サクサク読めて、アプリ限定の機能も多数!
トップへ戻る
衆院選
nodejs.org
Notable Changes Updated npm to 9.2.0 Based on the list of guidelines we've established on integrating npm and node, here is a grouped list of the breaking changes with the reasoning as to why they fit within the guidelines linked above. Note that all the breaking changes were made in 9.0.0. All subsequent minor and patch releases after [email protected] do not contain any breaking changes. Engines
const watcher = fs.watch(testDirectory, { recursive: true }); watcher.on('change', function (event, filename) {}); Contributed by Yagiz Nizipli in #45098 Other notable changes deps update ICU to 72.1 (Michaël Zasso) #45068 doc add lukekarrys to collaborators (Luke Karrys) #45180 add anonrig to collaborators (Yagiz Nizipli) #45002 lib drop fetch experimental warning (Matteo Collina) #45287 util (SE
Security Best Practices Intent This document intends to extend the current threat model and provide extensive guidelines on how to secure a Node.js application. Document Content Best practices: A simplified condensed way to see the best practices. We can use this issue or this guideline as the starting point. It is important to note that this document is specific to Node.js, if you are looking for
(Update 04-November-2022) Security releases available Updates are now available for v14,x, v16.x, v18.x and v19.x Node.js release lines for the following issues. X.509 Email Address 4-byte Buffer Overflow (High) (CVE-2022-3602) A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verif
Notable Changes Deprecations and Removals [7dd2f41c73] - (SEMVER-MAJOR) module: runtime deprecate exports double slash maps (Guy Bedford) #44495 [ada2d053ae] - (SEMVER-MAJOR) process: runtime deprecate coercion to integer in process.exit() (Daeyeon Jeong) #44711 HTTP(S)/1.1 KeepAlive by default Starting with this release, Node.js sets keepAlive to true by default. This means that any outgoing HTTP
We’re excited to announce that Node.js 19 was released today! Highlights include the update of the V8 JavaScript engine to 10.7, and HTTP(s)/1.1 KeepAlive enabled by default. Node.js 19 will replace Node.js 18 as our ‘Current’ release line when Node.js 18 enters long-term support (LTS) later this month. As per the release schedule, Node.js 19 will be the ‘Current' release for the next 6 months, un
Notable changes watch mode (experimental) Running in 'watch' mode using node --watch restarts the process when an imported file is changed. Contributed by Moshe Atlow in #44366 Other notable changes fs: (SEMVER-MINOR) add FileHandle.prototype.readLines (Antoine du Hamel) #42590 http: (SEMVER-MINOR) add writeEarlyHints function to ServerResponse (Wing) #44180 http2: (SEMVER-MINOR) make early hints
(Update 26-September-2022) Security releases available Recommendation update regarding CVE-2022-35255: Roll-out and re-issue all keys generated with WebCrypto.subtle.generateKey(). Re-evaluate the confidentiality of data encrypted with those keys. (Update 23-September-2022) Security releases available Updates are now available for the v18.x, v16.x, and v14.x Node.js release lines for the following
To restore application state from snapshot.blob, with index.js as the entry point script for the deserialized application: Contributed by Joyee Cheung in #38905 Other notable changes crypto: (SEMVER-MINOR) allow zero-length IKM in HKDF and in webcrypto PBKDF2 (Filip Skokan) #44201 (SEMVER-MINOR) allow zero-length secret KeyObject (Filip Skokan) #44201 deps: upgrade npm to 8.18.0 (npm team) #44263
Notable Changes Experimental command-line argument parser API Adds util.parseArgs helper for higher level command-line argument parsing. Contributed by Benjamin Coe, John Gee, Darcy Clarke, Joe Sepi, Kevin Gibbons, Aaron Casanova, Jessica Nahulan, and Jordan Harband - #42675 Experimental ESM Loader Hooks API Node.js ESM Loader hooks now support multiple custom loaders, and composition is achieved
