Merge pull request #771 from nodejs/main

Create a new pull request by comparing changes across two branches
javascript-indonesias · Jan 14, 2023 · f05933a · f05933a
2 parents d10689b + 1022c6f
commit f05933a
Show file tree

Hide file tree

Showing 30 changed files with 182 additions and 74 deletions.
diff --git a/.github/workflows/authors.yml b/.github/workflows/authors.yml
@@ -19,7 +19,7 @@ jobs:
           fetch-depth: '0'  # This is required to actually get all the authors
           persist-credentials: false
       - run: tools/update-authors.mjs  # Run the AUTHORS tool
-      - uses: gr2m/create-or-update-pull-request-action@dc1726cbf4dd3ce766af4ec29cfb660e0125e8ee
+      - uses: gr2m/create-or-update-pull-request-action@77596e3166f328b24613f7082ab30bf2d93079d5
         # Creates a PR or update the Action's existing PR, or
         # no-op if the base branch is already up-to-date.
         env:

diff --git a/.github/workflows/find-inactive-collaborators.yml b/.github/workflows/find-inactive-collaborators.yml
@@ -33,7 +33,7 @@ jobs:
         run: tools/find-inactive-collaborators.mjs
 
       - name: Open pull request
-        uses: gr2m/create-or-update-pull-request-action@dc1726cbf4dd3ce766af4ec29cfb660e0125e8ee
+        uses: gr2m/create-or-update-pull-request-action@77596e3166f328b24613f7082ab30bf2d93079d5
         # Creates a PR or update the Action's existing PR, or
         # no-op if the base branch is already up-to-date.
         env:

diff --git a/.github/workflows/find-inactive-tsc.yml b/.github/workflows/find-inactive-tsc.yml
@@ -42,7 +42,7 @@ jobs:
         run: tools/find-inactive-tsc.mjs >> $GITHUB_ENV
 
       - name: Open pull request
-        uses: gr2m/create-or-update-pull-request-action@dc1726cbf4dd3ce766af4ec29cfb660e0125e8ee
+        uses: gr2m/create-or-update-pull-request-action@77596e3166f328b24613f7082ab30bf2d93079d5
         # Creates a PR or update the Action's existing PR, or
         # no-op if the base branch is already up-to-date.
         env:

diff --git a/.github/workflows/license-builder.yml b/.github/workflows/license-builder.yml
@@ -21,7 +21,7 @@ jobs:
         with:
           persist-credentials: false
       - run: ./tools/license-builder.sh  # Run the license builder tool
-      - uses: gr2m/create-or-update-pull-request-action@dc1726cbf4dd3ce766af4ec29cfb660e0125e8ee
+      - uses: gr2m/create-or-update-pull-request-action@77596e3166f328b24613f7082ab30bf2d93079d5
         # Creates a PR or update the Action's existing PR, or
         # no-op if the base branch is already up-to-date.
         env:

diff --git a/.github/workflows/timezone-update.yml b/.github/workflows/timezone-update.yml
@@ -40,7 +40,7 @@ jobs:
         run: echo "${{ env.new_version }}" > test/fixtures/tz-version.txt
 
       - name: Open Pull Request
-        uses: gr2m/create-or-update-pull-request-action@dc1726cbf4dd3ce766af4ec29cfb660e0125e8ee  # Create a PR or update the Action's existing PR
+        uses: gr2m/create-or-update-pull-request-action@77596e3166f328b24613f7082ab30bf2d93079d5  # Create a PR or update the Action's existing PR
         env:
           GITHUB_TOKEN: ${{ secrets.GH_USER_TOKEN }}
         with:

diff --git a/.github/workflows/tools.yml b/.github/workflows/tools.yml
@@ -77,6 +77,16 @@ jobs:
                 echo "NEW_VERSION=$NEW_VERSION" >> $GITHUB_ENV
                 ./tools/update-undici.sh
               fi
+          - id: postject
+            subsystem: deps
+            label: dependencies
+            run: |
+              NEW_VERSION=$(npm view postject dist-tags.latest)
+              CURRENT_VERSION=$(node -p "require('./test/fixtures/postject-copy/node_modules/postject/package.json').version")
+              if [ "$NEW_VERSION" != "$CURRENT_VERSION" ]; then
+                echo "NEW_VERSION=$NEW_VERSION" >> $GITHUB_ENV
+                ./tools/dep_updaters/update-postject.sh
+              fi
           - id: base64
             subsystem: deps
             label: dependencies
@@ -141,7 +151,7 @@ jobs:
       - run: ${{ matrix.run }}
         env:
           GITHUB_TOKEN: ${{ secrets.GH_USER_TOKEN }}
-      - uses: gr2m/create-or-update-pull-request-action@dc1726cbf4dd3ce766af4ec29cfb660e0125e8ee
+      - uses: gr2m/create-or-update-pull-request-action@77596e3166f328b24613f7082ab30bf2d93079d5
         # Creates a PR or update the Action's existing PR, or
         # no-op if the base branch is already up-to-date.
         env:

diff --git a/doc/api/addons.md b/doc/api/addons.md
@@ -27,7 +27,7 @@ involving knowledge of several components and APIs:
   threads and all of the asynchronous behaviors of the platform. It also
   serves as a cross-platform abstraction library, giving easy, POSIX-like
   access across all major operating systems to many common system tasks, such
-  as interacting with the filesystem, sockets, timers, and system events. libuv
+  as interacting with the file system, sockets, timers, and system events. libuv
   also provides a threading abstraction similar to POSIX threads for
   more sophisticated asynchronous addons that need to move beyond the
   standard event loop. Addon authors should

diff --git a/doc/api/documentation.md b/doc/api/documentation.md
@@ -32,6 +32,18 @@ The stability indices are as follows:
 > [semantic versioning][] rules. Non-backward compatible changes or removal may
 > occur in any future release. Use of the feature is not recommended in
 > production environments.
+>
+> Experimental features are subdivided into stages:
+>
+> * 1.0 - Early development. Experimental features at this stage are unfinished
+>   and subject to substantial change.
+> * 1.1 - Active development. Experimental features at this stage are nearing
+>   minimum viability.
+> * 1.2 - Release candidate. Experimental features at this stage are hopefully
+>   ready to become stable. No further breaking changes are anticipated but may
+>   still occur in response to user feedback. We encourage user testing and
+>   feedback so that we can know that this feature is ready to be marked as
+>   stable.
 
 <!-- separator -->
 
@@ -48,9 +60,9 @@ Features are marked as legacy rather than being deprecated if their use does no
 harm, and they are widely relied upon within the npm ecosystem. Bugs found in
 legacy features are unlikely to be fixed.
 
-Use caution when making use of Experimental features, particularly within
-modules. Users may not be aware that experimental features are being used.
-Bugs or behavior changes may surprise users when Experimental API
+Use caution when making use of Experimental features, particularly when
+authoring libraries. Users may not be aware that experimental features are being
+used. Bugs or behavior changes may surprise users when Experimental API
 modifications occur. To avoid surprises, use of an Experimental feature may need
 a command-line flag. Experimental features may also emit a [warning][].
 

diff --git a/doc/api/fs.md b/doc/api/fs.md
@@ -1145,7 +1145,7 @@ changes:
 * `prefix` {string}
 * `options` {string|Object}
   * `encoding` {string} **Default:** `'utf8'`
-* Returns: {Promise}  Fulfills with a string containing the filesystem path
+* Returns: {Promise}  Fulfills with a string containing the file system path
   of the newly created temporary directory.
 
 Creates a unique temporary directory. A unique directory name is generated by
@@ -4400,7 +4400,7 @@ renamed. An `EPERM` error is reported when the watched directory is deleted.
 <!--type=misc-->
 
 This feature depends on the underlying operating system providing a way
-to be notified of filesystem changes.
+to be notified of file system changes.
 
 * On Linux systems, this uses [`inotify(7)`][].
 * On BSD systems, this uses [`kqueue(2)`][].
@@ -6934,7 +6934,7 @@ The times in the stat object have the following semantics:
   link(2), mknod(2), rename(2), unlink(2), utimes(2),
   read(2), and write(2) system calls.
 * `birthtime` "Birth Time": Time of file creation. Set once when the
-  file is created. On filesystems where birthtime is not available,
+  file is created. On file systems where birthtime is not available,
   this field may instead hold either the `ctime` or
   `1970-01-01T00:00Z` (ie, Unix epoch timestamp `0`). This value may be greater
   than `atime` or `mtime` in this case. On Darwin and other FreeBSD variants,

diff --git a/doc/api/https.md b/doc/api/https.md
@@ -176,9 +176,14 @@ See [`server.maxHeadersCount`][] in the `node:http` module.
 
 <!-- YAML
 added: v14.11.0
+changes:
+  - version: v18.0.0
+    pr-url: https://github.com/nodejs/node/pull/41263
+    description: The default request timeout changed
+                 from no timeout to 300s (5 minutes).
 -->
 
-* {number} **Default:** `0`
+* {number} **Default:** `300000`
 
 See [`server.requestTimeout`][] in the `node:http` module.
 

diff --git a/doc/api/modules.md b/doc/api/modules.md
@@ -191,7 +191,7 @@ require(X) from module at path Y
    a. return the core module
    b. STOP
 2. If X begins with '/'
-   a. set Y to be the filesystem root
+   a. set Y to be the file system root
 3. If X begins with './' or '/' or '../'
    a. LOAD_AS_FILE(Y + X)
    b. LOAD_AS_DIRECTORY(Y + X)

diff --git a/doc/api/net.md b/doc/api/net.md
@@ -29,15 +29,15 @@ sockets on other operating systems.
 [`socket.connect()`][] take a `path` parameter to identify IPC endpoints.
 
 On Unix, the local domain is also known as the Unix domain. The path is a
-filesystem pathname. It gets truncated to an OS-dependent length of
+file system pathname. It gets truncated to an OS-dependent length of
 `sizeof(sockaddr_un.sun_path) - 1`. Typical values are 107 bytes on Linux and
 103 bytes on macOS. If a Node.js API abstraction creates the Unix domain socket,
 it will unlink the Unix domain socket as well. For example,
 [`net.createServer()`][] may create a Unix domain socket and
 [`server.close()`][] will unlink it. But if a user creates the Unix domain
 socket outside of these abstractions, the user will need to remove it. The same
 applies when a Node.js API creates a Unix domain socket but the program then
-crashes. In short, a Unix domain socket will be visible in the filesystem and
+crashes. In short, a Unix domain socket will be visible in the file system and
 will persist until unlinked.
 
 On Windows, the local domain is implemented using a named pipe. The path _must_

diff --git a/doc/api/report.md b/doc/api/report.md
@@ -567,9 +567,9 @@ In cases where standard streams are used, the value in `directory` is ignored.
 URLs are not supported. Defaults to a composite filename that contains
 timestamp, PID, and sequence number.
 
-`directory` specifies the filesystem directory where the report will be written.
-URLs are not supported. Defaults to the current working directory of the
-Node.js process.
+`directory` specifies the file system directory where the report will be
+written. URLs are not supported. Defaults to the current working directory of
+the Node.js process.
 
 ```js
 // Trigger report only on uncaught exceptions.

diff --git a/doc/contributing/maintaining-postject.md b/doc/contributing/maintaining-postject.md
@@ -0,0 +1,23 @@
+# Maintaining postject
+
+The [postject](https://github.com/nodejs/postject) dependency is used for the
+[Single Executable strategic initiative](https://github.com/nodejs/single-executable).
+
+## Updating postject
+
+The `tools/dep_updaters/update-postject.sh` script automates the update of the
+postject source files.
+
+Check that Node.js still builds and tests.
+
+## Committing postject
+
+Add postject: `git add --all test/fixtures/postject-copy`
+
+Commit the changes with a message like:
+
+```text
+deps: update postject to 1.0.0-alpha.4
+
+Updated as described in doc/contributing/maintaining-postject.md.
+```
diff --git a/lib/_http_agent.js b/lib/_http_agent.js
@@ -30,7 +30,6 @@ const {
   ArrayPrototypeSome,
   ArrayPrototypeSplice,
   FunctionPrototypeCall,
-  NumberIsNaN,
   NumberParseInt,
   ObjectKeys,
   ObjectSetPrototypeOf,
@@ -50,11 +49,6 @@ let debug = require('internal/util/debuglog').debuglog('http', (fn) => {
 });
 const { AsyncResource } = require('async_hooks');
 const { async_id_symbol } = require('internal/async_hooks').symbols;
-const {
-  codes: {
-    ERR_OUT_OF_RANGE,
-  },
-} = require('internal/errors');
 const {
   kEmptyObject,
   once,
@@ -124,10 +118,7 @@ function Agent(options) {
   validateOneOf(this.scheduling, 'scheduling', ['fifo', 'lifo']);
 
   if (this.maxTotalSockets !== undefined) {
-    validateNumber(this.maxTotalSockets, 'maxTotalSockets');
-    if (this.maxTotalSockets <= 0 || NumberIsNaN(this.maxTotalSockets))
-      throw new ERR_OUT_OF_RANGE('maxTotalSockets', '> 0',
-                                 this.maxTotalSockets);
+    validateNumber(this.maxTotalSockets, 'maxTotalSockets', 1);
   } else {
     this.maxTotalSockets = Infinity;
   }

diff --git a/lib/_http_client.js b/lib/_http_client.js
@@ -223,11 +223,10 @@ function ClientRequest(input, options, cb) {
   this.maxHeaderSize = maxHeaderSize;
 
   const insecureHTTPParser = options.insecureHTTPParser;
-  if (insecureHTTPParser !== undefined &&
-      typeof insecureHTTPParser !== 'boolean') {
-    throw new ERR_INVALID_ARG_TYPE(
-      'options.insecureHTTPParser', 'boolean', insecureHTTPParser);
+  if (insecureHTTPParser !== undefined) {
+    validateBoolean(insecureHTTPParser, 'options.insecureHTTPParser');
   }
+
   this.insecureHTTPParser = insecureHTTPParser;
 
   if (options.joinDuplicateHeaders !== undefined) {

diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js
@@ -1224,21 +1224,16 @@ function Server(options, listener) {
 
   validateNumber(this[kHandshakeTimeout], 'options.handshakeTimeout');
 
-  if (this[kSNICallback] && typeof this[kSNICallback] !== 'function') {
-    throw new ERR_INVALID_ARG_TYPE(
-      'options.SNICallback', 'function', options.SNICallback);
+  if (this[kSNICallback]) {
+    validateFunction(this[kSNICallback], 'options.SNICallback');
   }
 
-  if (this[kPskCallback] && typeof this[kPskCallback] !== 'function') {
-    throw new ERR_INVALID_ARG_TYPE(
-      'options.pskCallback', 'function', options.pskCallback);
+  if (this[kPskCallback]) {
+    validateFunction(this[kPskCallback], 'options.pskCallback');
   }
-  if (this[kPskIdentityHint] && typeof this[kPskIdentityHint] !== 'string') {
-    throw new ERR_INVALID_ARG_TYPE(
-      'options.pskIdentityHint',
-      'string',
-      options.pskIdentityHint
-    );
