v11.9.0 proposal #25802
Merged
v11.9.0 proposal #25802
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The test was added to check for a bug in macOS Mojave, but it turns out the issue is a macOS feature, not a bug. Refs: #21679 (comment) Fixes: #21679 PR-URL: #25649 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Gus Caplan <[email protected]>
Keep the process.binding() deprecation message short and direct. In addition to the usual benefits of doing that, it also means the message is less likely to line-wrap once we move to a runtime deprecation. PR-URL: #25654 Reviewed-By: Vse Mozhet Byt <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
common.isOSXMojave was added because it was believed that there was a bug in macOS Mojave that allowed unprivileged users to bind to privileged ports. As it turns out, that was a feature not a bug. It is likely to be in all future versions of macOS. Remove isOSXMojave and skip appropriate tests based on isOSX. Refs: https://news.ycombinator.com/item?id=18302380 PR-URL: #25658 Reviewed-By: Refael Ackermann <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Beth Griggs <[email protected]> Reviewed-By: Benjamin Gruenbaum <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Gus Caplan <[email protected]> Reviewed-By: Minwoo Jung <[email protected]>
Simplify a few particularly quirky bits of code, and add whitespace for readability. PR-URL: #25629 Reviewed-By: Denys Otrishko <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Gus Caplan <[email protected]> Reviewed-By: Anto Aravinth <[email protected]> Reviewed-By: Sakthipriyan Vairamani <[email protected]>
This would be set when `--experimental-policy` was set, but since an empty string does not refer to a valid file, we can just check the value of `--experimental-policy` directly. PR-URL: #25628 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Daniel Bevenius <[email protected]> Reviewed-By: Gus Caplan <[email protected]> Reviewed-By: Sakthipriyan Vairamani <[email protected]> Reviewed-By: Minwoo Jung <[email protected]>
Link the guide discussing timers and nextTick from the nextTick docs, as it already was from the timers docs. Make the link text and targets more specific. PR-URL: #25619 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Vse Mozhet Byt <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Jeremiah Senkpiel <[email protected]>
It does not affect dns.lookup(). PR-URL: #25570 Reviewed-By: Vse Mozhet Byt <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Problem with tool resulted in wrong commits being included PR-URL: #25705 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
Fixes: #25682 PR-URL: #25708 Reviewed-By: Vse Mozhet Byt <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
PR-URL: #25670 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: Anto Aravinth <[email protected]>
Environment variables with empty values are not permitted on Windows. As such, to disable persistent REPL history one or more spaces should be used. Node will trim whitespace from the variable, resulting in a blank variable at runtime and the desired behaviour. PR-URL: #25672 Fixes: #25661 Reviewed-By: Jeremiah Senkpiel <[email protected]> Reviewed-By: Vse Mozhet Byt <[email protected]> Reviewed-By: Ruben Bridgewater <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Anto Aravinth <[email protected]> Reviewed-By: Bartosz Sosnowski <[email protected]>
PR-URL: #25695 Fixes: #23291 Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Jeremiah Senkpiel <[email protected]>
Previously only simple escape sequences were handled (i.e. \n, \t, r etc.). This commit adds escaping of other control symbols in the range of 0x00 to 0x20. Also, this replaces multiple find+replace calls with a single pass replacer. PR-URL: #25626 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Richard Lau <[email protected]>
Refs: 641de82 PR-URL: #25709 Reviewed-By: Vse Mozhet Byt <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Myles Borins <[email protected]> Reviewed-By: Colin Ihrig <[email protected]>
There is a description of how to use s_client for testing of renegotiation limits in the `tls` module documentation. The information is somewhat out of scope, but it also may be somewhat problematic due to changes/peculiarities (bugs?) in recent s_client. Remove the text. Refs: #25381 (comment) PR-URL: #25678 Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
PR-URL: #25692 Reviewed-By: Gus Caplan <[email protected]> Reviewed-By: Vse Mozhet Byt <[email protected]> Reviewed-By: Colin Ihrig <[email protected]>
Node first calls `Isolate::Dispose`, then `NodePlatform::UnregisterIsolate`. This again calls `PerIsolatePlatformData::Shutdown`, which (before this patch) called `FlushForegroundTasksInternal`, which might call `RunForegroundTask` if it finds foreground tasks to be executed. This will fail however, since `Isolate::GetCurrent` was already reset during `Isolate::Dispose`. Hence remove the check to `FlushForegroundTasksInternal` and add checks instead that no more foreground tasks are scheduled. Refs: v8#86 PR-URL: #25653 Reviewed-By: Gus Caplan <[email protected]> Reviewed-By: Colin Ihrig <[email protected]>
Not seeing an associated `Environment` is a rare condition anyway, but using `uv_default_loop()` as a fallback is not thread-safe. PR-URL: #25652 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Gireesh Punathil <[email protected]>
Replace Google DNS servers with 127.0.0.1 in test-dns-setserver-when-querying. Refs: #25664 PR-URL: #25694 Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Michael Dawson <[email protected]> Reviewed-By: Khaidi Chu <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Rewrite test-tls-ci-reneg-attack to use tls.renegotiate() instead of external (and potentially unpredictable/quirky/buggy) s_client. Refs: #25676 (comment) PR-URL: #25700 Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]>
