Fedor Indutny [Tue, 19 Jan 2016 01:59:18 +0000 (20:59 -0500)]
internal/child_process: call postSend on error
Call `obj.postSend` in error case of `process.send()`. The
`net.Socket`'s handle should not be leaked.
Note that there are two callbacks invoked on handles
when they are sent to the child process over IPC pipes.
These callbacks are specified by `handleConversion` object, and
during send two of them are invoked:
* `send`
* `postSend`
Now for `net.Socket` in particular, `postSend` performs clean up by
closing the actual uv handle. However this clean up will not happen in
one of the branches. This pull request aims to fix this.
PR-URL: https://github.com/nodejs/node/pull/4752
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
José F. Romaniello [Thu, 31 Dec 2015 14:51:46 +0000 (11:51 -0300)]
http: handle errors on idle sockets
This change adds a new event handler to the `error` event of the socket
after it has been used by the http_client.
The purpose of this change is to catch errors on *keep alived*
connections from idle sockets that otherwise will cause an uncaugh error
event on the application.
Fix: #3595
PR-URL: https://github.com/nodejs/node/pull/4482
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Ben Noordhuis [Tue, 15 Dec 2015 11:57:49 +0000 (12:57 +0100)]
src: remove __builtin_bswap16 call
Not supported by apple-gcc and I'm not convinced it's worth adding more
preprocessor hacks when it should be easy as pie for the compiler to
to optimize the byteswap. If it doesn't, fix the compiler.
Fixes: https://github.com/nodejs/node/issues/4284
PR-URL: https://github.com/nodejs/node/pull/4290
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Ben Noordhuis [Tue, 15 Dec 2015 11:49:03 +0000 (12:49 +0100)]
src: remove unused BITS_PER_LONG macro
Remove the unused and broken BITS_PER_LONG macro. Broken because x64
is the only 64 bits architecture where it produces the right result.
PR-URL: https://github.com/nodejs/node/pull/4290
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Minwoo Jung [Sat, 21 Nov 2015 06:52:53 +0000 (15:52 +0900)]
benchmark: add a constant declaration for `net`
Constant declaration for `net` is omitted in `idle_server.js`
Add a constant declaration for constant `net`
PR-URL: https://github.com/nodejs/node/pull/3950
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
Minwoo Jung [Fri, 21 Aug 2015 21:30:08 +0000 (14:30 -0700)]
lib: use arrow functions instead of bind
use `arrow functions` instead of `bind(this)` in order to improve
performance through optimizations.
PR-URL: https://github.com/nodejs/node/pull/3622
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Bryon Leung [Wed, 7 Oct 2015 17:47:57 +0000 (13:47 -0400)]
src: add BE support to StringBytes::Encode()
Versions of Node.js after v0.12 have relocated byte-swapping away from
the StringBytes::Encode function, thereby causing a nan test (which
accesses this function directly) to fail on big-endian machines.
This change re-introduces byte swapping in StringBytes::Encode,
done via a call to a function in util-inl. Another change in
NodeBuffer::StringSlice was necessary to avoid double byte swapping
in big-endian function calls to StringSlice.
PR-URL: https://github.com/nodejs/node/pull/3410
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Коренберг Марк [Tue, 5 May 2015 07:41:16 +0000 (12:41 +0500)]
tls: add `options` argument to createSecurePair
Helps in implementation of #6204, where some options passed to
`createSecurePair()` are ignored before this patch.
These options are very helpful if someone wants to pass
`options.servername` or `options.SNICallback` to securepair.
PR-URL: https://github.com/nodejs/node/pull/2441
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Michaël Zasso [Fri, 15 Jan 2016 08:53:11 +0000 (09:53 +0100)]
lib,test: remove extra semicolons
PR-URL: https://github.com/nodejs/node/pull/2205
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
Michaël Zasso [Fri, 15 Jan 2016 08:50:44 +0000 (09:50 +0100)]
tools: enable no-extra-semi rule in eslint
PR-URL: https://github.com/nodejs/node/pull/2205
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
Kat Marchán [Fri, 5 Feb 2016 22:14:47 +0000 (14:14 -0800)]
deps: upgrade to npm 2.14.17
PR-URL: https://github.com/nodejs/node/pull/5110
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Myles Borins <mborins@us.ibm.com>
Kat Marchán [Tue, 26 Jan 2016 21:45:04 +0000 (13:45 -0800)]
test: make npm tests work on prerelease node versions
PR-URL: https://github.com/nodejs/node/pull/4960
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Kat Marchán [Fri, 29 Jan 2016 19:46:48 +0000 (11:46 -0800)]
deps: upgrade to npm 2.14.16
PR-URL: https://github.com/nodejs/node/pull/4960
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Kat Marchán [Wed, 27 Jan 2016 22:01:29 +0000 (14:01 -0800)]
doc: Update small error in LICENSE for npm
This corresponds to https://github.com/npm/npm/commit/
6051a69b1adc80f5f200077067e831643f655bd4
PR-URL: https://github.com/nodejs/node/pull/4872
Reviewed-By: João Reis <reis@janeasystems.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rebecca Turner <me@re-becca.org>
Kat Marchán [Tue, 26 Jan 2016 21:45:04 +0000 (13:45 -0800)]
test: make npm tests work on prerelease node versions
PR-URL: https://github.com/nodejs/node/pull/4872
Reviewed-By: João Reis <reis@janeasystems.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rebecca Turner <me@re-becca.org>
Kat Marchán [Tue, 26 Jan 2016 02:11:52 +0000 (18:11 -0800)]
deps: upgrade to npm 2.14.15
PR-URL: https://github.com/nodejs/node/pull/4872
Reviewed-By: João Reis <reis@janeasystems.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rebecca Turner <me@re-becca.org>
Brian White [Wed, 13 Jan 2016 19:52:03 +0000 (14:52 -0500)]
querystring: improve parse() performance
These changes improve parse() performance from ~11-30% on all of
the existing querystring benchmarks.
