Overview Repositories Revisions Requests Users Attributes Meta

Revisions of nodejs11

Adam Majer's avatar Adam Majer (adamm) committed (revision 18) 
- CVE-2019-13173.patch: fix potential file overwrite via hardlink
  in fstream.DirWriter() function (bsc#1140290, CVE-2019-13173)
Adam Majer's avatar Adam Majer (adamm) committed (revision 17) 
- New upstream release 11.15.0:
  * tls:
    + add --tls-min-v1.2 CLI switch
    + supported shared openssl 1.1.0
    + revert default max toTLSv1.2
    + revert change to invalid protocol error type
    + support TLSv1.3
    + add code for ERR_TLS_INVALID_PROTOCOL_METHOD
- Changes in release 11.14.0:
  * child_process: doc deprecate ChildProcess._channel
  * deps: update bundled nghttp2 to 1.37.0
  * dns:
    + make dns.promises enumerable
    + remove dns.promises experimental warning
  * fs: remove experimental warning for fs.promises
  * stream: make Symbol.asyncIterator support stable
  * worker: use copy of process.env

- Add _constraints file to avoid OOM errors
Adam Majer's avatar Adam Majer (adamm) committed (revision 16) 
- New upstream release 11.13.0:
  * crypto: Allow deriving public from private keys
  * events: Added a once function to use EventEmitter with promises
  * tty:
    + Added a hasColors method to WriteStream
    + Added NO_COLOR and FORCE_COLOR support
  * v8: Added v8.getHeapSnapshot and v8.writeHeapSnapshot to
    generate snapshots in the format used by tools such as Chrome
  * worker: Added worker.moveMessagePortToContext
  * C++ API:
    + AddPromiseHook is now deprecated.
    + Added a Stop API to shut down Node.js while it is running
- Changes in release 11.12.0:
  * bootstrap: Add experimental --frozen-intrinsics flag
  * deps: Upgrade openssl to 1.1.1b
  * process: Make process[Symbol.toStringTag] writable again
  * repl: Add util.inspect.replDefaults to customize the writer
  * report: Rename triggerReport() to writeReport()
- fix_ci_tests.patch: add another exception for our OpenSSL library
- versioned.patch: refresh
Adam Majer's avatar Adam Majer (adamm) committed (revision 15) 
- New upstream release 11.11.0:
  * n-api: Implement date object
  * util: Add compact depth mode for util.inspect()
  * worker:
    + Improve integration with native addons
    + MessagePort.prototype.onmessage takes arguments closer to
      the Web specification now
Adam Majer's avatar Adam Majer (adamm) committed (revision 14) 
- New upstream release 11.10.1:
  * http: Further prevention of "Slowloris" attacks on HTTP and HTTPS
  connections by consistently applying the receive timeout set by
  server.headersTimeout to connections in keep-alive mode.
  (CVE-2019-5737, bsc#1127532)
Adam Majer's avatar Adam Majer (adamm) committed (revision 13) 
- New upstream release 11.10.0:
  * child_process: close pipe ends that are re-piped
  * crypto:
    + don't crash X509ToObject on error
    + fix public key encoding name in comment
  * deps: npm updated to 6.7.0
  * http:
    + improve performance for incoming headers
    + makes response.writeHead return the response
    + make timeout event work with agent timeout
  * http2: makes response.writeHead return the response
  * perf_hooks: implement histogram based api
  * process:
    + normalize process.argv before user code execution
    + expose process.features.inspector
  * repl: add repl.setupHistory for programmatic repl
  * tls: introduce client 'session' event
- fix_ci_tests.patch: remove part of parallel/test-dns
- versioned.patch: refreshed

