Node.js

News from 2019

21 May Node v12.3.0 (Current)
- esm:
  - Added the --experimental-wasm-modules flag to support WebAssembly modules (Myles Borins & Guy Bedford) #27659
- process:
  - Log errors using util.inspect in case of fatal exceptions (Ruben Bridgewater) #27243
- repl:
  - Add process.on('uncaughtException') support (Ruben Bridgewater) #27151
- stream:
  - Implemented Readable.from async iterator utility (Guy Bedford) #27660
- tls:
  - Expose built-in root certificates (Ben Noordhuis) #26415
  - Support net.Server options (Luigi Pinca) #27665
  - Expose keylog event on TLSSocket (Alba Mendez) #27654
- worker:
  - Added the ability to unshift messages from the MessagePort (Anna Henningsen) #27294
Read more...
07 May Node v12.2.0 (Current)
- deps:
  - Updated llhttp to 1.1.3. This fixes a bug that made Node.js' HTTP parser refuse any request URL that contained the "|" (vertical bar) character (Fedor Indutny) #27595.
- tls:
  - Added an enableTrace() method to TLSSocket and an enableTrace option to tls.createServer(). When enabled, TSL packet trace information is written to stderr. This can be used to debug TLS connection problems (cjihrig) #27497, (Sam Roberts) #27376.
- cli:
  - Added a --trace-tls command-line flag that enables tracing of TLS connections without the need to modify existing application code (cjihrig) #27497.
  - Added a --cpu-prof-interval command-line flag. It can be used to specify the sampling interval for the CPU profiles generated by --cpu-prof (Joyee Cheung) #27535.
- module:
  - Added the createRequire() method. It allows to create a require function from a file URL object, a file URL string or an absolute path string. The existing createRequireFromPath() method is now deprecated (Myles Borins) #27405.
  - Throw on require('./path.mjs'). This is technically a breaking change that should have landed with Node.js 12.0.0. It is necessary to have this to keep the possibility for a future minor version to load ES Modules with the require function (Myles Borins) #27417.
- repl:
  - The REPL now supports multi-line statements using BigInt literals as well as public and private class fields and methods (Ruben Bridgewater) #27400.
  - The REPL now supports tab autocompletion of file paths with fs methods (Anto Aravinth) #26648.
- meta:
  - Added Christian Clauss to collaborators #27554.
Read more...
30 Apr Node v11.15.0 (Current)
- deps: add s390 asm rules for OpenSSL-1.1.1 (Shigeki Ohtsu) #19794
- src: add .code and SSL specific error properties (Sam Roberts) #25093
- tls:
  - add --tls-min-v1.2 CLI switch (Sam Roberts) #26951
  - supported shared openssl 1.1.0 (Sam Roberts) #26951
  - revert default max toTLSv1.2 (Sam Roberts) #26951
  - revert change to invalid protocol error type (Sam Roberts) #26951
  - support TLSv1.3 (Sam Roberts) #26209
  - add code for ERR_TLS_INVALID_PROTOCOL_METHOD (Sam Roberts) #24729
Read more...
29 Apr Node v12.1.0 (Current)
- intl:
  - Update ICU to 64.2. This adds support for Japanese Era (Reiwa) (Ujjwal Sharma) #27361.
  - Fixes a bug in ICU that affected Node.js 12.0.0 in the case where new Date().toLocaleString() was called with a non-default locale (Steven R. Loomis) #27415.
- C++ API:
  - Added an overload EmitAsyncDestroy that can be used during garbage collection (Anna Henningsen) #27255.
Read more...
23 Apr Node v12.0.0 (Current)
- assert:
  - validate required arguments (Ruben Bridgewater) #26641
  - adjust loose assertions (Ruben Bridgewater) #25008
- async_hooks:
  - remove deprecated emitBefore and emitAfter (Matteo Collina) #26530
  - remove promise object from resource (Andreas Madsen) #23443
- bootstrap: make Buffer and process non-enumerable (Ruben Bridgewater) #24874
- buffer:
  - use stricter range checks (Ruben Bridgewater) #27045
  - harden SlowBuffer creation (ZYSzys) #26272
  - harden validation of buffer allocation size (ZYSzys) #26162
  - do proper error propagation in addon methods (Anna Henningsen) #23939
- child_process:
  - remove options.customFds (cjihrig) #25279
  - harden fork arguments validation (ZYSzys) #27039
  - use non-infinite maxBuffer defaults (kohta ito) #23027
- console: don't use ANSI escape codes when TERM=dumb (Vladislav Kaminsky) #26261
- crypto:
  - remove legacy native handles (Tobias Nießen) #27011
  - decode missing passphrase errors (Tobias Nießen) #25208
  - remove Cipher.setAuthTag() and Decipher.getAuthTag() (Tobias Nießen) #26249
  - remove deprecated crypto._toBuf() (Tobias Nießen) #25338
  - set DEFAULT\_ENCODING property to non-enumerable (Antoine du Hamel) #23222
- deps:
  - update V8 to 7.4.288.13 (Michaël Zasso, cjihrig, Refael Ackermann, Anna Henningsen, Ujjwal Sharma) #26685
  - bump minimum icu version to 63 (Ujjwal Sharma) #25852
  - update OpenSSL to 1.1.1b (Sam Roberts, Shigeki Ohtsu) #26327
- errors: update error name (Ruben Bridgewater) #26738
- fs:
  - use proper .destroy() implementation for SyncWriteStream (Matteo Collina) #26690
  - improve mode validation (Ruben Bridgewater) #26575
  - harden validation of start option in createWriteStream() (ZYSzys) #25579
  - make writeFile consistent with readFile wrt fd (Sakthipriyan Vairamani (thefourtheye)) #23709
- http:
  - validate timeout in ClientRequest() (cjihrig) #26214
  - return HTTP 431 on HPE_HEADER_OVERFLOW error (Albert Still) #25605
  - switch default parser to llhttp (Anna Henningsen) #24870
  - Runtime-deprecate outgoingMessage._headers and outgoingMessage._headerNames (Morgan Roderick) #24167
- lib:
  - remove Atomics.wake() (Gus Caplan) #27033
  - move DTRACE_* probes out of global scope (James M Snell) #26541
  - deprecate _stream_wrap (Sam Roberts) #26245
  - use ES6 class inheritance style (Ruben Bridgewater) #24755
- module:
  - remove unintended access to deps/ (Anna Henningsen) #25138
  - improve error message for MODULE_NOT_FOUND (Ali Ijaz Sheikh) #25690
  - requireStack property for MODULE_NOT_FOUND (Ali Ijaz Sheikh) #25690
  - remove dead code (Ruben Bridgewater) #26983
  - make require('.') never resolve outside the current directory (Ruben Bridgewater) #26973
  - throw an error for invalid package.json main entries (Ruben Bridgewater) #26823
  - don't search in require.resolve.paths (cjihrig) #23683
- net:
  - remove Server.listenFD() (cjihrig) #27127
  - do not add .host and .port properties to DNS error (Ruben Bridgewater) #26751
  - emit "write after end" errors in the next tick (Ouyang Yadong) #24457
  - deprecate _setSimultaneousAccepts() undocumented function (James M Snell) #23760
- os:
  - implement os.type() using uv_os_uname() (cjihrig) #25659
  - remove os.getNetworkInterfaces() (cjihrig) #25280
- process:
  - make global.process, global.Buffer getters (Guy Bedford) #26882
  - move DEP0062 (node --debug) to end-of-life (Joyee Cheung) #25828
  - exit on --debug and --debug-brk after option parsing (Joyee Cheung) #25828
  - improve --redirect-warnings handling (Ruben Bridgewater) #24965
- readline: support TERM=dumb (Vladislav Kaminsky) #26261
- repl:
  - add welcome message (gengjiawen) #25947
  - fix terminal default setting (Ruben Bridgewater) #26518
  - check colors with .getColorDepth() (Vladislav Kaminsky) #26261
  - deprecate REPLServer.rli (Ruben Bridgewater) #26260
- src:
  - remove unused INT_MAX constant (Sam Roberts) #27078
  - update NODE_MODULE_VERSION to 72 (Ujjwal Sharma) #26685
  - remove AddPromiseHook() (Anna Henningsen) #26574
  - clean up MultiIsolatePlatform interface (Anna Henningsen) #26384
  - properly configure default heap limits (Ali Ijaz Sheikh) #25576
  - remove icuDataDir from node config (GauthamBanasandra) #24780
- tls:
  - support TLSv1.3 (Sam Roberts) #26209
  - return correct version from getCipher() (Sam Roberts) #26625
  - check arg types of renegotiate() (Sam Roberts) #25876
  - add code for ERR_TLS_INVALID_PROTOCOL_METHOD (Sam Roberts) #24729
  - emit a warning when servername is an IP address (Rodger Combs) #23329
  - disable TLS v1.0 and v1.1 by default (Ben Noordhuis) #23814
  - remove unused arg to createSecureContext() (Sam Roberts) #24241
  - deprecate Server.prototype.setOptions() (cjihrig) #23820
  - load NODE_EXTRA_CA_CERTS at startup (Ouyang Yadong) #23354
- util:
  - remove util.print(), util.puts(), util.debug() and util.error() (cjihrig) #25377
  - change inspect compact and breakLength default (Ruben Bridgewater) #27109
  - improve inspect edge cases (Ruben Bridgewater) #27109
  - only the first line of the error message (Simon Zünd) #26685
  - don't set the prototype of callbackified functions (Ruben Bridgewater) #26893
  - rename callbackified function (Ruben Bridgewater) #26893
  - increase function length when using callbackify() (Ruben Bridgewater) #26893
  - prevent tampering with internals in inspect() (Ruben Bridgewater) #26577
  - prevent Proxy traps being triggered by .inspect() (Ruben Bridgewater) #26241
  - prevent leaking internal properties (Ruben Bridgewater) #24971
  - protect against monkeypatched Object prototype for inspect() (Rich Trott) #25953
  - treat format arguments equally (Roman Reiss) #23162
- win, fs: detect if symlink target is a directory (Bartosz Sosnowski) #23724
- zlib:
  - throw TypeError if callback is missing (Anna Henningsen) #24929
  - make “bare” constants un-enumerable (Anna Henningsen) #24824
Read more...
16 Apr Node v8.16.0 (LTS)
- n-api:
  - add API for asynchronous functions (Gabriel Schulhof) #17887
  - mark thread-safe function as stable (Gabriel Schulhof) #25556
Read more...
11 Apr Node v11.14.0 (Current)
- child_process: doc deprecate ChildProcess._channel (cjihrig) #26982
- deps: update nghttp2 to 1.37.0 (gengjiawen) #26990
- dns:
  - make dns.promises enumerable (cjihrig) #26592
  - remove dns.promises experimental warning (cjihrig) #26592
- fs: remove experimental warning for fs.promises (Anna Henningsen) #26581
- stream: make Symbol.asyncIterator support stable (Matteo Collina) #26989
- worker: use copy of process.env (Anna Henningsen) #26544
Read more...
03 Apr Node v6.17.1 (LTS)
Node 6 is due to go End-of-Life on 2019-04-30 - see Release Schedule.
- http:
  - fix error check in Execute() (Brian White) #25939
Read more...
28 Mar Node v11.13.0 (Current)
- crypto
  - Allow deriving public from private keys (Tobias Nießen) #26278.
- events
  - Added a once function to use EventEmitter with promises (Matteo Collina) #26078.
- tty
  - Added a hasColors method to WriteStream (Ruben Bridgewater) #26247.
  - Added NO_COLOR and FORCE_COLOR support (Ruben Bridgewater) #26485.
- v8
  - Added v8.getHeapSnapshot and v8.writeHeapSnapshot to generate snapshots in the format used by tools such as Chrome DevTools (James M Snell) #26501.
- worker
  - Added worker.moveMessagePortToContext. This enables using MessagePorts in different vm.Contexts, aiding with the isolation that the vm module seeks to provide (Anna Henningsen) #26497.
- C++ API
  - AddPromiseHook is now deprecated. This API was added to fill a use case that is served by async_hooks, since that has Promise support (Anna Henningsen) #26529.
  - Added a Stop API to shut down Node.js while it is running (Gireesh Punathil) #21283.
- meta
  - Gireesh Punathil is now a member of the Technical Steering Committee #26657.
  - Added Yongsheng Zhang to collaborators #26730.
Read more...
15 Mar Node v11.12.0 (Current)
- bootstrap:
  - Add experimental --frozen-intrinsics flag (Guy Bedford) #25685
- build:
  - Enable v8's siphash for hash seed creation (Rod Vagg) #26367
- deps:
  - Upgrade openssl to 1.1.1b (Sam Roberts) #26327
- process:
  - Make process[Symbol.toStringTag] writable again (Ruben Bridgewater) #26488
- repl:
  - Add util.inspect.replDefaults to customize the writer (Ruben Bridgewater) #26375
- report:
  - Rename triggerReport() to writeReport() (Colin Ihrig) #26527
Read more...
06 Mar Node v11.11.0 (Current)
05 Mar Node v10.15.3 (LTS)
28 Feb February 2019 Security Releases
28 Feb Node v11.10.1 (Current)
28 Feb Node v10.15.2 (LTS)
28 Feb Node v8.15.1 (LTS)
28 Feb Node v6.17.0 (LTS)
14 Feb Node v11.10.0 (Current)
30 Jan Node v11.9.0 (Current)
29 Jan Node v10.15.1 (LTS)
25 Jan Node v11.8.0 (Current)
18 Jan Node v11.7.0 (Current)