+
+  if (this[kPskIdentityHint]) {
+    validateString(this[kPskIdentityHint], 'options.pskIdentityHint');
   }
 
   // constructor call

diff --git a/lib/async_hooks.js b/lib/async_hooks.js
@@ -18,7 +18,6 @@ const {
 const {
   ERR_ASYNC_CALLBACK,
   ERR_ASYNC_TYPE,
-  ERR_INVALID_ARG_TYPE,
   ERR_INVALID_ASYNC_ID
 } = require('internal/errors').codes;
 const { kEmptyObject } = require('internal/util');
@@ -280,10 +279,8 @@ class AsyncLocalStorage {
     validateObject(options, 'options');
 
     const { onPropagate = null } = options;
-    if (onPropagate !== null && typeof onPropagate !== 'function') {
-      throw new ERR_INVALID_ARG_TYPE('options.onPropagate',
-                                     'function',
-                                     onPropagate);
+    if (onPropagate !== null) {
+      validateFunction(onPropagate, 'options.onPropagate');
     }
 
     this.kResourceStore = Symbol('kResourceStore');

diff --git a/lib/internal/vm/module.js b/lib/internal/vm/module.js
@@ -20,7 +20,6 @@ const {
 const { isContext } = internalBinding('contextify');
 const {
   isModuleNamespaceObject,
-  isArrayBufferView,
 } = require('internal/util/types');
 const {
   customInspectSymbol,
@@ -40,6 +39,7 @@ const {
 } = require('internal/errors').codes;
 const {
   validateBoolean,
+  validateBuffer,
   validateFunction,
   validateInt32,
   validateObject,
@@ -275,25 +275,16 @@ class SourceTextModule extends Module {
     validateInt32(lineOffset, 'options.lineOffset');
     validateInt32(columnOffset, 'options.columnOffset');
 
-    if (initializeImportMeta !== undefined &&
-        typeof initializeImportMeta !== 'function') {
-      throw new ERR_INVALID_ARG_TYPE(
-        'options.initializeImportMeta', 'function', initializeImportMeta);
+    if (initializeImportMeta !== undefined) {
+      validateFunction(initializeImportMeta, 'options.initializeImportMeta');
     }
 
-    if (importModuleDynamically !== undefined &&
-        typeof importModuleDynamically !== 'function') {
-      throw new ERR_INVALID_ARG_TYPE(
-        'options.importModuleDynamically', 'function',
-        importModuleDynamically);
+    if (importModuleDynamically !== undefined) {
+      validateFunction(importModuleDynamically, 'options.importModuleDynamically');
     }
 
-    if (cachedData !== undefined && !isArrayBufferView(cachedData)) {
-      throw new ERR_INVALID_ARG_TYPE(
-        'options.cachedData',
-        ['Buffer', 'TypedArray', 'DataView'],
-        cachedData
-      );
+    if (cachedData !== undefined) {
+      validateBuffer(cachedData, 'options.cachedData');
     }
 
     super({

diff --git a/src/api/environment.cc b/src/api/environment.cc
@@ -424,6 +424,9 @@ void FreeEnvironment(Environment* env) {
     Context::Scope context_scope(env->context());
     SealHandleScope seal_handle_scope(isolate);
 
+    // Set the flag in accordance with the DisallowJavascriptExecutionScope
+    // above.
+    env->set_can_call_into_js(false);
     env->set_stopping(true);
     env->stop_sub_worker_contexts();
     env->RunCleanup();

diff --git a/src/crypto/crypto_cipher.cc b/src/crypto/crypto_cipher.cc
@@ -901,6 +901,14 @@ bool CipherBase::Final(std::unique_ptr<BackingStore>* out) {
   if (kind_ == kDecipher && IsSupportedAuthenticatedMode(ctx_.get()))
     MaybePassAuthTagToOpenSSL();
 
+  // OpenSSL v1.x doesn't verify the presence of the auth tag so do
+  // it ourselves, see https://github.com/nodejs/node/issues/45874.
+  if (OPENSSL_VERSION_NUMBER < 0x30000000L && kind_ == kDecipher &&
+      NID_chacha20_poly1305 == EVP_CIPHER_CTX_nid(ctx_.get()) &&
+      auth_tag_state_ != kAuthTagPassedToOpenSSL) {
+    return false;
+  }
+
   // In CCM mode, final() only checks whether authentication failed in update().
   // EVP_CipherFinal_ex must not be called and will fail.
   bool ok;