schema-tools

schema-tools copied to clipboard

v16.17.1

Compare Source

This is a security release.

Notable changes

The following CVEs are fixed in this release:

• CVE-2022-32212: DNS rebinding in --inspect on macOS (High)
• CVE-2022-32213: bypass via obs-fold mechanic (Medium)
• CVE-2022-35255: Weak randomness in WebCrypto keygen
• CVE-2022-35256: HTTP Request Smuggling - Incorrect Parsing of Header Fields (Medium)

More detailed information on each of the vulnerabilities can be found in September 22nd 2022 Security Releases blog post.

Commits

• [a54283a638] - crypto: fix weak randomness in WebCrypto keygen (Ben Noordhuis) nodejs-private/node-private#​346
• [0713e21240] - http: disable chunked encoding when using OBS fold is used (Paolo Insogna) nodejs-private/node-private#​341
• [77fe2f32e4] - src: fix IPv4 non routable validation (RafaelGSS) nodejs-private/node-private#​337

v16.17.0

Compare Source

Notable Changes

Experimental command-line argument parser API

Adds util.parseArgs helper for higher level command-line argument parsing.

Contributed by Benjamin Coe, John Gee, Darcy Clarke, Joe Sepi, Kevin Gibbons, Aaron Casanova, Jessica Nahulan, and Jordan Harband - #​42675

Experimental ESM Loader Hooks API

Node.js ESM Loader hooks now support multiple custom loaders, and composition is achieved via "chaining": foo-loader calls bar-loader calls qux-loader (a custom loader must now signal a short circuit when intentionally not calling the next). See the ESM docs for details.

Real-world use-cases are laid out for end-users with working examples in the article Custom ESM loaders: Who, what, when, where, why, how.

Contributed by Jacob Smith, Geoffrey Booth, and Bradley Farias - #​42623

Experimental test runner

The node:test module, which was initially introduced in Node.js v18.0.0, is now available with all the changes done to it up to Node.js v18.7.0.

Improved interoperability of the Web Crypto API

To better align Node.js' experimental implementation of the Web Crypto API with other runtimes, several changes were made:

• Support for CFRG curves was added, with the 'Ed25519', 'Ed448', 'X25519', and 'X448' algorithms.
• The proprietary 'NODE-DSA', 'NODE-DH', 'NODE-SCRYPT', 'NODE-ED25519', 'NODE-ED448', 'NODE-X25519', and 'NODE-X448' algorithms were removed.
• The proprietary 'node.keyObject' import/export format was removed.

Contributed by Filip Skokan - #​42507, #​43310

Dependency updates

• Updated Corepack to 0.12.1 - #​43965
• Updated ICU to 71.1 - #​42655
• Updated npm to 8.15.0 - #​43917
• Updated Undici to 5.8.0 - #​43886

Other notable changes

• [5f1e9e2030] - (SEMVER-MINOR) crypto: make authTagLength optional for CC20P1305 (Tobias Nießen) #​42427
• [934077a137] - (SEMVER-MINOR) crypto: align webcrypto RSA key import/export with other implementations (Filip Skokan) #​42816
• [7683e9623c] - (SEMVER-MINOR) dns: export error code constants from dns/promises (Feng Yu) #​43176
• [302a134b83] - doc: deprecate coercion to integer in process.exit (Daeyeon Jeong) #​43738
• [4884f18ce5] - (SEMVER-MINOR) doc: deprecate diagnostics_channel object subscribe method (Stephen Belanger) #​42714
• [90f395dda9] - (SEMVER-MINOR) errors: add support for cause in aborterror (James M Snell) #​41008
• [7a5de2cc0c] - (SEMVER-MINOR) events: expose CustomEvent on global with CLI flag (Daeyeon Jeong) #​43885
• [087adbb7a3] - (SEMVER-MINOR) events: add CustomEvent (Daeyeon Jeong) #​43514
• [979c98a3cb] - (SEMVER-MINOR) events: propagate abortsignal reason in new AbortError ctor in events (James M Snell) #​41008
• [e04c8a4921] - (SEMVER-MINOR) fs: propagate abortsignal reason in new AbortSignal constructors (James M Snell) #​41008
• [464830993e] - (SEMVER-MINOR) fs: make params in writing methods optional (LiviaMedeiros) #​42601
• [3d7808ec3f] - (SEMVER-MINOR) fs: add read(buffer[, options]) versions (LiviaMedeiros) #​42768
• [082a2630fd] - (SEMVER-MINOR) http: add drop request event for http server (theanarkh) #​43806
• [5a74939770] - (SEMVER-MINOR) http: add diagnostics channel for http client (theanarkh) #​43580
• [f05fd1a423] - (SEMVER-MINOR) http: add perf_hooks detail for http request and client (theanarkh) #​43361
• [9d1b4b7e29] - (SEMVER-MINOR) http: add uniqueHeaders option to request and createServer (Paolo Insogna) #​41397
• [fa5ac5a2eb] - (SEMVER-MINOR) http2: propagate abortsignal reason in new AbortError constructor (James M Snell) #​41008
• [94070f152e] - (SEMVER-MINOR) http2: compat support for array headers (OneNail) #​42901
• [36dd39dec0] - (SEMVER-MINOR) lib: propagate abortsignal reason in new AbortError constructor in blob (James M Snell) #​41008
• [8adf7d5e91] - (SEMVER-MINOR) lib: add abortSignal.throwIfAborted() (James M Snell) #​40951
• [3c1ed86840] - (SEMVER-MINOR) lib: improved diagnostics_channel subscribe/unsubscribe (Stephen Belanger) #​42714
• [e6186af5cc] - (SEMVER-MINOR) module: add isBuiltIn method (hemanth.hm) #​43396
• [3d851d6d6b] - (SEMVER-MINOR) module,repl: support 'node:'-only core modules (Colin Ihrig) #​42325
• [303bd08d88] - (SEMVER-MINOR) net: add drop event for net server (theanarkh) #​43582
• [da03e9f484] - (SEMVER-MINOR) net: add ability to reset a tcp socket (pupilTong) #​43112
• [73f852e1e3] - (SEMVER-MINOR) node-api: emit uncaught-exception on unhandled tsfn callbacks (Chengzhong Wu) #​36510
• [6dcdcd7f50] - (SEMVER-MINOR) perf_hooks: add PerformanceResourceTiming (RafaelGSS) #​42725
• [5750358872] - (SEMVER-MINOR) report: add more heap infos in process report (theanarkh) #​43116
• [e7b99e8c8d] - (SEMVER-MINOR) src: add --openssl-legacy-provider option (Daniel Bevenius) #​40478
• [1281a48b89] - (SEMVER-MINOR) src: define fs.constants.S_IWUSR & S_IRUSR for Win (Liviu Ionescu) #​42757
• [9ea9797d34] - (SEMVER-MINOR) src,doc,test: add --openssl-shared-config option (Daniel Bevenius) #​43124
• [046debaee0] - (SEMVER-MINOR) stream: use cause options in AbortError constructors (James M Snell) #​41008
• [6641fda10a] - (SEMVER-MINOR) stream: add iterator helper find (Nitzan Uziely) #​41849
• [edec73032c] - (SEMVER-MINOR) stream: add writableAborted (Robert Nagy) #​40802
• [2aae868fa2] - (SEMVER-MINOR) timers: propagate signal.reason in awaitable timers (James M Snell) #​41008
• [513f52445b] - (SEMVER-MINOR) v8: add v8.startupSnapshot utils (Joyee Cheung) #​43329
• [a8eca74450] - (SEMVER-MINOR) v8: export more fields in getHeapStatistics (theanarkh) #​42784
• [845279e331] - (SEMVER-MINOR) worker: add hasRef() to MessagePort (Darshan Sen) #​42849

Commits

Semver-minor commits

• [58279d5b76] - (SEMVER-MINOR) buffer: graduate Blob from experimental (James M Snell) #​41270
• [72a0c5c743] - (SEMVER-MINOR) crypto: remove Node.js-specific webcrypto extensions (Filip Skokan) #​43310
• [2e3a69a2ba] - (SEMVER-MINOR) crypto: add CFRG curves to Web Crypto API (Filip Skokan) #​42507
• [5f1e9e2030] - (SEMVER-MINOR) crypto: make authTagLength optional for CC20P1305 (Tobias Nießen) #​42427
• [934077a137] - (SEMVER-MINOR) crypto: align webcrypto RSA key import/export with other implementations (Filip Skokan) #​42816
• [7683e9623c] - (SEMVER-MINOR) dns: export error code constants from dns/promises (Feng Yu) #​43176
• [4884f18ce5] - (SEMVER-MINOR) doc: deprecate diagnostics_channel object subscribe method (Stephen Belanger) #​42714
• [90f395dda9] - (SEMVER-MINOR) errors: add support for cause in aborterror (James M Snell) #​41008
• [247a6f6e85] - (SEMVER-MINOR) esm: add chaining to loaders (Jacob Smith) #​42623
• [7a5de2cc0c] - (SEMVER-MINOR) events: expose CustomEvent on global with CLI flag (Daeyeon Jeong) #​43885
• [087adbb7a3] - (SEMVER-MINOR) events: add CustomEvent (Daeyeon Jeong) #​43514
• [979c98a3cb] - (SEMVER-MINOR) events: propagate abortsignal reason in new AbortError ctor in events (James M Snell) #​41008
• [e04c8a4921] - (SEMVER-MINOR) fs: propagate abortsignal reason in new AbortSignal constructors (James M Snell) #​41008
• [464830993e] - (SEMVER-MINOR) fs: make params in writing methods optional (LiviaMedeiros) #​42601
• [3d7808ec3f] - (SEMVER-MINOR) fs: add read(buffer[, options]) versions (LiviaMedeiros) #​42768
• [082a2630fd] - (SEMVER-MINOR) http: add drop request event for http server (theanarkh) #​43806
• [5a74939770] - (SEMVER-MINOR) http: add diagnostics channel for http client (theanarkh) #​43580
• [f05fd1a423] - (SEMVER-MINOR) http: add perf_hooks detail for http request and client (theanarkh) #​43361
• [9d1b4b7e29] - (SEMVER-MINOR) http: add uniqueHeaders option to request and createServer (Paolo Insogna) #​41397
• [fa5ac5a2eb] - (SEMVER-MINOR) http2: propagate abortsignal reason in new AbortError constructor (James M Snell) #​41008
• [94070f152e] - (SEMVER-MINOR) http2: compat support for array headers (OneNail) #​42901
• [36dd39dec0] - (SEMVER-MINOR) lib: propagate abortsignal reason in new AbortError constructor in blob (James M Snell) #​41008
• [8adf7d5e91] - (SEMVER-MINOR) lib: add abortSignal.throwIfAborted() (James M Snell) #​40951
• [3c1ed86840] - (SEMVER-MINOR) lib: improved diagnostics_channel subscribe/unsubscribe (Stephen Belanger) #​42714
• [e6186af5cc] - (SEMVER-MINOR) module: add isBuiltIn method (hemanth.hm) #​43396
• [3d851d6d6b] - (SEMVER-MINOR) module,repl: support 'node:'-only core modules (Colin Ihrig) #​42325
• [303bd08d88] - (SEMVER-MINOR) net: add drop event for net server (theanarkh) #​43582
• [da03e9f484] - (SEMVER-MINOR) net: add ability to reset a tcp socket (pupilTong) #​43112
• [73f852e1e3] - (SEMVER-MINOR) node-api: emit uncaught-exception on unhandled tsfn callbacks (Chengzhong Wu) #​36510
• [6dcdcd7f50] - (SEMVER-MINOR) perf_hooks: add PerformanceResourceTiming (RafaelGSS) #​42725
• [5750358872] - (SEMVER-MINOR) report: add more heap infos in process report (theanarkh) #​43116
• [e7b99e8c8d] - (SEMVER-MINOR) src: add --openssl-legacy-provider option (Daniel Bevenius) #​40478
• [1281a48b89] - (SEMVER-MINOR) src: define fs.constants.S_IWUSR & S_IRUSR for Win (Liviu Ionescu) #​42757
• [9ea9797d34] - (SEMVER-MINOR) src,doc,test: add --openssl-shared-config option (Daniel Bevenius) #​43124
• [046debaee0] - (SEMVER-MINOR) stream: use cause options in AbortError constructors (James M Snell) #​41008
• [6641fda10a] - (SEMVER-MINOR) stream: add iterator helper find (Nitzan Uziely) #​41849
• [edec73032c] - (SEMVER-MINOR) stream: add writableAborted (Robert Nagy) #​40802
• [9a530832cb] - (SEMVER-MINOR) test: add initial test module (Colin Ihrig) #​42325
• [61a2ddc597] - (SEMVER-MINOR) test_runner: expose describe and it (Moshe Atlow) #​43420
• [cd6f24be4c] - (SEMVER-MINOR) test_runner: add initial CLI runner (Colin Ihrig) #​42658
• [a4b277cb4d] - (SEMVER-MINOR) test_runner: support 'only' tests (Colin Ihrig) #​42514
• [2aae868fa2] - (SEMVER-MINOR) timers: propagate signal.reason in awaitable timers (James M Snell) #​41008
• [432e3054be] - (SEMVER-MINOR) util: add tokens to parseArgs (John Gee) #​43459
• [a1e122be62] - (SEMVER-MINOR) util: add parseArgs module (Benjamin Coe) #​42675
• [513f52445b] - (SEMVER-MINOR) v8: add v8.startupSnapshot utils (Joyee Cheung) #​43329
• [a8eca74450] - (SEMVER-MINOR) v8: export more fields in getHeapStatistics (theanarkh) #​42784
• [845279e331] - (SEMVER-MINOR) worker: add hasRef() to MessagePort (Darshan Sen) #​42849

Semver-patch commits

• [480a754ddc] - assert: callTracker throw a specific error message when possible (Moshe Atlow) #​43640
• [ebb334b124] - assert: fix CallTracker wraps the function causes the length to be lost (OneNail) #​42909
• [7f8f83d4d0] - assert: make assert.fail less affected by prototype tampering (Antoine du Hamel) #​42918
• [a6a46f9578] - async_hooks: use kEmptyObject (LiviaMedeiros) #​43159
• [84075821be] - async_hooks: remove destroyed symbol on Promises (Gerhard Stöbich) #​42402
• [b69396a41a] - async_hooks: avoid decrementing iterator after erase (Gabriel Bota) #​42749
• [6b7c6192ff] - bootstrap: move global initialization to js (Alena Khineika) #​43625
• [4fbe24588a] - bootstrap: use the isolate snapshot in workers (Joyee Cheung) #​42702
• [3a83e5cfd9] - bootstrap: move embedded snapshot to SnapshotBuilder (Joyee Cheung) #​42702
• [b4201ace9b] - bootstrap: reset process._exit and process.exitCode in pre-execution (Joyee Cheung) #​42466
• [f8f7c1e5bd] - bootstrap: run inspector and event loop in snapshot builder (Joyee Cheung) #​42466
• [2d79480fcb] - bootstrap: make I/O streams work with user-land snapshot (Joyee Cheung) #​42466
• [1b2946b1a4] - bootstrap: refresh options in pre-execution (Joyee Cheung) #​42466
• [ca57563522] - bootstrap: use SnapshotData to pass snapshot data around (Joyee Cheung) #​42360
• [60d032b89c] - buffer: do not leak memory if buffer is too big (Keyhan Vakil) #​43938
• [5ddd367bec] - buffer: improve Blob constructor error message when passing a string (Xuguang Mei) #​42338
• [691e5d8bf3] - buffer: fix atob input validation (Antoine du Hamel) #​42539
• [a948fb8b56] - build: add .gitattributes for npm and other shims (Hrishikesh Kadam) #​43879
• [623dd2a70b] - build: remove precompiled header and debug information for host builds (Niyas Sait) #​42538
• [129b05e0c5] - build: fix various shared library build issues (William Marlow) #​41850
• [fba6e96326] - build: fix indeterminacy of icu_locales value (Sergey Nazaryev) #​42865
• [74bce1c448] - build: improve reliability of find_python.cmd script (Luigi Pinca) #​42810
• [637af6c068] - build: windows/arm64 native compilation support (Niyas Sait) #​42408
• [fe661fadad] - build: add --node-snapshot-main configure option (Joyee Cheung) #​42466
• [daadd58baa] - build,test: increase stack size limit on Windows (Tobias Nießen) #​43632
• [1e1634ae99] - child_process: do not need to count length when maxBuffer is Infinity (theanarkh) #​43822
• [2b6e98b6b2] - child_process: improve ipc write performance (rubikscraft) #​42931
• [7aac430b3f] - child_process: speed up 'advanced' ipc receiving (rubikscraft) #​42931
• [6844930290] - child_process: use kEmptyObject (LiviaMedeiros) #​43159
• [72400b7a7b] - child_process: add env contents types in JSDoc (Rich Trott) #​42494
• [fe57e5685d] - cluster: send connection to other server when worker drop it (theanarkh) #​43747
• [61b5d4a999] - cluster: fix closing dgram sockets in cluster workers throws errors (Ouyang Yadong) #​43709
• [97f4cc7766] - cluster: fix fd leak (theanarkh) #​43650
• [1cb19ec96a] - cluster: use kEmptyObject (LiviaMedeiros) #​43159
• [c8706f3a7f] - cluster, net: fix listen pipe with readable and writable in cluster (theanarkh) #​43634
• [35fc1c205e] - console: fix console.dir crash on a revoked proxy (Daeyeon Jeong) #​43100
• [3449472f3d] - crypto: remove unneeded guard (Rich Trott) #​43856
• [a3a845b8ba] - crypto: don't disable TLS 1.3 without suites (Adam Majer) #​43427
• [588a84e11d] - crypto: handle webcrypto generateKey() usages edge case (Filip Skokan) #​43454