PR-URL: https://github.com/nodejs/node/pull/4675
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Myles Borins [Wed, 2 Mar 2016 21:35:28 +0000 (13:35 -0800)]
Working on v4.3.3
PR-URL: https://github.com/nodejs/node/pull/5526
Myles Borins [Wed, 2 Mar 2016 17:48:15 +0000 (09:48 -0800)]
2016-03-02, Version 4.3.2 'Argon' (LTS)
This is a security release with only a single commit, an update to openssl due to a recent security advisory. You can read more about the security advisory on the Node.js website (https://nodejs.org/en/blog/vulnerability/openssl-march-2016/)
Notable changes
* openssl
- this upgrade to openssl 1.0.2g. This fixes the security vulnerabilities that are references in this openssl announce (https://mta.openssl.org/pipermail/openssl-announce/2016-February/000063.html)
PR-URL: https://github.com/nodejs/node/pull/5526
Ben Noordhuis [Tue, 1 Mar 2016 13:03:58 +0000 (14:03 +0100)]
deps: upgrade openssl to 1.0.2g
PR-URL: https://github.com/nodejs/node/pull/5507
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Myles Borins [Wed, 17 Feb 2016 00:57:38 +0000 (16:57 -0800)]
Working on v4.3.2
PR-URL: https://github.com/nodejs/node/pull/5200#issuecomment-
184897483
Myles Borins [Thu, 11 Feb 2016 23:40:02 +0000 (15:40 -0800)]
2016-02-16, Version 4.3.1 'Argon' (LTS)
Notable changes:
* buffer: make byteLength work with Buffer correctly (Jackson Tian)
- https://github.com/nodejs/node/pull/4738
* debugger: guard against call from non-node context (Ben Noordhuis)
- https://github.com/nodejs/node/pull/4328
* node_contextify: do not incept debug context (Myles Borins)
- https://github.com/nodejs/node/pull/4819
* deps: update to http-parser 2.5.2 (James Snell)
- https://github.com/nodejs/node/pull/5238
Myles Borins [Mon, 1 Feb 2016 19:13:31 +0000 (11:13 -0800)]
node_contextify: do not incept debug context
Currently a debug context is created for various calls to util.
If the node debugger is being run the main context is the debug
context. In this case node_contextify was freeing the debug context
and causing everything to explode.
This change moves around the logic and no longer frees the context.
There is a concern about the dangling pointer
The regression test was adapted from code submitted by @3y3 in #4815
Fixes: https://github.com/nodejs/node/issues/4440
Fixes: https://github.com/nodejs/node/issues/4815
Fixes: https://github.com/nodejs/node/issues/4597
Fixes: https://github.com/nodejs/node/issues/4952
PR-URL: https://github.com/nodejs/node/issues/4815
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Santiago Gimeno [Thu, 26 Nov 2015 21:58:51 +0000 (22:58 +0100)]
test: fix tls-no-rsa-key flakiness
In some conditions it can happen that the client-side socket is destroyed
before the server-side socket has gracefully closed, thus causing a
'ECONNRESET' error in this socket. To solve this, wait in the client-side
socket for the 'end' event before closing it.
PR-URL: https://github.com/nodejs/node/pull/4043
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Myles Borins [Thu, 21 Jan 2016 22:31:41 +0000 (14:31 -0800)]
tools: add support for subkeys in release tools
Replace grep with awk to add support for subkeys
PR-URL: https://github.com/nodejs/node/pull/4807
Reviewed-By: Rod Vagg <rod@vagg.org>
Kat Marchán [Thu, 21 Jan 2016 19:17:01 +0000 (11:17 -0800)]
doc: update list of personal traits in CoC
https://github.com/rust-lang/rust-www/pull/288 landed in the Rust repo
so it seems like a good idea to just bring the updated list in.
We also received a request to do this in https://github.com/nodejs/inclusivity/issues/82
so this should resolve that.
Thanks to [@Charlotteis](https://github.com/Charlotteis) for bringing
up the original issue.
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Myles Borins <mborins@us.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/4801
Fixes: https://github.com/nodejs/inclusivity/issues/82
Roman Reiss [Tue, 19 Jan 2016 02:17:39 +0000 (03:17 +0100)]
tools: enable space-in-parens ESLint rule
Ref: http://eslint.org/docs/rules/space-in-parens.html
PR-URL: https://github.com/nodejs/node/pull/4753
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Roman Reiss [Tue, 19 Jan 2016 02:23:07 +0000 (03:23 +0100)]
test: fix issues for space-in-parens ESLint rule
PR-URL: https://github.com/nodejs/node/pull/4753
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Roman Reiss [Mon, 18 Jan 2016 19:21:56 +0000 (20:21 +0100)]
doc: style fixes for the TOC
- Hide the scrollbar on the TOC on all browsers. It was never the
intention for it to be visible with the scroll indication in place.
