![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / lang / nodejs12
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.45, Sat Dec 3 17:02:40 2022 UTC (16 months, 2 weeks ago) by adam
Branch: MAIN
CVS Tags: HEAD
Changes since 1.44: +1 -1
lines
FILE REMOVED
nodejs12: removed; end-of-life reached
Revision 1.44 / (download) - annotate - [select for diffs], Wed Nov 23 16:18:50 2022 UTC (16 months, 3 weeks ago) by adam
Branch: MAIN
Changes since 1.43: +2 -2
lines
Diff to previous 1.43 (colored) to selected 1.3 (colored)
massive revision bump after textproc/icu update
Revision 1.43 / (download) - annotate - [select for diffs], Mon Apr 18 19:09:55 2022 UTC (2 years ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q3-base,
pkgsrc-2022Q3,
pkgsrc-2022Q2-base,
pkgsrc-2022Q2
Changes since 1.42: +2 -1
lines
Diff to previous 1.42 (colored) to selected 1.3 (colored)
revbump for textproc/icu update
Revision 1.42 / (download) - annotate - [select for diffs], Tue Apr 5 17:15:53 2022 UTC (2 years ago) by adam
Branch: MAIN
Changes since 1.41: +2 -2
lines
Diff to previous 1.41 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.22.12 Version 12.22.12 'Erbium' (LTS) This is planned to be the final Node.js 12 release. Node.js 12 will reach End-of-Life status on 30 April 2022, after which it will no receive updates. You are strongly advised to migrate your applications to Node.js 16 or 14 (both of which are Long Term Support (LTS) releases) to continue to receive future security updates beyond 30 April 2022. This release fixes a shutdown crash in Node-API (formerly N-API) and a potential stack overflow when using `vm.runInNewContext()`. The list of GPG keys used to sign releases and instructions on how to fetch the keys for verifying binaries has been synchronized with the main branch. Version 12.22.11 'Erbium' (LTS) Update to OpenSSL 1.1.1n, which addresses the following vulnerability: * Infinite loop in `BN_mod_sqrt()` reachable when parsing certificates (High)(CVE-2022-0778) More details are available at <https://www.openssl.org/news/secadv/20220315.txt> Fix for building Node.js 12.x with Visual Studio 2019 to allow us to continue to run CI tests.
Revision 1.41 / (download) - annotate - [select for diffs], Tue Feb 15 14:00:34 2022 UTC (2 years, 2 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q1-base,
pkgsrc-2022Q1
Changes since 1.40: +2 -2
lines
Diff to previous 1.40 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.22.10 Version 12.22.10 'Erbium' (LTS) Notable changes Upgrade npm to 6.14.16 Updated ICU time zone data
Revision 1.40 / (download) - annotate - [select for diffs], Tue Jan 11 08:03:02 2022 UTC (2 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.39: +2 -3
lines
Diff to previous 1.39 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.22.9 Version 12.22.9 'Erbium' (LTS) Notable changes Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531) Certificate Verification Bypass via String Injection (Medium)(CVE-2021-44532) Incorrect handling of certificate subject and issuer fields (Medium)(CVE-2021-44533) Prototype pollution via console.table properties (Low)(CVE-2022-21824)
Revision 1.39 / (download) - annotate - [select for diffs], Wed Dec 8 16:02:17 2021 UTC (2 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q4-base,
pkgsrc-2021Q4
Changes since 1.38: +2 -1
lines
Diff to previous 1.38 (colored) to selected 1.3 (colored)
revbump for icu and libffi
Revision 1.38 / (download) - annotate - [select for diffs], Wed Oct 20 10:27:17 2021 UTC (2 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.37: +2 -3
lines
Diff to previous 1.37 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.22.7 Version 12.22.7 'Erbium' (LTS) This is a security release. Notable changes CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium) The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will be available at CVE-2021-22959 after publication. CVE-2021-22960: HTTP Request Smuggling when parsing the body (Medium) The parse ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions. More details will be available at CVE-2021-22960 after publication.
Revision 1.37 / (download) - annotate - [select for diffs], Wed Sep 29 19:00:08 2021 UTC (2 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.36: +2 -1
lines
Diff to previous 1.36 (colored) to selected 1.3 (colored)
revbump for boost-libs
Revision 1.36 / (download) - annotate - [select for diffs], Fri Sep 17 20:07:15 2021 UTC (2 years, 7 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q3-base,
pkgsrc-2021Q3
Changes since 1.35: +4 -4
lines
Diff to previous 1.35 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.22.6 Version 12.22.6 'Erbium' (LTS) This is a security release. Notable Changes These are vulnerabilities in the node-tar, arborist, and npm cli modules which are related to the initial reports and subsequent remediation of node-tar vulnerabilities CVE-2021-32803 and CVE-2021-32804. Subsequent internal security review of node-tar and additional external bounty reports have resulted in another 5 CVE being remediated in core npm CLI dependencies including node-tar, and npm arborist. Version 12.22.5 'Erbium' (LTS) This is a security release. Notable Changes CVE-2021-3672/CVE-2021-22931: Improper handling of untypical characters in domain names (High) Node.js was vulnerable to Remote Code Execution, XSS, application crashes due to missing input validation of hostnames returned by Domain Name Servers in the Node.js DNS library which can lead to the output of wrong hostnames (leading to Domain Hijacking) and injection vulnerabilities in applications using the library. You can read more about it at https://nvd.nist.gov/vuln/detail/CVE-2021-22931. CVE-2021-22930: Use after free on close http2 on stream canceling (High) Node.js was vulnerable to a use after free attack where an attacker might be able to exploit memory corruption to change process behavior. This release includes a follow-up fix for CVE-2021-22930 as the issue was not completely resolved by the previous fix. You can read more about it at https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930. CVE-2021-22939: Incomplete validation of rejectUnauthorized parameter (Low) If the Node.js HTTPS API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted. You can read more about it at https://nvd.nist.gov/vuln/detail/CVE-2021-22939. Version 12.22.4 'Erbium' (LTS) This is a security release. Notable Changes CVE-2021-22930: Use after free on close http2 on stream canceling (High) Node.js is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior. You can read more about it in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930
Revision 1.35 / (download) - annotate - [select for diffs], Tue Jul 6 07:04:11 2021 UTC (2 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.34: +2 -3
lines
Diff to previous 1.34 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.22.3 Version 12.22.3 'Erbium' (LTS) Notable Changes Node.js 12.22.2 introduced a regression in the Windows installer on non-English locales that is being fixed in this release. There is no need to download this release if you are not using the Windows installer. Version 12.22.2 'Erbium' (LTS) This is a security release. Notable Changes Vulnerabilities fixed: CVE-2021-22918: libuv upgrade - Out of bounds read (Medium) Node.js is vulnerable to out-of-bounds read in libuv's uv__idna_toascii() function which is used to convert strings to ASCII. This is called by Node's dns module's lookup() function and can lead to information disclosures or crashes. You can read more about it in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22918 CVE-2021-22921: Windows installer - Node Installer Local Privilege Escalation (Medium) Node.js is vulnerable to local privilege escalation attacks under certain conditions on Windows platforms. More specifically, improper configuration of permissions in the installation directory allows an attacker to perform two different escalation attacks: PATH and DLL hijacking. You can read more about it in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22921 CVE-2021-27290: npm upgrade - ssri Regular Expression Denial of Service (ReDoS) (High) This is a vulnerability in the ssri npm mudule which may be vulnerable to denial of service attacks. You can read more about it in https://github.com/advisories/GHSA-vx3p-948g-6vhq CVE-2021-23362: npm upgrade - hosted-git-info Regular Expression Denial of Service (ReDoS) (Medium) This is a vulnerability in the hosted-git-info npm mudule which may be vulnerable to denial of service attacks. You can read more about it in https://nvd.nist.gov/vuln/detail/CVE-2021-23362
Revision 1.34 / (download) - annotate - [select for diffs], Thu Jun 24 09:31:26 2021 UTC (2 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.33: +4 -2
lines
Diff to previous 1.33 (colored) to selected 1.3 (colored)
nodejs12: use external brotli; bump revision
Revision 1.33 / (download) - annotate - [select for diffs], Wed Apr 21 11:40:27 2021 UTC (2 years, 11 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q2-base,
pkgsrc-2021Q2
Changes since 1.32: +5 -3
lines
Diff to previous 1.32 (colored) to selected 1.3 (colored)
revbump for textproc/icu
Revision 1.32 / (download) - annotate - [select for diffs], Wed Apr 7 06:21:06 2021 UTC (3 years ago) by adam
Branch: MAIN
Changes since 1.31: +2 -2
lines
Diff to previous 1.31 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.22.1 Version 12.22.1 'Erbium' (LTS) This is a security release. Notable Changes Vulnerabilities fixed: CVE-2021-3450: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High) This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt Impacts: All versions of the 15.x, 14.x, 12.x and 10.x releases lines CVE-2021-3449: OpenSSL - NULL pointer deref in signature_algorithms processing (High) This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt Impacts: All versions of the 15.x, 14.x, 12.x and 10.x releases lines CVE-2020-7774: npm upgrade - Update y18n to fix Prototype-Pollution (High) This is a vulnerability in the y18n npm module which may be exploited by prototype pollution. You can read more about it in https://github.com/advisories/GHSA-c4w7-xm78-47vh Impacts: All versions of the 14.x, 12.x and 10.x releases lines Version 12.22.0 'Erbium' (LTS) Notable changes The legacy HTTP parser is runtime deprecated The legacy HTTP parser, selected by the --http-parser=legacy command line option, is deprecated with the pending End-of-Life of Node.js 10.x (where it is the only HTTP parser implementation provided) at the end of April 2021. It will now warn on use but otherwise continue to function and may be removed in a future Node.js 12.x release. The default HTTP parser based on llhttp is not affected. By default it is stricter than the now deprecated legacy HTTP parser. If interoperability with HTTP implementations that send invalid HTTP headers is required, the HTTP parser can be started in a less secure mode with the --insecure-http-parser command line option. ES Modules ES Modules are now considered stable. node-api Updated to node-api version 8 and added an experimental API to allow retrieval of the add-on file name. New API's to control code coverage data collection v8.stopCoverage() and v8.takeCoverage() have been added. New API to monitor event loop utilization by Worker threads worker.performance.eventLoopUtilization() has been added.
Revision 1.31 / (download) - annotate - [select for diffs], Wed Feb 24 11:10:11 2021 UTC (3 years, 1 month ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q1-base,
pkgsrc-2021Q1
Changes since 1.30: +2 -1
lines
Diff to previous 1.30 (colored) to selected 1.3 (colored)
nodejs10/12: switch to .tar.xz
Revision 1.30 / (download) - annotate - [select for diffs], Wed Feb 24 11:05:28 2021 UTC (3 years, 1 month ago) by adam
Branch: MAIN
Changes since 1.29: +2 -2
lines
