Commit 00a9a3e1 authored by Jérémy Lal's avatar Jérémy Lal

New upstream version 6.11.4~dfsg

parent cfac78ec
......@@ -94,6 +94,8 @@ More Developer Tools...`. This step will install `clang`, `clang++`, and
* You may want to setup [firewall rules](tools/macosx-firewall.sh)
to avoid popups asking to accept incoming network connections when running tests:
If the path to your build directory contains a space, the build will likely fail.
```console
$ sudo ./tools/macosx-firewall.sh
```
......@@ -127,6 +129,25 @@ To run the tests:
$ make test
```
To run the tests and generate code coverage reports:
```console
$ ./configure --coverage
$ make coverage
```
This will generate coverage reports for both JavaScript and C++ tests (if you
only want to run the JavaScript tests then you do not need to run the first
command `./configure --coverage`).
The `make coverage` command downloads some tools to the project root directory
and overwrites the `lib/` directory. To clean up after generating the coverage
reports:
```console
make coverage-clean
```
To build the documentation:
This will build Node.js first (if necessary) and then use it to build the docs:
......@@ -135,7 +156,7 @@ This will build Node.js first (if necessary) and then use it to build the docs:
$ make doc
```
If you have an existing Node.js you can build just the docs with:
If you have an existing Node.js build, you can build just the docs with:
```console
$ NODE=/path/to/node make doc-only
......@@ -174,6 +195,8 @@ Prerequisites:
[Git for Windows](http://git-scm.com/download/win) includes Git Bash
and tools which can be included in the global `PATH`.
If the path to your build directory contains a space, the build will likely fail.
```console
> .\vcbuild nosign
```
......
......@@ -26,7 +26,8 @@ release.
</tr>
<tr>
<td valign="top">
<b><a href="doc/changelogs/CHANGELOG_V6.md#6.11.3">6.11.3</a></b><br/>
<b><a href="doc/changelogs/CHANGELOG_V6.md#6.11.4">6.11.4</a></b><br/>
<a href="doc/changelogs/CHANGELOG_V6.md#6.11.3">6.11.3</a><br/>
<a href="doc/changelogs/CHANGELOG_V6.md#6.11.2">6.11.2</a><br/>
<a href="doc/changelogs/CHANGELOG_V6.md#6.11.1">6.11.1</a><br/>
<a href="doc/changelogs/CHANGELOG_V6.md#6.11.0">6.11.0</a><br/>
......
This diff is collapsed.
......@@ -176,7 +176,8 @@ Running `make test`/`vcbuild test` will run the linter as well unless one or
more tests fail.
If you want to run the linter without running tests, use
`make lint`/`vcbuild lint`.
`make lint`/`vcbuild lint`. It will run both JavaScript linting and
C++ linting.
If you are updating tests and just want to run a single test to check it, you
can use this syntax to run it exactly as the test harness would:
......
This diff is collapsed.
......@@ -35,7 +35,7 @@ If you need help using or installing Node.js, please use the
* [Building Node.js](#building-nodejs)
* [Security](#security)
* [Current Project Team Members](#current-project-team-members)
* [CTC (Core Technical Committee)](#ctc-core-technical-committee)
* [TSC (Technical Steering Committee)](#tsc-technical-steering-committee)
* [Collaborators](#collaborators)
* [Release Team](#release-team)
......@@ -55,9 +55,9 @@ If you need help using or installing Node.js, please use the
channel.
_Please note that unofficial resources are neither managed by (nor necessarily
endorsed by) the Node.js TSC/CTC. Specifically, such resources are not
endorsed by) the Node.js TSC. Specifically, such resources are not
currently covered by the [Node.js Moderation Policy][] and the selection and
actions of resource operators/moderators are not subject to TSC/CTC oversight._
actions of resource operators/moderators are not subject to TSC oversight._
## Release Types
......@@ -114,11 +114,11 @@ documentation of the latest stable version.
### Verifying Binaries
Current, LTS and Nightly download directories all contain a _SHASUM256.txt_
Current, LTS and Nightly download directories all contain a _SHASUMS256.txt_
file that lists the SHA checksums for each file available for
download.
The _SHASUM256.txt_ can be downloaded using curl.
The _SHASUMS256.txt_ can be downloaded using curl.
```console
$ curl -O https://nodejs.org/dist/vx.y.z/SHASUMS256.txt
......@@ -135,10 +135,10 @@ _(Where "node-vx.y.z.tar.gz" is the name of the file you have
downloaded)_
Additionally, Current and LTS releases (not Nightlies) have GPG signed
copies of SHASUM256.txt files available as SHASUM256.txt.asc. You can use
copies of SHASUMS256.txt files available as SHASUMS256.txt.asc. You can use
`gpg` to verify that the file has not been tampered with.
To verify a SHASUM256.txt.asc, you will first need to import all of
To verify a SHASUMS256.txt.asc, you will first need to import all of
the GPG keys of individuals authorized to create releases. They are
listed at the bottom of this README under [Release Team](#release-team).
Use a command such as this to import the keys:
......@@ -172,14 +172,59 @@ Your email will be acknowledged within 24 hours, and you’ll receive a more
detailed response to your email within 48 hours indicating the next steps in
handling your report.
There are no hard and fast rules to determine if a bug is worth reporting as
a security issue. The general rule is any issue worth reporting
must allow an attacker to compromise the confidentiality, integrity
or availability of the Node.js application or its system for which the attacker
does not already have the capability.
To illustrate the point, here are some examples of past issues and what the
Security Reponse Team thinks of them. When in doubt, however, please do send
us a report nonetheless.
### Public disclosure preferred
- [#14519](https://github.com/nodejs/node/issues/14519): _Internal domain
function can be used to cause segfaults_. Causing program termination using
either the public Javascript APIs or the private bindings layer APIs requires
the ability to execute arbitrary Javascript code, which is already the highest
level of privilege possible.
- [#12141](https://github.com/nodejs/node/pull/12141): _buffer: zero fill
Buffer(num) by default_. The buffer constructor behaviour was documented,
but found to be prone to [mis-use](https://snyk.io/blog/exploiting-buffer/).
It has since been changed, but despite much debate, was not considered misuse
prone enough to justify fixing in older release lines and breaking our
API stability contract.
### Private disclosure preferred
- [CVE-2016-7099](https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/):
_Fix invalid wildcard certificate validation check_. This is a high severity
defect that would allow a malicious TLS server to serve an invalid wildcard
certificate for its hostname and be improperly validated by a Node.js client.
- [#5507](https://github.com/nodejs/node/pull/5507): _Fix a defect that makes
the CacheBleed Attack possible_. Many, though not all, OpenSSL vulnerabilities
in the TLS/SSL protocols also effect Node.js.
- [CVE-2016-2216](https://nodejs.org/en/blog/vulnerability/february-2016-security-releases/):
_Fix defects in HTTP header parsing for requests and responses that can allow
response splitting_. While the impact of this vulnerability is application and
network dependent, it is remotely exploitable in the HTTP protocol.
When in doubt, please do send us a report.
## Current Project Team Members
The Node.js project team comprises a group of core collaborators and a sub-group
that forms the _Core Technical Committee_ (CTC) which governs the project. For
more information about the governance of the Node.js project, see
that forms the _Technical Steering Committee_ (TSC) which governs the project.
For more information about the governance of the Node.js project, see
[GOVERNANCE.md](./GOVERNANCE.md).
### CTC (Core Technical Committee)
### TSC (Technical Steering Committee)
* [addaleax](https://github.com/addaleax) -
**Anna Henningsen** &lt;anna@addaleax.net&gt; (she/her)
......@@ -199,14 +244,14 @@ more information about the governance of the Node.js project, see
**Fedor Indutny** &lt;fedor.indutny@gmail.com&gt;
* [jasnell](https://github.com/jasnell) -
**James M Snell** &lt;jasnell@gmail.com&gt; (he/him)
* [joshgav](https://github.com/joshgav) -
**Josh Gavant** &lt;josh.gavant@outlook.com&gt;
* [joyeecheung](https://github.com/joyeecheung) -
**Joyee Cheung** &lt;joyeec9h3@gmail.com&gt; (she/her)
* [mcollina](https://github.com/mcollina) -
**Matteo Collina** &lt;matteo.collina@gmail.com&gt; (he/him)
* [mhdawson](https://github.com/mhdawson) -
**Michael Dawson** &lt;michael_dawson@ca.ibm.com&gt; (he/him)
* [misterdjules](https://github.com/misterdjules) -
**Julien Gilli** &lt;jgilli@nodejs.org&gt;
* [mscdex](https://github.com/mscdex) -
**Brian White** &lt;mscdex@mscdex.net&gt;
* [MylesBorins](https://github.com/MylesBorins) -
......@@ -226,7 +271,7 @@ more information about the governance of the Node.js project, see
* [Trott](https://github.com/Trott) -
**Rich Trott** &lt;rtrott@gmail.com&gt; (he/him)
### CTC Emeriti
### TSC Emeriti
* [chrisdickinson](https://github.com/chrisdickinson) -
**Chris Dickinson** &lt;christopher.s.dickinson@gmail.com&gt;
......@@ -236,6 +281,8 @@ more information about the governance of the Node.js project, see
**Alexis Campailla** &lt;orangemocha@nodejs.org&gt;
* [piscisaureus](https://github.com/piscisaureus) -
**Bert Belder** &lt;bertbelder@gmail.com&gt;
* [nebrius](https://github.com/nebrius) -
**Bryan Hughes** &lt;bryan@nebri.us&gt;
### Collaborators
......@@ -263,6 +310,8 @@ more information about the governance of the Node.js project, see
**Ben Noordhuis** &lt;info@bnoordhuis.nl&gt;
* [brendanashworth](https://github.com/brendanashworth) -
**Brendan Ashworth** &lt;brendan.ashworth@me.com&gt;
* [BridgeAR](https://github.com/BridgeAR) -
**Ruben Bridgewater** &lt;ruben@bridgewater.de&gt;
* [bzoz](https://github.com/bzoz) -
**Bartosz Sosnowski** &lt;bartosz@janeasystems.com&gt;
* [calvinmetcalf](https://github.com/calvinmetcalf) -
......@@ -509,7 +558,7 @@ Previous releases may also have been signed with one of the following GPG keys:
### Working Groups
Information on the current Node.js Working Groups can be found in the
[CTC repository](https://github.com/nodejs/CTC/blob/master/WORKING_GROUPS.md).
[TSC repository](https://github.com/nodejs/TSC/blob/master/WORKING_GROUPS.md).
[npm]: https://www.npmjs.com
[Website]: https://nodejs.org/en/
......
'use strict';
var common = require('../common.js');
const common = require('../common.js');
var types = [
'Array',
'Buffer',
'Int8Array',
'Uint8Array',
'Int16Array',
'Uint16Array',
'Int32Array',
'Uint32Array',
'Float32Array',
'Float64Array'
];
var bench = common.createBenchmark(main, {
type: types,
const bench = common.createBenchmark(main, {
type: [
'Array',
'Buffer',
'Int8Array',
'Uint8Array',
'Int16Array',
'Uint16Array',
'Int32Array',
'Uint32Array',
'Float32Array',
'Float64Array'
],
n: [25]
});
function main(conf) {
var type = conf.type;
var clazz = global[type];
var n = +conf.n;
const type = conf.type;
const clazz = global[type];
const n = +conf.n;
bench.start();
var arr = new clazz(n * 1e6);
......