Notable Changes Experimental ESM Loader Hooks API Node.js ESM Loader hooks now support multiple custom loaders, and composition is achieved via "chaining": foo-loader calls bar-loader calls qux-loader (a custom loader must now signal a short circuit when intentionally not calling the next). See the ESM docs for details. Real-world use-cases are laid out for end-users with working examples in the a
(Update 07-July-2022) Security releases available Updates are now available for the v18.x, v16.x, and v14.x Node.js release lines for the following issues. HTTP Request Smuggling - Flawed Parsing of Transfer-Encoding (Medium)(CVE-2022-32213) The llhttp parser in the http module does not correctly parse and validate Transfer-Encoding headers. This can lead to HTTP Request Smuggling (HRS). More deta
Changing the End-of-Life Date for Node.js 16 to September 11th, 2023 Summary We are moving the End-of-Life date of Node.js 16 by seven months to coincide with the end of support of OpenSSL 1.1.1 on September 11th, 2023. Why? When we put together Node.js 16 the hope was that we would be able to include OpenSSL 3. Unfortunately, the timing of the releases did not allow that to be possible, and we re
Notable Changes [c46e7bbf69] - doc: add @kuriyosh to collaborators (Yoshiki Kurihara) #42824 [b0f7c4c8f9] - (SEMVER-MINOR) lib,src: implement WebAssembly Web API (Tobias Nießen) #42701 [78a860ae58] - (SEMVER-MINOR) test_runner: add initial CLI runner (Colin Ihrig) #42658 [bf9240ae8c] - (SEMVER-MINOR) worker: add hasRef() to MessagePort (Darshan Sen) #42849 Commits [4694f5bb96] - async_hooks: avoid
Notable Changes Deprecations and Removals (SEMVER-MAJOR) fs: runtime deprecate string coercion in fs.write, fs.writeFileSync (Livia Medeiros) #42607 (SEMVER-MAJOR) dns: remove dns.lookup and dnsPromises.lookup options type coercion (Antoine du Hamel) #41431 (SEMVER-MAJOR) process: runtime deprecate multipleResolves (Benjamin Gruenbaum) #41896 (SEMVER-MAJOR) stream: remove thenable support (Robert
We’re excited to announce that Node.js 18 was released today! Highlights include the update of the V8 JavaScript engine to 10.1, global fetch enabled by default, and a core test runner module. Initially, Node.js 18 will replace Node.js 17 as our ‘Current’ release line. As per the release schedule, Node.js 18 will be the 'Current' release for the next 6 months and then promoted to Long-term Support
Notable Changes [3bd0078457] - doc: add @ShogunPanda to collaborators (Shogun) #42362 [23354673be] - doc: deprecate string coercion in fs.write, fs.writeFileSync (Livia Medeiros) #42149 [da42ffb85e] - (SEMVER-MINOR) http: trace http client by perf_hooks (theanarkh) #42345 [84fd6e54b0] - deps: upgrade npm to 8.5.5 (npm team) #42382 [b60262ee9f] - deps: update undici to 4.15.1 (Michaël Zasso) #42246
(Update 18-Mar-2022) Security releases available Updates are now available for v17.x, v16.x, v14.x, and v12.x Node.js release lines to incorporate upstream patches from OpenSSL. Update to OpenSSL 3.0.2n and 1.1.1n, (High) (CVE-2022-0778) Infinite loop in BN_mod_sqrt() reachable when parsing certificates. More details are available at https://www.openssl.org/news/secadv/20220315.txt Impacts: All ve
Notable Changes [6b88595142] - doc: deprecate notice for process methods (Yash Ladha) #41587 [77462b6083] - stream: revert map spec compliance (Benjamin Gruenbaum) #41931 [b968d89fc9] - build: remove broken x32 arch support (Ben Noordhuis) #41905 [ba639d052b] - (SEMVER-MINOR) esm: support https remotely and http locally under flag (Bradley Farias) #36328 [214d17650b] - (SEMVER-MINOR) fs: support c
Notable Changes Add fetch API Adds experimental support to the fetch API. This adds a --experimental-fetch flag that installs the fetch, Request, Response and Headers globals. [76a229c4ff] - (SEMVER-MINOR) lib: add fetch (Michaël Zasso) #41749 Add stream methods [1ae648567a] - (SEMVER-MINOR) stream: add iterator helper find (linkgoron) #41849 [62e1a68077] - (SEMVER-MINOR) stream: add toArray (Benj
Corepack is an experimental tool to help with managing versions of your package managers. It exposes binary proxies for each supported package manager that, when called, will identify whatever package manager is configured for the current project, download it if needed, and finally run it. Despite Corepack being distributed with default installs of Node.js, the package managers managed by Corepack
Notable Changes Corepack Node.js now includes Corepack, a script that acts as a bridge between Node.js projects and the package managers they are intended to be used with during development. In practical terms, Corepack will let you use Yarn and pnpm without having to install them - just like what currently happens with npm, which is shipped in Node.js by default. Please head over to the Corepack
(Update 10-Jan-2022) Security releases available Updates are now available for the v17.x, v16.x, v14.x, and v12.x Node.js release lines for the following issues. Improper handling of URI Subject Alternative Names (Medium)(CVE-2021-44531) Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrai
Notable Changes Deprecations and Removals [f182b9b29f] - (SEMVER-MAJOR) dns: runtime deprecate type coercion of dns.lookup options (Antoine du Hamel) #39793 [4b030d0573] - doc: deprecate (doc-only) http abort related (dr-js) #36670 [36e2ffe6dc] - (SEMVER-MAJOR) module: subpath folder mappings EOL (Guy Bedford) #40121 [64287e4d45] - (SEMVER-MAJOR) module: runtime deprecate trailing slash patterns (
Notable Changes crypto update root certificates (Richard Lau) #40280 deps upgrade npm to 8.0.0 (npm team) #40369 update nghttp2 to v1.45.1 (thunder-coding) #40206 update V8 to 9.4.146.19 (Michaël Zasso) #40285 tools update certdata.txt (Richard Lau) #40280 Commits [34f3021ca3] - benchmark: add util.toUSVString()'s benchmark (Khaidi Chu) #40203 [f83b9bcb6f] - build: support Python 3.10.0 (FrankQiu)
Notable Changes [fb226ff2ee] - (SEMVER-MINOR) crypto: add rsa-pss keygen parameters (Filip Skokan) #39927 [85206b7311] - deps: upgrade npm to 7.24.0 (npm team) #40167 [98f56d179c] - deps: update Acorn to v8.5.0 (Michaël Zasso) #40015 [9655329772] - doc: add Ayase-252 to collaborators (Qingyu Deng) #40078 [59fff925be] - (SEMVER-MINOR) fs: make open and close stream override optional when unused (An
Error cause Errors can now be optionally constructed with a cause option, pointing to another error. This adds a cause property on the new error: const error1 = new Error('Error one'); const error2 = new Error('Error two', { cause: error1 }); // error2.cause === error1 Contributed by Michaël Zasso - #39947 Other Notable Changes [34c627e4bc] - (SEMVER-MINOR) crypto: add RSA-PSS params to asymmetric
(Update 6-Dec-2021) Security releases available Updates are now available for v14.x, and v12.x Node.js release lines for the following issues. npm 6 update - node-tar There are vulnerabilities in the node-tar which are related to the initial reports and subsequent remediation of node-tar vulnerabilities CVE-2021-32803 and CVE-2021-32804. Subsequent internal security review of node-tar and addition
Notable Changes [2e90b10f35] - doc: deprecate type coercion for dns.lookup options (Antoine du Hamel) #38906 [a6d50a18a0] - (SEMVER-MINOR) stream: add stream.Duplex.from utility (Robert Nagy) #39519 [af7047a815] - (SEMVER-MINOR) stream: add isDisturbed helper (Robert Nagy) #39628 [66400374de] - (SEMVER-MINOR) util: expose toUSVString (Robert Nagy) #39814 Commits [90bf247a55] - build: fix update au
次のページ
このページを最初にブックマークしてみませんか?
『io.js - JavaScript I/O』の新着エントリーを見る
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
