Commit 8b1b992
authored
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?v=4&size=40){kind=avatar}
Update Node.js to v16.19.1 (#179)
[](https://renovatebot.com)
This PR contains the following updates:
| Package | Type | Update | Change | Age | Adoption | Passing |
Confidence |
|---|---|---|---|---|---|---|---|
| [node](https://togithub.com/nodejs/node) | | minor | `16.18.1` ->
`16.19.1` |
[](https://docs.renovatebot.com/merge-confidence/)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
|
[@types/node](https://togithub.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node)
([source](https://togithub.com/DefinitelyTyped/DefinitelyTyped)) |
devDependencies | patch | [`16.18.3` ->
`16.18.14`](https://renovatebot.com/diffs/npm/@types%2fnode/16.18.3/16.18.14)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
[](https://docs.renovatebot.com/merge-confidence/)
|
---
### Release Notes
<details>
<summary>nodejs/node</summary>
###
[`v16.19.1`](https://togithub.com/nodejs/node/releases/tag/v16.19.1):
2023-02-16, Version 16.19.1 'Gallium' (LTS),
@​richardlau
[Compare
Source](https://togithub.com/nodejs/node/compare/v16.19.0...v16.19.1)
This is a security release.
##### Notable Changes
The following CVEs are fixed in this release:
-
**[CVE-2023-23918](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23918)**:
Node.js Permissions policies can be bypassed via process.mainModule
(High)
-
**[CVE-2023-23919](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23919)**:
Node.js OpenSSL error handling issues in nodejs crypto library (Medium)
-
**[CVE-2023-23920](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23920)**:
Node.js insecure loading of ICU data through ICU_DATA environment
variable (Low)
Fixed by an update to undici:
-
**[CVE-2023-23936](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23936)**:
Fetch API in Node.js did not protect against CRLF injection in host
headers (Medium)
- See
<GHSA-5r9g-qh6m-jxff>
for more information.
-
**[CVE-2023-24807](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24807)**:
Regular Expression Denial of Service in Headers in Node.js fetch API
(Low)
- See
<GHSA-r6ch-mqf9-qc9w>
for more information.
More detailed information on each of the vulnerabilities can be found in
[February 2023 Security
Releases](https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/)
blog post.
This security release includes OpenSSL security updates as outlined in
the recent
[OpenSSL security
advisory](https://www.openssl.org/news/secadv/20230207.txt).
##### Commits
- \[[`7fef050447`](https://togithub.com/nodejs/node/commit/7fef050447)]
- **build**: build ICU with ICU_NO_USER_DATA_OVERRIDE (RafaelGSS)
[nodejs-private/node-private#​374](https://togithub.com/nodejs-private/node-private/pull/374)
- \[[`b558e9f476`](https://togithub.com/nodejs/node/commit/b558e9f476)]
- **crypto**: clear OpenSSL error on invalid ca cert (RafaelGSS)
[nodejs-private/node-private#​375](https://togithub.com/nodejs-private/node-private/pull/375)
- \[[`160adb7ffc`](https://togithub.com/nodejs/node/commit/160adb7ffc)]
- **crypto**: clear OpenSSL error queue after calling
X509\_check_private_key() (Filip Skokan)
[#​45495](https://togithub.com/nodejs/node/pull/45495)
- \[[`d0ece30948`](https://togithub.com/nodejs/node/commit/d0ece30948)]
- **crypto**: clear OpenSSL error queue after calling X509\_verify()
(Takuro Sato)
[#​45377](https://togithub.com/nodejs/node/pull/45377)
- \[[`2d9ae4f184`](https://togithub.com/nodejs/node/commit/2d9ae4f184)]
- **deps**: update undici to v5.19.1 (Matteo Collina)
[nodejs-private/node-private#​388](https://togithub.com/nodejs-private/node-private/pull/388)
- \[[`d80e8312fd`](https://togithub.com/nodejs/node/commit/d80e8312fd)]
- **deps**: cherry-pick Windows ARM64 fix for openssl (Richard Lau)
[#​46568](https://togithub.com/nodejs/node/pull/46568)
- \[[`de5c8d2c2f`](https://togithub.com/nodejs/node/commit/de5c8d2c2f)]
- **deps**: update archs files for quictls/openssl-1.1.1t+quic
(RafaelGSS) [#​46568](https://togithub.com/nodejs/node/pull/46568)
- \[[`1a8ccfe908`](https://togithub.com/nodejs/node/commit/1a8ccfe908)]
- **deps**: upgrade openssl sources to OpenSSL\_1\_1\_1t+quic
(RafaelGSS) [#​46568](https://togithub.com/nodejs/node/pull/46568)
- \[[`693789780b`](https://togithub.com/nodejs/node/commit/693789780b)]
- **doc**: clarify release notes for Node.js 16.19.0 (Richard Lau)
[#​45846](https://togithub.com/nodejs/node/pull/45846)
- \[[`f95ef064f4`](https://togithub.com/nodejs/node/commit/f95ef064f4)]
- **lib**: makeRequireFunction patch when experimental policy
(RafaelGSS)
[nodejs-private/node-private#​358](https://togithub.com/nodejs-private/node-private/pull/358)
- \[[`b02d895137`](https://togithub.com/nodejs/node/commit/b02d895137)]
- **policy**: makeRequireFunction on mainModule.require (RafaelGSS)
[nodejs-private/node-private#​358](https://togithub.com/nodejs-private/node-private/pull/358)
- \[[`d7f83c420c`](https://togithub.com/nodejs/node/commit/d7f83c420c)]
- **test**: avoid left behind child processes (Richard Lau)
[#​46276](https://togithub.com/nodejs/node/pull/46276)
###
[`v16.19.0`](https://togithub.com/nodejs/node/releases/tag/v16.19.0):
2022-12-13, Version 16.19.0 'Gallium' (LTS),
@​richardlau
[Compare
Source](https://togithub.com/nodejs/node/compare/v16.18.1...v16.19.0)
##### Notable Changes
##### OpenSSL 1.1.1s
This update is a bugfix release and does not address any security
vulnerabilities.
##### Root certificates updated to NSS 3.85
Certificates added:
- Autoridad de Certificacion Firmaprofesional CIF
[`A626340`](https://togithub.com/nodejs/node/commit/A62634068)
- Certainly Root E1
- Certainly Root R1
- D-TRUST BR Root CA 1 2020
- D-TRUST EV Root CA 1 2020
- DigiCert TLS ECC P384 Root G5
- DigiCert TLS RSA4096 Root G5
- E-Tugra Global Root CA ECC v3
- E-Tugra Global Root CA RSA v3
- HiPKI Root CA - G1
- ISRG Root X2
- Security Communication ECC RootCA1
- Security Communication RootCA3
- Telia Root CA v2
- vTrus ECC Root CA
- vTrus Root CA
Certificates removed:
- Cybertrust Global Root
- DST Root CA X3
- GlobalSign Root CA - R2
- Hellenic Academic and Research Institutions RootCA 2011
##### Time zone update to 2022f
Time zone data has been updated to 2022f. This includes changes to
Daylight
Savings Time (DST) for Fiji and Mexico. For more information, see
<https://mm.icann.org/pipermail/tz-announce/2022-October/000075.html>.
##### Other Notable Changes
- \[[`33707dcd03`](https://togithub.com/nodejs/node/commit/33707dcd03)]
- **dgram**: add dgram send queue info (theanarkh)
[#​44149](https://togithub.com/nodejs/node/pull/44149)
Dependency updates:
- \[[`3b2b70d792`](https://togithub.com/nodejs/node/commit/3b2b70d792)]
- **deps**: upgrade npm to 8.19.3 (npm team)
[#​45322](https://togithub.com/nodejs/node/pull/45322)
Experimental features:
- \[[`1e0dcd1ee0`](https://togithub.com/nodejs/node/commit/1e0dcd1ee0)]
- **cli**: add `--watch` (Moshe Atlow)
[#​44366](https://togithub.com/nodejs/node/pull/44366)
- \[[`8c73279ebb`](https://togithub.com/nodejs/node/commit/8c73279ebb)]
- **util**: add default value option to parsearg (Manuel Spigolon)
[#​44631](https://togithub.com/nodejs/node/pull/44631)
##### Commits
- \[[`bbef3c42f6`](https://togithub.com/nodejs/node/commit/bbef3c42f6)]
- **build**: add version info to timezone update PR (Darshan Sen)
[#​45021](https://togithub.com/nodejs/node/pull/45021)
- \[[`cc2c7648e0`](https://togithub.com/nodejs/node/commit/cc2c7648e0)]
- **build**: support Python 3.11 (Luigi Pinca)
[#​45191](https://togithub.com/nodejs/node/pull/45191)
- \[[`ac24c80663`](https://togithub.com/nodejs/node/commit/ac24c80663)]
- **build**: remove redundant condition from common.gypi (Richard Lau)
[#​45076](https://togithub.com/nodejs/node/pull/45076)
- \[[`03dcbe3030`](https://togithub.com/nodejs/node/commit/03dcbe3030)]
- **build**: fix bad upstream merge (Stephen Gallagher)
[#​44642](https://togithub.com/nodejs/node/pull/44642)
- \[[`1e0dcd1ee0`](https://togithub.com/nodejs/node/commit/1e0dcd1ee0)]
- **cli**: add `--watch` (Moshe Atlow)
[#​44366](https://togithub.com/nodejs/node/pull/44366)
- \[[`96d131665e`](https://togithub.com/nodejs/node/commit/96d131665e)]
- **cluster**: use inspector utils (Moshe Atlow)
[#​44592](https://togithub.com/nodejs/node/pull/44592)
- \[[`704836033a`](https://togithub.com/nodejs/node/commit/704836033a)]
- **crypto**: update root certificates (Luigi Pinca)
[#​45490](https://togithub.com/nodejs/node/pull/45490)
- \[[`5a776d4a69`](https://togithub.com/nodejs/node/commit/5a776d4a69)]
- **deps**: update timezone to 2022f (Richard Lau)
[#​45613](https://togithub.com/nodejs/node/pull/45613)
- \[[`3b2b70d792`](https://togithub.com/nodejs/node/commit/3b2b70d792)]
- **deps**: upgrade npm to 8.19.3 (npm team)
[#​45322](https://togithub.com/nodejs/node/pull/45322)
- \[[`9fbc8b21db`](https://togithub.com/nodejs/node/commit/9fbc8b21db)]
- **deps**: update corepack to 0.15.1 (Node.js GitHub Bot)
[#​45331](https://togithub.com/nodejs/node/pull/45331)
- \[[`87e3d002ca`](https://togithub.com/nodejs/node/commit/87e3d002ca)]
- **deps**: update corepack to 0.15.0 (Node.js GitHub Bot)
[#​45235](https://togithub.com/nodejs/node/pull/45235)
- \[[`e972ff7b13`](https://togithub.com/nodejs/node/commit/e972ff7b13)]
- **deps**: V8: backport
[`bbd800c`](https://togithub.com/nodejs/node/commit/bbd800c6e359)
(Chengzhong Wu)
[#​44947](https://togithub.com/nodejs/node/pull/44947)
- \[[`af9d8217c0`](https://togithub.com/nodejs/node/commit/af9d8217c0)]
- **deps**: V8: cherry-pick
[`b953542`](https://togithub.com/nodejs/node/commit/b95354290941)
(Chengzhong Wu)
[#​44947](https://togithub.com/nodejs/node/pull/44947)
- \[[`38202d321b`](https://togithub.com/nodejs/node/commit/38202d321b)]
- **deps**: update undici to 5.12.0 (Node.js GitHub Bot)
[#​45236](https://togithub.com/nodejs/node/pull/45236)
- \[[`7c0da6adf9`](https://togithub.com/nodejs/node/commit/7c0da6adf9)]
- **deps**: update archs files for OpenSSL-1.1.1s (RafaelGSS)
[#​45274](https://togithub.com/nodejs/node/pull/45274)
- \[[`1149ead6f7`](https://togithub.com/nodejs/node/commit/1149ead6f7)]
- **deps**: upgrade openssl sources to OpenSSL\_1\_1\_1s (RafaelGSS)
[#​45274](https://togithub.com/nodejs/node/pull/45274)
- \[[`cd54bce4f5`](https://togithub.com/nodejs/node/commit/cd54bce4f5)]
- **deps**: update timezone (Node.js GitHub Bot)
[#​44950](https://togithub.com/nodejs/node/pull/44950)
- \[[`2901abe4f0`](https://togithub.com/nodejs/node/commit/2901abe4f0)]
- **deps**: update undici to 5.11.0 (Node.js GitHub Bot)
[#​44929](https://togithub.com/nodejs/node/pull/44929)
- \[[`c80cf97033`](https://togithub.com/nodejs/node/commit/c80cf97033)]
- **deps**: update corepack to 0.14.2 (Node.js GitHub Bot)
[#​44775](https://togithub.com/nodejs/node/pull/44775)
- \[[`33707dcd03`](https://togithub.com/nodejs/node/commit/33707dcd03)]
- **dgram**: add dgram send queue info (theanarkh)
[#​44149](https://togithub.com/nodejs/node/pull/44149)
- \[[`c708d9bb94`](https://togithub.com/nodejs/node/commit/c708d9bb94)]
- **doc**: fix typo in parseArgs default value (Tobias Nießen)
[#​45083](https://togithub.com/nodejs/node/pull/45083)
- \[[`5a0efa05d2`](https://togithub.com/nodejs/node/commit/5a0efa05d2)]
- **node-api**: handle no support for external buffers (Michael Dawson)
[#​45181](https://togithub.com/nodejs/node/pull/45181)
- \[[`db31de634e`](https://togithub.com/nodejs/node/commit/db31de634e)]
- **readline**: refactor to avoid unsafe regex primordials (Antoine du
Hamel) [#​43475](https://togithub.com/nodejs/node/pull/43475)
- \[[`fbc52e5729`](https://togithub.com/nodejs/node/commit/fbc52e5729)]
- **src**: disambiguate terms used to refer to builtins and addons
(Joyee Cheung)
[#​44135](https://togithub.com/nodejs/node/pull/44135)
- \[[`953072d3db`](https://togithub.com/nodejs/node/commit/953072d3db)]
- **src**: let http2 streams end after session close (Santiago Gimeno)
[#​45153](https://togithub.com/nodejs/node/pull/45153)
- \[[`54608d8dc3`](https://togithub.com/nodejs/node/commit/54608d8dc3)]
- **src**: split property helpers from node::Environment (Chengzhong Wu)
[#​44056](https://togithub.com/nodejs/node/pull/44056)
- \[[`6733556783`](https://togithub.com/nodejs/node/commit/6733556783)]
- **test**: add test to validate changelogs for releases (Richard Lau)
[#​45325](https://togithub.com/nodejs/node/pull/45325)
- \[[`821d832cef`](https://togithub.com/nodejs/node/commit/821d832cef)]
- **test**: mark test-watch-mode\* as flaky on all platforms (Pierrick
Bouvier) [#​45049](https://togithub.com/nodejs/node/pull/45049)
- \[[`02a18eac69`](https://togithub.com/nodejs/node/commit/02a18eac69)]
- **test**: fix test-runner-inspect (Moshe Atlow)
[#​44620](https://togithub.com/nodejs/node/pull/44620)
- \[[`197df63f74`](https://togithub.com/nodejs/node/commit/197df63f74)]
- **test**: add a test to ensure the correctness of timezone upgrades
(Darshan Sen)
[#​45299](https://togithub.com/nodejs/node/pull/45299)
- \[[`42e9d8016a`](https://togithub.com/nodejs/node/commit/42e9d8016a)]
- **test**: fix textdecoder test for small-icu builds (Richard Lau)
[#​45225](https://togithub.com/nodejs/node/pull/45225)
- \[[`6d736a56d8`](https://togithub.com/nodejs/node/commit/6d736a56d8)]
- **test**: fix watch mode test flake (Moshe Atlow)
[#​44739](https://togithub.com/nodejs/node/pull/44739)
- \[[`543d3d2bf3`](https://togithub.com/nodejs/node/commit/543d3d2bf3)]
- **test**: deflake watch mode tests (Moshe Atlow)
[#​44621](https://togithub.com/nodejs/node/pull/44621)
- \[[`97f6caf4eb`](https://togithub.com/nodejs/node/commit/97f6caf4eb)]
- **test**: split watch mode inspector tests to sequential (Moshe Atlow)
[#​44551](https://togithub.com/nodejs/node/pull/44551)
- \[[`499750ff7a`](https://togithub.com/nodejs/node/commit/499750ff7a)]
- **test**: update list of known globals (Antoine du Hamel)
[#​45255](https://togithub.com/nodejs/node/pull/45255)
- \[[`64d343af74`](https://togithub.com/nodejs/node/commit/64d343af74)]
- **test_runner**: support using `--inspect` with `--test` (Moshe Atlow)
[#​44520](https://togithub.com/nodejs/node/pull/44520)
- \[[`99ee5e484d`](https://togithub.com/nodejs/node/commit/99ee5e484d)]
- **test_runner**: fix `duration_ms` to be milliseconds (Moshe Atlow)
[#​44450](https://togithub.com/nodejs/node/pull/44450)
- \[[`37e909251c`](https://togithub.com/nodejs/node/commit/37e909251c)]
- **test_runner**: support programmatically running `--test` (Moshe
Atlow) [#​44241](https://togithub.com/nodejs/node/pull/44241)
- \[[`0ae5694f88`](https://togithub.com/nodejs/node/commit/0ae5694f88)]
- **tools**: update certdata.txt (Luigi Pinca)
[#​45490](https://togithub.com/nodejs/node/pull/45490)
- \[[`891368cefd`](https://togithub.com/nodejs/node/commit/891368cefd)]
- **tools**: remove faulty early termination logic from
update-timezone.mjs (Darshan Sen)
[#​44870](https://togithub.com/nodejs/node/pull/44870)
- \[[`543493c242`](https://togithub.com/nodejs/node/commit/543493c242)]
- **tools**: fix timezone update tool (Darshan Sen)
[#​44870](https://togithub.com/nodejs/node/pull/44870)
- \[[`c77f660b75`](https://togithub.com/nodejs/node/commit/c77f660b75)]
- **tools**: fix `create-or-update-pull-request-action` hash on GHA
(Antoine du Hamel)
[#​45166](https://togithub.com/nodejs/node/pull/45166)
- \[[`58c30dd049`](https://togithub.com/nodejs/node/commit/58c30dd049)]
- **tools**: update gr2m/create-or-update-pull-request-action (Luigi
Pinca) [#​45022](https://togithub.com/nodejs/node/pull/45022)
- \[[`749a4b3e5e`](https://togithub.com/nodejs/node/commit/749a4b3e5e)]
- **tools**: use Python 3.11 in GitHub Actions workflows (Luigi Pinca)
[#​45191](https://togithub.com/nodejs/node/pull/45191)
- \[[`6f541d99a5`](https://togithub.com/nodejs/node/commit/6f541d99a5)]
- **tools**: have test-asan use ubuntu-20.04 (Filip Skokan)
[#​45581](https://togithub.com/nodejs/node/pull/45581)
- \[[`e7ed56f501`](https://togithub.com/nodejs/node/commit/e7ed56f501)]
- **tools**: make license-builder.sh comply with shellcheck 0.8.0 (Rich
Trott) [#​41258](https://togithub.com/nodejs/node/pull/41258)
- \[[`cc819b4bf8`](https://togithub.com/nodejs/node/commit/cc819b4bf8)]
- **tools**: fix typo in `avoid-prototype-pollution` lint rule (Antoine
du Hamel) [#​44446](https://togithub.com/nodejs/node/pull/44446)
- \[[`254358c81e`](https://togithub.com/nodejs/node/commit/254358c81e)]
- **tools**: refactor `avoid-prototype-pollution` lint rule (Antoine du
Hamel) [#​43476](https://togithub.com/nodejs/node/pull/43476)
- \[[`8c73279ebb`](https://togithub.com/nodejs/node/commit/8c73279ebb)]
- **util**: add default value option to parsearg (Manuel Spigolon)
[#​44631](https://togithub.com/nodejs/node/pull/44631)
</details>
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://app.renovatebot.com/dashboard#github/gagoar/github-app-installation-token).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC4xNDMuMSIsInVwZGF0ZWRJblZlciI6IjM0LjE1NC41In0=-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>](https://renovatebot.com){kind=link}
1 parent 7e5a8f1 commit 8b1b992
3 files changed
+9
-9
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | | - | |
| 1 | + | |
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
114 | 114 | | |
115 | 115 | | |
116 | 116 | | |
117 | | - | |
| 117 | + | |
118 | 118 | | |
119 | 119 | | |
120 | 120 | | |
| |||
0 commit comments