child_process: improve argument validation #41305
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Trott
added
the
semver-major
nodejs-github-bot
added
child_process
This comment has been minimized.
This comment has been minimized.
github-actions
bot
removed
the
request-ci
This comment has been minimized.
This comment has been minimized.
Trott
force-pushed
the
child-proc-args-maj
branch
from
59a9252
to
64b0467
Compare
aduh95
reviewed
Dec 24, 2021
There was a problem hiding this comment.
We could simplify things further by letting args be nullish – line 382 would need to changed to if (args?.length).
We could also get rid of all the throw away arrays in execFile, which would allow us to take a faster path in normalizeSpawnArguments:
Lines 508 to 511 in 406e6d8
aduh95
reviewed
Dec 24, 2021
This comment has been minimized.
This comment has been minimized.
Trott
force-pushed
the
child-proc-args-maj
branch
from
64b0467
to
53a4deb
Compare
github-actions
bot
removed
the
request-ci
This comment has been minimized.
This comment has been minimized.
mscdex
changed the title
Trott
force-pushed
the
child-proc-args-maj
branch
from
53a4deb
to
957c2e7
Compare
github-actions
bot
removed
the
request-ci
Trott
force-pushed
the
child-proc-args-maj
branch
from
957c2e7
to
0cdb1ce
Compare
jasnell
approved these changes
Dec 24, 2021
|
@aduh95 The rebase against master seems to have messed up a lot of your suggestions in the GitHub interface. Want to take another look and sort out which ones still matter and which ones are resolved? |
19 tasks
Never mind. I think I see how they all work against the updated code. |
Trott
force-pushed
the
child-proc-args-maj
branch
2 times, most recently
from
8557b8b
to
55ad9b1
Compare
Trott
commented
Dec 25, 2021
aduh95
reviewed
Dec 25, 2021
This was referenced Dec 28, 2021
I don't think the |
Trott
added
author ready
27 tasks
For execFile() and fork(), use INVALID_ARG_TYPE as appropriate instead of INVALID_ARG_VALUE. Use validator functions where sensible. PR-URL: nodejs#41305 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Minwoo Jung <nodecorelab@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Trott
force-pushed
the
child-proc-args-maj
branch
from
e7b130a
to
26c973d
Compare
|
Landed in 26c973d |
This was referenced Dec 31, 2021
Linkgoron
pushed a commit
to Linkgoron/node
that referenced
this pull request
Jan 31, 2022
For execFile() and fork(), use INVALID_ARG_TYPE as appropriate instead of INVALID_ARG_VALUE. Use validator functions where sensible. PR-URL: nodejs#41305 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Minwoo Jung <nodecorelab@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
BethGriggs
added a commit
that referenced
this pull request
Apr 18, 2022
Notable Changes: Deprecations and Removals: - (SEMVER-MAJOR) fs: runtime deprecate string coercion in `fs.write`, `fs.writeFileSync` (Livia Medeiros) (#42607) - (SEMVER-MAJOR) dns: remove `dns.lookup` and `dnsPromises.lookup` options type coercion (Antoine du Hamel) (#41431) - (SEMVER-MAJOR) process: runtime deprecate multipleResolves (Benjamin Gruenbaum) (#41896) - (SEMVER-MAJOR) stream: remove thenable support (Robert Nagy) (#40773) - (SEMVER-MAJOR) tls: move tls.parseCertString to end-of-life (Tobias Nießen) (#41479) fetch (experimental): An experimental fetch API is available on the global scope by default. The implementation is based upon https://undici.nodejs.org/#/, an HTTP/1.1 client written for Node.js by contributors to the project. Through this addition, the following globals are made available: `fetch` , `FormData`, `Headers`, `Request`, `Response`. Disable this API with the `--no-experimental-fetch` command-line flag. Contributed by Michaël Zasso in #41811. HTTP Timeouts: `server.headersTimeout`, which limits the amount of time the parser will wait to receive the complete HTTP headers, is now set to `60000` (60 seconds) by default. `server.requestTimeout`, which sets the timeout value in milliseconds for receiving the entire request from the client, is now set to `300000` (5 minutes) by default. If these timeouts expire, the server responds with status 408 without forwarding the request to the request listener and then closes the connection. Both timeouts must be set to a non-zero value to protect against potential Denial-of-Service attacks in case the server is deployed without a reverse proxy in front. Contributed by Paolo Insogna in #41263. Test Runner module (experimental): The `node:test` module facilitates the creation of JavaScript tests that report results in TAP format. This module is only available under the `node:` scheme. Contributed by Colin Ihrig in #42325. Toolchain and Compiler Upgrades: - Prebuilt binaries for Linux are now built on Red Hat Enterprise Linux (RHEL) 8 and are compatible with Linux distributions based on glibc 2.28 or later, for example, Debian 10, RHEL 8, Ubuntu 20.04. - Prebuilt binaries for macOS now require macOS 10.15 or later. - For AIX the minimum supported architecture has been raised from Power 7 to Power 8. Prebuilt binaries for 32-bit Windows will initially not be available due to issues building the V8 dependency in Node.js. We hope to restore 32-bit Windows binaries for Node.js 18 with a future V8 update. Node.js does not support running on operating systems that are no longer supported by their vendor. For operating systems where their vendor has planned to end support earlier than April 2025, such as Windows 8.1 (January 2023) and Windows Server 2012 R2 (October 2023), support for Node.js 18 will end at the earlier date. Full details about the supported toolchains and compilers are documented in the Node.js `BUILDING.md` file. Contributed by Richard Lau in #42292, #42604 and #42659 , and Michaël Zasso in #42105 and #42666. V8 10.1: The V8 engine is updated to version 10.1, which is part of Chromium 101. Compared to the version included in Node.js 17.9.0, the following new features are included: - The `findLast` and `findLastIndex` array methods. - Improvements to the `Intl.Locale` API. - The `Intl.supportedValuesOf` function. - Improved performance of class fields and private class methods (the initialization of them is now as fast as ordinary property stores). The data format returned by the serialization API (`v8.serialize(value)`) has changed, and cannot be deserialized by earlier versions of Node.js. On the other hand, it is still possible to deserialize the previous format, as the API is backwards-compatible. Contributed by Michaël Zasso in #42657. Web Streams API (experimental): Node.js now exposes the experimental implementation of the Web Streams API on the global scope. This means the following APIs are now globally available: - `ReadableStream`, `ReadableStreamDefaultReader`, `ReadableStreamBYOBReader`, `ReadableStreamBYOBRequest`, `ReadableByteStreamController`, `ReadableStreamDefaultController`, `TransformStream`, `TransformStreamDefaultController`, `WritableStream`, `WritableStreamDefaultWriter`, `WritableStreamDefaultController`, `ByteLengthQueuingStrategy`, `CountQueuingStrategy`, `TextEncoderStream`, `TextDecoderStream`, `CompressionStream`, `DecompressionStream`. Contributed James Snell in #39062, and Antoine du Hamel in #42225. Other Notable Changes: - (SEMVER-MAJOR) buffer: expose Blob as a global (James M Snell) (#41270) - (SEMVER-MAJOR) child\_process: improve argument validation (Rich Trott) (#41305) - doc: add RafaelGSS to collaborators (RafaelGSS) (#42718) - (SEMVER-MAJOR) http: make TCP noDelay enabled by default (Paolo Insogna) (#42163) - (SEMVER-MAJOR) net: make `server.address()` return an integer for `family` (Antoine du Hamel) (#41431) - (SEMVER-MAJOR) worker: expose BroadcastChannel as a global (James M Snell) (#41271) - (SEMVER-MAJOR) worker: graduate BroadcastChannel to supported (James M Snell) (#41271) Semver-Major Commits: - (SEMVER-MAJOR) assert,util: compare RegExp.lastIndex while using deep equal checks (Ruben Bridgewater) (#41020) - (SEMVER-MAJOR) buffer: refactor `byteLength` to remove outdated optimizations (Rongjian Zhang) (#38545) - (SEMVER-MAJOR) buffer: expose Blob as a global (James M Snell) (#41270) - (SEMVER-MAJOR) buffer: graduate Blob from experimental (James M Snell) (#41270) - (SEMVER-MAJOR) build: make x86 Windows support temporarily experimental (Michaël Zasso) (#42666) - (SEMVER-MAJOR) build: bump macOS deployment target to 10.15 (Richard Lau) (#42292) - (SEMVER-MAJOR) build: downgrade Windows 8.1 and server 2012 R2 to experimental (Michaël Zasso) (#42105) - (SEMVER-MAJOR) child\_process: improve argument validation (Rich Trott) (#41305) - (SEMVER-MAJOR) cluster: make `kill` to be just `process.kill` (Bar Admoni) (#34312) - (SEMVER-MAJOR) crypto: cleanup validation (Mohammed Keyvanzadeh) (#39841) - (SEMVER-MAJOR) crypto: prettify othername in PrintGeneralName (Tobias Nießen) (#42123) - (SEMVER-MAJOR) crypto: fix X509Certificate toLegacyObject (Tobias Nießen) (#42124) - (SEMVER-MAJOR) crypto: use RFC2253 format in PrintGeneralName (Tobias Nießen) (#42002) - (SEMVER-MAJOR) crypto: change default check(Host|Email) behavior (Tobias Nießen) (#41600) - (SEMVER-MAJOR) deps: V8: cherry-pick semver-major commits from 10.2 (Michaël Zasso) (#42657) - (SEMVER-MAJOR) deps: update V8 to 10.1.124.6 (Michaël Zasso) (#42657) - (SEMVER-MAJOR) deps: update V8 to 9.8.177.9 (Michaël Zasso) (#41610) - (SEMVER-MAJOR) deps: update V8 to 9.7.106.18 (Michaël Zasso) (#40907) - (SEMVER-MAJOR) dns: remove `dns.lookup` and `dnsPromises.lookup` options type coercion (Antoine du Hamel) (#41431) - (SEMVER-MAJOR) doc: update minimum glibc requirements for Linux (Richard Lau) (#42659) - (SEMVER-MAJOR) doc: update AIX minimum supported arch (Richard Lau) (#42604) - (SEMVER-MAJOR) fs: runtime deprecate string coercion in `fs.write`, `fs.writeFileSync` (Livia Medeiros) (#42607) - (SEMVER-MAJOR) http: refactor headersTimeout and requestTimeout logic (Paolo Insogna) (#41263) - (SEMVER-MAJOR) http: make TCP noDelay enabled by default (Paolo Insogna) (#42163) - (SEMVER-MAJOR) lib: enable fetch by default (Michaël Zasso) (#41811) - (SEMVER-MAJOR) lib: replace validator and error (Mohammed Keyvanzadeh) (#41678) - (SEMVER-MAJOR) module,repl: support 'node:'-only core modules (Colin Ihrig) (#42325) - (SEMVER-MAJOR) net: make `server.address()` return an integer for `family` (Antoine du Hamel) (#41431) - (SEMVER-MAJOR) process: disallow some uses of Object.defineProperty() on process.env (Himself65) (#28006) - (SEMVER-MAJOR) process: runtime deprecate multipleResolves (Benjamin Gruenbaum) (#41896) - (SEMVER-MAJOR) readline: fix question still called after closed (Xuguang Mei) (#42464) - (SEMVER-MAJOR) stream: remove thenable support (Robert Nagy) (#40773) - (SEMVER-MAJOR) stream: expose web streams globals, remove runtime experimental warning (Antoine du Hamel) (#42225) - (SEMVER-MAJOR) stream: need to cleanup event listeners if last stream is readable (Xuguang Mei) (#41954) - (SEMVER-MAJOR) stream: revert revert `map` spec compliance (Benjamin Gruenbaum) (#41933) - (SEMVER-MAJOR) stream: throw invalid arg type from End Of Stream (Jithil P Ponnan) (#41766) - (SEMVER-MAJOR) stream: don't emit finish after destroy (Robert Nagy) (#40852) - (SEMVER-MAJOR) stream: add errored and closed props (Robert Nagy) (#40696) - (SEMVER-MAJOR) test: add initial test module (Colin Ihrig) (#42325) - (SEMVER-MAJOR) timers: refactor internal classes to ES2015 syntax (Rabbit) (#37408) - (SEMVER-MAJOR) tls: represent registeredID numerically always (Tobias Nießen) (#41561) - (SEMVER-MAJOR) tls: move tls.parseCertString to end-of-life (Tobias Nießen) (#41479) - (SEMVER-MAJOR) url: throw on NULL in IPv6 hostname (Rich Trott) (#42313) - (SEMVER-MAJOR) v8: make v8.writeHeapSnapshot() error codes consistent (Darshan Sen) (#42577) - (SEMVER-MAJOR) v8: make writeHeapSnapshot throw if fopen fails (Antonio Román) (#41373) - (SEMVER-MAJOR) worker: expose BroadcastChannel as a global (James M Snell) (#41271) - (SEMVER-MAJOR) worker: graduate BroadcastChannel to supported (James M Snell) (#41271) PR-URL: #42262
BethGriggs
added a commit
that referenced
this pull request
Apr 19, 2022
Notable Changes: Deprecations and Removals: - (SEMVER-MAJOR) fs: runtime deprecate string coercion in `fs.write`, `fs.writeFileSync` (Livia Medeiros) (#42607) - (SEMVER-MAJOR) dns: remove `dns.lookup` and `dnsPromises.lookup` options type coercion (Antoine du Hamel) (#41431) - (SEMVER-MAJOR) process: runtime deprecate multipleResolves (Benjamin Gruenbaum) (#41896) - (SEMVER-MAJOR) stream: remove thenable support (Robert Nagy) (#40773) - (SEMVER-MAJOR) tls: move tls.parseCertString to end-of-life (Tobias Nießen) (#41479) fetch (experimental): An experimental fetch API is available on the global scope by default. The implementation is based upon https://undici.nodejs.org/#/, an HTTP/1.1 client written for Node.js by contributors to the project. Through this addition, the following globals are made available: `fetch` , `FormData`, `Headers`, `Request`, `Response`. Disable this API with the `--no-experimental-fetch` command-line flag. Contributed by Michaël Zasso in #41811. HTTP Timeouts: `server.headersTimeout`, which limits the amount of time the parser will wait to receive the complete HTTP headers, is now set to `60000` (60 seconds) by default. `server.requestTimeout`, which sets the timeout value in milliseconds for receiving the entire request from the client, is now set to `300000` (5 minutes) by default. If these timeouts expire, the server responds with status 408 without forwarding the request to the request listener and then closes the connection. Both timeouts must be set to a non-zero value to protect against potential Denial-of-Service attacks in case the server is deployed without a reverse proxy in front. Contributed by Paolo Insogna in #41263. Test Runner module (experimental): The `node:test` module facilitates the creation of JavaScript tests that report results in TAP format. This module is only available under the `node:` scheme. Contributed by Colin Ihrig in #42325. Toolchain and Compiler Upgrades: - Prebuilt binaries for Linux are now built on Red Hat Enterprise Linux (RHEL) 8 and are compatible with Linux distributions based on glibc 2.28 or later, for example, Debian 10, RHEL 8, Ubuntu 20.04. - Prebuilt binaries for macOS now require macOS 10.15 or later. - For AIX the minimum supported architecture has been raised from Power 7 to Power 8. Prebuilt binaries for 32-bit Windows will initially not be available due to issues building the V8 dependency in Node.js. We hope to restore 32-bit Windows binaries for Node.js 18 with a future V8 update. Node.js does not support running on operating systems that are no longer supported by their vendor. For operating systems where their vendor has planned to end support earlier than April 2025, such as Windows 8.1 (January 2023) and Windows Server 2012 R2 (October 2023), support for Node.js 18 will end at the earlier date. Full details about the supported toolchains and compilers are documented in the Node.js `BUILDING.md` file. Contributed by Richard Lau in #42292, #42604 and #42659 , and Michaël Zasso in #42105 and #42666. V8 10.1: The V8 engine is updated to version 10.1, which is part of Chromium 101. Compared to the version included in Node.js 17.9.0, the following new features are included: - The `findLast` and `findLastIndex` array methods. - Improvements to the `Intl.Locale` API. - The `Intl.supportedValuesOf` function. - Improved performance of class fields and private class methods (the initialization of them is now as fast as ordinary property stores). The data format returned by the serialization API (`v8.serialize(value)`) has changed, and cannot be deserialized by earlier versions of Node.js. On the other hand, it is still possible to deserialize the previous format, as the API is backwards-compatible. Contributed by Michaël Zasso in #42657. Web Streams API (experimental): Node.js now exposes the experimental implementation of the Web Streams API on the global scope. This means the following APIs are now globally available: - `ReadableStream`, `ReadableStreamDefaultReader`, `ReadableStreamBYOBReader`, `ReadableStreamBYOBRequest`, `ReadableByteStreamController`, `ReadableStreamDefaultController`, `TransformStream`, `TransformStreamDefaultController`, `WritableStream`, `WritableStreamDefaultWriter`, `WritableStreamDefaultController`, `ByteLengthQueuingStrategy`, `CountQueuingStrategy`, `TextEncoderStream`, `TextDecoderStream`, `CompressionStream`, `DecompressionStream`. Contributed James Snell in #39062, and Antoine du Hamel in #42225. Other Notable Changes: - (SEMVER-MAJOR) buffer: expose Blob as a global (James M Snell) (#41270) - (SEMVER-MAJOR) child\_process: improve argument validation (Rich Trott) (#41305) - doc: add RafaelGSS to collaborators (RafaelGSS) (#42718) - (SEMVER-MAJOR) http: make TCP noDelay enabled by default (Paolo Insogna) (#42163) - (SEMVER-MAJOR) net: make `server.address()` return an integer for `family` (Antoine du Hamel) (#41431) - (SEMVER-MAJOR) worker: expose BroadcastChannel as a global (James M Snell) (#41271) - (SEMVER-MAJOR) worker: graduate BroadcastChannel to supported (James M Snell) (#41271) Semver-Major Commits: - (SEMVER-MAJOR) assert,util: compare RegExp.lastIndex while using deep equal checks (Ruben Bridgewater) (#41020) - (SEMVER-MAJOR) buffer: refactor `byteLength` to remove outdated optimizations (Rongjian Zhang) (#38545) - (SEMVER-MAJOR) buffer: expose Blob as a global (James M Snell) (#41270) - (SEMVER-MAJOR) buffer: graduate Blob from experimental (James M Snell) (#41270) - (SEMVER-MAJOR) build: make x86 Windows support temporarily experimental (Michaël Zasso) (#42666) - (SEMVER-MAJOR) build: bump macOS deployment target to 10.15 (Richard Lau) (#42292) - (SEMVER-MAJOR) build: downgrade Windows 8.1 and server 2012 R2 to experimental (Michaël Zasso) (#42105) - (SEMVER-MAJOR) child\_process: improve argument validation (Rich Trott) (#41305) - (SEMVER-MAJOR) cluster: make `kill` to be just `process.kill` (Bar Admoni) (#34312) - (SEMVER-MAJOR) crypto: cleanup validation (Mohammed Keyvanzadeh) (#39841) - (SEMVER-MAJOR) crypto: prettify othername in PrintGeneralName (Tobias Nießen) (#42123) - (SEMVER-MAJOR) crypto: fix X509Certificate toLegacyObject (Tobias Nießen) (#42124) - (SEMVER-MAJOR) crypto: use RFC2253 format in PrintGeneralName (Tobias Nießen) (#42002) - (SEMVER-MAJOR) crypto: change default check(Host|Email) behavior (Tobias Nießen) (#41600) - (SEMVER-MAJOR) deps: V8: cherry-pick semver-major commits from 10.2 (Michaël Zasso) (#42657) - (SEMVER-MAJOR) deps: update V8 to 10.1.124.6 (Michaël Zasso) (#42657) - (SEMVER-MAJOR) deps: update V8 to 9.8.177.9 (Michaël Zasso) (#41610) - (SEMVER-MAJOR) deps: update V8 to 9.7.106.18 (Michaël Zasso) (#40907) - (SEMVER-MAJOR) dns: remove `dns.lookup` and `dnsPromises.lookup` options type coercion (Antoine du Hamel) (#41431) - (SEMVER-MAJOR) doc: update minimum glibc requirements for Linux (Richard Lau) (#42659) - (SEMVER-MAJOR) doc: update AIX minimum supported arch (Richard Lau) (#42604) - (SEMVER-MAJOR) fs: runtime deprecate string coercion in `fs.write`, `fs.writeFileSync` (Livia Medeiros) (#42607) - (SEMVER-MAJOR) http: refactor headersTimeout and requestTimeout logic (Paolo Insogna) (#41263) - (SEMVER-MAJOR) http: make TCP noDelay enabled by default (Paolo Insogna) (#42163) - (SEMVER-MAJOR) lib: enable fetch by default (Michaël Zasso) (#41811) - (SEMVER-MAJOR) lib: replace validator and error (Mohammed Keyvanzadeh) (#41678) - (SEMVER-MAJOR) module,repl: support 'node:'-only core modules (Colin Ihrig) (#42325) - (SEMVER-MAJOR) net: make `server.address()` return an integer for `family` (Antoine du Hamel) (#41431) - (SEMVER-MAJOR) process: disallow some uses of Object.defineProperty() on process.env (Himself65) (#28006) - (SEMVER-MAJOR) process: runtime deprecate multipleResolves (Benjamin Gruenbaum) (#41896) - (SEMVER-MAJOR) readline: fix question still called after closed (Xuguang Mei) (#42464) - (SEMVER-MAJOR) stream: remove thenable support (Robert Nagy) (#40773) - (SEMVER-MAJOR) stream: expose web streams globals, remove runtime experimental warning (Antoine du Hamel) (#42225) - (SEMVER-MAJOR) stream: need to cleanup event listeners if last stream is readable (Xuguang Mei) (#41954) - (SEMVER-MAJOR) stream: revert revert `map` spec compliance (Benjamin Gruenbaum) (#41933) - (SEMVER-MAJOR) stream: throw invalid arg type from End Of Stream (Jithil P Ponnan) (#41766) - (SEMVER-MAJOR) stream: don't emit finish after destroy (Robert Nagy) (#40852) - (SEMVER-MAJOR) stream: add errored and closed props (Robert Nagy) (#40696) - (SEMVER-MAJOR) test: add initial test module (Colin Ihrig) (#42325) - (SEMVER-MAJOR) timers: refactor internal classes to ES2015 syntax (Rabbit) (#37408) - (SEMVER-MAJOR) tls: represent registeredID numerically always (Tobias Nießen) (#41561) - (SEMVER-MAJOR) tls: move tls.parseCertString to end-of-life (Tobias Nießen) (#41479) - (SEMVER-MAJOR) url: throw on NULL in IPv6 hostname (Rich Trott) (#42313) - (SEMVER-MAJOR) v8: make v8.writeHeapSnapshot() error codes consistent (Darshan Sen) (#42577) - (SEMVER-MAJOR) v8: make writeHeapSnapshot throw if fopen fails (Antonio Román) (#41373) - (SEMVER-MAJOR) worker: expose BroadcastChannel as a global (James M Snell) (#41271) - (SEMVER-MAJOR) worker: graduate BroadcastChannel to supported (James M Snell) (#41271) PR-URL: #42262
xtx1130
pushed a commit
to xtx1130/node
that referenced
this pull request
Apr 25, 2022
Notable Changes: Deprecations and Removals: - (SEMVER-MAJOR) fs: runtime deprecate string coercion in `fs.write`, `fs.writeFileSync` (Livia Medeiros) (nodejs#42607) - (SEMVER-MAJOR) dns: remove `dns.lookup` and `dnsPromises.lookup` options type coercion (Antoine du Hamel) (nodejs#41431) - (SEMVER-MAJOR) process: runtime deprecate multipleResolves (Benjamin Gruenbaum) (nodejs#41896) - (SEMVER-MAJOR) stream: remove thenable support (Robert Nagy) (nodejs#40773) - (SEMVER-MAJOR) tls: move tls.parseCertString to end-of-life (Tobias Nießen) (nodejs#41479) fetch (experimental): An experimental fetch API is available on the global scope by default. The implementation is based upon https://undici.nodejs.org/#/, an HTTP/1.1 client written for Node.js by contributors to the project. Through this addition, the following globals are made available: `fetch` , `FormData`, `Headers`, `Request`, `Response`. Disable this API with the `--no-experimental-fetch` command-line flag. Contributed by Michaël Zasso in nodejs#41811. HTTP Timeouts: `server.headersTimeout`, which limits the amount of time the parser will wait to receive the complete HTTP headers, is now set to `60000` (60 seconds) by default. `server.requestTimeout`, which sets the timeout value in milliseconds for receiving the entire request from the client, is now set to `300000` (5 minutes) by default. If these timeouts expire, the server responds with status 408 without forwarding the request to the request listener and then closes the connection. Both timeouts must be set to a non-zero value to protect against potential Denial-of-Service attacks in case the server is deployed without a reverse proxy in front. Contributed by Paolo Insogna in nodejs#41263. Test Runner module (experimental): The `node:test` module facilitates the creation of JavaScript tests that report results in TAP format. This module is only available under the `node:` scheme. Contributed by Colin Ihrig in nodejs#42325. Toolchain and Compiler Upgrades: - Prebuilt binaries for Linux are now built on Red Hat Enterprise Linux (RHEL) 8 and are compatible with Linux distributions based on glibc 2.28 or later, for example, Debian 10, RHEL 8, Ubuntu 20.04. - Prebuilt binaries for macOS now require macOS 10.15 or later. - For AIX the minimum supported architecture has been raised from Power 7 to Power 8. Prebuilt binaries for 32-bit Windows will initially not be available due to issues building the V8 dependency in Node.js. We hope to restore 32-bit Windows binaries for Node.js 18 with a future V8 update. Node.js does not support running on operating systems that are no longer supported by their vendor. For operating systems where their vendor has planned to end support earlier than April 2025, such as Windows 8.1 (January 2023) and Windows Server 2012 R2 (October 2023), support for Node.js 18 will end at the earlier date. Full details about the supported toolchains and compilers are documented in the Node.js `BUILDING.md` file. Contributed by Richard Lau in nodejs#42292, nodejs#42604 and nodejs#42659 , and Michaël Zasso in nodejs#42105 and nodejs#42666. V8 10.1: The V8 engine is updated to version 10.1, which is part of Chromium 101. Compared to the version included in Node.js 17.9.0, the following new features are included: - The `findLast` and `findLastIndex` array methods. - Improvements to the `Intl.Locale` API. - The `Intl.supportedValuesOf` function. - Improved performance of class fields and private class methods (the initialization of them is now as fast as ordinary property stores). The data format returned by the serialization API (`v8.serialize(value)`) has changed, and cannot be deserialized by earlier versions of Node.js. On the other hand, it is still possible to deserialize the previous format, as the API is backwards-compatible. Contributed by Michaël Zasso in nodejs#42657. Web Streams API (experimental): Node.js now exposes the experimental implementation of the Web Streams API on the global scope. This means the following APIs are now globally available: - `ReadableStream`, `ReadableStreamDefaultReader`, `ReadableStreamBYOBReader`, `ReadableStreamBYOBRequest`, `ReadableByteStreamController`, `ReadableStreamDefaultController`, `TransformStream`, `TransformStreamDefaultController`, `WritableStream`, `WritableStreamDefaultWriter`, `WritableStreamDefaultController`, `ByteLengthQueuingStrategy`, `CountQueuingStrategy`, `TextEncoderStream`, `TextDecoderStream`, `CompressionStream`, `DecompressionStream`. Contributed James Snell in nodejs#39062, and Antoine du Hamel in nodejs#42225. Other Notable Changes: - (SEMVER-MAJOR) buffer: expose Blob as a global (James M Snell) (nodejs#41270) - (SEMVER-MAJOR) child\_process: improve argument validation (Rich Trott) (nodejs#41305) - doc: add RafaelGSS to collaborators (RafaelGSS) (nodejs#42718) - (SEMVER-MAJOR) http: make TCP noDelay enabled by default (Paolo Insogna) (nodejs#42163) - (SEMVER-MAJOR) net: make `server.address()` return an integer for `family` (Antoine du Hamel) (nodejs#41431) - (SEMVER-MAJOR) worker: expose BroadcastChannel as a global (James M Snell) (nodejs#41271) - (SEMVER-MAJOR) worker: graduate BroadcastChannel to supported (James M Snell) (nodejs#41271) Semver-Major Commits: - (SEMVER-MAJOR) assert,util: compare RegExp.lastIndex while using deep equal checks (Ruben Bridgewater) (nodejs#41020) - (SEMVER-MAJOR) buffer: refactor `byteLength` to remove outdated optimizations (Rongjian Zhang) (nodejs#38545) - (SEMVER-MAJOR) buffer: expose Blob as a global (James M Snell) (nodejs#41270) - (SEMVER-MAJOR) buffer: graduate Blob from experimental (James M Snell) (nodejs#41270) - (SEMVER-MAJOR) build: make x86 Windows support temporarily experimental (Michaël Zasso) (nodejs#42666) - (SEMVER-MAJOR) build: bump macOS deployment target to 10.15 (Richard Lau) (nodejs#42292) - (SEMVER-MAJOR) build: downgrade Windows 8.1 and server 2012 R2 to experimental (Michaël Zasso) (nodejs#42105) - (SEMVER-MAJOR) child\_process: improve argument validation (Rich Trott) (nodejs#41305) - (SEMVER-MAJOR) cluster: make `kill` to be just `process.kill` (Bar Admoni) (nodejs#34312) - (SEMVER-MAJOR) crypto: cleanup validation (Mohammed Keyvanzadeh) (nodejs#39841) - (SEMVER-MAJOR) crypto: prettify othername in PrintGeneralName (Tobias Nießen) (nodejs#42123) - (SEMVER-MAJOR) crypto: fix X509Certificate toLegacyObject (Tobias Nießen) (nodejs#42124) - (SEMVER-MAJOR) crypto: use RFC2253 format in PrintGeneralName (Tobias Nießen) (nodejs#42002) - (SEMVER-MAJOR) crypto: change default check(Host|Email) behavior (Tobias Nießen) (nodejs#41600) - (SEMVER-MAJOR) deps: V8: cherry-pick semver-major commits from 10.2 (Michaël Zasso) (nodejs#42657) - (SEMVER-MAJOR) deps: update V8 to 10.1.124.6 (Michaël Zasso) (nodejs#42657) - (SEMVER-MAJOR) deps: update V8 to 9.8.177.9 (Michaël Zasso) (nodejs#41610) - (SEMVER-MAJOR) deps: update V8 to 9.7.106.18 (Michaël Zasso) (nodejs#40907) - (SEMVER-MAJOR) dns: remove `dns.lookup` and `dnsPromises.lookup` options type coercion (Antoine du Hamel) (nodejs#41431) - (SEMVER-MAJOR) doc: update minimum glibc requirements for Linux (Richard Lau) (nodejs#42659) - (SEMVER-MAJOR) doc: update AIX minimum supported arch (Richard Lau) (nodejs#42604) - (SEMVER-MAJOR) fs: runtime deprecate string coercion in `fs.write`, `fs.writeFileSync` (Livia Medeiros) (nodejs#42607) - (SEMVER-MAJOR) http: refactor headersTimeout and requestTimeout logic (Paolo Insogna) (nodejs#41263) - (SEMVER-MAJOR) http: make TCP noDelay enabled by default (Paolo Insogna) (nodejs#42163) - (SEMVER-MAJOR) lib: enable fetch by default (Michaël Zasso) (nodejs#41811) - (SEMVER-MAJOR) lib: replace validator and error (Mohammed Keyvanzadeh) (nodejs#41678) - (SEMVER-MAJOR) module,repl: support 'node:'-only core modules (Colin Ihrig) (nodejs#42325) - (SEMVER-MAJOR) net: make `server.address()` return an integer for `family` (Antoine du Hamel) (nodejs#41431) - (SEMVER-MAJOR) process: disallow some uses of Object.defineProperty() on process.env (Himself65) (nodejs#28006) - (SEMVER-MAJOR) process: runtime deprecate multipleResolves (Benjamin Gruenbaum) (nodejs#41896) - (SEMVER-MAJOR) readline: fix question still called after closed (Xuguang Mei) (nodejs#42464) - (SEMVER-MAJOR) stream: remove thenable support (Robert Nagy) (nodejs#40773) - (SEMVER-MAJOR) stream: expose web streams globals, remove runtime experimental warning (Antoine du Hamel) (nodejs#42225) - (SEMVER-MAJOR) stream: need to cleanup event listeners if last stream is readable (Xuguang Mei) (nodejs#41954) - (SEMVER-MAJOR) stream: revert revert `map` spec compliance (Benjamin Gruenbaum) (nodejs#41933) - (SEMVER-MAJOR) stream: throw invalid arg type from End Of Stream (Jithil P Ponnan) (nodejs#41766) - (SEMVER-MAJOR) stream: don't emit finish after destroy (Robert Nagy) (nodejs#40852) - (SEMVER-MAJOR) stream: add errored and closed props (Robert Nagy) (nodejs#40696) - (SEMVER-MAJOR) test: add initial test module (Colin Ihrig) (nodejs#42325) - (SEMVER-MAJOR) timers: refactor internal classes to ES2015 syntax (Rabbit) (nodejs#37408) - (SEMVER-MAJOR) tls: represent registeredID numerically always (Tobias Nießen) (nodejs#41561) - (SEMVER-MAJOR) tls: move tls.parseCertString to end-of-life (Tobias Nießen) (nodejs#41479) - (SEMVER-MAJOR) url: throw on NULL in IPv6 hostname (Rich Trott) (nodejs#42313) - (SEMVER-MAJOR) v8: make v8.writeHeapSnapshot() error codes consistent (Darshan Sen) (nodejs#42577) - (SEMVER-MAJOR) v8: make writeHeapSnapshot throw if fopen fails (Antonio Román) (nodejs#41373) - (SEMVER-MAJOR) worker: expose BroadcastChannel as a global (James M Snell) (nodejs#41271) - (SEMVER-MAJOR) worker: graduate BroadcastChannel to supported (James M Snell) (nodejs#41271) PR-URL: nodejs#42262
codebytere
added a commit
to electron/electron
that referenced
this pull request
Oct 12, 2022
codebytere
added a commit
to electron/electron
that referenced
this pull request
Oct 17, 2022
codebytere
added a commit
to electron/electron
that referenced
this pull request
Oct 19, 2022
codebytere
added a commit
to electron/electron
that referenced
this pull request
Oct 24, 2022
codebytere
added a commit
to electron/electron
that referenced
this pull request
Nov 8, 2022
codebytere
added a commit
to electron/electron
that referenced
this pull request
Nov 8, 2022
codebytere
added a commit
to electron/electron
that referenced
this pull request
Nov 10, 2022
* chore: update to Node.js v18 * child_process: improve argument validation nodejs/node#41305 * bootstrap: support configure-time user-land snapshot nodejs/node#42466 * chore: update GN patch * src: disambiguate terms used to refer to builtins and addons nodejs/node#44135 * src: use a typed array internally for process._exiting nodejs/node#43883 * chore: lib/internal/bootstrap -> lib/internal/process * src: disambiguate terms used to refer to builtins and addons nodejs/node#44135 * chore: remove redudant browserGlobals patch * chore: update BoringSSL patch * src: allow embedder-provided PageAllocator in NodePlatform nodejs/node#38362 * chore: fixup Node.js crypto tests - nodejs/node#44171 - nodejs/node#41600 * lib: add Promise methods to avoid-prototype-pollution lint rule nodejs/node#43849 * deps: update V8 to 10.1 nodejs/node#42657 * src: add kNoBrowserGlobals flag for Environment nodejs/node#40532 * chore: consolidate asar initialization patches * deps: update V8 to 10.1 nodejs/node#42657 * deps: update V8 to 9.8 nodejs/node#41610 * src,crypto: remove AllocatedBuffers from crypto_spkac nodejs/node#40752 * build: enable V8's shared read-only heap nodejs/node#42809 * src: fix ssize_t error from nghttp2.h nodejs/node#44393 * chore: fixup ESM patch * chore: fixup patch indices * src: merge NativeModuleEnv into NativeModuleLoader nodejs/node#43824 * [API] Pass OOMDetails to OOMErrorCallback https://chromium-review.googlesource.com/c/v8/v8/+/3647827 * src: iwyu in cleanup_queue.cc * src: return Maybe from a couple of functions nodejs/node#39603 * src: clean up embedder API nodejs/node#35897 * src: refactor DH groups to delete crypto_groups.h nodejs/node#43896 * deps,src: use SIMD for normal base64 encoding nodejs/node#39775 * chore: remove deleted source file * chore: update patches * chore: remove deleted source file * lib: add fetch nodejs/node#41749 * chore: remove nonexistent node specs * test: split report OOM tests nodejs/node#44389 * src: trace fs async api nodejs/node#44057 * http: trace http request / response nodejs/node#44102 * test: split test-crypto-dh.js nodejs/node#40451 * crypto: introduce X509Certificate API nodejs/node#36804 * src: split property helpers from node::Environment nodejs/node#44056 * nodejs/node#38905 bootstrap: implement run-time user-land snapshots via --build-snapshot and --snapshot-blob * lib,src: implement WebAssembly Web API nodejs/node#42701 * fixup! deps,src: use SIMD for normal base64 encoding * fixup! src: refactor DH groups to delete crypto_groups.h * chore: fixup base64 GN file * fix: check that node::InitializeContext() returns true * chore: delete _noBrowserGlobals usage * chore: disable fetch in renderer procceses * dns: default to verbatim=true in dns.lookup() nodejs/node#39987 Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com>
khalwa
pushed a commit
to solarwindscloud/electron
that referenced
this pull request
Feb 22, 2023
* chore: update to Node.js v18 * child_process: improve argument validation nodejs/node#41305 * bootstrap: support configure-time user-land snapshot nodejs/node#42466 * chore: update GN patch * src: disambiguate terms used to refer to builtins and addons nodejs/node#44135 * src: use a typed array internally for process._exiting nodejs/node#43883 * chore: lib/internal/bootstrap -> lib/internal/process * src: disambiguate terms used to refer to builtins and addons nodejs/node#44135 * chore: remove redudant browserGlobals patch * chore: update BoringSSL patch * src: allow embedder-provided PageAllocator in NodePlatform nodejs/node#38362 * chore: fixup Node.js crypto tests - nodejs/node#44171 - nodejs/node#41600 * lib: add Promise methods to avoid-prototype-pollution lint rule nodejs/node#43849 * deps: update V8 to 10.1 nodejs/node#42657 * src: add kNoBrowserGlobals flag for Environment nodejs/node#40532 * chore: consolidate asar initialization patches * deps: update V8 to 10.1 nodejs/node#42657 * deps: update V8 to 9.8 nodejs/node#41610 * src,crypto: remove AllocatedBuffers from crypto_spkac nodejs/node#40752 * build: enable V8's shared read-only heap nodejs/node#42809 * src: fix ssize_t error from nghttp2.h nodejs/node#44393 * chore: fixup ESM patch * chore: fixup patch indices * src: merge NativeModuleEnv into NativeModuleLoader nodejs/node#43824 * [API] Pass OOMDetails to OOMErrorCallback https://chromium-review.googlesource.com/c/v8/v8/+/3647827 * src: iwyu in cleanup_queue.cc * src: return Maybe from a couple of functions nodejs/node#39603 * src: clean up embedder API nodejs/node#35897 * src: refactor DH groups to delete crypto_groups.h nodejs/node#43896 * deps,src: use SIMD for normal base64 encoding nodejs/node#39775 * chore: remove deleted source file * chore: update patches * chore: remove deleted source file * lib: add fetch nodejs/node#41749 * chore: remove nonexistent node specs * test: split report OOM tests nodejs/node#44389 * src: trace fs async api nodejs/node#44057 * http: trace http request / response nodejs/node#44102 * test: split test-crypto-dh.js nodejs/node#40451 * crypto: introduce X509Certificate API nodejs/node#36804 * src: split property helpers from node::Environment nodejs/node#44056 * nodejs/node#38905 bootstrap: implement run-time user-land snapshots via --build-snapshot and --snapshot-blob * lib,src: implement WebAssembly Web API nodejs/node#42701 * fixup! deps,src: use SIMD for normal base64 encoding * fixup! src: refactor DH groups to delete crypto_groups.h * chore: fixup base64 GN file * fix: check that node::InitializeContext() returns true * chore: delete _noBrowserGlobals usage * chore: disable fetch in renderer procceses * dns: default to verbatim=true in dns.lookup() nodejs/node#39987 Co-authored-by: PatchUp <73610968+patchup[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
For execFile() and fork(), use INVALID_ARG_TYPE as appropriate instead
of INVALID_ARG_VALUE. Use validator functions where sensible.