Improve Security of node_modules and package.json Resolution · Issue #43192 · nodejs/node
What is the problem this feature will solve? It is easy to accidentally allow another user to influence what code node loads and executes. Details can be found at HackerOne reports 1564437 (CommonJS module loading), 1564444 (ECMAScript module resolution), and 1564445 (package.json). While these behaviors are documented, the security implications are easy to overlook. Insecure patterns around these
Permission Model · Issue #791 · nodejs/security-wg
Permission Model initial issue Hello everybody! Following up on the Security Model initiative and the Mini summit (Next-10) in April seems and consensus that Node.js aims to have a security permission system, thus, avoiding third-party libraries to access machine resources without user consent. This system was previously researched by James Snell and Anna Henningsen[1], which resulted in an excell
util: add parseArgs module by bcoe · Pull Request #42675 · nodejs/node
Adds util.parseArgs helper for higher level command-line argument parsing. Background There has been an ongoing effort in pkgjs/parseargs to define a command-line argument parsing API for Node.js core. The effort has taken several years to get to this point, with many amazing contributors across a variety of companies and projects: IBM, Microsoft, Google, Shopify, npm, nvm, commander, yargs, just
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
Discontinued · Issue #533 · patriksimek/vm2
fs, stream: add initial `Symbol.dispose` and `Symbol.asyncDispose` support by MoLow · Pull Request #48518 · nodejs/node
[Bug]: Memory consumption issues on Node JS 16.11.0+ · Issue #11956 · jestjs/jest
deps: replace url parser with Ada by anonrig · Pull Request #46410 · nodejs/node
Using `node:test` with Custom ESM Loaders · Issue #46292 · nodejs/node
Special treatment for package.json resolution and exports? · Issue #33460 · nodejs/node
buffer: add buffer.isUtf8 for utf8 validation by anonrig · Pull Request #45947 · nodejs/node
worker: Add experimental SynchronousWorker implementation by jasnell · Pull Request #45018 · nodejs/node
watch: add initial implementation for `node --watch` by MoLow · Pull Request #44366 · nodejs/node
Work around os.cpus() returning an empty array on unsupported platforms by catink123 · Pull Request #3095 · avajs/ava
Support Web Workers · Issue #43583 · nodejs/node
Improve documentation on Dual Module Packages · Issue #34515 · nodejs/node
Global `fetch` breaks `source-map` · Issue #42638 · nodejs/node
End-of-Life dates of Node.js 16 and OpenSSL 1.1.1 do not align · Issue #1222 · nodejs/TSC
src,doc: Experimental support for SEA by mhdawson · Pull Request #42334 · nodejs/node
Next-10 Mini Summit 27 Jan 2022
Next 10 - Mini summit - Modern HTTP and Documentation · Issue #108 · nodejs/next-10