nodejs / node-convergence-archive Goto Github PK
View Code? Open in Web Editor NEWArchive for node/io.js convergence work pre-3.0.0
Home Page: https://github.com/nodejs/io.js/issues/2327
License: Other
Archive for node/io.js convergence work pre-3.0.0
Home Page: https://github.com/nodejs/io.js/issues/2327
License: Other
Need to reconcile the ICU/Intl work. This issue is to track the related commits.
/cc @srl295
e67073256d847be085be7049cd1d6ebd8d86ac62 build: enable small-icu support for build-release
- nodejs/node-v0.x-archive@e67073267f87a743dee4951374dd240c25e31cd507e6c5f build: add small-icu support for binary packages
- nodejs/node-v0.x-archive@67f87a770d04e7f35667381aa6e9d76f56ea962c019d5bc src: add license content from ICU
- nodejs/node-v0.x-archive@70d04e7I'm going to begin copying over from io.js. We can discuss any additional ones / changes here.
Opening this issue to track the activity. The url module currently does not completely conform to the current url standards (https://url.spec.whatwg.org/) and browser behavior. We'll eventually need to get the implementation updated once the general performance improvements have been made.
There are a number of open issues in http://github.com/joyent/node that deal with url conformance. I will point those to this issue and hold them open until the conformance updates have been made.
So while trying to figure out whether or not I need to worry about AWS S3 shutting down SSLv3 support I came across these 0.10.33 release notes discussing POODLE. In those notes, it states:
"The default protocol method Node.js uses is SSLv23_method which would be more accurately named AutoNegotiate_method. This method will try and negotiate from the highest level down to whatever the client supports."
I wanted to find more details actually describing this "auto-negotiate" behavior and haven't found anything that suggests that it would attempt to use something more than than SSLv2 and SSLv3, like TLS. What I did find was this openssl documentation stating that SSLv23_method()
is deprecated and that TLS_Method()
should be used instead.
SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)
Use of these functions is deprecated. They have been replaced with TLS_Method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.
Additional investigation revealed that SSLv23_method()
only became an "AutoNegotiate_method" for anyone using openssl 1.1.0 or newer (possibly any version newer than 1.0.2). For anyone on versions older than 1.0.2, it's not an "AutoNegotiate_method". See this openssl commit describing changes to SSLv23_method()
If SSLv23_method()
is deprecated, why is it still the default in both node 0.12.x and io.js 2.x? Should we not switch to TLS_Method()
?
(related: Automattic/knox#280 )
Do we want / need these?
For posterity, io.js lands everything that isn't strictly old maintenance into master
and backports to maintenance branches via cherry-picking.
UTC Wed 17-Jun-15 20:00:
Or in your local time:
Attendees will be given a conference number to dial in to.
Extracted from tsc-agenda labelled issues and pull requests prior to meeting.
The agenda now comes from issues labelled with tsc-agenda
in all 3 repositories listed above. Please label any additional issues that should be on the agenda before the meeting starts. I'm using a tool to fetch the list so it's not a big deal to collate.
This meeting will be held via Uberconference. I won't be attempting to live-stream to YouTube this time, it was too difficult last time because I had to have my microphone on. I am continuing to explore other options for broadcasing live; I don't want to completely lose that! So, there won't be a live QA on #io.js this time, very sorry, but please comment here if you have something to query.
The recording will go up on Soundcloud straight afterwards.
It's ready :)
See nodejs/node-v0.x-archive@2411bea
/cc: @bnoordhuis @trevnorris
Original commit message:
process.send() should be synchronous, it should block until the message
has been sent in full, but it wasn't after the second-to-last libuv
upgrade because of commit libuv/libuv@393c1c5 ("unix: set non-block
mode in uv_{pipe,tcp,udp}_open"), which made its way into io.js in
commit 07bd05b ("deps: update libuv to 1.2.1").
Commit libuv/libuv@b36d4ff ("unix: implement uv_stream_set_blocking()")
as landed in io.js in commit 9681fca ("deps: update libuv to 1.4.0")
makes it possible to restore the synchronous behavior again and that's
precisely what this commit does.
The same line of reasoning applies to `net.Socket({ fd: 1 })`: creating
a socket object from a stdio file descriptor, like the `process.stdout`
getter does, should put the file descriptor in blocking mode for
compatibility reasons.
We need a CI Process for the Convergence Repo. Since it's primarily based on the io.js current, having additional jobs in the io.js Jenkins environment is likely the easiest way to start.
These commits add argument type checking to methods within child_process. This needs to be reconciled with the current io.js behavior. The change introduces a new throw so there's a potential API compatibility issue.
/cc @trevnorris
a1b2875afd9affd3e0147a10f04a2daf8c598761 lint: fix lint issues
- nodejs/node-v0.x-archive@a1b28758032a210250c86877898331ac4474f39b3a573c6 test: test all spawn parameter positions
- nodejs/node-v0.x-archive@8032a2170dafa7b624abd43432e03304d65cc527fbecc11 child_process: check fork args is an array
- nodejs/node-v0.x-archive@70dafa7e17c5a72b23f920f291d61f2780068c18768cb92 child_process: check execFile args is an array
- nodejs/node-v0.x-archive@e17c5a7Flaky tests were removed in io.js. They've still been useful in node.js's CI. Need a final decision on this.
e8b21095670543ad6ee8e24e0a1b096b908e20b1 test: update flaky test definitions
- nodejs/node-v0.x-archive@e8b2109See: nodejs/node-v0.x-archive@f3f4e28
/cc @mhdawson
Original commit message:
simple tests test-cluster-master-error.js, test-cluster-master-kill.js
fails in AIX with assertion failure indicating that the workers were
alive even after the master terminated. A 200ms leeway is provided for
the workers to actually terminate, but the isAlive check returns
true in both the cases.
In AIX, the workers were actually terminating, but they took more time
- as much as 800ms (normal) to 1000ms (in rare cases).
Based on a C test we ran, it is found that the exit routines in AIX
is a bit more longer than that in Linux. There are a number of cleanup
activities performed in exit() system call, and depending on when the
signal handlers are shutdown in that sequence, the process will be
deemed as dead or alive, from another process's perspective.
process.kill(pid) is used in the test case to check the liveliness of
the worker, and when the kill() call is issued, even if the target
process is in it's exit sequences, if the signal handlers are not shut
down, it will respond to external signals, causing those calls to pass.
This fix extends the additional timeout for all platforms
See: nodejs/node-v0.x-archive@a5be84f and nodejs/node-v0.x-archive@9b534e2
/cc @misterdjules
Original Commit Message:
Initially, this bug fix targeted master, and I pushed to have it
included in v0.10. In retrospect, I'm not sure it should have made into
v0.10 as it seems it could break a lot of existing working code.
In my opinion, this change is still a bug fix, and it is not backward
incompatible per se. However, I'm not sure that taking the risk to break
a lot of users with a new 0.10.x release that would include this fix is
reasonable, especially now that 0.10.x releases are entering
maintenance mode.
Not convinced this is one we want to pull over.
I just was looking at https://github.com/nodejs/node/blob/v0.10/lib/cluster.js, and that's the 0.12 cluster rewrite. Something is odd.
npm update -g
> [email protected] install /usr/local/lib/node_modules/browser-sync/node_modules/chokidar/node_modules/fsevents
> node-gyp rebuild
gyp ERR! UNCAUGHT EXCEPTION
gyp ERR! stack Error: Cannot find module 'request'
gyp ERR! stack at Function.Module._resolveFilename (module.js:336:15)
gyp ERR! stack at Function.Module._load (module.js:278:25)
gyp ERR! stack at Module.require (module.js:365:17)
gyp ERR! stack at require (module.js:384:17)
gyp ERR! stack at Object.<anonymous> (/usr/local/lib/node_modules/npm/node_modules/node-gyp/lib/install.js:20:15)
gyp ERR! stack at Module._compile (module.js:460:26)
gyp ERR! stack at Object.Module._extensions..js (module.js:478:10)
gyp ERR! stack at Module.load (module.js:355:32)
gyp ERR! stack at Function.Module._load (module.js:310:12)
gyp ERR! stack at Module.require (module.js:365:17)
gyp ERR! System Darwin 14.3.0
gyp ERR! command "node" "/usr/local/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "rebuild"
gyp ERR! cwd /usr/local/lib/node_modules/browser-sync/node_modules/chokidar/node_modules/fsevents
gyp ERR! node -v v0.12.4
gyp ERR! node-gyp -v v1.0.3
gyp ERR! This is a bug in `node-gyp`.