Diff to previous 1.29 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.21.0 Version 12.21.0 'Erbium' (LTS) This is a security release. Notable changes Vulnerabilities fixed: CVE-2021-22883: HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion Affected Node.js versions are vulnerable to denial of service attacks when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is configured on the system, then the server is unable to accept new connections and prevent the process also from opening, e.g. a file. If no file descriptor limit is configured, then this lead to an excessive memory usage and cause the system to run out of memory. CVE-2021-22884: DNS rebinding in --inspect Affected Node.js versions are vulnerable to denial of service attacks when the whitelist includes ãà×Íocalhost6ãà When ãà×Íocalhost6ãàis not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over network. If the attacker controls the victim's DNS server or can spoof its responses, the DNS rebinding protection can be bypassed by using the ãà×Íocalhost6ãàdomain. As long as the attacker uses the ãà×Íocalhost6ãàdomain, they can still apply the attack described in CVE-2018-7160. CVE-2021-23840: OpenSSL - Integer overflow in CipherUpdate This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210216.txt
Revision 1.29 / (download) - annotate - [select for diffs], Mon Feb 15 10:21:43 2021 UTC (3 years, 2 months ago) by adam
Branch: MAIN
Changes since 1.28: +2 -2
lines
Diff to previous 1.28 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.20.2 Version 12.20.2 'Erbium' (LTS) Notable changes deps: upgrade npm to 6.14.11
Revision 1.28 / (download) - annotate - [select for diffs], Tue Jan 5 08:34:57 2021 UTC (3 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.27: +2 -2
lines
Diff to previous 1.27 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.20.1 Version 12.20.1 'Erbium' (LTS) Notable changes This is a security release. Vulnerabilities fixed: CVE-2020-8265: use-after-free in TLSWrap (High) Affected Node.js versions are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits CVE-2020-8287: HTTP Request Smuggling in nodejs Affected versions of Node.js allow two copies of a header field in a http request. For example, two Transfer-Encoding header fields. In this case Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling (https://cwe.mitre.org/data/definitions/444.html). CVE-2020-1971: OpenSSL - EDIPARTYNAME NULL pointer de-reference (High) This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20201208.txt
Revision 1.27 / (download) - annotate - [select for diffs], Thu Dec 31 20:04:12 2020 UTC (3 years, 3 months ago) by nia
Branch: MAIN
Changes since 1.26: +2 -3
lines
Diff to previous 1.26 (colored) to selected 1.3 (colored)
Normalize handling packages that require 64-bit atomic ops.
Revision 1.26 / (download) - annotate - [select for diffs], Wed Dec 16 07:42:39 2020 UTC (3 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2020Q4-base,
pkgsrc-2020Q4
Changes since 1.25: +4 -2
lines
Diff to previous 1.25 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.12.0 Version 12.12.0 (Current) Notable changes build: Add --force-context-aware flag to prevent usage of native node addons that aren't context aware deprecations: Add documentation-only deprecation for process._tickCallback() esm: Using JSON modules is experimental again fs: Introduce opendir() and fs.Dir to iterate through directories process: Add source-map support to stack traces by using --enable-source-maps tls: Honor pauseOnConnect option Add option for private keys for OpenSSL engines
Revision 1.25 / (download) - annotate - [select for diffs], Tue Nov 17 11:02:02 2020 UTC (3 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.24: +2 -3
lines
Diff to previous 1.24 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.19.1 Version 12.19.1 'Erbium' (LTS) Notable changes This is a security release. Vulnerabilities fixed: CVE-2020-8277: Denial of Service through DNS request (High). A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service by getting the application to resolve a DNS record with a larger number of responses.