A wrapper element with 20px padding was added to accommodate for
hopefully all scrollbar widths as well as to avoid overflowing
content.
- Fixed the scroll indication gradient on Safari, which was caused by
the wrong from-color, which now matches the to-color.
- Fixed a issue in old IE where the TOC didn't render on the correct
position through setting `left: 0` and `top: 0` on it.
PR-URL: https://github.com/nodejs/node/pull/4748
Reviewed-By: James M Snell <jasnell@gmail.com>
Rich Trott [Mon, 18 Jan 2016 07:09:26 +0000 (23:09 -0800)]
test: improve test-cluster-disconnect-suicide-race
Previously, test-cluster-disconnect-suicide-race had two issues:
* Magic numbers: How many times to spawn a worker was determined through
empirical experimentation. This means that as new platforms and new
CPU/RAM configurations are tested, the magic numbers require more
and more refinement. This brings us to...
* Non-determinism: The test seems to fail all the time when the bug
it tests for is present, but it's really a judgment based on sampling.
"Oh, with 8 workers per CPU, it fails about 80% of the time. Let's try
16..."
This revised version of the test takes a different approach. The fix
for the bug that the test was written for means that the disconnect
event will fire on a subsequent tick. So we check for that and the test
still fails when the fix is not in the code base and succeeds when it
is.
Advantages of this approach include:
* The test runs much faster.
* The test should be reliable on any new platform regardless of CPU and
RAM.
PR-URL: https://github.com/nodejs/node/pull/4739
Ref: https://github.com/nodejs/node/pull/4674
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Jackson Tian [Mon, 18 Jan 2016 07:08:12 +0000 (15:08 +0800)]
buffer: make byteLength work with Buffer correctly
Make the byteLength work correctly when input is Buffer.
e.g:
```js
// The incomplete unicode string
Buffer.byteLength(new Buffer([0xe4, 0xb8, 0xad, 0xe6, 0x96]))
```
The old output: 9
The new output: 5
PR-URL: https://github.com/nodejs/node/pull/4738
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Rich Trott [Mon, 18 Jan 2016 03:50:09 +0000 (19:50 -0800)]
test: make test-cluster-disconnect-leak reliable
Previously, test-cluster-disconnect-leak had two issues:
* Magic numbers: How many times to spawn a worker was determined through
empirical experimentation. This means that as new platforms and new
CPU/RAM configurations are tested, the magic numbers require more
and more refinement. This brings us to...
* Non-determinism: The test *seems* to fail all the time when the bug
it tests for is present, but it's really a judgment based on sampling.
"Oh, with 8 workers per CPU, it fails about 80% of the time. Let's try
16..."
This revised version of the test takes a different approach. The fix
for the bug that the test was written for means that the `disconnect`
event will fire reliably for a single worker. So we check for that and
the test still fails when the fix is not in the code base and succeeds
when it is.
Advantages of this approach include:
* The test runs much faster.
* The test now works on Windows. The previous version skipped Windows.
* The test should be reliable on any new platform regardless of CPU and
RAM.
Ref: https://github.com/nodejs/node/pull/4674
PR-URL: https://github.com/nodejs/node/pull/4736
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
Alexander Makarenko [Sun, 17 Jan 2016 14:12:04 +0000 (17:12 +0300)]
doc: add `servername` parameter docs
Add `servername` parameter docs for `https.request()` method.
Follows #4389
PR-URL: https://github.com/nodejs/node/pull/4729
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
Peter Geiss [Sat, 16 Jan 2016 06:37:27 +0000 (01:37 -0500)]
buffer: remove unnecessary TODO comments
Refs: https://github.com/nodejs/node/issues/4642
PR-URL: https://github.com/nodejs/node/pull/4719
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Rod Vagg [Thu, 14 Jan 2016 13:10:04 +0000 (00:10 +1100)]
doc: update branch-diff arguments in release doc
PR-URL: https://github.com/nodejs/node/pull/4691
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Kohei TAKATA [Fri, 15 Jan 2016 03:49:24 +0000 (12:49 +0900)]
readline: Remove XXX and output debuglog
Remove a comment that has a word 'XXX'.
And add a line to output debuglog of error.
PR-URL: https://github.com/nodejs/node/pull/4690
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Fedor Indutny [Thu, 14 Jan 2016 09:35:04 +0000 (04:35 -0500)]
crypto: clear error stack in ECDH::Initialize
Clean up OpenSSL error stack in `ECDH::Initialize`, some curves have
faulty implementations that are leaving dangling errors after
initializing the curve.
Fix: #4686
PR-URL: https://github.com/nodejs/node/pull/4689
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
cjihrig [Tue, 12 Jan 2016 17:18:40 +0000 (12:18 -0500)]
test: fix flaky test-net-socket-local-address
Prior to this commit, the test was flaky because it was
executing the majority of its logic in a function called from
the client and multiple events on the server. This commit
simplifies the test by separating the server's connection and
listening events, and isolating the client logic.
Refs: https://github.com/nodejs/node/pull/4476
Refs: https://github.com/nodejs/node/pull/4644
PR-URL: https://github.com/nodejs/node/pull/4650
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Evan Lucas [Tue, 12 Jan 2016 12:32:04 +0000 (06:32 -0600)]
net: remove hot path comment from connect
This comment was added with an assumption that we could determine the
IP address that localhost should resolve to without performing a
lookup. This was a false assumption and should be removed.
PR-URL: https://github.com/nodejs/node/pull/4648
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
zoubin [Tue, 12 Jan 2016 05:22:42 +0000 (13:22 +0800)]
doc: add docs for more stream options
PR-URL: https://github.com/nodejs/node/pull/4639
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Chris Dickinson <chris@neversaw.us>
Rich Trott [Tue, 12 Jan 2016 02:00:53 +0000 (18:00 -0800)]
test: fix race in test-net-server-pause-on-connect
A 50ms timeout results in a race condition. Instead, enforce expected
order through callbacks. This has the side effect of speeding up the
test in most situations.
Ref: https://github.com/nodejs/node/pull/4476
PR-URL: https://github.com/nodejs/node/pull/4637
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
Reviewed-By: James M Snell <jasnell@gmail.com>
Rich Trott [Mon, 11 Jan 2016 23:38:38 +0000 (15:38 -0800)]
debugger: remove variable redeclarations
Some variables are declared with var more than once in the same scope.
This change reduces the declarations to one per scope.
PR-URL: https://github.com/nodejs/node/pull/4633
Reviewed-By: jasnell - James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Fedor Indutny [Wed, 6 Jan 2016 03:42:32 +0000 (22:42 -0500)]
tls_legacy: do not read on OpenSSL's stack
Do not attempt to read data from the socket whilst on OpenSSL's stack,
weird things may happen, and this is most likely going to result in some
kind of error.
PR-URL: https://github.com/nodejs/node/pull/4624
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
zoubin [Mon, 11 Jan 2016 09:22:53 +0000 (17:22 +0800)]
stream: remove useless if test in transform
PR-URL: https://github.com/nodejs/node/pull/4617
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Brian White <mscdex@mscdex.net>
Rich Trott [Mon, 11 Jan 2016 05:18:02 +0000 (21:18 -0800)]
test: remove 1 second delay from test
In test-cluster-worker-wait-server-close, remove unneeded 1-second delay
and refactor to eliminate flakiness on FreeBSD.
PR-URL: https://github.com/nodejs/node/pull/4616
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
Reviewed-By: James M Snell <jasnell@gmail.com>
Rich Trott [Mon, 11 Jan 2016 03:27:54 +0000 (19:27 -0800)]
test: move resource intensive tests to sequential
To enable greater parallelization of tests on CI, move resource
intensive tests out of parallel and into sequential.
Ref: https://github.com/nodejs/node/pull/4476
PR-URL: https://github.com/nodejs/node/pull/4615
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
Reviewed-By: James M Snell <jasnell@gmail.com>
Brian White [Sun, 10 Jan 2016 22:52:13 +0000 (17:52 -0500)]
dgram: prevent disabled optimization of bind()
Reassigning a named parameter while also using the arguments
object causes the entire function to never be optimized.
PR-URL: https://github.com/nodejs/node/pull/4613
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Rich Trott [Sun, 10 Jan 2016 22:17:36 +0000 (14:17 -0800)]
http: remove variable redeclaration
In lib/_http_client.js, the variable `conn` was declared with the `var`
keyword three times in the same scope. This change eliminates the
variable entirely.
PR-URL: https://github.com/nodejs/node/pull/4612
Reviewed-By: Michaël Zasso <mic.besace@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Rich Trott [Sun, 10 Jan 2016 16:54:51 +0000 (08:54 -0800)]
test: require common module only once
Two tests were requiring the common module twice. This removes the
duplicate require statement in the tests.
PR-URL: https://github.com/nodejs/node/pull/4611
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
Reviewed-By: James M Snell <jasnell@gmail.com>
Rich Trott [Sun, 10 Jan 2016 05:12:15 +0000 (21:12 -0800)]
test: only include http module once
A few tests in test/gc include the http module twice. Remove duplicate
require().
PR-URL: https://github.com/nodejs/node/pull/4606
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: Michaël Zasso <mic.besace@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Rich Trott [Sun, 10 Jan 2016 04:59:54 +0000 (20:59 -0800)]
src: remove redeclarations of variables
Remove redeclarations of variables in node.js. This includes removing
one apparently unnecessary `NativeModule.require('module')`.
PR-URL: https://github.com/nodejs/node/pull/4605
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: Michaël Zasso <mic.besace@gmail.com>
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
Reviewed-By: James M Snell <jasnell@gmail.com>
Santiago Gimeno [Sat, 9 Jan 2016 23:48:49 +0000 (00:48 +0100)]
test: fix `http-upgrade-client` flakiness
It's not guaranteed that the socket data is received in the same chunk
as the upgrade response. Listen for the `data` event to make sure all
the data is received.
PR-URL: https://github.com/nodejs/node/pull/4602
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Rich Trott [Sat, 9 Jan 2016 05:17:53 +0000 (21:17 -0800)]
test: fix flaky unrefed timers test
Remove unnecessary `setImmediate()` that causes a minor race condition.
Stop the test after 3 occurrences rather than 5 to allow for slower
hosts running the test in parallel with other tests.
Fixes: https://github.com/nodejs/node/issues/4559
PR-URL: https://github.com/nodejs/node/pull/4599
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
James M Snell [Fri, 8 Jan 2016 18:14:38 +0000 (10:14 -0800)]
net, doc: fix line wrapping lint in net.js
Missed on the previous review, minor line wrapping nit
PR-URL: https://github.com/nodejs/node/pull/4588
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Josh Dague [Fri, 8 Jan 2016 01:42:16 +0000 (17:42 -0800)]
net: fix dns lookup for android
`V4MAPPED` isn't supported by Android either (as of 6.0)
PR-URL: https://github.com/nodejs/node/pull/4580
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Evan Lucas [Tue, 5 Jan 2016 12:28:27 +0000 (06:28 -0600)]
repl: make sure historyPath is trimmed
If one were to set NODE_REPL_HISTORY to a string that contains only a
space (" "), then the history file would be created with that name
which can cause problems are certain systems.
PR-URL: https://github.com/nodejs/node/pull/4539
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Santiago Gimeno [Sun, 3 Jan 2016 17:10:22 +0000 (18:10 +0100)]
test: fix `http-upgrade-agent` flakiness
It's not guaranteed that the socket data is received in the same chunk
as the upgrade response. Listen for the `data` event to make sure all
the data is received.
PR-URL: https://github.com/nodejs/node/pull/4520
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Rich Trott [Fri, 1 Jan 2016 21:26:23 +0000 (13:26 -0800)]
test: fix flaky test-cluster-shared-leak
Wait for worker2 to come online before doing anything that might result
in an EPIPE. Fixes flakiness of test on Windows.
Fixes: https://github.com/nodejs/node/issues/3956
PR-URL: https://github.com/nodejs/node/pull/4510
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
Reviewed-By: James M Snell<jasnell@gmail.com>
Santiago Gimeno [Tue, 29 Dec 2015 09:21:55 +0000 (10:21 +0100)]
cluster: ignore queryServer msgs on disconnection
It avoids the creation of unnecessary handles. This issue is causing
intermitent failures in `test-cluster-disconnect-race` on `FreeBSD`
and `OS X`.
The problem is that the `worker2.disconnect` is being called on the
master before the `queryServer` is handled, causing the worker to
be deleted, then the Server handle is created afterwards. Later on,
when `removeWorker` is called from the `exit` handler, there are no
workers left, but one handle, thus the `AssertionError`.
Add a new `test/sequential/test-cluster-disconnect-leak` based on
`test-cluster-disconnect-race` that creates lots of workers and fails
consistently without this patch.
PR-URL: https://github.com/nodejs/node/pull/4465
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Brian White [Mon, 28 Dec 2015 23:41:34 +0000 (18:41 -0500)]
http: fix non-string header value concatenation
Since headers are stored in an empty literal object ({}) instead
of an object created with Object.create(null), care must be taken
with property names inherited from Object. Currently there are
only functions inherited, so we can safely check for existing
strings instead.
Fixes: https://github.com/nodejs/node/issues/4456
PR-URL: https://github.com/nodejs/node/pull/4460
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Minwoo Jung <jmwsoft@gmail.com>
Ryan Sobol [Mon, 28 Dec 2015 21:06:31 +0000 (13:06 -0800)]
doc: mention that http.Server inherits from net.Server
PR-URL: https://github.com/nodejs/node/pull/4455
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Brian White [Mon, 28 Dec 2015 06:11:51 +0000 (01:11 -0500)]
test: fix flaky cluster-net-send
Before this commit, it was possible on Windows for the server's
'connection' handler to be called *after* the client socket's
'connect' handler. This caused the 'message' event to be missed
and the test would never end (timing out in CI). This problem
was more easily reproducible on a low resource (slow CPU)
Windows (2012r2) installation.
This commit waits until both handlers have been called before
sending the handle to the master process.
Fixes: https://github.com/nodejs/node/issues/3957
PR-URL: https://github.com/nodejs/node/pull/4444
Reviewed-By: Rich Trott <rtrott@gmail.com>
Brian White [Sun, 27 Dec 2015 21:42:51 +0000 (16:42 -0500)]
test: fix flaky child-process-fork-regr-gh-2847
Windows would die with ECONNRESET most times when running
this particular test. This commit makes handling these errors
more tolerable.
PR-URL: https://github.com/nodejs/node/pull/4442
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Rich Trott [Sun, 27 Dec 2015 02:39:16 +0000 (18:39 -0800)]
doc: copyedit setTimeout() documentation
Copyedit the documentation for setTimeout() and enforce wrapping at 80
characters in the markdown file for nearby text.
PR-URL: https://github.com/nodejs/node/pull/4434
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: jasnell - James M Snell <jasnell@gmail.com>
Reviewed-By: Stephan Belanger <admin@stephenbelanger.com>
Rich Trott [Sun, 27 Dec 2015 02:29:33 +0000 (18:29 -0800)]
doc: fix formatting in process.markdown
All the other properties get an h2/## but process.connected gets an
h3/### for no discernible reason. Change it to h2/## like the others.
PR-URL: https://github.com/nodejs/node/pull/4433
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Stephan Belanger <admin@stephenbelanger.com>
Reviewed-By: Roman Klauke <romaaan.git@gmail.com>
Rod Vagg [Thu, 24 Dec 2015 02:56:03 +0000 (13:56 +1100)]
test: use addon.md block headings as test dir names
instead of doc-*
PR-URL: https://github.com/nodejs/node/pull/4412
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
Rod Vagg [Thu, 24 Dec 2015 02:34:59 +0000 (13:34 +1100)]
test: test each block in addon.md contains js & cc
Allows more freedom in adding additional headings to addon.markdown,
otherwise it'll try and convert each block under a heading to a test
case. We need to have at least a .js and a .cc in order to have
something to test.
Fixes regression caused by adding a new 3rd-level heading in
d5863bc0f43a3778aa773d5f5f4ad08e1d7d7497
PR-URL: https://github.com/nodejs/node/pull/4411
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Claudio Rodriguez [Sun, 20 Dec 2015 17:15:54 +0000 (14:15 -0300)]
doc: add path property to Write/ReadStream in fs.markdown
Documents the "path" property on fs.WriteStream
and fs.ReadStream. See #4327
PR-URL: https://github.com/nodejs/node/pull/4368
Reviewed-By: James M Snell <jasnell@gmail.com>
Santiago Gimeno [Fri, 18 Dec 2015 18:13:50 +0000 (19:13 +0100)]
cluster: fix race condition setting suicide prop
There is no guarantee that the `suicide` property of a worker in the
master process is going to be set when the `disconnect` and `exit`
events are emitted.
To fix it, wait for the ACK of the suicide message from the master
before disconnecting the worker. Also, there's no need to send the
suicide message from the worker if the disconnection has been
initiated in the master.
Add `test-cluster-disconnect-suicide-race` that forks a lot of workers
to consistently reproduce the issue this patch tries to solve.
Modify `test-regress-GH-3238` so it checks both the `kill` and
`disconnect` cases. Also take into account that the `disconnect` event
may be received after the `exit` event.
PR-URL: https://github.com/nodejs/node/pull/4349
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Bryan English [Fri, 11 Dec 2015 17:41:56 +0000 (09:41 -0800)]
doc: add docs working group
PR-URL: https://github.com/nodejs/node/pull/4244
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Chris Dickinson <christopher.s.dickinson@gmail.com>
Santiago Gimeno [Sun, 22 Nov 2015 14:12:17 +0000 (15:12 +0100)]
test: fix tls-multi-key race condition
In some conditions it can happen that the client-side socket is
destroyed before the server-side socket has gracefully closed, thus
causing a 'ECONNRESET' error in this socket. To solve this, also close
gracefully in the client side.
PR-URL: https://github.com/nodejs/node/pull/3966
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Andres Suarez [Thu, 29 Oct 2015 03:09:38 +0000 (20:09 -0700)]
module: move unnecessary work for early return
The exts and trailingSlash variables are only used if the
path isn't cached. This commit moves them further down in the
code, and changes from var to const.
PR-URL: https://github.com/nodejs/node/pull/3579
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michaël Zasso <mic.besace@gmail.com>
Fedor Indutny [Mon, 26 Oct 2015 16:06:28 +0000 (12:06 -0400)]
tls: copy client CAs and cert store on CertCb
Copy client CA certs and cert store when asynchronously selecting
`SecureContext` during `SNICallback`. We already copy private key,
certificate, and certificate chain, but the client CA certs were
missing.
Fix: #2772
PR-URL: https://github.com/nodejs/node/pull/3537
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Michaël Zasso [Wed, 13 Jan 2016 20:42:45 +0000 (21:42 +0100)]
test: fix style issues after eslint update
Replace var keyword with const or let.
PR-URL: https://github.com/nodejs/io.js/pull/2286
Reviewed-By: Roman Reiss <me@silverwind.io>
Michaël Zasso [Wed, 13 Jan 2016 18:55:02 +0000 (19:55 +0100)]
tools: fix style issue after eslint update
PR-URL: https://github.com/nodejs/io.js/pull/2286
Reviewed-By: Roman Reiss <me@silverwind.io>
Michaël Zasso [Tue, 12 Jan 2016 21:04:50 +0000 (22:04 +0100)]
lib: fix style issues after eslint update
With an indentation style of two spaces, it is not possible to indent
multiline variable declarations by four spaces. Instead, the var keyword
is used on every new line.
Use const instead of var where applicable for changed lines.
PR-URL: https://github.com/nodejs/io.js/pull/2286
Reviewed-By: Roman Reiss <me@silverwind.io>
Michaël Zasso [Thu, 5 Nov 2015 19:56:29 +0000 (20:56 +0100)]
tools: update eslint config
The no-reserved-keys rule doesn't exist anymore and we don't need ES3
compatibility.
escape and unescape are now known by eslint.
--reset flag was removed and it is now the default behavior.
PR-URL: https://github.com/nodejs/io.js/pull/2286
Reviewed-By: Roman Reiss <me@silverwind.io>
Michaël Zasso [Tue, 12 Jan 2016 19:50:19 +0000 (20:50 +0100)]
tools: update eslint to v1.10.3
PR-URL: https://github.com/nodejs/io.js/pull/2286
Reviewed-By: Roman Reiss <me@silverwind.io>
Michaël Zasso [Thu, 5 Nov 2015 19:53:52 +0000 (20:53 +0100)]
gitignore: never ignore debug module
On case-insensitive platorms, the Debug/ rule catches the debug module
under npm and eslint.
