v11.6.0 proposal

.eslintrc.js

@@ -60,9 +60,9 @@ module.exports = {
     'brace-style': ['error', '1tbs', { allowSingleLine: true }],
     'capitalized-comments': ['error', 'always', {
       line: {
-        // Ignore all lines that have less characters than 62 and all lines that
+        // Ignore all lines that have less characters than 50 and all lines that
         // start with something that looks like a variable name or code.
-        ignorePattern: '^.{0,62}$|^ [a-z]+ ?[0-9A-Z_.(/=:-]',
+        ignorePattern: '^.{0,50}$|^ [a-z]+ ?[0-9A-Z_.(/=:[#-]',
         ignoreInlineComments: true,
         ignoreConsecutiveComments: true
       },
@@ -235,6 +235,7 @@ module.exports = {
     }],
     'no-useless-call': 'error',
     'no-useless-concat': 'error',
+    'no-useless-constructor': 'error',
     'no-useless-escape': 'error',
     'no-useless-return': 'error',
     'no-void': 'error',

CHANGELOG.md

@@ -28,7 +28,8 @@ release.
 </tr>
 <tr>
     <td valign="top">
-<b><a href="doc/changelogs/CHANGELOG_V11.md#11.5.0">11.5.0</a></b><br/>
+<b><a href="doc/changelogs/CHANGELOG_V11.md#11.6.0">11.6.0</a></b><br/>
+<a href="doc/changelogs/CHANGELOG_V11.md#11.5.0">11.5.0</a><br/>
 <a href="doc/changelogs/CHANGELOG_V11.md#11.4.0">11.4.0</a><br/>
 <a href="doc/changelogs/CHANGELOG_V11.md#11.3.0">11.3.0</a><br/>
 <a href="doc/changelogs/CHANGELOG_V11.md#11.2.0">11.2.0</a><br/>

COLLABORATOR_GUIDE.md

@@ -242,8 +242,8 @@ For undocumented APIs that are public, open a pull request documenting the API.
 
 ### Breaking Changes
 
-Backwards-incompatible changes may land on the master branch at any time after
-sufficient review by Collaborators and approval of at least two TSC members.
+At least two TSC members must approve backward-incompatible changes to the
+master branch.
 
 Examples of breaking changes include:
 
@@ -254,38 +254,16 @@ Examples of breaking changes include:
 * altering expected timing of an event
 * changing the side effects of using a particular API
 
-Purely additive changes (e.g. adding new events to `EventEmitter`
-implementations, adding new arguments to a method in a way that allows
-existing code to continue working without modification, or adding new
-properties to an options argument) are semver-minor changes.
-
 #### Breaking Changes and Deprecations
 
-With a few exceptions outlined below, when backward-incompatible changes to a
-*Public* API are necessary, the existing API *must* be deprecated *first* and
-the new API either introduced in parallel or added after the next major Node.js
-version following the deprecation as a replacement for the deprecated API. In
-other words, as a general rule, existing *Public* APIs *must not* change (in a
-backward-incompatible way) without a deprecation.
-
-Exceptions to this rule may be made in the following cases:
+Existing stable public APIs that change in a backward-incompatible way must
+undergo deprecation. The exceptions to this rule are:
 
-* Adding or removing errors thrown or reported by a Public API;
+* Adding or removing errors thrown or reported by a public API;
 * Changing error messages for errors without error code;
-* Altering the timing and non-internal side effects of the Public API.
-
-Such changes *must* be handled as semver-major changes but MAY be landed
-without a [Deprecation cycle](#deprecation-cycle).
-
-Note that errors thrown, along with behaviors and APIs implemented by
-dependencies of Node.js (e.g. those originating from V8) are generally not
-under the control of Node.js and therefore *are not directly subject to this
-policy*. However, care should still be taken when landing updates to
-dependencies when it is known or expected that breaking changes to error
-handling may have been made. Additional CI testing may be required.
-
-From time-to-time, in particularly exceptional cases, the TSC may be asked to
-consider and approve additional exceptions to this rule.
+* Altering the timing and non-internal side effects of the public API;
+* Changes to errors thrown by dependencies of Node.js, such as V8;
+* One-time exceptions granted by the TSC.
 
 For more information, see [Deprecations](#deprecations).
 

Makefile

@@ -344,7 +344,7 @@ test/addons/.docbuildstamp: $(DOCBUILDSTAMP_PREREQS) tools/doc/node_modules
 		$(RM) -r test/addons/??_*/; \
 		[ -x $(NODE) ] && $(NODE) $< || node $< ; \
 		touch $@; \
-  fi
+	fi
 
 ADDONS_BINDING_GYPS := \
 	$(filter-out test/addons/??_*/binding.gyp, \
@@ -661,7 +661,7 @@ tools/doc/node_modules: tools/doc/package.json
 		echo "Skipping tools/doc/node_modules (no crypto)"; \
 	else \
 		cd tools/doc && $(call available-node,$(run-npm-ci)) \
-  fi
+	fi
 
 .PHONY: doc-only
 doc-only: tools/doc/node_modules \
@@ -692,16 +692,16 @@ out/doc/api/assets/%: doc/api_assets/% out/doc/api/assets
 
 run-npm-ci = $(PWD)/$(NPM) ci
 
+LINK_DATA = out/doc/apilinks.json
 gen-api = tools/doc/generate.js --node-version=$(FULLVERSION) \
-		--apilinks=out/apilinks.json $< --output-directory=out/doc/api
-gen-apilink = tools/doc/apilinks.js $(wildcard lib/*.js) > $@
+		--apilinks=$(LINK_DATA) $< --output-directory=out/doc/api
+gen-apilink = tools/doc/apilinks.js $(LINK_DATA) $(wildcard lib/*.js)
 
-out/apilinks.json: $(wildcard lib/*.js) tools/doc/apilinks.js
+$(LINK_DATA): $(wildcard lib/*.js) tools/doc/apilinks.js
 	$(call available-node, $(gen-apilink))
 
 out/doc/api/%.json out/doc/api/%.html: doc/api/%.md tools/doc/generate.js \
-	tools/doc/html.js tools/doc/json.js tools/doc/apilinks.js | \
-	out/apilinks.json
+	tools/doc/html.js tools/doc/json.js tools/doc/apilinks.js | $(LINK_DATA)
 	$(call available-node, $(gen-api))
 
 out/doc/api/all.html: $(apidocs_html) tools/doc/allhtml.js \
@@ -1159,7 +1159,7 @@ lint-md: | tools/.mdlintstamp
 LINT_JS_TARGETS = .eslintrc.js benchmark doc lib test tools
 
 run-lint-js = tools/node_modules/eslint/bin/eslint.js --cache \
-	--ext=.js,.mjs,.md $(LINT_JS_TARGETS)
+	--report-unused-disable-directives --ext=.js,.mjs,.md $(LINT_JS_TARGETS)
 run-lint-js-fix = $(run-lint-js) --fix
 
 .PHONY: lint-js-fix

benchmark/_benchmark_progress.js

@@ -40,7 +40,7 @@ class BenchmarkProgress {
     this.completedConfig = 0;
     // Total number of configurations for the current file
     this.scheduledConfig = 0;
-    this.interval = 0;  // result of setInterval for updating the elapsed time
+    this.interval;  // Updates the elapsed time.
   }
 
   startQueue(index) {

benchmark/napi/function_args/index.js

@@ -1,4 +1,4 @@
-// show the difference between calling a V8 binding C++ function
+// Show the difference between calling a V8 binding C++ function
 // relative to a comparable N-API C++ function,
 // in various types/numbers of arguments.
 // Reports n of calls per second.

benchmark/napi/function_call/index.js

@@ -1,4 +1,4 @@
-// show the difference between calling a short js function
+// Show the difference between calling a short js function
 // relative to a comparable C++ function.
 // Reports n of calls per second.
 // Note that JS speed goes up, while cxx speed stays about the same.

benchmark/net/net-pipe.js

@@ -48,7 +48,7 @@ function main({ dur, len, type }) {
       socket.pipe(writer);
 
       setTimeout(function() {
-        // multiply by 2 since we're sending it first one way
+        // Multiply by 2 since we're sending it first one way
         // then then back again.
         const bytes = writer.received * 2;
         const gbits = (bytes * 8) / (1024 * 1024 * 1024);

benchmark/net/tcp-raw-c2s.js

@@ -47,12 +47,12 @@ function main({ dur, len, type }) {
     }, dur * 1000);
 
     clientHandle.onread = function(buffer) {
-      // we're not expecting to ever get an EOF from the client.
-      // just lots of data forever.
+      // We're not expecting to ever get an EOF from the client.
+      // Just lots of data forever.
       if (!buffer)
         fail('read');
 
-      // don't slice the buffer.  the point of this is to isolate, not
+      // Don't slice the buffer. The point of this is to isolate, not
       // simulate real traffic.
       bytes += buffer.byteLength;
     };

benchmark/net/tcp-raw-pipe.js

@@ -44,8 +44,8 @@ function main({ dur, len, type }) {
       fail(err, 'connect');
 
     clientHandle.onread = function(buffer) {
-      // we're not expecting to ever get an EOF from the client.
-      // just lots of data forever.
+      // We're not expecting to ever get an EOF from the client.
+      // Just lots of data forever.
       if (!buffer)
         fail('read');
 
@@ -105,7 +105,7 @@ function main({ dur, len, type }) {
     clientHandle.readStart();
 
     setTimeout(function() {
-      // multiply by 2 since we're sending it first one way
+      // Multiply by 2 since we're sending it first one way
       // then then back again.
       bench.end(2 * (bytes * 8) / (1024 * 1024 * 1024));
       process.exit(0);

benchmark/net/tcp-raw-s2c.js

@@ -110,12 +110,12 @@ function main({ dur, len, type }) {
     connectReq.oncomplete = function() {
       var bytes = 0;
       clientHandle.onread = function(buffer) {
-        // we're not expecting to ever get an EOF from the client.
-        // just lots of data forever.
+        // We're not expecting to ever get an EOF from the client.
+        // Just lots of data forever.
         if (!buffer)
           fail('read');
 
-        // don't slice the buffer.  the point of this is to isolate, not
+        // Don't slice the buffer. The point of this is to isolate, not
         // simulate real traffic.
         bytes += buffer.byteLength;
       };

benchmark/tls/tls-connect.js

@@ -59,7 +59,7 @@ function makeConnection() {
 
 function done() {
   running = false;
-  // it's only an established connection if they both saw it.
+  // It's only an established connection if they both saw it.
   // because we destroy the server somewhat abruptly, these
   // don't always match.  Generally, serverConn will be
   // the smaller number, but take the min just to be sure.

deps/http_parser/http_parser.c

@@ -25,6 +25,8 @@
 #include <string.h>
 #include <limits.h>
 
+static uint32_t max_header_size = HTTP_MAX_HEADER_SIZE;
+
 #ifndef ULLONG_MAX
 # define ULLONG_MAX ((uint64_t) -1) /* 2^64-1 */
 #endif
@@ -137,20 +139,20 @@ do {                                                                 \
 } while (0)
 
 /* Don't allow the total size of the HTTP headers (including the status
- * line) to exceed HTTP_MAX_HEADER_SIZE.  This check is here to protect
+ * line) to exceed max_header_size.  This check is here to protect
  * embedders against denial-of-service attacks where the attacker feeds
  * us a never-ending header that the embedder keeps buffering.
  *
  * This check is arguably the responsibility of embedders but we're doing
  * it on the embedder's behalf because most won't bother and this way we
- * make the web a little safer.  HTTP_MAX_HEADER_SIZE is still far bigger
+ * make the web a little safer.  max_header_size is still far bigger
  * than any reasonable request or response so this should never affect
  * day-to-day operation.
  */
 #define COUNT_HEADER_SIZE(V)                                         \
 do {                                                                 \
   parser->nread += (V);                                              \
-  if (UNLIKELY(parser->nread > (HTTP_MAX_HEADER_SIZE))) {            \
+  if (UNLIKELY(parser->nread > max_header_size)) {                   \
     SET_ERRNO(HPE_HEADER_OVERFLOW);                                  \
     goto error;                                                      \
   }                                                                  \
@@ -1471,7 +1473,7 @@ size_t http_parser_execute (http_parser *parser,
               const char* p_lf;
               size_t limit = data + len - p;
 
-              limit = MIN(limit, HTTP_MAX_HEADER_SIZE);
+              limit = MIN(limit, max_header_size);
 
               p_cr = (const char*) memchr(p, CR, limit);
               p_lf = (const char*) memchr(p, LF, limit);
@@ -2437,3 +2439,8 @@ http_parser_version(void) {
          HTTP_PARSER_VERSION_MINOR * 0x00100 |
          HTTP_PARSER_VERSION_PATCH * 0x00001;
 }
+
+void
+http_parser_set_max_header_size(uint32_t size) {
+  max_header_size = size;
+}

deps/http_parser/http_parser.h

@@ -427,6 +427,9 @@ void http_parser_pause(http_parser *parser, int paused);
 /* Checks if this is the final chunk of the body. */
 int http_body_is_final(const http_parser *parser);
 
+/* Change the maximum header size provided at compile time. */
+void http_parser_set_max_header_size(uint32_t size);
+
 #ifdef __cplusplus
 }
 #endif

deps/npm/.licensee.json

@@ -0,0 +1,9 @@
+{
+  "license": "(MIT OR BSD-2-Clause OR BSD-3-Clause OR Apache-2.0 OR ISC OR Unlicense OR CC-BY-3.0 OR CC0-1.0 OR Artistic-2.0)",
+  "whitelist": {
+    "config-chain": "1.1.12",
+    "cyclist": "0.2.2",
+    "json-schema": "0.2.3",
+    "qrcode-terminal": "0.12.0"
+  }
+}

deps/npm/.travis.yml

@@ -33,3 +33,4 @@ install:
   - "node . install"
 script:
   - "node . run tap -- \"test/tap/*.js\" \"test/broken-under-nyc/*.js\""
+  - "node . run licenses"

deps/npm/AUTHORS

@@ -601,3 +601,14 @@ SneakyFish5 <32284796+SneakyFish5@users.noreply.github.com>
 Nikki Everett <neverett@users.noreply.github.com>
 Erik Price <github@erikprice.net>
 Lars Willighagen <lars.willighagen@gmail.com>
+Kevin Gibbons <bakkot@gmail.com>
+Maarten Balliauw <maarten@balliauw.be>
+Mehdy Dara <mdara@eleven-labs.com>
+Robert Kielty <rob.kielty@gmail.com>
+Scott Trinh <scottyparade@gmail.com>
+Hugo <hugovk@users.noreply.github.com>
+Jacob <jakeincanada@icloud.com>
+Joe Bottigliero <joe@bottigliero.com>
+Nikolai Vavilov <vvnicholas@gmail.com>
+Kelvin Jin <kelvinjin@google.com>
+乱序 <midare@utakana.de>