Revision 1.24 / (download) - annotate - [select for diffs], Thu Nov 5 09:06:57 2020 UTC (3 years, 5 months ago) by ryoon
Branch: MAIN
Changes since 1.23: +2 -1
lines
Diff to previous 1.23 (colored) to selected 1.3 (colored)
*: Recursive revbump from textproc/icu-68.1
Revision 1.23 / (download) - annotate - [select for diffs], Fri Oct 9 07:23:51 2020 UTC (3 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.22: +2 -2
lines
Diff to previous 1.22 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.19.0 Version 12.19.0 'Erbium' (LTS) Notable Changes - (SEMVER-MINOR) module: package "imports" field (Guy Bedford) - (SEMVER-MINOR) n-api: create N-API version 7 (Gabriel Schulhof) - (SEMVER-MINOR) crypto: add randomInt function (Oli Lalonde) - deps: upgrade to libuv 1.39.0 (Colin Ihrig) - doc: add Ricky Zhou to collaborators (rickyes) - doc: add release key for Ruy Adorno (Ruy Adorno) - doc: add DerekNonGeneric to collaborators (Derek Lewis) - deps: upgrade npm to 6.14.7 (claudiahdz) - doc: add AshCripps to collaborators (Ash Cripps) - doc: add HarshithaKP to collaborators (Harshitha K P) - zlib: switch to lazy init for zlib streams (Andrey Pechkurov) - doc: add rexagod to collaborators (Pranshu Srivastava) - doc: add release key for Richard Lau (Richard Lau) - doc: add danielleadams to collaborators (Danielle Adams) - doc: add sxa as collaborator (Stewart X Addison) - deps: upgrade to libuv 1.38.1 (Colin Ihrig) - doc: add ruyadorno to collaborators (Ruy Adorno) - (SEMVER-MINOR) module: deprecate module.parent (Antoine du HAMEL) - (SEMVER-MAJOR) doc: deprecate process.umask() with no arguments (Colin Ihrig)
Revision 1.22 / (download) - annotate - [select for diffs], Fri Oct 2 12:24:27 2020 UTC (3 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.21: +2 -2
lines
Diff to previous 1.21 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.18.4 Version 12.18.4 'Erbium' (LTS) Notable Changes This is a security release. Vulnerabilities fixed: CVE-2020-8201: HTTP Request Smuggling due to CR-to-Hyphen conversion (High). CVE-2020-8252: fs.realpath.native on may cause buffer overflow (Medium).
Revision 1.21 / (download) - annotate - [select for diffs], Mon Aug 3 12:10:47 2020 UTC (3 years, 8 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2020Q3-base,
pkgsrc-2020Q3
Changes since 1.20: +2 -2
lines
Diff to previous 1.20 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.18.3 Version 12.18.3 'Erbium' (LTS) Notable Changes deps: upgrade npm to 6.14.6 update node-inspect to v2.0.0 uvwasi: cherry-pick 9e75217
Revision 1.20 / (download) - annotate - [select for diffs], Fri Jul 3 19:01:40 2020 UTC (3 years, 9 months ago) by adam
Branch: MAIN
Changes since 1.19: +2 -2
lines
Diff to previous 1.19 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.18.2 Version 12.18.2 'Erbium' (LTS) Notable changes deps: V8: backport Fixes memory leak in PrototypeUsers::Add src: use symbol to store AsyncWrap resource Fixes reported memory leak Version 12.18.1 'Erbium' (LTS) Notable Changes deps: V8: cherry-pick update to uvwasi 0.0.9 upgrade to libuv 1.38.0 upgrade npm to 6.14.5
Revision 1.19 / (download) - annotate - [select for diffs], Thu Jun 18 04:58:24 2020 UTC (3 years, 10 months ago) by gutteridge
Branch: MAIN
CVS Tags: pkgsrc-2020Q2-base,
pkgsrc-2020Q2
Changes since 1.18: +3 -1
lines
Diff to previous 1.18 (colored) to selected 1.3 (colored)
nodejs/nodejs10/nodejs12: these now require nghttp2>=1.41.0 As of the last updates to each of these, made earlier this month, they now require nghttp2>=1.41.0 to build. They expect nghttp2_option_set_max_settings to be available.