PR-URL: https://github.com/nodejs/node/pull/2286
Reviewed-By: Roman Reiss <me@silverwind.io>
Richard Lau [Tue, 19 Jan 2016 15:47:18 +0000 (10:47 -0500)]
doc: restore ICU third-party software licenses
PR-URL: https://github.com/nodejs/node/pull/4762
Reviewed-By: Rod Vagg <rod@vagg.org>
Richard Lau [Tue, 19 Jan 2016 15:41:23 +0000 (10:41 -0500)]
tools: fix license-builder.sh for ICU
Modify tools/license-builder.sh to restore the Third-Party Software
licenses for ICU.
Also fix arguments to tail to work on Linux.
rvagg: modified sed command for ICU to replace tabs with spaces and
remove whitespace at the end of lines
PR-URL: https://github.com/nodejs/node/pull/4762
Reviewed-By: Rod Vagg <rod@vagg.org>
Rod Vagg [Tue, 8 Dec 2015 10:57:59 +0000 (21:57 +1100)]
doc: rebuild LICENSE using tools/license-builder.sh
PR-URL: https://github.com/nodejs/node/pull/4194
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Rod Vagg [Thu, 3 Dec 2015 11:13:00 +0000 (22:13 +1100)]
tools: add license-builder.sh to construct LICENSE
PR-URL: https://github.com/nodejs/node/pull/4194
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Ben Noordhuis [Thu, 17 Dec 2015 11:13:11 +0000 (12:13 +0100)]
debugger: guard against call from non-node context
Fix a segmentation fault when the debug message handler was called from
a context without an associated `node::Environment`.
Fixes: https://github.com/nodejs/node/issues/4261
Fixes: https://github.com/nodejs/node/issues/4322
PR-URL: https://github.com/nodejs/node/pull/4328
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Ben Noordhuis [Sun, 17 Jan 2016 16:18:37 +0000 (17:18 +0100)]
src: don't check failure with ERR_peek_error()
It's possible there is already an existing error on OpenSSL's error
stack that is unrelated to the EVP_DigestInit_ex() operation we just
executed.
Fixes: https://github.com/nodejs/node/issues/4221
PR-URL: https://github.com/nodejs/node/pull/4731
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
James M Snell [Mon, 15 Feb 2016 17:45:33 +0000 (09:45 -0800)]
deps: update to http-parser 2.5.2
Fixes http-parser regression with IS_HEADER_CHAR check
Add test case for obstext characters (> 0x80) is header
PR-URL: https://github.com/nodejs/node/pull/5238
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: Myles Borins <mborins@us.ibm.com>
James M Snell [Wed, 10 Feb 2016 20:09:43 +0000 (12:09 -0800)]
src: repair lts flag
PR-URL: https://github.com/nodejs/node/pull/5186
Reviewed-By: Myles Borins <myles.borins@gmail.com>
James M Snell [Tue, 9 Feb 2016 18:21:23 +0000 (10:21 -0800)]
doc: fix v4.3.0 changelog commit entries
The wrong commit SHAs were used
PR-URL: https://github.com/nodejs/node/pull/5165
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Rod Vagg <r@va.gg>
James M Snell [Tue, 9 Feb 2016 16:51:09 +0000 (08:51 -0800)]
Working on v4.3.1
James M Snell [Mon, 8 Feb 2016 20:36:05 +0000 (12:36 -0800)]
2016-02-09, Version 4.3.0 'Argon' (LTS)
This is an important security release. All Node.js users should
consult the security release summary at nodejs.org for details on
patched vulnerabilities.
Note that this release includes a non-backward compatible change to
address a security issue. This change increases the version of the LTS
v4.x line to v4.3.0. There will be *no further updates* to v4.2.x.
* http: fix defects in HTTP header parsing for requests and responses
that can allow request smuggling (CVE-2016-2086) or response
splitting (CVE-2016-2216). HTTP header parsing now aligns more
closely with the HTTP spec including restricting the acceptable
characters.
* http-parser: upgrade from 2.5.0 to 2.5.1
* openssl: upgrade from 1.0.2e to 1.0.2f. To mitigate against the
Logjam attack, TLS clients now reject Diffie-Hellman handshakes with
parameters shorter than 1024-bits, up from the previous limit of
768-bits.
* src:
- introduce new `--security-revert={cvenum}` command line flag for
selective reversion of specific CVE fixes
- allow the fix for CVE-2016-2216 to be selectively reverted using
`--security-revert=CVE-2016-2216`
PR-URL: https://github.com/nodejs/node-private/pull/20
Shigeki Ohtsu [Wed, 27 May 2015 01:33:38 +0000 (10:33 +0900)]
deps: add -no_rand_screen to openssl s_client
In openssl s_client on Windows, RAND_screen() is invoked to initialize
random state but it takes several seconds in each connection.
This added -no_rand_screen to openssl s_client on Windows to skip
RAND_screen() and gets a better performance in the unit test of
test-tls-server-verify.