- Support non-string entry types - Prefer single-character writes over string writes - Rename the state constants and adjust style to match more common Node.js style PR-URL: #25651 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Matheus Marchini <[email protected]> Reviewed-By: Gireesh Punathil <[email protected]> Reviewed-By: Beth Griggs <[email protected]> Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
Do not stringify numbers and boolean values when writing JSON. PR-URL: #25651 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Matheus Marchini <[email protected]> Reviewed-By: Gireesh Punathil <[email protected]> Reviewed-By: Beth Griggs <[email protected]> Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
`json_trace_writer_` is protected by `stream_mutex_`, but one access to it was not guarded by a lock on said mutex. Refs: #25512 PR-URL: #25624 Reviewed-By: Denys Otrishko <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Richard Lau <[email protected]>
This has been unused since cbc3ef6. Refs: #23053 PR-URL: #25641 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Jeremiah Senkpiel <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
Remove the `StartInspector` and `InspectorStarted` abstraction out of `v8_platform`, and error out early and directly in the option parser if Node is configured with NODE_USE_V8_PLATFORM and inspector enabled but the user still tries to use inspector options. PR-URL: #25612 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Colin Ihrig <[email protected]>
Add Environment cleanup hooks to remove GC listeners when the `Environment` is torn down. PR-URL: #25647 Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Richard Lau <[email protected]> Reviewed-By: James M Snell <[email protected]>
Signed-off-by: gengjiawen <[email protected]> PR-URL: #25703 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: James M Snell <[email protected]>
This patch replaces the following 1. Usage of `filter` with `None` to remove falsy items. 2. Usage of `map` to create lists. (Replaced with List comprehensions). 3. Dictionary's `iteritems` which is removed in Python 3. PR-URL: #25580 Reviewed-By: Refael Ackermann <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
This patch replaces a usage of `map` with list comprehension, which makes the script Python 3 compatiable. PR-URL: #25582 Reviewed-By: Refael Ackermann <[email protected]>
Replace `s_client` in test-https-ci-reneg-attack with built-in client calling `tls.renegotiate()`. This also fixes the currently-broken test. (It is broken due to a change in behavior in a recently-updated-in-core version of `s_client`.) PR-URL: #25720 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Colin Ihrig <[email protected]>
|
I'm going to bed now. I intend to promote the release in ~24 hours. @sam-github @shigeki Can you help me write the notable changes about the OpenSSL update? |
|
Ping ^ |
cjihrig
approved these changes
Jan 30, 2019
* Switch from Date.now() to process.hrtime.bigint(). * Move start time recording to before the request is created, not after. Fixes: #25746 PR-URL: #25752 Reviewed-By: Gus Caplan <[email protected]> Reviewed-By: James M Snell <[email protected]>
Currently the following compiler warnings is generated:
In file included from ../src/env-inl.h:28:
../src/env.h:521:18:
warning: private field 'env_' is not used [-Wunused-private-field]
Environment* env_;
^
1 warning generated.
This commit removes this unused field.
PR-URL: #25784
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Joyee Cheung <[email protected]>
Reviewed-By: Refael Ackermann <[email protected]>
This commit updates test/parallel/test-crypto-fips.js to use fipsMode instead of process.config.variables.openssl_fips. The motivation for this is that since the addition of the --openssl-is-fips configuration flag, it is possible to dynamically link with a FIPS compliant OpenSSL library. Using fipsMode allows for determining if there is FIPS support when statically or dynamically linking against a FIPS compatible OpenSSL library. PR-URL: #25563 Reviewed-By: Michael Dawson <[email protected]> Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
* Move client renegotiation limit tests from pummel to parallel. * Rename tests to more accurately reflect what they do. * Refactor to use arrow functions for anonymouse callbacks and to be consistent about trailing commas. PR-URL: #25757 Reviewed-By: Beth Griggs <[email protected]> Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: James M Snell <[email protected]>
Fixes: #25765 PR-URL: #25768 Reviewed-By: Gus Caplan <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Tiancheng "Timothy" Gu <[email protected]> Reviewed-By: Jeremiah Senkpiel <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: James M Snell <[email protected]>
This could otherwise print unhandled rejection warnings if the process does not exit immediately inside an earlier `.catch()` handler. PR-URL: #25769 Reviewed-By: Ruben Bridgewater <[email protected]> Reviewed-By: Gus Caplan <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Guy Bedford <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: James M Snell <[email protected]>
Inside workers, using stdio is always asynchronous, so using `process.exit()` always interrupts sending of messages to the parent thread, including error messages presented over stdio. Do not use `process.exit()` and instead trigger a “real” uncaught exception. PR-URL: #25769 Reviewed-By: Ruben Bridgewater <[email protected]> Reviewed-By: Gus Caplan <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Guy Bedford <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: James M Snell <[email protected]>
- Don't unnecessarily require('../common').
