OSSForks/node
1
0
Fork 0
mirror of https://github.com/zebrajr/node.git synced 2026-01-15 12:15:26 +00:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity
41,035 Commits 30 Branches 683 Tags
7b01bfb2be3e5383f8cfcd5209c7e193c3e81ebe
Commit Graph

41035 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mohammed Keyvanzadeh
7b01bfb2be doc: correct naming convention in C++ style guide 
The code and documentation uses PascalCase for C++ functions, methods,
and classes but the C++ style guide incorrectly says to use camelCase.

PR-URL: https://github.com/nodejs/node/pull/52424
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
 2024-04-10 15:32:53 +00:00
Wes Todd
0d1e64f64c tools: update stale bot messaging 
PR-URL: https://github.com/nodejs/node/pull/52423
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Ruy Adorno <ruy@vlt.sh>
Reviewed-By: Zeyu "Alex" Yang <himself65@outlook.com>
 2024-04-10 14:53:51 +00:00
Tobias Nießen
8f61b658de crypto: deprecate implicitly shortened GCM tags 
This introduces a doc-only deprecation of using GCM authentication tags
that are shorter than the cipher's block size, unless the user specified
the authTagLength option.

Refs: https://github.com/nodejs/node/issues/52327
PR-URL: https://github.com/nodejs/node/pull/52345
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
 2024-04-10 08:16:33 +00:00
Jacob Smith
c82f3c9e80 doc: update process.execArg example to be more useful 
PR-URL: https://github.com/nodejs/node/pull/52412
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Raz Luvaton <rluvaton@gmail.com>
 2024-04-09 20:42:05 +00:00
Node.js GitHub Bot
5bae73df90 tools: update lint-md-dependencies to rollup@4.14.0 
PR-URL: https://github.com/nodejs/node/pull/52398
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
 2024-04-09 00:48:41 +00:00
mathis-west-1
655b327a4d doc: call out http(s).globalAgent default 
Despite the `http.Agent` stating:

> The default `http.globalAgent` that is used by `http.request()` has
> all of these values set to their respective defaults.

this isn't true anymore since node.js 19. Both, the http as well as the
https `globalAgent` now set `{ keepAlive: true, scheduling: 'lifo',
timeout: 5000 }` as options. `'lifo'` is the default anyway, but
`keepAlive` is turned off and no `timeout` is set on `new Agent()`.

Document the diverging behaviour in the `globalAgent` sections, remove
the false statement from `http.Agent` section, and extend the changelog
to call out the timeout change as well.

PR-URL: https://github.com/nodejs/node/pull/52392
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
 2024-04-08 20:33:46 +00:00
Joyee Cheung
db1746182b module: disallow CJS <-> ESM edges in a cycle from require(esm) 
This patch disallows CJS <-> ESM edges when they come from
require(esm) requested in ESM evalaution.

Drive-by: don't reuse the cache for imported CJS modules to stash
source code of required ESM because the former is also used for
cycle detection.

PR-URL: https://github.com/nodejs/node/pull/52264
Fixes: https://github.com/nodejs/node/issues/52145
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: Guy Bedford <guybedford@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
 2024-04-08 14:45:55 +00:00
Stefan Stojanovic
45f0dd0192 module,win: fix long path resolve 
Fixes: https://github.com/nodejs/node/issues/50753
PR-URL: https://github.com/nodejs/node/pull/51097
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
 2024-04-08 14:37:46 +00:00
Yagiz Nizipli
6f504b71ac buffer: use simdutf for atob implementation 
Co-authored-by: Daniel Lemire <daniel@lemire.me>
PR-URL: https://github.com/nodejs/node/pull/52381
Refs: https://github.com/nodejs/node/pull/51670
Reviewed-By: Daniel Lemire <daniel@lemire.me>
Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
 2024-04-08 12:43:28 +00:00
Yagiz Nizipli
cf629366b9 deps: update simdutf to 5.2.3 
PR-URL: https://github.com/nodejs/node/pull/52381
Refs: https://github.com/nodejs/node/pull/51670
Reviewed-By: Daniel Lemire <daniel@lemire.me>
Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
 2024-04-08 12:43:28 +00:00
Tobias Nießen
08609b5222 crypto: make timingSafeEqual faster for Uint8Array 
Add a fast API that V8 can use if the user supplies Uint8Arrays
(including Buffers) to timingSafeEqual.

PR-URL: https://github.com/nodejs/node/pull/52341
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br>
Reviewed-By: Daniel Lemire <daniel@lemire.me>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
 2024-04-08 11:36:53 +00:00
Tobias Nießen
9ef724bc81 src: update branch name in node_revert.h 
PR-URL: https://github.com/nodejs/node/pull/52390
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
 2024-04-08 10:52:46 +00:00
Tim Perry
3fc8d2200e http2: fix h2-over-h2 connection proxying 
PR-URL: https://github.com/nodejs/node/pull/52368
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
 2024-04-08 09:53:18 +00:00
Michaël Zasso
468cb99ba4 tools: update Ruff to v0.3.4 
- Use `check` command as suggested
- Adapt deprecated config
- Ignore cpplint.py as it's a third-party script

PR-URL: https://github.com/nodejs/node/pull/52302
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
 2024-04-08 07:42:09 +00:00
Filip Skokan
9f939f5af7 crypto: reject Ed25519/Ed448 in Sign/Verify prototypes 
fixes: #52097
PR-URL: https://github.com/nodejs/node/pull/52340
Fixes: https://github.com/nodejs/node/issues/52097
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2024-04-08 06:18:43 +00:00
Yagiz Nizipli
128c60d906 cli: implement node --run <script-in-package-json> 
Co-authored-by: Daniel Lemire <daniel@lemire.me>
PR-URL: https://github.com/nodejs/node/pull/52190
Reviewed-By: Daniel Lemire <daniel@lemire.me>
Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br>
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Tierney Cyren <hello@bnb.im>
Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Ruy Adorno <ruy@vlt.sh>
 2024-04-08 00:49:14 +00:00
npm CLI robot
ad86a12964 deps: upgrade npm to 10.5.1 
PR-URL: https://github.com/nodejs/node/pull/52351
Reviewed-By: Luke Karrys <luke@lukekarrys.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2024-04-07 21:36:14 +00:00
Raz Luvaton
893e2cf22b watch: fix some node argument not passed to watched process 
PR-URL: https://github.com/nodejs/node/pull/52358
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Jacob Smith <jacob@frende.me>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
 2024-04-07 20:50:45 +00:00
Emmanuel Ferdman
2c77be5488 doc: update the location of build_with_cmake 
PR-URL: https://github.com/nodejs/node/pull/52356
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Chengzhong Wu <legendecas@gmail.com>
 2024-04-07 20:34:28 +00:00
Shelley Vohr
7dd514f2db doc: reserve 125 for Electron 31 
PR-URL: https://github.com/nodejs/node/pull/52379
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
 2024-04-07 18:09:38 +00:00
Rich Trott
756acd0877 doc: use consistent plural form of "index" 
Our documentation uses both "indices" and "indexes" as the plural form
of "index". The Microsoft Style Guide, which we've adopted for
documentation, says to use "indexes" so let's standardize on that.

Ref: https://learn.microsoft.com/en-us/style-guide/a-z-word-list-term-collections/i/index-indexes-indices
PR-URL: https://github.com/nodejs/node/pull/52373
Refs: https://learn.microsoft.com/en-us/style-guide/a-z-word-list-term-collections/i/index-indexes-indices
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
 2024-04-07 06:46:29 +00:00
Ali Hassan
47c934e464 benchmark: conditionally use spawn with taskset for cpu pinning 
This change enhances the benchmarking tool by conditionally using the,
spawn method with taskset for CPU pinning, improving consistency of
benchmark results across different environments.

Fixes: https://github.com/nodejs/node/issues/52233
PR-URL: https://github.com/nodejs/node/pull/52253
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Raz Luvaton <rluvaton@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
 2024-04-06 22:43:53 +00:00
Daeyeon Jeong
ba07e4e5e6 doc: fix typo in cli.md 
Signed-off-by: Daeyeon Jeong <daeyeon.dev@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/52388
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2024-04-06 18:49:45 +00:00
Tobias Nießen
8c0b723ccb fs,permission: make handling of buffers consistent 
Commit 2000c267dd added explicit handling
of Buffers to fs.symlink, but not to fs.symlinkSync or
fs.promises.symlink. This change adapts the latter two functions to
behave like fs.symlink.

Refs: https://github.com/nodejs/node/pull/49156
Refs: https://github.com/nodejs/node/pull/51212
PR-URL: https://github.com/nodejs/node/pull/52348
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
 2024-04-06 07:37:04 +00:00
Thomas Mauran
3f5ff8dc20 lib: .load .save add proper error message when no file passed 
This commit adds a proper error message using ERR_MISSING_ARGS('file')
when a .save or .load REPL command is runned. This commit also adds
test for both of this cases.

Fixes: https://github.com/nodejs/node/issues/52218

Signed-off-by: Thomas Mauran <thomas.mauran@etu.umontpellier.fr>
PR-URL: https://github.com/nodejs/node/pull/52225
Reviewed-By: Kohei Ueno <kohei.ueno119@gmail.com>
 2024-04-06 02:12:19 +00:00
Michaël Zasso
67b9dda003 tools: run test-ubsan on ubuntu-latest 
PR-URL: https://github.com/nodejs/node/pull/52375
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
 2024-04-05 19:27:31 +00:00
Luigi Pinca
c02de658a1 stream: make Duplex inherit destroy from Writable 
Make `Duplex` inherit the `destroy` method from `Writable` instead of
`Readable` so that pending write callbacks are correctly invoked when
the stream is destroyed.

PR-URL: https://github.com/nodejs/node/pull/52318
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
 2024-04-05 18:34:33 +00:00
Rafael Gonzaga
461d9d665d doc: add Rafael to sec release stewards 
PR-URL: https://github.com/nodejs/node/pull/52354
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Ruy Adorno <ruy@vlt.sh>
 2024-04-05 16:59:12 +00:00
atlowChemi
d0c364a844 doc: document missing options of events.on 
Fixes: https://github.com/nodejs/node/issues/52078
Refs: https://github.com/nodejs/node/pull/41276
PR-URL: https://github.com/nodejs/node/pull/52080
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
 2024-04-05 14:07:48 +00:00
atlowChemi
d619aab575 events: rename high & low watermark for consistency 
PR-URL: https://github.com/nodejs/node/pull/52080
Fixes: https://github.com/nodejs/node/issues/52078
Refs: https://github.com/nodejs/node/pull/41276
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
 2024-04-05 14:07:47 +00:00
Michaël Zasso
ec1550407b src: stop using v8::BackingStore::Reallocate 
It's being deprecated by V8.
Explicitly allocate a new ArrayBuffer and copy the data when needed
instead.

Fixes: https://github.com/nodejs/node/issues/52234
Co-authored-by: Joyee Cheung <joyeec9h3@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/52292
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
 2024-04-05 09:20:10 +00:00
Moshe Atlow
433bd1b04d test_runner: fix recursive run 
PR-URL: https://github.com/nodejs/node/pull/52322
Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
 2024-04-04 13:10:52 +00:00
Node.js GitHub Bot
f1f32d89e0 tools: update lint-md-dependencies to rollup@4.13.2 
PR-URL: https://github.com/nodejs/node/pull/52286
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2024-04-04 13:10:45 +00:00
Node.js GitHub Bot
45cc32c9c6 deps: update c-ares to 1.28.1 
PR-URL: https://github.com/nodejs/node/pull/52285
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
 2024-04-04 13:10:39 +00:00
Augustin Mauroy
a63261cf2c doc: add missing space 
PR-URL: https://github.com/nodejs/node/pull/52360
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
 2024-04-04 10:57:36 +00:00
Michaël Zasso
d7aa8fc9da Revert "tools: run build-windows workflow only on source changes" 
This reverts commit 4ab63db9e2.

PR-URL: https://github.com/nodejs/node/pull/52320
Refs: https://github.com/nodejs/node/pull/51596
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
 2024-04-04 09:06:50 +00:00
Cong Zhang
dd711d221a doc: add tips about vcpkg cause build faild on windows 
PR-URL: https://github.com/nodejs/node/pull/52181
Refs: https://github.com/nodejs/help/issues/1656
Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br>
 2024-04-03 23:48:55 +00:00
Joyee Cheung
d6b57f6629 module: centralize SourceTextModule compilation for builtin loader 
This refactors the code that compiles SourceTextModule for the
built-in ESM loader to use a common routine so that it's easier
to customize cache handling for the ESM loader. In addition
this introduces a common symbol for import.meta and import()
so that we don't need to create additional closures as handlers,
since we can get all the information we need from the V8 callback
already. This should reduce the memory footprint of ESM as well.

PR-URL: https://github.com/nodejs/node/pull/52291
Refs: https://github.com/nodejs/node/issues/47472
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
 2024-04-03 23:31:48 +00:00
Rich Trott
4df34cf6dd doc: replace "below" with "following" 
Ref: https://learn.microsoft.com/en-us/style-guide/a-z-word-list-term-collections/b/below
PR-URL: https://github.com/nodejs/node/pull/52315
Refs: https://learn.microsoft.com/en-us/style-guide/a-z-word-list-term-collections/b/below
Reviewed-By: Geoffrey Booth <webadmin@geoffreybooth.com>
Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
 2024-04-03 20:21:28 +00:00
dependabot[bot]
8df54481f4 meta: bump actions/download-artifact from 4.1.3 to 4.1.4 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](87c55149d9...c850b930e6)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/52314
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2024-04-03 18:52:45 +00:00
dependabot[bot]
bcc102147a meta: bump rtCamp/action-slack-notify from 2.2.1 to 2.3.0 
Bumps [rtCamp/action-slack-notify](https://github.com/rtcamp/action-slack-notify) from 2.2.1 to 2.3.0.
- [Release notes](https://github.com/rtcamp/action-slack-notify/releases)
- [Commits](b24d75fe0e...4e5fb42d24)

---
updated-dependencies:
- dependency-name: rtCamp/action-slack-notify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/52313
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2024-04-03 18:52:34 +00:00
dependabot[bot]
4e7e0ef9c3 meta: bump github/codeql-action from 3.24.6 to 3.24.9 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.6 to 3.24.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](8a470fddaf...1b1aada464)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/52312
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2024-04-03 18:52:25 +00:00
dependabot[bot]
14a39881b8 meta: bump actions/cache from 4.0.1 to 4.0.2 
Bumps [actions/cache](https://github.com/actions/cache) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](ab5e6d0c87...0c45773b62)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/52311
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2024-04-03 18:52:14 +00:00
dependabot[bot]
2f8f90dadb meta: bump actions/setup-python from 5.0.0 to 5.1.0 
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.0.0 to 5.1.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](0a5c615913...82c7e631bb)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/52310
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2024-04-03 18:52:04 +00:00
dependabot[bot]
95efdaf01a meta: bump codecov/codecov-action from 4.1.0 to 4.1.1 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](54bcd8715e...c16abc29c9)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
PR-URL: https://github.com/nodejs/node/pull/52308
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
 2024-04-03 18:51:54 +00:00
Node.js GitHub Bot
74343a753c deps: update undici to 6.11.1 
PR-URL: https://github.com/nodejs/node/pull/52328
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com.com>
 2024-04-03 11:38:44 -03:00
Paolo Insogna
04e16463d1 http: do not allow OBS fold in headers by default 
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Fixes: https://hackerone.com/reports/2237099
PR-URL: https://github.com/nodejs-private/node-private/pull/556
CVE-ID: CVE-2024-27982
 2024-04-03 11:38:30 -03:00
RafaelGSS
b25b5aca96 src: ensure to close stream when destroying session 
Co-Authored-By: Anna Henningsen <anna@addaleax.net>
PR-URL: https://github.com/nodejs-private/node-private/pull/561
Fixes: https://hackerone.com/reports/2319584
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
CVE-ID: CVE-2024-27983
 2024-04-03 11:37:07 -03:00
RafaelGSS
6590a8c4e4 2024-04-03, Version 18.20.1 'Hydrogen' (LTS) 
This is a security release.

Notable changes:

* CVE-2024-27983 - Assertion failed in node::http2::Http2Session::\~Http2Session() leads to HTTP/2 server crash- (High)
* CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium)
* llhttp version 9.2.1
* undici version 5.28.4

PR-URL: https://github.com/nodejs-private/node-private/pull/573
 2024-04-03 11:00:53 -03:00
RafaelGSS
24d036ba45 2024-04-03, Version 20.12.1 'Iron' (LTS) 
This is a security release.

Notable changes:

* CVE-2024-27983 - Assertion failed in node::http2::Http2Session::\~Http2Session() leads to HTTP/2 server crash- (High)
* CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium)
* llhttp version 9.2.1
* undici version 5.28.4

PR-URL: https://github.com/nodejs-private/node-private/pull/575/
 2024-04-03 10:50:49 -03:00