'use strict';
var common = require('../common.js');
const common = require('../common.js');
var types = [
'Array',
'Buffer',
'Int8Array',
'Uint8Array',
'Int16Array',
'Uint16Array',
'Int32Array',
'Uint32Array',
'Float32Array',
'Float64Array'
];
var bench = common.createBenchmark(main, {
type: types,
const bench = common.createBenchmark(main, {
type: [
'Array',
'Buffer',
'Int8Array',
'Uint8Array',
'Int16Array',
'Uint16Array',
'Int32Array',
'Uint32Array',
'Float32Array',
'Float64Array'
],
n: [25]
});
function main(conf) {
var type = conf.type;
var clazz = global[type];
var n = +conf.n;
const type = conf.type;
const clazz = global[type];
const n = +conf.n;
bench.start();
var arr = new clazz(n * 1e6);
......
'use strict';
var common = require('../common.js');
const common = require('../common.js');
var types = [
'Array',
'Buffer',
'Int8Array',
'Uint8Array',
'Int16Array',
'Uint16Array',
'Int32Array',
'Uint32Array',
'Float32Array',
'Float64Array'
];
var bench = common.createBenchmark(main, {
type: types,
const bench = common.createBenchmark(main, {
type: [
'Array',
'Buffer',
'Int8Array',
'Uint8Array',
'Int16Array',
'Uint16Array',
'Int32Array',
'Uint32Array',
'Float32Array',
'Float64Array'
],
n: [25]
});
function main(conf) {
var type = conf.type;
var clazz = global[type];
var n = +conf.n;
const type = conf.type;
const clazz = global[type];
const n = +conf.n;
bench.start();
var arr = new clazz(n * 1e6);
......
......@@ -10,6 +10,7 @@ const configs = {
};
const bench = common.createBenchmark(main, configs);
const noop = () => {};
function main(conf) {
const n = +conf.n;
......@@ -19,19 +20,27 @@ function main(conf) {
if (port !== undefined && address !== undefined) {
bench.start();
for (let i = 0; i < n; i++) {
dgram.createSocket('udp4').bind(port, address).unref();
dgram.createSocket('udp4').bind(port, address)
.on('error', noop)
.unref();
}
bench.end(n);
} else if (port !== undefined) {
bench.start();
for (let i = 0; i < n; i++) {
dgram.createSocket('udp4').bind(port).unref();
dgram.createSocket('udp4')
.bind(port)
.on('error', noop)
.unref();
}
bench.end(n);
} else if (port === undefined && address === undefined) {
bench.start();
for (let i = 0; i < n; i++) {
dgram.createSocket('udp4').bind().unref();
dgram.createSocket('udp4')
.bind()
.on('error', noop)
.unref();
}
bench.end(n);
}
......
#!/usr/bin/env python
#!/bin/sh
# Locate python2 interpreter and re-execute the script. Note that the
# mix of single and double quotes is intentional, as is the fact that
# the ] goes on a new line.
_=[ 'exec' '/bin/sh' '-c' '''
which python2.7 >/dev/null && exec python2.7 "$0" "$@"
which python2 >/dev/null && exec python2 "$0" "$@"
exec python "$0" "$@"
''' "$0" "$@"
]
del _
import sys
if sys.version_info[0] != 2 or sys.version_info[1] not in (6, 7):
......
......@@ -11,7 +11,7 @@
#define V8_MAJOR_VERSION 5
#define V8_MINOR_VERSION 1
#define V8_BUILD_NUMBER 281
#define V8_PATCH_LEVEL 107
#define V8_PATCH_LEVEL 108
// Use 1 for candidates and 0 otherwise.
// (Boolean macro values are not supported by all preprocessors.)
......
......@@ -842,6 +842,12 @@ bool ScopeIterator::CopyContextExtensionToScopeObject(
void ScopeIterator::GetNestedScopeChain(Isolate* isolate, Scope* scope,
int position) {
if (scope->is_function_scope()) {
// Do not collect scopes of nested inner functions inside the current one.
Handle<JSFunction> function =
Handle<JSFunction>::cast(frame_inspector_->GetFunction());
if (scope->end_position() < function->shared()->end_position()) return;
}
if (!scope->is_eval_scope()) {
nested_scope_chain_.Add(ExtendedScopeInfo(scope->GetScopeInfo(isolate),
scope->start_position(),
......
......@@ -1131,7 +1131,7 @@ RegExpEngine::CompilationResult RegExpCompiler::Assemble(
Handle<HeapObject> code = macro_assembler_->GetCode(pattern);
heap->IncreaseTotalRegexpCodeGenerated(code->Size());
work_list_ = NULL;
#ifdef ENABLE_DISASSEMBLER
#if defined(ENABLE_DISASSEMBLER) && !defined(V8_INTERPRETED_REGEXP)
if (FLAG_print_code) {
CodeTracer::Scope trace_scope(heap->isolate()->GetCodeTracer());
OFStream os(trace_scope.file());
......
......@@ -2,7 +2,7 @@
<html lang="en">
<head>
<meta charset="utf-8">
<title>Index | Node.js v6.11.3 Documentation</title>
<title>Index | Node.js v6.11.4 Documentation</title>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Lato:400,700,400italic">
<link rel="stylesheet" href="assets/style.css">
<link rel="stylesheet" href="assets/sh.css">
......@@ -40,6 +40,7 @@
<li><a class="nav-globals" href="globals.html">Globals</a></li>
<li><a class="nav-http" href="http.html">HTTP</a></li>
<li><a class="nav-https" href="https.html">HTTPS</a></li>
<li><a class="nav-intl" href="intl.html">Internationalization</a></li>
<li><a class="nav-modules" href="modules.html">Modules</a></li>
<li><a class="nav-net" href="net.html">Net</a></li>
<li><a class="nav-os" href="os.html">OS</a></li>
......@@ -72,13 +73,20 @@
<div id="column1" data-id="_toc" class="interior">
<header>
<h1>Node.js v6.11.3 Documentation</h1>
<h1>Node.js v6.11.4 Documentation</h1>
<div id="gtoc">
<p>
<a href="index.html" name="toc">Index</a> |
<a href="all.html">View on single page</a> |
<a href="_toc.json">View as JSON</a>
</p>
<ul>
<li>
<a href="index.html" name="toc">Index</a>
</li>
<li>
<a href="all.html">View on single page</a>
</li>
<li>
<a href="_toc.json">View as JSON</a>
</li>
</ul>
</div>
<hr>
</header>
......@@ -113,6 +121,7 @@
<li><a href="globals.html">Globals</a></li>
<li><a href="http.html">HTTP</a></li>
<li><a href="https.html">HTTPS</a></li>
<li><a href="intl.html">Internationalization</a></li>
<li><a href="modules.html">Modules</a></li>
<li><a href="net.html">Net</a></li>
<li><a href="os.html">OS</a></li>
......
......@@ -216,6 +216,16 @@
{
"type": "list_item_start"
},
{
"type": "text",
"text": "[Internationalization](intl.html)"
},
{
"type": "list_item_end"
},
{
"type": "list_item_start"
},
{
"type": "text",
"text": "[Modules](modules.html)"
......
......@@ -22,6 +22,7 @@
* [Globals](globals.html)
* [HTTP](http.html)
* [HTTPS](https.html)
* [Internationalization](intl.html)
* [Modules](modules.html)
* [Net](net.html)
* [OS](os.html)
......
......@@ -2,7 +2,7 @@
<html lang="en">
<head>
<meta charset="utf-8">
<title>C/C++ Addons | Node.js v6.11.3 Documentation</title>
<title>C/C++ Addons | Node.js v6.11.4 Documentation</title>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Lato:400,700,400italic">
<link rel="stylesheet" href="assets/style.css">
<link rel="stylesheet" href="assets/sh.css">
......@@ -40,6 +40,7 @@
<li><a class="nav-globals" href="globals.html">Globals</a></li>
<li><a class="nav-http" href="http.html">HTTP</a></li>
<li><a class="nav-https" href="https.html">HTTPS</a></li>
<li><a class="nav-intl" href="intl.html">Internationalization</a></li>
<li><a class="nav-modules" href="modules.html">Modules</a></li>
<li><a class="nav-net" href="net.html">Net</a></li>
<li><a class="nav-os" href="os.html">OS</a></li>
......@@ -72,13 +73,31 @@
<div id="column1" data-id="addons" class="interior">
<header>
<h1>Node.js v6.11.3 Documentation</h1>
<h1>Node.js v6.11.4 Documentation</h1>
<div id="gtoc">
<p>
<a href="index.html" name="toc">Index</a> |
<a href="all.html">View on single page</a> |
<a href="addons.json">View as JSON</a>
</p>
<ul>
<li>
<a href="index.html" name="toc">Index</a>
</li>
<li>
<a href="all.html">View on single page</a>
</li>
<li>
<a href="addons.json">View as JSON</a>
</li>
<li class="version-picker">
<a href="#">View another version <span>&#x25bc;</span></a>
<ol class="version-picker"><li><a href="https://nodejs.org/docs/latest-v8.x/api/addons.html">8.x</a></li>
<li><a href="https://nodejs.org/docs/latest-v7.x/api/addons.html">7.x</a></li>
<li><a href="https://nodejs.org/docs/latest-v6.x/api/addons.html">6.x <b>LTS</b></a></li>
<li><a href="https://nodejs.org/docs/latest-v5.x/api/addons.html">5.x</a></li>
<li><a href="https://nodejs.org/docs/latest-v4.x/api/addons.html">4.x <b>LTS</b></a></li>
<li><a href="https://nodejs.org/docs/latest-v0.12.x/api/addons.html">0.12.x</a></li>
<li><a href="https://nodejs.org/docs/latest-v0.10.x/api/addons.html">0.10.x</a></li></ol>
</li>
</ul>
</div>
<hr>
</header>
......@@ -116,6 +135,7 @@
<div id="apicontent">
<h1>C/C++ Addons<span><a class="mark" href="#addons_c_c_addons" id="addons_c_c_addons">#</a></span></h1>
<!--introduced_in=v0.10.0-->
<p>Node.js Addons are dynamically-linked shared objects, written in C or C++, that
can be loaded into Node.js using the <a href="globals.html#globals_require"><code>require()</code></a> function, and used
just as if they were an ordinary Node.js module. They are used primarily to
......@@ -1031,7 +1051,6 @@ and a pointer to untyped context data to be passed to that callback.</p>
<p>Callbacks are run in last-in first-out order.</p>
<p>The following <code>addon.cc</code> implements AtExit:</p>
<pre><code class="lang-cpp">// addon.cc
#undef NDEBUG
#include &lt;assert.h&gt;
#include &lt;stdlib.h&gt;
#include &lt;node.h&gt;
......@@ -1068,10 +1087,10 @@ static void sanity_check(void*) {
}
void init(Local&lt;Object&gt; exports) {
AtExit(sanity_check);
AtExit(at_exit_cb2, cookie);
AtExit(at_exit_cb2, cookie);
AtExit(at_exit_cb1, exports-&gt;GetIsolate());
AtExit(sanity_check);
}
NODE_MODULE(addon, init)
......@@ -1080,7 +1099,7 @@ NODE_MODULE(addon, init)
</code></pre>
<p>Test in JavaScript by running:</p>
<pre><code class="lang-js">// test.js
const addon = require(&#39;./build/Release/addon&#39;);
require(&#39;./build/Release/addon&#39;);