• [224d3f40dc] - crypto: update Wrapping and unwrapping keys webcrypto example (Filip Skokan) #​43452
• [8dca8d7805] - crypto: fix webcrypto generateKey() with empty usages (Filip Skokan) #​43431
• [bef600e787] - crypto: fix webcrypto digest() invalid algorithm (Filip Skokan) #​43431
• [077ad7e90d] - crypto: fix webcrypto RSA generateKey() use of publicExponent (Filip Skokan) #​43431
• [04572ec914] - crypto: fix webcrypto AES-KW keys accepting encrypt/decrypt usages (Filip Skokan) #​43431
• [52ea86908d] - crypto: fix webcrypto deriveBits for non-byte lengths (Filip Skokan) #​43431
• [97b2fef24a] - crypto: fix webcrypto import of cfrg raw public keys (Filip Skokan) #​43404
• [a57149d14e] - crypto: fix webcrypto JWK EC and OKP import crv check (Filip Skokan) #​43346
• [1cb267261c] - crypto: test webcrypto ec raw public key import (Filip Skokan) #​43405
• [02cf57b8d6] - crypto: use kEmptyObject (LiviaMedeiros) #​43159
• [4600892a45] - crypto: adjust minimum length in generateKey('hmac', ...) (LiviaMedeiros) #​42944
• [baaf77898b] - crypto: clean up parameter validation in HKDF (Tobias Nießen) #​42924
• [3f43dadeda] - crypto: validate this in all webcrypto methods and getters (Filip Skokan) #​42815
• [297e374565] - crypto: do not add undefined hash in webcrypto normalizeAlgorithm (Filip Skokan) #​42559
• [c764e81a69] - crypto: cleanup webcrypto jwk code (Filip Skokan) #​42562
• [c605ad1343] - crypto: fix webcrypto derive key lengths (Filip Skokan) #​42542
• [0b1b616a9c] - crypto: improve prime size argument validation (Tobias Nießen) #​42234
• [f1c12aa6df] - debugger: throw a more useful error when the frame is missing (Kohei Ueno) #​42776
• [f75a5a92ec] - debugger: fix inconsistent inspector output of exec new Map() (Kohei Ueno) #​42423
• [e3d8893265] - deps: V8: backport 22698d2 (Chengzhong Wu) #​43751
• [06a6bdaf7a] - deps: update corepack to 0.12.1 (Node.js GitHub Bot) #​43965
• [c7be356dd7] - deps: update hast-util-raw (Moshe Atlow) #​43927
• [62c27d0d84] - deps: update undici to 5.8.0 (Node.js GitHub Bot) #​43886
• [92051cb4a1] - deps: cherry-pick libuv/libuv@3a7b955 (Ben Noordhuis) #​43950
• [8835898e43] - deps: cherry-pick libuv/libuv@abb109f (Ben Noordhuis) #​43950
• [1566854218] - deps: upgrade npm to 8.15.0 (npm team) #​43917
• [e6baa8a113] - deps: upgrade npm to 8.14.0 (npm team) #​43826
• [aa137caac3] - deps: update corepack to 0.12.0 (Node.js GitHub Bot) #​43748
• [04188e54f5] - deps: update undici to 5.7.0 (Node.js GitHub Bot) #​43790
• [09f9060f7d] - deps: upgrade npm to 8.13.2 (npm team) #​43622
• [1343615224] - deps: upgrade npm to 8.13.1 (npm team) #​43552
• [49080bc42f] - deps: patch V8 to 9.4.146.26 (Michaël Zasso) #​43778
• [705a8afd81] - deps: update Corepack to 0.11.2 (Maël Nison) #​43402
• [552e91121b] - deps: update undici to 5.5.1 (Node.js GitHub Bot) #​43412
• [0ff00945d5] - deps: update undici to 5.4.0 (Node.js GitHub Bot) #​43262
• [170bec811b] - deps: update undici to 5.3.0 (Node.js GitHub Bot) #​43197
• [b97075dfec] - deps: update undici to 5.2.0 (Node.js GitHub Bot) #​43059
• [4d4e00a6b0] - deps: update undici to 5.1.1 (Michaël Zasso) #​42939
• [cba4f6c8a0] - deps: update Acorn to v8.7.0 (Michaël Zasso) #​42667
• [a5507fd409] - deps: update ICU to 71.1 (Michaël Zasso) #​42655
• [cbb253e61e] - deps: upgrade npm to 8.12.1 (npm team) #​43301
• [01e7d1f349] - deps: cherry-pick 4ab70f6 from V8 upstream (Khaidi Chu) #​43328
• [fea892a168] - dns: fix getServers return undefined (jiahao.si) #​43922
• [43a3239d85] - dns: fix cares memory leak (theanarkh) #​43912
• [8d2a256bf4] - dns: make promise API fully constructed from lib/internal/dns/promises (Feng Yu) #​43227
• [71f7b00fca] - domain: fix vm promise tracking while keeping isolation (Stephen Belanger) #​43556
• [9f75f26ad9] - errors: extract type detection & use in ERR_INVALID_RETURN_VALUE (Jacob Smith) #​43558
• [f5115b4abc] - errors,console: refactor to use ES2021 syntax (小菜) #​42872
• [85ba4e069d] - errors,vm: update error and use cause (Gus Caplan) #​42820
• [ae157d9098] - esm: fix loader hooks accepting too many arguments (Jacob Smith) #​44109
• [3139c110dc] - esm: remove superfluous argument (Rich Trott) #​43884
• [63228efe08] - esm: throw on any non-2xx response (LiviaMedeiros) #​43742
• [a6d4d31da5] - esm: fix erroneous re-initialization of ESMLoader (Jacob Smith) #​43763
• [953e663e58] - esm: treat 307 and 308 as redirects in HTTPS imports (Kid) #​43689
• [33a2902a33] - esm: restore next<HookName>'s context as optional arg (Jacob Smith) #​43553
• [df3f5cb93e] - esm: fix chain advances when loader calls next<HookName> multiple times (Jacob Smith) #​43303
• [eac4e20525] - esm: refactor responseURL handling (Guy Bedford) #​43164
• [e114ed0cda] - esm: fix http(s) import via custom loader (Jacob Smith) #​43130
• [6564e69c78] - esm: fix imports from non-file module (Antoine du Hamel) #​42881
• [e1bc88764d] - esm: graduate top-level-await to stable (Antoine du Hamel) #​42875
• [14a929b0b0] - esm: emit experimental warnings in common place (Jacob Smith) #​42314
• [0167988ce3] - events: improve Event compatibility (Daeyeon Jeong) #​43461
• [e51c0e9939] - events: improve EventListener validation (Daeyeon Jeong) #​43491
• [393c021d7f] - events: fix adding abort listener in events.once (Daeyeon Jeong) #​43373
• [a7eaf3981d] - events: use kEmptyObject (LiviaMedeiros) #​43159
• [fcf74c53d8] - fs: refactor realpath with Map and Set (LiviaMedeiros) #​43569
• [bfb8a0bfac] - fs: don't end fs promises on Isolate termination (Santiago Gimeno) #​42910
• [ca4157ea40] - fs: use kEmptyObject (LiviaMedeiros) #​43159
• [835056cbcb] - fs: remove unnecessary ?? operator (Morgan Roderick) #​43073
• [8b89c7fbab] - fs: export constants from fs/promises (Feng Yu) #​43177
• [b0d9915bc6] - fs: add trailing commas (LiviaMedeiros) #​43127
• [637820d1e3] - fs: fix write methods param validation and docs (LiviaMedeiros) #​41677
• [5d8b2cb51d] - fs: fix mkdirSync so ENOSPC is correctly reported (Santiago Gimeno) #​42811
• [58eebaf717] - http: defer reentrant execution of Parser::Execute (Paolo Insogna) #​43369
• [ea3ca874da] - http: fix http agent keep alive (theanarkh) #​43380
• [85d93f0bf6] - http: use kEmptyObject (LiviaMedeiros) #​43159
• [1bfff396ac] - http: document that ClientRequest inherits from OutgoingMessage (K.C.Ashish Kumar) #​42642
• [db53e9b387] - http2: log debug only when in debug mode (Basit) #​43626
• [95083cb0ad] - http2: use kEmptyObject (LiviaMedeiros) #​43159
• [367454205d] - http2: set origin name correctly when servername is empty (ofirbarak) #​42838
• [c73f739acd] - http2: improve tests and docs (Daeyeon Jeong) #​42858
• [4fbedffb55] - https: use kEmptyObject (LiviaMedeiros) #​43159
• [5879642260] - inspector: set sampling interval before start (Shelley Vohr) #​43779
• [096f7fc59a] - inspector: add missing initialization (Michael Dawson) #​43254
• [a8c24185f8] - lib: refactor to avoid unsafe regex primordials (Antoine du Hamel) #​43475
• [2a5d5e0726] - lib: modify DOMException to pass WPT (Khaidi Chu) #​41517
• [26d63f004f] - lib: implement safe alternatives to Promise static methods (Antoine du Hamel) #​43728
• [aab5adbcbe] - lib: use null-prototype objects for property descriptors (Antoine du Hamel) #​43473
• [a97d0ba3af] - lib: fix TODO in freeze_intrinsics (Antoine du Hamel) #​43472
• [519cdd94c0] - lib: use kEmptyObject in various places (LiviaMedeiros) #​43159
• [7d5e7b43f6] - lib: give names to promisified methods (LiviaMedeiros) #​43218
• [cd55e221b5] - lib: use null-prototype objects for property descriptors (Antoine du Hamel) #​43270
• [9e613f7f3d] - lib: prepare files for no-var lint rule (Rich Trott) #​42573
• [327da6acde] - lib: source maps filter null prefix (Fabian Cook) #​42522
• [58f80b0dcc] - lib: improve the coverage of the validator (mawaregetsuka) #​42443
• [e48ccf5934] - lib: update JSDoc for linting (Rich Trott) #​42489
• [abc134cacc] - lib,src: add source map support for global eval (Chengzhong Wu) #​43428
• [288d9fbe5a] - loader: make require.resolve throw for unknown builtin modules (木杉) #​43336
• [7c4e1ad1ed] - module: also enable subpath imports in REPL (Ray) #​43450
• [c284eb3745] - module: ensure 'node:'-only modules can access node_modules (Colin Ihrig) #​42430
• [70a4033841] - module: cjs-module-lexer WebAssembly fallback (Guy Bedford) #​43612
• [abda05a3a7] - module: prefer async/await in https imports (Benjamin Gruenbaum) #​41950
• [f66872e36c] - net: fix socket._getpeername (Daeyeon Jeong) #​43010
• [b2d02bc2c0] - net: remove redundant connecting assignment (Ouyang Yadong) #​43710
• [ff5310a9c7] - net: fix net keepalive and noDelay (theanarkh) #​43561
• [265810a1e5] - net: prevent /32 ipv4 mask from matching all ips (supriyo-biswas) #​43381
• [e4a5bd1cf8] - net: fix net.Server keepalive and noDelay (theanarkh) #​43497
• [d766cfaca9] - net,dns: move hasObserver out of perf function (theanarkh) #​43217
• [b240868960] - net,dns: trace tcp connection and dns by perf_hooks (theanarkh) #​42390
• [112bce394d] - node-api: explicitly set __cdecl for API functions (Vladimir Morozov) #​42780
• [49103e3240] - node-api: fix napi_get_all_property_names (Vladimir Morozov) #​42463
• [5a1e1b3f33] - node-api: format Node-API related code (Vladimir Morozov) #​42396
• [31ee218eff] - node-api,src: fix module registration in MSVC C++ (Vladimir Morozov) #​42459
• [e7899ba1f7] - os: avoid unnecessary usage of var (Mohammed Keyvanzadeh) #​42563
• [463f9a6c4f] - perf_hooks: add initiatorType getter (Rafael Gonzaga) #​43593
• [096a2d9434] - perf_hooks: fix miscounted gc performance entry starttime (#​43066) (Xuguang Mei) #​43066
• [f08a282098] - perf_hooks: use kEmptyObject (LiviaMedeiros) #​43159
• [8b0ae63316] - perf_hooks: fix start_time of perf_hooks (theanarkh) #​43069
• [7a5972fe9e] - perf_hooks: fix function wrapped by timerify to work correctly (Kohei Ueno) #​43330
• [5ab3da3f26] - perf_hooks: return different functions in timerify (Himself65) #​42854
• [15da462cea] - process: use defineProperty instead of assignment (Mark S. Miller) #​43907
• [67e91aa20f] - readline: fix to not access a property on an undefined value (Kohei Ueno) #​43543
• [37066f0319] - readline: use kEmptyObject (LiviaMedeiros) #​43159
• [d260569b85] - repl: fix overzealous top-level await (Tobias Nießen) #​43827
• [0bd4a04c42] - repl: use SafePromiseAll and SafePromiseRace (Antoine du Hamel) #​43758
• [bef9a36024] - repl: make autocomplete case-insensitive (Sergey Petushkov) #​41632
• [0dc96e4474] - src: pass only Isolate* and env_vars to EnabledDebugList::Parse() (Darshan Sen) #​43668
• [be3343aed3] - src: use named struct instead of typedef (Tobias Nießen) #​43881
• [eaa611c53a] - src: use named enum instead of typedef (Tobias Nießen) [#​43880](https://togithub.com/nodejs/n