gyp ERR! Try to update node-gyp and file an Issue if it does not help:
gyp ERR! <https://github.com/TooTallNate/node-gyp/issues>
npm WARN optional dep failed, continuing [email protected]
> [email protected] install /usr/local/lib/node_modules/browser-sync/node_modules/socket.io/node_modules/engine.io/node_modules/ws
> (node-gyp rebuild 2> builderror.log) || (exit 0)
> [email protected] install /usr/local/lib/node_modules/browser-sync/node_modules/socket.io/node_modules/socket.io-client/node_modules/engine.io-client/node_modules/ws
> (node-gyp rebuild 2> builderror.log) || (exit 0)
npm WARN engine [email protected]: wanted: {"node":"~0.10.x"} (current: {"node":"0.12.4","npm":"2.10.1"})
npm WARN engine [email protected]: wanted: {"node":">=0.6","npm":"1"} (current: {"node":"0.12.4","npm":"2.10.1"})
npm WARN engine [email protected]: wanted: {"node":"0.8.x || 0.10.x"} (current: {"node":"0.12.4","npm":"2.10.1"})
/usr/local/bin/browser-sync -> /usr/local/lib/node_modules/browser-sync/bin/browser-sync.js
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/npm requires semver@'~2.0.8' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/semver,
npm WARN unmet dependency which is version 2.1.0
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/npm requires nopt@'~2.1.1' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/nopt,
npm WARN unmet dependency which is version 3.0.1
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/npm requires request@'~2.21.0' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/request,
npm WARN unmet dependency which is version 2.47.0
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/npm requires tar@'~0.1.17' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/tar,
npm WARN unmet dependency which is version 1.0.2
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/npm requires node-gyp@'~0.10.6' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/node-gyp,
npm WARN unmet dependency which is version 2.0.1
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/npm requires glob@'~3.2.3' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/glob,
npm WARN unmet dependency which is version 4.0.6
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/npm requires init-package-json@'0.0.10' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/init-package-json,
npm WARN unmet dependency which is version 1.6.0
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/cordova-js/node_modules/browserify requires through2@'^1.0.0' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/through2,
npm WARN unmet dependency which is version 0.6.3
npm WARN unmet dependency /usr/local/lib/node_modules/node-gyp/node_modules/glob requires minimatch@'^2.0.1' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/node-gyp/node_modules/minimatch,
npm WARN unmet dependency which is version 1.0.0
npm WARN unmet dependency /usr/local/lib/node_modules/generator-bookmarklet/node_modules/yeoman-generator/node_modules/inquirer requires lodash@'^3.3.1' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/generator-bookmarklet/node_modules/yeoman-generator/node_modules/lodash,
npm WARN unmet dependency which is version 2.4.2
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/ionic-app-lib/node_modules/cordova-lib/node_modules/cordova-js requires browserify@'7.1.0' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/browserify,
npm WARN unmet dependency which is version 10.2.4
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/prompt/node_modules/utile requires async@'~0.2.9' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/async,
npm WARN unmet dependency which is version 0.9.2
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/request/node_modules/form-data requires mime-types@'~2.0.3' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/request/node_modules/mime-types,
npm WARN unmet dependency which is version 1.0.2
[email protected] /usr/local/lib/node_modules/browser-sync
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected] ([email protected])
├── [email protected]
├── [email protected]
├── [email protected] ([email protected], [email protected], [email protected], [email protected])
├── [email protected] ([email protected])
├── [email protected]
├── [email protected] ([email protected])
├── [email protected] ([email protected], [email protected], [email protected])
├── [email protected] ([email protected], [email protected], [email protected], [email protected])
├── [email protected] ([email protected], [email protected], [email protected], [email protected])
├── [email protected] ([email protected], [email protected])
├── [email protected] ([email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected])
├── [email protected] ([email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected])
├── [email protected] ([email protected])
├── [email protected] ([email protected], [email protected])
├── [email protected] ([email protected], [email protected], [email protected])
├── [email protected]
├── [email protected] ([email protected], [email protected], [email protected], [email protected], [email protected], [email protected])
└── [email protected] ([email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected])
npm WARN installMany normalize-package-data was bundled with [email protected], but bundled package wasn't found in unpacked tree
/usr/local/bin/cordova -> /usr/local/lib/node_modules/cordova/bin/cordova
npm WARN unmet dependency /usr/local/lib/node_modules/generator-bookmarklet/node_modules/yeoman-generator/node_modules/inquirer requires lodash@'^3.3.1' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/generator-bookmarklet/node_modules/yeoman-generator/node_modules/lodash,
npm WARN unmet dependency which is version 2.4.2
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/ionic-app-lib/node_modules/cordova-lib/node_modules/cordova-js requires browserify@'7.1.0' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/browserify,
npm WARN unmet dependency which is version 10.2.4
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/prompt/node_modules/utile requires async@'~0.2.9' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/async,
npm WARN unmet dependency which is version 0.9.2
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/request/node_modules/form-data requires mime-types@'~2.0.3' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/request/node_modules/mime-types,
npm WARN unmet dependency which is version 1.0.2
npm WARN unmet dependency /usr/local/lib/node_modules/node-gyp/node_modules/glob requires minimatch@'^2.0.1' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/node-gyp/node_modules/minimatch,
npm WARN unmet dependency which is version 1.0.0
[email protected] /usr/local/lib/node_modules/cordova
├── [email protected]
├── [email protected]
├── [email protected] ([email protected])
└── [email protected] ([email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected])
npm ERR! Darwin 14.3.0
npm ERR! argv "node" "/usr/local/bin/npm" "update" "-g"
npm ERR! node v0.12.4
npm ERR! npm v2.10.1
npm ERR! path /usr/local/lib/node_modules/npm/bin/node-gyp-bin
npm ERR! code EACCES
npm ERR! errno -13
npm ERR! Error: EACCES, rmdir '/usr/local/lib/node_modules/npm/bin/node-gyp-bin'
npm ERR! at Error (native)
npm ERR! { [Error: EACCES, rmdir '/usr/local/lib/node_modules/npm/bin/node-gyp-bin']
npm ERR! errno: -13,
npm ERR! code: 'EACCES',
npm ERR! path: '/usr/local/lib/node_modules/npm/bin/node-gyp-bin' }
npm ERR!
npm ERR! Please try running this command again as root/Administrator.
npm ERR! error rolling back Error: EACCES, rmdir '/usr/local/lib/node_modules/npm/html/doc'
npm ERR! error rolling back at Error (native)
npm ERR! error rolling back { [Error: EACCES, rmdir '/usr/local/lib/node_modules/npm/html/doc']
npm ERR! error rolling back errno: -13,
npm ERR! error rolling back code: 'EACCES',
npm ERR! error rolling back path: '/usr/local/lib/node_modules/npm/html/doc' }
npm ERR! Please include the following file with any support request:
npm ERR! /Users/halle3/g+j/youtubeResizer/npm-debug.log
➜ youtubeResizer git:(master) ✗ npm
zsh: command not found: npm
after that, zsh tells me:
command not found: npm
😢
We need a small group of people who receive emails to security@ addresses (currently just [email protected] because that's all I have control over, but eventually [email protected] too).
My preference would be for it not to be the entire TSC but a smaller subgroup that can quickly and discretely and escalate issues in the appropriate way. But how we construct this is open for discussion of course.
I'd like to put my hand up for serving in this role along with a couple of others.
Discuss.
This converged repo is node.js
. At some point, we'll need a global rename in docs and source back to node.js
, and to ensure the compiled binary is node
and not iojs
.
See: nodejs/node-v0.x-archive@c66f8c2
@misterdjules @woollybogger
Original commit message:
Improve performance by:
+ Not leaking the `arguments` object!
+ Getting the last character of a string by index, instead of
with `.substr()` or `.slice()`
Improve code consistency by:
+ Using `[]` instead of `.charAt()` where possible
+ Using a function declaration instead of a var declaration
+ Using `.slice()` with clearer arguments
+ Checking if `dir` is truthy in `win32.format`
(added tests for this)
Improve both by:
+ Making the reusable `trimArray()` function
+ Standardizing getting certain path statistics with
the new `win32StatPath()` function
See nodejs/node-v0.x-archive@5dd5ce7
/cc: @mhdawson
Original commit message:
At the uv layer pipes are connected with uv_pipe_connect.
The current spec for this method indicates that the maximum
length is limited to the size of length of
sizeof(sockaddr_un.sun_path), typically between 92 and
108 bytes. Anything longer than that just gets truncated.
The simple testsuite currently creates pipes in directories
under the directory where node was built. In our jenkins
jobs this sometimes ends up being a deep enough path that
the path for the pipes is getting truncated. The result
is that tests using pipes fail with errors that don't
make it obvious what the problem is.
Even if the errors were helpful, we still need a way
to avoid the truncation.
This patch adds the environment variable NODE_PIPE_DIR.
If set the tests create pipes in this directory instead of
the current defaults. In addition the test harness is
updated to remove/delete this directory before/after
each test is run.
modified: test/common.js
modified: test/simple/test-net-pipe-connect-errors.js
modified: test/testpy/__init__.py
modified: test/simple/test-cluster-eaccess.js
We've been in the progress of porting the updated io.js default cipher lists over to node.js. In addition to this change, we're working on adding new --cipher-list
and --enable-default-cipher-list
command line switches that allow the compiled in default cipher list to be overridden. This is a work in progress that hasn't fully landed yet.