Do not enable this except to use in the unit test.
Fixes: https://github.com/nodejs/node/issues/1461
PR-URL: https://github.com/nodejs/node/pull/1836
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Myles Borins [Fri, 29 Jan 2016 19:30:16 +0000 (11:30 -0800)]
deps: upgrade openssl sources to 1.0.2f
This replaces all sources of openssl-1.0.2f.tar.gz
into deps/openssl/openssl
Fix: https://github.com/nodejs/node/issues/4857
PR-URL: https://github.com/nodejs/node/pull/4961
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
deps: copy openssl header files to include dir
All symlink files in deps/openssl/openssl/include/openssl/ are removed
and replaced with real header files to avoid issues on Windows.
Two files of opensslconf.h in crypto and include dir are replaced to
refer config/opensslconf.h.
Fix: https://github.com/nodejs/node/issues/4857
PR-URL: https://github.com/nodejs/node/pull/4961
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
deps: fix openssl assembly error on ia32 win32
`x86masm.pl` was mistakenly using .486 instruction set, why `cpuid` (and
perhaps others) are requiring .686 .
Fixes: https://github.com/nodejs/node/issues/589
PR-URL: https://github.com/nodejs/node/pull/1389
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
deps: fix asm build error of openssl in x86_win32
See
https://mta.openssl.org/pipermail/openssl-dev/2015-February/000651.html
iojs needs to stop using masm and move to nasm or yasm on Win32.
Fixes: https://github.com/nodejs/node/issues/589
PR-URL: https://github.com/nodejs/node/pull/1389
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
openssl: fix keypress requirement in apps on win32
Reapply
b910613792dac946b295855963869933a9089044 .
Fixes: https://github.com/nodejs/node/issues/589
PR-URL: https://github.com/nodejs/node/pull/1389
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
docs: update openssl UPDATING guide
the guide is now current with the steps taken to update
openssl to v1.0.2f
PR-URL: https://github.com/nodejs/node/pull/4961
Reviewed-By: Myles Borins <mborins@us.ibm.com>
James M Snell [Mon, 8 Feb 2016 19:20:35 +0000 (11:20 -0800)]
src: avoid compiler warning in node_revert.cc
PR-URL: https://github.com/nodejs/node-private/pull/20
James M Snell [Thu, 4 Feb 2016 01:32:23 +0000 (17:32 -0800)]
http: strictly forbid invalid characters from headers
PR-URL: https://github.com/nodejs/node-private/pull/20
James M Snell [Thu, 4 Feb 2016 03:22:12 +0000 (19:22 -0800)]
deps: update http-parser to version 2.5.1
includes parsing improvements to ensure closer HTTP spec conformance
PR-URL: https://github.com/nodejs/node-private/pull/20
James M Snell [Thu, 4 Feb 2016 03:09:52 +0000 (19:09 -0800)]
src: add --security-revert command line flag
The `--security-revert={cvenum}` command line flag is a special purpose
flag to be used only in stable or LTS branches when a breaking change
is required to address a security vulnerability. Whenever a vulnerability
requires a breaking change, and a CVE has been assigned, the flag can
be used to force Node to revert to the insecure behavior that was
implemented before the fix was applied.
Note that this flag is intended to be used only as a last resort in the
case a security update breaks existing code. When used, a security
warning will be printed to stderr when Node launches.
The `--security-revert={cvenum}` flag takes a single CVE number as an
argument. Multiple instances of the `--security-revert={cvenum}` flag
can be used on the command line to revert multiple changes.
Whenever a new `--security-revert={cvenum}` is enabled, it should be
documented in the release notes and in the API docs.
Master and the first release of a new major (e.g. v6.0) should not have
any reverts available.
Every time a new `--security-revert={cvenum}` is added, there should be
a semver-minor bump in the stable and LTS branch.
PR-URL: https://github.com/nodejs/node-private/pull/20
Myles Borins [Thu, 21 Jan 2016 22:14:52 +0000 (14:14 -0800)]
Working on v4.2.7
PR-URL: https://github.com/nodejs/node/pull/4788
Myles Borins [Thu, 21 Jan 2016 01:12:44 +0000 (17:12 -0800)]
2016-01-21, Version 4.2.6 "Argon" (LTS) Release
Notable changes:
* Fix regression in debugger and profiler functionality
PR-URL: https://github.com/nodejs/node/pull/4788
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
cjihrig [Tue, 15 Dec 2015 22:38:00 +0000 (17:38 -0500)]
test: add test for debugging one line files
This commit adds a regression test for debugging of
single line files.
Refs: https://github.com/nodejs/node/issues/4297
PR-URL: https://github.com/nodejs/node/pull/4298
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
cjihrig [Tue, 15 Dec 2015 22:37:16 +0000 (17:37 -0500)]
module,src: do not wrap modules with -1 lineOffset
In
b799a74709af69daf13901390df9428c4c38adfc and
dfee4e3712ac4673b5fc472a8f77ac65bdc65f87 the module wrapping
mechanism was changed for better error reporting. However,
the changes causes issues with debuggers and profilers. This
commit reverts the wrapping changes.
Fixes: https://github.com/nodejs/node/issues/4297
PR-URL: https://github.com/nodejs/node/pull/4298
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
projects / platform / upstream / nodejs.git / log