- Eliminate state maintained in tmppath.
- validate() was being used synchronously, but was actually
asynchronous. Make it synchronous.
- Other misc. drive by cleanup.
PR-URL: #25754
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Anto Aravinth <[email protected]>
Reviewed-By: Gireesh Punathil <[email protected]>
|
Still no one for the OpenSSL changes? |
targos
force-pushed
the
v11.9.0-proposal
branch
from
b247189
to
7556b0b
Compare
|
I went with a simple "OpenSSL has been updated to 1.1.1a." CI: https://ci.nodejs.org/job/node-test-pull-request/20455/ |
|
@targos sorry, I was not following this. I think its worth noting that node.js does not support TLS1.3, even though openssl 1.1.1a does. Its possible that more symetric ciphers (or digests) are supported now, I haven't checked. If you'd like, I can do this. |
|
@sam-github yes, please. If you can give me a sentence for the changelog I will abort the release job and add it. |
^-- OK? |
targos
force-pushed
the
v11.9.0-proposal
branch
from
7556b0b
to
8e24451
Compare
|
@sam-github Thanks! New release job: https://ci-release.nodejs.org/job/iojs+release/4189/ |
targos
added a commit
to nodejs/nodejs.org
that referenced
this pull request
Jan 30, 2019
targos
added a commit
to nodejs/nodejs.org
that referenced
this pull request
Jan 30, 2019
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
2019-01-30, Version 11.9.0 (Current), @targos
Notable changes
TODO
Commits
bc81a68f20] - build: make compress_json python3 compatible (Sakthipriyan Vairamani (thefourtheye)) #2558230949f8dba] - build: make configure.py compatible with python 3 (Sakthipriyan Vairamani (thefourtheye)) #25580d4ec110c65] - (SEMVER-MINOR) deps: update archs files for OpenSSL-1.1.1a (Sam Roberts) #253815225214d07] - (SEMVER-MINOR) deps: fix for non GNU assembler in AIX (Shigeki Ohtsu) #25381ad04d7bea1] - (SEMVER-MINOR) deps: add only avx2 configs for OpenSSL-1.1.1 (Shigeki Ohtsu) #25381670f10053a] - (SEMVER-MINOR) deps: add s390 asm rules for OpenSSL-1.1.1 (Shigeki Ohtsu) #253810a0f15f768] - (SEMVER-MINOR) deps: fix MacOS and Win build for OpenSSL-1.1.1 (Shigeki Ohtsu) #25381e2043999bd] - (SEMVER-MINOR) deps: fix gyp/gypi for openssl-1.1.1 (Shigeki Ohtsu) #25381c581b9a253] - (SEMVER-MINOR) deps: upgrade openssl sources to 1.1.1a (Sam Roberts) #25381c82f2445e5] - dns: use IDNA 2008 to encode non-ascii hostnames (Ben Noordhuis) #25679c56ddc7736] - doc: document uniqueness of worker.threadId (Anna Henningsen) #256447c8d57d4a9] - doc: revise breaking changes material in COLLABORATOR_GUIDE (Rich Trott) #25730edc9ceb16e] - doc: fix issue with worker_threads docs (Lee Byron) #257121d6e18b128] - doc: fix http.Agent timeout option description (Luigi Pinca) #254895d5c528120] - (SEMVER-MINOR) doc: fix assembler requirement for OpenSSL-1.1.1 (Shigeki Ohtsu) #2538134bc69d376] - doc: fix file extension on ESM file example (Eric Whitebloom) #25692b218b1204a] - doc: remove outdated s_client information in tls.md (Rich Trott) #256781aa7f4d72d] - doc: fix metadata for v11.8.0 doc changes (Richard Lau) #257093c5a7a2f97] - doc: fix keyObject.symmetricSize to be keyObject.symmetricKeySize (Filip Skokan) #25670e47511943b] - doc: add metadata to report docs (Richard Lau) #25708237ec396d0] - doc: fix 11.8.0 changelog (Myles Borins) #2570548149cfa3a] - doc: clarify what dns.setResolvers() affects (Sam Roberts) #255703488f0df3b] - doc: link nextTick docs to the nextTick guide (Sam Roberts) #25619c93e5e1f65] - doc: simplify process.binding() deprecation message (Rich Trott) #256540640b09243] - lib: refactor policy code for readability (Anna Henningsen) #25629fc38b20c7c] - perf_hooks: clean up GC listeners (Anna Henningsen) #25647f3179f7701] - policy: ensure workers do not read fs for policy (Bradley Farias) #25710ee61ab6894] - repl: improve doc for disabling REPL history on Windows (Samuel D. Leslie) #25672ce28caf517] - report: represent numbers as numbers (Anna Henningsen) #256511dfdbc6cf7] - report: refactor JSON writer (Anna Henningsen) #2565114bce1ea5a] - report: do not useuv\_default\_loop()as fallback (Anna Henningsen) #25652c0951062b9] - src: pass along errors from i18n converter instantiation (Anna Henningsen) #25734deebf10bd5] - src: pass along errors from vm data wrapper creation (Anna Henningsen) #257348ee4810029] - src: pass along errors from KeyObject instantiation (Anna Henningsen) #25734ced4e71504] - src: pass along errors from perf obj instantiation (Anna Henningsen) #257345add2b56ac] - src: pass along errors from process obj instantiation (Anna Henningsen) #257342928672679] - src: pass along errors from stream obj instantiation (Anna Henningsen) #25734ebcdbebcee] - src: remove unused field in node_http2.h (gengjiawen) #257276d9af41aef] - src: in-source comments and minor TLS cleanups (Sam Roberts) #2571309a10858f7] - src: remove unnecessary call to SSL_get_mode (Sam Roberts) #2571186e79a521d] - src: remove unused and unimplemented method in env.h (gengjiawen) #25699021d1975ff] - src: fix macro duplicate declaration in env.h (gengjiawen) #25703845bcfa1ce] - src: simplify inspector initialization in node::Start() (Joyee Cheung) #25612797111a69b] - src: avoid race condition in tracing code (Anna Henningsen) #25624b113332daf] - src: ensure no more platform foreground tasks after Deinit (Clemens Hammacher) #256537cc51531a7] - src: remove has_experimental_policy option (Anna Henningsen) #256284b43eeaf9a] - src,test: fix JSON escaping in node-report (Denys Otrishko) #2562615f6b8e25d] - test: add test forworker.terminate()+ timeout fns (Anna Henningsen) #25735c2136348a1] - test: move heapdump tests to pummel (Rich Trott) #25181ae19f944f8] - test: exit sequence sanity tests (Gireesh Punathil) #25083af6e439ad8] - test: enable marking of failing coverage tests (Michael Dawson) #256716203d05a3c] - test: fix zlib-brotli output assumptions (Adam Majer) #2569777274d07d2] - test: rewrite fs {f}utimes test file (Jeremiah Senkpiel) #2565629002ceb4e] - (SEMVER-MINOR) test: assert on client and server side seperately (Sam Roberts) #25381c7dbb72530] - test: remove pummel/test-exec (Rich Trott) #257224b2a1eadbd] - test: replace s_client in test-https-ci-reneg-attack (Rich Trott) #257207d682234a6] - test: remove unused uncaughtException handler (Anna Henningsen) #25641271126ad3b] - test: remove s_client from test-tls-ci-reneg-attack (Rich Trott) #25700190c063ecb] - test: replace Google servers with localhost (Rich Trott) #25694f33d705033] - test: fix sequential/test-performance delay (Anatoli Papirovski) #256951905f8ef55] - test: remove common.isOSXMojave (Rich Trott) #256589f1b5c6193] - test: remove known_issues/test-cluster-bind-privileged-port (Rich Trott) #25649d0705bd24b] - timers: truncate decimal values (Jeremiah Senkpiel) #24819d5b2135dde] - tls: fix malloc mismatch in SSL_set_tlsext_status_ocsp_resp call (David Benjamin) #257066e80f6d9a1] - (SEMVER-MINOR) tls: workaround handshakedone in renegotiation (Shigeki Ohtsu) #25381c34c5694eb] - (SEMVER-MINOR) tls: make ossl 1.1.1 cipher list throw error (Sam Roberts) #253818032969c69] - tools: make trailing commas consistent in .eslintrc (Rich Trott) #257397ba66505e3] - tools: make test.py Queue part Python 3 compatible (gengjiawen) #25701e6ad7f4c9c] - tools: make mkssldef.py Python 3 compatible (Sakthipriyan Vairamani (thefourtheye)) #25584bc81fef988] - vm: mark scripts as shareable cross-origin (Jeremy Apthorp) #25380