4d9c81b7e2522c5d5d9d35058cbb0bce1228d360 test: fixing a few nits in the test
370573665a4daba22655e00c8d0ae8577899d8e5 tls: pass in isolate with define string constant + style nits
3f58ce6942fd0cf90877a4df2fb32539f1614c9d tls: make --enable-legacy-cipher-list less verbose
1bf15467e2b7e074f16744806aff92544953fbd9 tls: command-line switch and envar cipher-list override
UTC Wed 1-Jul-15 20:00:
Or in your local time:
Extracted from tsc-agenda labelled issues and pull requests prior to meeting.
The agenda now comes from issues labelled with tsc-agenda
in all 3 repositories listed above. Please label any additional issues that should be on the agenda before the meeting starts. I'm using a tool to fetch the list so it's not a big deal to collate.
We are back to Uberconference unless @mikeal has a better solution to try for this week. BlueJeans was a failure last week and we won't be able to get it cheap enough to justify our style of usage anyway.
Something seems off about nodejs/node-v0.x-archive@3a9754a...master
I think 3a9754a was supposed to be io.js's base, however. cc @chrisdickinson?
But we have some of the changes into december, and I'm pretty sure they weren't ported ones.
See nodejs/node-v0.x-archive@588c009
/cc @misterdjules @indutny
It's not readily apparent if this one still needs to come over.
See: nodejs/node-v0.x-archive@51fe319
Original Commit Message:
Clarify that synchronous functions in fs with no return value return
undefined.
Specify that fs.openSync() returns an integer and fs.existsSync()
returns true or false.
Simple test case:
var http = require('http');
var server = http.createServer(function(req, res) {
res.setHeader('Foo\n\nBar', 'Value');
res.end();
});
server.listen(3000, function() {
console.log('server started');
});
Then do a curl -v http://localhost:3000
This is not a new issue (nodejs/node-v0.x-archive#2602, nodejs/node-v0.x-archive#9076). It affects HTTP request methods and header names. It happens in v0.10
, v0.12
, and current io.js:
var http = require('http');
var server = http.createServer(function(req,res) {
res.writeHead(200, {'Foo\n\nBar': 'Value'});
res.end('okay');
});
server.listen(3000, function() { console.log('started'); });
I have the code written up to perform the necessary fix but I need a decision: when an invalid http method or header name is passed in, should we throw or attempt to sanitize? Throwing is a API change that breaks backwards compatibility but this is an obvious error with potential security ramifications (fairly low risk). Sanitizing can lead to unexpected results and there is no standard pattern we can follow. Throwing seems to be the best approach.
// http token is defined in RFC2616 as...
// token = 1*<any CHAR except CTLs or separators>
// separators = "(" | ")" | "<" | ">" | "@"
// | "," | ";" | ":" | "\" | <">
// | "/" | "[" | "]" | "?" | "="
// | "{" | "}" | SP | HT
// and redefined in RFC7230 as ...
// tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." /
// "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
// token = 1*tchar
//
// This checks the input to make sure it's valid according to the
// http token rule. If the input doesn't match, it throws, if it
// does match, val is returned.
function checkIsHttpToken(val, label) {
if (!val || typeof val !== 'string')
return false;
for (var n = 0, l = val.length; n < l; n++) {
var c = val.charCodeAt(n);
if (c <= 32 || c == 34 ||
c == 44 || c == 47 ||
c == 123 || c == 125 ||
c == 40 || c == 41 ||
(c >= 58 && c <= 64) ||
(c >= 91 && c <= 93) ||
c >= 128)
throw new Error(
'Invalid character (' +
String.fromCharCode(c) +
') in HTTP ' + label + ' at position ' + (n + 1));
}
return val;
}
@nodejs/tsc ... thoughts?
This commit had no additional commit log details. It adds a bit of detail to tls.markdown to clarify the poodle mitigation implemented in v0.12. We need to reconcile this with the equivalent changes and documentation within the io.js stream to see if (a) the implemented behavior in both is consistent, (b) the documented behavior is consistent and (c) what additional changes may need to be made.
226c98649df1aa2fcccec7eec2629436f7609f8e doc: clarify poodle mitigation
- nodejs/node-v0.x-archive@226c986Once we do our first release here, it'll probably be best to redirect both nodejs/io.js and joyent/node over here. To preserve original commit history, I think renaming the repos before setting up the redirect would be best.
Another issue will be the star counter of joyent/node. It'd probably take year to catch up on that. 😜 Maybe if we ask GitHub nicely, they'll transfer the stargazers?
I am somewhat in favor of the latter, although i'll probably be making a branch for it in either case, to see what it is like.
See: nodejs/node-v0.x-archive@934bfe2
/cc @misterdjules
Summary of original commit message:
Before this change, _unrefActive would keep the unrefList sorted when
adding a new timer.
Because _unrefActive is called extremely frequently, this linear scan
(O(n) at worse) would make _unrefActive show high in the list of
contributors when profiling CPU usage.
This commit changes _unrefActive so that it doesn't try to keep the
unrefList sorted. The insertion thus happens in constant time."
We need to reconcile this against recent io.js changes within timers.js. Is the original sorted unrefList still there. This patch will be need to be ported if so.
See: nodejs/node-v0.x-archive@b233131
Original commit message:
Currently, lib/_tls_legacy.js and lib/crypto.js cannot be loaded when
--use-strict is passed to node. In addition to that, console.trace
throws because it uses arguments.callee.
This change fixes these issues and adds a test that makes sure
every external built-in module can be loaded with require when
--use-strict is enabled.
Please note that this change does not fix all issues with built-in
modules' code running with --use-strict. It is very likely that some
code in the built-in modules still fails when passing this flag.
However, fixing all code would require us to enable strict mode by
default in all builtins modules, which would certainly break existing
applications.
Fairly certain this is no longer necessary given the use strict
changes already in io.js. Need confirmation, however. @piscisaureus @misterdjules @cjihrig @trevnorris
UTC Wed 10-Jun-15 20:00:
Or in your local time:
Attendees will be given a conference number to dial in to.
Extracted from tsc-agenda labelled issues and pull requests prior to meeting.
The agenda now comes from issues labelled with tsc-agenda
in all 3 repositories listed above. Please label any additional issues that should be on the agenda before the meeting starts. I'm using a tool to fetch the list so it's not a big deal to collate.
This meeting will be held via Uberconference. I won't be attempting to live-stream to YouTube this time, it was too difficult last time because I had to have my microphone on. I am continuing to explore other options for broadcasing live; I don't want to completely lose that! So, there won't be a live QA on #io.js this time, very sorry, but please comment here if you have something to query.
The recording will go up on Soundcloud straight afterwards.
See: nodejs/node-v0.x-archive@e64ee2b
/cc @misterdjules @cjihrig @trevnorris
Original commit message: "Some tests that rely on some environment variables being passed to child processes would fail because they reset the child processes' environement instead of appending to it. This would break on test environments where some custom environment variables are needed to make node work properly."
When I want save the fields de my form without nothing.
In the anchor create question
https://quiz2015-miguel.herokuapp.com/quizes/new
if I press button save. It have that show the errors of validation
http://stackoverflow.com/questions/31234695/cannot-call-method-then-of-undefined
There are a number of build related commits that need to reconciled. /cc @nodejs/build @misterdjules
59265264d56cfb7ced87f9b3666ec570152c5f47 src: make build pass with GCC < 4.5
- nodejs/node-v0.x-archive@59265266168fe6720650052728f3e78a495b723f0b41ce3 build: add win32 convenience build rule
- nodejs/node-v0.x-archive@6168fe6UTC Wed 03-Jun-15 20:00:
Or in your local time:
Attendees will be given a conference number to dial in to.
Extracted from tsc-agenda labelled issues and pull requests prior to meeting.
deepEqual
and deepStrictEqual
in util
. #1172 #1177The agenda now comes from issues labelled with tsc-agenda
in all 3 repositories listed above. Please label any additional issues that should be on the agenda before the meeting starts. I'm using a tool to fetch the list so it's not a big deal to collate.
This meeting will be held via Uberconference. I won't be attempting to live-stream to YouTube this time, it was too difficult last time because I had to have my microphone on. I am continuing to explore other options for broadcasing live; I don't want to completely lose that! So, there won't be a live QA on #io.js this time, very sorry, but please comment here if you have something to query.
The recording will go up on Soundcloud straight afterwards.
Re-applying it here just seems like bad practice. I really think we should wait until it lands in v8.
cc @misterdjules + @jasnell
https://blogs.aws.amazon.com/security/post/TxCKZM94ST1S6Y/Introducing-s2n-a
In order to simplify our TLS implementation and as part of our support for strong encryption for everyone, we are pleased to announce availability of a new Open Source implementation of the TLS protocol: s2n. s2n is a library that has been designed to be small, fast, with simplicity as a priority. s2n avoids implementing rarely used options and extensions, and today is just more than 6,000 lines of code. As a result of this, we’ve found that it is easier to review s2n; we have already completed three external security evaluations and penetration tests on s2n, a practice we will be continuing.
See: nodejs/node-v0.x-archive@3139fa2
Original log: "Always set ssl2/ssl3 disabled based on whether they are enabled in Node. In some corner-case scenario, node with OPENSSL_NO_SSL3 defined could be linked to openssl that has SSL3 enabled."
I will be using this issue to track strictly non-api documentation related pulls from the v0.12 stream. These are generally commits that fix documentation errors or documentation tooling that will need to be reconciled independently of code commits. In other words, these are not updates to api docs that corespond with code changes, they are updates in documentation generation, structure, etc. The issue will be updated incrementally.
b3fcc245fb25539909ef1d5eaa01dbf92e168633 src: update AUTHORS after merge of v0.12 in master
- nodejs/node-v0.x-archive@b3fcc247b554024cca6b3d5b7922c510ddf877dcfaba97f src: update AUTHORS after merge
- nodejs/node-v0.x-archive@7b55402b259f245f8772a069fcc9218c33669962801e300 docs: update api location
- nodejs/node-v0.x-archive@b259f240c50195071a57bc40df82c8f57d341a435ff1eb6 docs: delete unused/duplicate css files
- nodejs/node-v0.x-archive@0c50195UTC Wed 27-May-15 20:00:
Or in your local time:
Attendees will be given a conference number to dial in to.
Extracted from tsc-agenda labelled issues and pull requests prior to meeting.
The agenda now comes from issues labelled with tsc-agenda
in all 3 repositories listed above. Please label any additional issues that should be on the agenda before the meeting starts. I'm using a tool to fetch the list so it's not a big deal to collate.
This meeting will be held via Uberconference but I will be attempting to screencast a Skype session via Hangouts On Air through to YouTube (skype.pipe(uberconference).pipe(skype).pipe(hangouts).pipe(youtube)
). So the YouTube link above should be a live feed of the meeting.
If the YouTube feed works, we'll attempt to do a community QA on the #io.js channel on Freenode at the end of the meeting.
The recording will probably go up on Soundcloud as well I think.
These commits deal with the SSLv2/v3 enabling/disabling by default. These need to be reconciled with the related changes that have already been made in io.js. This issue may be updated to include additional related commits if necessary.
b9283cf9d17a51f9654b438216ecb743ed69a7ce tls: honorCipherOrder should not degrade defaults
- nodejs/node-v0.x-archive@b9283cf1349b680badeb5d08ad82811af8350dc3e0f0397 crypto: allow forcing SSLv2/v3 via secureProtocol
- nodejs/node-v0.x-archive@1349b686c8593d4568b59770aeb5b2cfa1fdc23ac422523 crypto: move disaling SSLv2/3 into JavaScript
- nodejs/node-v0.x-archive@6c8593dUTC Wed 24-Jun-15 20:00:
Or in your local time:
Attendees will be given a conference number to dial in to.
Extracted from tsc-agenda labelled issues and pull requests prior to meeting.
The agenda now comes from issues labelled with tsc-agenda
in all 3 repositories listed above. Please label any additional issues that should be on the agenda before the meeting starts. I'm using a tool to fetch the list so it's not a big deal to collate.
This meeting will be held via Uberconference. No live streaming this time unfortunately. Leave questions you want answered by the TSC in this thread as there won't be a QA.
The recording will go up on Soundcloud straight afterwards.
There are several mdb_v8 Related Commits
878c40e1b3762a5f3ed48094f954fbee705f69ff mdb_v8: fix symbols not loaded properly
- nodejs/node-v0.x-archive@878c40eebfa7e350aed8f61b68a290be2e8fefca9db939e mdb_v8: add tests for ::findjsobjects -k KIND
- nodejs/node-v0.x-archive@ebfa7e34312f8d760bdf574b5a461e426331f0b4d298f18 mdb_v8: update for v0.12
- nodejs/node-v0.x-archive@4312f8d1425ccd1b2baca267d3201bfc219e28bb84989fd src: re-add 1024-bit SSL certs removed by f9456a2
- nodejs/node-v0.x-archive@1425ccd
/cc @chrisdickinson @misterdjules
Obviously we want to be careful with these. We need to reconcile the differences between the v0.12 root certs and the current set of io.js rootcerts.
See: nodejs/node-v0.x-archive@523929c
/cc @trevnorris
The original commit log says, "Fixes usage of global object 'Buffer' in lib/* files by ensuring that each file does an explicit require('buffer').Buffer. Previously, when running a repl, due to usage of global 'Buffer', any redefinition of Buffer would cause a crash eg var Buffer = {}."
See: nodejs/node-v0.x-archive@13e1131
/cc @mhdawson
Original commit message:
simple tests test-http-request-end.js, test-http-default-encoding.js
hangs in AIX. The root cause for both the failures is related to the
timing with which packets are sent between the client and server.
On the client side, one factor that affects the timing is Nagle's
algorithm. With Nagle enabled there may be a delay between two packets
as the stack may wait until either:
a. An acknowledgement for the first packet is received, or
b. 200 ms elapses.
before sending the second packet.
Similarly at the server side 2 sequential packages can be delivered to
the application either together or separatly.
On AIX we see that they are delivered separately to the server, while on
Linux delivered together. If we change the timing, for example disabling
Nagle on AIX we see the 2 packets delivered together and the tests pass.
In the test case simple/test-http-request-end.js, the client request
handler of the server receives and stores the data in a data callback,
closes the server in a request end callback, and writes to the client
and ends the response, in-line with the request receipt. An HTTP parser
module parses the incoming message, and invokes callback routines which
are registered for HTTP events (such as header, body, end etc.)
Because the termination sequence arrive in a separate packet, there is a
delay in parsing that message and identify that the client request ended
(and thereby invoke the request end call backhandler). Due to this delay,
the response close happens first, which in-turn destroys the server
socket leading to the fd and watcher removal from the uv loop abandoning
further events on this connection, and end call back never being called,
causing the reported hang. simple/test-http-default-encoding.js suffers
from the same problem.
Also, remove the timer logic from the test case. Test harness anyways
contain a timer which controls the individual tests so remove such
controls from the test case, as suggested by @tjfontaine
Hey, I am trying to make npm install work in Vagrant (Ubuntu 14.04x64 guest on Windows 7 host), but I keep getting
npm verb gentlyRm don't care about contents; nuking /var/www/html/***/*********-****/node_modules/gulp-util/node_modules/dateformat/node_modules/meow/node_modules/indent-string/node_modules/repeating/node_modules/is-finite/node_modules/number-is-nan
npm verb write writing to /var/www/html/***/*********-****/node_modules/gulp-util/node_modules/dateformat/node_modules/meow/node_modules/indent-string/node_modules/repeating/node_modules/is-finite/node_modules/number-is-nan/package.json
../deps/uv/src/uv-common.c:143: uv_err_name: Assertion `0' failed.
Aborted
when I run npm install gulp-util --no-bin-links --verbose
. So far I have noticed this to be the case on this particular package.
At first I thought it had something to do with Windows path limitation, because it works if I try to install it in parent folders and other places. But after applying this patch hashicorp/vagrant#1953 the issue persists and the error message is a bit too cryptic for me
Node version 0.12.5
NPM version 2.11.2
Edit:
Here is gist of this strace strace -F -f -s 1024 -o out.log npm install --no-bin-links --silly
https://gist.github.com/realshadow/179320fc9d60aac35dfe#file-npm_trace
Trace log file had 30MB so I copied last ~30k rows.
Sometimes it's necessary to decrypt your own TLS connections to debug their contents. Wireshark supports this quite nicely with its decryption feature. For non-DH key agreement, you simply provide the private key of the server. However, for DH key agreement, or when you are acting only as a client, that doesn't work. Firefox and Chrome support the environment variable SSLKEYLOGFILE to write the master secrets used to a file, for decryption by Wireshark. It would be great to support this or a similar mechanism for logging master secrets in Node.
Key log format: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format
Helpful Stack Exchange howto: https://security.stackexchange.com/questions/35639/decrypting-tls-in-wireshark-when-using-dhe-rsa-ciphersuites/42350#42350
Wireshark decryption docs: https://wiki.wireshark.org/SSL
Hey everyone, i'm getting this error below. How can i figure out what i can do to fix this?
Thanx!
node: ../deps/uv/src/uv-common.c:143: uv_err_name: Assertion '0' failed.
Aborted
user@machine:/Documents/NodeScripts$ node -v/Documents/NodeScripts$ npm -v
v0.12.6
user@machine:
2.11.2
user@machine:~/Documents/NodeScripts$`
UTC Wed 1-Jul-15 20:00:
Or in your local time:
Extracted from tsc-agenda labelled issues and pull requests prior to meeting.
The agenda now comes from issues labelled with tsc-agenda
in all 3 repositories listed above. Please label any additional issues that should be on the agenda before the meeting starts. I'm using a tool to fetch the list so it's not a big deal to collate.
We are experimenting with BlueJeans for this. If BlueJeans is a pile of fail we'll default back to Uberconference this week, keep that in mind or monitor IRC.
Here is the info they have provided for this meeting:
NOTE: This meeting is intended for TSC members but we do want to have live-sharing of it as well. We are not sure how well this is going to scale having non-TSC members on and watching but if you do join please stay on mute in case we have trouble moderating you into silence! I think this account has a capacity of 25 so if this is super popular then we may have to kick some people off to get the TSC on.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.