V8 JavaScript engine to 10.1, global fetch enabled by default, and a core test runner module.

Initially, Node.js 18 will replace Node.js 17 as our Ϥurrentrelease line. As per the release schedule, Node.js 18 will be the Ϥurrentrelease for the next 6 months and then promoted to Long-term Support (LTS) in October 2022. Once promoted to long-term support the release will be designated the codename ϩydrogen Node.js 18 will be supported until April 2025.

Notable Changes

Deprecations and Removals

(SEMVER-MAJOR) fs: runtime deprecate string coercion in fs.write, fs.writeFileSync (Livia Medeiros)
(SEMVER-MAJOR) dns: remove dns.lookup and dnsPromises.lookup options type coercion (Antoine du Hamel)
(SEMVER-MAJOR) process: runtime deprecate multipleResolves (Benjamin Gruenbaum)
(SEMVER-MAJOR) stream: remove thenable support (Robert Nagy)
(SEMVER-MAJOR) tls: move tls.parseCertString to end-of-life (Tobias Nieen)

Revision 1.232 / (download) - annotate - [select for diffs], Mon May 2 18:59:24 2022 UTC (19 months ago) by adam
Branch: MAIN
Changes since 1.231: +2 -3 lines
Diff to previous 1.231 (colored)

nodejs: updated to 16.15.0

Version 16.15.0 'Gallium'

Notable changes

Add fetch API

Adds experimental support to the fetch API. This adds the --experimental-fetch flag that installs the fetch, Request, Response, Headers, and FormData globals.

(SEMVER-MINOR) add fetch (Michaël Zasso)
(SEMVER-MINOR) add FormData global when fetch is enabled (Michaël Zasso)

Other notable changes

build:
remove broken x32 arch support (Ben Noordhuis)
crypto:
(SEMVER-MINOR) add KeyObject.prototype.equals method (Filip Skokan)
doc:
add @ShogunPanda to collaborators (Paolo Insogna)
add JakobJingleheimer to collaborators list (Jacob Smith)
add joesepi to collaborators (Joe Sepi)
add marsonya to collaborators (Akhil Marsonya)
deprecate string coercion in fs.write, fs.writeFileSync (Livia Medeiros)
deprecate notice for process methods (Yash Ladha)
esm:
(SEMVER-MINOR) support https remotely and http locally under flag (Bradley Farias)
module:
(SEMVER-MINOR) unflag esm json modules (Geoffrey Booth)
node-api:
(SEMVER-MINOR) add node_api_symbol_for() (Darshan Sen)
process:
deprecate multipleResolves (Benjamin Gruenbaum)
stream:
(SEMVER-MINOR) support some and every (Benjamin Gruenbaum)
(SEMVER-MINOR) add toArray (Benjamin Gruenbaum)
(SEMVER-MINOR) add forEach method (Benjamin Gruenbaum)

Revision 1.231 / (download) - annotate - [select for diffs], Tue Apr 19 12:42:38 2022 UTC (19 months, 1 week ago) by jperkin
Branch: MAIN
Changes since 1.230: +3 -1 lines
Diff to previous 1.230 (colored)

nodejs: gyp-mac-tool requires py-expat.

Revision 1.230 / (download) - annotate - [select for diffs], Mon Apr 18 19:09:55 2022 UTC (19 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.229: +2 -2 lines
Diff to previous 1.229 (colored)

revbump for textproc/icu update

Revision 1.229 / (download) - annotate - [select for diffs], Fri Apr 1 18:41:02 2022 UTC (20 months ago) by tnn
Branch: MAIN
Changes since 1.228: +2 -1 lines
Diff to previous 1.228 (colored)

nodejs: disable "near code ranges" on NetBSD/evbarm-aarch64 for now

It results in mmap(2) errors of the PR kern/55533 variety.

Revision 1.228 / (download) - annotate - [select for diffs], Fri Apr 1 15:40:09 2022 UTC (20 months ago) by tnn
Branch: MAIN
Changes since 1.227: +2 -1 lines
Diff to previous 1.227 (colored)

nodejs: more CHECK_PORTABILITY_SKIP

Revision 1.227 / (download) - annotate - [select for diffs], Thu Mar 31 07:17:01 2022 UTC (20 months ago) by tnn
Branch: MAIN
Changes since 1.226: +2 -1 lines
Diff to previous 1.226 (colored)

nodejs: add CHECK_PORTABILITY_SKIP

Revision 1.226 / (download) - annotate - [select for diffs], Wed Mar 30 06:52:33 2022 UTC (20 months ago) by adam
Branch: MAIN
Changes since 1.225: +3 -3 lines
Diff to previous 1.225 (colored)

nodejs: updated to 16.14.2

Version 16.14.2 'Gallium' (LTS)

This is a security release.

Notable Changes

Update to OpenSSL 1.1.1n, which addresses the following vulnerability:

Infinite loop in BN_mod_sqrt() reachable when parsing certificates (High)(CVE-2022-0778) More details are available at https://www.openssl.org/news/secadv/20220315.txt


For older changes, see https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V16.md

Revision 1.225 / (download) - annotate - [select for diffs], Tue Feb 15 13:59:42 2022 UTC (21 months, 2 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q1-base, pkgsrc-2022Q1
Changes since 1.224: +3 -2 lines
Diff to previous 1.224 (colored)

nodejs: updated to 14.19.0

Version 14.19.0 'Fermium' (LTS)

Notable Changes

Corepack

Node.js now includes Corepack, a script that acts as a bridge between Node.js projects and the package managers they are intended to be used with during development. In practical terms, Corepack will let you use Yarn and pnpm without having to install them - just like what currently happens with npm, which is shipped in Node.js by default. Please head over to the Corepack documentation page for more information on how to use it.


ICU updated

ICU has been updated to 70.1. This updates timezone database to 2021a3, including bringing forward the start for DST for Jordan from March to February.


New option to disable loading of native addons

A new command line option --no-addons has been added to disallow loading of native addons.


Updated Root Certificates

Root certificates have been updated to those from Mozilla's Network Security Services 3.71.

Revision 1.224 / (download) - annotate - [select for diffs], Tue Jan 11 08:02:04 2022 UTC (22 months, 2 weeks ago) by adam
Branch: MAIN
Changes since 1.223: +2 -2 lines
Diff to previous 1.223 (colored)

nodejs: updated to 14.18.3

Version 14.18.3 'Fermium' (LTS)

Notable changes

Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531)
Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532)
Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533)
Prototype pollution via console.table properties (Low)(CVE-2022-21824)

Revision 1.223 / (download) - annotate - [select for diffs], Wed Dec 8 20:38:58 2021 UTC (23 months, 3 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q4-base, pkgsrc-2021Q4
Changes since 1.222: +2 -3 lines
Diff to previous 1.222 (colored)

nodejs: updated to 14.18.2

Version 14.18.2 'Fermium' (LTS)

Notable changes

This release contains a c-ares update to fix a regression introduced in Node.js 14.17.5 resolving CNAME records containing underscores 39780.

Also included are commits to allow Node.js 14 to continue to build and pass tests on our Jenkins CI, including adding Python 3.10 to the list of allowable Python versions for building.

Revision 1.222 / (download) - annotate - [select for diffs], Wed Dec 8 16:02:16 2021 UTC (23 months, 3 weeks ago) by adam
Branch: MAIN
Changes since 1.221: +2 -1 lines
Diff to previous 1.221 (colored)

revbump for icu and libffi

Revision 1.221 / (download) - annotate - [select for diffs], Wed Oct 20 09:14:19 2021 UTC (2 years, 1 month ago) by adam
Branch: MAIN
Changes since 1.220: +2 -2 lines
Diff to previous 1.220 (colored)

nodejs: updated to 14.18.1

Version 14.18.1 'Fermium' (LTS)

This is a security release.

Notable changes

CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium)
The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will be available at CVE-2021-22959 after publication.
CVE-2021-22960: HTTP Request Smuggling when parsing the body (Medium)
The parse ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions. More details will be available at CVE-2021-22960 after publication.

Revision 1.220 / (download) - annotate - [select for diffs], Wed Sep 29 19:21:34 2021 UTC (2 years, 2 months ago) by adam
Branch: MAIN
Changes since 1.219: +2 -2 lines
Diff to previous 1.219 (colored)

nodejs: updated to 14.18.0

Version 14.18.0 'Fermium' (LTS)

Notable Changes

assert: change status of legacy asserts (James M Snell)
(SEMVER-MINOR) buffer: introduce Blob (James M Snell)
(SEMVER-MINOR) buffer: add base64url encoding option (Filip Skokan)
(SEMVER-MINOR) child_process: allow options.cwd receive a URL (Khaidi Chu)
(SEMVER-MINOR) child_process: add timeout to spawn and fork (Nitzan Uziely)
(SEMVER-MINOR) child_process: allow promisified exec to be cancel (Carlos Fuentes)
(SEMVER-MINOR) child_process: add 'overlapped' stdio flag (Thiago Padilha)
(SEMVER-MINOR) cli: add -C alias for --conditions flag (Guy Bedford)
(SEMVER-MINOR) cli: add --node-memory-debug option (Anna Henningsen)
(SEMVER-MINOR) dns: add "tries" option to Resolve options (Luan Devecchi)
(SEMVER-MINOR) dns: allow --dns-result-order to change default dns verbatim (Ouyang Yadong)
doc: refactor fs docs structure (James M Snell)
(SEMVER-MINOR) errors: remove experimental from --enable-source-maps (Benjamin Coe)
esm: deprecate legacy main lookup for modules (Guy Bedford)
(SEMVER-MINOR) fs: allow empty string for temp directory prefix (Voltrex)
(SEMVER-MINOR) fs: allow no-params fsPromises fileHandle read (Nitzan Uziely)
(SEMVER-MINOR) fs: add support for async iterators to fsPromises.writeFile (HiroyukiYagihashi)
fs: improve fsPromises readFile performance (Nitzan Uziely)
(SEMVER-MINOR) fs: add fsPromises.watch() (James M Snell)
(SEMVER-MINOR) fs: allow position parameter to be a BigInt in read and readSync (Darshan Sen)
(SEMVER-MINOR) http2: add support for sensitive headers (Anna Henningsen)
(SEMVER-MINOR) http2: allow setting the local window size of a session (Yongsheng Zhang)
inspector: mark as stable (Gireesh Punathil)
(SEMVER-MINOR) module: add support for URL to import.meta.resolve (Antoine du Hamel)
(SEMVER-MINOR) module: add support for node:refixed require( calls (ExE Boss)
(SEMVER-MINOR) net: introduce net.BlockList (James M Snell)
(SEMVER-MINOR) node-api: allow retrieval of add-on file name (Gabriel Schulhof)
(SEMVER-MINOR) os: add os.devNull (Luigi Pinca)
(SEMVER-MINOR) perf_hooks: introduce createHistogram (James M Snell)
(SEMVER-MINOR) process: add api to enable source-maps programmatically (legendecas)
(SEMVER-MINOR) process: add 'worker' event (James M Snell)
(SEMVER-MINOR) process: add direct access to rss without iterating pages (Adrien Maret)
(SEMVER-MINOR) readline: add AbortSignal support to interface (Nitzan Uziely)
(SEMVER-MINOR) readline: add support for the AbortController to the question method (Mattias Runge-Broberg)
(SEMVER-MINOR) readline: add history event and option to set initial history (Mattias Runge-Broberg)
(SEMVER-MINOR) repl: add autoompletion for node:refixed require( calls (ExE Boss)
(SEMVER-MINOR) src: call overload ctor from the original ctor (Darshan Sen)
(SEMVER-MINOR) src: add a constructor overload for CallbackScope (Darshan Sen)
(SEMVER-MINOR) src: allow to negate boolean CLI flags (Michaël Zasso)
(SEMVER-MINOR) src: add --heapsnapshot-near-heap-limit option (Joyee Cheung)
(SEMVER-MINOR) src: add way to get IsolateData and allocator from Environment (Anna Henningsen)
(SEMVER-MINOR) src: allow preventing SetPrepareStackTraceCallback (Shelley Vohr)
(SEMVER-MINOR) src: add maybe versions of EmitExit and EmitBeforeExit (Anna Henningsen)
(SEMVER-MINOR) stream: add readableDidRead if has been read from (Robert Nagy)
(SEMVER-MINOR) stream: pipeline accept Buffer as a valid first argument (Nitzan Uziely)
(SEMVER-MINOR) tls: allow reading data into a static buffer (Andrey Pechkurov)
(SEMVER-MINOR) url: expose urlToHttpOptions utility (Yongsheng Zhang)
(SEMVER-MINOR) util: expose toUSVString (Robert Nagy)
(SEMVER-MINOR) v8: implement v8.stopCoverage() (Joyee Cheung)
(SEMVER-MINOR) v8: implement v8.takeCoverage() (Joyee Cheung)
(SEMVER-MINOR) worker: add setEnvironmentData/getEnvironmentData (James M Snell)

Revision 1.219 / (download) - annotate - [select for diffs], Fri Sep 17 20:08:23 2021 UTC (2 years, 2 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q3-base, pkgsrc-2021Q3
Changes since 1.218: +2 -2 lines
Diff to previous 1.218 (colored)

nodejs: updated to 14.17.6

Version 14.17.6 'Fermium' (LTS)

This is a security release.

Notable Changes

These are vulnerabilities in the node-tar, arborist, and npm cli modules which are related to the initial reports and subsequent remediation of node-tar vulnerabilities CVE-2021-32803 and CVE-2021-32804. Subsequent internal security review of node-tar and additional external bounty reports have resulted in another 5 CVE being remediated in core npm CLI dependencies including node-tar, and npm arborist.


Version 14.17.5 'Fermium' (LTS)

This is a security release.

Notable Changes

CVE-2021-3672/CVE-2021-22931: Improper handling of untypical characters in domain names (High)
Node.js was vulnerable to Remote Code Execution, XSS, application crashes due to missing input validation of hostnames returned by Domain Name Servers in the Node.js DNS library which can lead to the output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library. You can read more about it at https://nvd.nist.gov/vuln/detail/CVE-2021-22931.
CVE-2021-22930: Use after free on close http2 on stream canceling (High)
Node.js was vulnerable to a use after free attack where an attacker might be able to exploit memory corruption to change process behavior. This release includes a follow-up fix for CVE-2021-22930 as the issue was not completely resolved by the previous fix. You can read more about it at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930.
CVE-2021-22939: Incomplete validation of rejectUnauthorized parameter (Low)
If the Node.js HTTPS API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted. You can read more about it at https://nvd.nist.gov/vuln/detail/CVE-2021-22939.

Revision 1.218 / (download) - annotate - [select for diffs], Wed Aug 4 09:08:32 2021 UTC (2 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.217: +2 -2 lines
Diff to previous 1.217 (colored)

nodejs: updated to 14.17.4

Version 14.17.4 'Fermium' (LTS)

This is a security release.

Notable Changes

CVE-2021-22930: Use after free on close http2 on stream canceling (High)
Node.js is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior. You can read more about it in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930
This releases also fixes some regressions with internationalization introduced by the ICU updates in Node.js 14.17.0 and 14.17.1.

Revision 1.217 / (download) - annotate - [select for diffs], Tue Jul 6 07:05:39 2021 UTC (2 years, 4 months ago) by adam
Branch: MAIN
Changes since 1.216: +2 -2 lines
Diff to previous 1.216 (colored)

nodejs: updated to 14.17.3

Version 14.17.3 'Fermium' (LTS)

Notable Changes

Node.js 14.17.2 introduced a regression in the Windows installer on non-English locales that is being fixed in this release. There is no need to download this release if you are not using the Windows installer.


Version 14.17.2 'Fermium' (LTS)

This is a security release.

Notable Changes

Vulnerabilities fixed:

CVE-2021-22918: libuv upgrade - Out of bounds read (Medium)
Node.js is vulnerable to out-of-bounds read in libuv's uv__idna_toascii() function which is used to convert strings to ASCII. This is called by Node's dns module's lookup() function and can lead to information disclosures or crashes. You can read more about it in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22918

CVE-2021-22921: Windows installer - Node Installer Local Privilege Escalation (Medium)
Node.js is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PATH and DLL hijacking. You can read more about it in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22921

Revision 1.216 / (download) - annotate - [select for diffs], Thu Jun 24 09:29:21 2021 UTC (2 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.215: +4 -2 lines
Diff to previous 1.215 (colored)

nodejs: updated to 14.17.1

Version 14.17.1 'Fermium' (LTS)

Notable Changes

- deps: update ICU to 69.1 (Michaël Zasso)
- errors: align source-map stacks with spec (Benjamin Coe)

Commits

- assert: refactor to use more primordials (Antoine du Hamel)
- assert: refactor to avoid unsafe array iteration (Antoine du Hamel)
- async_hooks: refactor to avoid unsafe array iteration (Antoine du Hamel)
- async_hooks,doc: replace process.stdout.fd with 1 (Darshan Sen)
- benchmark: avoid using console.log() (Antoine du Hamel)
- benchmark: use process.hrtime.bigint() (Antoine du Hamel)
- buffer: remove TODOs in atob / btoa (Khaidi Chu)
- buffer: remove unreachable code (Rongjian Zhang)
- buffer: make FastBuffer safe to construct (Antoine du Hamel)
- buffer: refactor to use primordials instead of Array#reduce (Antoine du Hamel)
- buffer: refactor to use more primordials (Antoine du Hamel)
- build: work around bug in MSBuild v16.10.0 (Michaël Zasso)
- build: add workaround for V8 builds (Richard Lau)
- build: remove dependency on distutils.spawn (Richard Lau)
- build: fix make test-npm (Ruy Adorno)
- child_process: reduce abort handler code duplication (Rich Trott)
- child_process: treat already-aborted controller as aborting (Rich Trott)
- child_process: refactor to use more primordials (Antoine du Hamel)
- deps: update to cjs-module-lexer@1.2.1 (Guy Bedford)
- deps: update ICU to 69.1 (Michaël Zasso)
- deps: V8: cherry-pick 035c305ce776 (Michaël Zasso)
- deps: V8: cherry-pick dfcdf7837e23 (Benjamin Coe)
- deps: V8: cherry-pick 86991d0587a1 (Benjamin Coe)
- deps: V8: cherry-pick 530080c44af2 (Milad Fa)
- dgram: extract cluster lazy loading method to make it testable (Rongjian Zhang)
- dgram: refactor to use more primordials (Antoine du Hamel)
- dns: refactor to use more primordials (Antoine du Hamel)
- doc: cleanup events.md structure (James M Snell)
- doc: fix JS flavor selection (Antoine du Hamel)
- doc: use HEAD instead of master for links (Antoine du Hamel)
- doc: remove import.meta.resolve parent URL type (Kevin Locke)
- doc: document buffer.kStringMaxLength (Tobias Nieen)
- doc: clarify synchronous blocking of Worker stdio (James M Snell)
- doc: update contact info (Gabriel Schulhof)
- doc: change color of doctag on night mode (Qingyu Deng)
- doc: clarify DiffieHellmanGroup class docs (Nitzan Uziely)
- doc: use AIX instead of Aix in fs.md (Rich Trott)
- doc: remove extraneous dash from flag prefix (Rodolfo Carvalho)
- doc: document 'secureConnect' event limitation (James M Snell)
- doc: mark querystring api as legacy (James M Snell)
- doc: add arguments for stream event of Http2Server and Http2SecureServer (Qingyu Deng)
- doc: indicate that abort tests do not generate core files (Rich Trott)
- doc: add try/catch in http2 respondWithFile example (Matteo Collina)
- doc: note the system requirements for V8 tests (DeeDeeG)
- doc: minor clarification to pathObject (James M Snell)
- doc: document new TCP_KEEPCNT and TCP_KEEPINTVL socket option defaults (Arnold Zokas)
- doc: do not mention TCP in the allowHalfOpen option description (Luigi Pinca)
- doc: update message to match actual output (Rich Trott)
- doc: request default snap track be updated for LTS (Rod Vagg)
- doc: mark process.hrtime() as legacy (Antoine du Hamel)
- doc: fix version history for "exports" patterns (Antoine du Hamel)
- doc: fix package.json "imports" field history (Antoine du Hamel)
- doc: fix typo in buffer.md (divlo)
- doc: add nodejs-sec email template (Daniel Bevenius)
- doc: update TSC members list with three new members (Rich Trott)
- doc: use foo.prototype.bar notation in buffer.md (Voltrex)
- doc: internal/test/binding for testing (Bradley Meck)
- doc: add missing events.on metadata (Anna Henningsen)
- doc: fix wording in outgoingMessage.write (Tobias Nieen)
- doc: fix grammar errors in http document (Qingyu Deng)
- doc: add document for http.OutgoingMessage (Qingyu Deng)
- doc: remove generated from dsaEncoding description (Marko Kaznovac)
- doc: document how to register external bindings for snapshot (Joyee Cheung)
- doc: document the NO_COLOR and FORCE_COLOR env vars (James M Snell)
- doc: clarify event.isTrusted text (Rich Trott)
- doc: expand openssl instructions (Michael Dawson)
- doc: document ABORT_ERR code (Benjamin Gruenbaum)
- doc: document changes for */promises alias modules (ExE Boss)
- errors: align source-map stacks with spec (Benjamin Coe)
- errors: refactor to use more primordials (Antoine du Hamel)
- errors: display original symbol name (Benjamin Coe)
- errors: refactor to use more primordials (Antoine du Hamel)
- errors: refactor to use more primordials (Antoine du Hamel)
- events: refactor to use optional chaining (ZiJian Liu)
- events: refactor to use more primordials (Antoine du Hamel)
- fs: fix error when writing buffers > INT32_MAX (Zach Bjornson)
- Revert "http: make HEAD method to work with keep-alive" (Michaël Zasso)
- http2: treat non-EOF empty frames like other invalid frames (Anna Henningsen)
- http2: fix setting options before handle exists (Anna Henningsen)
- http2: add support for TypedArray to getUnpackedSettings (Antoine du Hamel)
- https: refactor to use more primordials (Antoine du Hamel)
- inspector: remove redundant method for connection check (Yash Ladha)
- inspector: refactor to use more primordials (Antoine du Hamel)
- lib: revert primordials in a hot path (Antoine du Hamel)
- lib: make IterableWeakMap safe to iterate (Antoine du Hamel)
- lib: fix and improve os typings (Akhil Marsonya)
- lib: add URI handling functions to primordials (Antoine du Hamel)
- lib: fix WebIDL object and dictionary type conversion (ExE Boss)
- lib: refactor to use optional chaining in internal/options.js (raisinten)
- lib: support returning Safe collections from C++ (ExE Boss)
- lib: expose primordials object (Antoine du Hamel)
- lib: refactor source_map to use more primordials (Antoine du Hamel)
- lib: refactor source_map to avoid unsafe array iteration (Antoine du Hamel)
- lib: simplify primordials.uncurryThis (ExE Boss)
- lib: remove v8_prof_polyfill from eslint ignore list (Antoine du Hamel)
- lib: remove unused code (Brian White)
- lib: refactor to use more primordials in internal/encoding.js (raisinten)
- lib: refactor to use primordials in internal/priority_queue.js (ZiJian Liu)
- lib: add primordials.SafeStringIterator (Antoine du Hamel)
- lib: make safe primordials safe to construct (Antoine du Hamel)
- lib: make safe primordials safe to iterate (Antoine du Hamel)
- lib: refactor to use more primordials in internal/histogram.js (raisinten)
- lib: add uncurried accessor properties to primordials (ExE Boss)
- lib: refactor primordials.uncurryThis (Antoine du Hamel)
- lib: refactor to use more primordials (Antoine du Hamel)
- lib: add %TypedArray% abstract constructor to primordials (ExE Boss)
- lib: use Object static properties from primordials (Michaël Zasso)
- lib,tools: enforce access to prototype from primordials (Antoine du Hamel)
- meta: add v8 team (Jiawen Geng)
- meta: post comment when pr labeled fast-track (James M Snell)
- module: clarify CJS global-like variables not defined error message (Antoine du Hamel)
- module: refactor NativeModule to avoid unsafe array iteration (Antoine du Hamel)
- module: simplify tryStatSync with throwIfNoEntry option (Antoine du Hamel)
- module: refactor to use more primordials (Antoine du Hamel)
- module: refactor to use more primordials (Antoine du Hamel)
- module: refactor to use iterable-weak-map (Benjamin Coe)
- net: refactor to use more primordials (Antoine du Hamel)
- node-api: faster threadsafe_function (Fedor Indutny)
- node-api: fix shutdown crashes (Michael Dawson)
- node-api: make reference weak parameter an indirect link to references (Chengzhong Wu)
- os: refactor to use more primordials (Antoine du Hamel)
- path: inline conditions (Voltrex)
- path: refactor to use more primordials (Akhil Marsonya)
- path: refactor to use more primordials (Antoine du Hamel)
- perf_hooks: throw ERR_INVALID_ARG_VALUE if histogram.percentile param is NaN (ZiJian Liu)
- perf_hooks: refactor to avoid unsafe array iteration (Antoine du Hamel)
- perf_hooks: refactor to use more primordials (Antoine du Hamel)
- policy: refactor to use more primordials (Antoine du Hamel)
- querystring: refactor to use more primordials (Antoine du Hamel)
- readline: refactor to use more primordials (Antoine du Hamel)
- repl: document top level await limitation with const/let (James M Snell)
- repl: display prompt once after error callback (Anna Henningsen)
- src: fix multiple AddLinkedBinding() calls (Anna Henningsen)
- src: update cares_wrap OpenBSD defines (Anna Henningsen)
- src: remove extra semi after member fn (Shelley Vohr)
- src: make workers messaging more resilient (Juan José Arboleda)
- src: fix validation of negative offset to avoid abort (James M Snell)
- src: use %progbits instead of @progbits (Stephen Gallagher)
- src: fix setting Converter sub char length (James M Snell)
- src: avoid deferred gc/cleanup for Buffer.from (James M Snell)
- src: indent long help text properly (David Glasser)
- src: fix ETW_WRITE_EMPTY_EVENT macro (Michaël Zasso)
- src: disable unfixable MSVC warnings (Michaël Zasso)
- src: avoid implicit type conversions (take 2) (Michaël Zasso)
- src: fix compiler warnings in node_buffer.cc (Darshan Sen)
- src: fix compiler warning in env.cc (Anna Henningsen)
- src: add check against non-weak BaseObjects at process exit (Anna Henningsen)
- src: use transferred consistently (Daniel Bevenius)
- src: fix label indentation (Rich Trott)
- stream: fix multiple Writable.destroy() calls (Robert Nagy)
- stream: the position of _read() is wrong (helloyou2012)
- stream: only use legacy close listeners if not willEmitClose (Robert Nagy)
- stream: fix legacy pipe error handling (Robert Nagy)
- string_decoder: throw ERR_STRING_TOO_LONG for UTF-8 (Michaël Zasso)
- string_decoder: refactor to use more primordials (Antoine du Hamel)
- test: improve coverage of lib/_http_client.js (Rongjian Zhang)
- test: improve coverage of lib/os.js (Rongjian Zhang)
- test: call functions internally (Voltrex)
- test: complete coverage of querystring (Rongjian Zhang)
- test: increase coverage for AbortController (ZiJian Liu)
- test: run message and pseudo-tty tests in parallel (Richard Lau)
- test: move test-net-connect-econnrefused from pummel to sequential (Rich Trott)
- test: fix common.mustCall length and name properties (Antoine du Hamel)
- test: address deprecation warning (Rich Trott)
- test: move abort test from pummel to abort directory (Rich Trott)
- test: skip some pummel tests on slower machines (Rich Trott)
- test: add ancestor package.json checks for tmpdir (Richard Lau)
- test: replace function with arrow function and remove unused argument (Andres)
- test: use .test domain for not found address (Richard Lau)
- test: increase fs promise coverage (Emil Sivervik)
- test: increase timeout on ASAN Action (Antoine du Hamel)
- test: improve coverage of SourceTextModule getters (Juan José Arboleda)
- test: improve coverage for Module getters (Juan José Arboleda)
- test: improve coverage on worker threads (Juan José Arboleda)
- test: improve coverage at lib/internal/vm/module.js (Juan José Arboleda)
- test: guard large string decoder allocation (Michaël Zasso)
- test: add already-aborted-controller test for spawn() (Rich Trott)
- test: add test for reused AbortController with execfile() (Rich Trott)
- test: add Actions annotation output (Mary Marchini)
- test: use .then(common.mustCall()) for all async IIFEs (Anna Henningsen)
- test,doc,lib: adjust object literal newlines for lint rule (Rich Trott)
- test,readline: improve tab completion coverage (Antoine du Hamel)
- timers: fix unsafe array iteration (Darshan Sen)
- timers: reject with AbortError on cancellation (Benjamin Gruenbaum)
- timers: refactor to use more primordials (Antoine du Hamel)
- timers: cleanup abort listener on awaitable timers (James M Snell)
- tls: validate ticket keys buffer (Antoine du Hamel)
- tls: fix session and keylog add listener segfault (Nitzan Uziely)
- tools: refloat 7 Node.js patches to cpplint.py (Rich Trott)
- tools: bump cpplint to 1.5.4 (Rich Trott)
- tools: refloat 7 Node.js patches to cpplint.py (Rich Trott)
- tools: bump cpplint to 1.5.3 (Rich Trott)
- tools: refloat 7 Node.js patches to cpplint.py (Rich Trott)
- tools: bump cpplint.py to 1.5.2 (Rich Trott)
- tools: update ESLint to 7.27.0 (Luigi Pinca)
- tools: update ESLint to 7.26.0 (Colin Ihrig)
- tools: update ESLint to 7.25.0 (Colin Ihrig)
- tools: update ESLint to 7.24.0 (Colin Ihrig)
- tools: update ESLint to 7.23.0 (Luigi Pinca)
- tools: update ESLint to 7.22.0 (Colin Ihrig)
- tools: make update-eslint.sh work with npm@7 (Luigi Pinca)
- tools: add support for mjs and cjs JS snippet linting (Antoine du Hamel)
- tools: update eslint-plugin-markdown configuration (Colin Ihrig)
- tools: enable object-curly-newline in ESLint rules (Rich Trott)
- tools: make GH Actions workflows work if default branch is not master (Antoine du Hamel)
- tools: use mktemp to create the workspace directory (Luigi Pinca)
- tools: use a shallow clone of the npm/cli repository (Luigi Pinca)
- tools: remove fixer for non-ascii-character ESLint custom rule (Rich Trott)
- tools: fix doc generation when version info is not available (Antoine du Hamel)
- tools: add _depot_tools to PATH (for V8 tests) (DeeDeeG)
- tools: fix type mismatch in test runner (Richard Lau)
- tools: simplify eslint comma-dangle configuration (tools) (Rich Trott)
- tools: simplify eslint comma-dangle configuration (Rich Trott)
- tools: run doctool tests on GitHub Actions CI (Antoine du Hamel)
- tools: refactor prefer-primordials (Antoine du Hamel)
- tools: update ESLint to 7.21.0 (Luigi Pinca)
- tools: update ESLint to 7.20.0 (Colin Ihrig)
- tools: update ESLint to 7.19.0 (Colin Ihrig)
- tools: update ESLint to 7.18.0 (Colin Ihrig)
- tools: update gyp-next to v0.7.0 (Michaël Zasso)
- tools: update ESLint to 7.17.0 (Colin Ihrig)
- tools: update ESLint to 7.16.0 (Yongsheng Zhang)
- tools: enable no-unsafe-optional-chaining lint rule (Colin Ihrig)
- tools: update ESLint to 7.15.0 (Colin Ihrig)
- tools: enable no-unused-expressions lint rule (Michaël Zasso)
- tools: enable no-nonoctal-decimal-escape lint rule (Colin Ihrig)
- tools: update ESLint to 7.14.0 (Colin Ihrig)
- tools: add linting rule for async IIFEs (Anna Henningsen)
- tools: update ESLint to 7.13.0 (Luigi Pinca)
- tools: update ESLint to 7.12.1 (Colin Ihrig)
- tools: update ESLint to 7.12.0 (Colin Ihrig)
- tools: update ESLint to 7.11.0 (Colin Ihrig)
- tools: add new ESLint rule: prefer-primordials (Leko)
- tools,doc: add support for several flavors of JS code snippets (Antoine du Hamel)
- tools,lib: recommend using safe primordials (Antoine du Hamel)
- tools,lib: tighten prefer-primordials rules for Error statics (Antoine du Hamel)
- tty: refactor to avoid unsafe array iteration (Antoine du Hamel)
- tty: refactor to use more primordials (Zijian Liu)
- typings: add JSDoc typings for util (Rohit Gohri)
- url: refactor to use more primordials (Antoine du Hamel)
- util: simplify constructor retrieval in inspect() (Rich Trott)
- v8: refactor to use more primordials (Antoine du Hamel)
- v8: refactor to use more primordials (Antoine du Hamel)
- vm: refactor to avoid unsafe array iteration (Antoine du Hamel)
- wasi: refactor to avoid unsafe array iteration (Antoine du Hamel)
- Revert "worker: remove ERR_CLOSED_MESSAGE_PORT" (Juan José Arboleda)
- worker: refactor to avoid unsafe array iteration (Antoine du Hamel)
- worker: refactor to use more primordials (Antoine du Hamel)
- zlib: fix brotli flush range (Khaidi Chu)
- zlib: refactor to avoid unsafe array iteration (Antoine du Hamel)
- zlib: refactor to use primordial instead of <string>.startsWith (Rohan Chougule)
- zlib: refactor to use more primordials (Antoine du Hamel)

Revision 1.215 / (download) - annotate - [select for diffs], Fri May 21 06:56:28 2021 UTC (2 years, 6 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q2-base, pkgsrc-2021Q2
Changes since 1.214: +2 -3 lines
Diff to previous 1.214 (colored)

nodejs: updated to 14.17.0

Version 14.17.0 'Fermium' (LTS)

Notable Changes

Diagnostics channel (experimental module)
UUID support in the crypto module
Experimental support for AbortController and AbortSignal

doc:
revoke deprecation of legacy url, change status to legacy (James M Snell)
add legacy status to stability index (James M Snell)
upgrade stability status of report API (Gireesh Punathil)

deps:
V8: Backport various patches for Apple Silicon support (BoHong Li)
update ICU to 68.1 (Michaël Zasso)
upgrade to libuv 1.41.0 (Colin Ihrig)

http:
add http.ClientRequest.getRawHeaderNames() (simov)
report request start and end with diagnostics_channel (Stephen Belanger)

util:
add getSystemErrorMap() impl (eladkeyshawn)

Revision 1.214 / (download) - annotate - [select for diffs], Sat Apr 24 06:32:00 2021 UTC (2 years, 7 months ago) by rin
Branch: MAIN
Changes since 1.213: +2 -3 lines
Diff to previous 1.213 (colored)

nodejs: fix previous; bump revision to nb3.

Revision 1.213 / (download) - annotate - [select for diffs], Sat Apr 24 06:30:28 2021 UTC (2 years, 7 months ago) by rin
Branch: MAIN
Changes since 1.212: +2 -1 lines
Diff to previous 1.212 (colored)

nodejs: Fix support for NetBSD/aarch64. Bump revision.

- Fix malformed preprocessor directive: ``#ifdef FOO && BAR''
- Use V8_OS_NETBSD instead of defined(__NetBSD__) consistently where appropriate

XXX
Unfortunately, nodejs does not work for aarch64eb yet.
We need to add big-endian support to built-in assembler.

Revision 1.212 / (download) - annotate - [select for diffs], Thu Apr 22 17:33:04 2021 UTC (2 years, 7 months ago) by ryoon
Branch: MAIN
Changes since 1.211: +1 -2 lines
Diff to previous 1.211 (colored)

nodejs: Add a patch really and remove obsolete comment

Noticed by adam@. Thank you.

Revision 1.211 / (download) - annotate - [select for diffs], Thu Apr 22 15:52:25 2021 UTC (2 years, 7 months ago) by ryoon
Branch: MAIN
Changes since 1.210: +4 -4 lines
Diff to previous 1.210 (colored)

nodejs: Fix build with icu-69.1

* Backported from nodejs-16.0.0.
* Internal icu is not built under NetBSD/amd64 9.99.81 at least.

Revision 1.210 / (download) - annotate - [select for diffs], Wed Apr 21 11:40:27 2021 UTC (2 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.209: +5 -3 lines
Diff to previous 1.209 (colored)

revbump for textproc/icu

Revision 1.209 / (download) - annotate - [select for diffs], Wed Apr 7 06:21:56 2021 UTC (2 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.208: +2 -2 lines
Diff to previous 1.208 (colored)

nodejs: updated to 14.16.1

Version 14.16.1 'Fermium' (LTS)

This is a security release.

Notable Changes

Vulnerabilities fixed:

CVE-2021-3450: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High)
This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt
Impacts:
All versions of the 15.x, 14.x, 12.x and 10.x releases lines

CVE-2021-3449: OpenSSL - NULL pointer deref in signature_algorithms processing (High)
This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt
Impacts:
All versions of the 15.x, 14.x, 12.x and 10.x releases lines

CVE-2020-7774: npm upgrade - Update y18n to fix Prototype-Pollution (High)
This is a vulnerability in the y18n npm module which may be exploited by prototype pollution. You can read more about it in https://github.com/advisories/GHSA-c4w7-xm78-47vh
Impacts:
All versions of the 14.x, 12.x and 10.x releases lines

Revision 1.208 / (download) - annotate - [select for diffs], Wed Feb 24 11:06:12 2021 UTC (2 years, 9 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1
Changes since 1.207: +2 -2 lines
Diff to previous 1.207 (colored)

nodejs: updated to 14.16.0

Version 14.16.0 'Fermium' (LTS)

This is a security release.

Notable changes

Vulnerabilities fixed:

CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion
Affected Node.js versions are vulnerable to denial of service attacks when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory.
CVE-2021-22884: DNS rebinding in --inspect
Affected Node.js versions are vulnerable to denial of service attacks when the whitelist includes ocalhost6 When ocalhost6is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the ocalhost6domain. As long as the attacker uses the ocalhost6domain, they can still apply the attack described in CVE-2018-7160.
CVE-2021-23840: OpenSSL - Integer overflow in CipherUpdate
This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210216.txt

Revision 1.207 / (download) - annotate - [select for diffs], Fri Feb 12 11:07:38 2021 UTC (2 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.206: +2 -2 lines
Diff to previous 1.206 (colored)

nodejs: updated to 14.15.5

Version 14.15.5 'Fermium' (LTS)

Notable Changes

deps:
upgrade npm to 6.14.11
V8: backport dfcf1e86fac0
Note: Node.js is not believed to be vulnerable to CVE-2021-21148.
stream,zlib: do not use _stream_* anymore

Revision 1.206 / (download) - annotate - [select for diffs], Tue Jan 5 08:31:04 2021 UTC (2 years, 10 months ago) by adam
Branch: MAIN
Changes since 1.205: +2 -2 lines
Diff to previous 1.205 (colored)

nodejs: updated to 14.15.4

Version 14.15.4 'Fermium' (LTS)

Notable Changes

Vulnerabilities fixed:

CVE-2020-1971: OpenSSL - EDIPARTYNAME NULL pointer de-reference (High)

This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20201208.txt

CVE-2020-8265: use-after-free in TLSWrap (High)

Affected Node.js versions are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits.

CVE-2020-8287: HTTP Request Smuggling in nodejs (Low)

Affected versions of Node.js allow two copies of a header field in a http request. For example, two Transfer-Encoding header fields. In this case Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling (https://cwe.mitre.org/data/definitions/444.html).

Revision 1.205 / (download) - annotate - [select for diffs], Thu Dec 31 20:04:12 2020 UTC (2 years, 11 months ago) by nia
Branch: MAIN
Changes since 1.204: +2 -3 lines
Diff to previous 1.204 (colored)

Normalize handling packages that require 64-bit atomic ops.

Revision 1.204 / (download) - annotate - [select for diffs], Mon Dec 21 09:41:32 2020 UTC (2 years, 11 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2020Q4-base, pkgsrc-2020Q4
Changes since 1.203: +2 -2 lines
Diff to previous 1.203 (colored)

nodejs: updated to 14.15.3

Version 14.15.3 'Fermium' (LTS)

Notable Changes

Node.js v14.15.2 included a commit that has caused reported breakages when cloning request objects. This release reverts the commit that introduced the behaviour change. See https://github.com/nodejs/node/issues/36550 for more details.

Revision 1.203 / (download) - annotate - [select for diffs], Wed Dec 16 11:39:00 2020 UTC (2 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.202: +3 -1 lines
Diff to previous 1.202 (colored)

nodejs: mark as Python 2.7 only

Revision 1.202 / (download) - annotate - [select for diffs], Wed Dec 16 07:24:06 2020 UTC (2 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.201: +2 -2 lines
Diff to previous 1.201 (colored)

nodejs: updated to 14.15.2

Version 14.15.2 'Fermium' (LTS)

Notable Changes

deps:
upgrade npm to 6.14.9
update acorn to v8.0.4
doc: add release key for Danielle Adams
http2: check write not scheduled in scope destructor
stream: fix regression on duplex end

Revision 1.201 / (download) - annotate - [select for diffs], Tue Nov 17 11:01:40 2020 UTC (3 years ago) by adam
Branch: MAIN
Changes since 1.200: +2 -3 lines
Diff to previous 1.200 (colored)

nodejs: updayed to 14.15.1

Version 14.15.1 'Fermium' (LTS)

Notable changes

This is a security release.

Vulnerabilities fixed:

CVE-2020-8277: Denial of Service through DNS request (High). A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service by getting the application to resolve a DNS record with a larger number of responses.

Revision 1.200 / (download) - annotate - [select for diffs], Thu Nov 5 09:06:57 2020 UTC (3 years ago) by ryoon
Branch: MAIN
Changes since 1.199: +2 -1 lines
Diff to previous 1.199 (colored)

*: Recursive revbump from textproc/icu-68.1

Revision 1.199 / (download) - annotate - [select for diffs], Wed Oct 28 20:00:59 2020 UTC (3 years, 1 month ago) by adam
Branch: MAIN
Changes since 1.198: +2 -2 lines
Diff to previous 1.198 (colored)

nodejs: updated to 14.15.0

Version 14.15.0 'Fermium' (LTS)

Notable Changes

This release marks the transition of Node.js 14.x into Long Term Support (LTS) with the codename 'Fermium'. The 14.x release line now moves into "Active LTS" and will remain so until October 2021. After that time, it will move into "Maintenance" until end of life in April 2023.

Revision 1.198 / (download) - annotate - [select for diffs], Tue Oct 20 09:55:43 2020 UTC (3 years, 1 month ago) by adam
Branch: MAIN
Changes since 1.197: +2 -2 lines
Diff to previous 1.197 (colored)

nodejs: updated to 14.14.0

Version 14.14.0 (Current)

Notable Changes

- crypto: update certdata to NSS 3.56
- doc: add aduh95 to collaborators
- (SEMVER-MINOR) fs: add rm method
- (SEMVER-MINOR) http: allow passing array of key/val into writeHead
- (SEMVER-MINOR) src: expose v8::Isolate setup callbacks

Revision 1.197 / (download) - annotate - [select for diffs], Sat Oct 17 21:48:41 2020 UTC (3 years, 1 month ago) by mrg
Branch: MAIN
Changes since 1.196: +8 -1 lines
Diff to previous 1.196 (colored)

two fixes and now actually builds on armv7hf:

- mips, ppc and arm platforms want -latomic, so provide it
- link -larm on netbsd/arm to find arm_sync_icache()

Revision 1.196 / (download) - annotate - [select for diffs], Thu Oct 8 10:58:35 2020 UTC (3 years, 1 month ago) by adam
Branch: MAIN
Changes since 1.195: +2 -2 lines
Diff to previous 1.195 (colored)

nodejs: updated to 14.13.1

Version 14.13.1 (Current)

Notable Changes
fs:
remove experimental from rmdir recursive

Revision 1.195 / (download) - annotate - [select for diffs], Fri Oct 2 12:26:34 2020 UTC (3 years, 1 month ago) by adam
Branch: MAIN
Changes since 1.194: +2 -2 lines
Diff to previous 1.194 (colored)

nodejs: updated to 14.13.0

Version 14.13.0 (Current)

Notable Changes
(SEMVER-MINOR) deps: upgrade to libuv 1.40.0
(SEMVER-MINOR) module: named exports for CJS via static analysis
(SEMVER-MINOR) module: exports pattern support
(SEMVER-MINOR) src: allow N-API addon in AddLinkedBinding()


Version 14.12.0 (Current)

Notable changes
deps:
* update to uvwasi 0.0.11
n-api:
* create N-API version 7
* add more property defaults


Version 14.11.0 (Current)

Notable Changes
This is a security release.

Vulnerabilities fixed:
CVE-2020-8251: Denial of Service by resource exhaustion CWE-400 due to unfinished HTTP/1.1 requests (Critical).
CVE-2020-8201: HTTP Request Smuggling due to CR-to-Hyphen conversion (High).

Revision 1.194 / (download) - annotate - [select for diffs], Fri Sep 11 09:24:21 2020 UTC (3 years, 2 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2020Q3-base, pkgsrc-2020Q3
Changes since 1.193: +2 -2 lines
Diff to previous 1.193 (colored)

nodejs: updated to 14.10.1

Version 14.10.1 (Current)

Notable Changes
Node.js 14.10.0 included a streams regression with async generators and a docs rendering regression that are being fixed in this release.

Revision 1.193 / (download) - annotate - [select for diffs], Wed Sep 9 07:07:56 2020 UTC (3 years, 2 months ago) by adam
Branch: MAIN
Changes since 1.192: +2 -2 lines
Diff to previous 1.192 (colored)

nodejs: updated to 14.10.0

Version 14.10.0 (Current)

Notable Changes

(SEMVER-MINOR) buffer: also alias BigUInt methods
(SEMVER-MINOR) crypto: add randomInt function
(SEMVER-MINOR) perf_hooks: add idleTime and event loop util
(SEMVER-MINOR) stream: simpler and faster Readable async iterator
(SEMVER-MINOR) stream: save error in state

Revision 1.192 / (download) - annotate - [select for diffs], Fri Aug 28 11:26:46 2020 UTC (3 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.191: +2 -2 lines
Diff to previous 1.191 (colored)

nodejs: updated to 14.9.0

Version 14.9.0 (Current)

Notable Changes

build: set --v8-enable-object-print by default
deps:
upgrade to libuv 1.39.0
upgrade npm to 6.14.8
V8: cherry-pick e06ace6b5cdb
n-api: handle weak no-finalizer refs correctly
tools: add debug entitlements for macOS 10.15+

Revision 1.191 / (download) - annotate - [select for diffs], Tue Aug 18 13:10:03 2020 UTC (3 years, 3 months ago) by pho
Branch: MAIN
Changes since 1.190: +1 -2 lines
Diff to previous 1.190 (colored)

Remove redundant --shared-openssl

It was causing a build failure when openssl was disabled.

Revision 1.185.2.1 / (download) - annotate - [select for diffs], Fri Aug 14 17:18:38 2020 UTC (3 years, 3 months ago) by bsiegert
Branch: pkgsrc-2020Q2
Changes since 1.185: +2 -1 lines
Diff to previous 1.185 (colored) next main 1.186 (colored)

Pullup ticket #6296 - requested by maya
lang/nodejs: aarch64 bugfix, PR port-arm/55533

(via patch)

---
   Module Name:    pkgsrc
   Committed By:   maya
   Date:           Wed Aug  5 21:49:18 UTC 2020

   Modified Files:
	   pkgsrc/lang/nodejs: Makefile distinfo
	   pkgsrc/lang/nodejs/patches:
	       patch-deps_v8_src_base_platform_platform-posix.cc

   Log Message:
   nodejs: workaround issue for netbsd/aarch64 in PR port-arm/55533

   NetBSD mmap might fail depending on the choice of hint addr given, so don't
   give a hint at all.

   bump PKGREVISION.

Revision 1.190 / (download) - annotate - [select for diffs], Wed Aug 12 06:53:28 2020 UTC (3 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.189: +2 -3 lines
Diff to previous 1.189 (colored)

nodejs: updated to 14.8.0

Version 14.8.0 (Current)

Notable Changes

- (SEMVER-MINOR) async_hooks: add AsyncResource.bind utility (James M Snell)
- deps: update to uvwasi 0.0.10 (Colin Ihrig)
- doc: add Ricky Zhou to collaborators (rickyes)
- doc: add release key for Ruy Adorno (Ruy Adorno)
- doc: add DerekNonGeneric to collaborators (Derek Lewis)
- (SEMVER-MINOR) module: unflag Top-Level Await (Myles Borins)
- (SEMVER-MINOR) n-api: support type-tagging objects (Gabriel Schulhof)
- (SEMVER-MINOR) n-api,src: provide asynchronous cleanup hooks (Anna Henningsen)

Commits

- async_hooks: avoid GC tracking of AsyncResource in ALS (Gerhard Stoebich)
- async_hooks: avoid unneeded AsyncResource creation (Gerhard Stoebich)
- async_hooks: improve property descriptors in als.bind (Gerhard Stoebich)
- (SEMVER-MINOR) async_hooks: add AsyncResource.bind utility (James M Snell)
- async_hooks: don't read resource if ALS is disabled (Gerhard Stoebich)
- async_hooks: fix id assignment in fast-path promise hook (Andrey Pechkurov)
- async_hooks: fix resource stack for deep stacks (Anna Henningsen)
- async_hooks: execute destroy hooks earlier (Gerhard Stoebich)
- async_hooks: don't reuse resource in HttpAgent when queued (Andrey Pechkurov)
- benchmark: always throw the same Error instance (Anna Henningsen)
- build: do not run auto-start-ci on forks (Evan Lucas)
- build: run CI on release branches (Shelley Vohr)
- build: enable build for node-v8 push (gengjiawen)
- build: increase startCI verbosity and fix job name (Mary Marchini)
- build: don't run auto-start-ci on push (Mary Marchini)
- build: fix auto-start-ci script path (Mary Marchini)
- build: auto start Jenkins CI via PR labels (Mary Marchini)
- build: toolchain.gypi and node_gyp.py cleanup (iandrc)
- console: document the behavior of console.assert() (iandrc)
- crypto: add OP flag constants added in OpenSSL v1.1.1 (Mateusz Krawczuk)
- deps: update to uvwasi 0.0.10 (Colin Ihrig)
- doc: use _Static method_ instead of _Class Method_ (Rich Trott)
- doc: tidy some addons.md text (Rich Trott)
- doc: use _Class Method_ in async_hooks.md (Rich Trott)
- doc: add Ricky Zhou to collaborators (rickyes)
- doc: edit process.title note for brevity and clarity (Rich Trott)
- doc: update fs.watch() availability for IBM i (iandrc)
- doc: fix typo in path.md (aetheryx)
- doc: add release key for Ruy Adorno (Ruy Adorno)
- doc: clarify process.title inconsistencies (Corey Butler)
- doc: document the connection event for HTTP2 & TLS servers (Tim Perry)
- doc: mention null special-case for napi\_typeof (Renée Kooi)
- doc: add DerekNonGeneric to collaborators (Derek Lewis)
- doc: revise N-API versions matrix text (Rich Trott)
- doc: clarify N-API version 1 (Michael Dawson)
- doc: use consistent spelling for "falsy" (Rich Trott)
- doc: simplify and clarify console.assert() documentation (Rich Trott)
- doc: use consistent capitalization for addons (Rich Trott)
- doc: add mmarchini pronouns (Mary Marchini)
- doc: update mmarchini contact info (Mary Marchini)
- doc: update .mailmap for mmarchini (Mary Marchini)
- doc: use sentence-case for headers in SECURITY.md (Rich Trott)
- esm: fix hook mistypes and links to types (Derek Lewis)
- http: reset headers timeout on headers complete (Robert Nagy)
- http: provide keep-alive timeout response header (Robert Nagy)
- lib: use non-symbols in isURLInstance check (Shelley Vohr)
- lib: absorb path error cases (Gireesh Punathil)
- meta: uncomment all codeowners (Mary Marchini)
- meta: enable http2 team for CODEOWNERS (Rich Trott)
- module: handle Top-Level Await non-fulfills better (Anna Henningsen)
- (SEMVER-MINOR) module: unflag Top-Level Await (Myles Borins)
- n-api: fix use-after-free with napi_remove_async_cleanup_hook (Anna Henningsen)
- (SEMVER-MINOR) n-api: support type-tagging objects (Gabriel Schulhof)
- n-api: simplify bigint-from-word creation (Gabriel Schulhof)
- (SEMVER-MINOR) n-api,src: provide asynchronous cleanup hooks (Anna Henningsen)
- net: don't return the stream object from onStreamRead (Robey Pointer)
- policy: increase tests via permutation matrix (Bradley Meck)
- repl: use _Node.js_ in user-facing REPL text (Rich Trott)
- repl: use _REPL_ in user-facing text (Rich Trott)
- repl: improve static import error message in repl (Myles Borins)
- repl: give repl entries unique names (Bradley Meck)
- src: fix linter failures (Anna Henningsen)
- src: spin shutdown loop while immediates are pending (Anna Henningsen)
- src: fix size underflow in CallbackQueue (Anna Henningsen)
- src: fix unused namespace member in node_util (Andrey Pechkurov)
- test: fix wrong method call (gengjiawen)
- test: add debugging for callbacks in test-https-foafssl.js (Rich Trott)
- test: add debugging for test-https-foafssl.js (Rich Trott)
- test: convert most N-API tests from C++ to C (Gabriel Schulhof)
- test: replace flaky pummel regression tests (Anna Henningsen)
- test: change Fixes: to Refs: (Rich Trott)
- test: fix flaky http-parser-timeout-reset (Robert Nagy)
- test: remove unneeded flag check in test-vm-memleak (Rich Trott)
- tools: fix C++ import checker argument expansion (Anna Henningsen)
- tools: update ESLint to 7.6.0 (Colin Ihrig)
- tools: add meta.fixable to fixable lint rules (Colin Ihrig)
- util: print External address from inspect (unknown)
- wasi: add __wasi_fd_filestat_set_times() test

Revision 1.189 / (download) - annotate - [select for diffs], Wed Aug 5 21:49:18 2020 UTC (3 years, 3 months ago) by maya
Branch: MAIN
Changes since 1.188: +2 -1 lines
Diff to previous 1.188 (colored)

nodejs: workaround issue for netbsd/aarch64 in PR port-arm/55533

NetBSD mmap might fail depending on the choice of hint addr given, so don't
give a hint at all.

bump PKGREVISION.

Revision 1.188 / (download) - annotate - [select for diffs], Mon Aug 3 11:59:58 2020 UTC (3 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.187: +2 -2 lines
Diff to previous 1.187 (colored)

nodejs: updated to 14.7.0

Version 14.7.0 (Current)

Notable Changes

deps:
- upgrade npm to 6.14.7
dgram:
- (SEMVER-MINOR) add IPv6 scope id suffix to received udp6 dgrams
src:
- (SEMVER-MINOR) allow preventing SetPromiseRejectCallback
- (SEMVER-MINOR) allow setting a dir for all diagnostic output
worker:
- (SEMVER-MINOR) make MessagePort inherit from EventTarget
zlib:
- switch to lazy init for zlib streams
New Collaborators:
- add rexagod to collaborators
- add AshCripps to collaborators
- add HarshithaKP to collaborators
- add release key for Richard Lau

Revision 1.187 / (download) - annotate - [select for diffs], Wed Jul 22 06:53:50 2020 UTC (3 years, 4 months ago) by adam
Branch: MAIN
Changes since 1.186: +2 -2 lines
Diff to previous 1.186 (colored)

nodejs: updated to 14.6.0

Version 14.6.0:

Notable Changes

deps:
upgrade to libuv 1.38.1 (Colin Ihrig)
upgrade npm to 6.14.6 (claudiahdz)
(SEMVER-MINOR) update V8 to 8.4.371.19 (Michaël Zasso)

module:
(SEMVER-MINOR) doc only deprecation of module.parent (Antoine du HAMEL)
(SEMVER-MINOR) package "imports" field (Guy Bedford)

src:
(SEMVER-MINOR) allow embedders to disable esm loader (Shelley Vohr)

tls:
(SEMVER-MINOR) make 'createSecureContext' honor more options (Mateusz Krawczuk)

vm:
(SEMVER-MINOR) add run-after-evaluate microtask mode (Anna Henningsen)

worker:
(SEMVER-MINOR) add option to track unmanaged file descriptors (Anna Henningsen)

New Collaborators:
add danielleadams to collaborators (Danielle Adams)
add ruyadorno to collaborators (Ruy Adorno)
add sxa as collaborator (Stewart X Addison)

Revision 1.186 / (download) - annotate - [select for diffs], Fri Jul 3 19:00:15 2020 UTC (3 years, 4 months ago) by adam
Branch: MAIN
Changes since 1.185: +2 -2 lines
Diff to previous 1.185 (colored)

nodejs: updated to 14.5.0

Version 14.5.0 (Current)

Notable Changes

V8 engine is updated to version 8.3
Initial experimental implementation of EventTarget

Revision 1.185 / (download) - annotate - [select for diffs], Thu Jun 18 04:58:24 2020 UTC (3 years, 5 months ago) by gutteridge
Branch: MAIN
CVS Tags: pkgsrc-2020Q2-base
Branch point for: pkgsrc-2020Q2
Changes since 1.184: +3 -1 lines
Diff to previous 1.184 (colored)

nodejs/nodejs10/nodejs12: these now require nghttp2>=1.41.0

As of the last updates to each of these, made earlier this month, they
now require nghttp2>=1.41.0 to build. They expect
nghttp2_option_set_max_settings to be available.

Revision 1.184 / (download) - annotate - [select for diffs], Wed Jun 3 08:41:24 2020 UTC (3 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.183: +2 -3 lines
Diff to previous 1.183 (colored)

nodejs: updated to 14.4.0

Version 14.4.0 (Current)

Notable changes

This is a security release.

Vulnerabilities fixed:

CVE-2020-8172: TLS session reuse can lead to host certificate verification bypass (High).
CVE-2020-11080: HTTP/2 Large Settings Frame DoS (Low).
CVE-2020-8174: napi_get_value_string_*() allows various kinds of memory corruption (High).

Commits

- crypto: update root certificates
- (SEMVER-MINOR) deps: update nghttp2 to 1.41.0
- (SEMVER-MINOR) http2: implement support for max settings entries
- napi: fix memory corruption vulnerability
- tls: emit session after verifying certificate
- tools: update certdata.txt

Revision 1.183 / (download) - annotate - [select for diffs], Tue Jun 2 08:22:45 2020 UTC (3 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.182: +2 -1 lines
Diff to previous 1.182 (colored)

Revbump for icu

Revision 1.182 / (download) - annotate - [select for diffs], Wed May 20 06:58:35 2020 UTC (3 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.181: +2 -2 lines
Diff to previous 1.181 (colored)

nodejs: updated to 14.3.0

Version 14.3.0 (Current)

Notable Changes
REPL previews improvements with autocompletion

The output preview is changed to generate previews for autocompleted input instead of the actual input.

Pressing <enter> during a preview is now going to evaluate the whole string including the autocompleted part. Pressing <escape> cancels that behavior.

Support for Top-Level Await

It's now possible to use the await keyword outside of async functions.

Revision 1.181 / (download) - annotate - [select for diffs], Fri May 8 13:47:25 2020 UTC (3 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.180: +2 -3 lines
Diff to previous 1.180 (colored)

nodejs: updated to 14.2.0

Version 14.2.0 (Current)

Notable Changes
* Track function calls with assert.CallTracker (experimental)
* Console groupIndentation option

Revision 1.180 / (download) - annotate - [select for diffs], Wed May 6 14:04:10 2020 UTC (3 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.179: +2 -1 lines
Diff to previous 1.179 (colored)

revbump after boost update

Revision 1.179 / (download) - annotate - [select for diffs], Thu Apr 30 06:58:21 2020 UTC (3 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.178: +2 -2 lines
Diff to previous 1.178 (colored)

nodejs: updated to 14.1.0

Version 14.1.0

Notable Changes

deps: upgrade openssl sources to 1.1.1g
doc: add juanarbol as collaborator
http: doc deprecate abort and improve docs
module: do not warn when accessing __esModule of unfinished exports
n-api: detect deadlocks in thread-safe function
src: deprecate embedder APIs with replacements
stream:
* don't emit end after close
* don't wait for close on legacy streams
* pipeline should only destroy un-finished streams
vm: add importModuleDynamically option to compileFunction


Version 14.0.0 (Current)

Notable Changes

ECMAScript Modules - Experimental Warning Removal
New V8 ArrayBuffer API
cli, report: move --report-on-fatalerror to stable
deps: upgrade to libuv 1.37.0
fs: add fs/promises alias module

Revision 1.178 / (download) - annotate - [select for diffs], Fri Apr 17 07:51:55 2020 UTC (3 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.177: +2 -3 lines
Diff to previous 1.177 (colored)

nodejs: updated to 13.13.0

Version 13.13.0 (Current)

Notable Changes

New file system APIs

Added a new function, fs.readv (with sync and promisified versions). This function takes an array of ArrayBufferView elements and will write the data it reads sequentially to the buffers.
A new overload is available for fs.readSync, which allows to optionally pass any of the offset, length and position parameters.

Other changes

dns:
Added the dns.ALL flag, that can be passed to dns.lookup() with dns.V4MAPPED to return resolved IPv6 addresses as well as IPv4 mapped IPv6 addresses.

http:
The default maximum HTTP header size was changed from 8KB to 16KB.

n-api:
Calls to napi_call_threadsafe_function from the main thread can now return the napi_would_deadlock status in certain circumstances.

util:
Added a new maxStrLength option to util.inspect, to control the maximum length of printed strings. Its default value is Infinity.

worker:
Added support for passing a transferList along with workerData to the Worker constructor

Revision 1.177 / (download) - annotate - [select for diffs], Sun Apr 12 08:27:58 2020 UTC (3 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.176: +2 -1 lines
Diff to previous 1.176 (colored)

Recursive revision bump after textproc/icu update

Revision 1.176 / (download) - annotate - [select for diffs], Mon Apr 6 20:21:57 2020 UTC (3 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.175: +3 -2 lines
Diff to previous 1.175 (colored)

nodejs: updated to 13.12.0

Version 13.12.0
build:
* macOS package notarization
deps:
* upgrade npm to 6.14.4
* update to uvwasi 0.0.6
* upgrade to libuv 1.35.0
lib:
* add --disable-proto option to cli
node_report:
* move diagnostic reports to stable
worker:
* allow URL in Worker constructor
util:
* use a global symbol for util.promisify.custom

Revision 1.175 / (download) - annotate - [select for diffs], Wed Mar 18 10:03:59 2020 UTC (3 years, 8 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2020Q1-base, pkgsrc-2020Q1
Changes since 1.174: +2 -2 lines
Diff to previous 1.174 (colored)

nodejs: updated to 3.11.0

Version 13.11.0

Notable Changes:
async_hooks: add sync enterWith to ALS
cli: allow --jitless V8 flag in NODE_OPTIONS
fs: return first folder made by mkdir recursive
n-api: define release 6
os: create a getter for kernel version
wasi: add returnOnExit option

Revision 1.174 / (download) - annotate - [select for diffs], Fri Mar 13 00:45:06 2020 UTC (3 years, 8 months ago) by tnn
Branch: MAIN
Changes since 1.173: +2 -2 lines
Diff to previous 1.173 (colored)

nodejs: remove a stale portability skip. Add another one.

Revision 1.173 / (download) - annotate - [select for diffs], Thu Mar 5 10:13:18 2020 UTC (3 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.172: +2 -2 lines
Diff to previous 1.172 (colored)

nodejs: updated to 13.10.1

Version 13.10.1 (Current):

In Node.js 13.9.0 deps/zlib was switched to the chromium maintained implementation. This change had the unforseen consequence of breaking building from the tarballs we release as we were too aggressively removing unneccessary files from the deps/zlib folder. This release includes a patch that ensures that individuals will once again be able to build Node.js from source.

Revision 1.172 / (download) - annotate - [select for diffs], Wed Mar 4 18:59:39 2020 UTC (3 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.171: +2 -2 lines
Diff to previous 1.171 (colored)

nodejs: updated to 13.10.0

Version 13.10.0 (Current):

Notable Changes

async_hooks
- introduce async-context API
stream
- support passing generator functions into pipeline()
tls
- expose SSL_export_keying_material
vm
- implement vm.measureMemory() for per-context memory measurement

Revision 1.171 / (download) - annotate - [select for diffs], Mon Feb 24 16:04:21 2020 UTC (3 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.170: +2 -2 lines
Diff to previous 1.170 (colored)

nodejs: updated to 13.9.0

Version 13.9.0 (Current)
async_hooks
* add executionAsyncResource
crypto
* add crypto.diffieHellman
* add DH support to generateKeyPair
* simplify DH groups
* add key type 'dh'
test
* skip keygen tests on arm systems
perf_hooks
* add property flags to GCPerformanceEntry
process
* report ArrayBuffer memory in memoryUsage()
readline
* make tab size configurable
report
* add support for Workers
worker
* add ability to take heap snapshot from parent thread
added new collaborators
* add ronag to collaborators

Revision 1.170 / (download) - annotate - [select for diffs], Fri Feb 7 09:51:53 2020 UTC (3 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.169: +2 -2 lines
Diff to previous 1.169 (colored)

nodejs: updated to 13.8.0

Version 13.8.0 (Current):

Notable Changes

This is a security release.

Vulnerabilities fixed:

CVE-2019-15606: HTTP header values do not have trailing OWS trimmed.
CVE-2019-15605: HTTP request smuggling using malformed Transfer-Encoding header.
CVE-2019-15604: Remotely trigger an assertion on a TLS server with a malformed certificate string.

Also, HTTP parsing is more strict to be more secure. Since this may cause problems in interoperability with some non-conformant HTTP implementations, it is possible to disable the strict checks with the --insecure-http-parser command line flag, or the insecureHTTPParser http option. Using the insecure HTTP parser should be avoided.

Revision 1.169 / (download) - annotate - [select for diffs], Fri Jan 24 18:52:20 2020 UTC (3 years, 10 months ago) by adam
Branch: MAIN
Changes since 1.168: +5 -14 lines
Diff to previous 1.168 (colored)

nodejs: updated to 13.7.0

Version 13.7.0

Notable Changes
deps:
* upgrade to libuv 1.34.1
* upgrade npm to 6.13.6
module
* add API for interacting with source maps
* loader getSource, getFormat, transform hooks
* logical conditional exports ordering
* unflag conditional exports
process:
* allow monitoring uncaughtException

Revision 1.168 / (download) - annotate - [select for diffs], Wed Jan 8 22:30:38 2020 UTC (3 years, 10 months ago) by adam
Branch: MAIN
Changes since 1.167: +2 -2 lines
Diff to previous 1.167 (colored)

nodejs: updated to 13.6.0

Version 13.6.0 (Current):

Notable Changes
* assert:
  - Implement assert.match() and assert.doesNotMatch()
* events:
  - Add EventEmitter.on to async iterate over events
  - Allow monitoring error events
* fs:
  - Allow overriding fs for streams
* perf_hooks:
  - Move perf_hooks out of experimental
* repl:
  - Implement ZSH-like reverse-i-search
* tls:
  - Add PSK (pre-shared key) support

Revision 1.167 / (download) - annotate - [select for diffs], Sun Dec 29 15:38:04 2019 UTC (3 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.166: +2 -2 lines
Diff to previous 1.166 (colored)

nodejs: updated to 13.5.0

Version 13.5.0 (Current):
Notable Changes
cli:
* add --trace-exit cli option
http,https:
* increase server headers timeout
readline:
* update ansi-regex
* promote _getCursorPos to public api
repl:
* add completion preview
util:
* add Set and map size to inspect output
wasi:
* require CLI flag to require() wasi module

Revision 1.166 / (download) - annotate - [select for diffs], Fri Dec 13 06:26:07 2019 UTC (3 years, 11 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base, pkgsrc-2019Q4
Changes since 1.165: +1 -4 lines
Diff to previous 1.165 (colored)

Get rid of http-parser for nodejs 12+

Revision 1.165 / (download) - annotate - [select for diffs], Mon Dec 9 20:03:51 2019 UTC (3 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.164: +1 -1 lines
Diff to previous 1.164 (colored)

nodejs: updated to 13.3.0

Version 13.3.0:

Notable Changes
fs:
Reworked experimental recursive rmdir()
The maxBusyTries option is renamed to maxRetries, and its default is set to 0. The emfileWait option has been removed, and EMFILE errors use the same retry logic as other errors. The retryDelay option is now supported. ENFILE errors are now retried.
http:
Make maximum header size configurable per-stream or per-server
http2:
Make maximum tolerated rejected streams configurable
Allow to configure maximum tolerated invalid frames
wasi:
Introduce initial WASI support

Revision 1.164 / (download) - annotate - [select for diffs], Sun Nov 24 15:49:31 2019 UTC (4 years ago) by adam
Branch: MAIN
Changes since 1.163: +2 -2 lines
Diff to previous 1.163 (colored)

nodejs: updated to 10.17.0

Version 10.17.0 'Dubnium' (LTS):

Notable changes
crypto:
- add support for chacha20-poly1305 for AEAD
- increase maxmem range from 32 to 53 bits
deps:
- update npm to 6.11.3
- upgrade openssl sources to 1.1.1d
dns: remove dns.promises experimental warning
fs: remove experimental warning for fs.promises
http: makes response.writeHead return the response
http2: makes response.writeHead return the response
n-api:
- make func argument of napi_create_threadsafe_function optional
- mark version 5 N-APIs as stable
- implement date object
process: add --unhandled-rejections flag
stream:
- implement Readable.from async iterator utility
- make Symbol.asyncIterator support stable

Revision 1.163 / (download) - annotate - [select for diffs], Fri Aug 16 15:18:16 2019 UTC (4 years, 3 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base, pkgsrc-2019Q3
Changes since 1.162: +2 -2 lines
Diff to previous 1.162 (colored)

nodejs: updated to 10.16.3

Version 10.16.3 'Dubnium' (LTS):

Notable changes

This is a security release.

Node.js, as well as many other implementations of HTTP/2, have been found vulnerable to Denial of Service attacks. See https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md for more information.

Vulnerabilities fixed:

CVE-2019-9511 ץata Dribble The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.

CVE-2019-9512 ױing Flood The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.

CVE-2019-9513 ׳esource Loop The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU, potentially leading to a denial of service.

CVE-2019-9514 ׳eset Flood The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both, potentially leading to a denial of service.

CVE-2019-9515 ״ettings Flood The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.

CVE-2019-9516 -Length Headers Leak The attacker sends a stream of headers with a 0-length header name and 0-length header value, optionally Huffman encoded into 1-byte or greater headers. Some implementations allocate memory for these headers and keep the allocation alive until the session dies. This can consume excess memory, potentially leading to a denial of service.

CVE-2019-9517 תnternal Data Buffering The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both, potentially leading to a denial of service.

CVE-2019-9518 צmpty Frames Flood The attacker sends a stream of frames with an empty payload and without the end-of-stream flag. These frames can be DATA, HEADERS, CONTINUATION and/or PUSH_PROMISE. The peer spends time processing each frame disproportionate to attack bandwidth. This can consume excess CPU, potentially leading to a denial of service.

Revision 1.162 / (download) - annotate - [select for diffs], Wed Aug 7 07:33:25 2019 UTC (4 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.161: +2 -2 lines
Diff to previous 1.161 (colored)

nodejs: updated to 10.16.2

Version 10.16.2 'Dubnium' (LTS)

Notable changes

This release patches a regression in the OpenSSL upgrade to 1.1.1c that causes intermittent hangs in machines that have low entropy.

Revision 1.161 / (download) - annotate - [select for diffs], Sat Aug 3 07:31:15 2019 UTC (4 years, 4 months ago) by adam
Branch: MAIN
Changes since 1.160: +2 -2 lines
Diff to previous 1.160 (colored)

nodejs: updated to 10.16.1

Version 10.16.1 'Dubnium' (LTS)

Notable changes
deps: upgrade openssl sources to 1.1.1c
stream: do not unconditionally call \_read() on resume()
worker: fix nullptr deref after MessagePort deser failure

Revision 1.160 / (download) - annotate - [select for diffs], Fri May 31 20:52:00 2019 UTC (4 years, 6 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base, pkgsrc-2019Q2
Changes since 1.159: +2 -3 lines
Diff to previous 1.159 (colored)

nodejs: updated to 10.16.0

Version 10.16.0 'Dubnium' (LTS)

Notable Changes
deps:
update ICU to 64.2
upgrade npm to 6.9.0
upgrade openssl sources to 1.1.1b
upgrade to libuv 1.28.0
events: add once method to use promises with EventEmitter
n-api: mark thread-safe function as stable
repl: support top-level for-await-of
zlib: add brotli support

Revision 1.159 / (download) - annotate - [select for diffs], Wed Apr 3 00:32:50 2019 UTC (4 years, 8 months ago) by ryoon
Branch: MAIN
Changes since 1.158: +2 -2 lines
Diff to previous 1.158 (colored)

Recursive revbump from textproc/icu

Revision 1.158 / (download) - annotate - [select for diffs], Sat Mar 23 11:15:18 2019 UTC (4 years, 8 months ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base, pkgsrc-2019Q1
Changes since 1.157: +2 -1 lines
Diff to previous 1.157 (colored)

nodejs: fix SIGABRT on NetBSD/i386 8.0 by pulling upstream PR #21848.

Also apply similar ifdefs for NetBSD as FreeBSD and OpenBSD.
Now nodejs binary won't fail during lang/npm and www/firefox builds
on NetBSD/i386 8.0.

Bump PKGREVISION.

No particular comments on pkgsrc-bug@:
 http://mail-index.netbsd.org/pkgsrc-bugs/2019/03/19/msg066102.html
Should close PR pkg/53497, PR pkg/53758, PR pkg/53792, and PR pkg/53794.

Revision 1.157 / (download) - annotate - [select for diffs], Thu Mar 7 08:47:45 2019 UTC (4 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.156: +2 -2 lines
Diff to previous 1.156 (colored)

nodejs: updated to 10.15.3

Version 10.15.3 'Dubnium' (LTS)
Notable Changes
doc: add antsmartian to collaborators
http: fix error check in Execute()
stream: fix end-of-stream for HTTP/2

Revision 1.156 / (download) - annotate - [select for diffs], Fri Mar 1 08:47:07 2019 UTC (4 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.155: +2 -3 lines
Diff to previous 1.155 (colored)

nodejs: updated to 10.15.2

Version 10.15.2 'Dubnium' (LTS):

This is a security release. All Node.js users should consult the security release summary at:

https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/

for details on patched vulnerabilities.

A fix for the following CVE is included in this release:

Node.js: Slowloris HTTP Denial of Service with keep-alive (CVE-2019-5737)
Notable Changes

http: Further prevention of "Slowloris" attacks on HTTP and HTTPS connections by consistently applying the receive timeout set by server.headersTimeout to connections in keep-alive mode.

Revision 1.155 / (download) - annotate - [select for diffs], Sun Feb 24 12:18:55 2019 UTC (4 years, 9 months ago) by rin
Branch: MAIN
Changes since 1.154: +2 -1 lines
Diff to previous 1.154 (colored)

- Fix OpenSSL support for NetBSD/amd64 (https works fine now)
- Fix NetBSD/i386 support (hopefully also works for other ILP32 archs)
- Add NetBSD/aarch64 support
- Bump revision

Revision 1.154 / (download) - annotate - [select for diffs], Thu Jan 31 13:38:49 2019 UTC (4 years, 10 months ago) by nia
Branch: MAIN
Changes since 1.153: +4 -1 lines
Diff to previous 1.153 (colored)

nodejs: Require http-parser>=2.9.0.

ok leot

Revision 1.153 / (download) - annotate - [select for diffs], Thu Jan 31 08:46:37 2019 UTC (4 years, 10 months ago) by adam
Branch: MAIN
Changes since 1.152: +2 -2 lines
Diff to previous 1.152 (colored)

nodejs: updated to 10.15.1

10.15.1:
Notable Changes
doc:
- add oyyd to collaborators (Ouyang Yadong)
tls:
- throw if protocol too long
Bug fixes

Revision 1.152 / (download) - annotate - [select for diffs], Mon Jan 21 11:00:45 2019 UTC (4 years, 10 months ago) by ryoon
Branch: MAIN
Changes since 1.151: +8 -1 lines
Diff to previous 1.151 (colored)

Fix build under NetBSD/i386 8.0, based on PR pkg/53758

Revision 1.151 / (download) - annotate - [select for diffs], Tue Jan 8 14:51:10 2019 UTC (4 years, 10 months ago) by adam
Branch: MAIN
Changes since 1.150: +2 -3 lines
Diff to previous 1.150 (colored)

nodejs: updated to 10.15.0

Version 10.15.0 'Dubnium' (LTS):
The 10.14.0 security release introduced some unexpected breakages on the 10.x release line. This is a special release to fix a regression in the HTTP binary upgrade response body and add a missing CLI flag to adjust the max header size of the http parser.

Notable Changes
cli:
add --max-http-header-size flag
http:
add maxHeaderSize property

Revision 1.150 / (download) - annotate - [select for diffs], Sat Dec 15 17:32:38 2018 UTC (4 years, 11 months ago) by maya
Branch: MAIN
CVS Tags: pkgsrc-2018Q4-base, pkgsrc-2018Q4
Changes since 1.149: +2 -1 lines
Diff to previous 1.149 (colored)

nodejs: don't invert notion of code.

from Mike Pumford.

Revision 1.149 / (download) - annotate - [select for diffs], Wed Dec 12 16:38:06 2018 UTC (4 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.148: +2 -2 lines
Diff to previous 1.148 (colored)

nodejs: updated to 10.14.2

Version 10.14.2 'Dubnium' (LTS)
This LTS release comes with 374 commits. This includes 165 which are test or benchmark related, 77 which are doc related, 29 which are build / tool related and 15 commits which update dependencies.

Notable Changes
* deps:
  - upgrade to c-ares v1.15.0
* Windows:
  - A crashing process will now show the names of stack frames if the node.pdb file is available.

Revision 1.148 / (download) - annotate - [select for diffs], Sun Dec 9 18:29:12 2018 UTC (4 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.147: +2 -2 lines
Diff to previous 1.147 (colored)

nodejs: updated to 10.14.1

Version 10.14.1 'Dubnium' (LTS):

Notable Changes
win/msi: Revert changes to installer causing issues on Windows systems.

Revision 1.147 / (download) - annotate - [select for diffs], Wed Nov 28 08:36:04 2018 UTC (5 years ago) by adam
Branch: MAIN
Changes since 1.146: +3 -3 lines
Diff to previous 1.146 (colored)

nodejs: updated to 10.14.0

Version 10.14.0 'Dubnium' (LTS):

This is a security release. All Node.js users should consult the security release summary at:
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/
for details on patched vulnerabilities.

Fixes for the following CVEs are included in this release:
* Node.js: Denial of Service with large HTTP headers (CVE-2018-12121)
* Node.js: Slowloris HTTP Denial of Service (CVE-2018-12122 / Node.js)
* Node.js: Hostname spoofing in URL parser for javascript protocol (CVE-2018-12123)
* OpenSSL: Timing vulnerability in DSA signature generation (CVE-2018-0734)
* OpenSSL: Timing vulnerability in ECDSA signature generation (CVE-2019-0735)

Notable Changes
* deps: Upgrade to OpenSSL 1.1.0j, fixing CVE-2018-0734 and CVE-2019-0735
* http:
  - Headers received by HTTP servers must not exceed 8192 bytes in total to prevent possible Denial of Service attacks. Reported by Trevor Norris. (CVE-2018-12121 / Matteo Collina)
  - A timeout of 40 seconds now applies to servers receiving HTTP headers. This value can be adjusted with server.headersTimeout. Where headers are not completely received within this period, the socket is destroyed on the next received chunk. In conjunction with server.setTimeout(), this aids in protecting against excessive resource retention and possible Denial of Service. Reported by Jan Maybach (liebdich.com). (CVE-2018-12122 / Matteo Collina)
* url: Fix a bug that would allow a hostname being spoofed when parsing URLs with url.parse() with the 'javascript:' protocol.

Revision 1.146 / (download) - annotate - [select for diffs], Sat Nov 10 18:35:18 2018 UTC (5 years ago) by adam
Branch: MAIN
Changes since 1.145: +2 -2 lines
Diff to previous 1.145 (colored)

nodejs: updated to 10.13.0

Version 10.13.0 'Dubnium' (LTS)

This release marks the transition of Node.js 10.x into Long Term Support (LTS) with the codename 'Dubnium'. The 10.x release line now moves in to "Active LTS" and will remain so until April 2020. After that time it will move in to "Maintenance" until end of life in April 2021.

Notable Changes

This release only includes minimal changes necessary to fix known regressions prior to LTS.


Version 10.12.0 (Current)

Notable changes

assert
* The diff output is now a tiny bit improved by sorting object properties when inspecting the values that are compared with each other.

cli
* The options parser now normalizes _ to - in all multi-word command-line flags, e.g. --no_warnings has the same effect as --no-warnings.
* Added bash completion for the node binary. To generate a bash completion script, run node --completion-bash. The output can be saved to a file which can be sourced to enable completion.

crypto
* Added support for PEM-level encryption.
* Added an API asymmetric key pair generation. The new methods crypto.generateKeyPair and crypto.generateKeyPairSync can be used to generate public and private key pairs. The API supports RSA, DSA and EC and a variety of key encodings (both PEM and DER).
fs
* Added a recursive option to fs.mkdir and fs.mkdirSync. If this option is set to true, non-existing parent folders will be automatically created.

http2
* Added a 'ping' event to Http2Session that is emitted whenever a non-ack PING is received.
* Added support for the ORIGIN frame.
* Updated nghttp2 to 1.34.0. This adds RFC 8441 extended connect protocol support to allow use of WebSockets over HTTP/2.

module
* Added module.createRequireFromPath(filename). This new method can be used to create a custom require function that will resolve modules relative to the filename path.

process
* Added a 'multipleResolves' process event that is emitted whenever a Promise is attempted to be resolved multiple times, e.g. if the resolve and reject functions are both called in a Promise executor.

url
* Added url.fileURLToPath(url) and url.pathToFileURL(path). These methods can be used to correctly convert between file: URLs and absolute paths.

util
* Added the sorted option to util.inspect(). If set to true, all properties of an object and Set and Map entries will be sorted in the returned string. If set to a function, it is used as a compare function.
The util.instpect.custom symbol is now defined in the global symbol registry as Symbol.for('nodejs.util.inspect.custom').
* Added support for BigInt numbers in util.format().

V8 API
* A number of V8 C++ APIs have been marked as deprecated since they have been removed in the upstream repository. Replacement APIs are added where necessary.

Windows
* The Windows msi installer now provides an option to automatically install the tools required to build native modules.

Workers
* Debugging support for Workers using the DevTools protocol has been implemented.
* The public inspector module is now enabled in Workers.

Revision 1.145 / (download) - annotate - [select for diffs], Thu Sep 20 14:05:25 2018 UTC (5 years, 2 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2018Q3-base, pkgsrc-2018Q3
Changes since 1.144: +2 -2 lines
Diff to previous 1.144 (colored)

lang/nodejs: Update to 10.11.0.

- fs
  - Fixed fsPromises.readdir `withFileTypes`.
- http2
  - Added `http2stream.endAfterHeaders` property.
- util
  - Added `util.types.isBoxedPrimitive(value)`.

Revision 1.144 / (download) - annotate - [select for diffs], Fri Sep 7 14:24:54 2018 UTC (5 years, 2 months ago) by jperkin
Branch: MAIN
Changes since 1.143: +4 -1 lines
Diff to previous 1.143 (colored)

nodejs: Work around build rpath issue with torque.

Revision 1.143 / (download) - annotate - [select for diffs], Fri Sep 7 11:45:04 2018 UTC (5 years, 2 months ago) by fhajny
Branch: MAIN
Changes since 1.142: +3 -3 lines
Diff to previous 1.142 (colored)

lang/nodejs: Update to 10.10.0.

- child_process:
  - `TypedArray` and `DataView` values are now accepted as input by
    `execFileSync` and `spawnSync`.
- coverage:
  - Native V8 code coverage information can now be output to disk by
    setting the environment variable `NODE_V8_COVERAGE` to a directory.
- fs:
  - The methods `fs.read`, `fs.readSync`, `fs.write`, `fs.writeSync`,
    `fs.writeFile` and `fs.writeFileSync` now all accept `TypedArray`
    and `DataView` objects.
  - A new boolean option, `withFileTypes`, can be passed to to
    `fs.readdir` and `fs.readdirSync`. If set to true, the methods
    return an array of directory entries. These are objects that can
    be used to determine the type of each entry and filter them based
    on that without calling `fs.stat`.
- http2:
  - The `http2` module is no longer experimental.
- os:
  - Added two new methods: `os.getPriority` and `os.setPriority`,
    allowing to manipulate the scheduling priority of processes.
- process:
  - Added `process.allowedNodeEnvironmentFlags`. This object can be
    used to programmatically validate and list flags that are allowed
    in the `NODE_OPTIONS` environment variable.
- src:
  - Deprecated option variables in public C++ API.
  - Refactored options parsing.
- vm:
  - Added `vm.compileFunction`, a method to create new JavaScript
    functions from a source body, with options similar to those of
    the other `vm` methods.

Revision 1.142 / (download) - annotate - [select for diffs], Thu Aug 16 12:23:11 2018 UTC (5 years, 3 months ago) by fhajny
Branch: MAIN
Changes since 1.141: +2 -3 lines
Diff to previous 1.141 (colored)

lang/nodejs: Update to 10.9.0.

- buffer:
  - Fix out-of-bounds (OOB) write in `Buffer.write()` for UCS-2
    encoding (CVE-2018-12115)
  - Fix unintentional exposure of uninitialized memory in
    `Buffer.alloc()` (CVE-2018-7166)
- deps:
  - Upgrade to OpenSSL 1.1.0i, fixing:
    - Client DoS due to large DH parameter (CVE-2018-0732)
    - ECDSA key extraction via local side-channel (CVE not assigned)
  - Upgrade V8 from 6.7 to 6.8
    - Memory reduction and performance improvements
- http: `http.get()` and `http.request()` (and `https` variants) can
  now accept three arguments to allow for a `URL` _and_ an `options`
  object

Revision 1.141 / (download) - annotate - [select for diffs], Sun Aug 5 11:40:29 2018 UTC (5 years, 3 months ago) by bsiegert
Branch: MAIN
Changes since 1.140: +5 -1 lines
Diff to previous 1.140 (colored)

nodejs needs a recent libuv (1.22.0).

Bump revision.

This fixes a build failure on my machine with an older libuv version
installed.

Revision 1.140 / (download) - annotate - [select for diffs], Thu Aug 2 12:18:24 2018 UTC (5 years, 4 months ago) by fhajny
Branch: MAIN
Changes since 1.139: +2 -2 lines
Diff to previous 1.139 (colored)

lang/nodejs: Update to 10.8.0.

No notable changes besides update to npm 6.2.0, which we do not
bundle.

Revision 1.139 / (download) - annotate - [select for diffs], Fri Jul 20 13:59:41 2018 UTC (5 years, 4 months ago) by fhajny
Branch: MAIN
Changes since 1.138: +2 -3 lines
Diff to previous 1.138 (colored)

lang/nodejs: Update to 10.7.0.

- console:
  - The `console.timeLog()` method has been implemented.
- deps:
  - Upgrade to libuv 1.22.0.
  - Upgrade to ICU 62.1 (Unicode 11, CLDR 33.1).
- http:
  - Added support for passing both `timeout` and `agent` options to
    `http.request`.
- inspector:
  - Expose the original console API in `require('inspector').console`.
- napi:
  - Added experimental support for functions dealing with bigint
    numbers.
- process:
  - The `process.hrtime.bigint()` method has been implemented.
  - Added the `--title` command line argument to set the process title
    on startup.
- trace_events:
  - Added process\_name metadata.

Revision 1.138 / (download) - annotate - [select for diffs], Fri Jul 20 03:33:52 2018 UTC (5 years, 4 months ago) by ryoon
Branch: MAIN
Changes since 1.137: +2 -1 lines
Diff to previous 1.137 (colored)

Recursive revbump from textproc/icu-62.1

Revision 1.137 / (download) - annotate - [select for diffs], Tue Jul 10 22:03:08 2018 UTC (5 years, 4 months ago) by fhajny
Branch: MAIN
Changes since 1.136: +2 -2 lines
Diff to previous 1.136 (colored)

lang/nodejs: Update to 10.6.0.

- dns: An experimental promisified version of the dns module is now
  available. Give it a try with `require('dns').promises`.
- fs: `fs.lchown` has been undeprecated now that libuv supports it.
- lib: `Atomics.wake` is being renamed to `Atomics.notify` in the
  ECMAScript specification. Since Node.js now has experimental support
  for worker threads, we are being proactive and added a `notify` alias,
  while emitting a warning if `wake` is used.
- n-api: Add API for asynchronous functions.
- util: `util.inspect` is now able to return a result instead of
  throwing when the maximum call stack size is exceeded during
  inspection.
- vm: Add `script.createCachedData()`. This API replaces the
  `produceCachedData` option of the `Script` constructor that is now
  deprecated.
- worker: Support for relative paths has been added to the `Worker`
  constructor. Paths are interpreted relative to the current working
  directory.

Revision 1.136 / (download) - annotate - [select for diffs], Sat Jun 23 13:38:00 2018 UTC (5 years, 5 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2
Changes since 1.135: +2 -2 lines
Diff to previous 1.135 (colored)

lang/nodejs: Update to 10.5.0.

crypto:
- Support for crypto.scrypt() has been added.

fs:
- BigInt support has been added to fs.stat and fs.watchFile.
- APIs that take mode as arguments no longer throw on values larger
  than 0o777.
- Fix crashes in closed event watchers.

Worker Threads:
- Support for multi-threading has been added behind the
  --experimental-worker flag in the worker_threads module. This
  feature is experimental and may receive breaking changes at any time.

Revision 1.135 / (download) - annotate - [select for diffs], Thu Jun 14 10:54:26 2018 UTC (5 years, 5 months ago) by fhajny
Branch: MAIN
Changes since 1.134: +2 -2 lines
Diff to previous 1.134 (colored)

lang/nodejs: Update to 10.4.1.

- Fixes memory exhaustion DoS (CVE-2018-7164): Fixes a bug introduced
  in 9.7.0 that increases the memory consumed when reading from the
  network into JavaScript using the net.Socket object directly as a
  stream.
- http2
  - (CVE-2018-7161): Fixes Denial of Service vulnerability by updating
    the http2 implementation to not crash under certain circumstances
    during cleanup
  - (CVE-2018-1000168): Fixes Denial of Service vulnerability by
    upgrading nghttp2 to 1.32.0
- tls (CVE-2018-7162): Fixes Denial of Service vulnerability by
  updating the TLS implementation to not crash upon receiving
- n-api: Prevent use-after-free in napi_delete_async_work

Revision 1.134 / (download) - annotate - [select for diffs], Tue Jun 12 09:06:46 2018 UTC (5 years, 5 months ago) by fhajny
Branch: MAIN
Changes since 1.133: +2 -2 lines
Diff to previous 1.133 (colored)

lang/nodejs: Update to 10.4.0.

- deps: update V8 to 6.7.288.43
- stream: ensure Stream.pipeline re-throws errors without callback

Revision 1.133 / (download) - annotate - [select for diffs], Wed May 30 09:39:53 2018 UTC (5 years, 6 months ago) by fhajny
Branch: MAIN
Changes since 1.132: +2 -2 lines
Diff to previous 1.132 (colored)

lang/nodejs: Update to 10.3.0.

- fs: fix reads with pos > 4GB
- net: new option to allow IPC servers to be readable and writable
  by all users
- stream: fix removeAllListeners() for Stream.Readable to work as
  expected when no arguments are passed

Revision 1.132 / (download) - annotate - [select for diffs], Fri May 25 11:18:18 2018 UTC (5 years, 6 months ago) by fhajny
Branch: MAIN
Changes since 1.131: +2 -2 lines
Diff to previous 1.131 (colored)

lang/nodejs: Update to 10.2.1.

- http: fix res emit close before user finish
- src: re-integrate headers into node.h
- test: mark test-zlib.zlib-binding.deflate as flaky

Revision 1.131 / (download) - annotate - [select for diffs], Thu May 24 06:29:34 2018 UTC (5 years, 6 months ago) by fhajny
Branch: MAIN
Changes since 1.130: +2 -2 lines
Diff to previous 1.130 (colored)

lang/nodejs: Update to 10.2.0.

- addons:
  - Fixed a memory leak for users of `AsyncResource` and N-API.
- assert:
  - The `error` parameter of `assert.throws()` can be an object
    containing regular expressions now.
- crypto:
  - The `authTagLength` option has been made more flexible.
- esm:
  - Builtin modules (e.g. `fs`) now provide named exports in ES6
    modules.
- http:
  - Handling of `close` and `aborted` events has been made more
    consistent.
- module:
  - add --preserve-symlinks-main
- timers:
  - `timeout.refresh()` has been added to the public API.
- Embedder support:
  - Functions for creating V8 `Isolate` and `Context` objects with
    Node.js-specific behaviour have been added to the API.
  - Node.js `Environment`s clean up resources before exiting now.
  - Support for multi-threaded embedding has been improved.

Revision 1.130 / (download) - annotate - [select for diffs], Sat May 12 09:24:00 2018 UTC (5 years, 6 months ago) by fhajny
Branch: MAIN
Changes since 1.129: +2 -3 lines
Diff to previous 1.129 (colored)

lang/nodejs: Update to 10.1.0.

- console: make console.table() use colored inspect
- fs: move fs/promises to fs.promises
- http: added aborted property to request
- n-api: initialize a module via a special symbol
- src: add public API to expose the main V8 Platform

Revision 1.129 / (download) - annotate - [select for diffs], Sat May 12 08:59:56 2018 UTC (5 years, 6 months ago) by fhajny
Branch: MAIN
Changes since 1.128: +8 -3 lines
Diff to previous 1.128 (colored)

lang/nodejs: Use pkgsrc http-parser, libuv, libcares instead of bundled versions.
Switch back to bundled nghttp2 on lang/nodejs to reconcile a conflict
of OpenSSL versions.

Revision 1.128 / (download) - annotate - [select for diffs], Fri May 4 04:29:46 2018 UTC (5 years, 7 months ago) by minskim
Branch: MAIN
Changes since 1.127: +3 -1 lines
Diff to previous 1.127 (colored)

lang/nodejs: Include options.mk to enable options

Revision 1.127 / (download) - annotate - [select for diffs], Thu May 3 21:19:16 2018 UTC (5 years, 7 months ago) by fhajny
Branch: MAIN
Changes since 1.126: +8 -3 lines
Diff to previous 1.126 (colored)

lang/nodejs: Update to 10.0.0.

Use bundled OpenSSL until pkgsrc provides the required 1.1.x.

### Notable Changes

- Assert
  - Calling `assert.fail()` with more than one argument is deprecated.
  - Calling `assert.ok()` with no arguments will now throw.
  - Calling `assert.ifError()` will now throw with any argument other
    than `undefined` or `null`. Previously the method would throw with
    any truthy value.
  - The `assert.rejects()` and `assert.doesNotReject()` methods have
    been added for working with async functions.
- Async_hooks
  - Older experimental async_hooks APIs have been removed.
- Buffer
  - Uses of `new Buffer()` and `Buffer()` outside of the
    `node_modules` directory will now emit a runtime deprecation
warning.
  - `Buffer.isEncoding()` now returns `undefined` for falsy values,
    including an empty string.
  - `Buffer.fill()` will throw if an attempt is made to fill with an
    empty `Buffer`.
- Child Process
  - Undefined properties of env are ignored.
- Console
  - The `console.table()` method has been added.
- Crypto
  - The `crypto.createCipher()` and `crypto.createDecipher()` methods
    have been deprecated. Please use `crypto.createCipheriv()` and
`crypto.createDecipheriv()` instead.
  - The `decipher.finaltol()` method has been deprecated.
  - The `crypto.DEFAULT_ENCODING` property has been deprecated.
  - The `ECDH.convertKey()` method has been added.
  - The `crypto.fips` property has been deprecated.
- Dependencies
  - V8 has been updated to 6.6.
  - OpenSSL has been updated to 1.1.0h.
- EventEmitter
  - The `EventEmitter.prototype.off()` method has been added as an
    alias for `EventEmitter.prototype.removeListener()`.
- File System
  - The `fs/promises` API provides experimental promisified versions
    of the `fs` functions.
  - Invalid path errors are now thrown synchronously.
  - The `fs.readFile()` method now partitions reads to avoid thread
    pool exhaustion.
- HTTP
  - Processing of HTTP Status codes `100`, `102-199` has been
    improved.
  - Multi-byte characters in URL paths are now forbidden.
- N-API
  - The n-api is no longer experimental.
- Net
  - The `'close'` event will be emitted after `'end'`.
- Perf_hooks
  - The `PerformanceObserver` class is now an `AsyncResource` and can
    be monitored using `async_hooks`.
  - Trace events are now emitted for performance events.
  - The `performance` API has been simplified.
  - Performance milestone marks will be emitted as trace events.
- Process
  - Using non-string values for `process.env` is deprecated.
  - The `process.assert()` method is deprecated.
- REPL
  - REPL now experimentally supports top-level await when using the
    `--experimental-repl-await` flag.
  - The previously deprecated "magic mode" has been removed.
  - The previously deprecated `NODE_REPL_HISTORY_FILE` environment
    variable has been removed.
  - Proxy objects are shown as Proxy objects when inspected.
- Streams
  - The `'readable'` event is now always deferred with nextTick.
  - A new `pipeline()` method has been provided for building
    end-to-data stream pipelines.
  - Experimental support for async for-await has been added to
    `stream.Readable`.
- Timers
  - The `enroll()` and `unenroll()` methods have been deprecated.
- TLS
  - The `tls.convertNPNProtocols()` method has been deprecated.
  - Support for NPN (next protocol negotiation) has been dropped.
  - The `ecdhCurve` default is now `'auto'`.
- Trace Events
  - A new `trace_events` top-level module allows trace event
    categories to be enabled/disabled at runtime.
- URL
  - The WHATWG URL API is now a global.
- Util
  - `util.types.is[` type checks have been added.
  - Support for bigint formatting has been added to `util.inspect()`.

#### Deprecations:

The following APIs have been deprecated in Node.js 10.0.0

- Passing more than one argument to `assert.fail()` will emit a
  runtime deprecation warning.
- Previously deprecated legacy async_hooks APIs have reached
  end-of-life and have been removed.
- Using `require()` to access several of Node.js' own internal
  dependencies will emit a runtime deprecation.
- The `crypto.createCipher()` and `crypto.createDecipher()` methods
  have been deprecated in documentation.
- Using the `Decipher.finaltol()` method will emit a runtime
  deprecation warning.
- Using the `crypto.DEFAULT_ENCODING` property will emit a runtime
  deprecation warning.
- Use by native addons of the `MakeCallback()` variant that passes a
  `Domain` will emit a runtime deprecation warning.
- Previously deprecated internal getters/setters on `net.Server` has
  reached end-of-life and have been removed.
- Use of non-string values for `process.env` has been deprecated in
  documentation.
- Use of `process.assert()` will emit a runtime deprecation warning.
- Previously deprecated `NODE_REPL_HISTORY_FILE` environment variable
  has reached end-of-life and has been removed.
- Use of the `timers.enroll()` and `timers.unenroll()` methods will
  emit a runtime deprecation warning.
- Use of the `tls.convertNPNProtocols()` method will emit a runtime
  deprecation warning. Support for NPN has been removed from Node.js.
- The `crypto.fips` property has been deprecated in documentation.

Revision 1.126 / (download) - annotate - [select for diffs], Wed May 2 16:33:02 2018 UTC (5 years, 7 months ago) by fhajny
Branch: MAIN
Changes since 1.125: +2 -2 lines
Diff to previous 1.125 (colored)

lang/nodejs*: Remove the npm package manager from nodejs packages. Introduce nodeversion.mk framework to pick and depend on one of the supported nodejs version packages. Bump respective PKGREVISIONs.

Revision 1.125 / (download) - annotate - [select for diffs], Sun Apr 29 21:31:49 2018 UTC (5 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.124: +2 -2 lines
Diff to previous 1.124 (colored)

revbump for boost-libs update

Revision 1.124 / (download) - annotate - [select for diffs], Sat Apr 14 07:34:28 2018 UTC (5 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.123: +2 -1 lines
Diff to previous 1.123 (colored)

revbump after icu update

Revision 1.123 / (download) - annotate - [select for diffs], Fri Apr 6 16:24:40 2018 UTC (5 years, 7 months ago) by fhajny
Branch: MAIN
Changes since 1.122: +2 -2 lines
Diff to previous 1.122 (colored)

lang/nodejs: Update to 9.11.1.

- deps: Updated ICU to 61.1
- fs: Emit 'ready' event for ReadStream and WriteStream
- n-api: Bump version of n-api supported
- net: Emit 'ready' event for Socket

Revision 1.122 / (download) - annotate - [select for diffs], Wed Apr 4 10:41:15 2018 UTC (5 years, 7 months ago) by fhajny
Branch: MAIN
Changes since 1.121: +2 -2 lines
Diff to previous 1.121 (colored)

nodejs 9.10.1

- No code changes


nodejs 9.10.0

Fixes for the following CVEs are included in this release:

- CVE-2018-7158
- CVE-2018-7159
- CVE-2018-7160

Notable Changes

- Fix for inspector DNS rebinding vulnerability (CVE-2018-7160): A
  malicious website could use a DNS rebinding attack to trick a web
  browser to bypass same-origin-policy checks and allow HTTP connections
  to localhost or to hosts on the local network, potentially to an open
  inspector port as a debugger, therefore gaining full code execution
  access. The inspector now only allows connections that have a browser
  Host value of localhost or localhost6.
- Fix for 'path' module regular expression denial of service
  (CVE-2018-7158): A regular expression used for parsing POSIX paths
  could be used to cause a denial of service if an attacker were able to
  have a specially crafted path string passed through one of the
  impacted 'path' module functions.
- Reject spaces in HTTP Content-Length header values (CVE-2018-7159):
  The Node.js HTTP parser allowed for spaces inside Content-Length
  header values. Such values now lead to rejected connections in the
  same way as non-numeric values.
- Update root certificates: 5 additional root certificates have been
  added to the Node.js binary and 30 have been removed.
- cluster: Add support for NODE_OPTIONS="--inspect"
- crypto: Expose the public key of a certificate
- n-api: Add napi_fatal_exception to trigger an uncaughtException in
  JavaScript
- path: Fix regression in posix.normalize
- stream: Improve stream creation performance


nodejs 9.9.0

assert:
- From now on all error messages produced by assert in strict mode will
  produce a error diff.
- From now on it is possible to use a validation object in throws instead
  of the other possibilities.
crypto:
- allow passing null as IV unless required
fs:
- support as and as+ flags in stringToFlags()
tls:
- expose Finished messages in TLSSocket
tty:
- Add getColorDepth function to determine if terminal supports colors.
util:
- add util.inspect compact option

Revision 1.121 / (download) - annotate - [select for diffs], Tue Mar 13 16:22:00 2018 UTC (5 years, 8 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2018Q1-base, pkgsrc-2018Q1
Changes since 1.120: +2 -2 lines
Diff to previous 1.120 (colored)

lang/nodejs: Update to 9.8.0.

crypto:
- add cert.fingerprint256 as SHA256 fingerprint (Hannes Magnusson) #17690
http2:
- Fixed issues with aborted connections in the HTTP/2 implementation (Anna Henningsen) #18987 #19002
loader:
- --inspect-brk now works properly for esmodules (Gus Caplan) #18949
src:
- make process.dlopen() load well-known symbol (Ben Noordhuis) #18934
trace_events:
- add file pattern cli option (Andreas Madsen) #18480

Revision 1.120 / (download) - annotate - [select for diffs], Fri Mar 2 11:23:35 2018 UTC (5 years, 9 months ago) by fhajny
Branch: MAIN
Changes since 1.119: +2 -2 lines
Diff to previous 1.119 (colored)

lang/nodejs: Update to 9.7.1.

- libuv: Updated to libuv 1.19.2
- src: Add initial support for Node.js-specific post-mortem
  metadata
- timers: The return value of setImmediate() now has ref() and
  unref() methods
- util: It is now possible to get the name for a numerical
  platform-specific error code as a string

Revision 1.119 / (download) - annotate - [select for diffs], Fri Feb 23 19:42:04 2018 UTC (5 years, 9 months ago) by fhajny
Branch: MAIN
Changes since 1.118: +2 -2 lines
Diff to previous 1.118 (colored)

lang/nodejs: Update to 9.6.1.

nodejs 9.6.1

events:
- events.usingDomains being set to false by default was removed in
  9.6.0 which was a change in behavior compares to 9.5.0. This
  behavior change has been reverted and the events object now has
  usingDomains preset to false, which is the behavior in 9.x prior
  to 9.6.0

nodejs 9.6.0

async_hooks:
- deprecate unsafe emit{Before,After}
- rename PromiseWrap.parentId to PromiseWrap.isChainedPromise
deps:
- update node-inspect to 1.11.3
- ICU 60.2 bump
- Introduce ScriptOrModule and HostDefinedOptions to V8
http:
- add options to http.createServer() for IncomingMessage and
  ServerReponse
http2:
- add http fallback options to .createServer
https:
- Adds the remaining options from tls.createSecureContext() to the
  string generated by Agent#getName(). This allows https.request() to
  accept the options and generate unique sockets appropriately.
inspector:
- --inspect-brk for es modules
lib:
- allow process kill by signal number
module:
- enable dynamic import
- dynamic import is now supported
n-api:
- add methods to open/close callback scope
src:
- allow --perf-(basic-)?prof in NODE_OPTIONS
vm:
- add support for es modules

Revision 1.118 / (download) - annotate - [select for diffs], Thu Feb 1 19:09:02 2018 UTC (5 years, 10 months ago) by fhajny
Branch: MAIN
Changes since 1.117: +2 -2 lines
Diff to previous 1.117 (colored)

Update lang/nodejs to 9.5.0.

cluster
- add cwd to cluster.settings
deps
- upgrade libuv to 1.19.1
n-api
- expose n-api version in process.versions
perf_hooks
- add performance.clear()
stream
- avoid writeAfterEnd() while ending

Revision 1.117 / (download) - annotate - [select for diffs], Thu Jan 11 08:11:12 2018 UTC (5 years, 10 months ago) by fhajny
Branch: MAIN
Changes since 1.116: +4 -2 lines
Diff to previous 1.116 (colored)

Update lang/nodejs to 9.4.0.

async_hooks:
- deprecate AsyncHooks Sensitive API and runInAsyncIdScope. Neither
  API were documented.
deps:
- update nghttp2 to 1.29.0
- upgrade npm to 5.6.0
- cherry-pick 50f7455 from upstream V8
events:
- remove reaches into _events internals
http:
- add rawPacket in err of clientError event
http2:
- implement maxSessionMemory
- add initial support for originSet
- add altsvc support
- perf_hooks integration
- Refactoring and cleanup of Http2Session and Http2Stream destroy
net:
- remove Socket.prototype.write
- remove Socket.prototype.listen
repl:
- show lexically scoped vars in tab completion
stream:
- rm {writeable/readable}State.length
- add flow and buffer properties to streams
util:
- allow wildcards in NODE_DEBUG variable
zlib:
- add ArrayBuffer support

Revision 1.116 / (download) - annotate - [select for diffs], Fri Dec 15 21:29:25 2017 UTC (5 years, 11 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base, pkgsrc-2017Q4
Changes since 1.115: +2 -2 lines
Diff to previous 1.115 (colored)

Update lang/nodejs to 9.3.0.

async_hooks:
- add trace events to async_hooks
- add provider types for net server

console:
- console.debug can now be used outside of the inspector

deps:
- upgrade libuv to 1.18.0
- patch V8 to 6.2.414.46

module:
- module.builtinModules will return a list of built in modules

n-api:
- add helper for addons to get the event loop

process:
- process.setUncaughtExceptionCaptureCallback can now be used to
  customize behavior for --abort-on-uncaught-exception
- A signal handler is now able to receive the signal code that
  triggered the handler.

src:
- embedders can now use Node::CreatePlatform to create an instance of
  NodePlatform

stream:
- writable.writableHighWaterMark and readable.readableHighWaterMark
  will return the values the stream object was instantiated with

Revision 1.115 / (download) - annotate - [select for diffs], Sat Dec 9 17:56:10 2017 UTC (5 years, 11 months ago) by fhajny
Branch: MAIN
Changes since 1.114: +2 -3 lines
Diff to previous 1.114 (colored)

Update lang/nodejs to 9.2.1.

- buffer: buffer allocated with an invalid content will now be zero
  filled (CVE-2017-15897)
- deps: openssl updated to 1.0.2n

Revision 1.114 / (download) - annotate - [select for diffs], Thu Nov 30 16:45:28 2017 UTC (6 years ago) by adam
Branch: MAIN
Changes since 1.113: +2 -1 lines
Diff to previous 1.113 (colored)

Revbump after textproc/icu update

Revision 1.113 / (download) - annotate - [select for diffs], Wed Nov 15 21:37:44 2017 UTC (6 years ago) by fhajny
Branch: MAIN
Changes since 1.112: +2 -2 lines
Diff to previous 1.112 (colored)

Update lang/nodejs to 9.2.0.

crypto:
- Support building with both 1.1.0 and 1.0.2
fs:
- fs.realpathSync.native and fs.realpath.native are now exposed
process:
- expose process.ppid

Revision 1.112 / (download) - annotate - [select for diffs], Wed Nov 8 17:02:41 2017 UTC (6 years ago) by fhajny
Branch: MAIN
Changes since 1.111: +2 -2 lines
Diff to previous 1.111 (colored)

Update lang/nodejs to 9.1.0.

CLI:
- NODE_OPTIONS now supports the --stack-trace-limit option. #16495
deps:
- OpenSSL is upgraded to 1.0.2m #16691
http:
- A 'connect' event handler leak has been fixed. #16725
- The 103 Early Hints status code is now supported. #16644

Revision 1.111 / (download) - annotate - [select for diffs], Wed Nov 1 12:08:24 2017 UTC (6 years, 1 month ago) by fhajny
Branch: MAIN
Changes since 1.110: +2 -2 lines
Diff to previous 1.110 (colored)

Update lang/nodejs to 9.0.0.

### Notable Changes

- Async hooks: Older experimental APIs have been removed.
- Improvements have been made to `buffer` module error messages.
- Child Processes: Errors are emitted on process nextTick.
- Domains: The long-deprecated `.dispose()` method has been removed.
- fs
  - The `fs.ReadStream` and `fs.WriteStream` classes now use `destroy()`.
  - `fs` module callbacks are now invoked with an undefined context.
- HTTP/1
  - A 400 Bad Request response will now be sent when parsing fails.
  - Socket timeout will be set when the socket connects.
  - A bug causing the request `'error'` event to fire twice was fixed
  - HTTP clients may now use generic `Duplex` streams in addition
    to `net.Socket`.
- Intl
  - The deprecated `Intl.v8BreakIterator` has been removed.
- OS
  - The `os.EOL` property is now read-only
- Timers
  - `setTimeout()` will emit a warning if the timeout is larger that
    the maximum 32-bit unsigned integer.

Revision 1.110 / (download) - annotate - [select for diffs], Thu Oct 26 09:12:55 2017 UTC (6 years, 1 month ago) by fhajny
Branch: MAIN
Changes since 1.109: +2 -2 lines
Diff to previous 1.109 (colored)

Update lang/nodejs to 8.8.1.

- net: Fix timeout with null handle issue. This is a regression in 8.8.0

Revision 1.109 / (download) - annotate - [select for diffs], Wed Oct 25 12:33:12 2017 UTC (6 years, 1 month ago) by fhajny
Branch: MAIN
Changes since 1.108: +2 -2 lines
Diff to previous 1.108 (colored)

Update lang/nodejs to 8.8.0.

crypto:
- expose ECDH class

http2:
- http2 is now exposed by default without the need for a flag
- a new environment variable NODE_NO_HTTP2 has been added to allow
  userland http2 to be required
- support has been added for generic Duplex streams

module:
- resolve and instantiate loader pipeline hooks have been added
  to the ESM lifecycle

zlib:
- CVE-2017-14919 - In zlib v1.2.9, a change was made that causes
  an error to be raised when a raw deflate stream is initialized
  with windowBits set to 8. On some versions this crashes Node and
  you cannot recover from it, while on some versions it throws an
  exception. Node.js will now gracefully set windowBits to 9
  replicating the legacy behavior to avoid a DOS vector.

Revision 1.108 / (download) - annotate - [select for diffs], Thu Oct 12 14:12:15 2017 UTC (6 years, 1 month ago) by fhajny
Branch: MAIN
Changes since 1.107: +2 -2 lines
Diff to previous 1.107 (colored)

Update lang/nodejs to 8.7.0.

deps:
- update npm to 5.4.2
- upgrade libuv to 1.15.0
- update V8 to 6.1.534.42

dgram:
- support for setting dgram socket buffer size

fs:
- add support O_DSYNC file open constant

util:
- deprecate obj.inspect for custom inspection

tools, build:
- there is a fancy new macOS installer

Revision 1.107 / (download) - annotate - [select for diffs], Wed Sep 27 12:17:10 2017 UTC (6 years, 2 months ago) by fhajny
Branch: MAIN
Changes since 1.106: +2 -3 lines
Diff to previous 1.106 (colored)

Update lang/nodejs to 8.6.0.

nodejs 8.6.0
============

crypto
- Support for multiple ECDH curves.

dgram
- Added setMulticastInterface() API.
- Custom lookup functions are now supported.

n-api
- The command-line flag is no longer required to use N-API.

tls
- Docs-only deprecation of parseCertString().


nodejs 8.5.0
============

build
- Snapshots are now re-enabled in V8

console
- Implement minimal console.group().

deps
- upgrade libuv to 1.14.1
- update nghttp2 to v1.25.0

dns
- Add verbatim option to dns.lookup(). When true, results from the DNS
  resolver are passed on as-is, without the reshuffling that Node.js
  otherwise does that puts IPv4 addresses before IPv6 addresses.

fs
- add fs.copyFile and fs.copyFileSync which allows for more efficient
  copying of files.

inspector
- Enable async stack traces

module
- Add support for ESM. This is currently behind the
  --experimental-modules flag and requires the .mjs extension. node
  --experimental-modules index.mjs

napi
- implement promise

os
- Add support for CIDR notation to the output of the networkInterfaces()
  method.

perf_hooks
- An initial implementation of the Performance Timing API for Node.js.
  This is the same Performance Timing API implemented by modern browsers
  with a number of Node.js specific properties. The User Timing mark()
  and measure() APIs are implemented.

tls
- multiple PFX in createSecureContext

Revision 1.106 / (download) - annotate - [select for diffs], Mon Sep 18 09:53:25 2017 UTC (6 years, 2 months ago) by maya
Branch: MAIN
CVS Tags: pkgsrc-2017Q3-base, pkgsrc-2017Q3
Changes since 1.105: +2 -1 lines
Diff to previous 1.105 (colored)

revbump for requiring ICU 59.x

Revision 1.105 / (download) - annotate - [select for diffs], Wed Aug 16 11:52:19 2017 UTC (6 years, 3 months ago) by fhajny
Branch: MAIN
Changes since 1.104: +2 -2 lines
Diff to previous 1.104 (colored)

Update lang/nodejs to 8.4.0.

Update lang/nodejs to 8.4.0.

## 2017-08-15, Version 8.4.0 (Current), @addaleax

- HTTP2
  - Experimental support for the built-in `http2` has been added via the
    `--expose-http2` flag.
- Inspector
  - `require()` is available in the inspector console now.
  - Multiple contexts, as created by the `vm` module, are supported now.
- N-API
  - New APIs for creating number values have been introduced.
- Stream
  - For `Duplex` streams, the high water mark option can now be set
    independently for the readable and the writable side.
- Util
  - `util.format` now supports the `%o` and `%O` specifiers for printing
    objects.

## 2017-08-09, Version 8.3.0 (Current), @addaleax

The V8 engine has been upgraded to version 6.0, which has a significantly
changed performance profile.

- DNS
  - Independent DNS resolver instances are supported now, with support for
    cancelling the corresponding requests.
- N-API
  - Multiple N-API functions for error handling have been changed to support
    assigning error codes.
- REPL
  - Autocompletion support for `require()` has been improved.
- Utilities
  - The WHATWG Encoding Standard (`TextDecoder` and `TextEncoder`) has
    been implemented as an experimental feature.

Revision 1.104 / (download) - annotate - [select for diffs], Wed Aug 2 17:31:45 2017 UTC (6 years, 4 months ago) by fhajny
Branch: MAIN
Changes since 1.103: +5 -2 lines
Diff to previous 1.103 (colored)

Update lang/nodejs to 8.2.1.

8.2.1

- configure:
  - add mips64el to valid_arch
- crypto:
  - Updated root certificates based on NSS 3.30
- deps:
  - upgrade OpenSSL to version 1.0.2.l
- http:
  - parse errors are now reported when NODE_DEBUG=http
  - Agent construction can now be envoked without `new`
- zlib:
  - node will now throw an Error when zlib rejects the value of
    windowBits, instead of crashing


8.2.0

- Async Hooks
  - Multiple improvements to Promise support in `async_hooks` have
    been made.
- Build
  - The compiler version requirement to build Node with GCC has been
    raised to GCC 4.9.4.
- Cluster
  - Users now have more fine-grained control over the inspector port
    used by individual cluster workers. Previously, cluster workers were
    restricted to incrementing from the master's debug port.
- DNS
  - The server used for DNS queries can now use a custom port.
  - Support for `dns.resolveAny()` has been added.
- npm
  - The `npm` CLI has been updated to version 5.3.0. In particular, it
    now comes with the `npx` binary, which is also shipped with Node.

Revision 1.103 / (download) - annotate - [select for diffs], Tue Jul 11 19:00:57 2017 UTC (6 years, 4 months ago) by fhajny
Branch: MAIN
Changes since 1.102: +2 -2 lines
Diff to previous 1.102 (colored)

Update lang/nodejs to 8.1.4.

- Disable V8 snapshots - The hashseed embedded in the snapshot is
  currently the same for all runs of the binary. This opens node up to
  collision attacks which could result in a Denial of Service. We have
  temporarily disabled snapshots until a more robust solution is found
- CVE-2017-1000381 - The c-ares function ares_parse_naptr_reply(), which
  is used for parsing NAPTR responses, could be triggered to read memory
  outside of the given input buffer if the passed in DNS response packet
  was crafted in a particular way. This patch checks that there is
  enough data for the required elements of an NAPTR record (2 int16, 3
  bytes for string lengths) before processing a record. (David Drysdale)

Revision 1.102 / (download) - annotate - [select for diffs], Mon Jul 3 15:14:47 2017 UTC (6 years, 5 months ago) by fhajny
Branch: MAIN
Changes since 1.101: +2 -2 lines
Diff to previous 1.101 (colored)

Update lang/nodejs to 8.1.3.

- Stream Two regressions with the stream module have been fixed:
  - The finish event will now always be emitted after the error event
    if one is emitted
  - In object mode, readable streams can now use undefined again.

Revision 1.101 / (download) - annotate - [select for diffs], Thu Jun 15 18:16:56 2017 UTC (6 years, 5 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base, pkgsrc-2017Q2
Changes since 1.100: +2 -2 lines
Diff to previous 1.100 (colored)

Update lang/nodejs to 8.1.2.

- Fix broken process.release properties in 8.1.1 causing failure to
  compile native add-ons on platforms other than Windows. This is a fix
  in the Node.js build process so there are no additional code commits
  included on top of 8.1.1.

Revision 1.100 / (download) - annotate - [select for diffs], Wed Jun 14 12:59:14 2017 UTC (6 years, 5 months ago) by fhajny
Branch: MAIN
Changes since 1.99: +2 -2 lines
Diff to previous 1.99 (colored)

Update lang/nodejs to 8.1.1.

8.1.1

Child processes
- stdout and stderr are now available on the error output of a failed
  call to the util.promisify()ed version of child_process.exec.

HTTP
- A regression that broke certain scenarios in which HTTP is used
  together with the cluster module has been fixed.

HTTPS
- The rejectUnauthorized option now works properly for unix sockets.

Readline
- A change that broke npm init and other code which uses readline
  multiple times on the same input stream is reverted.



8.1.0

Async Hooks
- When one Promise leads to the creation of a new Promise, the parent
  Promise will be identified as the trigger

Dependencies
- libuv has been updated to 1.12.0
- npm has been updated to 5.0.3

File system
- The fs.exists() function now works correctly with util.promisify()
- fs.Stats times are now also available as numbers

Inspector
- It is now possible to bind to a random port using --inspect=0

Zlib
- A regression in the Zlib module that made it impossible to properly
  subclasses zlib.Deflate and other Zlib classes has been fixed.

Revision 1.99 / (download) - annotate - [select for diffs], Mon Jun 5 21:14:04 2017 UTC (6 years, 5 months ago) by fhajny
Branch: MAIN
Changes since 1.98: +2 -2 lines
Diff to previous 1.98 (colored)

Update lang/nodejs to 8.0.0

Node.js 8.0.0 is a major new release that includes a significant number of
semver-major and semver-minor changes. Notable changes are listed below.

The Node.js 8.x release branch is scheduled to become the next actively
maintained Long Term Support (LTS) release line in October, 2017 under the
LTS codename 'Carbon'.

### Notable Changes

* Async Hooks
  * The `async_hooks` module has landed in core

* Buffer
  * Using the `--pending-deprecation` flag will cause Node.js to emit a
    deprecation warning when using `new Buffer(num)` or `Buffer(num)`.
  * `new Buffer(num)` and `Buffer(num)` will zero-fill new `Buffer` instances
  * Many `Buffer` methods now accept `Uint8Array` as input

* Child Process
  * Argument and kill signal validations have been improved
  * Child Process methods accept `Uint8Array` as input

* Console
  * Error events emitted when using `console` methods are now supressed.

* Dependencies
  * The npm client has been updated to 5.0.0
  * V8 has been updated to 5.8 with forward ABI stability to 6.0

* Domains
  * Native `Promise` instances are now `Domain` aware

* Errors
  * We have started assigning static error codes to errors generated by Node.js.
    This has been done through multiple commits and is still a work in
    progress.

* File System
  * The utility class `fs.SyncWriteStream` has been deprecated
  * The deprecated `fs.read()` string interface has been removed

* HTTP
  * Improved support for userland implemented Agents
  * Outgoing Cookie headers are concatenated into a single string
  * The `httpResponse.writeHeader()` method has been deprecated
  * New methods for accessing HTTP headers have been added to `OutgoingMessage`

* Lib
  * All deprecation messages have been assigned static identifiers
  * The legacy `linkedlist` module has been removed

* N-API
  * Experimental support for the new N-API API has been added

* Process
  * Process warning output can be redirected to a file using the
    `--redirect-warnings` command-line argument
  * Process warnings may now include additional detail

* REPL
  * REPL magic mode has been deprecated

* Src
  * `NODE_MODULE_VERSION` has been updated to 57
  * Add `--pending-deprecation` command-line argument and
    `NODE_PENDING_DEPRECATION` environment variable
  * The `--debug` command-line argument has been deprecated. Note that
    using `--debug` will enable the *new* Inspector-based debug protocol
    as the legacy Debugger protocol previously used by Node.js has been
    removed.
  * Throw when the `-c` and `-e` command-line arguments are used at the same
    time
  * Throw when the `--use-bundled-ca` and `--use-openssl-ca` command-line
    arguments are used at the same time.

* Stream
  * `Stream` now supports `destroy()` and `_destroy()` APIs
  * `Stream` now supports the `_final()` API

* TLS
  * The `rejectUnauthorized` option now defaults to `true`
  * The `tls.createSecurePair()` API now emits a runtime deprecation
  * A runtime deprecation will now be emitted when `dhparam` is less than
    2048 bits

* URL
  * The WHATWG URL implementation is now a fully-supported Node.js API

* Util
  * `Symbol` keys are now displayed by default when using `util.inspect()`
  * `toJSON` errors will be thrown when formatting `%j`
  * Convert `inspect.styles` and `inspect.colors` to prototype-less objects
  * The new `util.promisify()` API has been added

* Zlib
  * Support `Uint8Array` in Zlib convenience methods
  * Zlib errors now use `RangeError` and `TypeError` consistently

Revision 1.98 / (download) - annotate - [select for diffs], Tue May 30 14:26:38 2017 UTC (6 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.97: +2 -2 lines
Diff to previous 1.97 (colored)

On macOS, do not generate debugging symbols; they use lots of disk space, and most of them get stripped off during installation.

Revision 1.97 / (download) - annotate - [select for diffs], Fri May 12 20:55:40 2017 UTC (6 years, 6 months ago) by fhajny
Branch: MAIN
Changes since 1.96: +4 -1 lines
Diff to previous 1.96 (colored)

Only node.js 7.x builds with icu>=0.59. Go back to use limited/embedded icu for lang/nodejs4 and lang/nodejs6.

Revision 1.96 / (download) - annotate - [select for diffs], Thu May 4 16:39:36 2017 UTC (6 years, 6 months ago) by fhajny
Branch: MAIN
Changes since 1.95: +2 -3 lines
Diff to previous 1.95 (colored)

Update lang/nodejs to 7.10.0.

- crypto: add randomFill and randomFillSync
- meta: Added new collaborators
  - add lucamaraschi to collaborators
  - add DavidCai1993 to collaborators
  - add jkrems to collaborators
  - add AnnaMag to collaborators
- process: fix crash when Promise rejection is a Symbol
- url: make WHATWG URL more spec compliant
- v8:
  - fix stack overflow in recursive method
  - fix build errors with g++ 7

Revision 1.95 / (download) - annotate - [select for diffs], Sat Apr 22 21:03:40 2017 UTC (6 years, 7 months ago) by adam
Branch: MAIN
Changes since 1.94: +2 -1 lines
Diff to previous 1.94 (colored)

Revbump after icu update

Revision 1.94 / (download) - annotate - [select for diffs], Wed Apr 12 11:26:51 2017 UTC (6 years, 7 months ago) by fhajny
Branch: MAIN
Changes since 1.93: +2 -2 lines
Diff to previous 1.93 (colored)

Update lang/nodejs to 7.9.0.

- util: console is now closer to what is supported in all major browsers

Revision 1.93 / (download) - annotate - [select for diffs], Thu Mar 30 16:07:01 2017 UTC (6 years, 8 months ago) by fhajny
Branch: MAIN
Changes since 1.92: +2 -2 lines
Diff to previous 1.92 (colored)

Update lang/nodejs to 7.8.0

2017-03-28, Version 7.8.0

buffer:
- do not segfault on out-of-range index
crypto:
- Fix memory leak if certificate is revoked
deps:
- upgrade npm to 4.2.0
- fix async await desugaring in V8
readline:
- add option to stop duplicates in history

2017-03-21, Version 7.7.4

- deps: Add node-inspect 1.10.6
- inspector: proper WS URLs when bound to 0.0.0.0
- tls: fix segfault on destroy after partial read.

Revision 1.92 / (download) - annotate - [select for diffs], Fri Mar 17 10:51:58 2017 UTC (6 years, 8 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base, pkgsrc-2017Q1
Changes since 1.91: +2 -2 lines
Diff to previous 1.91 (colored)

Update lang/nodejs to 7.7.3.

- module: The module loading global fallback to the Node executable's
  directory now works correctly on Windows.
- net: Socket.prototype.connect now once again functions without
  a callback.
- url: URL.prototype.origin now properly specified an opaque return
  of 'null' for file:// URLs.

Revision 1.91 / (download) - annotate - [select for diffs], Sun Mar 12 20:31:43 2017 UTC (6 years, 8 months ago) by fhajny
Branch: MAIN
Changes since 1.90: +2 -2 lines
Diff to previous 1.90 (colored)

Update lang/nodejs to 7.7.2.

Notable changes
- doc: add Daijiro Wachi to collaborators
- tty: add ref() so process.stdin.ref() etc. work
- util: fix inspecting symbol key in string

Revision 1.90 / (download) - annotate - [select for diffs], Thu Mar 2 15:28:55 2017 UTC (6 years, 9 months ago) by fhajny
Branch: MAIN
Changes since 1.89: +2 -2 lines
Diff to previous 1.89 (colored)

Update lang/nodejs to 7.7.1.

- Node.js 7.7.0 contains a bug that will prevent all native modules
  from building, this patch should fix the issue. Apologies to everyone
  who was affected by 7.7.0.

Revision 1.89 / (download) - annotate - [select for diffs], Wed Mar 1 14:10:05 2017 UTC (6 years, 9 months ago) by fhajny
Branch: MAIN
Changes since 1.88: +2 -2 lines
Diff to previous 1.88 (colored)

Update lang/nodejs to 7.7.0.

- child_process: spawnSync() exit code now is null when the child is
  killed via signal
- http: new functions to access the headers for an outgoing HTTP message
- lib: deprecate node --debug at runtime
- tls: new tls.TLSSocket() supports sec ctx options
- url: adding URL.prototype.toJSON support
- doc: items in the API documentation may now have changelogs
- crypto: adding support for OPENSSL_CONF again
- src: adding support for trace-event tracing

Revision 1.88 / (download) - annotate - [select for diffs], Wed Feb 22 11:22:43 2017 UTC (6 years, 9 months ago) by fhajny
Branch: MAIN
Changes since 1.87: +2 -2 lines
Diff to previous 1.87 (colored)

Update lang/nodejs to 7.6.0.

Notable changes

- deps:
  - update V8 to 5.5
  - upgrade libuv to 1.11.0
  - add node-inspect 1.10.4
  - upgrade zlib to 1.2.11
- lib: build node inspect into node
- crypto: Remove expired certs from CNNIC whitelist
- inspector: add --inspect-brk
- fs: allow WHATWG URL objects as paths
- src: support UTF-8 in compiled-in JS source files
- url: extend url.format to support WHATWG URL

Revision 1.87 / (download) - annotate - [select for diffs], Mon Feb 13 13:55:22 2017 UTC (6 years, 9 months ago) by fhajny
Branch: MAIN
Changes since 1.86: +2 -2 lines
Diff to previous 1.86 (colored)

Update lang/nodejs to 7.5.0.

Notable changes

- crypto:
  - ability to select cert store at runtime
  - Use system CAs instead of using bundled ones
- deps:
  - upgrade npm to 4.1.2
  - upgrade openssl sources to 1.0.2k
- doc: add basic documentation for WHATWG URL API
- process: add NODE_NO_WARNINGS environment variable
- url: allow use of URL with http.request and https.request

Revision 1.86 / (download) - annotate - [select for diffs], Thu Jan 5 11:02:44 2017 UTC (6 years, 10 months ago) by fhajny
Branch: MAIN
Changes since 1.85: +2 -2 lines
Diff to previous 1.85 (colored)

Update lang/nodejs to 7.4.0.

Notable changes

- buffer:
  - Improve performance of Buffer allocation by ~11%.
  - Improve performance of Buffer.from() by ~50%.
- events: Improve performance of EventEmitter.once() by ~27%.
- fs: Allow passing Uint8Array to fs methods where Buffers are supported.
- http: Improve performance of http server by ~7%.
- npm: Upgrade to v4.0.5

Revision 1.85 / (download) - annotate - [select for diffs], Wed Jan 4 12:51:10 2017 UTC (6 years, 10 months ago) by fhajny
Branch: MAIN
Changes since 1.84: +2 -2 lines
Diff to previous 1.84 (colored)

Update lang/nodejs to 7.3.0.

Notable changes

buffer:
- buffer.fill() now works properly for the UCS2 encoding on
  Big-Endian machines.

cluster:
- disconnect() now returns a reference to the disconnected worker.

crypto:
- The built-in list of Well-Known CAs (Certificate Authorities) can
  now be extended via a NODE_EXTRA_CA_CERTS environment variable.

http:
- Remove stale timeout listeners in order to prevent a memory leak
  when using keep alive.

tls:
- Allow obvious key/passphrase combinations.

url:
- Including base argument in URL.originFor() to meet specification
  compliance.
- Improve URLSearchParams to meet specification compliance.

Revision 1.84 / (download) - annotate - [select for diffs], Thu Dec 8 23:03:28 2016 UTC (6 years, 11 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base, pkgsrc-2016Q4
Changes since 1.83: +2 -3 lines
Diff to previous 1.83 (colored)

Update lang/nodejs to 7.2.1.

- buffer:
  - Reverted the runtime deprecation of calling Buffer() without new.
  - Fixed buffer.transcode() for single-byte character encodings to UCS2.
- promise: --trace-warnings now produces useful stacktraces for Promise
  warnings.
- repl: Fixed a bug preventing correct parsing of generator functions.
- V8: Fixed a significant instanceof performance regression.

Revision 1.83 / (download) - annotate - [select for diffs], Sun Dec 4 05:17:31 2016 UTC (6 years, 11 months ago) by ryoon
Branch: MAIN
Changes since 1.82: +2 -1 lines
Diff to previous 1.82 (colored)

Recursive revbump from textproc/icu 58.1

Revision 1.82 / (download) - annotate - [select for diffs], Thu Nov 24 19:26:48 2016 UTC (7 years ago) by fhajny
Branch: MAIN
Changes since 1.81: +2 -2 lines
Diff to previous 1.81 (colored)

Update lang/nodejs to 7.2.0.

- crypto: The Decipher methods setAuthTag() and setAAD now return this.
- dns: Implemented {ttl: true} for resolve4() and resolve6().
- libuv: Upgrade to v1.10.1
- Fixed a potential buffer overflow when writing data to console on
  Windows 10.
- process: Added a new external property to the data returned by
  memoryUsage().
- tls: Fixed a memory leak when writes were queued on TLS connection that
  was destroyed during handshake.
- V8 (dep): Upgrade to v5.4.500.43
- v8: The data returned by getHeapStatistics() now includes three new
  fields: malloced_memory, peak_malloced_memory, and does_zap_garbage.

Revision 1.81 / (download) - annotate - [select for diffs], Wed Nov 9 13:47:07 2016 UTC (7 years ago) by fhajny
Branch: MAIN
Changes since 1.80: +2 -2 lines
Diff to previous 1.80 (colored)

Update lang/nodejs to 7.1.0.

- buffer: add buffer.transcode to transcode a buffer's content from one
  encoding to another primarily using ICU
- child_process: add public API for IPC channel
- icu:
  - Upgraded to ICU 58 - small icu
  - Add cldr, tz, and unicode to process.versions
- lib: make String(global) === '\[object global\]'
- libuv: Upgraded to 1.10.0
- readline: use icu based string width calculation
- src:
  - add NODE_PRESERVE_SYMLINKS environment variable that has the same effect
    as the --preserve-symlinks flag
  - Fix String#toLocaleUpperCase() and String#toLocaleLowerCase()

Revision 1.80 / (download) - annotate - [select for diffs], Tue Oct 25 19:50:40 2016 UTC (7 years, 1 month ago) by fhajny
Branch: MAIN
Changes since 1.79: +2 -2 lines
Diff to previous 1.79 (colored)

Update lang/nodejs to 7.0.0.

This new major version of Node.js includes: V8 5.4 which brings along with
98% coverage of ES6 language features, improved reliability and performance,
and a new experimental URL parser based on the WHATWG URL standard.

As an odd numbered release, in accordance with our Long Term Support plan,
Node.js v7 will be supported only until about June, 2017, with Node.js v8
currently scheduled for release in April, 2017.

Notable changes

Buffer
- Passing invalid input to Buffer.byteLength will now throw an error #8946.
- Calling Buffer without new is now deprecated and will emit a process
  warning #8169.
- Passing a negative number to allocUnsafe will now throw an error #7079.

Child Process
- The fork and execFile methods now have stronger argument validation #7399.

Cluster
- The worker.suicide method is deprecated and will emit a process warning
  #3747.

Deps
- V8 has been updated to 5.4.500.36 #8317, #8852, #9253.
- NODE_MODULE_VERSION has been updated to 51 #8808.

File System
- A process warning is emitted if a callback is not passed to async file
  system methods #7897.

Intl
- Intl.v8BreakIterator constructor has been deprecated and will emit a
  process warning #8908.

Promises
- Unhandled Promise rejections have been deprecated and will emit a process
  warning #8217.

Punycode
- The punycode module has been deprecated #7941.

URL
- An Experimental WHATWG URL Parser has been introduced #7448.

Revision 1.79 / (download) - annotate - [select for diffs], Thu Oct 20 06:45:03 2016 UTC (7 years, 1 month ago) by fhajny
Branch: MAIN
Changes since 1.78: +2 -2 lines
Diff to previous 1.78 (colored)

Update lang/nodejs to 6.9.1.

- streams: Fix a regression introduced in v6.8.0 in readable stream
  that caused unpipe to remove the wrong stream

Revision 1.78 / (download) - annotate - [select for diffs], Tue Oct 18 20:44:34 2016 UTC (7 years, 1 month ago) by fhajny
Branch: MAIN
Changes since 1.77: +2 -2 lines
Diff to previous 1.77 (colored)

Update lang/nodejs to 6.9.0.

- crypto: Don't automatically attempt to load an OpenSSL
  configuration file, from the OPENSSL_CONF environment variable
  or from the default location for the current platform. Always
  triggering a configuration file load attempt may allow an attacker
  to load compromised OpenSSL configuration into a Node.js process
  if they are able to place a file in a default location.
- node: Introduce the process.release.lts property, set to "Boron".
  This value is "Argon" for v4 LTS releases and undefined for all
  other releases.
- V8: Backport fix for CVE-2016-5172, an arbitrary memory read.
- v8_inspector: Generate a UUID for each execution of the
  inspector. This provides additional security to prevent
  unauthorized clients from connecting to the Node.js process via
  the v8_inspector port when running with --inspect.

Revision 1.77 / (download) - annotate - [select for diffs], Thu Oct 13 14:09:11 2016 UTC (7 years, 1 month ago) by fhajny
Branch: MAIN
Changes since 1.76: +2 -2 lines
Diff to previous 1.76 (colored)

Update lang/nodejs to 6.8.0.

Notable changes

- fs:
  - SyncWriteStream now inherits from Stream.Writable.
  - fs.existsSync() has been undeprecated. fs.exists() remains
    deprecated.
- http: http.request() now accepts a timeout option.
- module: The module loader now maintains its own realpath cache.
- npm: Upgraded to 3.10.8
- stream: Duplex streams now show proper instanceof Stream.Writable.
- timers: Improved setTimeout/Interval performance by up to 22%.

Revision 1.76 / (download) - annotate - [select for diffs], Wed Sep 28 11:10:44 2016 UTC (7 years, 2 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2016Q3-base, pkgsrc-2016Q3
Changes since 1.75: +2 -2 lines
Diff to previous 1.75 (colored)

Update lang/nodejs to 6.7.0

- openssl: Remove support for loading dynamic third-party engine
  modules. An attacker may be able to hide malicious code to be
  inserted into Node.js at runtime by masquerading as one of the
  dynamic engine modules.
- http: CVE-2016-5325 - Properly validate for allowable characters
  in the reason argument in ServerResponse#writeHead().
- buffer: Zero-fill excess bytes in new Buffer objects created
  with Buffer.concat() while providing a totalLength parameter
  that exceeds the total length of the original Buffer objects
  being concatenated.
- src: Fix regression where passing an empty password and/or salt
  to crypto.pbkdf2() would cause a fatal error
- tls: CVE-2016-7099 - Fix invalid wildcard certificate validation
  check whereby a TLS server may be able to serve an invalid
  wildcard certificate for its hostname due to improper validation
  of *. in the wildcard string.
- v8: Fix regression where a regex on a frozen object was broken

Revision 1.75 / (download) - annotate - [select for diffs], Mon Sep 19 13:14:43 2016 UTC (7 years, 2 months ago) by fhajny
Branch: MAIN
Changes since 1.74: +2 -2 lines
Diff to previous 1.74 (colored)

Update lang/nodejs to 6.6.0.

Notable changes

- crypto: Added crypto.timingSafeEqual().
- events: Made the "max event listeners" memory leak warning more
  accessible.
- promises: Unhandled rejections now emit a process warning after
  the first tick.
- repl: Added auto alignment for .editor mode.
- util: Some functionality has been added to util.inspect():
  - Returning this from a custom inspect function now works.
  - Added support for Symbol-based custom inspection methods.

Revision 1.74 / (download) - annotate - [select for diffs], Tue Sep 13 10:10:42 2016 UTC (7 years, 2 months ago) by fhajny
Branch: MAIN
Changes since 1.73: +2 -2 lines
Diff to previous 1.73 (colored)

Update lang/nodejs to 6.5.0.

- buffer: Fix regression introduced in v6.4.0 that prevented
  .write() at buffer end
- deps: update V8 to 5.1.281.75
- inspector:
  - fix inspector hang while disconnecting
  - add support for uncaught exception
- repl: Fix saving editor mode text in .save
- Revert "repl,util: insert carriage returns in output"

Revision 1.73 / (download) - annotate - [select for diffs], Fri Aug 19 13:15:50 2016 UTC (7 years, 3 months ago) by fhajny
Branch: MAIN
Changes since 1.72: +2 -2 lines
Diff to previous 1.72 (colored)

Update lang/nodejs to 6.4.0

Notable changes
- build: zlib symbols and additional OpenSSL symbols are now
  exposed on Windows platforms.
- child_process, cluster: Forked child processes and cluster
  workers now support stdio configuration.
- child_process: argv[0] can now be set to arbitrary values in
  spawned processes.
- fs: fs.ReadStream now exposes the number of bytes it has read so
  far.
- repl: The REPL now supports editor mode.
- util: inspect() can now be configured globally using
  util.inspect.defaultOptions.

Revision 1.72 / (download) - annotate - [select for diffs], Tue Aug 9 08:50:51 2016 UTC (7 years, 3 months ago) by fhajny
Branch: MAIN
Changes since 1.71: +2 -2 lines
Diff to previous 1.71 (colored)

Update lang/nodejs to 6.3.1.

6.3.1.

Notable changes

- buffer:
  - Improve performance of Buffer.from(str, 'hex') and
    Buffer#write(str, 'hex').
  - Fix creating from zero-length ArrayBuffer.
- deps:
  - Upgrade to V8 5.0.71.57.
  - Backport V8 instanceof bugfix
- repl: Fix issue with function redeclaration.
- util: Fix inspecting of boxed symbols.

6.3.0

Notable changes

- buffer: Added buffer.swap64() to complement swap16() & swap32().
- build: New configure options have been added for building
  Node.js as a shared library.
- crypto: Root certificates have been updated.
- debugger: The server address is now configurable via
  --debug=<address>:<port>.
- npm: Upgraded npm to v3.10.3
- readline: Added the prompt option to the readline constructor.
- repl / vm: sigint/ctrl+c will now break out of infinite loops
  without stopping the Node.js instance.
- src:
  - Added a node::FreeEnvironment public C++ API.
  - Refactored require('constants'), constants are now available
    directly from their respective modules.
- stream: Improved readable.read() performance by up to 70%.
- timers: setImmediate() is now up to 150% faster in some
  situations.
- util: Added a breakLength option to util.inspect() to control
  how objects are formatted across lines.
- v8-inspector: Experimental support has been added for debugging
  Node.js over the inspector protocol.

Revision 1.71 / (download) - annotate - [select for diffs], Fri Jun 17 16:53:24 2016 UTC (7 years, 5 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2016Q2-base, pkgsrc-2016Q2
Changes since 1.70: +2 -2 lines
Diff to previous 1.70 (colored)

Update lang/nodejs to 6.2.2.

- http:
  - req.read(0) could cause incoming connections to stall and time out
    under certain conditions. (Fedor Indutny) #7211
  - When freeing the socket to be reused in keep-alive Agent wait for
    both prefinish and end events. Otherwise the next request may be
    written before the previous one has finished sending the body,
    leading to parser errors. (Fedor Indutny) #7149
- npm: upgrade npm to 3.9.5 (Kat Marchan) #7139

Revision 1.70 / (download) - annotate - [select for diffs], Fri Jun 17 12:20:14 2016 UTC (7 years, 5 months ago) by fhajny
Branch: MAIN
Changes since 1.69: +2 -3 lines
Diff to previous 1.69 (colored)

Update lang/nodejs to 6.2.1.

Notable changes

- buffer: Ignore negative lengths in calls to Buffer() and
  Buffer.allocUnsafe().
- npm: Upgrade npm to 3.9.3
- tty: Default to blocking mode for stdio on OS X.
- V8: Upgrade to V8 5.0.71.52.

See full changelog:

  https://github.com/nodejs/node/blob/v6.2.1/doc/changelogs/CHANGELOG_V6.md

Revision 1.69 / (download) - annotate - [select for diffs], Thu Jun 2 09:57:32 2016 UTC (7 years, 6 months ago) by fhajny
Branch: MAIN
Changes since 1.68: +2 -1 lines
Diff to previous 1.68 (colored)

Remove the nodejs icu option and make nodejs use a system ICU
package by default. Expand existing patch to fix NetBSD 6 build.
Fixes PR pkg/51172.

Bump PKGREVISION for lang/nodejs and lang/nodejs4.

Revision 1.68 / (download) - annotate - [select for diffs], Wed May 18 13:26:44 2016 UTC (7 years, 6 months ago) by fhajny
Branch: MAIN
Changes since 1.67: +2 -2 lines
Diff to previous 1.67 (colored)

Update lang/nodejs to 6.2.0.

Notable Changes

- buffer: fix lastIndexOf and indexOf in various edge cases
- child_process: use /system/bin/sh on android
- deps:
  - upgrade npm to 3.8.9
  - upgrade to V8 5.0.71.47
  - upgrade libuv to 1.9.1
  - Intl: ICU 57 bump
- repl:
  - copying tabs shouldn't trigger completion
  - exports Recoverable
- src: add O_NOATIME constant
- src,module: add --preserve-symlinks command line flag
- util: adhere to noDeprecation set at runtime

Revision 1.67 / (download) - annotate - [select for diffs], Fri May 6 09:31:48 2016 UTC (7 years, 6 months ago) by fhajny
Branch: MAIN
Changes since 1.66: +2 -2 lines
Diff to previous 1.66 (colored)

Update lang/nodejs to 6.1.0.

- assert: deep{Strict}Equal() now works correctly with circular
  references.
- debugger: Arrays are now formatted correctly in the debugger repl.
- deps: Upgrade OpenSSL sources to 1.0.2h
- net: Introduced a Socket#connecting property.
- process: Introduced process.cpuUsage().
- stream: Writable#setDefaultEncoding() now returns this.
- util: Two new additions to util.inspect():
  - Added a maxArrayLength option to truncate the formatting of
    Arrays.
  - Added a showProxy option for formatting proxy intercepting
    handlers.

Revision 1.66 / (download) - annotate - [select for diffs], Wed Apr 27 15:03:10 2016 UTC (7 years, 7 months ago) by fhajny
Branch: MAIN
Changes since 1.65: +2 -2 lines
Diff to previous 1.65 (colored)

Update lang/nodejs to 6.0.0.

This release will become the new LTS later in 2016.

The following significant changes have been made since the
previous Node.js v5.0.0 release.

Buffer
- New Buffer constructors have been added #4682 and #5833.
- Existing Buffer() and SlowBuffer() constructors have been
  deprecated in docs #4682 and #5833.
- Previously deprecated Buffer APIs are removed #5048, #4594.
- Improved error handling #4514.
- The Buffer.prototype.lastIndexOf() method has been added #4846.

Cluster
- Worker emitted as first argument in 'message' event #5361.
- The worker.exitedAfterDisconnect property replaces
  worker.suicide #3743.

Console
- Calling console.timeEnd() with an unknown label now emits a
  process warning rather than throwing #5901.

Crypto
- Improved error handling #3100, #5611.
- Simplified Certificate class bindings #5382.
- Improved control over FIPS mode #5181.
- pbkdf2 digest overloading is deprecated #4047.

Dependencies
- Reintroduce shared c-ares build support #5775.
- V8 updated to 5.0.71.35 #6372.

DNS
- Add dns.resolvePtr() API to query plain DNS PTR records #4921.

Domains
- Clear stack when no error handler #4659.

Events
- The EventEmitter.prototype._events object no longer inherits
  from Object.prototype #6092.
- The EventEmitter.prototype.prependListener() and
  EventEmitter.prototype.prependOnceListener() methods have been
  added #6032.

File System
- The fs.realpath() and fs.realpathSync() methods have been
  updated to use a more efficient libuv-based implementation. This
  change includes the removal of the cache argument and the method
  can throw new errors #3594.
- FS apis can now accept and return paths as Buffers #5616.
- Error handling and type checking improvements #5616, #5590,
  #4518, #3917.
- fs.read's string interface is deprecated #4525.

HTTP
- 'clientError' can now be used to return custom errors from an
  HTTP server #4557.

Revision 1.65 / (download) - annotate - [select for diffs], Tue Apr 26 14:37:54 2016 UTC (7 years, 7 months ago) by fhajny
Branch: MAIN
Changes since 1.64: +2 -3 lines
Diff to previous 1.64 (colored)

Update lang/nodejs to 5.11.0.

Buffer:
- Buffer.prototype.compare can now compare sub-ranges of two
  Buffers.

deps:
- update to http-parser 2.7.0
- update ESLint to 2.7.0

net:
- adds support for passing DNS lookup hints to createConnection()

node:
- Make the builtin libraries available for the --eval and --print
  CLI options

npm:
- upgrade npm to 3.8.6

repl:
- Pressing enter in the repl will repeat the last command by default
  if no input has been received. This behaviour was in node
  previously and was not removed intentionally.

src:
- add SIGINFO to supported signals

streams:
- Fix a regression that caused by net streams requesting multiple
  chunks synchronously when combined with cork/uncork

zlib:
- The flushing flag is now configurable allowing for decompression
  of partial data

Revision 1.64 / (download) - annotate - [select for diffs], Wed Apr 13 09:37:34 2016 UTC (7 years, 7 months ago) by ryoon
Branch: MAIN
Changes since 1.63: +2 -2 lines
Diff to previous 1.63 (colored)

Return process.execPath as absolute path on NetBSD current like on Linux.

Bump PKGREVISION for NetBSD current.
This fixes node-sass build under NetBSD current.

Revision 1.63 / (download) - annotate - [select for diffs], Mon Apr 11 19:01:54 2016 UTC (7 years, 7 months ago) by ryoon
Branch: MAIN
Changes since 1.62: +2 -1 lines
Diff to previous 1.62 (colored)

Recursive revbump from textproc/icu 57.1

Revision 1.62 / (download) - annotate - [select for diffs], Fri Apr 8 16:38:56 2016 UTC (7 years, 7 months ago) by fhajny
Branch: MAIN
Changes since 1.61: +2 -2 lines
Diff to previous 1.61 (colored)

Update lang/nodejs to 5.10.1.

- http: Enclose IPv6 Host header in square brackets. This will
  enable proper seperation of the host adress from any port
  reference
- path: Make win32.isAbsolute more consistent

Revision 1.61 / (download) - annotate - [select for diffs], Fri Apr 1 08:21:05 2016 UTC (7 years, 8 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2016Q1-base, pkgsrc-2016Q1
Changes since 1.60: +2 -2 lines
Diff to previous 1.60 (colored)

Update lang/nodejs to 5.10.0.

5.10.0

* buffer:
  - make byteLength work with ArrayBuffer & DataView
  - backport --zero-fill-buffers command line option
  - backport new buffer constructor APIs
  - add swap16() and swap32() methods
* fs: add the fs.mkdtemp() function.
* net: emit host in lookup event
* node: --no-browser-globals configure flag
* npm: Upgrade to v3.8.3. Fixes a security flaw in the use of
  authentication tokens in HTTP requests that would allow an
  attacker to set up a server that could collect tokens from
  users of the command-line interface. Authentication tokens
  have previously been sent with every request made by the CLI
  for logged-in users, regardless of the destination of the
  request. This update fixes this by only including those
  tokens for requests made against the registry or registries
  used for the current install.
* repl: support standalone blocks
* src: override v8 thread defaults using cli options

5.9.0

* contextify: Fixed a memory consumption issue related to heavy
  use of vm.createContext and vm.runInNewContext.
* lib: copy arguments object instead of leaking it
* src: allow both -i and -e flags to be used at the same time
* timers: Internal Node.js timeouts now use the same logic path
  as those created with setTimeout()
* v8: backport fb4ccae from v8 upstream: breakout events from v8
  to offer better support for external debuggers
* zlib: add support for concatenated members

Revision 1.60 / (download) - annotate - [select for diffs], Wed Mar 9 20:13:23 2016 UTC (7 years, 8 months ago) by fhajny
Branch: MAIN
Changes since 1.59: +2 -3 lines
Diff to previous 1.59 (colored)

Update lang/nodejs to 5.8.0. Clean stale bits from options.mk.

Changes since 5.7.1:
- child_process: send() now accepts an options parameter
- constants: ENGINE_METHOD_RSA is now correctly exposed
- Fixed two regressions which originated in v5.7.0:
  - http: Errors inside of http client callbacks now propagate
    correctly
  - path: Fixed normalization of absolute paths
- repl: start() no longer requires an options parameter
- util: Improved format() performance 50-300%

Revision 1.59 / (download) - annotate - [select for diffs], Sat Mar 5 11:28:43 2016 UTC (7 years, 8 months ago) by jperkin
Branch: MAIN
Changes since 1.58: +2 -1 lines
Diff to previous 1.58 (colored)

Bump PKGREVISION for security/openssl ABI bump.

Revision 1.58 / (download) - annotate - [select for diffs], Thu Mar 3 11:54:28 2016 UTC (7 years, 9 months ago) by fhajny
Branch: MAIN
Changes since 1.57: +2 -2 lines
Diff to previous 1.57 (colored)

Update lang/nodejs to 5.7.1.

* path.relative():
  - Output is no longer unnecessarily verbose
  - Resolving UNC paths on Windows now works correctly
  - Resolving paths with prefixes now works correctly from
    the root directory
* url: Fixed an off-by-one error with parse()
* dgram: Now correctly handles a default address case when offset
  and length are specified (Matteo Collina) #5407.

Irrelevant to (dynamically linked) lang/nodejs:

* openssl: Upgrade from 1.0.2f to 1.0.2g

Revision 1.57 / (download) - annotate - [select for diffs], Tue Feb 23 11:23:32 2016 UTC (7 years, 9 months ago) by fhajny
Branch: MAIN
Changes since 1.56: +2 -2 lines
Diff to previous 1.56 (colored)

Update lang/nodejs to 5.7.0.

* buffer:
  - You can now supply an encoding argument when filling a Buffer
    Buffer#fill(string[, start[, end]][, encoding]), supplying an
    existing Buffer will also work with Buffer#fill(buffer[, start[,
    end]]). See the API documentation for details on how this works.
  - Buffer#indexOf() no longer requires a byteOffset argument if
    you also wish to specify an encoding: Buffer#indexOf(val[,
    byteOffset][, encoding]).
* child_process: spawn() and spawnSync() now support a 'shell'
  option to allow for optional execution of the given command inside
  a shell. If set to true, cmd.exe will be used on Windows and
  /bin/sh elsewhere. A path to a custom shell can also be passed to
  override these defaults. On Windows, this option allows .bat. and
  .cmd files to be executed with spawn() and spawnSync().
* http_parser: Update to http-parser 2.6.2 to fix an unintentionally
  strict limitation of allowable header characters
* dgram: socket.send() now supports accepts an array of Buffers or
  Strings as the first argument. See the API docs for details on how
  this works.
* http: Fix a bug where handling headers will mistakenly trigger an
  'upgrade' event where the server is just advertising its protocols.
  This bug can prevent HTTP clients from communicating with HTTP/2
  enabled servers.
* net: Added a listening Boolean property to net and http servers to
  indicate whether the server is listening for connections.
* node: The C++ node::MakeCallback() API is now reentrant and
  calling it from inside another MakeCallback() call no longer causes
  the nextTick queue or Promises microtask queue to be processed out
  of order.
* tls: Add a new tlsSocket.getProtocol() method to get the negotiated
  TLS protocol version of the current connection.
* vm: Introduce new 'produceCachedData' and 'cachedData' options to
  new vm.Script() to interact with V8's code cache. When a new
  vm.Script object is created with the 'produceCachedData' set to
  true a Buffer with V8's code cache data will be produced and stored
  in cachedData property of the returned object. This data in turn
  may be supplied back to another vm.Script() object with a
  'cachedData' option if the supplied source is the same. Successfully
  executing a script from cached data can speed up instantiation time.
* performance: Improvements in:
  - process.nextTick()
  - path module
  - querystring module
  - streams module when processing small chunks

Revision 1.56 / (download) - annotate - [select for diffs], Wed Feb 10 11:09:23 2016 UTC (7 years, 9 months ago) by fhajny
Branch: MAIN
Changes since 1.55: +2 -2 lines
Diff to previous 1.55 (colored)

Update lang/nodejs to 5.6.0.

- http: fix defects in HTTP header parsing for requests and responses
  that can allow request smuggling (CVE-2016-2086) or response
  splitting (CVE-2016-2216). HTTP header parsing now aligns more
  closely with the HTTP spec including restricting the acceptable
  characters.
- http-parser: upgrade from 2.6.0 to 2.6.1
- npm: upgrade npm from 3.3.12 to 3.6.0 (Rebecca Turner) #4958
- openssl: upgrade from 1.0.2e to 1.0.2f. To mitigate against the
  Logjam attack, TLS clients now reject Diffie-Hellman handshakes
  with parameters shorter than 1024-bits, up from the previous
  limit of 768-bits.

Revision 1.55 / (download) - annotate - [select for diffs], Thu Jan 21 11:45:30 2016 UTC (7 years, 10 months ago) by fhajny
Branch: MAIN
Changes since 1.54: +2 -2 lines
Diff to previous 1.54 (colored)

Update lang/nodejs to 5.5.0.

* events: make sure console functions exist (Dave) #4479
* fs: add autoClose option to fs.createWriteStream (Saquib) #3679
* http: improves expect header handling (Daniel Sellers) #4501
* node: allow preload modules with -i (Evan Lucas) #4696
* v8,src: expose statistics about heap spaces (v8.getHeapSpaceStatistics())
  (Ben Ripkens) #4463
* Minor performance improvements:
  - lib: Use arrow functions instead of bind where possible (Minwoo Jung)
    #3622.
  - module: cache stat() results more aggressively (Ben Noordhuis) #4575
  - querystring: improve parse() performance (Brian White) #4675

Revision 1.54 / (download) - annotate - [select for diffs], Mon Jan 18 20:57:41 2016 UTC (7 years, 10 months ago) by fhajny
Branch: MAIN
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored)

Update lang/nodejs to 5.4.1.

- Minor performance improvements:
  - module: move unnecessary work for early return (Andres Suarez) #3579
- Various bug fixes
- Various doc fixes
- Various test improvements

Revision 1.53 / (download) - annotate - [select for diffs], Thu Jan 7 10:50:22 2016 UTC (7 years, 10 months ago) by fhajny
Branch: MAIN
Changes since 1.52: +2 -2 lines
Diff to previous 1.52 (colored)

Update lang/nodejs to 5.4.0.

http:
- A new status code was added: 451 - "Unavailable For Legal Reasons"
- Idle sockets that have been kept alive now handle errors

This release also includes several minor performance improvements:
- assert: deepEqual is now speedier when comparing TypedArrays
- lib: Use arrow functions instead of bind where possible
- node: Improved accessor perf of process.env
- node: Improved performance of process.hrtime()
- node: Improved GetActiveHandles performance
- util: Use faster iteration in util.format()

Revision 1.52 / (download) - annotate - [select for diffs], Tue Dec 29 20:52:54 2015 UTC (7 years, 11 months ago) by fhajny
Branch: MAIN
Changes since 1.51: +2 -2 lines
Diff to previous 1.51 (colored)

Update lang/nodejs to 5.3.0.

- buffer: Buffer.prototype.includes() has been added to keep parity
  with TypedArrays.
- domains: Fix handling of uncaught exceptions.
- https: Added support for disabling session caching.
- repl: Allow third party modules to be imported using require().
  This corrects a regression from 5.2.0.
- deps: Upgrade libuv to 1.8.0.

Revision 1.51 / (download) - annotate - [select for diffs], Wed Dec 9 11:27:04 2015 UTC (7 years, 11 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2015Q4-base, pkgsrc-2015Q4
Changes since 1.50: +2 -2 lines
Diff to previous 1.50 (colored)

Update lang/nodejs to 5.2.0.

build:
- Add support for Intel's VTune JIT profiling when compiled with
  --enable-vtune-profiling.
- Properly enable V8 snapshots by default. Due to a configuration
  error, snapshots have been kept off by default when the intention
  is for the feature to be enabled.

crypto:
- Simplify use of ECDH (Elliptic Curve Diffie-Hellman) objects
  (created via crypto.createECDH(curve_name)) with private keys
  that are not dynamically generated via generateKeys(). The
  public key is now computed when explicitly setting a private
  key. Added validity checks to reduce the possibility of
  computing weak or invalid shared secrets. Also, deprecated
  the setPublicKey() method for ECDH objects as its usage is
  unnecessary and can lead to inconsistent state.
- Update root certificates from the current list stored
  maintained by Mozilla NSS.
- Multiple CA certificates can now be passed with the ca option
  to TLS methods as an array of strings or in a single new-line
  separated string.

tools:
- Include a tick processor in core, exposed via the
  --prof-process command-line argument which can be used to
  process V8 profiling output files generated when using the
  --prof command-line argument.

Revision 1.50 / (download) - annotate - [select for diffs], Fri Dec 4 12:18:36 2015 UTC (7 years, 11 months ago) by fhajny
Branch: MAIN
Changes since 1.49: +2 -2 lines
Diff to previous 1.49 (colored)

Update nodejs4 to 4.2.3 and nodejs to 5.1.1.

Notable changes

- http: Fix a bug where an HTTP socket may no longer have a socket
  but a pipelined request triggers a pause or resume, a potential
  denial-of-service vector. (Fedor Indutny)
- openssl: Upgrade to 1.0.2e, containing fixes for:
  - CVE-2015-3193 "BN_mod_exp may produce incorrect results on x86_64",
    an attack is considered feasible against a Node.js TLS server
    using DHE key exchange. Details are available at
    http://openssl.org/news/secadv/20151203.txt.
  - CVE-2015-3194 "Certificate verify crash with missing PSS parameter",
    a potential denial-of-service vector for Node.js TLS servers; TLS
    clients are also impacted. Details are available at
    http://openssl.org/news/secadv/20151203.txt. (Shigeki Ohtsu) #4134
- v8: Backport fixes for a bug in JSON.stringify() that can result in
  out-of-bounds reads for arrays. (Ben Noordhuis)

Revision 1.49 / (download) - annotate - [select for diffs], Wed Nov 18 11:42:55 2015 UTC (8 years ago) by fhajny
Branch: MAIN
Changes since 1.48: +2 -2 lines
Diff to previous 1.48 (colored)

Update lang/nodejs to 5.1.0.

Notable changes:

* buffer: The noAssert option for many buffer functions will now
  silently drop invalid write values rather than crashing
* child_process: child.send() now properly returns a boolean like
  the docs suggest
* doc: All of the API docs have been re-ordered so as to read in
  alphabetical order
* http_parser: update http-parser to 2.6.0 from 2.5.0
  - Now supports the following HTTP methods: LINK, UNLINK, BIND,
    REBIND, UNBIND.
  - Also added ACL and IPv6 Zone ID support.
* npm: upgrade npm to 3.3.12 from v3.3.6
* repl: The REPL no longer crashes if the persistent history file
  cannot be opened
* tls: The default sessionIdContext now uses SHA1 in FIPS mode
  rather than MD5
* v8: Added some more useful post-mortem data

See full release notes:

  https://nodejs.org/en/blog/release/v5.1.0/

Revision 1.48 / (download) - annotate - [select for diffs], Mon Nov 9 20:19:35 2015 UTC (8 years ago) by fhajny
Branch: MAIN
Changes since 1.47: +3 -64 lines
Diff to previous 1.47 (colored)

Update lang/nodejs to 5.0.0.

Move most logic into Makefile.common that will be shared
by the LTS lang/nodejs4 package.

Notable Changes in 5.0.0:

* buffer: (Breaking) Removed both 'raw' and 'raws' encoding types
  from Buffer, these have been deprecated for a long time
* console: (Breaking) Values reported by console.time() now have
  3 decimals of accuracy added
* fs:
  - fs.readFile*(), fs.writeFile*(), and fs.appendFile*() now also
    accept a file descriptor as their first argument
  - (Breaking) In fs.readFile(), if an encoding is specified and
    the internal toString() fails the error is no longer thrown but is
    passed to the callback
  - (Breaking) In fs.read() (using the fs.read(fd, length, position,
    encoding, callback) form), if the internal toString() fails the
    error is no longer thrown but is passed to the callback
* http:
  - Fixed a bug where pipelined http requests would stall
  - (Breaking) When parsing HTTP, don't add duplicates of the
    following headers: Retry-After, ETag, Last-Modified, Server, Age,
    Expires.
  - (Breaking) The callback argument to OutgoingMessage#setTimeout()
    must be a function or a TypeError is thrown
  - (Breaking) HTTP methods and header names must now conform to
    the RFC 2616 "token" rule, a list of allowed characters that
    excludes control characters and a number of separator characters.
* node:
  - (Breaking) Deprecated the _linklist module
  - (Breaking) Removed require.paths and require.registerExtension(),
    both had been previously set to throw Error when accessed
* npm: Upgraded to version 3.3.6 from 2.14.7
* src: (Breaking) Bumped NODE_MODULE_VERSION to 47 from 46
* timers: Attempt to reuse the timer handle for setTimeout().unref().
* tls:
  - Added ALPN Support
  - TLS options can now be passed in an object to createSecurePair()
  - (Breaking) The default minimum DH key size for tls.connect() is
    now 1024 bits and a warning is shown when DH key size is less
    than 2048 bits.
* util:
  - (Breaking) util.p() was deprecated for years, and has now been
    removed
  - (Breaking) util.inherits() can now work with ES6 classes.
* v8: (Breaking) Upgraded to 4.6.85.25 from 4.5.103.35
  - Implements the spread operator
  - Implements new.target
* zlib: Decompression now throws on truncated input (e.g. unexpected
  end of file)

See full release notes with more information at:

  https://nodejs.org/en/blog/release/v5.0.0/

Revision 1.47 / (download) - annotate - [select for diffs], Thu Nov 5 13:08:35 2015 UTC (8 years ago) by fhajny
Branch: MAIN
Changes since 1.46: +2 -2 lines
Diff to previous 1.46 (colored)

Update lang/nodejs to 4.2.2.

- buffer: fix value check for writeUInt{B,L}E (Trevor Norris)
- buffer: don't CHECK on zero-sized realloc (Ben Noordhuis)
- deps: backport 010897c from V8 upstream (Ali Ijaz Sheikh)
- deps: backport 8d6a228 from the v8's upstream (Fedor Indutny)
- fs: reduced duplicate code in fs.write() (ronkorving)
- http: fix stalled pipeline bug (Fedor Indutny)
- lib: fix cluster handle leak (Rich Trott)
- lib: avoid REPL exit on completion error (Rich Trott)
- repl: handle comments properly (Sakthipriyan Vairamani)
- repl: limit persistent history correctly on load (Jeremiah Senkpiel)
- src: fix race condition in debug signal on exit (Ben Noordhuis)
- src: fix exception message encoding on Windows (Brian White)
- stream: avoid unnecessary concat of a single buffer. (Calvin Metcalf)
- timers: reuse timer in setTimeout().unref() (Fedor Indutny)
- tls: TLSSocket options default isServer false (Yuval Brik)

Revision 1.46 / (download) - annotate - [select for diffs], Wed Oct 21 14:47:43 2015 UTC (8 years, 1 month ago) by fhajny
Branch: MAIN
Changes since 1.45: +2 -2 lines
Diff to previous 1.45 (colored)

Update lang/nodejs to 4.2.1.

- Fixed: Assertion error in WeakCallback - see #3329
- Fixed: Undefined timeout regression - see #3331

Revision 1.45 / (download) - annotate - [select for diffs], Tue Oct 13 07:47:48 2015 UTC (8 years, 1 month ago) by fhajny
Branch: MAIN
Changes since 1.44: +2 -3 lines
Diff to previous 1.44 (colored)

Update lang/nodejs to 4.2.0.

The first Node.js LTS release! See https://github.com/nodejs/LTS/
for details of the LTS process.

- Added new -c (or --check) command line argument for checking script
  syntax without executing the code
- Added process.versions.icu to hold the current ICU library versio
- Added process.release.lts to hold the current LTS codename when
  the binary is from an active LTS release line
- npm: Upgraded to npm 2.14.7 from 2.14.4, see release notes
  for full details

See full release notes incl. commit log:

  https://nodejs.org/en/blog/release/v4.2.0/

Revision 1.44 / (download) - annotate - [select for diffs], Sat Oct 10 01:58:11 2015 UTC (8 years, 1 month ago) by ryoon
Branch: MAIN
Changes since 1.43: +2 -1 lines
Diff to previous 1.43 (colored)

Recursive revbump from textproc/icu

Revision 1.43 / (download) - annotate - [select for diffs], Tue Oct 6 08:00:34 2015 UTC (8 years, 1 month ago) by fhajny
Branch: MAIN
Changes since 1.42: +2 -2 lines
Diff to previous 1.42 (colored)

Update lang/nodejs to 4.1.2.

This release includes a fix for CVE-2015-7384, a Denial of Service
(DoS) bug. All users of Node.js v4.x should upgrade to v4.1.2.

http:
- Fix out-of-order 'finish' event bug in pipelining that can abort
  execution, fixes DoS vulnerability CVE-2015-7384
- Account for pending response data instead of just the data on
  the current request to decide whether pause the socket or not

libuv:
- Upgraded from v1.7.4 to v1.7.5, see release notes for details
- A better rwlock implementation for all Windows versions
- Improved AIX support

v8:
- Upgraded from v4.5.103.33 to v4.5.103.35
- Backported f782159 from v8's upstream to help speed up Promise
  introspection
- Backported c281c15 from v8's upstream to add JSTypedArray length
  in post-mortem metadata

Revision 1.42 / (download) - annotate - [select for diffs], Thu Sep 24 14:17:18 2015 UTC (8 years, 2 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3
Changes since 1.41: +2 -2 lines
Diff to previous 1.41 (colored)

Update lang/nodejs to 4.1.1. ok by jperkin.

- buffer: Fixed a bug introduced in v4.1.0 where allocating
  a new zero-length buffer can result in the next allocation
  of a TypedArray in JavaScript not being zero-filled. In
  certain circumstances this could result in data leakage
  via reuse of memory space in TypedArrays, breaking the
  normally safe assumption that TypedArrays should be always
  zero-filled.
- http: Guard against response-splitting of HTTP trailing headers
  added via response.addTrailers() by removing new-line ([\r\n])
  characters from values. Note that standard header values are
  already stripped of new-line characters. The expected security
  impact is low because trailing headers are rarely used.
- npm: Upgrade to npm 2.14.4 from 2.14.3, see release notes for
  full details
  - Upgrades graceful-fs on multiple dependencies to no longer rely
    on monkey-patching fs
  - Fix npm link for pre-release / RC builds of Node
- v8: Update post-mortem metadata to allow post-mortem debugging tools
  to find and inspect:
  - JavaScript objects that use dictionary properties
  - ScopeInfo and thus closures

Revision 1.41 / (download) - annotate - [select for diffs], Thu Sep 17 10:42:34 2015 UTC (8 years, 2 months ago) by fhajny
Branch: MAIN
Changes since 1.40: +4 -2 lines
Diff to previous 1.40 (colored)

Update lang/nodejs to 4.1.0. OK'd by jperkin.

Notable changes:

* buffer:
  - Buffers are now created in JavaScript, rather than C++. This
    increases the speed of buffer creation
  - Buffer#slice() now uses Uint8Array#subarray() internally,
    increasing slice() performance
* fs:
  - fs.utimes() now properly converts numeric strings, NaN, and
    Infinity
  - fs.WriteStream now implements _writev, allowing for super-fast
    bulk writes
* http: Fixed an issue with certain write() sizes causing errors
  when using http.request()
* npm: Upgrade to version 2.14.3, see
  https://github.com/npm/npm/releases/tag/v2.14.3 for more details
* src: V8 cpu profiling no longer erroneously shows idle time
* timers: #ref() and #unref() now return the timer they belong to
* v8: Lateral upgrade to 4.5.103.33 from 4.5.103.30, contains
  minor fixes. This fixes a previously known bug where some computed
  object shorthand properties did not work correctly

Full release notes:

  https://nodejs.org/en/blog/release/v4.1.0/

Revision 1.40 / (download) - annotate - [select for diffs], Wed Sep 9 15:59:31 2015 UTC (8 years, 2 months ago) by fhajny
Branch: MAIN
Changes since 1.39: +3 -1 lines
Diff to previous 1.39 (colored)

nodejs-4.x requires GCC 4.8 or later.

Revision 1.39 / (download) - annotate - [select for diffs], Wed Sep 9 00:04:54 2015 UTC (8 years, 2 months ago) by ryoon
Branch: MAIN
Changes since 1.38: +2 -2 lines
Diff to previous 1.38 (colored)

Update to 4.0.0

* OpenSSL 1.0.2 or later is required.

Changelog:
## 2015-09-08, Version 4.0.0 (Stable), @rvagg

### Notable changes

This list of changes is relative to the last io.js v3.x branch release, v3.3.0. Please see the list of notable changes in the v3.x, v2.x and v1.x releases for a more complete list of changes from 0.12.x. Note, that some changes in the v3.x series as well as major breaking changes in this release constitute changes required for full convergence of the Node.js and io.js projects.

* **child_process**: `ChildProcess.prototype.send()` and `process.send()` operate asynchronously across all platforms so an optional callback parameter has been introduced that will be invoked once the message has been sent, i.e. `.send(message[, sendHandle][, callback])` (Ben Noordhuis) [#2620](https://github.com/nodejs/node/pull/2620).
* **node**: Rename "io.js" code to "Node.js" (cjihrig) [#2367](https://github.com/nodejs/node/pull/2367).
* **node-gyp**: This release bundles an updated version of node-gyp that works with all versions of Node.js and io.js including nightly and release candidate builds. From io.js v3 and Node.js v4 onward, it will only download a headers tarball when building addons rather than the entire source. (Rod Vagg) [#2700](https://github.com/nodejs/node/pull/2700)
* **npm**: Upgrade to version 2.14.2 from 2.13.3, includes a security update, see https://github.com/npm/npm/releases/tag/v2.14.2 for more details, (Kat Marchán) [#2696](https://github.com/nodejs/node/pull/2696).
* **timers**: Improved timer performance from porting the 0.12 implementation, plus minor fixes (Jeremiah Senkpiel) [#2540](https://github.com/nodejs/node/pull/2540), (Julien Gilli) [nodejs/node-v0.x-archive#8751](https://github.com/nodejs/node-v0.x-archive/pull/8751) [nodejs/node-v0.x-archive#8905](https://github.com/nodejs/node-v0.x-archive/pull/8905)
* **util**: The `util.is*()` functions have been deprecated, beginning with deprecation warnings in the documentation for this release, users are encouraged to seek more robust alternatives in the npm registry, (Sakthipriyan Vairamani) [#2447](https://github.com/nodejs/node/pull/2447).
* **v8**: Upgrade to version 4.5.103.30 from 4.4.63.30 (Ali Ijaz Sheikh) [#2632](https://github.com/nodejs/node/pull/2632).
 - Implement new `TypedArray` prototype methods: `copyWithin()`, `every()`, `fill()`, `filter()`, `find()`, `findIndex()`, `forEach()`, `indexOf()`, `join()`, `lastIndexOf()`, `map()`, `reduce()`, `reduceRight()`, `reverse()`, `slice()`, `some()`, `sort()`. See https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray for further information.
 - Implement new `TypedArray.from()` and `TypedArray.of()` functions. See https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/TypedArray for further information.
 - Implement arrow functions, see https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Functions/Arrow_functions for further information.
 - Full ChangeLog available at https://github.com/v8/v8-git-mirror/blob/4.5.103/ChangeLog

### Known issues

See https://github.com/nodejs/node/labels/confirmed-bug for complete and current list of known issues.

* Some uses of computed object shorthand properties are not handled correctly by the current version of V8. e.g. `[{ [prop]: val }]` evaluates to `[{}]`. [#2507](https://github.com/nodejs/node/issues/2507)
* Some problems with unreferenced timers running during `beforeExit` are still to be resolved. See [#1264](https://github.com/nodejs/node/issues/1264).
* Surrogate pair in REPL can freeze terminal. [#690](https://github.com/nodejs/node/issues/690)
* Calling `dns.setServers()` while a DNS query is in progress can cause the process to crash on a failed assertion. [#894](https://github.com/nodejs/node/issues/894)
* `url.resolve` may transfer the auth portion of the url when resolving between two full hosts, see [#1435](https://github.com/nodejs/node/issues/1435).

### Commits

* [[`4f50d3fb90`](https://github.com/nodejs/node/commit/4f50d3fb90)] - **(SEMVER-MAJOR)** This commit sets the value of process.release.name to "node". (cjihrig) [#2367](https://github.com/nodejs/node/pull/2367)
* [[`d3178d8b1b`](https://github.com/nodejs/node/commit/d3178d8b1b)] - **buffer**: SlowBuffer only accept valid numeric values (Michaël Zasso) [#2635](https://github.com/nodejs/node/pull/2635)
* [[`0cb0f4a6e4`](https://github.com/nodejs/node/commit/0cb0f4a6e4)] - **build**: fix v8_enable_handle_zapping override (Karl Skomski) [#2731](https://github.com/nodejs/node/pull/2731)
* [[`a7596d7efc`](https://github.com/nodejs/node/commit/a7596d7efc)] - **build**: remote commands on staging in single session (Rod Vagg) [#2717](https://github.com/nodejs/node/pull/2717)
* [[`be427e9efa`](https://github.com/nodejs/node/commit/be427e9efa)] - **build**: make .msi install to "nodejs", not "node" (Rod Vagg) [#2701](https://github.com/nodejs/node/pull/2701)
* [[`5652ce0dbc`](https://github.com/nodejs/node/commit/5652ce0dbc)] - **build**: fix .pkg creation tooling (Rod Vagg) [#2687](https://github.com/nodejs/node/pull/2687)
* [[`101db80111`](https://github.com/nodejs/node/commit/101db80111)] - **build**: add --enable-asan with builtin leakcheck (Karl Skomski) [#2376](https://github.com/nodejs/node/pull/2376)
* [[`2c3939c9c0`](https://github.com/nodejs/node/commit/2c3939c9c0)] - **child_process**: use stdio.fd even if it is 0 (Evan Lucas) [#2727](https://github.com/nodejs/node/pull/2727)
* [[`609db5a1dd`](https://github.com/nodejs/node/commit/609db5a1dd)] - **child_process**: check execFile and fork args (James M Snell) [#2667](https://github.com/nodejs/node/pull/2667)
* [[`d010568c23`](https://github.com/nodejs/node/commit/d010568c23)] - **(SEMVER-MAJOR)** **child_process**: add callback parameter to .send() (Ben Noordhuis) [#2620](https://github.com/nodejs/node/pull/2620)
* [[`c60857a81a`](https://github.com/nodejs/node/commit/c60857a81a)] - **cluster**: allow shared reused dgram sockets (Fedor Indutny) [#2548](https://github.com/nodejs/node/pull/2548)
* [[`b2ecbb6191`](https://github.com/nodejs/node/commit/b2ecbb6191)] - **contextify**: ignore getters during initialization (Fedor Indutny) [#2091](https://github.com/nodejs/node/pull/2091)
* [[`3711934095`](https://github.com/nodejs/node/commit/3711934095)] - **cpplint**: make it possible to run outside git repo (Ben Noordhuis) [#2710](https://github.com/nodejs/node/pull/2710)
* [[`03f900ab25`](https://github.com/nodejs/node/commit/03f900ab25)] - **crypto**: replace rwlocks with simple mutexes (Ben Noordhuis) [#2723](https://github.com/nodejs/node/pull/2723)
* [[`847459c29b`](https://github.com/nodejs/node/commit/847459c29b)] - **(SEMVER-MAJOR)** **crypto**: show exponent in decimal and hex (Chad Johnston) [#2320](https://github.com/nodejs/node/pull/2320)
* [[`e1c976184d`](https://github.com/nodejs/node/commit/e1c976184d)] - **deps**: improve ArrayBuffer performance in v8 (Fedor Indutny) [#2732](https://github.com/nodejs/node/pull/2732)
* [[`cc0ab17a23`](https://github.com/nodejs/node/commit/cc0ab17a23)] - **deps**: float node-gyp v3.0.0 (Rod Vagg) [#2700](https://github.com/nodejs/node/pull/2700)
* [[`b2c3c6d727`](https://github.com/nodejs/node/commit/b2c3c6d727)] - **deps**: create .npmrc during npm tests (Kat Marchán) [#2696](https://github.com/nodejs/node/pull/2696)
* [[`babdbfdbd5`](https://github.com/nodejs/node/commit/babdbfdbd5)] - **deps**: upgrade to npm 2.14.2 (Kat Marchán) [#2696](https://github.com/nodejs/node/pull/2696)
* [[`155783d876`](https://github.com/nodejs/node/commit/155783d876)] - **deps**: backport 75e43a6 from v8 upstream (again) (saper) [#2692](https://github.com/nodejs/node/pull/2692)
* [[`5424d6fcf0`](https://github.com/nodejs/node/commit/5424d6fcf0)] - **deps**: upgrade V8 to 4.5.103.30 (Ali Ijaz Sheikh) [#2632](https://github.com/nodejs/node/pull/2632)
* [[`c43172578e`](https://github.com/nodejs/node/commit/c43172578e)] - **(SEMVER-MAJOR)** **deps**: upgrade V8 to 4.5.103.24 (Ali Ijaz Sheikh) [#2509](https://github.com/nodejs/node/pull/2509)
* [[`714e96e8b9`](https://github.com/nodejs/node/commit/714e96e8b9)] - **deps**: backport 75e43a6 from v8 upstream (saper) [#2636](https://github.com/nodejs/node/pull/2636)
* [[`8637755cbf`](https://github.com/nodejs/node/commit/8637755cbf)] - **doc**: add TSC meeting minutes 2015-09-02 (Rod Vagg) [#2674](https://github.com/nodejs/node/pull/2674)
* [[`d3d5b93214`](https://github.com/nodejs/node/commit/d3d5b93214)] - **doc**: update environment vars in manpage and --help (Roman Reiss) [#2690](https://github.com/nodejs/node/pull/2690)
* [[`29f586ac0a`](https://github.com/nodejs/node/commit/29f586ac0a)] - **doc**: update url doc to account for escaping (Jeremiah Senkpiel) [#2605](https://github.com/nodejs/node/pull/2605)
* [[`ba50cfebef`](https://github.com/nodejs/node/commit/ba50cfebef)] - **doc**: reorder collaborators by their usernames (Johan Bergström) [#2322](https://github.com/nodejs/node/pull/2322)
* [[`8a9a3bf798`](https://github.com/nodejs/node/commit/8a9a3bf798)] - **doc**: update changelog for io.js v3.3.0 (Rod Vagg) [#2653](https://github.com/nodejs/node/pull/2653)
* [[`6cd0e2664b`](https://github.com/nodejs/node/commit/6cd0e2664b)] - **doc**: update io.js reference (Ben Noordhuis) [#2580](https://github.com/nodejs/node/pull/2580)
* [[`f9539c19e8`](https://github.com/nodejs/node/commit/f9539c19e8)] - **doc**: update changelog for io.js v3.2.0 (Rod Vagg) [#2512](https://github.com/nodejs/node/pull/2512)
* [[`cded6e7993`](https://github.com/nodejs/node/commit/cded6e7993)] - **doc**: fix CHANGELOG.md on master (Roman Reiss) [#2513](https://github.com/nodejs/node/pull/2513)
* [[`93e2830686`](https://github.com/nodejs/node/commit/93e2830686)] - **(SEMVER-MINOR)** **doc**: document deprecation of util.is* functions (Sakthipriyan Vairamani) [#2447](https://github.com/nodejs/node/pull/2447)
* [[`7038388558`](https://github.com/nodejs/node/commit/7038388558)] - **doc,test**: enable recursive file watching in Windows (Sakthipriyan Vairamani) [#2649](https://github.com/nodejs/node/pull/2649)
* [[`f3696f64a1`](https://github.com/nodejs/node/commit/f3696f64a1)] - **events,lib**: don't require EE#listenerCount() (Jeremiah Senkpiel) [#2661](https://github.com/nodejs/node/pull/2661)
* [[`45a2046f5d`](https://github.com/nodejs/node/commit/45a2046f5d)] - **(SEMVER-MAJOR)** **installer**: fix installers for node.js rename (Frederic Hemberger) [#2367](https://github.com/nodejs/node/pull/2367)
* [[`7a999a1376`](https://github.com/nodejs/node/commit/7a999a1376)] - **(SEMVER-MAJOR)** **lib**: add net.Socket#localFamily property (Ben Noordhuis) [#956](https://github.com/nodejs/node/pull/956)
* [[`de88255b0f`](https://github.com/nodejs/node/commit/de88255b0f)] - ***Revert*** "**lib,src**: add unix socket getsockname/getpeername" (Ben Noordhuis) [#2584](https://github.com/nodejs/node/pull/2584)
* [[`f337595441`](https://github.com/nodejs/node/commit/f337595441)] - **(SEMVER-MAJOR)** **lib,src**: add unix socket getsockname/getpeername (Ben Noordhuis) [#956](https://github.com/nodejs/node/pull/956)
* [[`3b602527d1`](https://github.com/nodejs/node/commit/3b602527d1)] - **(SEMVER-MAJOR)** **node**: additional cleanup for node rename (cjihrig) [#2367](https://github.com/nodejs/node/pull/2367)
* [[`a69ab27ab4`](https://github.com/nodejs/node/commit/a69ab27ab4)] - **(SEMVER-MAJOR)** **node**: rename from io.js to node (cjihrig) [#2367](https://github.com/nodejs/node/pull/2367)
* [[`9358eee9dd`](https://github.com/nodejs/node/commit/9358eee9dd)] - **node-gyp**: float 3.0.1, minor fix for download url (Rod Vagg) [#2737](https://github.com/nodejs/node/pull/2737)
* [[`d2d981252b`](https://github.com/nodejs/node/commit/d2d981252b)] - **src**: s/ia32/x86 for process.release.libUrl for win (Rod Vagg) [#2699](https://github.com/nodejs/node/pull/2699)
* [[`eba3d3dccd`](https://github.com/nodejs/node/commit/eba3d3dccd)] - **src**: use standard conform snprintf on windows (Karl Skomski) [#2404](https://github.com/nodejs/node/pull/2404)
* [[`cddbec231f`](https://github.com/nodejs/node/commit/cddbec231f)] - **src**: fix buffer overflow for long exception lines (Karl Skomski) [#2404](https://github.com/nodejs/node/pull/2404)
* [[`dd3f3417c7`](https://github.com/nodejs/node/commit/dd3f3417c7)] - **src**: re-enable fast math on arm (Michaël Zasso) [#2592](https://github.com/nodejs/node/pull/2592)
* [[`e137c1177c`](https://github.com/nodejs/node/commit/e137c1177c)] - **(SEMVER-MAJOR)** **src**: enable vector ics on arm again (Ali Ijaz Sheikh) [#2509](https://github.com/nodejs/node/pull/2509)
* [[`7ce749d722`](https://github.com/nodejs/node/commit/7ce749d722)] - **src**: replace usage of v8::Handle with v8::Local (Michaël Zasso) [#2202](https://github.com/nodejs/node/pull/2202)
* [[`b1a2d9509f`](https://github.com/nodejs/node/commit/b1a2d9509f)] - **src**: enable v8 deprecation warnings and fix them (Ben Noordhuis) [#2091](https://github.com/nodejs/node/pull/2091)
* [[`808de0da03`](https://github.com/nodejs/node/commit/808de0da03)] - **(SEMVER-MAJOR)** **src**: apply debug force load fixups from 41e63fb (Ali Ijaz Sheikh) [#2509](https://github.com/nodejs/node/pull/2509)
* [[`5201cb0ff1`](https://github.com/nodejs/node/commit/5201cb0ff1)] - **src**: fix memory leak in ExternString (Karl Skomski) [#2402](https://github.com/nodejs/node/pull/2402)
* [[`2308a27c0a`](https://github.com/nodejs/node/commit/2308a27c0a)] - **src**: only set v8 flags if argc > 1 (Evan Lucas) [#2646](https://github.com/nodejs/node/pull/2646)
* [[`384effed20`](https://github.com/nodejs/node/commit/384effed20)] - **test**: fix use of `common` before required (Rod Vagg) [#2685](https://github.com/nodejs/node/pull/2685)
* [[`f146f686b7`](https://github.com/nodejs/node/commit/f146f686b7)] - **(SEMVER-MAJOR)** **test**: fix test-repl-tab-complete.js for V8 4.5 (Ali Ijaz Sheikh) [#2509](https://github.com/nodejs/node/pull/2509)
* [[`fe4b309fd3`](https://github.com/nodejs/node/commit/fe4b309fd3)] - **test**: refactor to eliminate flaky test (Rich Trott) [#2609](https://github.com/nodejs/node/pull/2609)
* [[`619721e6b8`](https://github.com/nodejs/node/commit/619721e6b8)] - **test**: mark eval_messages as flaky (Alexis Campailla) [#2648](https://github.com/nodejs/node/pull/2648)
* [[`93ba585b66`](https://github.com/nodejs/node/commit/93ba585b66)] - **test**: mark test-vm-syntax-error-stderr as flaky (João Reis) [#2662](https://github.com/nodejs/node/pull/2662)
* [[`367140bca0`](https://github.com/nodejs/node/commit/367140bca0)] - **test**: mark test-repl-persistent-history as flaky (João Reis) [#2659](https://github.com/nodejs/node/pull/2659)
* [[`f6b093343d`](https://github.com/nodejs/node/commit/f6b093343d)] - **timers**: minor `_unrefActive` fixes and improvements (Jeremiah Senkpiel) [#2540](https://github.com/nodejs/node/pull/2540)
* [[`403d7ee7d1`](https://github.com/nodejs/node/commit/403d7ee7d1)] - **timers**: don't mutate unref list while iterating it (Julien Gilli) [#2540](https://github.com/nodejs/node/pull/2540)
* [[`7a8c3e08c3`](https://github.com/nodejs/node/commit/7a8c3e08c3)] - **timers**: Avoid linear scan in `_unrefActive`. (Julien Gilli) [#2540](https://github.com/nodejs/node/pull/2540)
* [[`b630ebaf43`](https://github.com/nodejs/node/commit/b630ebaf43)] - **win,msi**: Upgrade from old upgrade code (João Reis) [#2439](https://github.com/nodejs/node/pull/2439)

## 2015-09-02, Version 3.3.0, @rvagg

### Notable changes

* **build**: Add a `--link-module` option to `configure` that can be used to bundle additional JavaScript modules into a built binary (Bradley Meck) [#2497](https://github.com/nodejs/node/pull/2497)
* **docs**: Merge outstanding doc updates from joyent/node (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* **http_parser**: Significant performance improvement by having `http.Server` consume all initial data from its `net.Socket` and parsing directly without having to enter JavaScript. Any `'data'` listeners on the `net.Socket` will result in the data being "unconsumed" into JavaScript, thereby undoing any performance gains. (Fedor Indutny) [#2355](https://github.com/nodejs/node/pull/2355)
* **libuv**: Upgrade to 1.7.3 (from 1.6.1), see [ChangeLog](https://github.com/libuv/libuv/blob/v1.x/ChangeLog) for details (Saúl Ibarra Corretgé) [#2310](https://github.com/nodejs/node/pull/2310)
* **V8**: Upgrade to 4.4.63.30 (from 4.4.63.26) (Michaël Zasso) [#2482](https://github.com/nodejs/node/pull/2482)

### Known issues

See https://github.com/nodejs/io.js/labels/confirmed-bug for complete and current list of known issues.

* Some uses of computed object shorthand properties are not handled correctly by the current version of V8. e.g. `[{ [prop]: val }]` evaluates to `[{}]`. [#2507](https://github.com/nodejs/node/issues/2507)
* Some problems with unreferenced timers running during `beforeExit` are still to be resolved. See [#1264](https://github.com/nodejs/io.js/issues/1264).
* Surrogate pair in REPL can freeze terminal. [#690](https://github.com/nodejs/io.js/issues/690)
* `process.send()` is not synchronous as the docs suggest, a regression introduced in 1.0.2, see [#760](https://github.com/nodejs/io.js/issues/760).
* Calling `dns.setServers()` while a DNS query is in progress can cause the process to crash on a failed assertion. [#894](https://github.com/nodejs/io.js/issues/894)
* `url.resolve` may transfer the auth portion of the url when resolving between two full hosts, see [#1435](https://github.com/nodejs/io.js/issues/1435).

### Commits

* [[`1a531b4e44`](https://github.com/nodejs/node/commit/1a531b4e44)] - **(SEMVER-MINOR)** Introduce --link-module to ./configure (Bradley Meck) [#2497](https://github.com/nodejs/node/pull/2497)
* [[`d2f314c190`](https://github.com/nodejs/node/commit/d2f314c190)] - **build**: fix borked chmod call for release uploads (Rod Vagg) [#2645](https://github.com/nodejs/node/pull/2645)
* [[`3172e9c541`](https://github.com/nodejs/node/commit/3172e9c541)] - **build**: set file permissions before uploading (Rod Vagg) [#2623](https://github.com/nodejs/node/pull/2623)
* [[`a860d7fae1`](https://github.com/nodejs/node/commit/a860d7fae1)] - **build**: change staging directory on new server (Rod Vagg) [#2623](https://github.com/nodejs/node/pull/2623)
* [[`50c0baa8d7`](https://github.com/nodejs/node/commit/50c0baa8d7)] - **build**: rename 'doc' directory to 'docs' for upload (Rod Vagg) [#2623](https://github.com/nodejs/node/pull/2623)
* [[`0a0577cf5f`](https://github.com/nodejs/node/commit/0a0577cf5f)] - **build**: fix bad cherry-pick for vcbuild.bat build-release (Rod Vagg) [#2625](https://github.com/nodejs/node/pull/2625)
* [[`34de90194b`](https://github.com/nodejs/node/commit/34de90194b)] - **build**: only define NODE_V8_OPTIONS if not empty (Evan Lucas) [#2532](https://github.com/nodejs/node/pull/2532)
* [[`944174b189`](https://github.com/nodejs/node/commit/944174b189)] - **build**: make ci test addons in test/addons (Ben Noordhuis) [#2428](https://github.com/nodejs/node/pull/2428)
* [[`e955f9a1b0`](https://github.com/nodejs/node/commit/e955f9a1b0)] - **crypto**: Use OPENSSL_cleanse to shred the data. (Сковоода икиа ндееви) [#2575](https://github.com/nodejs/node/pull/2575)
* [[`395d736b9d`](https://github.com/nodejs/node/commit/395d736b9d)] - **debugger**: use strict equality comparison (Minwoo Jung) [#2558](https://github.com/nodejs/node/pull/2558)
* [[`1d0e5210a8`](https://github.com/nodejs/node/commit/1d0e5210a8)] - **deps**: upgrade libuv to 1.7.3 (Saúl Ibarra Corretgé) [#2310](https://github.com/nodejs/node/pull/2310)
* [[`34ef53364f`](https://github.com/nodejs/node/commit/34ef53364f)] - **deps**: update V8 to 4.4.63.30 (Michaël Zasso) [#2482](https://github.com/nodejs/node/pull/2482)
* [[`23579a5f4a`](https://github.com/nodejs/node/commit/23579a5f4a)] - **doc**: add TSC meeting minutes 2015-08-12 (Rod Vagg) [#2438](https://github.com/nodejs/node/pull/2438)
* [[`0cc59299a4`](https://github.com/nodejs/node/commit/0cc59299a4)] - **doc**: add TSC meeting minutes 2015-08-26 (Rod Vagg) [#2591](https://github.com/nodejs/node/pull/2591)
* [[`6efa96e33a`](https://github.com/nodejs/node/commit/6efa96e33a)] - **doc**: merge CHANGELOG.md with joyent/node ChangeLog (P.S.V.R) [#2536](https://github.com/nodejs/node/pull/2536)
* [[`f75d54607b`](https://github.com/nodejs/node/commit/f75d54607b)] - **doc**: clarify cluster behaviour with no workers (Jeremiah Senkpiel) [#2606](https://github.com/nodejs/node/pull/2606)
* [[`8936302121`](https://github.com/nodejs/node/commit/8936302121)] - **doc**: minor clarification in buffer.markdown (Сковоода икиа ндееви) [#2574](https://github.com/nodejs/node/pull/2574)
* [[`0db0e53753`](https://github.com/nodejs/node/commit/0db0e53753)] - **doc**: add @jasnell and @sam-github to release team (Rod Vagg) [#2455](https://github.com/nodejs/node/pull/2455)
* [[`c16e100593`](https://github.com/nodejs/node/commit/c16e100593)] - **doc**: reorg release team to separate section (Rod Vagg) [#2455](https://github.com/nodejs/node/pull/2455)
* [[`e3e00143fd`](https://github.com/nodejs/node/commit/e3e00143fd)] - **doc**: fix bad merge on modules.markdown (James M Snell)
* [[`2f62455880`](https://github.com/nodejs/node/commit/2f62455880)] - **doc**: minor additional corrections and improvements (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`3bd08aac4b`](https://github.com/nodejs/node/commit/3bd08aac4b)] - **doc**: minor grammatical update in crypto.markdown (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`f707189370`](https://github.com/nodejs/node/commit/f707189370)] - **doc**: minor grammatical update (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`6c98cf0266`](https://github.com/nodejs/node/commit/6c98cf0266)] - **doc**: remove repeated statement in globals.markdown (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`48e6ccf8c2`](https://github.com/nodejs/node/commit/48e6ccf8c2)] - **doc**: remove 'dudes' from documentation (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`b5d68f8076`](https://github.com/nodejs/node/commit/b5d68f8076)] - **doc**: update tense in child_process.markdown (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`242e3fe3ba`](https://github.com/nodejs/node/commit/242e3fe3ba)] - **doc**: fixed worker.id type (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`ea9ee15c21`](https://github.com/nodejs/node/commit/ea9ee15c21)] - **doc**: port is optional for socket.bind() (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`0ff6657a50`](https://github.com/nodejs/node/commit/0ff6657a50)] - **doc**: fix minor types and grammar in fs docs (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`94d83c04f2`](https://github.com/nodejs/node/commit/94d83c04f2)] - **doc**: update parameter name in net.markdown (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`04111ce40f`](https://github.com/nodejs/node/commit/04111ce40f)] - **doc**: small typo in domain.markdown (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`c9fdd1bbbf`](https://github.com/nodejs/node/commit/c9fdd1bbbf)] - **doc**: fixed typo in net.markdown (missing comma) (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`27c07b3f8e`](https://github.com/nodejs/node/commit/27c07b3f8e)] - **doc**: update description of fs.exists in fs.markdown (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`52018e73d9`](https://github.com/nodejs/node/commit/52018e73d9)] - **doc**: clarification on the 'close' event (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`f6d3b87a25`](https://github.com/nodejs/node/commit/f6d3b87a25)] - **doc**: improve working in stream.markdown (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`b5da89431a`](https://github.com/nodejs/node/commit/b5da89431a)] - **doc**: update path.extname documentation (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`1d4ea609db`](https://github.com/nodejs/node/commit/1d4ea609db)] - **doc**: small clarifications to modules.markdown (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`c888985591`](https://github.com/nodejs/node/commit/c888985591)] - **doc**: code style cleanups in repl.markdown (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`105b493595`](https://github.com/nodejs/node/commit/105b493595)] - **doc**: correct grammar in cluster.markdown (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`51b86ccac7`](https://github.com/nodejs/node/commit/51b86ccac7)] - **doc**: Clarify the module.parent is set once (James M Snell) [#2378](https://github.com/nodejs/node/pull/2378)
* [[`d2ffecba2d`](https://github.com/nodejs/node/commit/d2ffecba2d)] - **doc**: add internal modules notice (Jeremiah Senkpiel) [#2523](https://github.com/nodejs/node/pull/2523)
* [[`b36debd5cb`](https://github.com/nodejs/node/commit/b36debd5cb)] - **env**: introduce `KickNextTick` (Fedor Indutny) [#2355](https://github.com/nodejs/node/pull/2355)
* [[`1bc446863f`](https://github.com/nodejs/node/commit/1bc446863f)] - **http_parser**: consume StreamBase instance (Fedor Indutny) [#2355](https://github.com/nodejs/node/pull/2355)
* [[`ce04b735cc`](https://github.com/nodejs/node/commit/ce04b735cc)] - **src**: only memcmp if length > 0 in Buffer::Compare (Karl Skomski) [#2544](https://github.com/nodejs/node/pull/2544)
* [[`31823e37c7`](https://github.com/nodejs/node/commit/31823e37c7)] - **src**: DRY getsockname/getpeername code (Ben Noordhuis) [#956](https://github.com/nodejs/node/pull/956)
* [[`13fd96dda3`](https://github.com/nodejs/node/commit/13fd96dda3)] - **src**: missing Exception::Error in node_http_parser (Jeremiah Senkpiel) [#2550](https://github.com/nodejs/node/pull/2550)
* [[`42e075ae02`](https://github.com/nodejs/node/commit/42e075ae02)] - **test**: improve performance of stringbytes test (Trevor Norris) [#2544](https://github.com/nodejs/node/pull/2544)
* [[`fc726399fd`](https://github.com/nodejs/node/commit/fc726399fd)] - **test**: unmark test-process-argv-0.js as flaky (Rich Trott) [#2613](https://github.com/nodejs/node/pull/2613)
* [[`7727ba1394`](https://github.com/nodejs/node/commit/7727ba1394)] - **test**: lint and refactor to avoid autocrlf issue (Roman Reiss) [#2494](https://github.com/nodejs/node/pull/2494)
* [[`c56aa829f0`](https://github.com/nodejs/node/commit/c56aa829f0)] - **test**: use tmpDir instead of fixturesDir (Sakthipriyan Vairamani) [#2583](https://github.com/nodejs/node/pull/2583)
* [[`5e65181ea4`](https://github.com/nodejs/node/commit/5e65181ea4)] - **test**: handling failure cases properly (Sakthipriyan Vairamani) [#2206](https://github.com/nodejs/node/pull/2206)
* [[`c48b95e847`](https://github.com/nodejs/node/commit/c48b95e847)] - **test**: initial list of flaky tests (Alexis Campailla) [#2424](https://github.com/nodejs/node/pull/2424)
* [[`94e88498ba`](https://github.com/nodejs/node/commit/94e88498ba)] - **test**: pass args to test-ci via env variable (Alexis Campailla) [#2424](https://github.com/nodejs/node/pull/2424)
* [[`09987c7a1c`](https://github.com/nodejs/node/commit/09987c7a1c)] - **test**: support flaky tests in test-ci (Alexis Campailla) [#2424](https://github.com/nodejs/node/pull/2424)
* [[`08b83c8b45`](https://github.com/nodejs/node/commit/08b83c8b45)] - **test**: add test configuration templates (Alexis Campailla) [#2424](https://github.com/nodejs/node/pull/2424)
* [[`8f8ab6fa57`](https://github.com/nodejs/node/commit/8f8ab6fa57)] - **test**: runner should return 0 on flaky tests (Alexis Campailla) [#2424](https://github.com/nodejs/node/pull/2424)
* [[`0cfd3be9c6`](https://github.com/nodejs/node/commit/0cfd3be9c6)] - **test**: runner support for flaky tests (Alexis Campailla) [#2424](https://github.com/nodejs/node/pull/2424)
* [[`3492d2d4c6`](https://github.com/nodejs/node/commit/3492d2d4c6)] - **test**: make test-process-argv-0 robust (Rich Trott) [#2541](https://github.com/nodejs/node/pull/2541)
* [[`a96cc31710`](https://github.com/nodejs/node/commit/a96cc31710)] - **test**: speed up test-child-process-spawnsync.js (Rich Trott) [#2542](https://github.com/nodejs/node/pull/2542)
* [[`856baf4c67`](https://github.com/nodejs/node/commit/856baf4c67)] - **test**: make spawnSync() test robust (Rich Trott) [#2535](https://github.com/nodejs/node/pull/2535)
* [[`3aa6bbb648`](https://github.com/nodejs/node/commit/3aa6bbb648)] - **tools**: update release.sh to work with new website (Rod Vagg) [#2623](https://github.com/nodejs/node/pull/2623)
* [[`f2f0fe45ff`](https://github.com/nodejs/node/commit/f2f0fe45ff)] - **tools**: make add-on scraper print filenames (Ben Noordhuis) [#2428](https://github.com/nodejs/node/pull/2428)
* [[`bb24c4a418`](https://github.com/nodejs/node/commit/bb24c4a418)] - **win,msi**: correct installation path registry keys (João Reis) [#2565](https://github.com/nodejs/node/pull/2565)
* [[`752977b888`](https://github.com/nodejs/node/commit/752977b888)] - **win,msi**: change InstallScope to perMachine (João Reis) [#2565](https://github.com/nodejs/node/pull/2565)

## 2015-08-25, Version 3.2.0, @rvagg

### Notable changes

* **events**: Added `EventEmitter#listenerCount(event)` as a replacement for `EventEmitter.listenerCount(emitter, event)`, which has now been marked as deprecated in the docs. (Sakthipriyan Vairamani) [#2349](https://github.com/nodejs/node/pull/2349)
* **module**: Fixed an error with preloaded modules when the current working directory doesn't exist. (Bradley Meck) [#2353](https://github.com/nodejs/node/pull/2353)
* **node**: Startup time is now about 5% faster when not passing V8 flags. (Evan Lucas) [#2483](https://github.com/nodejs/node/pull/2483)
* **repl**: Tab-completion now works better with arrays. (James M Snell) [#2409](https://github.com/nodejs/node/pull/2409)
* **string_bytes**: Fixed an unaligned write in the handling of UCS2 encoding. (Fedor Indutny) [#2480](https://github.com/nodejs/node/pull/2480)
* **tls**: Added a new `--tls-cipher-list` flag that can be used to override the built-in default cipher list. (James M Snell) [#2412](https://github.com/nodejs/node/pull/2412) _Note: it is suggested you use the built-in cipher list as it has been carefully selected to reflect current security best practices and risk mitigation._

### Known issues

See https://github.com/nodejs/io.js/labels/confirmed-bug for complete and current list of known issues.

* Some uses of computed object shorthand properties are not handled correctly by the current version of V8. e.g. `[{ [prop]: val }]` evaluates to `[{}]`. [#2507](https://github.com/nodejs/node/issues/2507)
* Some problems with unreferenced timers running during `beforeExit` are still to be resolved. See [#1264](https://github.com/nodejs/io.js/issues/1264).
* Surrogate pair in REPL can freeze terminal. [#690](https://github.com/nodejs/io.js/issues/690)
* `process.send()` is not synchronous as the docs suggest, a regression introduced in 1.0.2, see [#760](https://github.com/nodejs/io.js/issues/760).
* Calling `dns.setServers()` while a DNS query is in progress can cause the process to crash on a failed assertion. [#894](https://github.com/nodejs/io.js/issues/894)
* `url.resolve` may transfer the auth portion of the url when resolving between two full hosts, see [#1435](https://github.com/nodejs/io.js/issues/1435).

### Commits

* [[`1cd794f129`](https://github.com/nodejs/node/commit/1cd794f129)] - **buffer**: reapply 07c0667 (Fedor Indutny) [#2487](https://github.com/nodejs/node/pull/2487)
* [[`156781dedd`](https://github.com/nodejs/node/commit/156781dedd)] - **build**: use required platform in android-configure (Evan Lucas) [#2501](https://github.com/nodejs/node/pull/2501)
* [[`77075ec906`](https://github.com/nodejs/node/commit/77075ec906)] - **crypto**: fix mem {de}allocation in ExportChallenge (Karl Skomski) [#2359](https://github.com/nodejs/node/pull/2359)
* [[`cb30414d9e`](https://github.com/nodejs/node/commit/cb30414d9e)] - **doc**: sync CHANGELOG.md from master (Roman Reiss) [#2524](https://github.com/nodejs/node/pull/2524)
* [[`9330f5ef45`](https://github.com/nodejs/node/commit/9330f5ef45)] - **doc**: make the deprecations consistent (Sakthipriyan Vairamani) [#2450](https://github.com/nodejs/node/pull/2450)
* [[`09437e0146`](https://github.com/nodejs/node/commit/09437e0146)] - **doc**: fix comments in tls_wrap.cc and _http_client.js (Minwoo Jung) [#2489](https://github.com/nodejs/node/pull/2489)
* [[`c9867fed29`](https://github.com/nodejs/node/commit/c9867fed29)] - **doc**: document response.finished in http.markdown (hackerjs) [#2414](https://github.com/nodejs/node/pull/2414)
* [[`7f23a83c42`](https://github.com/nodejs/node/commit/7f23a83c42)] - **doc**: update AUTHORS list (Rod Vagg) [#2505](https://github.com/nodejs/node/pull/2505)
* [[`cd0c362f67`](https://github.com/nodejs/node/commit/cd0c362f67)] - **doc**: update AUTHORS list (Rod Vagg) [#2318](https://github.com/nodejs/node/pull/2318)
* [[`2c7b9257ea`](https://github.com/nodejs/node/commit/2c7b9257ea)] - **doc**: add TSC meeting minutes 2015-07-29 (Rod Vagg) [#2437](https://github.com/nodejs/node/pull/2437)
* [[`aaefde793e`](https://github.com/nodejs/node/commit/aaefde793e)] - **doc**: add TSC meeting minutes 2015-08-19 (Rod Vagg) [#2460](https://github.com/nodejs/node/pull/2460)
* [[`51ef9106f5`](https://github.com/nodejs/node/commit/51ef9106f5)] - **doc**: add TSC meeting minutes 2015-06-03 (Rod Vagg) [#2453](https://github.com/nodejs/node/pull/2453)
* [[`7130b4cf1d`](https://github.com/nodejs/node/commit/7130b4cf1d)] - **doc**: fix links to original converged repo (Rod Vagg) [#2454](https://github.com/nodejs/node/pull/2454)
* [[`14f2aee1df`](https://github.com/nodejs/node/commit/14f2aee1df)] - **doc**: fix links to original gh issues for TSC meetings (Rod Vagg) [#2454](https://github.com/nodejs/node/pull/2454)
* [[`87a9ef0a40`](https://github.com/nodejs/node/commit/87a9ef0a40)] - **doc**: add audio recording links to TSC meeting minutes (Rod Vagg) [#2454](https://github.com/nodejs/node/pull/2454)
* [[`f5cf24afbc`](https://github.com/nodejs/node/commit/f5cf24afbc)] - **doc**: add TSC meeting minutes 2015-07-22 (Rod Vagg) [#2436](https://github.com/nodejs/node/pull/2436)
* [[`3f821b96eb`](https://github.com/nodejs/node/commit/3f821b96eb)] - **doc**: fix spelling mistake in node.js comment (Jacob Edelman) [#2391](https://github.com/nodejs/node/pull/2391)
* [[`3e6a6fcdd6`](https://github.com/nodejs/node/commit/3e6a6fcdd6)] - **(SEMVER-MINOR)** **events**: deprecate static listenerCount function (Sakthipriyan Vairamani) [#2349](https://github.com/nodejs/node/pull/2349)
* [[`023386c852`](https://github.com/nodejs/node/commit/023386c852)] - **fs**: replace bad_args macro with concrete error msg (Roman Klauke) [#2495](https://github.com/nodejs/node/pull/2495)
* [[`d1c27b2e29`](https://github.com/nodejs/node/commit/d1c27b2e29)] - **module**: fix module preloading when cwd is ENOENT (Bradley Meck) [#2353](https://github.com/nodejs/node/pull/2353)
* [[`5d7486941b`](https://github.com/nodejs/node/commit/5d7486941b)] - **repl**: filter integer keys from repl tab complete list (James M Snell) [#2409](https://github.com/nodejs/node/pull/2409)
* [[`7f02443a9a`](https://github.com/nodejs/node/commit/7f02443a9a)] - **repl**: dont throw ENOENT on NODE_REPL_HISTORY_FILE (Todd Kennedy) [#2451](https://github.com/nodejs/node/pull/2451)
* [[`56a2ae9cef`](https://github.com/nodejs/node/commit/56a2ae9cef)] - **src**: improve startup time (Evan Lucas) [#2483](https://github.com/nodejs/node/pull/2483)
* [[`14653c7429`](https://github.com/nodejs/node/commit/14653c7429)] - **stream**: rename poorly named function (Ben Noordhuis) [#2479](https://github.com/nodejs/node/pull/2479)
* [[`1c6e014bfa`](https://github.com/nodejs/node/commit/1c6e014bfa)] - **stream**: micro-optimize high water mark calculation (Ben Noordhuis) [#2479](https://github.com/nodejs/node/pull/2479)
* [[`f1f4b4c46d`](https://github.com/nodejs/node/commit/f1f4b4c46d)] - **stream**: fix off-by-factor-16 error in comment (Ben Noordhuis) [#2479](https://github.com/nodejs/node/pull/2479)
* [[`2d3f09bd76`](https://github.com/nodejs/node/commit/2d3f09bd76)] - **stream_base**: various improvements (Fedor Indutny) [#2351](https://github.com/nodejs/node/pull/2351)
* [[`c1ce423b35`](https://github.com/nodejs/node/commit/c1ce423b35)] - **string_bytes**: fix unaligned write in UCS2 (Fedor Indutny) [#2480](https://github.com/nodejs/node/pull/2480)
* [[`e4d0e86165`](https://github.com/nodejs/node/commit/e4d0e86165)] - **test**: refactor test-https-simple.js (Rich Trott) [#2433](https://github.com/nodejs/node/pull/2433)
* [[`0ea5c8d737`](https://github.com/nodejs/node/commit/0ea5c8d737)] - **test**: remove test-timers-first-fire (João Reis) [#2458](https://github.com/nodejs/node/pull/2458)
* [[`536c3d0537`](https://github.com/nodejs/node/commit/536c3d0537)] - **test**: use reserved IP in test-net-connect-timeout (Rich Trott) [#2257](https://github.com/nodejs/node/pull/2257)
* [[`5df06fd8df`](https://github.com/nodejs/node/commit/5df06fd8df)] - **test**: add spaces after keywords (Brendan Ashworth)
* [[`e714b5620e`](https://github.com/nodejs/node/commit/e714b5620e)] - **test**: remove unreachable code (Michaël Zasso) [#2289](https://github.com/nodejs/node/pull/2289)
* [[`3579f3a2a4`](https://github.com/nodejs/node/commit/3579f3a2a4)] - **test**: disallow unreachable code (Michaël Zasso) [#2289](https://github.com/nodejs/node/pull/2289)
* [[`3545e236fc`](https://github.com/nodejs/node/commit/3545e236fc)] - **test**: reduce timeouts in test-net-keepalive (Brendan Ashworth) [#2429](https://github.com/nodejs/node/pull/2429)
* [[`b60e690023`](https://github.com/nodejs/node/commit/b60e690023)] - **test**: improve test-net-server-pause-on-connect (Brendan Ashworth) [#2429](https://github.com/nodejs/node/pull/2429)
* [[`11d1b8fcaf`](https://github.com/nodejs/node/commit/11d1b8fcaf)] - **test**: improve test-net-pingpong (Brendan Ashworth) [#2429](https://github.com/nodejs/node/pull/2429)
* [[`5fef5c6562`](https://github.com/nodejs/node/commit/5fef5c6562)] - **(SEMVER-MINOR)** **tls**: add --tls-cipher-list command line switch (James M Snell) [#2412](https://github.com/nodejs/node/pull/2412)
* [[`d9b70f9cbf`](https://github.com/nodejs/node/commit/d9b70f9cbf)] - **tls**: handle empty cert in checkServerIndentity (Mike Atkins) [#2343](https://github.com/nodejs/node/pull/2343)
* [[`4f8e34c202`](https://github.com/nodejs/node/commit/4f8e34c202)] - **tools**: add license boilerplate to check-imports.sh (James M Snell) [#2386](https://github.com/nodejs/node/pull/2386)
* [[`b76b9197f9`](https://github.com/nodejs/node/commit/b76b9197f9)] - **tools**: enable space-after-keywords in eslint (Brendan Ashworth)
* [[`64a8f30a70`](https://github.com/nodejs/node/commit/64a8f30a70)] - **tools**: fix anchors in generated documents (Sakthipriyan Vairamani) [#2491](https://github.com/nodejs/node/pull/2491)
* [[`22e344ea10`](https://github.com/nodejs/node/commit/22e344ea10)] - **win**: fix custom actions for WiX older than 3.9 (João Reis) [#2365](https://github.com/nodejs/node/pull/2365)
* [[`b5bd3ebfc8`](https://github.com/nodejs/node/commit/b5bd3ebfc8)] - **win**: fix custom actions on Visual Studio != 2013 (Julien Gilli) [#2365](https://github.com/nodejs/node/pull/2365)

## 2015-08-18, Version 3.1.0, @Fishrock123

### Notable changes

* **buffer**: Fixed a couple large memory leaks (Ben Noordhuis) [#2352](https://github.com/nodejs/node/pull/2352).
* **crypto**:
  - Fixed a couple of minor memory leaks (Karl Skomski) [#2375](https://github.com/nodejs/node/pull/2375).
  - Signing now checks for OpenSSL errors (P.S.V.R) [#2342](https://github.com/nodejs/node/pull/2342). **Note that this may expose previously hidden errors in user code.**
* **intl**: Intl support using small-icu is now enabled by default in builds (Steven R. Loomis) [#2264](https://github.com/nodejs/node/pull/2264).
  - [`String#normalize()`](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/normalize) can now be used for unicode normalization.
  - The [`Intl`](https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Global_Objects/Intl) object and various `String` and `Number` methods are present, but only support the English locale.
  - For support of all locales, node must be built with [full-icu](https://github.com/nodejs/node#build-with-full-icu-support-all-locales-supported-by-icu).
* **tls**: Fixed tls throughput being much lower after an incorrect merge (Fedor Indutny) [#2381](https://github.com/nodejs/node/pull/2381).
* **tools**: The v8 tick processor now comes bundled with node (Matt Loring) [#2090](https://github.com/nodejs/node/pull/2090).
  - This can be used by producing performance profiling output by running node with `--perf`, then running your appropriate platform's script on the output as found in [tools/v8-prof](https://github.com/nodejs/node/tree/master/tools/v8-prof).
* **util**: `util.inspect(obj)` now prints the constructor name of the object if there is one (Christopher Monsanto) [#1935](https://github.com/nodejs/io.js/pull/1935).

### Known issues

See https://github.com/nodejs/io.js/labels/confirmed-bug for complete and current list of known issues.

* Some problems with unreferenced timers running during `beforeExit` are still to be resolved. See [#1264](https://github.com/nodejs/io.js/issues/1264).
* Surrogate pair in REPL can freeze terminal. [#690](https://github.com/nodejs/io.js/issues/690)
* `process.send()` is not synchronous as the docs suggest, a regression introduced in 1.0.2, see [#760](https://github.com/nodejs/io.js/issues/760).
* Calling `dns.setServers()` while a DNS query is in progress can cause the process to crash on a failed assertion. [#894](https://github.com/nodejs/io.js/issues/894)
* `url.resolve` may transfer the auth portion of the url when resolving between two full hosts, see [#1435](https://github.com/nodejs/io.js/issues/1435).

### Commits

* [[`3645dc62ed`](https://github.com/nodejs/node/commit/3645dc62ed)] - **build**: work around VS2015 issue in ICU <56 (Steven R. Loomis) [#2283](https://github.com/nodejs/node/pull/2283)
* [[`1f12e03266`](https://github.com/nodejs/node/commit/1f12e03266)] - **(SEMVER-MINOR)** **build**: intl: converge from joyent/node (Steven R. Loomis) [#2264](https://github.com/nodejs/node/pull/2264)
* [[`071640abdd`](https://github.com/nodejs/node/commit/071640abdd)] - **build**: Intl: bump ICU4C from 54 to 55 (Steven R. Loomis) [#2293](https://github.com/nodejs/node/pull/2293)
* [[`07a88b0c8b`](https://github.com/nodejs/node/commit/07a88b0c8b)] - **build**: update manifest to include Windows 10 (Lucien Greathouse) [#2332](https://github.com/nodejs/io.js/pull/2332)
* [[`0bb099f444`](https://github.com/nodejs/node/commit/0bb099f444)] - **build**: expand ~ in install prefix early (Ben Noordhuis) [#2307](https://github.com/nodejs/io.js/pull/2307)
* [[`7fe6dd8f5d`](https://github.com/nodejs/node/commit/7fe6dd8f5d)] - **crypto**: check for OpenSSL errors when signing (P.S.V.R) [#2342](https://github.com/nodejs/node/pull/2342)
* [[`605f6ee904`](https://github.com/nodejs/node/commit/605f6ee904)] - **crypto**: fix memory leak in PBKDF2Request (Karl Skomski) [#2375](https://github.com/nodejs/node/pull/2375)
* [[`ba6eb8af12`](https://github.com/nodejs/node/commit/ba6eb8af12)] - **crypto**: fix memory leak in ECDH::SetPrivateKey (Karl Skomski) [#2375](https://github.com/nodejs/node/pull/2375)
* [[`6a16368611`](https://github.com/nodejs/node/commit/6a16368611)] - **crypto**: fix memory leak in PublicKeyCipher::Cipher (Karl Skomski) [#2375](https://github.com/nodejs/node/pull/2375)
* [[`a760a87803`](https://github.com/nodejs/node/commit/a760a87803)] - **crypto**: fix memory leak in SafeX509ExtPrint (Karl Skomski) [#2375](https://github.com/nodejs/node/pull/2375)
* [[`f45487cd6e`](https://github.com/nodejs/node/commit/f45487cd6e)] - **crypto**: fix memory leak in SetDHParam (Karl Skomski) [#2375](https://github.com/nodejs/node/pull/2375)
* [[`2ff183dd86`](https://github.com/nodejs/node/commit/2ff183dd86)] - **doc**: Update FIPS instructions in README.md (Michael Dawson) [#2278](https://github.com/nodejs/node/pull/2278)
* [[`6483bc2e8f`](https://github.com/nodejs/node/commit/6483bc2e8f)] - **doc**: clarify options for fs.watchFile() (Rich Trott) [#2425](https://github.com/nodejs/node/pull/2425)
* [[`e76822f454`](https://github.com/nodejs/node/commit/e76822f454)] - **doc**: multiple documentation updates cherry picked from v0.12 (James M Snell) [#2302](https://github.com/nodejs/io.js/pull/2302)
* [[`1738c9680b`](https://github.com/nodejs/node/commit/1738c9680b)] - **net**: ensure Socket reported address is current (Ryan Graham) [#2095](https://github.com/nodejs/io.js/pull/2095)
* [[`844d3f0e3e`](https://github.com/nodejs/node/commit/844d3f0e3e)] - **path**: use '===' instead of '==' for comparison (Sam Stites) [#2388](https://github.com/nodejs/node/pull/2388)
* [[`7118b8a882`](https://github.com/nodejs/node/commit/7118b8a882)] - **path**: remove dead code in favor of unit tests (Nathan Woltman) [#2282](https://github.com/nodejs/io.js/pull/2282)
* [[`34f2cfa806`](https://github.com/nodejs/node/commit/34f2cfa806)] - **src**: better error message on failed Buffer malloc (Karl Skomski) [#2422](https://github.com/nodejs/node/pull/2422)
* [[`b196c1da3c`](https://github.com/nodejs/node/commit/b196c1da3c)] - **src**: fix memory leak in DLOpen (Karl Skomski) [#2375](https://github.com/nodejs/node/pull/2375)
* [[`d1307b2995`](https://github.com/nodejs/node/commit/d1307b2995)] - **src**: don't use fopen() in require() fast path (Ben Noordhuis) [#2377](https://github.com/nodejs/node/pull/2377)
* [[`455ec570d1`](https://github.com/nodejs/node/commit/455ec570d1)] - **src**: rename Buffer::Use() to Buffer::New() (Ben Noordhuis) [#2352](https://github.com/nodejs/node/pull/2352)
* [[`fd63e1ce2b`](https://github.com/nodejs/node/commit/fd63e1ce2b)] - **src**: introduce internal Buffer::Copy() function (Ben Noordhuis) [#2352](https://github.com/nodejs/node/pull/2352)
* [[`5586ceca13`](https://github.com/nodejs/node/commit/5586ceca13)] - **src**: move internal functions out of node_buffer.h (Ben Noordhuis) [#2352](https://github.com/nodejs/node/pull/2352)
* [[`bff9bcddb6`](https://github.com/nodejs/node/commit/bff9bcddb6)] - **src**: plug memory leaks (Ben Noordhuis) [#2352](https://github.com/nodejs/node/pull/2352)
* [[`ccf12df4f3`](https://github.com/nodejs/node/commit/ccf12df4f3)] - **(SEMVER-MINOR)** **src**: add total_available_size to v8 statistics (Roman Klauke) [#2348](https://github.com/nodejs/io.js/pull/2348)
* [[`194eeb841b`](https://github.com/nodejs/node/commit/194eeb841b)] - **test**: drop Isolate::GetCurrent() from addon tests (Ben Noordhuis) [#2427](https://github.com/nodejs/node/pull/2427)
* [[`46cdb2f6e2`](https://github.com/nodejs/node/commit/46cdb2f6e2)] - **test**: lint addon tests (Ben Noordhuis) [#2427](https://github.com/nodejs/node/pull/2427)
* [[`850c794882`](https://github.com/nodejs/node/commit/850c794882)] - **test**: refactor test-fs-watchfile.js (Rich Trott) [#2393](https://github.com/nodejs/node/pull/2393)
* [[`a3160c0a33`](https://github.com/nodejs/node/commit/a3160c0a33)] - **test**: correct spelling of 'childProcess' (muddletoes) [#2389](https://github.com/nodejs/node/pull/2389)
* [[`e51f90d747`](https://github.com/nodejs/node/commit/e51f90d747)] - **test**: option to run a subset of tests (João Reis) [#2260](https://github.com/nodejs/io.js/pull/2260)
* [[`cc46d3bca3`](https://github.com/nodejs/node/commit/cc46d3bca3)] - **test**: clarify dropMembership() call (Rich Trott) [#2062](https://github.com/nodejs/io.js/pull/2062)
* [[`0ee4df9c7a`](https://github.com/nodejs/node/commit/0ee4df9c7a)] - **test**: make listen-fd-cluster/server more robust (Sam Roberts) [#1944](https://github.com/nodejs/io.js/pull/1944)
* [[`cf9ba81398`](https://github.com/nodejs/node/commit/cf9ba81398)] - **test**: address timing issues in simple http tests (Gireesh Punathil) [#2294](https://github.com/nodejs/io.js/pull/2294)
* [[`cbb75c4f86`](https://github.com/nodejs/node/commit/cbb75c4f86)] - **tls**: fix throughput issues after incorrect merge (Fedor Indutny) [#2381](https://github.com/nodejs/node/pull/2381)
* [[`94b765f409`](https://github.com/nodejs/node/commit/94b765f409)] - **tls**: fix check for reused session (Fedor Indutny) [#2312](https://github.com/nodejs/io.js/pull/2312)
* [[`e83a41ad65`](https://github.com/nodejs/node/commit/e83a41ad65)] - **tls**: introduce internal `onticketkeycallback` (Fedor Indutny) [#2312](https://github.com/nodejs/io.js/pull/2312)
* [[`fb0f5d733f`](https://github.com/nodejs/node/commit/fb0f5d733f)] - **(SEMVER-MINOR)** **tools**: run the tick processor without building v8 (Matt Loring) [#2090](https://github.com/nodejs/node/pull/2090)
* [[`7606bdb897`](https://github.com/nodejs/node/commit/7606bdb897)] - **(SEMVER-MINOR)** **util**: display constructor when inspecting objects (Christopher Monsanto) [#1935](https://github.com/nodejs/io.js/pull/1935)

## 2015-08-04, Version 3.0.0, @rvagg

### Notable changes

* **buffer**:
  - Due to changes in V8, it has been necessary to reimplement `Buffer` on top of V8's `Uint8Array`. Every effort has been made to minimize the performance impact, however `Buffer` instantiation is measurably slower. Access operations may be faster in some circumstances but the exact performance profile and difference over previous versions will depend on how `Buffer` is used within applications. (Trevor Norris) [#1825](https://github.com/nodejs/node/pull/1825).
  - `Buffer` can now take `ArrayBuffer`s as a constructor argument (Trevor Norris) [#2002](https://github.com/nodejs/node/pull/2002).
  - When a single buffer is passed to `Buffer.concat()`, a new, copied `Buffer` object will be returned; previous behavior was to return the original `Buffer` object (Sakthipriyan Vairamani) [#1937](https://github.com/nodejs/node/pull/1937).
* **build**: PPC support has been added to core to allow compiling on pLinux BE and LE (AIX support coming soon) (Michael Dawson) [#2124](https://github.com/nodejs/node/pull/2124).
* **dgram**: If an error occurs within `socket.send()` and a callback has been provided, the error is only passed as the first argument to the callback and not emitted on the `socket` object; previous behavior was to do both (Matteo Collina & Chris Dickinson) [#1796](https://github.com/nodejs/node/pull/1796)
* **freelist**: Deprecate the undocumented `freelist` core module (Sakthipriyan Vairamani) [#2176](https://github.com/nodejs/node/pull/2176).
* **http**:
  - Status codes now all use the official [IANA names](http://www.iana.org/assignments/http-status-codes) as per [RFC7231](https://tools.ietf.org/html/rfc7231), e.g. `http.STATUS_CODES[414]` now returns `'URI Too Long'` rather than `'Request-URI Too Large'` (jomo) [#1470](https://github.com/nodejs/node/pull/1470).
  - Calling .getName() on an HTTP agent no longer returns a trailing colon, HTTPS agents will no longer return an extra colon near the middle of the string (Brendan Ashworth) [#1617](https://github.com/nodejs/node/pull/1617).
* **node**:
  - `NODE_MODULE_VERSION` has been bumped to `45` to reflect the break in ABI (Rod Vagg) [#2096](https://github.com/nodejs/node/pull/2096).
  - Introduce a new `process.release` object that contains a `name` property set to `'io.js'` and `sourceUrl`, `headersUrl` and `libUrl` (Windows only) properties containing URLs for the relevant resources; this is intended to be used by node-gyp (Rod Vagg) [#2154](https://github.com/nodejs/node/pull/2154).
  - The version of node-gyp bundled with io.js now downloads and uses a tarball of header files from iojs.org rather than the full source for compiling native add-ons; it is hoped this is a temporary floating patch and the change will be upstreamed to node-gyp soon (Rod Vagg) [#2066](https://github.com/nodejs/node/pull/2066).
* **repl**: Persistent history is now enabled by default. The history file is located at ~/.node_repl_history, which can be overridden by the new environment variable `NODE_REPL_HISTORY`. This deprecates the previous `NODE_REPL_HISTORY_FILE` variable. Additionally, the format of the file has been changed to plain text to better handle file corruption. (Jeremiah Senkpiel) [#2224](https://github.com/nodejs/node/pull/2224).
* **smalloc**: The `smalloc` module has been removed as it is no longer possible to provide the API due to changes in V8 (Ben Noordhuis) [#2022](https://github.com/nodejs/node/pull/2022).
* **tls**: Add `server.getTicketKeys()` and `server.setTicketKeys()` methods for [TLS session key](https://www.ietf.org/rfc/rfc5077.txt) rotation (Fedor Indutny) [#2227](https://github.com/nodejs/node/pull/2227).
* **v8**: Upgraded to 4.4.63.26
  - ES6: Enabled [computed property names](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Object_initializer#Computed_property_names)
  - ES6: `Array` can now be subclassed in strict mode
  - ES6: Implement [rest parameters](https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Functions/rest_parameters) in staging, use the `--harmony-rest-parameters` command line flag
  - ES6: Implement the [spread operator](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Spread_operator) in staging, use the `--harmony-spreadcalls` command line flag
  - Removed `SetIndexedPropertiesToExternalArrayData` and related APIs, forcing a shift to `Buffer` to be reimplemented based on `Uint8Array`
  - Introduction of `Maybe` and `MaybeLocal` C++ API for objects which _may_ or _may not_ have a value.
  - Added support for PPC

See also https://github.com/nodejs/node/wiki/Breaking-Changes#300-from-2x for a summary of the breaking changes (SEMVER-MAJOR).

### Known issues

See https://github.com/nodejs/node/labels/confirmed-bug for complete and current list of known issues.

* Some problems with unreferenced timers running during `beforeExit` are still to be resolved. See [#1264](https://github.com/nodejs/node/issues/1264).
* Surrogate pair in REPL can freeze terminal. [#690](https://github.com/nodejs/node/issues/690)
* `process.send()` is not synchronous as the docs suggest, a regression introduced in 1.0.2, see [#760](https://github.com/nodejs/node/issues/760).
* Calling `dns.setServers()` while a DNS query is in progress can cause the process to crash on a failed assertion. [#894](https://github.com/nodejs/node/issues/894)
* `url.resolve` may transfer the auth portion of the url when resolving between two full hosts, see [#1435](https://github.com/nodejs/node/issues/1435).

### Commits

* [[`60a974d200`](https://github.com/nodejs/node/commit/60a974d200)] - **buffer**: fix missing null/undefined check (Trevor Norris) [#2195](https://github.com/nodejs/node/pull/2195)
* [[`e6ab2d92bc`](https://github.com/nodejs/node/commit/e6ab2d92bc)] - **buffer**: fix not return on error (Trevor Norris) [#2225](https://github.com/nodejs/node/pull/2225)
* [[`1057d1186b`](https://github.com/nodejs/node/commit/1057d1186b)] - **buffer**: rename internal/buffer_new.js to buffer.js (Ben Noordhuis) [#2022](https://github.com/nodejs/node/pull/2022)
* [[`4643b8b667`](https://github.com/nodejs/node/commit/4643b8b667)] - **(SEMVER-MINOR)** **buffer**: allow ArrayBuffer as Buffer argument (Trevor Norris) [#2002](https://github.com/nodejs/node/pull/2002)
* [[`e5ada116cd`](https://github.com/nodejs/node/commit/e5ada116cd)] - **buffer**: minor cleanup from rebase (Trevor Norris) [#2003](https://github.com/nodejs/node/pull/2003)
* [[`b625ab4242`](https://github.com/nodejs/node/commit/b625ab4242)] - **buffer**: fix usage of kMaxLength (Trevor Norris) [#2003](https://github.com/nodejs/node/pull/2003)
* [[`eea66e2a7b`](https://github.com/nodejs/node/commit/eea66e2a7b)] - **(SEMVER-MAJOR)** **buffer**: fix case of one buffer passed to concat (Sakthipriyan Vairamani) [#1937](https://github.com/nodejs/node/pull/1937)
* [[`8664084166`](https://github.com/nodejs/node/commit/8664084166)] - **buffer**: make additional changes to native API (Trevor Norris) [#1825](https://github.com/nodejs/node/pull/1825)
* [[`36f78f4c1c`](https://github.com/nodejs/node/commit/36f78f4c1c)] - **buffer**: switch API to return MaybeLocal<T> (Trevor Norris) [#1825](https://github.com/nodejs/node/pull/1825)
* [[`571ec13841`](https://github.com/nodejs/node/commit/571ec13841)] - **buffer**: switch to using Maybe<T> API (Trevor Norris) [#1825](https://github.com/nodejs/node/pull/1825)
* [[`d75f5c8d0e`](https://github.com/nodejs/node/commit/d75f5c8d0e)] - **buffer**: finish implementing FreeCallback (Trevor Norris) [#1825](https://github.com/nodejs/node/pull/1825)
* [[`63da0dfd3a`](https://github.com/nodejs/node/commit/63da0dfd3a)] - **buffer**: implement Uint8Array backed Buffer (Trevor Norris) [#1825](https://github.com/nodejs/node/pull/1825)
* [[`23be6ca189`](https://github.com/nodejs/node/commit/23be6ca189)] - **buffer**: allow ARGS_THIS to accept a name (Trevor Norris) [#1825](https://github.com/nodejs/node/pull/1825)
* [[`971de5e417`](https://github.com/nodejs/node/commit/971de5e417)] - **build**: prepare Windows installer for i18n support (Frederic Hemberger) [#2247](https://github.com/nodejs/node/pull/2247)
* [[`2ba8b23661`](https://github.com/nodejs/node/commit/2ba8b23661)] - **build**: add 'x86' option back in to configure (Rod Vagg) [#2233](https://github.com/nodejs/node/pull/2233)
* [[`b4226e797a`](https://github.com/nodejs/node/commit/b4226e797a)] - **build**: first set of updates to enable PPC support (Michael Dawson) [#2124](https://github.com/nodejs/node/pull/2124)
* [[`24dd016deb`](https://github.com/nodejs/node/commit/24dd016deb)] - **build**: produce symbol map files on windows (Ali Ijaz Sheikh) [#2243](https://github.com/nodejs/node/pull/2243)
* [[`423d8944ce`](https://github.com/nodejs/node/commit/423d8944ce)] - **cluster**: do not unconditionally set --debug-port (cjihrig) [#1949](https://github.com/nodejs/node/pull/1949)
* [[`fa98b97171`](https://github.com/nodejs/node/commit/fa98b97171)] - **cluster**: add handle ref/unref stubs in rr mode (Ben Noordhuis) [#2274](https://github.com/nodejs/node/pull/2274)
* [[`944f68046c`](https://github.com/nodejs/node/commit/944f68046c)] - **crypto**: remove kMaxLength on randomBytes() (Trevor Norris) [#1825](https://github.com/nodejs/node/pull/1825)
* [[`3d3c687012`](https://github.com/nodejs/node/commit/3d3c687012)] - **deps**: update V8 to 4.4.63.26 (Michaël Zasso) [#2220](https://github.com/nodejs/node/pull/2220)
* [[`3aad4fa89a`](https://github.com/nodejs/node/commit/3aad4fa89a)] - **deps**: upgrade v8 to 4.4.63.12 (Ben Noordhuis) [#2092](https://github.com/nodejs/node/pull/2092)
* [[`70d1f32f56`](https://github.com/nodejs/node/commit/70d1f32f56)] - **(SEMVER-MAJOR)** **deps**: update v8 to 4.4.63.9 (Ben Noordhuis) [#2022](https://github.com/nodejs/node/pull/2022)
* [[`deb7ee93a7`](https://github.com/nodejs/node/commit/deb7ee93a7)] - **deps**: backport 7b24219346 from v8 upstream (Rod Vagg) [#1805](https://github.com/nodejs/node/pull/1805)
* [[`d58e780504`](https://github.com/nodejs/node/commit/d58e780504)] - **(SEMVER-MAJOR)** **deps**: update v8 to 4.3.61.21 (Chris Dickinson) [iojs/io.js#1632](https://github.com/iojs/io.js/pull/1632)
* [[`2a63cf612b`](https://github.com/nodejs/node/commit/2a63cf612b)] - **deps**: make node-gyp work with io.js (cjihrig) [iojs/io.js#990](https://github.com/iojs/io.js/pull/990)
* [[`bf63266460`](https://github.com/nodejs/node/commit/bf63266460)] - **deps**: upgrade to npm 2.13.3 (Kat Marchán) [#2284](https://github.com/nodejs/node/pull/2284)
* [[`ef2c8cd4ec`](https://github.com/nodejs/node/commit/ef2c8cd4ec)] - **(SEMVER-MAJOR)** **dgram**: make send cb act as "error" event handler (Matteo Collina) [#1796](https://github.com/nodejs/node/pull/1796)
* [[`3da057fef6`](https://github.com/nodejs/node/commit/3da057fef6)] - **(SEMVER-MAJOR)** **dgram**: make send cb act as "error" event handler (Chris Dickinson) [#1796](https://github.com/nodejs/node/pull/1796)
* [[`df1994fe53`](https://github.com/nodejs/node/commit/df1994fe53)] - ***Revert*** "**dns**: remove AI_V4MAPPED hint flag on FreeBSD" (cjihrig) [iojs/io.js#1555](https://github.com/iojs/io.js/pull/1555)
* [[`1721968b22`](https://github.com/nodejs/node/commit/1721968b22)] - **doc**: document repl persistent history changes (Jeremiah Senkpiel) [#2224](https://github.com/nodejs/node/pull/2224)
* [[`d12df7f159`](https://github.com/nodejs/node/commit/d12df7f159)] - **doc**: update v8 flags in man page (Michaël Zasso) [iojs/io.js#1701](https://github.com/iojs/io.js/pull/1701)
* [[`d168d01b04`](https://github.com/nodejs/node/commit/d168d01b04)] - **doc**: properly inheriting from EventEmitter (Sakthipriyan Vairamani) [#2168](https://github.com/nodejs/node/pull/2168)
* [[`500f2538cc`](https://github.com/nodejs/node/commit/500f2538cc)] - **doc**: a listener, not "an" listener (Sam Roberts) [#1025](https://github.com/nodejs/node/pull/1025)
* [[`54627a919d`](https://github.com/nodejs/node/commit/54627a919d)] - **doc**: server close event does not have an argument (Sam Roberts) [#1025](https://github.com/nodejs/node/pull/1025)
* [[`ed85c95a9c`](https://github.com/nodejs/node/commit/ed85c95a9c)] - **doc,test**: documents behaviour of non-existent file (Sakthipriyan Vairamani) [#2169](https://github.com/nodejs/node/pull/2169)
* [[`2965442308`](https://github.com/nodejs/node/commit/2965442308)] - **(SEMVER-MAJOR)** **http**: fix agent.getName() and add tests (Brendan Ashworth) [#1617](https://github.com/nodejs/node/pull/1617)
* [[`2d9456e3e6`](https://github.com/nodejs/node/commit/2d9456e3e6)] - **(SEMVER-MAJOR)** **http**: use official IANA Status Codes (jomo) [#1470](https://github.com/nodejs/node/pull/1470)
* [[`11e4249227`](https://github.com/nodejs/node/commit/11e4249227)] - **(SEMVER-MAJOR)** **http_server**: `prefinish` vs `finish` (Fedor Indutny) [#1411](https://github.com/nodejs/node/pull/1411)
* [[`9bc2e26720`](https://github.com/nodejs/node/commit/9bc2e26720)] - **net**: do not set V4MAPPED on FreeBSD (Julien Gilli) [iojs/io.js#1555](https://github.com/iojs/io.js/pull/1555)
* [[`ba9ccf227e`](https://github.com/nodejs/node/commit/ba9ccf227e)] - **node**: remove redundant --use-old-buffer (Rod Vagg) [#2275](https://github.com/nodejs/node/pull/2275)
* [[`ef65321083`](https://github.com/nodejs/node/commit/ef65321083)] - **(SEMVER-MAJOR)** **node**: do not override `message`/`stack` of error (Fedor Indutny) [#2108](https://github.com/nodejs/node/pull/2108)
* [[`9f727f5e03`](https://github.com/nodejs/node/commit/9f727f5e03)] - **node-gyp**: detect RC build with x.y.z-rc.n format (Rod Vagg) [#2171](https://github.com/nodejs/node/pull/2171)
* [[`e52f963632`](https://github.com/nodejs/node/commit/e52f963632)] - **node-gyp**: download header tarball for compile (Rod Vagg) [#2066](https://github.com/nodejs/node/pull/2066)
* [[`902c9ca51d`](https://github.com/nodejs/node/commit/902c9ca51d)] - **node-gyp**: make aware of nightly, next-nightly & rc (Rod Vagg) [#2066](https://github.com/nodejs/node/pull/2066)
* [[`4cffaa3f55`](https://github.com/nodejs/node/commit/4cffaa3f55)] - **(SEMVER-MINOR)** **readline**: allow tabs in input (Rich Trott) [#1761](https://github.com/nodejs/node/pull/1761)
* [[`ed6c249104`](https://github.com/nodejs/node/commit/ed6c249104)] - **(SEMVER-MAJOR)** **repl**: persist history in plain text (Jeremiah Senkpiel) [#2224](https://github.com/nodejs/node/pull/2224)
* [[`f7d5e4c618`](https://github.com/nodejs/node/commit/f7d5e4c618)] - **(SEMVER-MINOR)** **repl**: default persistence to ~/.node_repl_history (Jeremiah Senkpiel) [#2224](https://github.com/nodejs/node/pull/2224)
* [[`ea05e760cd`](https://github.com/nodejs/node/commit/ea05e760cd)] - **repl**: don't clobber RegExp.$ properties (Sakthipriyan Vairamani) [#2137](https://github.com/nodejs/node/pull/2137)
* [[`d20093246b`](https://github.com/nodejs/node/commit/d20093246b)] - **src**: disable vector ICs on arm (Michaël Zasso) [#2220](https://github.com/nodejs/node/pull/2220)
* [[`04fd4fad46`](https://github.com/nodejs/node/commit/04fd4fad46)] - **(SEMVER-MINOR)** **src**: introduce process.release object (Rod Vagg) [#2154](https://github.com/nodejs/node/pull/2154)
* [[`9d34bd1147`](https://github.com/nodejs/node/commit/9d34bd1147)] - **src**: increment NODE_MODULE_VERSION to 45 (Rod Vagg) [#2096](https://github.com/nodejs/node/pull/2096)
* [[`ceee8d2807`](https://github.com/nodejs/node/commit/ceee8d2807)] - **test**: add tests for persistent repl history (Jeremiah Senkpiel) [#2224](https://github.com/nodejs/node/pull/2224)
* [[`8e1a8ffe24`](https://github.com/nodejs/node/commit/8e1a8ffe24)] - **test**: remove two obsolete pummel tests (Ben Noordhuis) [#2022](https://github.com/nodejs/node/pull/2022)
* [[`ae731ec0fa`](https://github.com/nodejs/node/commit/ae731ec0fa)] - **test**: don't use arguments.callee (Ben Noordhuis) [#2022](https://github.com/nodejs/node/pull/2022)
* [[`21d31c08e7`](https://github.com/nodejs/node/commit/21d31c08e7)] - **test**: remove obsolete harmony flags (Chris Dickinson)
* [[`64cf71195c`](https://github.com/nodejs/node/commit/64cf71195c)] - **test**: change the hostname to an invalid name (Sakthipriyan Vairamani) [#2287](https://github.com/nodejs/node/pull/2287)
* [[`80a1cf7425`](https://github.com/nodejs/node/commit/80a1cf7425)] - **test**: fix messages and use return to skip tests (Sakthipriyan Vairamani) [#2290](https://github.com/nodejs/node/pull/2290)
* [[`d5ab92bcc1`](https://github.com/nodejs/node/commit/d5ab92bcc1)] - **test**: use common.isWindows consistently (Sakthipriyan Vairamani) [#2269](https://github.com/nodejs/node/pull/2269)
* [[`bc733f7065`](https://github.com/nodejs/node/commit/bc733f7065)] - **test**: fix fs.readFile('/dev/stdin') tests (Ben Noordhuis) [#2265](https://github.com/nodejs/node/pull/2265)
* [[`3cbb5870e5`](https://github.com/nodejs/node/commit/3cbb5870e5)] - **tools**: expose skip output to test runner (Johan Bergström) [#2130](https://github.com/nodejs/node/pull/2130)
* [[`3b021efe11`](https://github.com/nodejs/node/commit/3b021efe11)] - **vm**: fix symbol access (Domenic Denicola) [#1773](https://github.com/nodejs/node/pull/1773)
* [[`7b81e4ba36`](https://github.com/nodejs/node/commit/7b81e4ba36)] - **vm**: remove unnecessary access checks (Domenic Denicola) [#1773](https://github.com/nodejs/node/pull/1773)
* [[`659dadd410`](https://github.com/nodejs/node/commit/659dadd410)] - **vm**: fix property descriptors of sandbox properties (Domenic Denicola) [#1773](https://github.com/nodejs/node/pull/1773)
* [[`9bac1dbae9`](https://github.com/nodejs/node/commit/9bac1dbae9)] - **win,node-gyp**: enable delay-load hook by default (Bert Belder) [iojs/io.js#1433](https://github.com/iojs/io.js/pull/1433)

## 2015-07-28, Version 2.5.0, @cjihrig

### Notable changes

* **https**: TLS sessions in Agent are reused (Fedor Indutny) [#2228](https://github.com/nodejs/node/pull/2228)
* **src**: base64 decoding is now 50% faster (Ben Noordhuis) [#2193](https://github.com/nodejs/node/pull/2193)
* **npm**: Upgraded to v2.13.2, release notes can be found in <https://github.com/npm/npm/releases/tag/v2.13.2> (Kat Marchán) [#2241](https://github.com/nodejs/node/pull/2241).

### Known issues

See https://github.com/nodejs/node/labels/confirmed-bug for complete and current list of known issues.

* Using multiple REPL instances in parallel may cause some REPL history corruption or loss. [#1634](https://github.com/nodejs/node/issues/1634)
* Some problems with unreferenced timers running during `beforeExit` are still to be resolved. See [#1264](https://github.com/nodejs/node/issues/1264).
* Surrogate pair in REPL can freeze terminal. [#690](https://github.com/nodejs/node/issues/690)
* `process.send()` is not synchronous as the docs suggest, a regression introduced in 1.0.2, see [#760](https://github.com/nodejs/node/issues/760).
* Calling `dns.setServers()` while a DNS query is in progress can cause the process to crash on a failed assertion. [#894](https://github.com/nodejs/node/issues/894)
* `url.resolve` may transfer the auth portion of the url when resolving between two full hosts, see [#1435](https://github.com/nodejs/node/issues/1435).

### Commits

* [[`bf2cd225a8`](https://github.com/nodejs/node/commit/bf2cd225a8)] - **process**: resize stderr on SIGWINCH (Jeremiah Senkpiel) [#2231](https://github.com/nodejs/node/pull/2231)
* [[`99d9d7e716`](https://github.com/nodejs/node/commit/99d9d7e716)] - **benchmark**: add remaining path benchmarks & optimize (Nathan Woltman) [#2103](https://github.com/nodejs/node/pull/2103)
* [[`66fc8ca22b`](https://github.com/nodejs/node/commit/66fc8ca22b)] - **(SEMVER-MINOR)** **cluster**: emit 'message' event on cluster master (Sam Roberts) [#861](https://github.com/nodejs/node/pull/861)
* [[`eb35968de7`](https://github.com/nodejs/node/commit/eb35968de7)] - **crypto**: fix legacy SNICallback (Fedor Indutny) [#1720](https://github.com/nodejs/node/pull/1720)
* [[`fef190cea6`](https://github.com/nodejs/node/commit/fef190cea6)] - **deps**: make node-gyp work with io.js (cjihrig) [iojs/io.js#990](https://github.com/iojs/io.js/pull/990)
* [[`b73a7465c5`](https://github.com/nodejs/node/commit/b73a7465c5)] - **deps**: upgrade to npm 2.13.2 (Kat Marchán) [#2241](https://github.com/nodejs/node/pull/2241)
* [[`0a7bf81d2f`](https://github.com/nodejs/node/commit/0a7bf81d2f)] - **deps**: update V8 to 4.2.77.21 (Ali Ijaz Sheikh) [#2238](https://github.com/nodejs/node/issues/2238)
* [[`73cdcdd581`](https://github.com/nodejs/node/commit/73cdcdd581)] - **deps**: make node-gyp work with io.js (cjihrig) [iojs/io.js#990](https://github.com/iojs/io.js/pull/990)
* [[`04893a736d`](https://github.com/nodejs/node/commit/04893a736d)] - **deps**: upgrade to npm 2.13.1 (Kat Marchán) [#2210](https://github.com/nodejs/node/pull/2210)
* [[`a3c1b9720e`](https://github.com/nodejs/node/commit/a3c1b9720e)] - **doc**: add GPG fingerprint for cjihrig (cjihrig) [#2217](https://github.com/nodejs/node/pull/2217)
* [[`d9f857df3b`](https://github.com/nodejs/node/commit/d9f857df3b)] - **doc**: note about custom inspect functions (Sakthipriyan Vairamani) [#2142](https://github.com/nodejs/node/pull/2142)
* [[`4ef2b5fbfb`](https://github.com/nodejs/node/commit/4ef2b5fbfb)] - **doc**: Replace util.debug with console.error (Yosuke Furukawa) [#2214](https://github.com/nodejs/node/pull/2214)
* [[`b612f085ec`](https://github.com/nodejs/node/commit/b612f085ec)] - **doc**: add joaocgreis as a collaborator (João Reis) [#2208](https://github.com/nodejs/node/pull/2208)
* [[`6b85d5a4b3`](https://github.com/nodejs/node/commit/6b85d5a4b3)] - **doc**: add TSC meeting minutes 2015-07-15 (Rod Vagg) [#2191](https://github.com/nodejs/node/pull/2191)
* [[`c7d8b09162`](https://github.com/nodejs/node/commit/c7d8b09162)] - **doc**: recompile before testing core module changes (Phillip Johnsen) [#2051](https://github.com/nodejs/node/pull/2051)
* [[`9afee6785e`](https://github.com/nodejs/node/commit/9afee6785e)] - **http**: Check this.connection before using it (Sakthipriyan Vairamani) [#2172](https://github.com/nodejs/node/pull/2172)
* [[`2ca5a3db47`](https://github.com/nodejs/node/commit/2ca5a3db47)] - **https**: reuse TLS sessions in Agent (Fedor Indutny) [#2228](https://github.com/nodejs/node/pull/2228)
* [[`fef87fee1d`](https://github.com/nodejs/node/commit/fef87fee1d)] - **(SEMVER-MINOR)** **lib,test**: add freelist deprecation and test (Sakthipriyan Vairamani) [#2176](https://github.com/nodejs/node/pull/2176)
* [[`503b089dd8`](https://github.com/nodejs/node/commit/503b089dd8)] - **net**: don't throw on immediately destroyed socket (Evan Lucas) [#2251](https://github.com/nodejs/node/pull/2251)
* [[`93660c8b8e`](https://github.com/nodejs/node/commit/93660c8b8e)] - **node**: remove bad fn call and check (Trevor Norris) [#2157](https://github.com/nodejs/node/pull/2157)
* [[`afd7e37ee0`](https://github.com/nodejs/node/commit/afd7e37ee0)] - **repl**: better empty line handling (Sakthipriyan Vairamani) [#2163](https://github.com/nodejs/node/pull/2163)
* [[`81ea52aa01`](https://github.com/nodejs/node/commit/81ea52aa01)] - **repl**: improving line continuation handling (Sakthipriyan Vairamani) [#2163](https://github.com/nodejs/node/pull/2163)
* [[`30edb5aee9`](https://github.com/nodejs/node/commit/30edb5aee9)] - **repl**: preventing REPL crash with inherited properties (Sakthipriyan Vairamani) [#2163](https://github.com/nodejs/node/pull/2163)
* [[`77fa385e5d`](https://github.com/nodejs/node/commit/77fa385e5d)] - **repl**: fixing `undefined` in invalid REPL keyword error (Sakthipriyan Vairamani) [#2163](https://github.com/nodejs/node/pull/2163)
* [[`8fd3ce100e`](https://github.com/nodejs/node/commit/8fd3ce100e)] - **src**: make base64 decoding 50% faster (Ben Noordhuis) [#2193](https://github.com/nodejs/node/pull/2193)
* [[`c786d6341d`](https://github.com/nodejs/node/commit/c786d6341d)] - **test**: do not use public IPs for timeout testing (Rich Trott) [#2057](https://github.com/nodejs/node/pull/2057)
* [[`4e78cd71c0`](https://github.com/nodejs/node/commit/4e78cd71c0)] - **test**: skip IPv6 part before testing it (Sakthipriyan Vairamani) [#2226](https://github.com/nodejs/node/pull/2226)
* [[`ac70bc8240`](https://github.com/nodejs/node/commit/ac70bc8240)] - **test**: fix valgrind uninitialized memory warning (Ben Noordhuis) [#2193](https://github.com/nodejs/node/pull/2193)
* [[`ac7d3fa0d9`](https://github.com/nodejs/node/commit/ac7d3fa0d9)] - **test**: add -no_rand_screen to s_client opts on Win (Shigeki Ohtsu) [#2209](https://github.com/nodejs/node/pull/2209)
* [[`79c865a53f`](https://github.com/nodejs/node/commit/79c865a53f)] - **test**: changing process.exit to return while skipping tests (Sakthipriyan Vairamani) [#2109](https://github.com/nodejs/node/pull/2109)
* [[`69298d36cf`](https://github.com/nodejs/node/commit/69298d36cf)] - **test**: formatting skip messages for TAP parsing (Sakthipriyan Vairamani) [#2109](https://github.com/nodejs/node/pull/2109)
* [[`543dabb609`](https://github.com/nodejs/node/commit/543dabb609)] - **timers**: improve Timer.now() performance (Ben Noordhuis) [#2256](https://github.com/nodejs/node/pull/2256)
* [[`3663b124e6`](https://github.com/nodejs/node/commit/3663b124e6)] - **timers**: remove unused Timer.again() (Ben Noordhuis) [#2256](https://github.com/nodejs/node/pull/2256)
* [[`bcce5cf9bb`](https://github.com/nodejs/node/commit/bcce5cf9bb)] - **timers**: remove unused Timer.getRepeat() (Ben Noordhuis) [#2256](https://github.com/nodejs/node/pull/2256)
* [[`f2c83bd202`](https://github.com/nodejs/node/commit/f2c83bd202)] - **timers**: remove unused Timer.setRepeat() (Ben Noordhuis) [#2256](https://github.com/nodejs/node/pull/2256)
* [[`e11fc67225`](https://github.com/nodejs/node/commit/e11fc67225)] - **(SEMVER-MINOR)** **tls**: add `getTicketKeys()`/`setTicketKeys()` (Fedor Indutny) [#2227](https://github.com/nodejs/node/pull/2227)
* [[`68b06e94e3`](https://github.com/nodejs/node/commit/68b06e94e3)] - **tools**: use local or specified $NODE for test-npm (Jeremiah Senkpiel) [#1984](https://github.com/nodejs/node/pull/1984)
* [[`ab479659c7`](https://github.com/nodejs/node/commit/ab479659c7)] - **util**: delay creation of debug context (Ali Ijaz Sheikh) [#2248](https://github.com/nodejs/node/pull/2248)
* [[`6391f4d2fd`](https://github.com/nodejs/node/commit/6391f4d2fd)] - **util**: removing redundant checks in is* functions (Sakthipriyan Vairamani) [#2179](https://github.com/nodejs/node/pull/2179)
* [[`b148c0dff3`](https://github.com/nodejs/node/commit/b148c0dff3)] - **win,node-gyp**: enable delay-load hook by default (Bert Belder) [iojs/io.js#1433](https://github.com/iojs/io.js/pull/1433)
* [[`f90f1e75bb`](https://github.com/nodejs/node/commit/f90f1e75bb)] - **win,node-gyp**: enable delay-load hook by default (Bert Belder) [iojs/io.js#1433](https://github.com/iojs/io.js/pull/1433)

## 2015-07-17, Version 2.4.0, @Fishrock123

### Notable changes

* **src**: Added a new `--track-heap-objects` flag to track heap object allocations for heap snapshots (Bradley Meck) [#2135](https://github.com/nodejs/node/pull/2135).
* **readline**: Fixed a freeze that affected the repl if the keypress event handler threw (Alex Kocharin) [#2107](https://github.com/nodejs/node/pull/2107).
* **npm**: Upgraded to v2.13.0, release notes can be found in <https://github.com/npm/npm/releases/tag/v2.13.0> (Forrest L Norvell) [#2152](https://github.com/nodejs/node/pull/2152).

### Known issues

See https://github.com/nodejs/node/labels/confirmed-bug for complete and current list of known issues.

* Some problems with unreferenced timers running during `beforeExit` are still to be resolved. See [#1264](https://github.com/nodejs/node/issues/1264).
* Surrogate pair in REPL can freeze terminal. [#690](https://github.com/nodejs/node/issues/690)
* `process.send()` is not synchronous as the docs suggest, a regression introduced in 1.0.2, see [#760](https://github.com/nodejs/node/issues/760).
* Calling `dns.setServers()` while a DNS query is in progress can cause the process to crash on a failed assertion. [#894](https://github.com/nodejs/node/issues/894)
* `url.resolve` may transfer the auth portion of the url when resolving between two full hosts, see [#1435](https://github.com/nodejs/node/issues/1435).

### Commits

* [[`f95f9ef6ea`](https://github.com/nodejs/node/commit/f95f9ef6ea)] - **build**: always use prefix=/ for tar-headers (Rod Vagg) [#2082](https://github.com/nodejs/node/pull/2082)
* [[`12bc397207`](https://github.com/nodejs/node/commit/12bc397207)] - **build**: run-ci makefile rule (Alexis Campailla) [#2134](https://github.com/nodejs/node/pull/2134)
* [[`84012c99e0`](https://github.com/nodejs/node/commit/84012c99e0)] - **build**: fix vcbuild merge issues (Alexis Campailla) [#2131](https://github.com/nodejs/node/pull/2131)
* [[`47e2c5c828`](https://github.com/nodejs/node/commit/47e2c5c828)] - **build**: bail early if clean is invoked (Johan Bergström) [#2127](https://github.com/nodejs/node/pull/2127)
* [[`5acad6b163`](https://github.com/nodejs/node/commit/5acad6b163)] - **child_process**: fix arguments comments (Roman Reiss) [#2161](https://github.com/nodejs/node/pull/2161)
* [[`3c4121c418`](https://github.com/nodejs/node/commit/3c4121c418)] - **deps**: make node-gyp work with io.js (cjihrig) [iojs/io.js#990](https://github.com/iojs/io.js/pull/990)
* [[`938cc757bb`](https://github.com/nodejs/node/commit/938cc757bb)] - **deps**: upgrade to npm 2.13.0 (Forrest L Norvell) [#2152](https://github.com/nodejs/node/pull/2152)
* [[`6f306e0ed2`](https://github.com/nodejs/node/commit/6f306e0ed2)] - **doc**: add targos as a collaborator (Michaël Zasso) [#2200](https://github.com/nodejs/node/pull/2200)
* [[`c019d9a239`](https://github.com/nodejs/node/commit/c019d9a239)] - **doc**: add thefourtheye as a collaborator (Sakthipriyan Vairamani) [#2199](https://github.com/nodejs/node/pull/2199)
* [[`4e92dbc26b`](https://github.com/nodejs/node/commit/4e92dbc26b)] - **doc**: add TSC members from the combined project (Jeremiah Senkpiel) [#2085](https://github.com/nodejs/node/pull/2085)
* [[`6c3aabf455`](https://github.com/nodejs/node/commit/6c3aabf455)] - **doc**: add TSC meeting minutes 2015-07-08 (Rod Vagg) [#2184](https://github.com/nodejs/node/pull/2184)
* [[`30a0d47d51`](https://github.com/nodejs/node/commit/30a0d47d51)] - **doc**: add TSC meeting minutes 2015-07-01 (Rod Vagg) [#2132](https://github.com/nodejs/node/pull/2132)
* [[`23efb05cc3`](https://github.com/nodejs/node/commit/23efb05cc3)] - **doc**: document fs.watchFile behaviour on ENOENT (Brendan Ashworth) [#2093](https://github.com/nodejs/node/pull/2093)
* [[`65963ec26f`](https://github.com/nodejs/node/commit/65963ec26f)] - **doc,test**: empty strings in path module (Sakthipriyan Vairamani) [#2106](https://github.com/nodejs/node/pull/2106)
* [[`0ab81e6f58`](https://github.com/nodejs/node/commit/0ab81e6f58)] - **docs**: link to more up-to-date v8 docs (Jeremiah Senkpiel) [#2196](https://github.com/nodejs/node/pull/2196)
* [[`1afc0c9e86`](https://github.com/nodejs/node/commit/1afc0c9e86)] - **fs**: fix error on bad listener type (Brendan Ashworth) [#2093](https://github.com/nodejs/node/pull/2093)
* [[`2ba84606a6`](https://github.com/nodejs/node/commit/2ba84606a6)] - **path**: assert path.join() arguments equally (Phillip Johnsen) [#2159](https://github.com/nodejs/node/pull/2159)
* [[`bd01603201`](https://github.com/nodejs/node/commit/bd01603201)] - **readline**: fix freeze if `keypress` event throws (Alex Kocharin) [#2107](https://github.com/nodejs/node/pull/2107)
* [[`59f6b5da2a`](https://github.com/nodejs/node/commit/59f6b5da2a)] - **repl**: Prevent crash when tab-completed with Proxy (Sakthipriyan Vairamani) [#2120](https://github.com/nodejs/node/pull/2120)
* [[`cf14a2427c`](https://github.com/nodejs/node/commit/cf14a2427c)] - **(SEMVER-MINOR)** **src**: add --track-heap-objects (Bradley Meck) [#2135](https://github.com/nodejs/node/pull/2135)
* [[`2b4b600660`](https://github.com/nodejs/node/commit/2b4b600660)] - **test**: fix test-debug-port-from-cmdline (João Reis) [#2186](https://github.com/nodejs/node/pull/2186)
* [[`d4ceb16da2`](https://github.com/nodejs/node/commit/d4ceb16da2)] - **test**: properly clean up temp directory (Roman Reiss) [#2164](https://github.com/nodejs/node/pull/2164)
* [[`842eb5b853`](https://github.com/nodejs/node/commit/842eb5b853)] - **test**: add test for dgram.setTTL (Evan Lucas) [#2121](https://github.com/nodejs/node/pull/2121)
* [[`cff7300a57`](https://github.com/nodejs/node/commit/cff7300a57)] - **win,node-gyp**: enable delay-load hook by default (Bert Belder) [iojs/io.js#1433](https://github.com/iojs/io.js/pull/1433)

## 2015-07-09, Version 2.3.4, @Fishrock123

### Notable changes

* **openssl**: Upgrade to 1.0.2d, fixes CVE-2015-1793 (Alternate Chains Certificate Forgery) (Shigeki Ohtsu) [#2141](https://github.com/nodejs/node/pull/2141).
* **npm**: Upgraded to v2.12.1, release notes can be found in <https://github.com/npm/npm/releases/tag/v2.12.0> and <https://github.com/npm/npm/releases/tag/v2.12.1> (Kat Marchán) [#2112](https://github.com/nodejs/node/pull/2112).

### Known issues

See https://github.com/nodejs/node/labels/confirmed-bug for complete and current list of known issues.

* Some problems with unreferenced timers running during `beforeExit` are still to be resolved. See [#1264](https://github.com/nodejs/node/issues/1264).
* Surrogate pair in REPL can freeze terminal. [#690](https://github.com/nodejs/node/issues/690)
* `process.send()` is not synchronous as the docs suggest, a regression introduced in 1.0.2, see [#760](https://github.com/nodejs/node/issues/760).
* Calling `dns.setServers()` while a DNS query is in progress can cause the process to crash on a failed assertion. [#894](https://github.com/nodejs/node/issues/894)
* `url.resolve` may transfer the auth portion of the url when resolving between two full hosts, see [#1435](https://github.com/nodejs/node/issues/1435).

### Commits

* [[`0d15161c24`](https://github.com/nodejs/node/commit/0d15161c24)] - **benchmark**: Add some path benchmarks for #1778 (Nathan Woltman) [#1778](https://github.com/nodejs/node/pull/1778)
* [[`c70e68fa32`](https://github.com/nodejs/node/commit/c70e68fa32)] - **deps**: update deps/openssl/conf/arch/*/opensslconf.h (Shigeki Ohtsu) [#2141](https://github.com/nodejs/node/pull/2141)
* [[`ca93f7f2e6`](https://github.com/nodejs/node/commit/ca93f7f2e6)] - **deps**: upgrade openssl sources to 1.0.2d (Shigeki Ohtsu) [#2141](https://github.com/nodejs/node/pull/2141)
* [[`b18c841ec1`](https://github.com/nodejs/node/commit/b18c841ec1)] - **deps**: make node-gyp work with io.js (cjihrig) [iojs/io.js#990](https://github.com/iojs/io.js/pull/990)
* [[`863cdbdd08`](https://github.com/nodejs/node/commit/863cdbdd08)] - **deps**: upgrade to npm 2.12.1 (Kat Marchán) [#2112](https://github.com/nodejs/node/pull/2112)
* [[`84b3915764`](https://github.com/nodejs/node/commit/84b3915764)] - **doc**: document current release procedure (Rod Vagg) [#2099](https://github.com/nodejs/node/pull/2099)
* [[`46140334cd`](https://github.com/nodejs/node/commit/46140334cd)] - **doc**: update AUTHORS list (Rod Vagg) [#2100](https://github.com/nodejs/node/pull/2100)
* [[`bca53dce76`](https://github.com/nodejs/node/commit/bca53dce76)] - **path**: refactor for performance and consistency (Nathan Woltman) [#1778](https://github.com/nodejs/node/pull/1778)
* [[`6bef15afe7`](https://github.com/nodejs/node/commit/6bef15afe7)] - **src**: remove traceSyncIO property from process (Bradley Meck) [#2143](https://github.com/nodejs/node/pull/2143)
* [[`2ba1740ba1`](https://github.com/nodejs/node/commit/2ba1740ba1)] - **test**: add missing crypto checks (Johan Bergström) [#2129](https://github.com/nodejs/node/pull/2129)
* [[`180fd392ca`](https://github.com/nodejs/node/commit/180fd392ca)] - **test**: refactor test-repl-tab-complete (Sakthipriyan Vairamani) [#2122](https://github.com/nodejs/node/pull/2122)
* [[`fb05c8e27d`](https://github.com/nodejs/node/commit/fb05c8e27d)] - ***Revert*** "**test**: add test for missing `close`/`finish` event" (Fedor Indutny)
* [[`9436a860cb`](https://github.com/nodejs/node/commit/9436a860cb)] - **test**: add test for missing `close`/`finish` event (Mark Plomer) [iojs/io.js#1373](https://github.com/iojs/io.js/pull/1373)
* [[`ee3ce2ed88`](https://github.com/nodejs/node/commit/ee3ce2ed88)] - **tools**: install gdbinit from v8 to $PREFIX/share (Ali Ijaz Sheikh) [#2123](https://github.com/nodejs/node/pull/2123)
* [[`dd523c75da`](https://github.com/nodejs/node/commit/dd523c75da)] - **win,node-gyp**: enable delay-load hook by default (Bert Belder) [iojs/io.js#1433](https://github.com/iojs/io.js/pull/1433)

Revision 1.38 / (download) - annotate - [select for diffs], Fri Jul 10 06:29:44 2015 UTC (8 years, 4 months ago) by fhajny
Branch: MAIN
Changes since 1.37: +2 -2 lines
Diff to previous 1.37 (colored)

Update lang/nodejs to 0.12.7.

2015.07.09, Version 0.12.7 (Stable)
* openssl: upgrade to 1.0.1p
* npm: upgrade to 2.11.3
* V8: cherry-pick JitCodeEvent patch from upstream (Ben Noordhuis)
* win,msi: create npm folder in AppData directory (Steven Rockarts)

Revision 1.37 / (download) - annotate - [select for diffs], Sat Jul 4 13:43:28 2015 UTC (8 years, 5 months ago) by fhajny
Branch: MAIN
Changes since 1.36: +2 -2 lines
Diff to previous 1.36 (colored)

Update nodejs to 0.12.6.

2015.07.03, Version 0.12.6 (Stable)
* V8: fix out-of-band write in utf8 decoder

This is an important security update as this bug can be used to cause
a denial of service attack.

Revision 1.36 / (download) - annotate - [select for diffs], Tue Jun 23 09:41:50 2015 UTC (8 years, 5 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2015Q2-base, pkgsrc-2015Q2
Changes since 1.35: +2 -2 lines
Diff to previous 1.35 (colored)

Update lang/nodejs to 0.12.5.

2015.06.22, Version 0.12.5 (Stable)
- openssl: upgrade to 1.0.1o (Addressing multiple CVEs)
- npm: upgrade to 2.11.2
- uv: upgrade to 1.6.1
- V8: avoid deadlock when profiling is active (Dmitri Melikyan)
- install: fix source path for openssl headers (Oguz Bastemur)
- install: make sure opensslconf.h is overwritten (Oguz Bastemur)
- timers: fix timeout when added in timer's callback (Julien Gilli)
- windows: broadcast WM_SETTINGCHANGE after install (Mathias Küsel)

Revision 1.35 / (download) - annotate - [select for diffs], Wed Jun 3 18:23:24 2015 UTC (8 years, 6 months ago) by fhajny
Branch: MAIN
Changes since 1.34: +4 -8 lines
Diff to previous 1.34 (colored)

Update nodejs to 0.12.4.
Fix joerg's patch to actually do the right thing on NetBSD 6.
Add option to build with Intl support using textproc/icu.
Cleanup.

2015.05.22, Version 0.12.4 (Stable)
* npm: upgrade to 2.10.1
* V8: revert v8 Array.prototype.values() removal (cjihrig)
* win: bring back xp/2k3 support (Bert Belder)

Revision 1.34 / (download) - annotate - [select for diffs], Tue May 19 14:31:16 2015 UTC (8 years, 6 months ago) by fhajny
Branch: MAIN
Changes since 1.33: +2 -3 lines
Diff to previous 1.33 (colored)

Update nodejs to 0.12.3.

2015.05.13, Version 0.12.3 (Stable)
* V8: update to 3.28.71.19
* uv: upgrade to 1.5.0
* npm: upgrade to 2.9.1
* V8: don't busy loop in v8 cpu profiler thread (Mike Tunnicliffe)
* V8: fix issue with let bindings in for loops (adamk)
* debugger: don't spawn child process in remote mode (Jackson Tian)
* net: do not set V4MAPPED on FreeBSD (Julien Gilli)
* repl: make 'Unexpected token' errors recoverable (Julien Gilli)
* src: backport ignore ENOTCONN on shutdown race (Ben Noordhuis)
* src: fix backport of SIGINT crash fix on FreeBSD (Julien Gilli)

Revision 1.33 / (download) - annotate - [select for diffs], Thu May 14 17:09:29 2015 UTC (8 years, 6 months ago) by bad
Branch: MAIN
Changes since 1.32: +2 -1 lines
Diff to previous 1.32 (colored)

Work around missing sem_timedwait(3) in NetBSD < 6.99.4 by reusing the patch
for NaCL from Chromium V8 change d4f11c0cf476dd854eaebec1cbacb1afc7bea18e.
PKGREVISION++

Revision 1.32 / (download) - annotate - [select for diffs], Thu Apr 30 15:04:56 2015 UTC (8 years, 7 months ago) by ryoon
Branch: MAIN
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored)

Update to 0.12.2

Changelog:
2015.03.31, Version 0.12.2 (Stable)

* uv: Upgrade to 1.4.2

* npm: Upgrade to 2.7.4

* V8: do not add extra newline in log file (Julien Gilli)

* V8: Fix --max_old_space_size=4096 integer overflow (Andrei Sedoi)

* asyncwrap: fix constructor condition for early ret (Trevor Norris)

* buffer: align chunks on 8-byte boundary (Fedor Indutny)

* buffer: fix pool offset adjustment (Trevor Norris)

* build: fix use of strict aliasing (Trevor Norris)

* console: allow Object.prototype fields as labels (Colin Ihrig)

* fs: make F_OK/R_OK/W_OK/X_OK not writable (Jackson Tian)

* fs: properly handle fd passed to truncate() (Bruno Jouhier)

* http: fix assert on data/end after socket error (Fedor Indutny)

* lib: fix max size check in Buffer constructor (Ben Noordhuis)

* lib: fix stdio/ipc sync i/o regression (Ben Noordhuis)

* module: replace NativeModule.require (Herbert Vojík)

* net: allow port 0 in connect() (cjihrig)

* net: unref timer in parent sockets (Fedor Indutny)

* path: refactor for performance and consistency (Nathan Woltman)

* smalloc: extend user API (Trevor Norris)

* src: fix for SIGINT crash on FreeBSD (Fedor Indutny)

* src: fix builtin modules failing with --use-strict (Julien Gilli)

* watchdog: fix timeout for early polling return (Saúl Ibarra Corretgé)


2015.03.23, Version 0.12.1 (Stable), 0034086b49f22cfde765a7e9f55db25f8eb310b6

* openssl: upgrade to 1.0.1m (Addressing multiple CVES)


2015.02.06, Version 0.12.0 (Stable), 2b18916ff054309a07408719b62e2b6a4f1e056a

* npm: Upgrade to 2.5.1

* mdb_v8: update for v0.12 (Dave Pacheco)

Revision 1.31 / (download) - annotate - [select for diffs], Thu Jan 29 08:44:44 2015 UTC (8 years, 10 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2015Q1-base, pkgsrc-2015Q1
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)

Update nodejs to 0.10.36.

2015.01.26, Version 0.10.36 (Stable)
* openssl: update to 1.0.1l
* v8: Fix debugger and strict mode regression (Julien Gilli)
* v8: don't busy loop in cpu profiler thread (Ben Noordhuis)

Revision 1.30 / (download) - annotate - [select for diffs], Sun Dec 28 17:46:17 2014 UTC (8 years, 11 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2014Q4-base, pkgsrc-2014Q4
Changes since 1.29: +2 -2 lines
Diff to previous 1.29 (colored)

Update nodejs to 0.10.35.

Trivial bugfix update of a leaf package.

2014.12.22, Version 0.10.35 (Stable)
* tls: re-add 1024-bit SSL certs removed by f9456a2 (Chris Dickinson)
* timers: don't close interval timers when unrefd (Julien Gilli)
* timers: don't mutate unref list while iterating it (Julien Gilli)

2014.12.17, Version 0.10.34 (Stable)
* uv: update to v0.10.30
* zlib: upgrade to v1.2.8
* child_process: check execFile args is an array (Sam Roberts)
* child_process: check fork args is an array (Sam Roberts)
* crypto: update root certificates (Ben Noordhuis)
* domains: fix issues with abort on uncaught (Julien Gilli)
* timers: Avoid linear scan in _unrefActive. (Julien Gilli)
* timers: fix unref() memory leak (Trevor Norris)
* v8: add api for aborting on uncaught exception (Julien Gilli)
* debugger: fix when using "use strict" (Julien Gilli)

Revision 1.29 / (download) - annotate - [select for diffs], Thu Oct 23 22:04:51 2014 UTC (9 years, 1 month ago) by fhajny
Branch: MAIN
Changes since 1.28: +2 -2 lines
Diff to previous 1.28 (colored)

Update nodejs to 0.10.33.

2014.10.20, Version 0.10.33 (Stable)
- openssl: Update to 1.0.1j (Addressing multiple CVEs)
- uv: Update to v0.10.29
- child_process: properly support optional args (cjihrig)
- crypto: Disable autonegotiation for SSLv2/3 by default
  (Fedor Indutny, Timothy J Fontaine, Alexis Campailla)

Revision 1.28 / (download) - annotate - [select for diffs], Tue Sep 23 08:30:58 2014 UTC (9 years, 2 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2014Q3-base, pkgsrc-2014Q3
Changes since 1.27: +3 -4 lines
Diff to previous 1.27 (colored)

Update nodejs to 0.10.32.

2014.09.16, Version 0.10.32 (Stable)
* npm: Update to 1.4.28
* v8: fix a crash introduced by previous release (Fedor Indutny)
* configure: add --openssl-no-asm flag (Fedor Indutny)
* crypto: use domains for any callback-taking method (Chris Dickinson)
* http: do not send `0\r\n\r\n` in TE HEAD responses (Fedor Indutny)
* querystring: fix unescape override (Tristan Berger)
* url: Add support for RFC 3490 separators (Mathias Bynens)

Revision 1.27 / (download) - annotate - [select for diffs], Thu Aug 21 09:28:44 2014 UTC (9 years, 3 months ago) by fhajny
Branch: MAIN
Changes since 1.26: +2 -2 lines
Diff to previous 1.26 (colored)

Update nodejs to 0.10.31.

2014.08.19, Version 0.10.31 (Stable)
* v8: backport CVE-2013-6668
* openssl: Update to v1.0.1i
* npm: Update to v1.4.23
* cluster: disconnect should not be synchronous (Sam Roberts)
* fs: fix fs.readFileSync fd leak when get RangeError (Jackson Tian)
* stream: fix Readable.wrap objectMode falsy values (James Halliday)
* timers: fix timers with non-integer delay hanging. (Julien Gilli)

Revision 1.26 / (download) - annotate - [select for diffs], Fri Aug 1 12:06:03 2014 UTC (9 years, 4 months ago) by fhajny
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)

Update nodejs to 0.10.30.

2014.07.31, Version 0.10.30 (Stable)
* uv: Upgrade to v0.10.28
* npm: Upgrade to v1.4.21
* v8: Interrupts must not mask stack overflow.
* Revert "stream: start old-mode read in a next tick" (Fedor Indutny)
* buffer: fix sign overflow in `readUIn32BE` (Fedor Indutny)
* buffer: improve {read,write}{U}Int* methods (Nick Apperson)
* child_process: handle writeUtf8String error (Fedor Indutny)
* deps: backport 4ed5fde4f from v8 upstream (Fedor Indutny)
* deps: cherry-pick eca441b2 from OpenSSL (Fedor Indutny)
* lib: remove and restructure calls to isNaN() (cjihrig)
* module: eliminate double `getenv()` (Maciej Malecki)
* stream2: flush extant data on read of ended stream (Chris Dickinson)
* streams: remove unused require('assert') (Rod Vagg)
* timers: backport f8193ab (Julien Gilli)
* util.h: interface compatibility (Oguz Bastemur)
* zlib: do not crash on write after close (Fedor Indutny)

Revision 1.25 / (download) - annotate - [select for diffs], Tue Jun 17 11:03:14 2014 UTC (9 years, 5 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2014Q2-base, pkgsrc-2014Q2
Changes since 1.24: +2 -2 lines
Diff to previous 1.24 (colored)

Update nodejs to 0.10.29.

2014.06.05, Version 0.10.29 (Stable)
* openssl: to 1.0.1h (CVE-2014-0224)
* npm: upgrade to 1.4.10
* utf8: Prevent Node from sending invalid UTF-8 (Felix Geisendoerfer)
  - *NOTE* this introduces a breaking change, previously you could
    construct invalid UTF-8 and invoke an error in a client that was
    expecting valid UTF-8, now unmatched surrogate pairs are replaced
    with the unknown UTF-8 character. To restore the old functionality
    simply have NODE_INVALID_UTF8 environment variable set.
* child_process: do not set args before throwing (Greg Sabia Tucker)
* child_process: spawn() does not throw TypeError (Greg Sabia Tucker)
* constants: export O_NONBLOCK (Fedor Indutny)
* crypto: improve memory usage (Alexis Campailla)
* fs: close file if fstat() fails in readFile() (cjihrig)
* lib: name EventEmitter prototype methods (Ben Noordhuis)
* tls: fix performance issue (Alexis Campailla)

Revision 1.24 / (download) - annotate - [select for diffs], Fri May 9 07:37:09 2014 UTC (9 years, 6 months ago) by wiz
Branch: MAIN
Changes since 1.23: +2 -2 lines
Diff to previous 1.23 (colored)

Mark packages that are not ready for python-3.3 also not ready for 3.4,
until proven otherwise.

Revision 1.23 / (download) - annotate - [select for diffs], Sat May 3 15:57:17 2014 UTC (9 years, 7 months ago) by fhajny
Branch: MAIN
Changes since 1.22: +2 -2 lines
Diff to previous 1.22 (colored)

2014.05.01, Version 0.10.28 (Stable)

* npm: upgrade to v1.4.9

Revision 1.22 / (download) - annotate - [select for diffs], Fri May 2 11:18:55 2014 UTC (9 years, 7 months ago) by fhajny
Branch: MAIN
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 (colored)

2014.05.01, Version 0.10.27 (Stable)

* npm: upgrade to v1.4.8
* openssl: upgrade to 1.0.1g
* uv: update to v0.10.27
* dns: fix certain txt entries (Fedor Indutny)
* assert: Ensure reflexivity of deepEqual (Mike Pennisi)
* child_process: fix deadlock when sending handles (Fedor Indutny)
* child_process: fix sending handle twice (Fedor Indutny)
* crypto: do not lowercase cipher/hash names (Fedor Indutny)
* dtrace: workaround linker bug on FreeBSD (Fedor Indutny)
* http: do not emit EOF non-readable socket (Fedor Indutny)
* http: invoke createConnection when no agent (Nathan Rajlich)
* stream: remove useless check (Brian White)
* timer: don't reschedule timer bucket in a domain (Greg Brail)
* url: treat \ the same as / (isaacs)
* util: format as Error if instanceof Error (Rod Vagg)

Revision 1.21 / (download) - annotate - [select for diffs], Mon Mar 10 15:42:19 2014 UTC (9 years, 8 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)

Grab maintainership

Revision 1.20 / (download) - annotate - [select for diffs], Fri Feb 21 07:38:50 2014 UTC (9 years, 9 months ago) by fhajny
Branch: MAIN
Changes since 1.19: +2 -3 lines
Diff to previous 1.19 (colored)

Update nodejs to 0.10.26.

2014.02.18, Version 0.10.26 (Stable)
* uv: Upgrade to v0.10.25 (Timothy J Fontaine)
* npm: upgrade to 1.4.3 (isaacs)
* v8: support compiling with VS2013 (Fedor Indutny)
* cares: backport TXT parsing fix (Fedor Indutny)
* crypto: throw on SignFinal failure (Fedor Indutny)
* crypto: update root certificates (Ben Noordhuis)
* debugger: Fix breakpoint not showing after restart (Farid Neshat)
* fs: make unwatchFile() insensitive to path (iamdoron)
* net: do not re-emit stream errors (Fedor Indutny)
* net: make Socket destroy() re-entrance safe (Jun Ma)
* net: reset `endEmitted` on reconnect (Fedor Indutny)
* node: do not close stdio implicitly (Fedor Indutny)
* zlib: avoid assertion in close (Fedor Indutny)

Revision 1.19 / (download) - annotate - [select for diffs], Wed Feb 12 23:18:05 2014 UTC (9 years, 9 months ago) by tron
Branch: MAIN
Changes since 1.18: +2 -1 lines
Diff to previous 1.18 (colored)

Recursive PKGREVISION bump for OpenSSL API version bump.

Revision 1.18 / (download) - annotate - [select for diffs], Mon Feb 3 17:23:48 2014 UTC (9 years, 9 months ago) by fhajny
Branch: MAIN
Changes since 1.17: +3 -2 lines
Diff to previous 1.17 (colored)

2014.01.23, Version 0.10.25 (Stable)
* uv: Upgrade to v0.10.23
* npm: Upgrade to v1.3.24
* v8: Fix enumeration for objects with lots of properties
* child_process: fix spawn() optional arguments (Sam Roberts)
* cluster: report more errors to workers (Fedor Indutny)
* domains: exit() only affects active domains (Ryan Graham)
* src: OnFatalError handler must abort() (Timothy J Fontaine)
* stream: writes may return false but forget to emit drain (Yang Tianyang)

Revision 1.17 / (download) - annotate - [select for diffs], Sat Jan 25 10:30:12 2014 UTC (9 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.16: +3 -2 lines
Diff to previous 1.16 (colored)

Mark packages as not ready for python-3.x where applicable;
either because they themselves are not ready or because a
dependency isn't. This is annotated by
PYTHON_VERSIONS_INCOMPATIBLE=  33 # not yet ported as of x.y.z
or
PYTHON_VERSIONS_INCOMPATIBLE=  33 # py-foo, py-bar
respectively, please use the same style for other packages,
and check during updates.

Use versioned_dependencies.mk where applicable.
Use REPLACE_PYTHON instead of handcoded alternatives, where applicable.
Reorder Makefile sections into standard order, where applicable.

Remove PYTHON_VERSIONS_INCLUDE_3X lines since that will be default
with the next commit.

Whitespace cleanups and other nits corrected, where necessary.

Revision 1.16 / (download) - annotate - [select for diffs], Mon Jan 13 13:07:51 2014 UTC (9 years, 10 months ago) by jperkin
Branch: MAIN
Changes since 1.15: +2 -1 lines
Diff to previous 1.15 (colored)

Include lang/python/tool.mk, gyp-mac-tool previously used the system python
which on Snow Leopard is 2.6 and is unable to handle the constructs used in
that file.

Revision 1.15 / (download) - annotate - [select for diffs], Fri Dec 20 14:36:27 2013 UTC (9 years, 11 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2013Q4-base, pkgsrc-2013Q4
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored)

2013.12.18, Version 0.10.24 (Stable)
* uv: Upgrade to v0.10.21
* npm: upgrade to 1.3.21
* v8: backport fix for CVE-2013-{6639|6640}
* build: unix install node and dep library headers (Timothy J Fontaine)
* cluster, v8: fix --logfile=%p.log (Ben Noordhuis)
* module: only cache package main (Wyatt Preul)

Revision 1.14 / (download) - annotate - [select for diffs], Thu Dec 12 11:53:38 2013 UTC (9 years, 11 months ago) by jperkin
Branch: MAIN
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored)

Fix copy/paste error.

Revision 1.13 / (download) - annotate - [select for diffs], Thu Dec 12 11:52:37 2013 UTC (9 years, 11 months ago) by jperkin
Branch: MAIN
Changes since 1.12: +5 -2 lines
Diff to previous 1.12 (colored)

Update lang/nodejs to version 0.10.23.  Changes since 0.10.20:

2013.12.12, Version 0.10.23 (Stable)
* uv: Upgrade to v0.10.20 (Timothy J Fontaine)
* npm: Upgrade to 1.3.17 (isaacs)
* gyp: update to 78b26f7 (Timothy J Fontaine)
* build: include postmortem symbols on linux (Timothy J Fontaine)
* crypto: Make Decipher._flush() emit errors. (Kai Groner)
* dgram: fix abort when getting `fd` of closed dgram (Fedor Indutny)
* events: do not accept NaN in setMaxListeners (Fedor Indutny)
* events: avoid calling `once` functions twice (Tim Wood)
* events: fix TypeError in removeAllListeners (Jeremy Martin)
* fs: report correct path when EEXIST (Fedor Indutny)
* process: enforce allowed signals for kill (Sam Roberts)
* tls: emit 'end' on .receivedShutdown (Fedor Indutny)
* tls: fix potential data corruption (Fedor Indutny)
* tls: handle `ssl.start()` errors appropriately (Fedor Indutny)
* tls: reset NPN callbacks after SNI (Fedor Indutny)

2013.11.12, Version 0.10.22 (Stable), cbff8f091c22fb1df6b238c7a1b9145db950fa65
* npm: Upgrade to 1.3.14
* uv: Upgrade to v0.10.19
* child_process: don't assert on stale file descriptor events (Fedor Indutny)
* darwin: Fix "Not Responding" in Mavericks activity monitor (Fedor Indutny)
* debugger: Fix bug in sb() with unnamed script (Maxim Bogushevich)
* repl: do not insert duplicates into completions (Maciej Maecki)
* src: Fix memory leak on closed handles (Timothy J Fontaine)
* tls: prevent stalls by using read(0) (Fedor Indutny)
* v8: use correct timezone information on Solaris (Maciej Maecki)

2013.10.18, Version 0.10.21 (Stable), e2da042844a830fafb8031f6c477eb4f96195210
* uv: Upgrade to v0.10.18
* crypto: clear errors from verify failure (Timothy J Fontaine)
* dtrace: interpret two byte strings (Dave Pacheco)
* fs: fix fs.truncate() file content zeroing bug (Ben Noordhuis)
* http: provide backpressure for pipeline flood (isaacs)
* tls: fix premature connection termination (Ben Noordhuis)

Revision 1.12 / (download) - annotate - [select for diffs], Wed Oct 2 09:58:21 2013 UTC (10 years, 2 months ago) by fhajny
Branch: MAIN
Changes since 1.11: +2 -2 lines
Diff to previous 1.11 (colored)

2013.09.30, Version 0.10.20 (Stable)
* tls: fix sporadic hang and partial reads (Fedor Indutny)
  - fixes "npm ERR! cb() never called!"

2013.09.24, Version 0.10.19 (Stable), 6b5e6a5a3ec8d994c9aab3b800b9edbf1b287904
* uv: Upgrade to v0.10.17
* npm: upgrade to 1.3.11
* readline: handle input starting with control chars (Eric Schrock)
* configure: add mips-float-abi (soft, hard) option (Andrei Sedoi)
* stream: objectMode transforms allow falsey values (isaacs)
* tls: prevent duplicate values returned from read (Nathan Rajlich)
* tls: NPN protocols are now local to connections (Fedor Indutny)

Revision 1.11 / (download) - annotate - [select for diffs], Thu Sep 5 14:46:19 2013 UTC (10 years, 2 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2013Q3-base, pkgsrc-2013Q3
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)

2013.09.04, Version 0.10.18 (Stable)
* uv: Upgrade to v0.10.15
* stream: Don't crash on unset _events property (isaacs)
* stream: Pass 'buffer' encoding with decoded writable chunks (isaacs)

2013.08.21, Version 0.10.17 (Stable), 469a4a5091a677df62be319675056b869c31b35c
* uv: Upgrade v0.10.14
* http_parser: Do not accept PUN/GEM methods as PUT/GET (Chris Dickinson)
* tls: fix assertion when ssl is destroyed at read (Fedor Indutny)
* stream: Throw on 'error' if listeners removed (isaacs)
* dgram: fix assertion on bad send() arguments (Ben Noordhuis)
* readline: pause stdin before turning off terminal raw mode (Daniel Chatfield)

2013.08.16, Version 0.10.16 (Stable), 50b4c905a4425430ae54db4906f88982309e128d
* v8: back-port fix for CVE-2013-2882
* npm: Upgrade to 1.3.8
* crypto: fix assert() on malformed hex input (Ben Noordhuis)
* crypto: fix memory leak in randomBytes() error path (Ben Noordhuis)
* events: fix memory leak, don't leak event names (Ben Noordhuis)
* http: Handle hex/base64 encodings properly (isaacs)
* http: improve chunked res.write(buf) performance (Ben Noordhuis)
* stream: Fix double pipe error emit (Eran Hammer)

Revision 1.10 / (download) - annotate - [select for diffs], Fri Jul 26 09:34:05 2013 UTC (10 years, 4 months ago) by fhajny
Branch: MAIN
Changes since 1.9: +2 -2 lines
Diff to previous 1.9 (colored)

2013.07.25, Version 0.10.15 (Stable)
* src: fix process.getuid() return value (Ben Noordhuis)

2013.07.25, Version 0.10.14 (Stable), fdf57f811f9683a4ec49a74dc7226517e32e6c9d
* uv: Upgrade to v0.10.13
* npm: Upgrade to v1.3.5
* os: Don't report negative times in cpu info (Ben Noordhuis)
* fs: Handle large UID and GID (Ben Noordhuis)
* url: Fix edge-case when protocol is non-lowercase (Shuan Wang)
* doc: Streams API Doc Rewrite (isaacs)
* node: call MakeDomainCallback in all domain cases (Trevor Norris)
* crypto: fix memory leak in LoadPKCS12 (Fedor Indutny)

Revision 1.9 / (download) - annotate - [select for diffs], Mon Jul 15 12:11:43 2013 UTC (10 years, 4 months ago) by fhajny
Branch: MAIN
Changes since 1.8: +2 -3 lines
Diff to previous 1.8 (colored)

2013.07.09, Version 0.10.13 (Stable)
* uv: Upgrade to v0.10.12
* npm: Upgrade to 1.3.2
* windows: get proper errno (Ben Noordhuis)
* tls: only wait for finish if we haven't seen it (Timothy J Fontaine)
* http: Dump response when request is aborted (isaacs)
* http: use an unref'd timer to fix delay in exit (Peter Rust)
* zlib: level can be negative (Brian White)
* zlib: allow zero values for level and strategy (Brian White)
* buffer: add comment explaining buffer alignment (Ben Noordhuis)
* string_bytes: properly detect 64bit (Timothy J Fontaine)
* src: fix memory leak in UsingDomains() (Ben Noordhuis)

2013.06.18, Version 0.10.12 (Stable)
* npm: Upgrade to 1.2.32
* readline: make `ctrl + L` clear the screen (Yuan Chuan)
* v8: add setVariableValue debugger command (Ben Noordhuis)
* net: Do not destroy socket mid-write (isaacs)
* v8: fix build for mips32r2 architecture (Andrei Sedoi)
* configure: fix cross-compilation host_arch_cc() (Andrei Sedoi)

Revision 1.8 / (download) - annotate - [select for diffs], Wed Jul 3 14:50:38 2013 UTC (10 years, 5 months ago) by ryoon
Branch: MAIN
Changes since 1.7: +3 -4 lines
Diff to previous 1.7 (colored)

Bump PKGREVISION.

* Convert .if clause to devel/libexecinfo/builtin.mk.
  On NetBSD current, binary should be changed.

Revision 1.7 / (download) - annotate - [select for diffs], Wed Jun 26 11:53:02 2013 UTC (10 years, 5 months ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2
Changes since 1.6: +5 -1 lines
Diff to previous 1.6 (colored)

Enforce using the system libtool on OSX.  Fixes build + modules.

Revision 1.6 / (download) - annotate - [select for diffs], Thu Jun 13 20:11:05 2013 UTC (10 years, 5 months ago) by fhajny
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)

Update nodejs to 0.10.11.

2013.06.13, Version 0.10.11 (Stable)
* uv: upgrade to 0.10.11
* npm: Upgrade to 1.2.30
* openssl: add missing configuration pieces for MIPS (Andrei Sedoi)
* Revert "http: remove bodyHead from 'upgrade' events" (isaacs)
* v8: fix pointer arithmetic undefined behavior (Trevor Norris)
* crypto: fix utf8/utf-8 encoding check (Ben Noordhuis)
* net: Fix busy loop on POLLERR|POLLHUP on older linux kernels
  (Ben Noordhuis, isaacs)

Revision 1.5 / (download) - annotate - [select for diffs], Fri Jun 7 07:57:56 2013 UTC (10 years, 5 months ago) by fhajny
Branch: MAIN
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)

Update nodejs to 0.10.10

Changes:
* uv: Upgrade to 0.10.10
* npm: Upgrade to 1.2.25
* url: Properly parse certain oddly formed urls (isaacs)
* stream: unshift('') is a noop (isaacs)

Revision 1.4 / (download) - annotate - [select for diffs], Fri May 31 12:19:18 2013 UTC (10 years, 6 months ago) by fhajny
Branch: MAIN
Changes since 1.3: +2 -2 lines
Diff to previous 1.3 (colored)

2013.05.30, Version 0.10.9 (Stable)
* npm: Upgrade to 1.2.24
* uv: Upgrade to v0.10.9
* repl: fix JSON.parse error check (Brian White)
* tls: proper .destroySoon (Fedor Indutny)
* tls: invoke write cb only after opposite read end (Fedor Indutny)
* tls: ignore .shutdown() syscall error (Fedor Indutny)

Revision 1.3 / (download) - annotate - [select for diffs], Mon May 27 11:32:34 2013 UTC (10 years, 6 months ago) by fhajny
Branch: MAIN
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)

2013.05.24, Version 0.10.8 (Stable)
* v8: update to 3.14.5.9
* uv: upgrade to 0.10.8
* npm: Upgrade to 1.2.23
* http: remove bodyHead from 'upgrade' events (Nathan Zadoks)
* http: Return true on empty writes, not false (isaacs)
* http: save roundtrips, convert buffers to strings (Ben Noordhuis)
* configure: respect the --dest-os flag consistently (Nathan Rajlich)
* buffer: throw when writing beyond buffer (Trevor Norris)
* crypto: Clear error after DiffieHellman key errors (isaacs)
* string_bytes: strip padding from base64 strings (Trevor Norris)

Revision 1.2 / (download) - annotate - [select for diffs], Thu May 23 11:23:50 2013 UTC (10 years, 6 months ago) by fhajny
Branch: MAIN
Changes since 1.1: +5 -5 lines
Diff to previous 1.1 (colored)

2013.05.17, Version 0.10.7 (Stable)
* uv: upgrade to v0.10.7
* npm: Upgrade to 1.2.21
* crypto: Don't ignore verify encoding argument (isaacs)
* buffer, crypto: fix default encoding regression (Ben Noordhuis)
* timers: fix setInterval() assert (Ben Noordhuis)

(Commit lost when importing from wip/node.)

Revision 1.1 / (download) - annotate - [select for diffs], Wed May 22 15:17:07 2013 UTC (10 years, 6 months ago) by mspo
Branch: MAIN

add nodejs package, previously in wip/node

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>