- nodejs.keyring: update keyring to today's list as per
  https://github.com/nodejs/node
Adam Majer's avatar Adam Majer (adamm) committed (revision 12) 
- New upstream release 11.9.0:
  * internal changes to ship OpenSSL 1.1.1, which has already been
    used on all openSUSE platforms.
- test-brotli.patch: removed, upstreamed
Adam Majer's avatar Adam Majer (adamm) committed (revision 11) 
- New upstream releases 11.8.0:
  * events: For unhandled error events with an argument that is not
    an Error object, the resulting exeption will have more information
    about the argument.
  * child_process: When the maxBuffer option is passed, stdout and
    stderr will be truncated rather than unavailable in case of an error.
  * policy: Experimental support for module integrity checks through
    a manifest file is implemented now.
  * n-api: The napi_threadsafe_function feature is now stable.
  * report: An experimental diagnostic API for capturing process state
    is available as process.report and through command line flags.
  * tls: tls.connect() takes a timeout option analogous to
    the net.connect() one.
  * worker:
    + process.umask() is available as a read-only function inside
      Worker threads
    + An execArgv option that supports a subset of Node.js command
      line options is now supported.
- Changes in version 11.7.0:
  * compression / zlib: Added brotli support
  * console: Added inspectOptions option
  * crypto: Always accept private keys as public keys
  * deps: Upgrade npm to v6.5.0
  * fs: Use internalBinding('fs') internally instead of
    process.binding('fs')
  * http(s): Support overriding http(s).globalAgent
  * util: Inspect ArrayBuffers contents closely
  * worker: Expose workers and remove --experimental-worker flag
- test-brotli.patch: fixes assumption about compression
- versioned.patch: refreshed
Adam Majer's avatar Adam Majer (adamm) committed (revision 10)
Adam Majer's avatar Adam Majer (adamm) committed (revision 9) 
- versioned.patch: set correct node version in environment
  (bsc#1121188)
- env_shebang.patch: dropped in favour of programmatic update
Adam Majer's avatar Adam Majer (adamm) committed (revision 8) 
- skip_test_on_lowmem.patch: skip test on low-memory build machine
Adam Majer's avatar Adam Majer (adamm) committed (revision 7) 
Remove unused env_shebang.patch
node-gyp-addon-gypi.patch: updated
Adam Majer's avatar Adam Majer (adamm) committed (revision 6) 
- New upstream releases 11.6.0:
  * cli: add --max-http-header-size flag
  * crypto:
    + always accept certificates as public keys
    + add key object API
  * deps:
    + upgrade to libuv 1.24.1
    + upgrade npm to 6.5.0
  * http: add maxHeaderSize property
- Changes in version 11.5.0:
  * tls: support "BEGIN TRUSTED CERTIFICATE" for ca:
  * util: add inspection getter option
- Changes in version 11.4.0:
  * console,util:
    + console functions now handle symbols as defined in the spec.
    + The inspection depth default is now back at 2.
  * dgram,net: Added ipv6Only option for net and dgram
  * http: Chosing between the http parser is now possible per
    runtime flag.
  * readline: The readline module now supports async iterators.
  * repl: The multiline history feature is removed.
  * tls:
    + Added min/max protocol version options.
    + The X.509 public key info now includes the RSA bit size and
      the elliptic curve.
  * url: pathToFileURL() now supports LF, CR and TAB.
- fix_ci_tests.patch: refreshed
- versioned.patch: refreshed
Adam Majer's avatar Adam Majer (adamm) committed (revision 5) 
- New upstream release 11.3.0:
  * deps: Upgrade to OpenSSL 1.1.0j, fixing
    + Timing vulnerability in DSA signature generation
      (bsc#1113652, CVE-2018-0734)
    + Timing vulnerability in ECDSA signature generation
      (bsc#1113651, CVE-2018-0735)
  * http:
    + Headers received by HTTP servers must not exceed 8192 bytes
      in total to prevent possible Denial of Service attacks.
      (bsc#1117626, CVE-2018-12121)
    + A timeout of 40 seconds now applies to servers receiving
      HTTP headers. This value can be adjusted with
      server.headersTimeout. Where headers are not completely
      received within this period, the socket is destroyed on
      the next received chunk. In conjunction
      with server.setTimeout(), this aids in protecting against
      excessive resource retention and possible Denial of Service.
      (bsc#1117627, CVE-2018-12122)
  * url: Fix a bug that would allow a hostname being spoofed when
    parsing URLs with url.parse() with the 'javascript:' protocol.
    (bsc#1117629, CVE-2018-12123)
Adam Majer's avatar Adam Majer (adamm) committed (revision 4) 
- New upstream release 11.2.0:
  * deps: A new experimental HTTP parser (llhttp) is now supported.
  * timers: Fixed an issue that could cause setTimeout to stop
    working as expected.
- flaky_test_rerun.patch: Rerun failing tests in case of flakiness
- fix_ci_tests.patch: refreshed
Adam Majer's avatar Adam Majer (adamm) committed (revision 3)
Adam Majer's avatar Adam Majer (adamm) committed (revision 2) 
- New upstream release 11.1.0:
  * repl: Top-level for-await-of is now supported in the REPL.
  * timers: Fixed an issue that could cause timers to enter
    an infinite loop.
- openssl_fix.patch: removed, upstreamed
- fix_ci_tests.patch: refreshed
Adam Majer's avatar Adam Majer (adamm) committed (revision 1) 
- Initial release of NodeJS 11.0.0
- Notable changes since NodeJS 10.12.0:
  * Use of process.binding() has been deprecated.
  * An experimental implementation of queueMicrotask() is added.
  * child_process: The default value of the windowsHide option
    has been changed to true.
  * deps: V8 has been updated to 7.0.
  * fs:
    + fs.read() method now requires a callback
    + The previously deprecated fs.SyncWriteStream utility has
      been removed
  * http: The http, https, and tls modules now use the WHATWG URL
    parser by default.
  * timers: nextTick queue will be run after each immediate and timer.
  * util:
    + WHATWG TextEncoder and TextDecoder are now globals.
    + util.inspect() output size is limited to 128 MB by default.
    + A runtime warning will be emitted when NODE_DEBUG is set for
      either http or http2.
Displaying all 18 revisions
openSUSE Build Service is sponsored by
Places