./lang/nodejs, V8 JavaScript for clients and servers

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 9.11.1nb1, Package name: nodejs-9.11.1nb1, Maintainer: filip

Node.js is an evented I/O framework for the V8 JavaScript engine. It is
intended for writing scalable network programs such as web servers.

This package holds the latest stable release.


Required to run:
[textproc/icu] [security/openssl] [lang/python27] [lang/gcc49-libs] [www/nghttp2]

Required to build:
[sysutils/lockf] [lang/gcc49] [pkgtools/cwrappers]

Package options: openssl

Master sites:

SHA1: 3fc939185a727bff26fc43c09dec44792c8c1869
RMD160: 840e648f6f46786657613801e748d1d5d627a0cf
Filesize: 30741.484 KB

Version history: (Expand)


CVS history: (Expand)


   2018-04-14 09:34:46 by Adam Ciarcinski | Files touched by this commit (681) | Package updated
Log message:
revbump after icu update
   2018-04-06 18:24:40 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
lang/nodejs: Update to 9.11.1.

- deps: Updated ICU to 61.1
- fs: Emit 'ready' event for ReadStream and WriteStream
- n-api: Bump version of n-api supported
- net: Emit 'ready' event for Socket
   2018-04-04 12:41:15 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
nodejs 9.10.1

- No code changes

nodejs 9.10.0

Fixes for the following CVEs are included in this release:

- CVE-2018-7158
- CVE-2018-7159
- CVE-2018-7160

Notable Changes

- Fix for inspector DNS rebinding vulnerability (CVE-2018-7160): A
  malicious website could use a DNS rebinding attack to trick a web
  browser to bypass same-origin-policy checks and allow HTTP connections
  to localhost or to hosts on the local network, potentially to an open
  inspector port as a debugger, therefore gaining full code execution
  access. The inspector now only allows connections that have a browser
  Host value of localhost or localhost6.
- Fix for 'path' module regular expression denial of service
  (CVE-2018-7158): A regular expression used for parsing POSIX paths
  could be used to cause a denial of service if an attacker were able to
  have a specially crafted path string passed through one of the
  impacted 'path' module functions.
- Reject spaces in HTTP Content-Length header values (CVE-2018-7159):
  The Node.js HTTP parser allowed for spaces inside Content-Length
  header values. Such values now lead to rejected connections in the
  same way as non-numeric values.
- Update root certificates: 5 additional root certificates have been
  added to the Node.js binary and 30 have been removed.
- cluster: Add support for NODE_OPTIONS="--inspect"
- crypto: Expose the public key of a certificate
- n-api: Add napi_fatal_exception to trigger an uncaughtException in
  JavaScript
- path: Fix regression in posix.normalize
- stream: Improve stream creation performance

nodejs 9.9.0

assert:
- From now on all error messages produced by assert in strict mode will
  produce a error diff.
- From now on it is possible to use a validation object in throws instead
  of the other possibilities.
crypto:
- allow passing null as IV unless required
fs:
- support as and as+ flags in stringToFlags()
tls:
- expose Finished messages in TLSSocket
tty:
- Add getColorDepth function to determine if terminal supports colors.
util:
- add util.inspect compact option
   2018-03-23 22:07:53 by Joerg Sonnenberger | Files touched by this commit (2)
Log message:
Unbreak build on NetBSD by ensuring that uintptr_t is not a macro.
   2018-03-13 17:22:00 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
lang/nodejs: Update to 9.8.0.

crypto:
- add cert.fingerprint256 as SHA256 fingerprint (Hannes Magnusson) #17690
http2:
- Fixed issues with aborted connections in the HTTP/2 implementation (Anna \ 
Henningsen) #18987 #19002
loader:
- --inspect-brk now works properly for esmodules (Gus Caplan) #18949
src:
- make process.dlopen() load well-known symbol (Ben Noordhuis) #18934
trace_events:
- add file pattern cli option (Andreas Madsen) #18480
   2018-03-02 12:23:35 by Filip Hajny | Files touched by this commit (2) | Package updated
Log message:
lang/nodejs: Update to 9.7.1.

- libuv: Updated to libuv 1.19.2
- src: Add initial support for Node.js-specific post-mortem
  metadata
- timers: The return value of setImmediate() now has ref() and
  unref() methods
- util: It is now possible to get the name for a numerical
  platform-specific error code as a string
   2018-02-23 20:42:04 by Filip Hajny | Files touched by this commit (3) | Package updated
Log message:
lang/nodejs: Update to 9.6.1.

nodejs 9.6.1

events:
- events.usingDomains being set to false by default was removed in
  9.6.0 which was a change in behavior compares to 9.5.0. This
  behavior change has been reverted and the events object now has
  usingDomains preset to false, which is the behavior in 9.x prior
  to 9.6.0

nodejs 9.6.0

async_hooks:
- deprecate unsafe emit{Before,After}
- rename PromiseWrap.parentId to PromiseWrap.isChainedPromise
deps:
- update node-inspect to 1.11.3
- ICU 60.2 bump
- Introduce ScriptOrModule and HostDefinedOptions to V8
http:
- add options to http.createServer() for IncomingMessage and
  ServerReponse
http2:
- add http fallback options to .createServer
https:
- Adds the remaining options from tls.createSecureContext() to the
  string generated by Agent#getName(). This allows https.request() to
  accept the options and generate unique sockets appropriately.
inspector:
- --inspect-brk for es modules
lib:
- allow process kill by signal number
module:
- enable dynamic import
- dynamic import is now supported
n-api:
- add methods to open/close callback scope
src:
- allow --perf-(basic-)?prof in NODE_OPTIONS
vm:
- add support for es modules
   2018-02-01 20:09:02 by Filip Hajny | Files touched by this commit (3) | Package updated
Log message:
Update lang/nodejs to 9.5.0.

cluster
- add cwd to cluster.settings
deps
- upgrade libuv to 1.19.1
n-api
- expose n-api version in process.versions
perf_hooks
- add performance.clear()
stream
- avoid writeAfterEnd() while ending