Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
18.18
->18.20
Release Notes
nodejs/node (node)
v18.20.5
: 2024-11-12, Version 18.20.5 'Hydrogen' (LTS), @aduh95Compare Source
Notable Changes
ac37e554a5
] - esm: mark import attributes and JSON module as stable (Nicolò Ribaudo) #55333Commits
c2e6a8f215
] - benchmark: fix napi/ref addon (Michaël Zasso) #532334c2e07aaac
] - build: pin doc workflow to Node.js 20 (Richard Lau) #557556ba4ebd060
] - build: fix build with Python 3.12 (Luigi Pinca) #50582c50f01399e
] - crypto: ensure invalid SubtleCrypto JWK data import results in DataError (Filip Skokan) #550415c46782137
] - crypto: make deriveBits length parameter optional and nullable (Filip Skokan) #536016e7274fa53
] - crypto: reject dh,x25519,x448 in {Sign,Verify}Final (Huáng Jùnliàng) #53774d2442044db
] - crypto: rejectEd25519
/Ed448 in Sign/Verify prototypes (Filip Skokan) #5234093670de499
] - deps: upgrade npm to 10.8.2 (npm team) #537998531c95587
] - deps: upgrade npm to 10.8.1 (npm team) #53207fd9933ea0f
] - deps: upgrade npm to 10.8.0 (npm team) #5301403852495d7
] - deps: update simdutf to 5.6.0 (Node.js GitHub Bot) #553793597be4146
] - deps: update simdutf to 5.5.0 (Node.js GitHub Bot) #5443452d2c03738
] - deps: update simdutf to 5.3.4 (Node.js GitHub Bot) #54312dd882ac483
] - deps: update simdutf to 5.3.1 (Node.js GitHub Bot) #541965fb8e1b428
] - deps: update simdutf to 5.3.0 (Node.js GitHub Bot) #53837c952fd886d
] - deps: update simdutf to 5.2.8 (Node.js GitHub Bot) #52727a1ae050ed5
] - deps: update simdutf to 5.2.6 (Node.js GitHub Bot) #5272796ec48da7f
] - deps: update brotli to 1.1.0 (Node.js GitHub Bot) #5080411242bcfb4
] - deps: update zlib to 1.3.0.1-motley-71660e1 (Node.js GitHub Bot) #5346464f98a9869
] - deps: update zlib to 1.3.0.1-motley-c2469fd (Node.js GitHub Bot) #534644b815550e0
] - deps: update zlib to 1.3.0.1-motley-68e57e6 (Node.js GitHub Bot) #53464f6b2f68ce7
] - deps: update zlib to 1.3.0.1-motley-8b7eff8 (Node.js GitHub Bot) #53464e151ebef86
] - deps: update zlib to 1.3.0.1-motley-e432200 (Node.js GitHub Bot) #53464637a306e02
] - deps: update zlib to 1.3.0.1-motley-887bb57 (Node.js GitHub Bot) #53464569a739569
] - deps: update zlib to 1.3.0.1-motley-209717d (Node.js GitHub Bot) #53156033f1e2ba5
] - deps: update zlib to 1.3.0.1-motley-4f653ff (Node.js GitHub Bot) #53052aaa857fc01
] - deps: update ada to 2.8.0 (Node.js GitHub Bot) #53254d577321877
] - deps: update acorn to 8.13.0 (Node.js GitHub Bot) #5555855b3c8a41f
] - deps: update acorn-walk to 8.3.4 (Node.js GitHub Bot) #5495050a9456f1e
] - deps: update acorn-walk to 8.3.3 (Node.js GitHub Bot) #53466f56cfe776b
] - deps: update acorn to 8.12.1 (Node.js GitHub Bot) #53465fce3ab686d
] - deps: update archs files for openssl-3.0.15+quic1 (Node.js GitHub Bot) #5518446c782486e
] - deps: upgrade openssl sources to quictls/openssl-3.0.15+quic1 (Node.js GitHub Bot) #551844a18581dc3
] - deps: update corepack to 0.29.4 (Node.js GitHub Bot) #5484567e98831ab
] - deps: update archs files for openssl-3.0.14+quic1 (Node.js GitHub Bot) #54336c60c6630af
] - deps: upgrade openssl sources to quictls/openssl-3.0.14+quic1 (Node.js GitHub Bot) #54336935a506377
] - deps: update corepack to 0.29.3 (Node.js GitHub Bot) #54072dbdfdd0226
] - deps: update corepack to 0.29.2 (Node.js GitHub Bot) #53838395ee44608
] - deps: update corepack to 0.28.2 (Node.js GitHub Bot) #532536ba8bc0618
] - deps: update c-ares to 1.29.0 (Node.js GitHub Bot) #5315581c3260cd2
] - deps: update corepack to 0.28.1 (Node.js GitHub Bot) #52946e4739e9aa6
] - doc: only apply content-visibility on all.html (Filip Skokan) #535104d2ac5d98f
] - doc: move release key for Myles Borins (Richard Lau) #540591c4decc998
] - doc: add release key for aduh95 (Antoine du Hamel) #55349a4f6f0918f
] - doc: add names next to release key bash commands (Aviv Keller) #52878c679348f83
] - errors: usedetermineSpecificType
in more error messages (Antoine du Hamel) #495803059262185
] - esm: fix broken assertion inlegacyMainResolve
(Antoine du Hamel) #55708ac37e554a5
] - esm: mark import attributes and JSON module as stable (Nicolò Ribaudo) #5533384b0ead758
] - esm: fix hook name in error message (Bruce MacNaughton) #504660092358d00
] - http: handle multi-value content-disposition header (Arsalan Ahmad) #50977d814fe935c
] - src: account for OpenSSL unexpected version (Shelley Vohr) #540386615fe5db1
] - src: fix dynamically linked OpenSSL version (Richard Lau) #53456d6114cb2e2
] - test: fix test when compiled without engine support (Richard Lau) #53232ac3a39051c
] - test: fix test-tls-junk-closes-server (Michael Dawson) #55089c8520ff7d2
] - test: fix OpenSSL version checks (Richard Lau) #535039824827937
] - test: update tls test to support OpenSSL32 (Michael Dawson) #550301a4d497936
] - test: adjust tls-set-ciphers for OpenSSL32 (Michael Dawson) #55016341496a5a2
] - test: add asserts to validate test assumptions (Michael Dawson) #5499737a2f7eaa4
] - test: adjust key sizes to support OpenSSL32 (Michael Dawson) #5497275ff0cdf66
] - test: update test to support OpenSSL32 (Michael Dawson) #54968b097d85dfe
] - test: adjust test-tls-junk-server for OpenSSL32 (Michael Dawson) #54926e9997388a6
] - test: adjust tls test for OpenSSL32 (Michael Dawson) #54909c7de027adb
] - test: fix test test-tls-dhe for OpenSSL32 (Michael Dawson) #5490368156cbae1
] - test: fix test-tls-client-mindhsize for OpenSSL32 (Michael Dawson) #54739d5b73e5683
] - test: increase key size for ca2-cert.pem (Michael Dawson) #545995316314755
] - test: update TLS test for OpenSSL 3.2 (Richard Lau) #54612a1f0c87859
] - test: fix test-tls-client-auth test for OpenSSL32 (Michael Dawson) #54610e9e3306426
] - test: use assert.{s,deepS}trictEqual() (Sonny) #542081320fb9475
] - test: update TLS trace tests for OpenSSL >= 3.2 (Richard Lau) #53229cc3cdf7cc0
] - test: check against run-time OpenSSL version (Richard Lau) #53456fc43c6803e
] - test: update TLS tests for OpenSSL 3.2 (Richard Lau) #53384627d3993f0
] - test: fix unreliable assumption in js-native-api/test_cannot_run_js (Joyee Cheung) #518989f521f456e
] - test: update tests for OpenSSL 3.0.14 (Richard Lau) #533730fb652eba9
] - tools: update gyp-next to v0.16.1 (Michaël Zasso) #50380fa72b2c2de
] - tools: skip ruff on tools/gyp (Michaël Zasso) #50380v18.20.4
: 2024-07-08, Version 18.20.4 'Hydrogen' (LTS), @RafaelGSSCompare Source
This is a security release.
Notable Changes
Commits
85abedf1ff
] - lib,esm: handle bypass network-import via data: (RafaelGSS) nodejs-private/node-private#522eccd63b865
] - src: handle permissive extension on cmd check (RafaelGSS) nodejs-private/node-private#596v18.20.3
: 2024-05-21, Version 18.20.3 'Hydrogen' (LTS), @richardlauCompare Source
Notable Changes
This release fixes a regression introduced in Node.js 18.19.0 where
http.server.close()
was incorrectly closing idle connections.A fix has also been included for compiling Node.js from source with newer versions of Clang.
The list of keys used to sign releases has been synchronized with the current list from the
main
branch.Updated dependencies
Commits
0c260e10e7
] - deps: update zlib to 1.3.0.1-motley-7d77fb7 (Node.js GitHub Bot) #525161152d7f919
] - deps: update zlib to 1.3.0.1-motley-24c07df (Node.js GitHub Bot) #52199755399db9d
] - deps: update zlib to 1.3.0.1-motley-24342f6 (Node.js GitHub Bot) #52123af3e32073b
] - deps: update ada to 2.7.8 (Node.js GitHub Bot) #52517e4ea2db58b
] - deps: update c-ares to 1.28.1 (Node.js GitHub Bot) #5228514e857bea2
] - deps: update corepack to 0.28.0 (Node.js GitHub Bot) #526167f5dd44ca6
] - deps: upgrade npm to 10.7.0 (npm team) #5276778f84ebb09
] - deps: update ngtcp2 to 1.3.0 (Node.js GitHub Bot) #517961f489a3753
] - deps: update ngtcp2 to 1.2.0 (Node.js GitHub Bot) #515843034968225
] - deps: update ngtcp2 to 1.1.0 (Node.js GitHub Bot) #513191aa9da467f
] - deps: add nghttp3/**/.deps to .gitignore (Luigi Pinca) #5140028c0c78c9a
] - deps: update ngtcp2 and nghttp3 (James M Snell) #512918fd5a35364
] - deps: upgrade npm to 10.5.2 (npm team) #524582c53ff31c9
] - deps: update acorn-walk to 8.3.2 (Node.js GitHub Bot) #5145712f28f33c2
] - deps: update acorn to 8.11.3 (Node.js GitHub Bot) #51317dddb7eb3e0
] - deps: update acorn-walk to 8.3.1 (Node.js GitHub Bot) #50457c86550e607
] - deps: update acorn-walk to 8.3.0 (Node.js GitHub Bot) #504579500817f66
] - deps: update acorn to 8.11.2 (Node.js GitHub Bot) #504607a8c7b6275
] - deps: update ada to 2.7.7 (Node.js GitHub Bot) #52028b199889943
] - deps: update corepack to 0.26.0 (Node.js GitHub Bot) #52027052b0ba0c6
] - deps: upgrade npm to 10.5.1 (npm team) #52351209823d3af
] - deps: update simdutf to 5.2.4 (Node.js GitHub Bot) #524735114cbe18a
] - deps: update simdutf to 5.2.3 (Yagiz Nizipli) #52381be30309ea0
] - deps: update simdutf to 5.0.0 (Daniel Lemire) #52138b56f66e250
] - deps: update simdutf to 4.0.9 (Node.js GitHub Bot) #51655a9f3b9d9d1
] - deps: update nghttp2 to 1.61.0 (Node.js GitHub Bot) #523951b6fa70620
] - deps: update nghttp2 to 1.60.0 (Node.js GitHub Bot) #519483c9dbbf4d4
] - deps: update nghttp2 to 1.59.0 (Node.js GitHub Bot) #51581e28316da54
] - deps: update nghttp2 to 1.58.0 (Node.js GitHub Bot) #50441678641f470
] - deps: V8: cherry-pickd15d49b
(Bo Anderson) #523371147fee7d9
] - doc: remove ableist language from crypto (Jamie King) #520635e93eae972
] - doc: add release key for marco-ippolito (marco-ippolito) #522576689a98488
] - http: remove closeIdleConnections function while calling server close (Kumar Rishav) #5233671616e8a8a
] - node-api: make tsfn accept napi_finalize once more (Gabriel Schulhof) #51801d9d9e62474
] - src: avoid draining platform tasks at FreeEnvironment (Chengzhong Wu) #51290e5fc8ec9fc
] - test: skip v8-updates/test-linux-perf (Michaël Zasso) #49639351ef189ca
] - test: v8: Add test-linux-perf-logger test suite (Luke Albao) #503525cec2efc31
] - test: reduce the number of requests and parsers (Luigi Pinca) #502405186e453d9
] - test: deflake test-http-regr-gh-2928 (Luigi Pinca) #49574c60cd67e1c
] - test: skip test for dynamically linked OpenSSL (Richard Lau) #52542v18.20.2
: 2024-04-10, Version 18.20.2 'Hydrogen' (LTS), @RafaelGSSCompare Source
This is a security release.
Notable Changes
child_process.spawn
without shell option enabled on WindowsCommits
6627222409
] - src: disallow direct .bat and .cmd file spawning (Ben Noordhuis) nodejs-private/node-private#564v18.20.1
: 2024-04-03, Version 18.20.1 'Hydrogen' (LTS), @RafaelGSSCompare Source
This is a security release.
Notable Changes
Commits
60d24938de
] - deps: update undici to v5.28.4 (Matteo Collina) nodejs-private/node-private#5775d4d5848cf
] - http: do not allow OBS fold in headers by default (Paolo Insogna) nodejs-private/node-private#5580fb816dbcc
] - src: ensure to close stream when destroying session (Anna Henningsen) nodejs-private/node-private#561v18.20.0
: 2024-03-26, Version 18.20.0 'Hydrogen' (LTS), @richardlauCompare Source
Notable Changes
Added support for import attributes
Support has been added for import attributes, to replace the old import
assertions syntax. This will aid migration by making the new syntax available
across all currently supported Node.js release lines.
This adds the
with
keyword which should be used in place of the previousassert
keyword, which will be removed in a future semver-major Node.jsrelease.
For example,
import "foo" assert { ... }
should be replaced with
import "foo" with { ... }
For more details, see
Contributed by Nicolò Ribaudo in #51136
and Antoine du Hamel in #50140.
Doc deprecation for
dirent.path
Please use newly added
dirent.parentPath
instead.Contributed by Antoine du Hamel in #50976
and #51020.
Experimental node-api feature flags
Introduces an experimental feature to segregate finalizers that affect GC state.
A new type called
node_api_nogc_env
has been introduced as the const versionof
napi_env
andnode_api_nogc_finalize
as a variant ofnapi_finalize
thataccepts a
node_api_nogc_env
as its first argument.This feature can be turned off by defining
NODE_API_EXPERIMENTAL_NOGC_ENV_OPT_OUT
.Contributed by Gabriel Schulhof in #50060.
Root certificates updated to NSS 3.98
Certificates added:
Certificates removed:
Updated dependencies
vm: fix V8 compilation cache support for vm.Script
Previously repeated compilation of the same source code using
vm.Script
stopped hitting the V8 compilation cache after v16.x when support for
importModuleDynamically
was added tovm.Script
, resulting in a performanceregression that blocked users (in particular Jest users) from upgrading from
v16.x.
The recent fixes allow the compilation cache to be hit again
for
vm.Script
when--experimental-vm-modules
is not used even in thepresence of the
importModuleDynamically
option, so that users affected by theperformance regression can now upgrade. Ongoing work is also being done to
enable compilation cache support for
vm.CompileFunction
.Contributed by Joyee Cheung in #49950
and #50137.
Commits
c70383b8d4
] - build: support Python 3.12 (Shi Pujin) #502094b960c3a4a
] - build: fix incorrect g++ warning message (Richard Lau) #516958fdea67694
] - crypto: update root certificates to NSS 3.98 (Node.js GitHub Bot) #51794812b126dd9
] - deps: V8: cherry-pickd90d453
(Michaël Zasso) #500779ab8c3db87
] - deps: update c-ares to 1.27.0 (Node.js GitHub Bot) #51846c688680387
] - deps: update c-ares to 1.26.0 (Node.js GitHub Bot) #515829498ac8a47
] - deps: compile c-ares with C11 support (Michaël Zasso) #514108fb743642f
] - deps: update c-ares to 1.25.0 (Node.js GitHub Bot) #513857bea2d7c12
] - deps: update zlib to 1.3.0.1-motley-40e35a7 (Node.js GitHub Bot) #5127457a38c8f75
] - deps: update zlib to 1.3.0.1-motley-dd5fc13 (Node.js GitHub Bot) #51105b0ca084a6b
] - deps: update zlib to 1.3-22124f5 (Node.js GitHub Bot) #509104b43823f37
] - deps: update zlib to 1.2.13.1-motley-5daffc7 (Node.js GitHub Bot) #50803f0da591812
] - deps: update zlib to 1.2.13.1-motley-dfc48fc (Node.js GitHub Bot) #5045616d28a883a
] - deps: update base64 to 0.5.2 (Node.js GitHub Bot) #5145513a9e81cb6
] - deps: update base64 to 0.5.1 (Node.js GitHub Bot) #50629b4502d3ac5
] - deps: update simdutf to 4.0.8 (Node.js GitHub Bot) #51000183cf8a74a
] - deps: update simdutf to 4.0.4 (Node.js GitHub Bot) #5077211ba8593ea
] - deps: update ada to 2.7.6 (Node.js GitHub Bot) #5154273a946d55c
] - deps: update ada to 2.7.5 (Node.js GitHub Bot) #51542cc434c1a39
] - deps: update ada to 2.7.4 (Node.js GitHub Bot) #508153a3808a6ae
] - deps: upgrade npm to 10.5.0 (npm team) #51913c8876d765c
] - deps: upgrade npm to 10.3.0 (npm team) #514315aec3af460
] - deps: update corepack to 0.25.2 (Node.js GitHub Bot) #51810a593985326
] - deps: update corepack to 0.24.1 (Node.js GitHub Bot) #51459d1a9237bf5
] - deps: update corepack to 0.24.0 (Node.js GitHub Bot) #51318adac0c7a63
] - deps: update corepack to 0.23.0 (Node.js GitHub Bot) #505634a6f83e32a
] - deps: escape Python strings correctly (Michaël Zasso) #50695c13969e52a
] - deps: V8: cherry-pickea996ad
(Nicolò Ribaudo) #511366fbf0ba5c3
] - deps: V8: cherry-picka0fd320
(Nicolò Ribaudo) #5113668fd7516e1
] - deps: update timezone to 2024a (Michaël Zasso) #51723f9b229ebe1
] - deps: update icu to 74.2 (Michaël Zasso) #5172390c73d2eb4
] - deps: update timezone to 2023d (Node.js GitHub Bot) #514612a2bf57028
] - deps: update icu to 74.1 (Node.js GitHub Bot) #50515425e011e52
] - deps: add v8::Object::SetInternalFieldForNodeCore() (Joyee Cheung) #4987458c70344a2
] - deps: V8: cherry-pick705e374
(Joyee Cheung) #51004b0e88899e1
] - deps: V8: cherry-pick1fada6b
(Joyee Cheung) #51004d87a810b81
] - deps: V8: cherry-pick3dd9576
(Joyee Cheung) #510046d50966876
] - deps: V8: cherry-pick94e8282
(Joyee Cheung) #51004fafbacdfec
] - deps: V8: cherry-pick9a98f96
(Joyee Cheung) #51004d4a530ed8d
] - deps: V8: cherry-pick7f5daed
(Joyee Cheung) #510041ce901b164
] - deps: V8: cherry-pickc400af4
(Joyee Cheung) #51004f232064f35
] - doc: fix historical experimental fetch flag (Kenrick) #51506194ff6a40f
] - (SEMVER-MINOR) doc: add deprecation notice todirent.path
(Antoine du Hamel) #509760f09267dc6
] - (SEMVER-MINOR) doc: deprecatedirent.path
(Antoine du Hamel) #509768bfb8f5b2f
] - doc,crypto: further clarify RSA_PKCS1_PADDING support (Tobias Nießen) #51799c7baf7b274
] - doc,crypto: add changelog and note about disabled RSA_PKCS1_PADDING (Filip Skokan) #51782a193be3dc2
] - esm: use import attributes instead of import assertions (Antoine du Hamel) #5014026e8f7793e
] - (SEMVER-MINOR) fs: introducedirent.parentPath
(Antoine du Hamel) #509765b5e5192f7
] - lib: fix compileFunction throws range error for negative numbers (Jithil P Ponnan) #498557552de6806
] - module: fix the leak in SourceTextModule and ContextifySript (Joyee Cheung) #485102e05cf1c60
] - module: fix leak of vm.SyntheticModule (Joyee Cheung) #48510a86a2e14a3
] - module: use symbol in WeakMap to manage host defined options (Joyee Cheung) #4851032906ddcac
] - node-api: segregate nogc APIs from rest via type system (Gabriel Schulhof) #500601aa71c26ff
] - node-api: factor out common code into macros (Gabriel Schulhof) #506643d0b233f52
] - node-api: introduce experimental feature flags (Gabriel Schulhof) #5099196514a8b9f
] - src: iterate on import attributes array correctly (Michaël Zasso) #507032c2892bf88
] - src: set ModuleWrap internal fields only once (Joyee Cheung) #49391ff334cb774
] - src: cast v8::Object::GetInternalField() return value to v8::Value (Joyee Cheung) #48943270b519971
] - stream: do not defer construction by one microtick (Matteo Collina) #5200595d7a75084
] - test: fix dns test case failures after c-ares update to 1.21.0+ (Brad House) #50743cd613e5167
] - test: handle relative https redirect (Richard Lau) #5112140f10eafcf
] - test: fixinternet/test-inspector-help-page
(Richard Lau) #516935e426511b1
] - test: deflake test-vm-contextified-script-leak (Joyee Cheung) #497100b156c6d28
] - test: use checkIfCollectable in vm leak tests (Joyee Cheung) #496711586c11b3c
] - test: add checkIfCollectable to test/common/gc.js (Joyee Cheung) #49671902d8b3d4b
] - test: fix flaky http-chunk-extensions-limit test (Ethan Arrowood) #519431743d2bdc1
] - test: test surrogate pair filenames on windows (Mert Can Altın) #518001c1a7ec22d
] - test: increase platform timeout zlib-brotli-16gb (Rafael Gonzaga) #51792931d02fe3e
] - test, v8: fix wrong import attributes test (Nicolò Ribaudo) #52184d9ea6c1f8d
] - tls: fix order of setting cipher before setting cert and key (Kumar Rishav) #501863184befa2e
] - tools: fix update-icu.sh (Michaël Zasso) #5172306646e11be
] - (SEMVER-MINOR) vm: use import attributes instead of import assertions (Antoine du Hamel) #50141fe66e9d06e
] - vm: reject in importModuleDynamically without --experimental-vm-modules (Joyee Cheung) #50137052e095c6b
] - vm: use internal versions of compileFunction and Script (Joyee Cheung) #501379f7899ed0a
] - vm: unify host-defined option generation in vm.compileFunction (Joyee Cheung) #501376291c107d0
] - vm: use default HDO when importModuleDynamically is not set (Joyee Cheung) #49950v18.19.1
: 2024-02-14, Version 18.19.1 'Hydrogen' (LTS), @RafaelGSS prepared by @marco-ippolitoCompare Source
Notable changes
This is a security release.
Notable changes
Commits
69e0a1dba8
] - crypto: update root certificates to NSS 3.95 (Node.js GitHub Bot) #50805d3d357ab09
] - crypto: disable PKCS#1 padding for privateDecrypt (Michael Dawson) nodejs-private/node-private#5253d27175c42
] - deps: fix GHSA-f74f-cvh7-c6q6/CVE-2024-24806 (Santiago Gimeno) #51614331558b8ab
] - deps: update archs files for openssl-3.0.13+quic1 (Node.js GitHub Bot) #5161499b77dfb9c
] - deps: upgrade openssl sources to quictls/openssl-3.0.13+quic1 (Node.js GitHub Bot) #516146cdc71bff1
] - deps: upgrade npm to 10.2.4 (npm team) #50751911cb33cda
] - http: add maximum chunk extension size (Paolo Insogna) nodejs-private/node-private#520f48b89689d
] - lib: update undici to v5.28.3 (Matteo Collina) nodejs-private/node-private#536e6b4c105e0
] - src: fix HasOnly(capability) in node::credentials (Tobias Nießen) nodejs-private/node-private#50597c49076cd
] - test: skip test-child-process-stdio-reuse-readable-stdio on Windows (Joyee Cheung) #4962160affdde8e
] - tools: add macOS notarization verification step (Ulises Gascón) #50833ccc676a327
] - tools: use macOS keychain to notarize the releases (Ulises Gascón) #5071531f1ceb380
] - tools: remove unused file (Ulises Gascon) #50622bd5f6fb92a
] - tools: add macOS notarization stapler (Ulises Gascón) #506254168c4f71b
] - tools: improve macOS notarization process output readability (Ulises Gascón) #503894622f775aa
] - tools: remove unusedversion
function (Ulises Gascón) #50390b90804b1e7
] - win,tools: upgrade Windows signing to smctl (Stefan Stojanovic) #50956f31d47e135
] - zlib: pause stream if outgoing buffer is full (Matteo Collina) nodejs-private/node-private#542v18.19.0
: 2023-11-29, Version 18.19.0 'Hydrogen' (LTS), @targosCompare Source
Notable Changes
npm updated to v10
After two months of baking time in Node.js 20, npm 10 is backported, so that all
release lines include a supported version of npm. This release includes npm v10.2.3.
Refer to nodejs/Release#884 for the plan to land npm 10.
ESM and customization hook changes
Leverage loaders when resolving subsequent loaders
Loaders now apply to subsequent loaders, for example:
--experimental-loader ts-node --experimental-loader loader-written-in-typescript
.Contributed by Maël Nison in #43772.
New
node:module
APIregister
for module customization hooks; newinitialize
hookThere is a new API
register
available onnode:module
to specify a file that exports module customization hooks, and pass data to the hooks, and establish communication channels with them. The “define the file with the hooks” part was previously handled by a flag--experimental-loader
, but when the hooks moved into a dedicated thread in 20.0.0 there was a need to provide a way to communicate between the main (application) thread and the hooks thread. This can now be done by callingregister
from the main thread and passing data, includingMessageChannel
instances.We encourage users to migrate to an approach that uses
--import
withregister
, such as:Using
--import
ensures that the customization hooks are registered before any application code runs, even the entry point.Contributed by João Lenon and Jacob Smith in #46826, Izaak Schroeder and Jacob Smith in #48842 and #48559.
import.meta.resolve
unflaggedIn ES modules,
import.meta.resolve(specifier)
can be used to get an absolute URL string to which
specifier
resolves, similarto
require.resolve
in CommonJS. This aligns Node.js with browsers and other server-side runtimes.Contributed by Guy Bedford in #49028.
--experimental-default-type
flag to flip module defaultsThe new flag
--experimental-default-type
can be used to flip the defaultmodule system used by Node.js. Input that is already explicitly defined as ES
modules or CommonJS, such as by a
package.json
"type"
field or.mjs
/.cjs
file extension or the
--input-type
flag, is unaffected. What is currentlyimplicitly CommonJS would instead be interpreted as ES modules under
--experimental-default-type=module
:String input provided via
--eval
or STDIN, if--input-type
is unspecified.Files ending in
.js
or with no extension, if there is nopackage.json
filepresent in the same folder or any parent folder.
Files ending in
.js
or with no extension, if the nearest parentpackage.json
field lacks atype
field; unless the folder is inside anode_modules
folder.In addition, extensionless files are interpreted as Wasm if
--experimental-wasm-modules
is passed and the file contains the "magic bytes"Wasm header.
Contributed by Geoffrey Booth in #49869.
Other ESM-related changes
ed2d46f4cc
] - doc: move and rename loaders section (Geoffrey Booth) #4926192734d4480
] - esm: use import attributes instead of import assertions (Antoine du Hamel) #50140e96f7ef881
] - **(SEConfiguration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.