Revision 1.18 / (download) - annotate - [select for diffs], Wed Jun 3 08:42:41 2020 UTC (3 years, 10 months ago) by adam
Branch: MAIN
Changes since 1.17: +2 -3
lines
Diff to previous 1.17 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.18.0 Version 12.18.0 'Erbium' (LTS) Notable changes This is a security release. Vulnerabilities fixed: CVE-2020-8172: TLS session reuse can lead to host certificate verification bypass (High). CVE-2020-11080: HTTP/2 Large Settings Frame DoS (Low). CVE-2020-8174: napi_get_value_string_*() allows various kinds of memory corruption (High). Commits - crypto: update root certificates - (SEMVER-MINOR) deps: update nghttp2 to 1.41.0 - (SEMVER-MINOR) http2: implement support for max settings entries - napi: fix memory corruption vulnerability - tls: emit session after verifying certificate - tools: update certdata.txt
Revision 1.17 / (download) - annotate - [select for diffs], Tue Jun 2 08:22:46 2020 UTC (3 years, 10 months ago) by adam
Branch: MAIN
Changes since 1.16: +2 -1
lines
Diff to previous 1.16 (colored) to selected 1.3 (colored)
Revbump for icu
Revision 1.16 / (download) - annotate - [select for diffs], Sun May 31 21:41:22 2020 UTC (3 years, 10 months ago) by rillig
Branch: MAIN
Changes since 1.15: +2 -1
lines
Diff to previous 1.15 (colored) to selected 1.3 (colored)
lang/nodejs*: skip portability check for macOS installation scripts
Revision 1.15 / (download) - annotate - [select for diffs], Tue May 26 16:50:00 2020 UTC (3 years, 10 months ago) by adam
Branch: MAIN
Changes since 1.14: +2 -2
lines
Diff to previous 1.14 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.17.0 Version 12.17.0 'Erbium' (LTS): Notable Changes ECMAScript Modules - --experimental-modules flag removal AsyncLocalStorage API (experimental) REPL previews REPL reverse-i-search REPL substring-based search Error monitoring Monitoring uncaught exceptions File system APIs Console groupIndentation option maxStringLength option for util.inspect() Stable N-API release 6 Stable diagnostic reports Increase of the default server headers timeout
Revision 1.14 / (download) - annotate - [select for diffs], Fri May 8 13:48:45 2020 UTC (3 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.13: +2 -3
lines
Diff to previous 1.13 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.16.3 Version 12.16.3 'Erbium' (LTS), @targos Notable Changes Dependencies: Updated OpenSSL to 1.1.1g Updated c-ares to 1.16.0 Updated experimental uvwasi to 0.0.6 ESM (experimental): Additional warnings are no longer printed for modules that use conditional exports or package name self resolution
Revision 1.13 / (download) - annotate - [select for diffs], Wed May 6 14:04:10 2020 UTC (3 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.12: +2 -1
lines
Diff to previous 1.12 (colored) to selected 1.3 (colored)
revbump after boost update
Revision 1.12 / (download) - annotate - [select for diffs], Fri Apr 17 07:52:46 2020 UTC (4 years ago) by adam
Branch: MAIN
Changes since 1.11: +2 -3
lines
Diff to previous 1.11 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.16.2 Version 12.16.2 'Erbium' (LTS) Notable Changes doc: add ronag to collaborators add GeoffreyBooth to collaborators deps: upgrade npm to 6.13.6 update openssl to 1.1.1e
Revision 1.11 / (download) - annotate - [select for diffs], Sun Apr 12 08:27:58 2020 UTC (4 years ago) by adam
Branch: MAIN
Changes since 1.10: +2 -1
lines
Diff to previous 1.10 (colored) to selected 1.3 (colored)
Recursive revision bump after textproc/icu update
Revision 1.10 / (download) - annotate - [select for diffs], Wed Mar 11 09:22:49 2020 UTC (4 years, 1 month ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2020Q1-base,
pkgsrc-2020Q1
Changes since 1.9: +1 -3
lines
Diff to previous 1.9 (colored) to selected 1.3 (colored)
nodejs*: Unbreak builds, again, this time with comment.
