Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Node.js to v18 #195

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update Node.js to v18 #195

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Mar 24, 2023

This PR contains the following updates:

Package Type Update Change Pending
node (source) engines major 14.x -> 18.x v18.20.5

Release Notes

nodejs/node (node)

v18.20.4

Compare Source

v18.20.3: 2024-05-21, Version 18.20.3 'Hydrogen' (LTS), @​richardlau

Compare Source

Notable Changes

This release fixes a regression introduced in Node.js 18.19.0 where http.server.close() was incorrectly closing idle connections.

A fix has also been included for compiling Node.js from source with newer versions of Clang.

The list of keys used to sign releases has been synchronized with the current list from the main branch.

Updated dependencies
  • acorn updated to 8.11.3.
  • acorn-walk updated to 8.3.2.
  • ada updated to 2.7.8.
  • c-ares updated to 1.28.1.
  • corepack updated to 0.28.0.
  • nghttp2 updated to 1.61.0.
  • ngtcp2 updated to 1.3.0.
  • npm updated to 10.7.0. Includes a fix from [email protected] to limit the number of open connections npm/cli#7324.
  • simdutf updated to 5.2.4.
  • zlib updated to 1.3.0.1-motley-7d77fb7.
Commits

v18.20.2: 2024-04-10, Version 18.20.2 'Hydrogen' (LTS), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes
  • CVE-2024-27980 - Command injection via args parameter of child_process.spawn without shell option enabled on Windows
Commits

v18.20.1

Compare Source

v18.20.0

Compare Source

v18.19.1

Compare Source

v18.19.0

Compare Source

v18.18.2

Compare Source

v18.18.1: 2023-10-10, Version 18.18.1 'Hydrogen' (LTS), @​richardlau

Compare Source

Notable Changes

This release addresses some regressions that appeared in Node.js 18.18.0:

  • (Windows) FS can not handle certain characters in file name #​48673
  • 18 and 20 node images give error - Text file busy (after re-build images) nodejs/docker-node#1968
  • libuv update in 18.18.0 breaks webpack's thread-loader #​49911

The libuv 1.45.0 and 1.46.0 updates that were released in Node.js 18.18.0 have been temporarily reverted.

Commits

v18.18.0: 2023-09-18, Version 18.18.0 'Hydrogen' (LTS), @​ruyadorno

Compare Source

Notable Changes
Commits

v18.17.1: 2023-08-09, Version 18.17.1 'Hydrogen' (LTS), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

More detailed information on each of the vulnerabilities can be found in August 2023 Security Releases blog post.

Commits

v18.17.0: 2023-07-18, Version 18.17.0 'Hydrogen' (LTS), @​danielleadams

Compare Source

Notable Changes
Ada 2.0

Node.js v18.17.0 comes with the latest version of the URL parser, Ada. This update brings significant performance improvements
to URL parsing, including enhancements to the url.domainToASCII and url.domainToUnicode functions in node:url.

Ada 2.0 has been integrated into the Node.js codebase, ensuring that all parts of the application can benefit from the
improved performance. Additionally, Ada 2.0 features a significant performance boost over its predecessor, Ada 1.0.4,
while also eliminating the need for the ICU requirement for URL hostname parsing.

Contributed by Yagiz Nizipli and Daniel Lemire in #​47339

Web Crypto API

Web Crypto API functions' arguments are now coerced and validated as per their WebIDL definitions like in other Web Crypto API implementations.
This further improves interoperability with other implementations of Web Crypto API.

Contributed by Filip Skokan in #​46067

  • crypto:
    • update root certificates to NSS 3.89 (Node.js GitHub Bot) #​47659
  • dns:
    • (SEMVER-MINOR) expose getDefaultResultOrder (btea) #​46973
  • doc:
    • add ovflowd to collaborators (Claudio Wunder) #​47844
    • add KhafraDev to collaborators (Matthew Aitken) #​47510
  • events:
    • (SEMVER-MINOR) add getMaxListeners method (Matthew Aitken) #​47039
  • fs:
    • (SEMVER-MINOR) add support for mode flag to specify the copy behavior (Tetsuharu Ohzeki) #​47084
    • (SEMVER-MINOR) add recursive option to readdir and opendir (Ethan Arrowood) #​41439
    • (SEMVER-MINOR) add support for mode flag to specify the copy behavior (Tetsuharu Ohzeki) #​47084
    • (SEMVER-MINOR) implement byob mode for readableWebStream() (Debadree Chatterjee) #​46933
  • http:
    • (SEMVER-MINOR) prevent writing to the body when not allowed by HTTP spec (Gerrard Lindsay) #​47732
    • (SEMVER-MINOR) remove internal error in assignSocket (Matteo Collina) #​47723
    • (SEMVER-MINOR) add highWaterMark opt in http.createServer (HinataKah0) #​47405
  • lib:
    • (SEMVER-MINOR) add webstreams to Duplex.from() (Debadree Chatterjee) #​46190
    • (SEMVER-MINOR) implement AbortSignal.any() (Chemi Atlow) #​47821
  • module:
    • change default resolver to not throw on unknown scheme (Gil Tayar) #​47824
  • node-api:
    • (SEMVER-MINOR) define version 9 (Chengzhong Wu) #​48151
    • (SEMVER-MINOR) deprecate napi_module_register (Vladimir Morozov) #​46319
  • stream:
    • (SEMVER-MINOR) preserve object mode in compose (Raz Luvaton) #​47413
    • (SEMVER-MINOR) add setter & getter for default highWaterMark (#​46929) (Robert Nagy) #​46929
  • test:
    • unflake test-vm-timeout-escape-nexttick (Santiago Gimeno) #​48078
  • test_runner:
    • (SEMVER-MINOR) add shorthands to test (Chem

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Dependency update (patch)
@renovate
Copy link
Author

renovate bot commented Mar 24, 2023

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: package-lock.json
Error response from daemon: toomanyrequests: You have reached your pull rate limit. You may increase the limit by authenticating and upgrading: https://www.docker.com/increase-rate-limit

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants