profile
viewpoint
Tobias Nießen tniessen Canada https://tnie.de Doing stuff with computers.

nodejs/node-core-utils 110

CLI tools for Node.js Core collaborators

cjihrig/uvwasi 67

WASI syscall API built atop libuv

tniessen/iperf-windows 4

Visual Studio solution to natively build iperf3 on Windows

tniessen/memfs-fuse 4

Simple fuse demo filesystem

tniessen/iperf-vsproj 2

iperf3: A TCP, UDP, and SCTP network bandwidth measurement tool

tniessen/node-args.js 2

Another Node.js argument parser

tniessen/cryptpad 1

Text editor for Windows supporting strong encryption

tniessen/admin 0

Facilitating joint collaboration amongst the TSC and CommComm

tniessen/automation 0

Better automation for the Node.js project

tniessen/c-ares 0

A C library for asynchronous DNS requests

issue commentnodejs/TSC

Re-nominate @gireeshpunathil to TSC

+1, as soon as the other issue is resolved

mhdawson

comment created time in an hour

pull request commentWebAssembly/WASI

Draft wasi_ephemeral_crypto.witx module

I would like to clarify that, with the terms "low-level" and "high-level", do you mean

I would consider anything low-level that would allow existing libraries such as OpenSSL (and its variants), libsodium etc. to be implemented on top of it, without having to implement the primitives themselves, and in a future-proof way, meaning that the design shouldn't arbitrarily limit algorithm interfaces, options etc.

This is because IV can be per message, while the same key can be used for encrypting multiple messages.

Technically, you can also fix an IV and just use a different key for each message.

For AEAD, the operation is described as "in-place encryption". How would that handle algorithms where the ciphertext is longer than the plaintext?

Would you mind providing examples of such algorithms?

I don't think any of the "real" AEAD algorithms would be in that category, but my inability to come up with an example shouldn't be a justification for an arbitrary limitation.

While an API that doesn't require a context and uses a fixed set of parameters would be easier to use, WASI is not meant to be directly used by applications. It is rather akin to a set of system calls, and its API stability is critical, especially as we need implementers to build an ecosystem around it.

@jedisct1 I agree.

ueno

comment created time in 11 hours

pull request commentWebAssembly/WASI

Draft wasi_ephemeral_crypto.witx module

That's exactly my motivation. I had a somewhat detailed draft somewhere, that would allow most crypto operations to be implemented, but I struggled with asymmetric key management, and that is absolutely necessary.

ueno

comment created time in a day

pull request commentWebAssembly/WASI

Draft wasi_ephemeral_crypto.witx module

When I first thought about this, I thought a low-level API might make more sense. Maybe something similar to what OpenSSL is doing internally: Generic APIs to create contexts, perform operations on contexts, and destroy contexts, where the context types and operations are not precisely specified and up to the algorithm.

Ideally, it should be possible to use existing crypto libraries which are implemented on top of the WASI crypto interface, instead of having to rewrite all applications and libraries to use this specific high-level API.

ueno

comment created time in a day

issue commentnodejs/help

npm does not support Node.js v10.16.3

@jeme

the warning that NPM spits out could use an update as it is no help at all in this particular situation

npm is a separate product, please report this to them, or contribute to their code. For our users' convenience, we include a tested version with official Node.js releases, but we do not maintain npm. Manual installations, upgrades, downgrades, and removals can lead to scenarios where the versions do not match.

seanlawrenz

comment created time in a day

pull request commentWebAssembly/WASI

Draft wasi_ephemeral_crypto.witx module

I have been thinking about this, too, and I imagined a very low-level API, that doesn't make strong assumptions about the algorithms themselves. Key management will also be a major issue.

  1. Currently, our primary target is to enable TLS-like encrypted streams based on those primitives

    I am not familiar with witx, but the current proposed API does not seem to provide any low-level streaming capabilities? Only the ability to reuse a key with different nonces.

  2. For AEAD, why is the key part of the handle creation, but the nonce part of the encryption/decryption process?

  3. For AEAD, the operation is described as "in-place encryption". How would that handle algorithms where the ciphertext is longer than the plaintext?

  4. For hash functions, would it not make sense to plan for modern XOF hash functions? I also understand if people don't consider them "real" hash functions.

ueno

comment created time in a day

issue commentnodejs/node

CI is unusable

cc @Trott @nodejs/build

tniessen

comment created time in 2 days

issue openednodejs/node

CI is unusable

Latest build history:

ci-history

created time in 2 days

pull request commentnodejs/nodejs.org

feat: thanking contributor (#2632)

If so, I'd prefer we squash and add co-author metadata.

:+1:


This breaks if going to a 404 URL, because the language picker function throws, and this code never runs, leaving the user with a spinner and placeholder text.

KeziahMoselle

comment created time in 2 days

push eventtniessen/nodejs.org

Tobias Nießen

commit sha 97a3f4170df399a985bff828e1e971d1446eddea

Update locale/en/knowledge/cryptography/how-to-use-crypto-module.md

view details

push time in 2 days

push eventtniessen/nodejs.org

Tobias Nießen

commit sha 3cff75c359e137913966802e9ec4e0f6e9c3bc74

Update locale/en/knowledge/command-line/how-to-prompt-for-command-line-input.md

view details

push time in 2 days

Pull request review commentnodejs/nodejs.org

Avoid using "Node" and "Node's"

 layout: knowledge-post.hbs  The [crypto](https://nodejs.org/api/crypto.html) module is a wrapper for [OpenSSL](https://en.wikipedia.org/wiki/Openssl) cryptographic functions. It supports calculating hashes, authentication with HMAC, ciphers, and more! -The crypto module is mostly useful as a tool for implementing [cryptographic protocols](https://en.wikipedia.org/wiki/Cryptographic_protocol) such as [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security) and [https](https://en.wikipedia.org/wiki/Https). For most users, Node's built-in [tls module](https://nodejs.org/api/tls.html) and [https module](https://nodejs.org/api/https.html) should more than suffice. However, for the user that only wants to use small parts of what's needed for full-scale cryptography or is crazy/desperate enough to implement a protocol using OpenSSL and Node: Read on.+The crypto module is mostly useful as a tool for implementing [cryptographic protocols](https://en.wikipedia.org/wiki/Cryptographic_protocol) such as [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security) and [https](https://en.wikipedia.org/wiki/Https). For most users, the built-in [tls module](https://nodejs.org/api/tls.html) and [https module](https://nodejs.org/api/https.html) should more than suffice. However, for the user that only wants to use small parts of what's needed for full-scale cryptography or is crazy/desperate enough to implement a protocol using OpenSSL and Node: Read on.
The crypto module is mostly useful as a tool for implementing [cryptographic protocols](https://en.wikipedia.org/wiki/Cryptographic_protocol) such as [TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security) and [https](https://en.wikipedia.org/wiki/Https). For most users, the built-in [tls module](https://nodejs.org/api/tls.html) and [https module](https://nodejs.org/api/https.html) should more than suffice. However, for the user that only wants to use small parts of what's needed for full-scale cryptography or is crazy/desperate enough to implement a protocol using OpenSSL and Node.js: Read on.
tniessen

comment created time in 2 days

Pull request review commentnodejs/nodejs.org

Avoid using "Node" and "Node's"

 layout: knowledge-post.hbs  So you've got a little CLI tool, but you want to be able to prompt a user for additional data after the script has started, rather than passing it in as a command line argument or putting it in a file. To do this, you'll need to listen to STDIN ("standard input", i.e. your keyboard), which Node.js exposes for you as `process.stdin`, a readable stream. -Streams are Node's way of dealing with evented I/O - it's a big topic, and you can read more about them [here](https://nodejs.org/api/stream.html). For now, we're going to use node's `readline` module which is a wrapper around Standard I/O, suitable for taking user input from command line(terminal).+Streams are the Node.js way of dealing with evented I/O - it's a big topic, and you can read more about them [here](https://nodejs.org/api/stream.html). For now, we're going to use node's `readline` module which is a wrapper around Standard I/O, suitable for taking user input from command line(terminal).
Streams are the Node.js way of dealing with evented I/O - it's a big topic, and you can read more about them [here](https://nodejs.org/api/stream.html). For now, we're going to use the built-in `readline` module which is a wrapper around Standard I/O, suitable for taking user input from command line(terminal).
tniessen

comment created time in 2 days

pull request commentnodejs/nodejs.org

Avoid using "Node" and "Node's"

how about you rebase and drop any other patches so that we can land this and translators continue in separate PRs?

@XhmikosR I have rebased and dropped the offending commits. @nschonni PTAL.

In my opinion, it should be unacceptable for maintainers to block a PR for an entire month by pushing their own changes to the author's branch without the author's approval, regardless of whether the author is a first-time contributor or a long-term project member. I have learned my lesson, I will disable editing for collaborators for this repository from now on, but if this is recurring behavior from members of the website group, I suggest to review the group's members and privileges.

tniessen

comment created time in 2 days

push eventtniessen/nodejs.org

Tobias Nießen

commit sha c31b4806e5b07fd17e93e724f5b92889cea34aae

Avoid using "Node" and "Node's" As per our branding guidelines, both should be avoided, and Node.js should be used instead.

view details

Maledong

commit sha 2c1248b8c991cba9448eb44d9b0afefd0d1296f5

zh-CN: change 'node' to 'Node.js'

view details

push time in 2 days

startedpetersalomonsen/wasm-git

started time in 3 days

PR opened nodejs/node

crypto: turn impossible DH errors into assertions

These functions are always called with exactly one argument of the form toBuf(...). Even if that call returns undefined, JavaScript still counts it as an argument.

<!-- Thank you for your pull request. Please provide a description above and review the requirements below.

Bug fixes and new features should include tests and possibly benchmarks.

Contributors guide: https://github.com/nodejs/node/blob/master/CONTRIBUTING.md -->

Checklist

<!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->

  • [x] make -j4 test (UNIX), or vcbuild test (Windows) passes
  • [x] commit message follows commit guidelines

<!-- Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or

(b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or

(c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it.

(d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. -->

+2 -10

0 comment

1 changed file

pr created time in 3 days

pull request commentnodejs/node

test: add secp224k1 check in crypto-dh-stateless

Thank you!

danbev

comment created time in 3 days

Pull request review commentnodejs/node

crypto: simplify exportKeyingMaterial

 void SSLWrap<Base>::ExportKeyingMaterial(    AllocatedBuffer out = env->AllocateManaged(olen); -  ByteSource key;--  int useContext = 0;-  if (!args[2]->IsNull() && Buffer::HasInstance(args[2])) {-    key = ByteSource::FromBuffer(args[2]);--    useContext = 1;-  }+  ByteSource context;+  bool use_context = !args[2]->IsUndefined();+  if (use_context)+    context = ByteSource::FromBuffer(args[2]);    if (SSL_export_keying_material(w->ssl_.get(),                                  reinterpret_cast<unsigned char*>(out.data()),                                  olen,                                  *label,                                  label.length(),                                  reinterpret_cast<const unsigned char*>(-                                   key.get()),-                                 key.size(),-                                 useContext) != 1) {+                                   context.get()),

Thank you! :)

tniessen

comment created time in 3 days

push eventtniessen/node

Tobias Nießen

commit sha 8a7076881a5a02bb292813d402fcf3ef9418f57d

Update src/node_crypto.cc Co-Authored-By: Anna Henningsen <github@addaleax.net>

view details

push time in 3 days

issue commentnodejs/node

Wrong hint message when parsing expression such as {a:1}['a'] === 1 in node

We should probably eagerly try to wrap all input in parens in the actual evaluator.

That might break working code, or am I missing something?

class Foo {} function foo() {} contains two valid declarations, but not if wrapped as an expression in parentheses.

Killea

comment created time in 4 days

issue commentnodejs/node

Using node --flag, check if loaded dependencies versions match expected versions

So instead of

git pull
npm i
node .

you would rather write this?

git pull
node --experimental-check-dependency-versions-somehow .

Doesn't seem much more convenient to me.

I assume you run into this problem a lot, otherwise you probably wouldn't request this feature. So every time node finds a problem (which would be often, I assume), you would still need to do npm i to fix the problem.


Alternative if you really need it often: alias npm-update='git pull --ff-only && npm i'

ORESoftware

comment created time in 4 days

created tagtniessen/node-synchronous-channel

tagv0.0.1-alpha

Synchronous message channel for inter-thread communication

created time in 4 days

push eventtniessen/node-synchronous-channel

Tobias Nießen

commit sha 275da54e1cf775f399c7ba149d7bb25b149c274b

Add .npmignore

view details

push time in 4 days

PublicEvent

PR opened nodejs/node

crypto: simplify exportKeyingMaterial C++ crypto
  1. Use bool instead of int.
  2. Don't call Buffer::HasInstance. We shouldn't silently ignore non-buffers, and ByteSource::FromBuffer will CHECK that the input is a Buffer anyway.
  3. Rename key to context, because that's what it is.
  4. Rename useContext to use_context for consistency with the rest of node_crypto.cc.
  5. Use IsUndefined instead of IsNull, because the JavaScript layer will always either pass undefined or a Buffer.

<!-- Thank you for your pull request. Please provide a description above and review the requirements below.

Bug fixes and new features should include tests and possibly benchmarks.

Contributors guide: https://github.com/nodejs/node/blob/master/CONTRIBUTING.md -->

Checklist

<!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->

  • [x] make -j4 test (UNIX), or vcbuild test (Windows) passes
  • [x] commit message follows commit guidelines

<!-- Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or

(b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or

(c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it.

(d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. -->

+7 -11

0 comment

1 changed file

pr created time in 4 days

create barnchtniessen/node

branch : crypto-simplify-exportkeyingmaterial

created branch time in 4 days

issue closednodejs/TSC

Timing of TSC member addition / resignation

If @BridgeAR isn't added to the TSC (#811) before @Fishrock123 leaves the TSC (https://github.com/nodejs/node/pull/31725), and if I am not mistaken about the number of IBM employees on the TSC, this clause will come into effect:

If removal or resignation of a TSC member, or a change of employment by a TSC member, creates a situation where more than one-fourth of the TSC membership shares an employer, then the situation must be immediately remedied by the resignation or removal of one or more TSC members affiliated with the over-represented employer(s).

It might be too early to add @BridgeAR, given that he hasn't had a chance to attend any meetings yet. We can avoid this clause from coming into effect if @Fishrock123 is okay with delaying his resignation for a while, but I understand if he is not, and we should in no way prevent him from stepping down.

cc @nodejs/tsc

closed time in 4 days

tniessen

pull request commentnodejs/node

crypto: modernize DH/ECDH/ECDH-ES

@mscdex I don't think KeyObjects themselves made it into node v10.x, so this will likely be a large and difficult backport.

tniessen

comment created time in 4 days

push eventtniessen/node

Ben Noordhuis

commit sha 793cfe54cd26e0eb881eec895df41da62a3049ed

doc,crypto: re-document oaepLabel option Erroneously removed in https://github.com/nodejs/node/pull/29516. Fixes: https://github.com/nodejs/node/issues/31810 Refs: https://github.com/nodejs/node/pull/29516 PR-URL: https://github.com/nodejs/node/pull/31825 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Tobias Nießen <tniessen@tnie.de>

view details

push time in 5 days

PR closed nodejs/node

doc,crypto: re-document oaepLabel option crypto doc

Erroneously removed in https://github.com/nodejs/node/pull/29516.

Fixes: https://github.com/nodejs/node/issues/31810 Refs: https://github.com/nodejs/node/pull/29516

+4 -0

1 comment

1 changed file

bnoordhuis

pr closed time in 5 days

pull request commentnodejs/node

doc,crypto: re-document oaepLabel option

Landed in 793cfe54cd26e0eb881eec895df41da62a3049ed.

bnoordhuis

comment created time in 5 days

push eventnodejs/node

Ben Noordhuis

commit sha 793cfe54cd26e0eb881eec895df41da62a3049ed

doc,crypto: re-document oaepLabel option Erroneously removed in https://github.com/nodejs/node/pull/29516. Fixes: https://github.com/nodejs/node/issues/31810 Refs: https://github.com/nodejs/node/pull/29516 PR-URL: https://github.com/nodejs/node/pull/31825 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Tobias Nießen <tniessen@tnie.de>

view details

push time in 5 days

issue closednodejs/node

[doc] oaepLabel option missing from crypto.publicEncrypt's "key" value

While the docs mention the oaepHash value for the object of the key value for the crypto.publicEncrypt function they don't mention the oaepLabel value that can also be specified in said object.

closed time in 5 days

BigBrainAFK

PR closed nodejs/node

Reviewers
tls: expose SSL_export_keying_material C++ author ready semver-minor tls

closes #31802

I added one test, that just checks if the function is available and returns the requested amount of data. Please double check if I have done the memory allocation right.

Checklist

<!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->

  • [x] make -j4 test (UNIX), or vcbuild test (Windows) passes
  • [x] tests and/or benchmarks are included
  • [x] documentation is changed or added
  • [x] commit message follows [commit guidelines]

<!-- Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or

(b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or

(c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it.

(d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. -->

+209 -3

10 comments

7 changed files

simllll

pr closed time in 5 days

pull request commentnodejs/node

tls: expose SSL_export_keying_material

Landed in 341c06f0889e5295d7a7a34c3e38296bd2c4ac18, thank you, @simllll, and congratulations on becoming a contributor! 🎉

simllll

comment created time in 5 days

push eventtniessen/node

simon

commit sha 341c06f0889e5295d7a7a34c3e38296bd2c4ac18

tls: expose SSL_export_keying_material Fixes: https://github.com/nodejs/node/issues/31802 PR-URL: https://github.com/nodejs/node/pull/31814 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>

view details

push time in 5 days

push eventnodejs/node

simon

commit sha 341c06f0889e5295d7a7a34c3e38296bd2c4ac18

tls: expose SSL_export_keying_material Fixes: https://github.com/nodejs/node/issues/31802 PR-URL: https://github.com/nodejs/node/pull/31814 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>

view details

push time in 5 days

issue closednodejs/node

expose SSL_export_keying_material via Node API (e.g. like SSL_get_shared_sigalgs)

Is your feature request related to a problem? Please describe. I'm trying to generate a check sum that is based on the keying material (https://stackoverflow.com/questions/60232165/ssl-export-keying-material-in-node-js). Right now node has no method to call this function, or any other way of retrieving this information.

Describe the solution you'd like Expose an api like the GetSharedSigalgs that offers a way to access the native SSL export keying material method. see https://nodejs.org/api/tls.html#tls_tlssocket_getsharedsigalgs for the keying material method see https://www.openssl.org/docs/man1.0.2/man3/SSL_export_keying_material.html

Describe alternatives you've considered I tried to get this kind of information via 'keylog' event, but this is never emitted in my scenario. I also believe (couldn't verify though), that this is something else than the exporting keying material function offers, due to the fact that I cannot provide any label to "keylog" which is mandatory for the keying material method.

Subsystem: tls (tls.TLSSocket)

closed time in 5 days

simllll

push eventtniessen/node

Guy Bedford

commit sha 58de9b46b80fd3e48f5faf9db8101930a6493fc4

module: package "exports" error refinements PR-URL: https://github.com/nodejs/node/pull/31625 Reviewed-By: Jan Krems <jan.krems@gmail.com>

view details

Myles Borins

commit sha 1c2d77d3d9dd5753a96c0033265c5eeaf3531d00

2020-02-18, Version 12.16.1 'Erbium' (LTS) Notable changes: Node.js 12.16.0 included 6 regressions that are being fixed in this release **Accidental Unflagging of Self Resolving Modules**: 12.16.0 included a large update to the ESM implementation. One of the new features, Self Referential Modules, was accidentally released without requiring the `--experimental-modules` flag. This release is being made to appropriately flag the feature. **Process Cleanup Changed Introduced WASM-Related Assertion**: A change during Node.js process cleanup led to a crash in combination with specific usage of WASM. This has been fixed by partially reverted said change. A regression test and a full fix are being worked on and will likely be included in future 12.x and 13.x releases. **Use Largepages Runtime Option Introduced Linking Failure**: A Semver-Minor change to introduce `--use-largepages` as a runtime option introduced a linking failure. This had been fixed in master but regressed as the fix has not yet gone out in a Current release. The feature has been reverted, but will be able to reland with a fix in a future Semver-Minor release. **Async Hooks was Causing an Exception When Handling Errors**: Changes in async hooks internals introduced a case where an internal api call could be called with undefined causing a process to crash. The change to async hooks was reverted. A regression test and fix has been proposed and the change could re land in a future Semver-Patch release if the regression is reliably fixed. **New Enumerable Read-Only Property on EventEmitter breaks @types/extend** A new property for enumerating events was added to the EventEmitter class. This broke existing code that was using the `@types/extend` module for extending classses as `@types/extend` was attemping to write over the existing field which the new change made read-only. As this is the first property on EventEmitter that is read-only this feature could be considered Semver-Major. The new feature has been reverted but could re land in a future Semver-Minor release if a non breaking way of applying it is found. **Exceptions in the HTTP parser were not emitting an uncaughtException** A refactoring to Node.js interanls resulted in a bug where errors in the HTTP parser were not being emitted by `process.on('uncaughtException')`. The fix to this bug has been included in this release. PR-URL: https://github.com/nodejs/node/pull/31781

view details

Robert Nagy

commit sha 8ba7a2f889472d58478bf40b758d336b41af682b

http2: make compat finished match http/1 finished should true directly after end(). PR-URL: https://github.com/nodejs/node/pull/24347 Refs: https://github.com/nodejs/node/issues/24743 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Ujjwal Sharma <ryzokuken@disroot.org> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: James M Snell <jasnell@gmail.com>

view details

Shelley Vohr

commit sha 0c3c0e7184c4ca625148c14d61d8e9438a1b69f2

2020-02-18, Version 13.9.0 (Current) Notable changes: * async_hooks * add executionAsyncResource (Matteo Collina) #30959 * crypto * add crypto.diffieHellman (Tobias Nießen) #31178 * add DH support to generateKeyPair (Tobias Nießen) #31178 * simplify DH groups (Tobias Nießen) #31178 * add key type 'dh' (Tobias Nießen) #31178 * test * skip keygen tests on arm systems (Tobias Nießen) #31178 * perf_hooks * add property flags to GCPerformanceEntry (Kirill Fomichev) #29547 * process * report ArrayBuffer memory in `memoryUsage()` (Anna Henningsen) #31550 * readline * make tab size configurable (Ruben Bridgewater) #31318 * report * add support for Workers (Anna Henningsen) #31386 * worker * add ability to take heap snapshot from parent thread (Anna Henningsen) #31569 * added new collaborators * add ronag to collaborators (Robert Nagy) #31498 PR-URL: https://github.com/nodejs/node/pull/31837

view details

Myles Borins

commit sha 43fb664701d771c00595fa1c152cfca03b10a4fd

doc: fix missing changelog corrections There was a slight discrepancy between the build of 12.16.1 and what landed on 12.x. This was only a couple spelling errors that didn't get updated between machines I was working on. This change gets the changelog up to date with what went out in the release vs what is current on the 12.x release branch. PR-URL: https://github.com/nodejs/node/pull/31854 Reviewed-By: Shelley Vohr <codebytere@gmail.com> Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com> Reviewed-By: Gus Caplan <me@gus.host> Reviewed-By: Richard Lau <riclau@uk.ibm.com>

