Michaël Zasso
Michaël Zasso
My point is that wasm-gc (the feature that the commit targets), was not enabled in V8 10.2. So that version cannot be affected.
@mcollina this doesn't even build. I'm sorry but I refuse to spend voluntary time fixing stuff for broken payed security tools.
@giancorderoortiz I appreciate the effort you made, this is not your fault
I'd also like to understand something: let's say that we successfully (and meaningfully) backport a V8 CVE fix into v18.x. What mechanism will make the security tools stop flagging Node.js...
I'm one of the few active releasers. Creating a release is a **lot** of time.
We should also take into account the risk of backporting V8 fixes. This very pull request shows that it is non trivial and while here it's obvious because the build...
If this is accepted, it should be fast-tracked for inclusion in https://github.com/nodejs/node/pull/54560
@ronag I don't see a problem in the commit message.
This message appears (to collaborators) on all the pull requests of the project. Unfortunately there is no way to customize it but the goal is to prevent merging by accident...
We should find a better way to describe the changes if these refactorings become recurrent, because this is not using the test runner (which whould be `node --test`)