Revision 1.9 / (download) - annotate - [select for diffs], Wed Mar 4 18:59:39 2020 UTC (4 years, 1 month ago) by adam
Branch: MAIN
Changes since 1.8: +3 -1
lines
Diff to previous 1.8 (colored) to selected 1.3 (colored)
nodejs: updated to 13.10.0 Version 13.10.0 (Current): Notable Changes async_hooks - introduce async-context API stream - support passing generator functions into pipeline() tls - expose SSL_export_keying_material vm - implement vm.measureMemory() for per-context memory measurement
Revision 1.8 / (download) - annotate - [select for diffs], Mon Feb 24 16:02:40 2020 UTC (4 years, 1 month ago) by adam
Branch: MAIN
Changes since 1.7: +2 -2
lines
Diff to previous 1.7 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.16.1 Version 12.16.1 'Erbium' (LTS): Node.js 12.16.0 included 6 regressions that are being fixed in this release Version 12.16.0 'Erbium' (LTS): New assert APIs Advanced serialization for IPC CLI flags New crypto APIs Dependency updates
Revision 1.7 / (download) - annotate - [select for diffs], Tue Feb 18 23:06:05 2020 UTC (4 years, 2 months ago) by jperkin
Branch: MAIN
Changes since 1.6: +1 -3
lines
Diff to previous 1.6 (colored) to selected 1.3 (colored)
nodejs*: Consolidate python27 requirement. It's still required as of nodejs v13.
Revision 1.6 / (download) - annotate - [select for diffs], Fri Feb 7 09:51:09 2020 UTC (4 years, 2 months ago) by adam
Branch: MAIN
Changes since 1.5: +2 -3
lines
Diff to previous 1.5 (colored) to selected 1.3 (colored)
nodejs12: updated to 12.15.0 Version 12.15.0 'Erbium' (LTS): Notable changes This is a security release. Vulnerabilities fixed: CVE-2019-15606: HTTP header values do not have trailing OWS trimmed. CVE-2019-15605: HTTP request smuggling using malformed Transfer-Encoding header. CVE-2019-15604: Remotely trigger an assertion on a TLS server with a malformed certificate string. Also, HTTP parsing is more strict to be more secure. Since this may cause problems in interoperability with some non-conformant HTTP implementations, it is possible to disable the strict checks with the --insecure-http-parser command line flag, or the insecureHTTPParser http option. Using the insecure HTTP parser should be avoided.
Revision 1.5 / (download) - annotate - [select for diffs], Fri Jan 24 18:55:49 2020 UTC (4 years, 2 months ago) by adam
Branch: MAIN
Changes since 1.4: +7 -14
lines
Diff to previous 1.4 (colored) to selected 1.3 (colored)
nodejs12: use external OpenSSL; bump revision
Revision 1.4 / (download) - annotate - [select for diffs], Wed Jan 8 22:29:02 2020 UTC (4 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.3: +2 -2
lines
Diff to previous 1.3 (colored)
nodejs12: updated to 12.14.1 Version 12.14.1 'Erbium' (LTS): Notable changes * crypto: fix key requirements in asymmetric cipher * deps: - update llhttp to 2.0.1 - update nghttp2 to 1.40.0 * v8: mark serdes API as stable
Revision 1.3 / (download) - annotate - [selected], Sun Dec 29 15:39:15 2019 UTC (4 years, 3 months ago) by adam
Branch: MAIN
Changes since 1.2: +2 -2
lines
Diff to previous 1.2 (colored)
nodejs12: updated to 12.14.0 Version 12.14.0 'Erbium' (LTS) Notable changes deps: update npm to 6.13.4
Revision 1.2 / (download) - annotate - [select for diffs], Fri Dec 13 06:26:07 2019 UTC (4 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base,
pkgsrc-2019Q4
Changes since 1.1: +1 -4
lines
Diff to previous 1.1 (colored) to selected 1.3 (colored)
Get rid of http-parser for nodejs 12+
Revision 1.1 / (download) - annotate - [select for diffs], Mon Dec 9 20:05:40 2019 UTC (4 years, 4 months ago) by adam
Branch: MAIN
Diff to selected 1.3 (colored)
nodejs: added version 12.13.1, removed version 6.14.3 Moved nodejs to nodejs10 - version 10.17.0 Version 12.13.1 'Erbium' (LTS): Notable changes Experimental support for building Node.js with Python 3 is improved. ICU time zone data is updated to version 2019c. This fixes the date offset in Brazil.