view details

Shelley Vohr

commit sha 31290824de068eb4b282ab74829450b988ae225b

doc: fix notable changes for v13.9.0 PR-URL: https://github.com/nodejs/node/pull/31857 Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Myles Borins <myles.borins@gmail.com>

view details

Robert Nagy

commit sha 7c524fb092b143470795c8ca869de4654c728fe1

doc: fix Writable.write callback description Clarifies a userland invariant until a better solution can be found. Also moves a misplaced sentence from _write to write. Refs: https://github.com/nodejs/node/pull/31756 Refs: https://github.com/nodejs/node/pull/31765 PR-URL: https://github.com/nodejs/node/pull/31812 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>

view details

Rich Trott

commit sha 822101f570478ffa15e4ed0e00cd0d67b9cc789e

meta: move eljefedelrodeodeljefe to emeritus eljefedelrodeodeljefe confirmed in email that moving to emeritus was fine at this time. PR-URL: https://github.com/nodejs/node/pull/31735 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com> Reviewed-By: Michaël Zasso <targos@protonmail.com>

view details

Joyee Cheung

commit sha e6c2277241e542cdf86475d71c5fdc581bd72025

vm: lazily initialize primordials for vm contexts Lazily initialize primordials when cross-context support for builtins is needed to fix the performance regression in context creation. PR-URL: https://github.com/nodejs/node/pull/31738 Fixes: https://github.com/nodejs/node/issues/29842 Reviewed-By: Gus Caplan <me@gus.host> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: David Carlier <devnexen@gmail.com>

view details

Gus Caplan

commit sha b8e41774d4287d128a40f7ecfecf170fe16fe9ed

fs: add fs/promises alias module PR-URL: https://github.com/nodejs/node/pull/31553 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Yuta Hiroto <hello@hiroppy.me>

view details

Harshitha KP

commit sha 2d3717ad847665de333c85e5239ad4e6a4c0eb95

worker: emit runtime error on loop creation failure Instead of hard asserting throw a runtime error, that is more consumable. Fixes: https://github.com/nodejs/node/issues/31614 PR-URL: https://github.com/nodejs/node/pull/31621 Reviewed-By: Anna Henningsen <anna@addaleax.net>

view details

Rich Trott

commit sha 1c4e984ed970612f129db2ba6f684311418ed3a2

test: remove common.PORT from test-net-write-callbacks.js Switch test-net-write-callbacks.js from common.PORT to a port assigned by the operating system. PR-URL: https://github.com/nodejs/node/pull/31839 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Shelley Vohr <codebytere@gmail.com> Reviewed-By: Richard Lau <riclau@uk.ibm.com>

view details

Rich Trott

commit sha cdac18519fd14df9ece958cf8e29b846f512656e

test: remove flaky designation for test-net-connect-options-port Closes: https://github.com/nodejs/node/issues/23207 PR-URL: https://github.com/nodejs/node/pull/31841 Fixes: https://github.com/nodejs/node/issues/23207 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: David Carlier <devnexen@gmail.com>

view details

Rich Trott

commit sha 82afd85a31ab7c8f931f0bb0b23e76570aceb46d

tools: update lint-md task to lint for possessives of Node.js Add a markdown lint rule to prohibit "Node.js'" and "Node.js's". Instead, of "Node.js' module system", use "the Node.js module system". Refs: https://github.com/nodejs/node/pull/31748#issuecomment-585087745 PR-URL: https://github.com/nodejs/node/pull/31862 Reviewed-By: Daijiro Wachi <daijiro.wachi@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>

view details

Shelley Vohr

commit sha ae41049a760d55b5dcc20e137a7454e7c70415c4

doc: add note about ssh key to releases PR-URL: https://github.com/nodejs/node/pull/31856 Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: James M Snell <jasnell@gmail.com>

view details

Michaël Zasso

commit sha cf0096104752607c7374a7f7297139e60b03c59d

tools: sync gyp code base with node-gyp repo PR-URL: https://github.com/nodejs/node/pull/30563 Reviewed-By: Ujjwal Sharma <ryzokuken@disroot.org> Reviewed-By: Christian Clauss <cclauss@me.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Rich Trott <rtrott@gmail.com>

view details

Rich Trott

commit sha 2f97e973ff540d2ae7de77482c631c06cc99c313

meta: move julianduque to emeritus julianduque confirmed in email that they can be moved to emeritus. PR-URL: https://github.com/nodejs/node/pull/31863 Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>

view details

Vse Mozhet Byt

commit sha 2f23918ca5090417ad0e06be6ecce63553f17985

doc: update stream.pipeline() signature The `...transforms` parameter is optional. Refs: https://github.com/nodejs/node/blob/0875837417/lib/internal/streams/pipeline.js#L130-L132 Refs: https://github.com/nodejs/node/blob/e559842188/doc/api/stream.md#streams-compatibility-with-async-generators-and-async-iterators PR-URL: https://github.com/nodejs/node/pull/31789 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Robert Nagy <ronagy@icloud.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

view details

Robert Nagy

commit sha 21bd6679ce150e193cacd4b1b6585928224f255a

stream: fix finished typo https://github.com/nodejs/node/pull/31509 introduced a slight typo. Fortunately this typo does not have big impact due to `isWritableFinished()`. Fixes: https://github.com/nodejs/node/pull/31509#discussion_r381809355 PR-URL: https://github.com/nodejs/node/pull/31881 Fixes: https://github.com/nodejs/node/issues/31509 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>

view details

Tobias Nießen

commit sha 0e63a079e8f535e1d4f0398400c534b0b5772fa5

crypto: fix ieee-p1363 for createVerify Fixes: https://github.com/nodejs/node/issues/31866 PR-URL: https://github.com/nodejs/node/pull/31876 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>

view details

push time in 5 days

delete branch tniessen/node

delete branch : doc-fix-anchor-for-errtlsinvalidcontext

delete time in 5 days

PR closed nodejs/node

doc: fix anchor for ERR_TLS_INVALID_CONTEXT author ready doc errors fast-track

<!-- Thank you for your pull request. Please provide a description above and review the requirements below.

Bug fixes and new features should include tests and possibly benchmarks.

Contributors guide: https://github.com/nodejs/node/blob/master/CONTRIBUTING.md -->

Checklist

<!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->

  • [x] make -j4 test (UNIX), or vcbuild test (Windows) passes
  • [x] documentation is changed or added
  • [x] commit message follows commit guidelines

<!-- Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or

(b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or

(c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it.

(d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. -->

+1 -1

2 comments

1 changed file

tniessen

pr closed time in 5 days

pull request commentnodejs/node

doc: fix anchor for ERR_TLS_INVALID_CONTEXT

Fast-tracking approved by @Trott, @cjihrig, and @tniessen. Landed in fa1fc6bf9f257f7365454dc7a28bb4cd4385919f, thanks for reviewing.

tniessen

comment created time in 5 days

push eventnodejs/node

Tobias Nießen

commit sha fa1fc6bf9f257f7365454dc7a28bb4cd4385919f

doc: fix anchor for ERR_TLS_INVALID_CONTEXT PR-URL: https://github.com/nodejs/node/pull/31915 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

view details

push time in 5 days

delete branch tniessen/node

delete branch : crypto-fix-31886

delete time in 5 days

PR closed nodejs/node

crypto: fix ieee-p1363 for createVerify C++ crypto

Even though createVerify was correctly converting ieee-p1363 signatures to DER, it then passed a pointer to the ieee-p1363 signature to OpenSSL, instead of a pointer to the result of the conversion. My mistake, sorry.

Fixes: https://github.com/nodejs/node/issues/31866

<!-- Thank you for your pull request. Please provide a description above and review the requirements below.

Bug fixes and new features should include tests and possibly benchmarks.

Contributors guide: https://github.com/nodejs/node/blob/master/CONTRIBUTING.md -->

Checklist

<!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->

  • [x] make -j4 test (UNIX), or vcbuild test (Windows) passes
  • [x] tests and/or benchmarks are included
  • [x] commit message follows commit guidelines

<!-- Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or

(b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or

(c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it.

(d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. -->

+16 -10

2 comments

3 changed files

tniessen

pr closed time in 5 days

pull request commentnodejs/node

crypto: fix ieee-p1363 for createVerify

Landed in 0e63a079e8f535e1d4f0398400c534b0b5772fa5, thanks for reviewing.

tniessen

comment created time in 5 days

push eventnodejs/node

Tobias Nießen

commit sha 0e63a079e8f535e1d4f0398400c534b0b5772fa5

crypto: fix ieee-p1363 for createVerify Fixes: https://github.com/nodejs/node/issues/31866 PR-URL: https://github.com/nodejs/node/pull/31876 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>

view details

push time in 5 days

issue closednodejs/node

Verification with dsaEncoding ieee-p1363 fails.

When you verify a 'ieee-p1363' encoded signature it fails, even if the signature is correct.

  • Version: v13.8.0
  • Platform: 64-bit Windows 10
  • Subsystem: crypto

What steps will reproduce the bug?

const crypto = require('crypto');
const key = crypto.generateKeyPairSync('ec', { namedCurve: 'P-256' });

//ieee-p1363 signature, which seems to be the correct.
const signatureP1363 = crypto.createSign('SHA256').update('abc').sign({ key: key.privateKey, dsaEncoding: 'ieee-p1363' });
//ieee-p1363 verification, which fails.
console.log(crypto.createVerify('SHA256').update('abc').verify({ key: key.publicKey, dsaEncoding: 'ieee-p1363' }, signatureP1363));

//Compared to der signature and verification, which work as expected:
const signatureDER = crypto.createSign('SHA256').update('abc').sign({ key: key.privateKey, dsaEncoding: 'der' });
console.log(crypto.createVerify('SHA256').update('abc').verify({ key: key.publicKey, dsaEncoding: 'der' }, signatureDER));

Additional information

The problem seems to be the verification algorithm, not the signing algorithm. You can test that the generated signature is correct in chrome using:

//key.publicKey.export({ format: 'der', type: 'spki' }).toString('base64');
const base64key = 'MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE/V0xKgeZJeIFra+gshXB6OpM5IKuhHwcBkpu5ZdMZZM62x+GahHJdrll+Q3aihYNfakkzf7W65dIdDAhLImu0w==';
//signatureP1363.toString('base64');
const base64sig = '+aocUpmRHRSxfpCJpwCCuQoFagatOlsFganmXiqtztFo9iBHqE6z7A7KQcMs1k9VASt3cgtkJqyPKAY4OTyJ8A==';
//Verify the signature
const uint8key = Uint8Array.from(atob(base64key), (c) => c.charCodeAt(0));
const uint8sig = Uint8Array.from(atob(base64sig), (c) => c.charCodeAt(0));
const uint8data = Uint8Array.from('abc', (c) => c.charCodeAt(0));
const params = { name: 'ECDSA', hash: 'SHA-256', namedCurve: 'P-256' };
const cryptokey = await window.crypto.subtle.importKey('spki', uint8key, params, false, ['verify']);
await window.crypto.subtle.verify(params, cryptokey, uint8sig, uint8data);

closed time in 5 days

wdenbakker

Pull request review commentnodejs/node

tls: expose SSL_export_keying_material

 See [SSL_get_shared_sigalgs](https://www.openssl.org/docs/man1.1.1/man3/SSL_get_shared_sigalgs.html) for more information. +### `tlsSocket.exportKeyingMaterial(length, label[, context])`+<!-- YAML+added: REPLACEME+-->++* `length` {number} number of bytes to retrieve from keying material+* `label` {string} an application specific label, typically this will be a+value from the IANA Exporter Label Registry+(https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels).

Optional suggestion: Replace the long URL with an actual link (instead of showing the URL), allowing readers to just click on IANA Exporter Label Registry.

simllll

comment created time in 5 days

Pull request review commentnodejs/node

tls: expose SSL_export_keying_material

 See [SSL_get_shared_sigalgs](https://www.openssl.org/docs/man1.1.1/man3/SSL_get_shared_sigalgs.html) for more information. +### `tlsSocket.exportKeyingMaterial(length, label[, context])`+<!-- YAML+added: REPLACEME+-->++* `length` {number} number of bytes to retrieve from keying material+* `label` {string} an application specific label, typically this will be a+value from the IANA Exporter Label Registry+(https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels).+* `context` {Buffer} Optionally provide a context.++* Returns: {Buffer} requested bytes of the keying material++Keying material is used for validations to prevent different kind of attacks in+network protocols, for example in the specifications of IEEE 802.1X.++Example++```js+const keyingMaterial = tlsSocket.exportKeyingMaterial(+  128,+  'client finished');++/**+ Example return value of keyingMaterial:+ <Buffer 76 26 af 99 c5 56 8e 42 09 91 ef 9f 93 cb ad 6c 7b 65 f8 53 f1 d8 d9+    12 5a 33 b8 b5 25 df 7b 37 9f e0 e2 4f b8 67 83 a3 2f cd 5d 41 42 4c 91+    74 ef 2c ... 78 more bytes>+*/+```+See [SSL_export_keying_material][] for more information.

Optional suggestion:

See [`SSL_export_keying_material`][] for more information.

(Link at the bottom of the file would need to be changed and reordered.)

simllll

comment created time in 5 days

create barnchtniessen/node

branch : doc-fix-anchor-for-errtlsinvalidcontext

created branch time in 5 days

PR opened nodejs/node

Reviewers
doc: fix anchor for ERR_TLS_INVALID_CONTEXT

<!-- Thank you for your pull request. Please provide a description above and review the requirements below.

Bug fixes and new features should include tests and possibly benchmarks.

Contributors guide: https://github.com/nodejs/node/blob/master/CONTRIBUTING.md -->

Checklist

<!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->

  • [x] make -j4 test (UNIX), or vcbuild test (Windows) passes
  • [x] documentation is changed or added
  • [x] commit message follows commit guidelines

<!-- Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or

(b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or

(c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it.

(d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. -->

+1 -1

0 comment

1 changed file

pr created time in 5 days

Pull request review commentnodejs/node

stream: fix finished typo

 testClosed((opts) => new Writable({ write() {}, ...opts }));   })); } -

Unrelated whitespace change?

ronag

comment created time in 7 days

Pull request review commentnodejs/TSC

doc: add minutes for meeting 19 Feb 2020

+# Node.js Technical Steering Committee (TSC) Meeting 2020-02-19
+
+
+## Links
+
+
+* **Recording**: https://youtu.be/4tz8KsW_l9s 
+* **GitHub Issue**: https://github.com/nodejs/TSC/issues/820
+
+## Present
+
+* Beth Griggs @BethGriggs (TSC)
+* Сковорода Никита Андреевич @ChALkeR (TSC)
+* Colin Ihrig @cjihrig (TSC)
+* Gabriel Schulhof @gabrielschulhof (TSC)
+* James Snell @jasnell (TSC)
+* Michael Dawson @mhdawson (TSC)
+* Myles Borins @MylesBorins (TSC)
+* Ruben Bridgewater @BridgeAR (observer)
+* Sam Roberts @sam-github (TSC)
+* Tobias Nießen @tniessen (TSC)
+
+
+## Agenda
+
+
+### Announcements
+
+
+* CFP for OpenJS World closes this week (21st)
+
+
+### CPC and Board Meeting Updates
+ 
+*Extracted from **tsc-agenda** labeled issues and pull requests from the **nodejs org** prior to the meeting.
+
+
+### nodejs/TSC
+
+
+* Node.js future directions - any interest in online or in person summit? [#797](https://github.com/nodejs/TSC/issues/797)
+  * James -> in person good if lined up with something else. Part of collaborator summit may
+    make the most sense. Prefer not dedicated face to face trip.
+  * Michael can we actually get 2 days along with everything else that is going on
+  * Michael strong preferences virtual versus adding to colab summit
+  * Gabriel virtual might be easier to line up
+  * People in call are interested.  
+  * Michael to propose time/date for virtual to see if we can line up participation.
+  * Myles, could be useful to start putting together an agenda. That could drive whether 
+    Virtual or in person would help if remote/virtual makes sense.
+  * Maybe a call to talk through agenda, after open call to collaborators
+  * Could be a recurring call as well.
+
+
+### nodejs/admin
+
+* Node.js Social Media Accounts [#454](https://github.com/nodejs/admin/issues/454)
+  * will take agenda tag off until there is a proposal
+
+## Strategic Initiatives
+
+* QUIC
+  * Updated draft pull request, significant. Still massive pull request because openssl config
+    needs to be updated. 87K lines changed. Do not try to use PR itself to review. Check out
+    repo and open issues there.  
+  * Most significant issue is going to be around OpenSSL support. 
+    * To get it working need to backport APIs from OpenSSL 3 to OpenSSL 1.1.1
+    * OpenSSL has decided that those QUIC APIs will not be in 3.0
+    * If they add support will be in 3.1 and may do their own complete QUIC
+      Implementation. Not clear they are clear on the needs
+    * OpenSSL 3 beta is June
+    * QUIC RFC does not go to approval until July
+    * Means that QUIC must remain as experimental.
+  * No functional changes if you are not using QUIC
+  * Don’t think there is a risk, but QUIC will not work with dynamic openSSL
+  * Patches are minimal changes to existing functionality
+  * Sam, does mean all distro’s won’t have QUIC
+  * Myles, will there be any code paths that affect dynamic openssl
+  * Michael, are we too far on the bleeding edge here?
+  * James, will provide list of other languages/runtimes moving forward with QUIC
+    despite the openssl issues
+  * James we may want to explore supporting boring ssl again
  * James we may want to explore supporting BoringSSL again
mhdawson

comment created time in 8 days

Pull request review commentnodejs/TSC

doc: add minutes for meeting 19 Feb 2020

+# Node.js Technical Steering Committee (TSC) Meeting 2020-02-19
+
+
+## Links
+
+
+* **Recording**: https://youtu.be/4tz8KsW_l9s 
+* **GitHub Issue**: https://github.com/nodejs/TSC/issues/820
+
+## Present
+
+* Beth Griggs @BethGriggs (TSC)
+* Сковорода Никита Андреевич @ChALkeR (TSC)
+* Colin Ihrig @cjihrig (TSC)
+* Gabriel Schulhof @gabrielschulhof (TSC)
+* James Snell @jasnell (TSC)
+* Michael Dawson @mhdawson (TSC)
+* Myles Borins @MylesBorins (TSC)
+* Ruben Bridgewater @BridgeAR (observer)
+* Sam Roberts @sam-github (TSC)
+* Tobias Nießen @tniessen (TSC)
+
+
+## Agenda
+
+
+### Announcements
+
+
+* CFP for OpenJS World closes this week (21st)
+
+
+### CPC and Board Meeting Updates
+ 
+*Extracted from **tsc-agenda** labeled issues and pull requests from the **nodejs org** prior to the meeting.
+
+
+### nodejs/TSC
+
+
+* Node.js future directions - any interest in online or in person summit? [#797](https://github.com/nodejs/TSC/issues/797)
+  * James -> in person good if lined up with something else. Part of collaborator summit may
+    make the most sense. Prefer not dedicated face to face trip.
+  * Michael can we actually get 2 days along with everything else that is going on
+  * Michael strong preferences virtual versus adding to colab summit
+  * Gabriel virtual might be easier to line up
+  * People in call are interested.  
+  * Michael to propose time/date for virtual to see if we can line up participation.
+  * Myles, could be useful to start putting together an agenda. That could drive whether 
+    Virtual or in person would help if remote/virtual makes sense.
+  * Maybe a call to talk through agenda, after open call to collaborators
+  * Could be a recurring call as well.
+
+
+### nodejs/admin
+
+* Node.js Social Media Accounts [#454](https://github.com/nodejs/admin/issues/454)
+  * will take agenda tag off until there is a proposal
+
+## Strategic Initiatives
+
+* QUIC
+  * Updated draft pull request, significant. Still massive pull request because openssl config
+    needs to be updated. 87K lines changed. Do not try to use PR itself to review. Check out
+    repo and open issues there.  
+  * Most significant issue is going to be around OpenSSL support. 
+    * To get it working need to backport APIs from OpenSSL 3 to OpenSSL 1.1.1
+    * OpenSSL has decided that those QUIC APIs will not be in 3.0
+    * If they add support will be in 3.1 and may do their own complete QUIC
+      Implementation. Not clear they are clear on the needs
+    * OpenSSL 3 beta is June
+    * QUIC RFC does not go to approval until July
+    * Means that QUIC must remain as experimental.
+  * No functional changes if you are not using QUIC
+  * Don’t think there is a risk, but QUIC will not work with dynamic openSSL
  * Don’t think there is a risk, but QUIC will not work with dynamic OpenSSL
mhdawson

comment created time in 8 days

Pull request review commentnodejs/TSC

doc: add minutes for meeting 19 Feb 2020

+# Node.js Technical Steering Committee (TSC) Meeting 2020-02-19
+
+
+## Links
+
+
+* **Recording**: https://youtu.be/4tz8KsW_l9s 
+* **GitHub Issue**: https://github.com/nodejs/TSC/issues/820
+
+## Present
+
+* Beth Griggs @BethGriggs (TSC)
+* Сковорода Никита Андреевич @ChALkeR (TSC)
+* Colin Ihrig @cjihrig (TSC)
+* Gabriel Schulhof @gabrielschulhof (TSC)
+* James Snell @jasnell (TSC)
+* Michael Dawson @mhdawson (TSC)
+* Myles Borins @MylesBorins (TSC)
+* Ruben Bridgewater @BridgeAR (observer)
+* Sam Roberts @sam-github (TSC)
+* Tobias Nießen @tniessen (TSC)
+
+
+## Agenda
+
+
+### Announcements
+
+
+* CFP for OpenJS World closes this week (21st)
+
+
+### CPC and Board Meeting Updates
+ 
+*Extracted from **tsc-agenda** labeled issues and pull requests from the **nodejs org** prior to the meeting.
* Extracted from **tsc-agenda** labeled issues and pull requests from the **nodejs org** prior to the meeting.

mhdawson

comment created time in 8 days

Pull request review commentnodejs/TSC

doc: add minutes for meeting 19 Feb 2020

+# Node.js Technical Steering Committee (TSC) Meeting 2020-02-19
+
+
+## Links
+
+
+* **Recording**: https://youtu.be/4tz8KsW_l9s 
+* **GitHub Issue**: https://github.com/nodejs/TSC/issues/820
+
+## Present
+
+* Beth Griggs @BethGriggs (TSC)
+* Сковорода Никита Андреевич @ChALkeR (TSC)
+* Colin Ihrig @cjihrig (TSC)
+* Gabriel Schulhof @gabrielschulhof (TSC)
+* James Snell @jasnell (TSC)
+* Michael Dawson @mhdawson (TSC)
+* Myles Borins @MylesBorins (TSC)
+* Ruben Bridgewater @BridgeAR (observer)
+* Sam Roberts @sam-github (TSC)
+* Tobias Nießen @tniessen (TSC)
+
+
+## Agenda
+
+
+### Announcements
+
+
+* CFP for OpenJS World closes this week (21st)
+
+
+### CPC and Board Meeting Updates
+ 
+*Extracted from **tsc-agenda** labeled issues and pull requests from the **nodejs org** prior to the meeting.
+
+
+### nodejs/TSC
+
+
+* Node.js future directions - any interest in online or in person summit? [#797](https://github.com/nodejs/TSC/issues/797)
+  * James -> in person good if lined up with something else. Part of collaborator summit may
+    make the most sense. Prefer not dedicated face to face trip.
+  * Michael can we actually get 2 days along with everything else that is going on
+  * Michael strong preferences virtual versus adding to colab summit
  * Michael strong preferences virtual versus adding to collab summit
mhdawson

comment created time in 8 days

issue commentnodejs/node

Verification with dsaEncoding ieee-p1363 fails.

Turns out I am just stupid and it's an easy fix: https://github.com/nodejs/node/pull/31876

As a workaround, you can use crypto.verify instead, which handles ieee-p1363 correctly.

wdenbakker

comment created time in 8 days

PR opened nodejs/node

crypto: fix ieee-p1363 for createVerify crypto

Even though createVerify was correctly converting ieee-p1363 signatures to DER, it then passed a pointer to the ieee-p1363 signature to OpenSSL, instead of a pointer to the result of the conversion. My mistake, sorry.

Fixes: https://github.com/nodejs/node/issues/31866

<!-- Thank you for your pull request. Please provide a description above and review the requirements below.

Bug fixes and new features should include tests and possibly benchmarks.

Contributors guide: https://github.com/nodejs/node/blob/master/CONTRIBUTING.md -->

Checklist

<!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->

  • [x] make -j4 test (UNIX), or vcbuild test (Windows) passes
  • [x] tests and/or benchmarks are included
  • [x] commit message follows commit guidelines

<!-- Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or

(b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or

(c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it.

(d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. -->

+16 -10

0 comment

3 changed files

pr created time in 8 days

create barnchtniessen/node

branch : crypto-fix-31886

created branch time in 8 days

pull request commentnodejs/node

crypto: make DH error messages consistent

Mhh really? I talked to another collaborator before creating the PR, and we came to the conclusion that adding a code (as opposed to changing an existing code) isn't breaking behavior, because it is unrealistic that existing code relies on the non-existence of the code property.

tniessen

comment created time in 8 days

pull request commentnodejs/node

crypto: make DH error messages consistent

@jasnell I think it needs to be, the error code was only added in https://github.com/nodejs/node/pull/31445 (which was not semver-major since it didn't change the error name or message, just the code).

tniessen

comment created time in 8 days

issue commentnodejs/node

Verification with dsaEncoding ieee-p1363 fails.

Interesting. EVP_PKEY_verify returns -1, which indicates that something other than the verification fails.

wdenbakker

comment created time in 8 days

PR opened nodejs/node

crypto: make DH error messages consistent crypto semver-major

This custom error message was only added to make sure that #31445 was semver-minor.

Refs: https://github.com/nodejs/node/pull/31178 Refs: https://github.com/nodejs/node/pull/31445

<!-- Thank you for your pull request. Please provide a description above and review the requirements below.

Bug fixes and new features should include tests and possibly benchmarks.

Contributors guide: https://github.com/nodejs/node/blob/master/CONTRIBUTING.md -->

Checklist

<!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->

  • [x] make -j4 test (UNIX), or vcbuild test (Windows) passes
  • [x] tests and/or benchmarks are included
  • [x] commit message follows commit guidelines

<!-- Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or

(b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or

(c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it.

(d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. -->

+2 -2

0 comment

2 changed files

pr created time in 8 days

PR opened nodejs/make-node-meeting

Replace HTTP with HTTPS in template

Noticed this when Rogers hijacked the HTTP connection to tell me about their new billing mechanism.

+2 -2

0 comment

1 changed file

pr created time in 9 days

create barnchtniessen/make-node-meeting

branch : no-more-http-please

created branch time in 9 days

fork tniessen/make-node-meeting

Generate a text for a GitHub issue announcing a Node.js working group meeting

fork in 9 days

push eventtniessen/node

James M Snell

commit sha 907c07fa850e128c695482cd47554b5bce5e4b0c

stream: move _writableState.buffer to EOL API was deprecated back in the 0.11 days. PR-URL: https://github.com/nodejs/node/pull/31165 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Robert Nagy <ronagy@icloud.com>

view details

James M Snell

commit sha bffa5044c576003198ccfee5a751c23036d0744f

crypto: move pbkdf2 without digest to EOL API has been being incrementally deprecated since 6.0.0 PR-URL: https://github.com/nodejs/node/pull/31166 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

view details

James M Snell

commit sha ec0dd6fa1cfa03b3983419acedb27ef95d297c82

lib: move GLOBAL and root aliases to EOL GLOBAL and root have been long deprecated. PR-URL: https://github.com/nodejs/node/pull/31167 Reviewed-By: Gus Caplan <me@gus.host> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

view details

James M Snell

commit sha ab4115f17cf2859f336b3c0588d2bf9eca0e65b8

os: move tmpDir() to EOL The tmpDir alias was deprecated in 7.0.0 PR-URL: https://github.com/nodejs/node/pull/31169 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>

view details

Joyee Cheung

commit sha 0effc9845f74e7351487644cbd1691196000b93e

doc: ask more questions in the bug report template Inspired by the defect report template of the V8 issue tracker PR-URL: https://github.com/nodejs/node/pull/31611 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Weijia Wang <starkwang@126.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Daijiro Wachi <daijiro.wachi@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>

view details

Beth Griggs

commit sha f0f2583c912d4c7abf6fb5a9ccd380976f1ab092

2020-02-06, Version 13.8.0 (Current) This is a security release. Vulnerabilities fixed: * **CVE-2019-15606**: HTTP header values do not have trailing OWS trimmed. * **CVE-2019-15605**: HTTP request smuggling using malformed Transfer-Encoding header. * **CVE-2019-15604**: Remotely trigger an assertion on a TLS server with a malformed certificate string. Also, HTTP parsing is more strict to be more secure. Since this may cause problems in interoperability with some non-conformant HTTP implementations, it is possible to disable the strict checks with the `--insecure-http-parser` command line flag, or the `insecureHTTPParser` http option. Using the insecure HTTP parser should be avoided. PR-URL: https://github.com/nodejs-private/node-private/pull/196

view details

Beth Griggs

commit sha e65ae4278578e51761bf9253a7c68ade0f9b897c

2020-02-06, Version 12.15.0 'Erbium' (LTS) This is a security release. Vulnerabilities fixed: * **CVE-2019-15606**: HTTP header values do not have trailing OWS trimmed. * **CVE-2019-15605**: HTTP request smuggling using malformed Transfer-Encoding header. * **CVE-2019-15604**: Remotely trigger an assertion on a TLS server with a malformed certificate string. Also, HTTP parsing is more strict to be more secure. Since this may cause problems in interoperability with some non-conformant HTTP implementations, it is possible to disable the strict checks with the `--insecure-http-parser` command line flag, or the `insecureHTTPParser` http option. Using the insecure HTTP parser should be avoided. PR-URL: https://github.com/nodejs-private/node-private/pull/197

view details

Beth Griggs

commit sha d602e586bf2baf5889586bde8e072e556db2b273

2020-02-06, Version 10.19.0 'Dubnium' (LTS) This is a security release. Vulnerabilities fixed: * **CVE-2019-15606**: HTTP header values do not have trailing OWS trimmed. * **CVE-2019-15605**: HTTP request smuggling using malformed Transfer-Encoding header. * **CVE-2019-15604**: Remotely trigger an assertion on a TLS server with a malformed certificate string. Also, HTTP parsing is more strict to be more secure. Since this may cause problems in interoperability with some non-conformant HTTP implementations, it is possible to disable the strict checks with the `--insecure-http-parser` command line flag, or the `insecureHTTPParser` http option. Using the insecure HTTP parser should be avoided. PR-URL: https://github.com/nodejs-private/node-private/pull/198

view details

James M Snell

commit sha e001710219906b45bb5ac94d7e9cb4b56a83c134

meta: fix collaborator list errors in README.md Add missing `-` characters in the list. PR-URL: https://github.com/nodejs/node/pull/31655 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Yuta Hiroto <hello@hiroppy.me> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

view details

Anna Henningsen

commit sha 06a43d4dcacc0c39506b8a3a1bb77411add6d9d7

test: fix flaky test-http2-stream-destroy-event-order Alternative to https://github.com/nodejs/node/pull/31590. It appears that the issue here is that the test falsely assumed that closing the client (which also currently destroys the socket rather than gracefully shutting down the connection) would still leave enough time for the server side to receive the stream error. Address that by explicitly waiting for the server side to receive the stream error before closing the client and the connection with it. Refs: https://github.com/nodejs/node/pull/31590 Refs: https://github.com/nodejs/node/issues/20750 PR-URL: https://github.com/nodejs/node/pull/31610 Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Denys Otrishko <shishugi@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>

view details

Sam Roberts

commit sha f8e75512951b5060409b0c80e246ffc81ee9e72e

benchmark: support optional headers with wrk wrk did not support sending optional headers, they were silently ignored. This appears to be an oversight, they were supported for autocannon. PR-URL: https://github.com/nodejs-private/node-private/pull/189 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>

view details

Sam Roberts

commit sha fe3975783cc4fdba47c2e25442ca891aab31e805

http: strip trailing OWS from header values HTTP header values can have trailing OWS, but it should be stripped. It is not semantically part of the header's value, and if treated as part of the value, it can cause spurious inequality between expected and actual header values. Note that a single SPC of leading OWS is common before the field-value, and it is already handled by the HTTP parser by stripping all leading OWS. It is only the trailing OWS that must be stripped by the parser user. header-field = field-name ":" OWS field-value OWS ; https://tools.ietf.org/html/rfc7230#section-3.2 OWS = *( SP / HTAB ) ; https://tools.ietf.org/html/rfc7230#section-3.2.3 Fixes: https://hackerone.com/reports/730779 PR-URL: https://github.com/nodejs-private/node-private/pull/189 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>

view details

Fedor Indutny

commit sha 861d3f7a61f543c253337cfc1a967fa84f96c653

crypto: fix assertion caused by unsupported ext `X509V3_EXT_print` can return value different from `1` if the X509 extension does not support printing to a buffer. Instead of failing with an unrecoverable assertion - replace the relevant value in the hashmap with a JS null value. Fixes: https://hackerone.com/reports/746733 PR-URL: https://github.com/nodejs-private/node-private/pull/175 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Shelley Vohr <codebytere@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com> Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>

view details

Beth Griggs

commit sha 4c5b8dd7d80b6010c4d3e914f7e8c61cc297a1ad

deps: update llhttp to 2.0.4 PR-URL: https://github.com/nodejs-private/node-private/pull/199 Reviewed-By: Sam Roberts <vieuxtech@gmail.com>

view details

Sam Roberts

commit sha efd5a6b2eda54dd846d2bdf34f64d34701411d0e

test: using TE to smuggle reqs is not possible See: https://hackerone.com/reports/735748 PR-URL: https://github.com/nodejs-private/node-private/pull/199 Reviewed-By: Sam Roberts <vieuxtech@gmail.com>

view details

Rich Trott

commit sha a9e26268f5b464f508a033129c1ffaa694e5d361

doc,assert: rename "mode" to "assertion mode" Rename "strict mode" in the assert module to "strict assertion mode". This is to avoid confusion with the more typical meaning of "strict mode" in ECMAScript. This necessitates a corresponding change of "legacy mode" to "legacy assertion mode". PR-URL: https://github.com/nodejs/node/pull/31635 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>

view details

Gabriel Schulhof

commit sha 884e287199901853a30781a0b398e6c3e4a07eb1

n-api: free instance data as reference Instance data associated with a `napi_env` is no longer stored on the env itself but is instead rendered as a reference. Since `v8impl::Reference` is tied to a JS object, this modification factors out the `v8impl::Reference` refcounting and the deletion process into a base class for `v8impl::Reference`, called `v8impl::RefBase`. The instance data is then stored as a `v8impl::RefBase`, along with other references, preventing a segfault that arises from the fact that, up until now, upon `napi_env` destruction, the instance data was freed after all references had already been forcefully freed. If the addon freed a reference during the `napi_set_instance_data` finalizer callback, such a reference had already been freed during environment teardown, causing a double free. Re: https://github.com/nodejs/node-addon-api/pull/663 PR-URL: https://github.com/nodejs/node/pull/31638 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: David Carlier <devnexen@gmail.com>

view details

Richard Lau

commit sha d213f21c72f77da6f66f2723b300da27740a0a90

tools: unify make-v8.sh for ppc64le and s390x Refactor `tools/make-v8.sh` to minimise differences between the `ppc64le` and `s390x` paths to allow us to enable `ccache` on the `ppc64le` machines in the CI. PR-URL: https://github.com/nodejs/node/pull/31628 Refs: https://github.com/nodejs/build/pull/1927 Refs: https://github.com/nodejs/build/issues/1940 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>

view details

Rich Trott

commit sha 1d369a2031700d0b4ac94a6233ab51846ca59b80

test: add test-dns-promises-lookupService This adds covereage for the onlookupservice() callback in lib/internal/dns/promises.js. Because of stubbing in other tests, it is not currently covered. This test works on my local development machine with the network turned off, so I'm putting it in parallel. If CI proves more challenging, it can be moved to the internet directory instead. PR-URL: https://github.com/nodejs/node/pull/31640 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Richard Lau <riclau@uk.ibm.com>

view details

tsabolov

commit sha 10d378e947565d4aa786f9f5bd69f55c208faf0f

doc: correct getting an ArrayBuffer's length `ArrayBuffer` instances do not have `.length` property. Instead they have `.byteLength` property. Fixed that in the description of `new Buffer(arrayBuffer[, byteOffset[, length]])` and `Buffer.from(arrayBuffer[, byteOffset[, length]])`. PR-URL: https://github.com/nodejs/node/pull/31632 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com> Reviewed-By: Gus Caplan <me@gus.host> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>

view details

push time in 10 days

Pull request review commentnodejs/nodejs.org

simplify main.js

    langPickerTogglerElement.addEventListener('click', function () {     langPickerElement.classList.toggle('hidden')--    if (langPickerTogglerElement.getAttribute('aria-expanded') === 'true') {-      langPickerTogglerElement.setAttribute('aria-expanded', 'false')-    } else {-      langPickerTogglerElement.setAttribute('aria-expanded', 'true')-    }+    const isAriaExpanded = langPickerTogglerElement.getAttribute('aria-expanded') === 'true'+    langPickerTogglerElement.setAttribute('aria-expanded', (!isAriaExpanded).toString())

I understand @Trott's point, the boolean/string conversions are not pretty. However, if I remember all those questionable DOM / WebIDL conversion specifications correctly, the whole (...).toString() is unnecessary:

    langPickerTogglerElement.setAttribute('aria-expanded', !isAriaExpanded)

(I luckily haven't had to write frontend JS in a while, so I might be wrong, but it seems to work in FF/IE/Chrome.)

MaledongGit

comment created time in 10 days

pull request commentnodejs/node

test: add secp224k1 check in crypto-dh-stateless

I did not think about changing the curve as I thought that was something that was being tested specifically.

The test should work as long as both curves are valid EC curves, but they must be distinct.

I don't think we can know which curves will be available on all systems and they might change over time. Even ones that exist now might be removed later.

Exactly, that's my problem: If secp224k1 is removed on one or more platforms, we don't have test coverage on those anymore, and we wouldn't know, because the test is skipped silently. But we also cannot cannot just pick any curve from crypto.getCurves(), because some might be aliases for secp256k1.

From what I can tell, OpenSSL supports at least secp224r1, secp384r1, and secp521r1, even in FIPS mode (https://github.com/openssl/openssl/pull/9081). The easiest fix might be to just use secp224r1, which will likely be available everywhere, and if it isn't, we can revisit this. But if we don't want to risk limiting the test to one specific curve, something like this should also work:

const not256k1 = crypto.getCurves().find(c => /^sec.*(224|384|512)/.test(c));
assert.throws(() => {
  test(crypto.generateKeyPairSync('ec', { namedCurve: 'secp256k1' }),
       crypto.generateKeyPairSync('ec', { namedCurve: not256k1 }));
}, {
  name: 'Error',
  code: 'ERR_OSSL_EVP_DIFFERENT_PARAMETERS'
});

2 line change instead of 20 lines :)

I think it's fair to assume that any OpenSSL implementation will support at least one sec* curve that isn't 256 bits. We don't need to check if not256k1 === undefined because generateKeyPairSync will throw an error in that case.

I'm also okay with the change as it is, just not a big favor of silently skipping the check :)

danbev

comment created time in 11 days

issue openednodejs/TSC

Timing of TSC member addition / removal

If @BridgeAR isn't added to the TSC (#811) before @Fishrock123 leaves the TSC (https://github.com/nodejs/node/pull/31725), and if I am not mistaken about the number of IBM employees on the TSC, this clause will come into effect:

If removal or resignation of a TSC member, or a change of employment by a TSC member, creates a situation where more than one-fourth of the TSC membership shares an employer, then the situation must be immediately remedied by the resignation or removal of one or more TSC members affiliated with the over-represented employer(s).

It might be too early to add @BridgeAR, given that he hasn't had a chance to attend any meetings yet. We can avoid this clause from coming into effect if @Fishrock123 is okay with delaying his resignation for a while, but I understand if he is not, and we should in no way prevent him from stepping down.

cc @nodejs/tsc

created time in 15 days

pull request commentnodejs/node

async_hooks: add AsyncLocal

You might want to attribute authorship via Co-authored-by in all these cases :)

Qard

comment created time in 15 days

pull request commentnodejs/nodejs.org

Avoid using "Node" and "Node's"

I removed the merge commit, rebased properly, and cleaned up the commit history. Another ping @ whoever needs to fix stuff.

To be honest, I am not super happy about other maintainers pushing commits to my PR if those block an originally uncontroversial PR for weeks. Sure, I can disable editing by maintainers for this repo from now on, but this behavior might still be frustrating for others, especially new contributors.

tniessen

comment created time in 15 days

push eventtniessen/nodejs.org

Maledong

commit sha 6407120b85506479190eb0aa9148949acab2102d

fix some typos and enhance 'advanced' knowledge files (#2909) 1. Fixtures for some typos. 2. Add 'console' for some console codes to enhance the formation. 3. Add some backquotes onto some methods. 4. Change all the 'new Buffer()' to 'Buffer.alloc()' or related methods.

view details

dependabot-preview[bot]

commit sha 0d6e320f727480bbb815bf0cf6202facefbe4a7c

build(deps-dev): bump stylelint-config-twbs-bootstrap (#2920) Bumps [stylelint-config-twbs-bootstrap](https://github.com/twbs/stylelint-config-twbs-bootstrap) from 1.1.0 to 2.0.0. - [Release notes](https://github.com/twbs/stylelint-config-twbs-bootstrap/releases) - [Commits](https://github.com/twbs/stylelint-config-twbs-bootstrap/compare/v1.1.0...v2.0.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

dependabot-preview[bot]

commit sha b89c9a5ca0ef569eb5a233e6edd2125ce2c036a3

build(deps-dev): bump stylelint from 12.0.1 to 13.0.0 (#2921) Bumps [stylelint](https://github.com/stylelint/stylelint) from 12.0.1 to 13.0.0. - [Release notes](https://github.com/stylelint/stylelint/releases) - [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md) - [Commits](https://github.com/stylelint/stylelint/compare/12.0.1...13.0.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

Keziah

commit sha ffa6cf1d719374dba13c10ebaa5476d735c2cbd5

feat: contributor card

view details

XhmikosR

commit sha fc3dd038de600c9b2c64fdfb93808a3ff408d5d1

More progress * return early * hide the block by default * remove function used only once * remove `height: 0` * add dns-prefetch for api.github.com

view details

KeziahMoselle

commit sha 99b3653151894cd5b030fab36df56758164f353c

More progress * fix: check for the card instead of the avatar * feat: add intersection observer support * feat: localstorage caching - set 2 keys : max_contributors and fetch_date - if max_contributors is set : refetch max contributors - if fetch_date is 1 month old : refetch max contributors - if max_contributors is set and fetch_date is less that one month old : fetch only the contributor * feat: style contributor card, avatar and contributions links * feat: loading spinner * feat: handle requests error by removing the card

view details

XhmikosR

commit sha 3d0c222f2e470e2b8703afa547c1c3688c1d199a

Use addEventListener and remove redundant assignment

view details

KeziahMoselle

commit sha 4d15fbfc00067068d6e8037618ee3930cef85594

fix: rel nofollow, textcontent, image parameter, text wrapping

view details

XhmikosR

commit sha 64a57ee4dcbd19b58ec5610df9f1c90cb70825bc

More tweaks and fix IE >= 10 JS. Also, move `.hidden` to utils.

view details

Martijn Cuppens

commit sha cb4ad7456f458ad7d278da571fc1217f944fb66b

IE fixes

view details

dependabot-preview[bot]

commit sha b8f1fbd1fadc4a3afe735fa1c6ea6ac287a40692

build(deps): bump semver from 7.1.1 to 7.1.2 Bumps [semver](https://github.com/npm/node-semver) from 7.1.1 to 7.1.2. - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/master/CHANGELOG.md) - [Commits](https://github.com/npm/node-semver/compare/v7.1.1...v7.1.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

XhmikosR

commit sha c7534e8da73de5af7eaba6f8c4c81448a52090c5

Remove console syntax highlighting instances (#2923) Prism.js doesn't support this and it led to wrong highlighting.

view details

XhmikosR

commit sha 177fd0d681a37b78fc8ca524dca941a89b6e373a

Regenerate package-lock.json (#2903)

view details

dependabot-preview[bot]

commit sha 244200ca437eb61cde17f5cd6a35af07d1375671

build(deps-dev): bump lockfile-lint from 3.0.9 to 3.0.12 (#2930) Bumps [lockfile-lint](https://github.com/lirantal/lockfile-lint) from 3.0.9 to 3.0.12. - [Release notes](https://github.com/lirantal/lockfile-lint/releases) - [Commits](https://github.com/lirantal/lockfile-lint/compare/lockfile-lint@3.0.9...lockfile-lint@3.0.12) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

Bethany Nicolle Griggs

commit sha b9602ab02b2499e4ddc25b62227344ad2f93edc4

Blog: v10.19.0 release post (#2935) Refs: https://github.com/nodejs-private/node-private/pull/198

view details

Bethany Nicolle Griggs

commit sha 5ecac2c84242e0374a74cbce25f586142d1ee4ee

Blog: v12.15.0 release post (#2934) Refs: https://github.com/nodejs-private/node-private/pull/197

view details

Bethany Nicolle Griggs

commit sha a2a8a53de5d4d676404198f93dde0331db45b061

Blog: v13.8.0 release post (#2933) Refs: https://github.com/nodejs-private/node-private/pull/196

view details

Bethany Nicolle Griggs

commit sha 247682eb6253802186a753b0b3208bf03a7b85bf

Blog: v13.8.0 release post - add missing SHAs (#2936) Refs: https://github.com/nodejs-private/node-private/pull/196 Refs: https://github.com/nodejs/node/issues/31657

view details

Sam Roberts

commit sha f557b4f49e804b20be0f98a63144acfad70779de

feb-2020 sec release post-announcement

view details

Nick Schonning

commit sha 697d892439ed0382eba6daf44d39fdaecc0edb16

docs: Update banner text for Feb Security release

view details

push time in 15 days

pull request commentnodejs/node

async_hooks: add AsyncLocal

I am a little confused as to who actually wrote the code. This PR seems to duplicate a lot of code from previous proposals, but doesn't attribute it to anyone. (But I also cannot tell who the original authors of other proposals were, this is becoming confusing.)

Qard

comment created time in 15 days

pull request commentnodejs/node

errors: add ERR_INVALID_OPT_TYPE and support options in validators.js

So now we have ERR_INVALID_OPT_TYPE and ERR_INVALID_OPT_VALUE, but some values will throw other errors, e.g., ERR_OUT_OF_RANGE? This seems more and more confusing to me.

lundibundi

comment created time in 15 days

PR opened nodejs/node

doc: update foundation name in onboarding doc meta

<!-- Thank you for your pull request. Please provide a description above and review the requirements below.

Bug fixes and new features should include tests and possibly benchmarks.

Contributors guide: https://github.com/nodejs/node/blob/master/CONTRIBUTING.md -->

Checklist

<!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->

<!-- Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or

(b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or

(c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it.

(d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. -->

+1 -1

0 comment

1 changed file

pr created time in 17 days

create barnchtniessen/node

branch : doc-change-foundation-name-onboarding

created branch time in 17 days

pull request commentcjihrig/uvwasi

add serdes API

Yes, I would like to check the serialized outputs against known correct serializations. I just don't have that data at hand, I guess I'll have to compile some WASI code to WebAssembly and then extract the data from memory.

tniessen

comment created time in 19 days

PR opened nodejs/node

doc: update TSC name in "Release Process" doc meta

<!-- Thank you for your pull request. Please provide a description above and review the requirements below.

Bug fixes and new features should include tests and possibly benchmarks.

Contributors guide: https://github.com/nodejs/node/blob/master/CONTRIBUTING.md -->

Checklist

<!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->

<!-- Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or

(b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or

(c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it.

(d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. -->

+1 -1

0 comment

1 changed file

pr created time in 22 days

create barnchtniessen/node

branch : doc-update-tsc-name-in-release-doc

created branch time in 22 days

push eventtniessen/node

Robert Nagy

commit sha 855ca736de018f05bb55e2e9489f058a3b9e57fa

net: remove duplicate _undestroy initSocketHandle will call _undestroy. PR-URL: https://github.com/nodejs/node/pull/30833 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>

view details

Juan José Arboleda

commit sha 411360150aff0ab2daaf00a0710822555d10e26a

doc: add code example to inspector.url() method PR-URL: https://github.com/nodejs/node/pull/29496 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Michaël Zasso <targos@protonmail.com>

view details

Sebastien Ahkrin

commit sha 11465d3b0e1a317bba9c35706a6fae0e15ea65a6

lib: replace every Symbol.for by SymbolFor primordials PR-URL: https://github.com/nodejs/node/pull/30857 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>

view details

Sebastien Ahkrin

commit sha c101251a95cc82142bee4637f8db6cc360a06d82

lib: replace Symbol.iterator by SymbolIterator PR-URL: https://github.com/nodejs/node/pull/30859 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: David Carlier <devnexen@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

view details

Rich Trott

commit sha 76cbb6628c302119fbace82142d6be0a08b569de

doc: clarify Tier 2 implications in BUILDING.md Clarify the explanation of Tier 2 platforms and binary releases. PR-URL: https://github.com/nodejs/node/pull/30866 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com> Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: Rod Vagg <rod@vagg.org>

view details

Jordan Harband

commit sha 916cc82b45a2c1ddac610d176f8c3cbd80034ae4

test: assert: fix deepStrictEqual comparing a real array and fake array PR-URL: https://github.com/nodejs/node/pull/30743 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com>

view details

Kamat, Trivikram

commit sha 9c32b24b652725af6e5a65994e2e6ec57d999fa0

url: declare iterator inside loop Refs: https://github.com/nodejs/node/pull/30281#discussion_r343380565 PR-URL: https://github.com/nodejs/node/pull/30509 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>

view details

Ruben Bridgewater

commit sha fb14ed4c38772216807fbede5765094a13621fe9

src: accept single argument in getProxyDetails This makes sure this function stays backwards compatible in case it's accessed through the binding directly. Refs: https://github.com/nodejs/node/pull/29947#issuecomment-562987888 PR-URL: https://github.com/nodejs/node/pull/30858 Refs: https://github.com/nodejs/node/pull/30767 Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: David Carlier <devnexen@gmail.com> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Anna Henningsen <anna@addaleax.net>

view details

Matteo Collina

commit sha 086c7b41b2c6581baa3de5f9c5d57ce1dfda4734

build: add flag to enable pointer compression The --experimental-enable-pointer-compression is experimental as it breaks ABI compatibility. PR-URL: https://github.com/nodejs/node/pull/30463 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: David Carlier <devnexen@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Denys Otrishko <shishugi@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Rich Trott <rtrott@gmail.com>

view details

isaacs

commit sha d8fc0ae50fd0c7fe403cbbd27819eb5b00acb7da

deps: update npm to 6.13.4 PR-URL: https://github.com/nodejs/node/pull/30904 Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Jiawen Geng <technicalcute@gmail.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: Daijiro Wachi <daijiro.wachi@gmail.com>

view details

Giovanni Campagna

commit sha 99fe9dd11225daf238c72978198237dcdc0b22bc

build: fix library version and compile flags on Android Compiling a library with -fPIE won't do, and on Android libraries are not versioned. PR-URL: https://github.com/nodejs/node/pull/29388 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Christian Clauss <cclauss@me.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>

view details

Giovanni Campagna

commit sha 73df09e66bb54764817de3f87154bdbc8e391a23

build: on Android, use android log library to print stack traces And other errors like lost promises PR-URL: https://github.com/nodejs/node/pull/29388 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Christian Clauss <cclauss@me.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>

view details

Tobias Nießen

commit sha d776992f1f80312ec3cfdfbb74c610c22e92c886

doc: fix argument type of setAAD PR-URL: https://github.com/nodejs/node/pull/30863 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>

view details

Denys Otrishko

commit sha 2dff8ddafb3cd8ca6555d9e3731a1541c6a1bb2f

http2: forward debug message in debugStreamObj PR-URL: https://github.com/nodejs/node/pull/30840 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>

view details

Thang Tran

commit sha 4f523c2c1a1c4cef33a1f925cb9102d5b8a51dab

src: migrate to new V8 ArrayBuffer API ArrayBuffer without BackingStore will soon be deprecated. Fixes:https://github.com/nodejs/node/issues/30529 PR-URL: https://github.com/nodejs/node/pull/30782 Fixes: https://github.com/nodejs/node/issues/30529 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Rich Trott <rtrott@gmail.com>

view details

Rich Trott

commit sha 82d477a8385cf1a5e65ba5bc393803daed7a488a

test: disable colorMode in test-console-group Disable colorMode in test-console-group so that the test will succeed if run without the test runner from the command line. PR-URL: https://github.com/nodejs/node/pull/30886 Reviewed-By: Shelley Vohr <codebytere@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>

view details

Rich Trott

commit sha 973b5c02bba6b744f7ba38f335ec8d0d67e1b199

doc: edit colorMode information Add information about what it means when colorMode is set to false. PR-URL: https://github.com/nodejs/node/pull/30887 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>

view details

Ben Noordhuis

commit sha edf654d43e7140f6ac50aefc5dd3f0474bfc5cfe

test: work around ENOTEMPTY when cleaning tmp dir Replace the homegrown rimrafsync implementation in test/common with a call to `fs.rmdirSync(path, { recursive: true })`. Fixes: https://github.com/nodejs/node/issues/30620 Fixes: https://github.com/nodejs/node/issues/30844 PR-URL: https://github.com/nodejs/node/pull/30849 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>

view details

Guy Bedford

commit sha 357a99293e0132ed96afde56df5ce5aea2b550cd

module: conditional exports import condition PR-URL: https://github.com/nodejs/node/pull/30799 Reviewed-By: Jan Krems <jan.krems@gmail.com> Reviewed-By: Myles Borins <myles.borins@gmail.com>

view details

Daniel Bevenius

commit sha afa9a7206c26a29a2af226696c145c924a6d3754

tools: update link to google styleguide for cpplint This commit updates two old links to Google's C++ styleguide which currently result in a 404 when accessed. PR-URL: https://github.com/nodejs/node/pull/30876 Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: David Carlier <devnexen@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Rich Trott <rtrott@gmail.com>

view details

push time in 22 days

pull request commentnodejs/node-addon-api

src: add support for addon instance data

Is the implicit initialization really helpful? I would imagine most use cases to be one of these:

  1. For all calls into the module that require instance data, the module checks if instance data exists, and if it doesn't, it creates and initializes instance data. This PR takes away the ability to check if the instance data was newly created or if it previously existed.
  2. One call into the module creates and initializes instance data, all other calls only retrieve it. In this case, if due to a bug the instance data is not initialized correctly, the consuming functions have no way to check that, and since this PR silently creates a new object in the background, it might not even crash immediately. With separate APIs to set and get instance data, the consuming functions could just do the equivalent of CHECK on the returned pointer to make sure it has been initialized correctly.

To work around these issues, most objects would probably have to have a member is_initialized or something similar, instead of just checking whether the instance data is NULL or not. In all cases, requiring T to be default constructible is restrictive.

gabrielschulhof

comment created time in 24 days

pull request commentnodejs/nodejs.org

Avoid using "Node" and "Node's"

Ping @ whoever needs to fix stuff.

tniessen

comment created time in 25 days

PR closed nodejs/node

doc: change error message testing policy doc meta

Dynamic error messages often contain important information that depends on the context, e.g., which argument caused an ERR_INVALID_ARG_TYPE, which type was expected, and which type was received. I don't think that internal breakage when changing a dynamic error message should prevent us from testing such properties properly. (Not to test the error message, but rather the API that uses the error code.)

<!-- Thank you for your pull request. Please provide a description above and review the requirements below.

Bug fixes and new features should include tests and possibly benchmarks.

Contributors guide: https://github.com/nodejs/node/blob/master/CONTRIBUTING.md -->

Checklist

<!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->

  • [x] make -j4 test (UNIX), or vcbuild test (Windows) passes
  • [x] documentation is changed or added
  • [x] commit message follows commit guidelines

<!-- Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or

(b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or

(c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it.

(d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. -->

+2 -2

1 comment

1 changed file

tniessen

pr closed time in a month

pull request commentnodejs/node

doc: change error message testing policy

Landed in d65e6a50176e4847738a77c3579fe52c2735fd8b. I agree that larger changes are necessary.

tniessen

comment created time in a month

push eventnodejs/node

Tobias Nießen

commit sha d65e6a50176e4847738a77c3579fe52c2735fd8b

doc: change error message testing policy Dynamic error messages often contain important information that depends on the context, e.g., which argument caused an ERR_INVALID_ARG_TYPE, which type was expected, and which type was received. I don't think that internal breakage when changing a dynamic error message should prevent us from testing such properties properly. PR-URL: https://github.com/nodejs/node/pull/31421 Reviewed-By: Rich Trott <rtrott@gmail.com>

view details

push time in a month

PR opened nodejs/node

napi: rename 'promise' parameter to 'value'

This change makes it clear that the value doesn't need to be a Promise, and makes the signature consistent with other napi_is_* functions.

<!-- Thank you for your pull request. Please provide a description above and review the requirements below.

Bug fixes and new features should include tests and possibly benchmarks.

Contributors guide: https://github.com/nodejs/node/blob/master/CONTRIBUTING.md -->

Checklist

<!-- Remove items that do not apply. For completed items, change [ ] to [x]. -->

  • [x] make -j4 test (UNIX), or vcbuild test (Windows) passes
  • [x] documentation is changed or added
  • [x] commit message follows commit guidelines

<!-- Developer's Certificate of Origin 1.1

By making a contribution to this project, I certify that:

(a) The contribution was created in whole or in part by me and I have the right to submit it under the open source license indicated in the file; or

(b) The contribution is based upon previous work that, to the best of my knowledge, is covered under an appropriate open source license and I have the right under that license to submit that work with modifications, whether created in whole or in part by me, under the same open source license (unless I am permitted to submit under a different license), as indicated in the file; or

(c) The contribution was provided directly to me by some other person who certified (a), (b) or (c) and I have not modified it.

(d) I understand and agree that this project and the contribution are public and that a record of the contribution (including all personal information I submit with it, including my sign-off) is maintained indefinitely and may be redistributed consistent with this project or the open source license(s) involved. -->

+6 -6

0 comment

3 changed files

pr created time in a month

create barnchtniessen/node

branch : napi-rename-promise-to-value

created branch time in a month

Pull request review commentcjihrig/uvwasi

add serdes API

+#ifndef __UVWASI_SERDES_H__+#define __UVWASI_SERDES_H__++#include "wasi_types.h"++/*+   Basic uint{8,16,32,64}_t read/write functions.+*/++#define BASIC_TYPE_(name, type)                                                \+  void uvwasi_serdes_write_##name(void* ptr, size_t offset, type value);       \+  type uvwasi_serdes_read_##name(const void* ptr, size_t offset);              \++#define BASIC_TYPE(type) BASIC_TYPE_(type, type)+#define BASIC_TYPE_UVWASI(type) BASIC_TYPE_(type, uvwasi_##type)++#define UVWASI_SERDES_SIZE_uint8_t sizeof(uint8_t)+BASIC_TYPE(uint8_t)+#define UVWASI_SERDES_SIZE_uint16_t sizeof(uint16_t)+BASIC_TYPE(uint16_t)+#define UVWASI_SERDES_SIZE_uint32_t sizeof(uint32_t)+BASIC_TYPE(uint32_t)+#define UVWASI_SERDES_SIZE_uint64_t sizeof(uint64_t)+BASIC_TYPE(uint64_t)++#define UVWASI_SERDES_SIZE_advice_t sizeof(uvwasi_advice_t)+BASIC_TYPE_UVWASI(advice_t)+#define UVWASI_SERDES_SIZE_clockid_t sizeof(uvwasi_clockid_t)+BASIC_TYPE_UVWASI(clockid_t)+#define UVWASI_SERDES_SIZE_device_t sizeof(uvwasi_device_t)+BASIC_TYPE_UVWASI(device_t)+#define UVWASI_SERDES_SIZE_dircookie_t sizeof(uvwasi_dircookie_t)+BASIC_TYPE_UVWASI(dircookie_t)+#define UVWASI_SERDES_SIZE_eventrwflags_t sizeof(uvwasi_eventrwflags_t)+BASIC_TYPE_UVWASI(eventrwflags_t)+#define UVWASI_SERDES_SIZE_eventtype_t sizeof(uvwasi_eventtype_t)+BASIC_TYPE_UVWASI(eventtype_t)+#define UVWASI_SERDES_SIZE_exitcode_t sizeof(uvwasi_exitcode_t)+BASIC_TYPE_UVWASI(exitcode_t)+#define UVWASI_SERDES_SIZE_fd_t sizeof(uvwasi_fd_t)+BASIC_TYPE_UVWASI(fd_t)+#define UVWASI_SERDES_SIZE_fdflags_t sizeof(uvwasi_fdflags_t)+BASIC_TYPE_UVWASI(fdflags_t)+#define UVWASI_SERDES_SIZE_filesize_t sizeof(uvwasi_filesize_t)+BASIC_TYPE_UVWASI(filesize_t)+#define UVWASI_SERDES_SIZE_fstflags_t sizeof(uvwasi_fstflags_t)+BASIC_TYPE_UVWASI(fstflags_t)+#define UVWASI_SERDES_SIZE_inode_t sizeof(uvwasi_inode_t)+BASIC_TYPE_UVWASI(inode_t)+#define UVWASI_SERDES_SIZE_linkcount_t sizeof(uvwasi_linkcount_t)+BASIC_TYPE_UVWASI(linkcount_t)+#define UVWASI_SERDES_SIZE_lookupflags_t sizeof(uvwasi_lookupflags_t)+BASIC_TYPE_UVWASI(lookupflags_t)+#define UVWASI_SERDES_SIZE_oflags_t sizeof(uvwasi_oflags_t)+BASIC_TYPE_UVWASI(oflags_t)+#define UVWASI_SERDES_SIZE_preopentype_t sizeof(uvwasi_preopentype_t)+BASIC_TYPE_UVWASI(preopentype_t)+#define UVWASI_SERDES_SIZE_riflags_t sizeof(uvwasi_riflags_t)+BASIC_TYPE_UVWASI(riflags_t)+#define UVWASI_SERDES_SIZE_rights_t sizeof(uvwasi_rights_t)+BASIC_TYPE_UVWASI(rights_t)+#define UVWASI_SERDES_SIZE_roflags_t sizeof(uvwasi_roflags_t)+BASIC_TYPE_UVWASI(roflags_t)+#define UVWASI_SERDES_SIZE_sdflags_t sizeof(uvwasi_sdflags_t)+BASIC_TYPE_UVWASI(sdflags_t)+#define UVWASI_SERDES_SIZE_siflags_t sizeof(uvwasi_siflags_t)+BASIC_TYPE_UVWASI(siflags_t)+#define UVWASI_SERDES_SIZE_inode_t sizeof(uvwasi_inode_t)+BASIC_TYPE_UVWASI(inode_t)+#define UVWASIS_SERDES_SIZE_signal_t sizeof(uvwasi_signal_t)+BASIC_TYPE_UVWASI(signal_t)+#define UVWASIS_SERDES_SIZE_subclockflags_t sizeof(uvwasi_subclockflags_t)+BASIC_TYPE_UVWASI(subclockflags_t)+#define UVWASIS_SERDES_SIZE_timestamp_t sizeof(uvwasi_timestamp_t)+BASIC_TYPE_UVWASI(timestamp_t)+#define UVWASIS_SERDES_SIZE_userdata_t sizeof(uvwasi_userdata_t)+BASIC_TYPE_UVWASI(userdata_t)+#define UVWASIS_SERDES_SIZE_whence_t sizeof(uvwasi_whence_t)+BASIC_TYPE_UVWASI(whence_t)++#undef BASIC_TYPE_UVWASI+#undef BASIC_TYPE+#undef BASIC_TYPE_++/*+   WASI structure read/write functions.+*/++#define STRUCT(name) \+  void uvwasi_serdes_write_##name(void* ptr,                                   \+                                  size_t offset,                               \+                                  const uvwasi_##name* value);                 \+  void uvwasi_serdes_read_##name(const void* ptr,                              \+                                 size_t offset,                                \+                                 uvwasi_##name* value);                        \++#define UVWASI_SERDES_SIZE_fdstat_t 24+STRUCT(fdstat_t)++#define UVWASI_SERDES_SIZE_filestat_t 64+STRUCT(filestat_t)++#define UVWASI_SERDES_SIZE_prestat_t 8+STRUCT(prestat_t)

I am confused about this part myself. WASI requires it to be a size_t, but I am not sure if that's a host type size_t or a WASM type size_t. Node.js currently uses 32 bits.

tniessen

comment created time in a month

pull request commentcjihrig/uvwasi

add serdes API

@bnoordhuis If I am not mistaken, these sizes and types are mandated by the WASI C ABI, but @cjihrig will know for sure. UVWASI_SERDES_SIZE_event_t etc. don't actually represent the size required to serialize the data, but to properly align them in an array (e.g., event_t[n] should be laid out using n * UVWASI_SERDES_SIZE_event_t bytes by the C compiler).

tniessen

comment created time in a month

push eventtniessen/uvwasi

Tobias Nießen

commit sha 67338aebc84e42fd45a6ad7db833d1ec99f758f2

Improve formatting of switch statement Co-Authored-By: Ben Noordhuis <info@bnoordhuis.nl>

view details

push time in a month

Pull request review commentnodejs/nodejs.org

Avoid using "Node" and "Node's"

 layout: docs.hbs نوصي دائما بعدم تشغيل مصحح الأخطاء على عنوان انترنت عام. إذا أردت تمكين تصحيح الأخطاء عن بعد، فننصح بإستعمال قنوات الـ ssh بدلا من ذلك. المثال الآتي لأغراض توضيحية فقط. يجب عليك فهم المخاطر الأمنية المحتملة عند السماح بالوصول عن بعد لخدمة ذات امتيازات قبل أن تمضي قدما. -فلنفترض أنك قمت بتشغيل الـ Node في حاسوب بعيد، remote.example.com على سبيل المثال، و تريد ان تتمكن من تصحيح الأخطاء فيها.-في ذلك الحاسوب البعيد، عليك بدء عملية node مع جعل المدقق يستمع على المضيف المحلي فقط (وهو الافتراضي).+فلنفترض أنك قمت بتشغيل الـ Node.js في حاسوب بعيد، remote.example.com على سبيل المثال، و تريد ان تتمكن من تصحيح الأخطاء فيها.+في ذلك الحاسوب البعيد، عليك بدء عملية node.js مع جعل المدقق يستمع على المضيف المحلي فقط (وهو الافتراضي).

https://github.com/nodejs/nodejs.org/pull/2914#discussion_r371007977

tniessen

comment created time in a month

push eventtniessen/nodejs.org

Tobias Nießen

commit sha d37576a5f6f486accae3e1bc0d1eab89c8743592

Update locale/en/docs/guides/dont-block-the-event-loop.md Co-Authored-By: Nick Schonning <nschonni@gmail.com>

view details

push time in a month

push eventtniessen/nodejs.org

Tobias Nießen

commit sha aec6a416e78f111cb76b39256350be49b39b00e6

Update locale/en/knowledge/getting-started/globals-in-node-js.md Co-Authored-By: Nick Schonning <nschonni@gmail.com>

view details

push time in a month

push eventtniessen/nodejs.org

Tobias Nießen

commit sha dd73a9e1a27e117d3540a1250cb4f4388fb2ff29

Update locale/en/knowledge/getting-started/globals-in-node-js.md Co-Authored-By: Nick Schonning <nschonni@gmail.com>

view details

push time in a month

Pull request review commentnodejs/nodejs.org

Avoid using "Node" and "Node's"

 layout: docs.hbs  ## إنشاء الخادم -أي تطبيق خادم الويب node وفي نقطة ما لإنشاء كائن خادم الويب، يتم ذلك+أي تطبيق خادم الويب node.js وفي نقطة ما لإنشاء كائن خادم الويب، يتم ذلك

@3imed-jaberi node.js is as wrong as Node. As per our branding guidelines, node is allowed when referring to the executable, and Node.js is to be used for the product in all other contexts. Neither Node nor node.js are correct.

tniessen

comment created time in a month

pull request commentcjihrig/uvwasi

add serdes API

@cjihrig Is this what you had in mind for the scalar types? (I intentionally left out uvwasi_filedelta_t because it makes it unnecessarily complicated, and should never be written to or read from WebAssembly memory.)

tniessen

comment created time in a month

more