Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update node.js to v20 #2078

Merged
merged 1 commit into from
Jul 16, 2024
Merged

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 24, 2023

Mend Renovate

This PR contains the following updates:

Package Type Update Change
node (source) volta major 18.18.2 -> 20.15.1

Release Notes

nodejs/node (node)

v20.15.1

Compare Source

v20.15.0: 2024-06-20, Version 20.15.0 'Iron' (LTS), @​marco-ippolito

Compare Source

test_runner: support test plans

It is now possible to count the number of assertions and subtests that are expected to run within a test. If the number of assertions and subtests that run does not match the expected count, the test will fail.

test('top level test', (t) => {
  t.plan(2);
  t.assert.ok('some relevant assertion here');
  t.subtest('subtest', () => {});
});

Contributed by Colin Ihrig in #​52860

inspector: introduce the --inspect-wait flag

This release introduces the --inspect-wait flag, which allows debugger to wait for attachement. This flag is useful when you want to debug the code from the beginning. Unlike --inspect-brk, which breaks on the first line, this flag waits for debugger to be connected and then runs the code as soon as a session is established.

Contributed by Kohei Ueno in #​52734

zlib: expose zlib.crc32()

This release exposes the crc32() function from zlib to user-land.

It computes a 32-bit Cyclic Redundancy Check checksum of data. If
value is specified, it is used as the starting value of the checksum,
otherwise, 0 is used as the starting value.

The CRC algorithm is designed to compute checksums and to detect error
in data transmission. It's not suitable for cryptographic authentication.

const zlib = require('node:zlib');
const { Buffer } = require('node:buffer');

let crc = zlib.crc32('hello');  // 907060870
crc = zlib.crc32('world', crc);  // 4192936109

crc = zlib.crc32(Buffer.from('hello', 'utf16le'));  // 1427272415
crc = zlib.crc32(Buffer.from('world', 'utf16le'), crc);  // 4150509955

Contributed by Joyee Cheung in #​52692

cli: allow running wasm in limited vmem with --disable-wasm-trap-handler

By default, Node.js enables trap-handler-based WebAssembly bound
checks. As a result, V8 does not need to insert inline bound checks
int the code compiled from WebAssembly which may speedup WebAssembly
execution significantly, but this optimization requires allocating
a big virtual memory cage (currently 10GB). If the Node.js process
does not have access to a large enough virtual memory address space
due to system configurations or hardware limitations, users won't
be able to run any WebAssembly that involves allocation in this
virtual memory cage and will see an out-of-memory error.

$ ulimit -v 5000000
$ node -p "new WebAssembly.Memory({ initial: 10, maximum: 100 });"
[eval]:1
new WebAssembly.Memory({ initial: 10, maximum: 100 });
^

RangeError: WebAssembly.Memory(): could not allocate memory
    at [eval]:1:1
    at runScriptInThisContext (node:internal/vm:209:10)
    at node:internal/process/execution:118:14
    at [eval]-wrapper:6:24
    at runScript (node:internal/process/execution:101:62)
    at evalScript (node:internal/process/execution:136:3)
    at node:internal/main/eval_string:49:3

--disable-wasm-trap-handler disables this optimization so that
users can at least run WebAssembly (with a less optimial performance)
when the virtual memory address space available to their Node.js
process is lower than what the V8 WebAssembly memory cage needs.

Contributed by Joyee Cheung in #​52766

Other Notable Changes
Commits

v20.14.0

Compare Source

v20.13.1: 2024-05-09, Version 20.13.1 'Iron' (LTS), @​marco-ippolito

Compare Source

2024-05-09, Version 20.13.1 'Iron' (LTS), @​marco-ippolito

Revert "tools: install npm PowerShell scripts on Windows"

Due to a regression in the npm installation on Windows, this commit reverts the change that installed npm PowerShell scripts on Windows.

Commits
  • [b7d80802cc] - Revert "tools: install npm PowerShell scripts on Windows" (marco-ippolito) #​52897

v20.13.0

Compare Source

v20.12.2: 2024-04-10, Version 20.12.2 'Iron' (LTS), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes
  • CVE-2024-27980 - Command injection via args parameter of child_process.spawn without shell option enabled on Windows
Commits

v20.12.1

Compare Source

v20.12.0

Compare Source

v20.11.1

Compare Source

v20.11.0

Compare Source

v20.10.0

Compare Source

v20.9.0

Compare Source

v20.8.1: 2023-10-13, Version 20.8.1 (Current), @​RafaelGSS

Compare Source

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

More detailed information on each of the vulnerabilities can be found in October 2023 Security Releases blog post.

Commits

v20.8.0: 2023-09-28, Version 20.8.0 (Current), @​ruyadorno

Compare Source

Notable Changes
Stream performance improvements

Performance improvements to writable and readable streams, improving the creation and destruction by ±15% and reducing the memory overhead each stream takes in Node.js

Contributed by Benjamin Gruenbaum in #​49745 and Raz Luvaton in #​49834.

Performance improvements for readable webstream, improving readable stream async iterator consumption by ±140% and improving readable stream pipeTo consumption by ±60%

Contributed by Raz Luvaton in #​49662 and #​49690.

Rework of memory management in vm APIs with the importModuleDynamically option

This rework addressed a series of long-standing memory leaks and use-after-free issues in the following APIs that support importModuleDynamically:

  • vm.Script
  • vm.compileFunction
  • vm.SyntheticModule
  • vm.SourceTextModule

This should enable affected users (in particular Jest users) to upgrade from older versions of Node.js.

Contributed by Joyee Cheung in #​48510.

Other notable changes
Commits

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added dependencies Pull requests that update a dependency file renovatebot labels Oct 24, 2023
Copy link
Contributor Author

renovate bot commented Jan 9, 2024

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: pnpm-lock.yaml
[22:25:45.920] INFO (73): Installing tool [email protected]...
[22:25:46.157] ERROR (73): download failed
    run: 3
    err: {
      "type": "HTTPError",
      "message": "Response code 404 (Not Found)",
      "stack":
          HTTPError: Response code 404 (Not Found)
              at _Request._onResponseBase (/snapshot/dist/containerbase-cli.js:42857:25)
              at _Request._onResponse (/snapshot/dist/containerbase-cli.js:42912:18)
              at ClientRequest.<anonymous> (/snapshot/dist/containerbase-cli.js:42927:17)
              at Object.onceWrapper (node:events:629:26)
              at ClientRequest.emit (node:events:526:35)
              at ClientRequest.emit (node:domain:488:12)
              at HTTPParser.parserOnIncomingClient (node:_http_client:693:27)
              at HTTPParser.parserOnHeadersComplete (node:_http_common:119:17)
              at TLSSocket.socketOnData (node:_http_client:535:22)
              at TLSSocket.emit (node:events:514:28)
      "code": "ERR_NON_2XX_3XX_RESPONSE",
      "timings": {
        "start": 1704839146112,
        "socket": 1704839146121,
        "lookup": 1704839146121,
        "connect": 1704839146121,
        "secureConnect": 1704839146121,
        "upload": 1704839146121,
        "response": 1704839146154,
        "end": 1704839146155,
        "phases": {
          "wait": 9,
          "dns": 0,
          "tcp": 0,
          "tls": 0,
          "request": 0,
          "firstByte": 33,
          "download": 1,
          "total": 43
        }
      },
      "name": "HTTPError",
      "options": {
        "agent": {},
        "decompress": true,
        "timeout": {},
        "prefixUrl": "",
        "ignoreInvalidCookies": false,
        "context": {},
        "hooks": {
          "init": [],
          "beforeRequest": [],
          "beforeError": [],
          "beforeRedirect": [],
          "beforeRetry": [],
          "afterResponse": []
        },
        "followRedirect": true,
        "maxRedirects": 10,
        "throwHttpErrors": true,
        "username": "",
        "password": "",
        "http2": false,
        "allowGetBody": false,
        "headers": {
          "user-agent": "containerbase/9.31.3 node/20.10.0 (https://github.com/containerbase)",
          "accept-encoding": "gzip, deflate, br"
        },
        "methodRewriting": false,
        "retry": {
          "limit": 2,
          "methods": [
            "GET",
            "PUT",
            "HEAD",
            "DELETE",
            "OPTIONS",
            "TRACE"
          ],
          "statusCodes": [
            408,
            413,
            429,
            500,
            502,
            503,
            504,
            521,
            522,
            524
          ],
          "errorCodes": [
            "ETIMEDOUT",
            "ECONNRESET",
            "EADDRINUSE",
            "ECONNREFUSED",
            "EPIPE",
            "ENOTFOUND",
            "ENETUNREACH",
            "EAI_AGAIN"
          ],
          "backoffLimit": null,
          "noise": 100
        },
        "method": "GET",
        "cacheOptions": {},
        "https": {},
        "resolveBodyOnly": false,
        "isStream": true,
        "responseType": "text",
        "url": "https://nodejs.org/dist/v20.11.0/SHASUMS256.txt",
        "pagination": {
          "countLimit": null,
          "backoff": 0,
          "requestLimit": 10000,
          "stackAllItems": false
        },
        "setHost": true,
        "enableUnixSockets": false
      }
    }
[22:25:46.160] FATAL (73): download failed
    err: {
      "type": "Error",
      "message": "download failed",
      "stack":
          Error: download failed
              at HttpService.download (/snapshot/dist/containerbase-cli.js:46423:11)
              at async InstallNodeService.install (/snapshot/dist/containerbase-cli.js:51554:30)
              at async InstallToolService.execute (/snapshot/dist/containerbase-cli.js:52121:11)
              at async InstallToolShortCommand.execute (/snapshot/dist/containerbase-cli.js:52337:14)
              at async InstallToolShortCommand.validateAndExecute (/snapshot/dist/containerbase-cli.js:2426:26)
              at async _Cli.run (/snapshot/dist/containerbase-cli.js:3539:22)
              at async _Cli.runExit (/snapshot/dist/containerbase-cli.js:3547:28)
              at async main (/snapshot/dist/containerbase-cli.js:52531:3)
    }

@BobrImperator BobrImperator merged commit 5dca94a into master Jul 16, 2024
7 checks passed
@BobrImperator BobrImperator deleted the renovate/node-20.x branch July 16, 2024 22:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file renovatebot
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant