Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Node.js to v20.15.1 #150

Merged
merged 4 commits into from
Jul 11, 2024
Merged

Update Node.js to v20.15.1 #150

merged 4 commits into from
Jul 11, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jun 20, 2024

Mend Renovate

This PR contains the following updates:

Package Type Update Change
node image minor 20.14.0 -> 20.15.1
node (source) minor 20.14.0 -> 20.15.1

Release Notes

nodejs/node (node)

v20.15.1: 2024-07-08, Version 20.15.1 'Iron' (LTS), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes
  • CVE-2024-36138 - Bypass incomplete fix of CVE-2024-27980 (High)
  • CVE-2024-22020 - Bypass network import restriction via data URL (Medium)
  • CVE-2024-22018 - fs.lstat bypasses permission model (Low)
  • CVE-2024-36137 - fs.fchown/fchmod bypasses permission model (Low)
  • CVE-2024-37372 - Permission model improperly processes UNC paths (Low)
Commits

v20.15.0: 2024-06-20, Version 20.15.0 'Iron' (LTS), @​marco-ippolito

Compare Source

test_runner: support test plans

It is now possible to count the number of assertions and subtests that are expected to run within a test. If the number of assertions and subtests that run does not match the expected count, the test will fail.

test('top level test', (t) => {
  t.plan(2);
  t.assert.ok('some relevant assertion here');
  t.subtest('subtest', () => {});
});

Contributed by Colin Ihrig in #​52860

inspector: introduce the --inspect-wait flag

This release introduces the --inspect-wait flag, which allows debugger to wait for attachement. This flag is useful when you want to debug the code from the beginning. Unlike --inspect-brk, which breaks on the first line, this flag waits for debugger to be connected and then runs the code as soon as a session is established.

Contributed by Kohei Ueno in #​52734

zlib: expose zlib.crc32()

This release exposes the crc32() function from zlib to user-land.

It computes a 32-bit Cyclic Redundancy Check checksum of data. If
value is specified, it is used as the starting value of the checksum,
otherwise, 0 is used as the starting value.

The CRC algorithm is designed to compute checksums and to detect error
in data transmission. It's not suitable for cryptographic authentication.

const zlib = require('node:zlib');
const { Buffer } = require('node:buffer');

let crc = zlib.crc32('hello');  // 907060870
crc = zlib.crc32('world', crc);  // 4192936109

crc = zlib.crc32(Buffer.from('hello', 'utf16le'));  // 1427272415
crc = zlib.crc32(Buffer.from('world', 'utf16le'), crc);  // 4150509955

Contributed by Joyee Cheung in #​52692

cli: allow running wasm in limited vmem with --disable-wasm-trap-handler

By default, Node.js enables trap-handler-based WebAssembly bound
checks. As a result, V8 does not need to insert inline bound checks
int the code compiled from WebAssembly which may speedup WebAssembly
execution significantly, but this optimization requires allocating
a big virtual memory cage (currently 10GB). If the Node.js process
does not have access to a large enough virtual memory address space
due to system configurations or hardware limitations, users won't
be able to run any WebAssembly that involves allocation in this
virtual memory cage and will see an out-of-memory error.

$ ulimit -v 5000000
$ node -p "new WebAssembly.Memory({ initial: 10, maximum: 100 });"
[eval]:1
new WebAssembly.Memory({ initial: 10, maximum: 100 });
^

RangeError: WebAssembly.Memory(): could not allocate memory
    at [eval]:1:1
    at runScriptInThisContext (node:internal/vm:209:10)
    at node:internal/process/execution:118:14
    at [eval]-wrapper:6:24
    at runScript (node:internal/process/execution:101:62)
    at evalScript (node:internal/process/execution:136:3)
    at node:internal/main/eval_string:49:3

--disable-wasm-trap-handler disables this optimization so that
users can at least run WebAssembly (with a less optimial performance)
when the virtual memory address space available to their Node.js
process is lower than what the V8 WebAssembly memory cage needs.

Contributed by Joyee Cheung in #​52766

Other Notable Changes
Commits

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added the dependencies This updates dependency files label Jun 20, 2024
Copy link
Contributor

github-actions bot commented Jun 20, 2024

GitLab Pipeline Action

General information

Link to pipeline: https://gitlab.com/code0-tech/development/pictor/-/pipelines/1370252073

Status: Passed
Duration: 4 minutes

Job summaries

docs:preview

Documentation preview available at https://code0-tech.gitlab.io/-/development/telescopium/-/jobs/7321653341/artifacts/dist/index.html

storybook:build

Storybook available at https://code0-tech.gitlab.io/-/development/pictor/-/jobs/7321647005/artifacts/storybook-static/index.html

@renovate renovate bot force-pushed the renovate/node-20.x branch from 735476d to d8640ec Compare June 25, 2024 01:22
@renovate renovate bot changed the title Update dependency node to v20.15.0 Update Node.js to v20.15.0 Jun 25, 2024
@renovate renovate bot force-pushed the renovate/node-20.x branch from d8640ec to 71884c7 Compare July 8, 2024 18:35
@renovate renovate bot changed the title Update Node.js to v20.15.0 Update Node.js Jul 8, 2024
@renovate renovate bot force-pushed the renovate/node-20.x branch from 71884c7 to 961d5b3 Compare July 9, 2024 19:32
@renovate renovate bot changed the title Update Node.js Update Node.js to v20.15.1 Jul 9, 2024
Copy link
Contributor Author

renovate bot commented Jul 10, 2024

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

@nicosammito
Copy link
Contributor

@Taucher2003 is there any update on this

@Taucher2003 Taucher2003 added regenerate-snapshots Starts a pipeline to regenerate image snapshots and removed regenerate-snapshots Starts a pipeline to regenerate image snapshots labels Jul 11, 2024
@Taucher2003 Taucher2003 merged commit ad9e692 into main Jul 11, 2024
1 check passed
@Taucher2003 Taucher2003 deleted the renovate/node-20.x branch July 11, 2024 18:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies This updates dependency files
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants