chore(deps): update dependency node to v18.18.2 #8
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
18.17.0
->18.18.2
Release Notes
nodejs/node (node)
v18.18.2
Compare Source
v18.18.1
: 2023-10-10, Version 18.18.1 'Hydrogen' (LTS), @richardlauCompare Source
Notable Changes
This release addresses some regressions that appeared in Node.js 18.18.0:
The libuv 1.45.0 and 1.46.0 updates that were released in Node.js 18.18.0 have been temporarily reverted.
Commits
3e3a75cc46
] - Revert "build: sync libuv header change" (Richard Lau) #5003614ece2c479
] - Revert "deps: upgrade to libuv 1.45.0" (Richard Lau) #50036022352acbe
] - Revert "deps: upgrade to libuv 1.46.0" (Richard Lau) #50036d9f138189c
] - Revert "deps: add missing thread-common.c in uv.gyp" (Richard Lau) #500367a3e1ffbb8
] - fs: make sure to write entire buffer (Robert Nagy) #4921104cba95a67
] - test: addtmpdir.resolve()
(Livia Medeiros) #49079v18.18.0
: 2023-09-18, Version 18.18.0 'Hydrogen' (LTS), @ruyadornoCompare Source
Notable Changes
7dc731d4bf
] - build: sync libuv header change (Jiawen Geng) #48078490fc004b0
] - crypto: update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341dd8cd97d4d
] - crypto: update root certificates to NSS 3.90 (Node.js GitHub Bot) #48416ea23870bec
] - deps: add missing thread-common.c in uv.gyp (Santiago Gimeno) #4807888855e0b1b
] - deps: upgrade to libuv 1.46.0 (Santiago Gimeno) #48078fb2b80fca0
] - deps: upgrade to libuv 1.45.0 (Santiago Gimeno) #48078249879e46c
] - doc: add atlowChemi to collaborators (atlowChemi) #48757e8dc7bde6a
] - doc: add vmoroz to collaborators (Vladimir Morozov) #48527a30f2fbcc1
] - doc: add kvakil to collaborators (Keyhan Vakil) #48449c39b7c240e
] - (SEMVER-MINOR) esm: add--import
flag (Moshe Atlow) #43942a68a67f54d
] - (SEMVER-MINOR) events: allow safely adding listener to abortSignal (Chemi Atlow) #485963a8586bee2
] - fs, stream: initialSymbol.dispose
andSymbol.asyncDispose
support (Moshe Atlow) #48518863bdb785d
] - net: add autoSelectFamily global getter and setter (Paolo Insogna) #45777c59ae86ba0
] - (SEMVER-MINOR) url: add value argument to has and delete methods (Sankalp Shubham) #47885Commits
d1f43317ea
] - benchmark: add bar.R (Rafael Gonzaga) #477294f74be3c92
] - benchmark: refactor crypto oneshot (Filip Skokan) #48267fe9da9df0f
] - benchmark: add crypto.create*Key (Filip Skokan) #482849cb18b3e9d
] - build: do not pass target toolchain flags to host toolchain (Ivan Trubach) #485977dc731d4bf
] - build: sync libuv header change (Jiawen Geng) #48078211a4f88a9
] - build: update action to close stale PRs (Michael Dawson) #48196cc33a1864b
] - child_process: harden against prototype pollution (Livia Medeiros) #48726b5df084e1e
] - child_process: use addAbortListener (atlowChemi) #48550611db8df1a
] - child_process: supportSymbol.dispose
(Moshe Atlow) #48551490fc004b0
] - crypto: update root certificates to NSS 3.93 (Node.js GitHub Bot) #49341dd8cd97d4d
] - crypto: update root certificates to NSS 3.90 (Node.js GitHub Bot) #48416b2bc839d4c
] - crypto: remove OPENSSL_FIPS guard for OpenSSL 3 (Richard Lau) #48392c8da8c80b9
] - deps: update nghttp2 to 1.55.0 (Node.js GitHub Bot) #487467e04242dcb
] - deps: update minimatch to 9.0.3 (Node.js GitHub Bot) #48704ea23870bec
] - deps: add missing thread-common.c in uv.gyp (Santiago Gimeno) #4807888855e0b1b
] - deps: upgrade to libuv 1.46.0 (Santiago Gimeno) #48078fb2b80fca0
] - deps: upgrade to libuv 1.45.0 (Santiago Gimeno) #4807859fca4e09a
] - deps: update acorn to 8.10.0 (Node.js GitHub Bot) #48713bcb255d5a8
] - deps: V8: cherry-pickcb00db4
(Keyhan Vakil) #4867165a6c90fc6
] - deps: update acorn to 8.9.0 (Node.js GitHub Bot) #484846b6d5d91e9
] - deps: update zlib to 1.2.13.1-motley-f81f385 (Node.js GitHub Bot) #4854156249b0770
] - deps: update googletest toec4fed9
(Node.js GitHub Bot) #485388914a5204a
] - deps: update minimatch to 9.0.2 (Node.js GitHub Bot) #485421b960d9988
] - deps: update icu to 73.2 (Node.js GitHub Bot) #48502f0e2e3c549
] - deps: update zlib to 1.2.13.1-motley-3ca9f16 (Node.js GitHub Bot) #484139cf8fe6b93
] - deps: upgrade npm to 9.8.1 (npm team) #48838d9ff473ff3
] - deps: upgrade npm to 9.8.0 (npm team) #486654a6177daad
] - deps: upgrade npm to 9.7.2 (npm team) #48514104b58feb1
] - deps: update ada to 2.6.0 (Node.js GitHub Bot) #488967f7a125d78
] - deps: update corepack to 0.19.0 (Node.js GitHub Bot) #485405e1eb451d1
] - deps: update corepack to 0.18.1 (Node.js GitHub Bot) #484833be53358bc
] - deps: add loong64 config into openssl gypi (Shi Pujin) #48043555982c59e
] - deps: upgrade npm to 9.7.1 (npm team) #483783c03ec0832
] - deps: update simdutf to 3.2.14 (Node.js GitHub Bot) #48344a2964a4583
] - deps: update ada to 2.5.1 (Node.js GitHub Bot) #4831938f6e0d8cd
] - deps: update zlib to982b036
(Node.js GitHub Bot) #48327f4617a4f81
] - deps: add loongarch64 into openssl Makefile and gen openssl-loongarch64 (Shi Pujin) #46401573eb4be12
] - dgram: socket addasyncDispose
(atlowChemi) #48717f3c4300e00
] - dgram: use addAbortListener (atlowChemi) #48550d3041df738
] - doc: expand on squashing and rebasing to land a PR (Chengzhong Wu) #48751249879e46c
] - doc: add atlowChemi to collaborators (atlowChemi) #4875742ecd46d1f
] - doc: fix ambiguity in http.md and https.md (an5er) #48692e78824e053
] - doc: add release key for Ulises Gascon (Ulises Gascón) #491961aa798d69f
] - doc: clarify transform._transform() callback argument logic (Rafael Sofi-zada) #48680d723e870a2
] - doc: mention git node release prepare (Rafael Gonzaga) #48644a9a1394388
] - doc: fix options order (Luigi Pinca) #48617989ea6858f
] - doc: update security release stewards (Rafael Gonzaga) #48569f436ac1803
] - doc: update return type for describe (Shrujal Shah) #48572fbe89e6320
] - doc: run license-builder (github-actions[bot]) #48552f18b287bc3
] - doc: add description of autoAllocateChunkSize in ReadableStream (Debadree Chatterjee) #48004e2f3ed1444
] - doc: fixfilename
type inwatch
result (Dmitry Semigradsky) #480321fe75dc2b0
] - doc: unnestmime
andMIMEParams
from MIMEType constructor (Dmitry Semigradsky) #47950e1339d58e8
] - doc: update security-release-process.md (Rafael Gonzaga) #48504e8dc7bde6a
] - doc: add vmoroz to collaborators (Vladimir Morozov) #48527f8ba672c7b
] - doc: link to Runtime Keys in export conditions (Jacob Hummer) #484080056cb93e9
] - doc: update fs flags documentation (sinkhaha) #484633cf3fb9479
] - doc: reviseerror.md
introduction (Antoine du Hamel) #484237575d8b90e
] - doc: add preveen-stack to triagers (Preveen P) #48387820aa550a4
] - doc: refine when file is undefined in test events (Moshe Atlow) #48451a30f2fbcc1
] - doc: add kvakil to collaborators (Keyhan Vakil) #48449239b4ea66f
] - doc: mark--import
as experimental (Moshe Atlow) #440672a561aefe2
] - doc: add additional info on TSFN dispatch (Michael Dawson) #483675cc6eee30d
] - doc: add link for news from security wg (Michael Dawson) #48396ffece88452
] - doc: fix typo in events.md (Darshan Sen) #4843606513585dc
] - doc: run license-builder (github-actions[bot]) #48336d9a800ee5c
] - esm: fix emit deprecation on legacy main resolve (Antoine du Hamel) #48664c39b7c240e
] - (SEMVER-MINOR) esm: add--import
flag (Moshe Atlow) #43942a00464ee06
] - esm: fix specifier resolution and symlinks (Zack Newsham) #476743b8ec348b0
] - events: fix bug listenerCount don't compare wrapped listener (yuzheng14) #48592a68a67f54d
] - (SEMVER-MINOR) events: allow safely adding listener to abortSignal (Chemi Atlow) #485965354af3dab
] - fs: call the callback with an error if writeSync fails (killa) #47949c3a27d1d3d
] - fs: remove unneeded return statement (Luigi Pinca) #485263a8586bee2
] - fs, stream: initialSymbol.dispose
andSymbol.asyncDispose
support (Moshe Atlow) #4851801746c71df
] - http: null the joinDuplicateHeaders property on cleanup (Luigi Pinca) #48608d47eb73a85
] - http: remove useless ternary in test (geekreal) #48481977e9a38b4
] - http: fix for handling on boot timers headers and request (Franciszek Koltuniuk) #48291be88f7cd22
] - http2: use addAbortListener (atlowChemi) #485507c7230a85c
] - http2: send RST code 8 on AbortController signal (Devraj Mehta) #48573f74c2fc72a
] - lib: use addAbortListener (atlowChemi) #48550db355d1f37
] - lib: add option to force handling stopped events (Chemi Atlow) #483015d682c55a5
] - lib: reduce url getters onmakeRequireFunction
(Yagiz Nizipli) #484925260f53e55
] - lib: add support for inherited custom inspection methods (Antoine du Hamel) #4830669aaf8b1d1
] - lib: remove invalid parameter to toASCII (Yagiz Nizipli) #4887851863b80e4
] - meta: bump actions/checkout from 3.5.2 to 3.5.3 (dependabot[bot]) #486257ec370991d
] - meta: bump step-security/harden-runner from 2.4.0 to 2.4.1 (dependabot[bot]) #4862634b8e980d4
] - meta: bump ossf/scorecard-action from 2.1.3 to 2.2.0 (dependabot[bot]) #48628dfed9a7da9
] - meta: bump github/codeql-action from 2.3.6 to 2.20.1 (dependabot[bot]) #48627071eaadc5a
] - module: add SourceMap.findOrigin (Isaac Z. Schlueter) #47790bf1525c549
] - module: reduce url invocations in esm/load.js (Yagiz Nizipli) #48337f8921630a2
] - net: server addasyncDispose
(atlowChemi) #48717b5f53d9a0b
] - net: fix family autoselection SSL connection handling (Paolo Insogna) #48189267439fc34
] - net: rework autoSelectFamily implementation (Paolo Insogna) #46587d3637cdbbf
] - net: fix address iteration with autoSelectFamily (Fedor Indutny) #48258e8289a83f1
] - net: fix family autoselection timeout handling (Paolo Insogna) #47860863bdb785d
] - net: add autoSelectFamily global getter and setter (Paolo Insogna) #4577704dc090bfa
] - node-api: provide napi_define_properties fast path (Gabriel Schulhof) #48440feb6a54dc3
] - node-api: implement external strings (Gabriel Schulhof) #48339121f74c463
] - perf_hooks: convert maxSize to IDL value in setResourceTimingBufferSize (Chengzhong Wu) #44902804d880589
] - permission: fix data types in PrintTree (Tobias Nießen) #487707aaecce9bf
] - permission: add debug log when inserting fs nodes (Rafael Gonzaga) #48677cb51ef2905
] - readline: use addAbortListener (atlowChemi) #4855007065d0814
] - report: disable js stack when no context is entered (Chengzhong Wu) #48495572b82ffef
] - src: make BaseObject iteration order deterministic (Joyee Cheung) #487023f65598a41
] - src: remove kEagerCompile for CompileFunction (Keyhan Vakil) #48671f43eacac9b
] - src: deduplicate X509 getter implementations (Tobias Nießen) #485630c19621bdc
] - src: fix uninitialized field access in AsyncHooks (Jan Olaf Krems) #485660c38184d62
] - src: fix Coverity issue regarding unnecessary copy (Yagiz Nizipli) #485650d73009ba3
] - src: refactorSplitString
in util (Yagiz Nizipli) #484916c72622df9
] - src: handle wasm out of bound in osx will raise SIGBUS correctly (Congcong Cai) #46561e4261809b0
] - src: replace idna functions with ada::idna (Yagiz Nizipli) #477353dd82b1820
] - stream: use addAbortListener (atlowChemi) #48550786fbdb824
] - stream: fix premature pipeline end (Robert Nagy) #48435c224e1b255
] - stream: fix deadlock when pipeing to full sink (Robert Nagy) #486912c75b9ece2
] - test: fix flaky test-string-decode.js on x86 (Stefan Stojanovic) #48750279c4f64c1
] - test: mark test-http-regr-gh-2928 as flaky (Joyee Cheung) #4956501eacccd9a
] - test: deflake test-net-throttle (Luigi Pinca) #4859933886b271c
] - test: move test-net-throttle to parallel (Luigi Pinca) #48599a79112b5f4
] - Revert "test: remove test-crypto-keygen flaky designation" (Luigi Pinca) #486526ec57984db
] - test: add missing assertions to test-runner-cli (Moshe Atlow) #48593dd1805e802
] - test: remove test-crypto-keygen flaky designation (Luigi Pinca) #48575df9a9afc99
] - test: remove test-timers-immediate-queue flaky designation (Luigi Pinca) #485753ae96ae380
] - test: make IsolateData per-isolate in cctest (Joyee Cheung) #48450f2ce8e0c06
] - test: define NAPI_VERSION before including node_api.h (Chengzhong Wu) #4837613ac0a5e26
] - test: remove unnecessary noop function args tomustNotCall()
(Antoine du Hamel) #485138fdd4c55b3
] - test: skip test-runner-watch-mode on IBMi (Moshe Atlow) #484739d90409241
] - test: fix flaky test-watch-mode (Moshe Atlow) #4814727a4bc7c32
] - test: add missing <algorithm> include for std::find (Sam James) #48380cb92c4b9fe
] - test: update url web-platform tests (Yagiz Nizipli) #48319f35c4d3190
] - test: ignore the copied entry_point.c (Luigi Pinca) #4829741d1e6888f
] - test: refactor test-gc-http-client-timeout (Luigi Pinca) #48292125bca621a
] - test: update encoding web-platform tests (Yagiz Nizipli) #48320e9ac111d02
] - test: update FileAPI web-platform tests (Yagiz Nizipli) #483223da57d17f5
] - test: update user-timing web-platform tests (Yagiz Nizipli) #48321c728b8a29b
] - test: fixtest-net-autoselectfamily
for kernel without IPv6 support (Livia Medeiros) #458566de7aa1d19
] - test: movetest-tls-autoselectfamily-servername
totest/internet
(Antoine du Hamel) #470292de9868292
] - test: validate host with commas on url.parse (Yagiz Nizipli) #48878e7d2e8ef2a
] - test: delete test-net-bytes-per-incoming-chunk-overhead (Michaël Zasso) #48811f5494fa1b0
] - test_runner: fixedtest
shorthands return type (Shocker) #485557051cafdfa
] - test_runner: make--test-name-pattern
recursive (Moshe Atlow) #48382f302286442
] - test_runner: refactor coverage report output for readability (Damien Seguin) #477917822a541e5
] - timers: support Symbol.dispose (Moshe Atlow) #486333eeca52db1
] - tls: fix bugs of double TLS (rogertyang) #489694826379516
] - tools: run fetch_deps.py with Python 3 (Richard Lau) #48729e2688c8d79
] - tools: update doc to [email protected] [email protected] (Node.js GitHub Bot) #487147399481096
] - tools: update lint-md-dependencies to [email protected] (Node.js GitHub Bot) #4870531c07153ce
] - tools: update eslint to 8.44.0 (Node.js GitHub Bot) #486324e53f51e24
] - tools: update lint-md-dependencies to [email protected] (Node.js GitHub Bot) #486317d52950a96
] - tools: update lint-md-dependencies (Node.js GitHub Bot) #48544e168eab3ee
] - tools: update lint-md-dependencies (Node.js GitHub Bot) #484869711bc24f6
] - tools: replace sed with perl (Luigi Pinca) #484999c1937c0a7
] - tools: update eslint to 8.43.0 (Node.js GitHub Bot) #484879449f05ab1
] - tools: update doc to [email protected] (Node.js GitHub Bot) #4848579dcd968b1
] - tools: prepare tools/doc for to-vfile 8.0.0 (Rich Trott) #48485538f388ac0
] - tools: update lint-md-dependencies (Node.js GitHub Bot) #4841701bc10dcd5
] - tools: update create-or-update-pull-request-action (Richard Lau) #48398590a072657
] - tools: update eslint-plugin-jsdoc (Richard Lau) #483936a5805491e
] - tools: update eslint to 8.42.0 (Node.js GitHub Bot) #483282eb13e3986
] - tools: disable jsdoc/no-defaults rule (Luigi Pinca) #483283363cfa6c7
] - typings: remove unused primordials (Yagiz Nizipli) #48509c59ae86ba0
] - (SEMVER-MINOR) url: add value argument to has and delete methods (Sankalp Shubham) #47885f59c9636f4
] - url: conform to origin getter spec changes (Yagiz Nizipli) #483190beb5ab93d
] - url: ensure getter access do not mutate observable symbols (Antoine du Hamel) #488970a022c496d
] - util: useprimordials.ArrayPrototypeIndexOf
instead of mutable method (DaisyDogs07) #48586v18.17.1
: 2023-08-09, Version 18.17.1 'Hydrogen' (LTS), @RafaelGSSCompare Source
This is a security release.
Notable Changes
The following CVEs are fixed in this release:
More detailed information on each of the vulnerabilities can be found in August 2023 Security Releases blog post.
Commits
fe3abdf82e
] - deps: update archs files for openssl-3.0.10+quic1 (Node.js GitHub Bot) #490362c5a522d9c
] - deps: upgrade openssl sources to quictls/openssl-3.0.10+quic1 (Node.js GitHub Bot) #4903615bced0bde
] - policy: handle Module.constructor and main.extensions bypass (RafaelGSS) nodejs-private/node-private#417d4570fae35
] - policy: disable process.binding() when enabled (Tobias Nießen) nodejs-private/node-private#460Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.