Giter VIP home page Giter VIP logo

node-convergence-archive's Introduction

Node.js Foundation - Node.js

This repository is the working repository for the proposed convergence of the http://github.com/iojs/io.js and http://github.com/joyent/node projects under the Node.js Foundation.

Contributions, releases, and contributorship are under the proposed Governance and Developer Policy for the soon-to-be-launched Node.js Foundation:

This project is operating with the oversight of the joint Node.js and io.js core technical teams.

Note: The original io.js README.md is temporarily renamed to iojs_README.md.

node-convergence-archive's People

Contributors

andreasmadsen avatar bnoordhuis avatar chrisdickinson avatar cjihrig avatar creationix avatar felixge avatar fishrock123 avatar henryrawas avatar indutny avatar isaacs avatar jacksontian avatar jbergstroem avatar koichik avatar mikeal avatar miksago avatar mmalecki avatar mscdex avatar orangemocha avatar piscisaureus avatar pquerna avatar rvagg avatar ry avatar sam-github avatar silverwind avatar thughes avatar tjfontaine avatar tootallnate avatar trevnorris avatar vkurchatkin avatar yorkie avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

lovewitty 731348691 qq826592522 avert eidonjoe jasnell aleclarson hushuitian mushu1990 devlato geek carlosov justinpopa20 andrevvalle duke-lv langelee pratiksheth samandar9196 gdetreztest wycharry brunoalcau chenkevinyes dshaw bshawk iarna sourabp 5y michelzuniga yashwanth-t jhopes jblaban jomo aleksey-pyatlin kublaj triosyi eibay sandeepsarpe andrewdeandrade duan2yu haozxuan lishuaibing shangshanshi l2ksolkov nikhyl deepongpat kalvar zblach aethersg g5693038 gmorc jwytd seanfreeman itroadhd code-mx driftwithtoyota86 philouswen pmq20 simudream emanziano ritzysys xcstuday opensource-yl aqwertaqwert srl295 rodrigoadams5 280455936 deberny nfriedly mattidevelopment orangemocha narg smikes darrenf2e handy2015 pelioniot yekg880809 jakthegr8 agnat daliandragon itkoren orionzhao llltc wolferring noscripter sophia2152 hhy5277 cloned2k16 universal-it-systems ghostrider1124 niilante isabella232 global-localhost global19 global19-atlassian-net trellixvulnteam

node-convergence-archive's Issues

drop node merge commits?

Do we want / need these?

For posterity, io.js lands everything that isn't strictly old maintenance into master and backports to maintenance branches via cherry-picking.

http: sanitize http headers and method names

Simple test case:

var http = require('http');
var server = http.createServer(function(req, res) {
    res.setHeader('Foo\n\nBar', 'Value');
    res.end();
});
server.listen(3000, function() {
  console.log('server started');
});

Then do a curl -v http://localhost:3000

This is not a new issue (nodejs/node-v0.x-archive#2602, nodejs/node-v0.x-archive#9076). It affects HTTP request methods and header names. It happens in v0.10, v0.12, and current io.js:

var http = require('http');
var server = http.createServer(function(req,res) {
  res.writeHead(200, {'Foo\n\nBar': 'Value'});
  res.end('okay');
});
server.listen(3000, function() { console.log('started'); });

I have the code written up to perform the necessary fix but I need a decision: when an invalid http method or header name is passed in, should we throw or attempt to sanitize? Throwing is a API change that breaks backwards compatibility but this is an obvious error with potential security ramifications (fairly low risk). Sanitizing can lead to unexpected results and there is no standard pattern we can follow. Throwing seems to be the best approach.

// http token is defined in RFC2616 as...
//   token          = 1*<any CHAR except CTLs or separators>
//   separators     = "(" | ")" | "<" | ">" | "@"
//                  | "," | ";" | ":" | "\" | <">
//                  | "/" | "[" | "]" | "?" | "="
//                  | "{" | "}" | SP | HT
// and redefined in RFC7230 as ...
//   tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." /
//     "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA
//   token = 1*tchar
//
// This checks the input to make sure it's valid according to the
// http token rule. If the input doesn't match, it throws, if it
// does match, val is returned.
function checkIsHttpToken(val, label) {
  if (!val || typeof val !== 'string')
    return false;
  for (var n = 0, l = val.length; n < l; n++) {
    var c = val.charCodeAt(n);
    if (c <= 32 || c == 34 ||
        c == 44 || c == 47 ||
        c == 123 || c == 125 ||
        c == 40 || c == 41 ||
        (c >= 58 && c <= 64) ||
        (c >= 91 && c <= 93) ||
        c >= 128)
      throw new Error(
          'Invalid character (' +
          String.fromCharCode(c) +
          ') in HTTP ' + label + ' at position ' + (n + 1));
  }
  return val;
}

@nodejs/tsc ... thoughts?

Node Foundation TSC Meeting 2015-06-17

Time

UTC Wed 17-Jun-15 20:00:

  • San Francisco: Wed 17-Jun-15 13:00
  • Amsterdam: Wed 17-Jun-15 22:00
  • Moscow: Wed 17-Jun-15 23:00
  • Sydney: Thu 18-Jun-15 06:00

Or in your local time:

Links

Attendees will be given a conference number to dial in to.

Agenda

Extracted from tsc-agenda labelled issues and pull requests prior to meeting.

nodejs/node

  • Create a security team #48

nodejs/io.js

  • on working with proposals from the API WG #1993

joyent/node

  • Nominating new collaborators to this repository #25481
  • Node should not automatically change rlimits #8704

Invited

Notes

The agenda now comes from issues labelled with tsc-agenda in all 3 repositories listed above. Please label any additional issues that should be on the agenda before the meeting starts. I'm using a tool to fetch the list so it's not a big deal to collate.

This meeting will be held via Uberconference. I won't be attempting to live-stream to YouTube this time, it was too difficult last time because I had to have my microphone on. I am continuing to explore other options for broadcasing live; I don't want to completely lose that! So, there won't be a live QA on #io.js this time, very sorry, but please comment here if you have something to query.

The recording will go up on Soundcloud straight afterwards.

merge vs rebase ontop of io.js

I am somewhat in favor of the latter, although i'll probably be making a branch for it in either case, to see what it is like.

Redirect from the old repos

Once we do our first release here, it'll probably be best to redirect both nodejs/io.js and joyent/node over here. To preserve original commit history, I think renaming the repos before setting up the redirect would be best.

Another issue will be the star counter of joyent/node. It'd probably take year to catch up on that. 😜 Maybe if we ask GitHub nicely, they'll transfer the stargazers?

[Converge] test: Env variable to specify directory for pipes

See nodejs/node-v0.x-archive@5dd5ce7
/cc: @mhdawson

Original commit message:

At the uv layer pipes are connected with uv_pipe_connect.
The current spec for this method indicates that the maximum
length is limited to the size of length of
sizeof(sockaddr_un.sun_path), typically between 92 and
108 bytes. Anything longer than that just gets truncated.

The simple testsuite currently creates pipes in directories
under the directory where node was built.  In our jenkins
jobs this sometimes ends up being a deep enough path that
the path for the pipes is getting truncated.  The result
is that tests using pipes fail with errors that don't
make it obvious what the problem is.

Even if the errors were helpful, we still need a way
to avoid the truncation.

This patch adds the environment variable NODE_PIPE_DIR.
If set the tests create pipes in this directory instead of
the current defaults.  In addition the test harness is
updated to remove/delete this directory before/after
each test is run.

    modified:   test/common.js
    modified:   test/simple/test-net-pipe-connect-errors.js
    modified:   test/testpy/__init__.py
    modified:   test/simple/test-cluster-eaccess.js

issue labels

I'm going to begin copying over from io.js. We can discuss any additional ones / changes here.

Node Foundation TSC Meeting 2015-06-10

Time

UTC Wed 10-Jun-15 20:00:

  • San Francisco: Wed 10-Jun-15 13:00
  • Amsterdam: Wed 10-Jun-15 22:00
  • Moscow: Wed 10-Jun-15 23:00
  • Sydney: Thu 11-Jun-15 06:00

Or in your local time:

Links

Attendees will be given a conference number to dial in to.

Agenda

Extracted from tsc-agenda labelled issues and pull requests prior to meeting.

nodejs/node

nodejs/io.js

  • Add working group state per Project Lifecycle. #1880
  • Chrome 43 released; time for V8 4.3! #1735
  • TSC needs to elect a board representative. #1697

joyent/node

  • Nominating new collaborators to this repository #25481
  • Node should not automatically change rlimits #8704
  • re-purpose previous joyent/node TSC meeting as LTS working group
  • Releases for logjam - expect new openssl version soon (possibly should be discussed in LTS working group instead)

Invited

Notes

The agenda now comes from issues labelled with tsc-agenda in all 3 repositories listed above. Please label any additional issues that should be on the agenda before the meeting starts. I'm using a tool to fetch the list so it's not a big deal to collate.

This meeting will be held via Uberconference. I won't be attempting to live-stream to YouTube this time, it was too difficult last time because I had to have my microphone on. I am continuing to explore other options for broadcasing live; I don't want to completely lose that! So, there won't be a live QA on #io.js this time, very sorry, but please comment here if you have something to query.

The recording will go up on Soundcloud straight afterwards.

[Converge] lib: fix stdio/ipc sync i/o regression

See nodejs/node-v0.x-archive@2411bea
/cc: @bnoordhuis @trevnorris

Original commit message:

process.send() should be synchronous, it should block until the message
has been sent in full, but it wasn't after the second-to-last libuv
upgrade because of commit libuv/libuv@393c1c5 ("unix: set non-block
mode in uv_{pipe,tcp,udp}_open"), which made its way into io.js in
commit 07bd05b ("deps: update libuv to 1.2.1").

Commit libuv/libuv@b36d4ff ("unix: implement uv_stream_set_blocking()")
as landed in io.js in commit 9681fca ("deps: update libuv to 1.4.0")
makes it possible to restore the synchronous behavior again and that's
precisely what this commit does.

The same line of reasoning applies to `net.Socket({ fd: 1 })`: creating
a socket object from a stdio file descriptor, like the `process.stdout`
getter does, should put the file descriptor in blocking mode for
compatibility reasons.

Node Foundation TSC Meeting 2015-07-08

Time

UTC Wed 1-Jul-15 20:00:

  • San Francisco: Wed 8-Jul-15 13:00
  • Amsterdam: Wed 8-Jul-15 22:00
  • Moscow: Wed 8-Jul-15 23:00
  • Sydney: Thu 9-Jul-15 06:00

Or in your local time:

Links

Agenda

Extracted from tsc-agenda labelled issues and pull requests prior to meeting.

nodejs/io.js

  • Default Unhandled Rejection Detection Behavior #830

joyent/node

  • Adding a "mentor-available" label #25618

Invited

Notes

The agenda now comes from issues labelled with tsc-agenda in all 3 repositories listed above. Please label any additional issues that should be on the agenda before the meeting starts. I'm using a tool to fetch the list so it's not a big deal to collate.

Joining the meeting

We are back to Uberconference unless @mikeal has a better solution to try for this week. BlueJeans was a failure last week and we won't be able to get it cheap enough to justify our style of usage anyway.

[Converge] test: make cluster tests more time tolerant

See: nodejs/node-v0.x-archive@f3f4e28

/cc @mhdawson

Original commit message:

simple tests test-cluster-master-error.js, test-cluster-master-kill.js
fails in AIX with assertion failure indicating that the workers were
alive even after the master terminated. A 200ms leeway is provided for
the workers to actually terminate, but the isAlive check returns
true in both the cases.

In AIX, the workers were actually terminating, but they took more time
- as much as 800ms (normal) to 1000ms (in rare cases).

Based on a C test we ran, it is found that the exit routines in AIX
is a bit more longer than that in Linux. There are a number of cleanup
activities performed in exit() system call, and depending on when the
signal handlers are shutdown in that sequence, the process will be
deemed as dead or alive, from another process's perspective.

process.kill(pid) is used in the test case to check the liveliness of
the worker, and when the kill() call is issued, even if the target
process is in it's exit sequences, if the signal handlers are not shut
down, it will respond to external signals, causing those calls to pass.

This fix extends the additional timeout for all platforms

Node Foundation TSC Meeting 2015-06-24

Time

UTC Wed 24-Jun-15 20:00:

  • San Francisco: Wed 24-Jun-15 13:00
  • Amsterdam: Wed 24-Jun-15 22:00
  • Moscow: Wed 24-Jun-15 23:00
  • Sydney: Thu 25-Jun-15 06:00

Or in your local time:

Links

Attendees will be given a conference number to dial in to.

Agenda

Extracted from tsc-agenda labelled issues and pull requests prior to meeting.

nodejs/node

nodejs/io.js

  • discussion of stability for internal APIs #2030

joyent/node

  • Nominating new collaborators to this repository #25481

Invited

Notes

The agenda now comes from issues labelled with tsc-agenda in all 3 repositories listed above. Please label any additional issues that should be on the agenda before the meeting starts. I'm using a tool to fetch the list so it's not a big deal to collate.

This meeting will be held via Uberconference. No live streaming this time unfortunately. Leave questions you want answered by the TSC in this thread as there won't be a QA.

The recording will go up on Soundcloud straight afterwards.

Node Foundation TSC Meeting 2015-06-03

Time

UTC Wed 03-Jun-15 20:00:

  • San Francisco: Wed 03-Jun-15 13:00
  • Amsterdam: Wed 03-Jun-15 22:00
  • Moscow: Wed 03-Jun-15 23:00
  • Sydney: Thu 04-Jun-15 06:00

Or in your local time:

Links

Attendees will be given a conference number to dial in to.

Agenda

Extracted from tsc-agenda labelled issues and pull requests prior to meeting.

nodejs/node

nodejs/io.js

  • Chrome 43 released; time for V8 4.3! #1735
  • TSC needs to elect a board representative. #1697
  • Expose deepEqual and deepStrictEqual in util. #1172 #1177

joyent/node

Invited

Notes

The agenda now comes from issues labelled with tsc-agenda in all 3 repositories listed above. Please label any additional issues that should be on the agenda before the meeting starts. I'm using a tool to fetch the list so it's not a big deal to collate.

This meeting will be held via Uberconference. I won't be attempting to live-stream to YouTube this time, it was too difficult last time because I had to have my microphone on. I am continuing to explore other options for broadcasing live; I don't want to completely lose that! So, there won't be a live QA on #io.js this time, very sorry, but please comment here if you have something to query.

The recording will go up on Soundcloud straight afterwards.

[Converge] --cipher-list and --enable-legacy-cipher-list Command Line Switch

We've been in the progress of porting the updated io.js default cipher lists over to node.js. In addition to this change, we're working on adding new --cipher-list and --enable-default-cipher-list command line switches that allow the compiled in default cipher list to be overridden. This is a work in progress that hasn't fully landed yet.

  • 4d9c81b7e2522c5d5d9d35058cbb0bce1228d360 test: fixing a few nits in the test
  • 370573665a4daba22655e00c8d0ae8577899d8e5 tls: pass in isolate with define string constant + style nits
  • 3f58ce6942fd0cf90877a4df2fb32539f1614c9d tls: make --enable-legacy-cipher-list less verbose
  • 1bf15467e2b7e074f16744806aff92544953fbd9 tls: command-line switch and envar cipher-list override
  • nodejs/node-v0.x-archive#14574 (master)
  • nodejs/node-v0.x-archive#14573 (v0.12)
  • nodejs/node-v0.x-archive#14572 (v0.10)

[Converge] Replace 'io.js' with 'node.js'

This converged repo is node.js. At some point, we'll need a global rename in docs and source back to node.js, and to ensure the compiled binary is node and not iojs.

[Converge] child_process argument type checking

These commits add argument type checking to methods within child_process. This needs to be reconciled with the current io.js behavior. The change introduces a new throw so there's a potential API compatibility issue.
/cc @trevnorris

Create a security team

We need a small group of people who receive emails to security@ addresses (currently just [email protected] because that's all I have control over, but eventually [email protected] too).

My preference would be for it not to be the entire TSC but a smaller subgroup that can quickly and discretely and escalate issues in the appropriate way. But how we construct this is open for discussion of course.

I'd like to put my hand up for serving in this role along with a couple of others.

Discuss.

[Converge] General non-api documentation related deltas

I will be using this issue to track strictly non-api documentation related pulls from the v0.12 stream. These are generally commits that fix documentation errors or documentation tooling that will need to be reconciled independently of code commits. In other words, these are not updates to api docs that corespond with code changes, they are updates in documentation generation, structure, etc. The issue will be updated incrementally.

[Converge] url: revert reslove urls with . and ..

See: nodejs/node-v0.x-archive@a5be84f and nodejs/node-v0.x-archive@9b534e2
/cc @misterdjules

Original Commit Message:

Initially, this bug fix targeted master, and I pushed to have it
included in v0.10. In retrospect, I'm not sure it should have made into
v0.10 as it seems it could break a lot of existing working code.

In my opinion, this change is still a bug fix, and it is not backward
incompatible per se. However, I'm not sure that taking the risk to break
a lot of users with a new 0.10.x release that would include this fix is
reasonable, especially now that 0.10.x releases are entering
maintenance mode.

Not convinced this is one we want to pull over.

[Converge] test: address timing issues in simple http tests

See: nodejs/node-v0.x-archive@13e1131
/cc @mhdawson

Original commit message:

simple tests test-http-request-end.js, test-http-default-encoding.js
hangs in AIX. The root cause for both the failures is related to the
timing with which packets are sent between the client and server.
On the client side, one factor that affects the timing is Nagle's
algorithm. With Nagle enabled there may be a delay between two packets
as the stack may wait until either:
  a. An acknowledgement for the first packet is received, or
  b. 200 ms elapses.
before sending the second packet.

Similarly at the server side 2 sequential packages can be delivered to
the application either together or separatly.

On AIX we see that they are delivered separately to the server, while on
Linux delivered together. If we change the timing, for example disabling
Nagle on AIX we see the 2 packets delivered together and the tests pass.

In the test case simple/test-http-request-end.js, the client request
handler of the server receives and stores the data in a data callback,
closes the server in a request end callback, and writes to the client
and ends the response, in-line with the request receipt. An HTTP parser
module parses the incoming message, and invokes callback routines which
are registered for HTTP events (such as header, body, end etc.)

Because the termination sequence arrive in a separate packet, there is a
delay in parsing that message and identify that the client request ended
(and thereby invoke the request end call backhandler). Due to this delay,
the response close happens first, which in-turn destroys the server
socket leading to the fd and watcher removal from the uv loop abandoning
further events on this connection, and end call back never being called,
causing the reported hang.  simple/test-http-default-encoding.js suffers
from the same problem.

Also, remove the timer logic from the test case. Test harness anyways
contain a timer which controls the individual tests so remove such
controls from the test case, as suggested by @tjfontaine

[Converge] timers: Avoid linear scan in _unrefActive.

See: nodejs/node-v0.x-archive@934bfe2
/cc @misterdjules

Summary of original commit message:

Before this change, _unrefActive would keep the unrefList sorted when
adding a new timer.

Because _unrefActive is called extremely frequently, this linear scan
(O(n) at worse) would make _unrefActive show high in the list of
contributors when profiling CPU usage.

This commit changes _unrefActive so that it doesn't try to keep the
unrefList sorted. The insertion thus happens in constant time."

We need to reconcile this against recent io.js changes within timers.js. Is the original sorted unrefList still there. This patch will be need to be ported if so.

url: Update url implementation conformance

Opening this issue to track the activity. The url module currently does not completely conform to the current url standards (https://url.spec.whatwg.org/) and browser behavior. We'll eventually need to get the implementation updated once the general performance improvements have been made.

There are a number of open issues in http://github.com/joyent/node that deal with url conformance. I will point those to this issue and hold them open until the conformance updates have been made.

Node Foundation TSC Meeting 2015-05-27

Time

UTC Wed 27-May-15 20:00:

  • San Francisco: Wed 27-May-15 13:00
  • Amsterdam: Wed 27-May-15 22:00
  • Moscow: Wed 27-May-15 23:00
  • Sydney: Thu 28-May-15 06:00

Or in your local time:

Links

Attendees will be given a conference number to dial in to.

Agenda

Extracted from tsc-agenda labelled issues and pull requests prior to meeting.

nodejs/node

  • doc: Add new working groups #15

nodejs/io.js

  • Buffer implemented using Uint8Array #1810
  • [Discussion] FFI - Giving Buffer more low-level C functionality #1750
  • Chrome 43 released; time for V8 4.3! #1735
  • Deprecation Policy #1704
  • TSC needs to elect a board representative. #1697
  • V8 4.4 to remove indexed properties via external data #1451

joyent/node

Invited

Notes

The agenda now comes from issues labelled with tsc-agenda in all 3 repositories listed above. Please label any additional issues that should be on the agenda before the meeting starts. I'm using a tool to fetch the list so it's not a big deal to collate.

This meeting will be held via Uberconference but I will be attempting to screencast a Skype session via Hangouts On Air through to YouTube (skype.pipe(uberconference).pipe(skype).pipe(hangouts).pipe(youtube)). So the YouTube link above should be a live feed of the meeting.

If the YouTube feed works, we'll attempt to do a community QA on the #io.js channel on Freenode at the end of the meeting.

The recording will probably go up on Soundcloud as well I think.

Consider/Evaluate Amazon's "s2n" TLS library

https://blogs.aws.amazon.com/security/post/TxCKZM94ST1S6Y/Introducing-s2n-a

In order to simplify our TLS implementation and as part of our support for strong encryption for everyone, we are pleased to announce availability of a new Open Source implementation of the TLS protocol: s2n. s2n is a library that has been designed to be small, fast, with simplicity as a priority. s2n avoids implementing rarely used options and extensions, and today is just more than 6,000 lines of code. As a result of this, we’ve found that it is easier to review s2n; we have already completed three external security evaluations and penetration tests on s2n, a practice we will be continuing.

SSLv23_method(void) deprecated?

So while trying to figure out whether or not I need to worry about AWS S3 shutting down SSLv3 support I came across these 0.10.33 release notes discussing POODLE. In those notes, it states:

"The default protocol method Node.js uses is SSLv23_method which would be more accurately named AutoNegotiate_method. This method will try and negotiate from the highest level down to whatever the client supports."

I wanted to find more details actually describing this "auto-negotiate" behavior and haven't found anything that suggests that it would attempt to use something more than than SSLv2 and SSLv3, like TLS. What I did find was this openssl documentation stating that SSLv23_method() is deprecated and that TLS_Method() should be used instead.

SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void)
Use of these functions is deprecated. They have been replaced with TLS_Method(), TLS_server_method() and TLS_client_method() respectively. New code should use those functions instead.

Additional investigation revealed that SSLv23_method() only became an "AutoNegotiate_method" for anyone using openssl 1.1.0 or newer (possibly any version newer than 1.0.2). For anyone on versions older than 1.0.2, it's not an "AutoNegotiate_method". See this openssl commit describing changes to SSLv23_method()

If SSLv23_method() is deprecated, why is it still the default in both node 0.12.x and io.js 2.x? Should we not switch to TLS_Method()?

(related: Automattic/knox#280 )

[Converge] path: refactor for performance and consistency

See: nodejs/node-v0.x-archive@c66f8c2
@misterdjules @woollybogger

Original commit message:

Improve performance by:
+ Not leaking the `arguments` object!
+ Getting the last character of a string by index, instead of
  with `.substr()` or `.slice()`

Improve code consistency by:
+ Using `[]` instead of `.charAt()` where possible
+ Using a function declaration instead of a var declaration
+ Using `.slice()` with clearer arguments
+ Checking if `dir` is truthy in `win32.format`
  (added tests for this)

Improve both by:
+ Making the reusable `trimArray()` function
+ Standardizing getting certain path statistics with
  the new `win32StatPath()` function

Optionally log master secrets for TLS connections

Sometimes it's necessary to decrypt your own TLS connections to debug their contents. Wireshark supports this quite nicely with its decryption feature. For non-DH key agreement, you simply provide the private key of the server. However, for DH key agreement, or when you are acting only as a client, that doesn't work. Firefox and Chrome support the environment variable SSLKEYLOGFILE to write the master secrets used to a file, for decryption by Wireshark. It would be great to support this or a similar mechanism for logging master secrets in Node.

Key log format: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Key_Log_Format
Helpful Stack Exchange howto: https://security.stackexchange.com/questions/35639/decrypting-tls-in-wireshark-when-using-dhe-rsa-ciphersuites/42350#42350
Wireshark decryption docs: https://wiki.wireshark.org/SSL

uv_err_name: Assertion `0' failed during npm install

Hey, I am trying to make npm install work in Vagrant (Ubuntu 14.04x64 guest on Windows 7 host), but I keep getting

npm verb gentlyRm don't care about contents; nuking /var/www/html/***/*********-****/node_modules/gulp-util/node_modules/dateformat/node_modules/meow/node_modules/indent-string/node_modules/repeating/node_modules/is-finite/node_modules/number-is-nan
npm verb write writing to /var/www/html/***/*********-****/node_modules/gulp-util/node_modules/dateformat/node_modules/meow/node_modules/indent-string/node_modules/repeating/node_modules/is-finite/node_modules/number-is-nan/package.json
../deps/uv/src/uv-common.c:143: uv_err_name: Assertion `0' failed.
Aborted

when I run npm install gulp-util --no-bin-links --verbose. So far I have noticed this to be the case on this particular package.

At first I thought it had something to do with Windows path limitation, because it works if I try to install it in parent folders and other places. But after applying this patch hashicorp/vagrant#1953 the issue persists and the error message is a bit too cryptic for me

Node version 0.12.5
NPM version 2.11.2

Edit:

Here is gist of this strace strace -F -f -s 1024 -o out.log npm install --no-bin-links --silly
https://gist.github.com/realshadow/179320fc9d60aac35dfe#file-npm_trace

Trace log file had 30MB so I copied last ~30k rows.

[Converge] doc: clarify poodle mitigation

This commit had no additional commit log details. It adds a bit of detail to tls.markdown to clarify the poodle mitigation implemented in v0.12. We need to reconcile this with the equivalent changes and documentation within the io.js stream to see if (a) the implemented behavior in both is consistent, (b) the documented behavior is consistent and (c) what additional changes may need to be made.

node: ../deps/uv/src/uv-common.c:143: uv_err_name: Assertion `0' failed.

Hey everyone, i'm getting this error below. How can i figure out what i can do to fix this?

Thanx!

node: ../deps/uv/src/uv-common.c:143: uv_err_name: Assertion '0' failed.
Aborted
user@machine:/Documents/NodeScripts$ node -v
v0.12.6
user@machine:/Documents/NodeScripts$ npm -v
2.11.2
user@machine:~/Documents/NodeScripts$`

[Converge] SSLv2/3 disable/enable related commits

These commits deal with the SSLv2/v3 enabling/disabling by default. These need to be reconciled with the related changes that have already been made in io.js. This issue may be updated to include additional related commits if necessary.

[Converge] src: fix builtin modules failing with --use-strict

See: nodejs/node-v0.x-archive@b233131

Original commit message:

Currently, lib/_tls_legacy.js and lib/crypto.js cannot be loaded when
--use-strict is passed to node. In addition to that, console.trace
throws because it uses arguments.callee.

This change fixes these issues and adds a test that makes sure
every external built-in module can be loaded with require when
--use-strict is enabled.

Please note that this change does not fix all issues with built-in
modules' code running with --use-strict. It is very likely that some
code in the built-in modules still fails when passing this flag.

However, fixing all code would require us to enable strict mode by
default in all builtins modules, which would certainly break existing
applications.

Fairly certain this is no longer necessary given the use strict changes already in io.js. Need confirmation, however. @piscisaureus @misterdjules @cjihrig @trevnorris

Node Foundation TSC Meeting 2015-07-01

Time

UTC Wed 1-Jul-15 20:00:

  • San Francisco: Wed 1-Jul-15 13:00
  • Amsterdam: Wed 1-Jul-15 22:00
  • Moscow: Wed 1-Jul-15 23:00
  • Sydney: Thu 2-Jul-15 06:00

Or in your local time:

Links

Agenda

Extracted from tsc-agenda labelled issues and pull requests prior to meeting.

Invited

Notes

The agenda now comes from issues labelled with tsc-agenda in all 3 repositories listed above. Please label any additional issues that should be on the agenda before the meeting starts. I'm using a tool to fetch the list so it's not a big deal to collate.

Joining the meeting

We are experimenting with BlueJeans for this. If BlueJeans is a pile of fail we'll default back to Uberconference this week, keep that in mind or monitor IRC.

Here is the info they have provided for this meeting:

NOTE: This meeting is intended for TSC members but we do want to have live-sharing of it as well. We are not sure how well this is going to scale having non-TSC members on and watching but if you do join please stay on mute in case we have trouble moderating you into silence! I think this account has a capacity of 25 so if this is super popular then we may have to kick some people off to get the TSC on.

npm update -g is killing npm (v0.12.4, OS X 10.10.3) 

npm update -g

> [email protected] install /usr/local/lib/node_modules/browser-sync/node_modules/chokidar/node_modules/fsevents
> node-gyp rebuild

gyp ERR! UNCAUGHT EXCEPTION 
gyp ERR! stack Error: Cannot find module 'request'
gyp ERR! stack     at Function.Module._resolveFilename (module.js:336:15)
gyp ERR! stack     at Function.Module._load (module.js:278:25)
gyp ERR! stack     at Module.require (module.js:365:17)
gyp ERR! stack     at require (module.js:384:17)
gyp ERR! stack     at Object.<anonymous> (/usr/local/lib/node_modules/npm/node_modules/node-gyp/lib/install.js:20:15)
gyp ERR! stack     at Module._compile (module.js:460:26)
gyp ERR! stack     at Object.Module._extensions..js (module.js:478:10)
gyp ERR! stack     at Module.load (module.js:355:32)
gyp ERR! stack     at Function.Module._load (module.js:310:12)
gyp ERR! stack     at Module.require (module.js:365:17)
gyp ERR! System Darwin 14.3.0
gyp ERR! command "node" "/usr/local/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js" "rebuild"
gyp ERR! cwd /usr/local/lib/node_modules/browser-sync/node_modules/chokidar/node_modules/fsevents
gyp ERR! node -v v0.12.4
gyp ERR! node-gyp -v v1.0.3
gyp ERR! This is a bug in `node-gyp`.
gyp ERR! Try to update node-gyp and file an Issue if it does not help:
gyp ERR!     <https://github.com/TooTallNate/node-gyp/issues>
npm WARN optional dep failed, continuing [email protected]

> [email protected] install /usr/local/lib/node_modules/browser-sync/node_modules/socket.io/node_modules/engine.io/node_modules/ws
> (node-gyp rebuild 2> builderror.log) || (exit 0)


> [email protected] install /usr/local/lib/node_modules/browser-sync/node_modules/socket.io/node_modules/socket.io-client/node_modules/engine.io-client/node_modules/ws
> (node-gyp rebuild 2> builderror.log) || (exit 0)

npm WARN engine [email protected]: wanted: {"node":"~0.10.x"} (current: {"node":"0.12.4","npm":"2.10.1"})
npm WARN engine [email protected]: wanted: {"node":">=0.6","npm":"1"} (current: {"node":"0.12.4","npm":"2.10.1"})
npm WARN engine [email protected]: wanted: {"node":"0.8.x || 0.10.x"} (current: {"node":"0.12.4","npm":"2.10.1"})
/usr/local/bin/browser-sync -> /usr/local/lib/node_modules/browser-sync/bin/browser-sync.js
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/npm requires semver@'~2.0.8' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/semver,
npm WARN unmet dependency which is version 2.1.0
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/npm requires nopt@'~2.1.1' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/nopt,
npm WARN unmet dependency which is version 3.0.1
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/npm requires request@'~2.21.0' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/request,
npm WARN unmet dependency which is version 2.47.0
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/npm requires tar@'~0.1.17' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/tar,
npm WARN unmet dependency which is version 1.0.2
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/npm requires node-gyp@'~0.10.6' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/node-gyp,
npm WARN unmet dependency which is version 2.0.1
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/npm requires glob@'~3.2.3' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/glob,
npm WARN unmet dependency which is version 4.0.6
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/npm requires init-package-json@'0.0.10' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/init-package-json,
npm WARN unmet dependency which is version 1.6.0
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/cordova-js/node_modules/browserify requires through2@'^1.0.0' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/cordova/node_modules/cordova-lib/node_modules/through2,
npm WARN unmet dependency which is version 0.6.3
npm WARN unmet dependency /usr/local/lib/node_modules/node-gyp/node_modules/glob requires minimatch@'^2.0.1' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/node-gyp/node_modules/minimatch,
npm WARN unmet dependency which is version 1.0.0
npm WARN unmet dependency /usr/local/lib/node_modules/generator-bookmarklet/node_modules/yeoman-generator/node_modules/inquirer requires lodash@'^3.3.1' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/generator-bookmarklet/node_modules/yeoman-generator/node_modules/lodash,
npm WARN unmet dependency which is version 2.4.2
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/ionic-app-lib/node_modules/cordova-lib/node_modules/cordova-js requires browserify@'7.1.0' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/browserify,
npm WARN unmet dependency which is version 10.2.4
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/prompt/node_modules/utile requires async@'~0.2.9' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/async,
npm WARN unmet dependency which is version 0.9.2
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/request/node_modules/form-data requires mime-types@'~2.0.3' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/request/node_modules/mime-types,
npm WARN unmet dependency which is version 1.0.2
[email protected] /usr/local/lib/node_modules/browser-sync
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected]
├── [email protected] ([email protected])
├── [email protected]
├── [email protected]
├── [email protected] ([email protected], [email protected], [email protected], [email protected])
├── [email protected] ([email protected])
├── [email protected]
├── [email protected] ([email protected])
├── [email protected] ([email protected], [email protected], [email protected])
├── [email protected] ([email protected], [email protected], [email protected], [email protected])
├── [email protected] ([email protected], [email protected], [email protected], [email protected])
├── [email protected] ([email protected], [email protected])
├── [email protected] ([email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected])
├── [email protected] ([email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected])
├── [email protected] ([email protected])
├── [email protected] ([email protected], [email protected])
├── [email protected] ([email protected], [email protected], [email protected])
├── [email protected]
├── [email protected] ([email protected], [email protected], [email protected], [email protected], [email protected], [email protected])
└── [email protected] ([email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected])
npm WARN installMany normalize-package-data was bundled with [email protected], but bundled package wasn't found in unpacked tree
/usr/local/bin/cordova -> /usr/local/lib/node_modules/cordova/bin/cordova
npm WARN unmet dependency /usr/local/lib/node_modules/generator-bookmarklet/node_modules/yeoman-generator/node_modules/inquirer requires lodash@'^3.3.1' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/generator-bookmarklet/node_modules/yeoman-generator/node_modules/lodash,
npm WARN unmet dependency which is version 2.4.2
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/ionic-app-lib/node_modules/cordova-lib/node_modules/cordova-js requires browserify@'7.1.0' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/browserify,
npm WARN unmet dependency which is version 10.2.4
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/prompt/node_modules/utile requires async@'~0.2.9' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/async,
npm WARN unmet dependency which is version 0.9.2
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/request/node_modules/form-data requires mime-types@'~2.0.3' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/ionic/node_modules/request/node_modules/mime-types,
npm WARN unmet dependency which is version 1.0.2
npm WARN unmet dependency /usr/local/lib/node_modules/node-gyp/node_modules/glob requires minimatch@'^2.0.1' but will load
npm WARN unmet dependency /usr/local/lib/node_modules/node-gyp/node_modules/minimatch,
npm WARN unmet dependency which is version 1.0.0
[email protected] /usr/local/lib/node_modules/cordova
├── [email protected]
├── [email protected]
├── [email protected] ([email protected])
└── [email protected] ([email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected])
npm ERR! Darwin 14.3.0
npm ERR! argv "node" "/usr/local/bin/npm" "update" "-g"
npm ERR! node v0.12.4
npm ERR! npm  v2.10.1
npm ERR! path /usr/local/lib/node_modules/npm/bin/node-gyp-bin
npm ERR! code EACCES
npm ERR! errno -13

npm ERR! Error: EACCES, rmdir '/usr/local/lib/node_modules/npm/bin/node-gyp-bin'
npm ERR!     at Error (native)
npm ERR!  { [Error: EACCES, rmdir '/usr/local/lib/node_modules/npm/bin/node-gyp-bin']
npm ERR!   errno: -13,
npm ERR!   code: 'EACCES',
npm ERR!   path: '/usr/local/lib/node_modules/npm/bin/node-gyp-bin' }
npm ERR! 
npm ERR! Please try running this command again as root/Administrator.
npm ERR! error rolling back Error: EACCES, rmdir '/usr/local/lib/node_modules/npm/html/doc'
npm ERR! error rolling back     at Error (native)
npm ERR! error rolling back  { [Error: EACCES, rmdir '/usr/local/lib/node_modules/npm/html/doc']
npm ERR! error rolling back   errno: -13,
npm ERR! error rolling back   code: 'EACCES',
npm ERR! error rolling back   path: '/usr/local/lib/node_modules/npm/html/doc' }

npm ERR! Please include the following file with any support request:
npm ERR!     /Users/halle3/g+j/youtubeResizer/npm-debug.log
➜  youtubeResizer git:(master) ✗ npm
zsh: command not found: npm

after that, zsh tells me:

command not found: npm

😢

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.