Update root certs to NSS 3.85 #45490
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This is the certdata.txt[0] from NSS 3.85, released on 2022-11-10. This is the version of NSS that will ship in Firefox 108 on 2022-12-13. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_85_RTM/lib/ckfw/builtins/certdata.txt
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - Autoridad de Certificacion Firmaprofesional CIF A62634068 - Certainly Root E1 - Certainly Root R1 - D-TRUST BR Root CA 1 2020 - D-TRUST EV Root CA 1 2020 - DigiCert TLS ECC P384 Root G5 - DigiCert TLS RSA4096 Root G5 - E-Tugra Global Root CA ECC v3 - E-Tugra Global Root CA RSA v3 - HiPKI Root CA - G1 - ISRG Root X2 - Security Communication ECC RootCA1 - Security Communication RootCA3 - Telia Root CA v2 - vTrus ECC Root CA - vTrus Root CA Certificates removed: - Cybertrust Global Root - DST Root CA X3 - GlobalSign Root CA - R2 - Hellenic Academic and Research Institutions RootCA 2011
nodejs-github-bot
added
c++
|
Fixes: #45477 |
github-actions
bot
removed
the
request-ci
addaleax
approved these changes
Nov 16, 2022
jasnell
approved these changes
Nov 16, 2022
13 tasks
bnoordhuis
approved these changes
Nov 17, 2022
richardlau
approved these changes
Nov 17, 2022
richardlau
added
lts-watch-v14.x
lts-watch-v18.x
panva
added
author ready
anonrig
approved these changes
Nov 17, 2022
12 tasks
nodejs-github-bot
added
commit-queue-failed
Commit Queue failed- Loading data for nodejs/node/pull/45490 ✔ Done loading data for nodejs/node/pull/45490 ----------------------------------- PR info ------------------------------------ Title Update root certs to NSS 3.85 (#45490) ⚠ Could not retrieve the email or name of the PR author's from user's GitHub profile! Branch lpinca:update/root-certs -> nodejs:main Labels c++, lib / src, author ready, needs-ci, lts-watch-v14.x, lts-watch-v16.x, lts-watch-v18.x Commits 2 - tools: update certdata.txt - crypto: update root certificates Committers 1 - Luigi Pinca PR-URL: https://github.com/nodejs/node/pull/45490 Reviewed-By: Anna Henningsen Reviewed-By: James M Snell Reviewed-By: Ben Noordhuis Reviewed-By: Richard Lau Reviewed-By: Yagiz Nizipli ------------------------------ Generated metadata ------------------------------ PR-URL: https://github.com/nodejs/node/pull/45490 Reviewed-By: Anna Henningsen Reviewed-By: James M Snell Reviewed-By: Ben Noordhuis Reviewed-By: Richard Lau Reviewed-By: Yagiz Nizipli -------------------------------------------------------------------------------- ℹ This PR was created on Wed, 16 Nov 2022 19:52:23 GMT ✔ Approvals: 5 ✔ - Anna Henningsen (@addaleax): https://github.com/nodejs/node/pull/45490#pullrequestreview-1183447620 ✔ - James M Snell (@jasnell) (TSC): https://github.com/nodejs/node/pull/45490#pullrequestreview-1183468116 ✔ - Ben Noordhuis (@bnoordhuis): https://github.com/nodejs/node/pull/45490#pullrequestreview-1184225621 ✔ - Richard Lau (@richardlau) (TSC): https://github.com/nodejs/node/pull/45490#pullrequestreview-1184296266 ✔ - Yagiz Nizipli (@anonrig): https://github.com/nodejs/node/pull/45490#pullrequestreview-1184712893 ✔ Last GitHub CI successful ℹ Last Full PR CI on 2022-11-16T23:10:33Z: https://ci.nodejs.org/job/node-test-pull-request/47976/ - Querying data for job/node-test-pull-request/47976/ ✔ Last Jenkins CI successful -------------------------------------------------------------------------------- ✔ No git cherry-pick in progress ✔ No git am in progress ✔ No git rebase in progress -------------------------------------------------------------------------------- - Bringing origin/main up to date... From https://github.com/nodejs/node * branch main -> FETCH_HEAD ✔ origin/main is now up-to-date - Downloading patch for 45490 From https://github.com/nodejs/node * branch refs/pull/45490/merge -> FETCH_HEAD ✔ Fetched commits as cb96a130a55f..17cc1dd603c5 -------------------------------------------------------------------------------- [main ede7e8516c] tools: update certdata.txt Author: Luigi Pinca Date: Wed Nov 16 18:52:16 2022 +0100 1 file changed, 7171 insertions(+), 5350 deletions(-) [main cc7eb894b0] crypto: update root certificates Author: Luigi Pinca Date: Wed Nov 16 19:08:14 2022 +0100 1 file changed, 474 insertions(+), 189 deletions(-) ✔ Patches applied There are 2 commits in the PR. Attempting autorebase. Rebasing (2/4)
Certificates removed:
PR-URL: #45490
|
lpinca
added
commit-queue
nodejs-github-bot
removed
the
commit-queue
|
Landed in cb96a13...c74dbd2 |
danielleadams
pushed a commit
that referenced
this pull request
Dec 30, 2022
This is the certdata.txt[0] from NSS 3.85, released on 2022-11-10. This is the version of NSS that will ship in Firefox 108 on 2022-12-13. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_85_RTM/lib/ckfw/builtins/certdata.txt PR-URL: #45490 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
danielleadams
pushed a commit
that referenced
this pull request
Dec 30, 2022
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - Autoridad de Certificacion Firmaprofesional CIF A62634068 - Certainly Root E1 - Certainly Root R1 - D-TRUST BR Root CA 1 2020 - D-TRUST EV Root CA 1 2020 - DigiCert TLS ECC P384 Root G5 - DigiCert TLS RSA4096 Root G5 - E-Tugra Global Root CA ECC v3 - E-Tugra Global Root CA RSA v3 - HiPKI Root CA - G1 - ISRG Root X2 - Security Communication ECC RootCA1 - Security Communication RootCA3 - Telia Root CA v2 - vTrus ECC Root CA - vTrus Root CA Certificates removed: - Cybertrust Global Root - DST Root CA X3 - GlobalSign Root CA - R2 - Hellenic Academic and Research Institutions RootCA 2011 PR-URL: #45490 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
danielleadams
added a commit
that referenced
this pull request
Dec 30, 2022
Notable changes: Add support for externally shared js builtins: By default Node.js is built so that all dependencies are bundled into the Node.js binary itself. Some Node.js distributions prefer to manage dependencies externally. There are existing build options that allow dependencies with native code to be externalized. This commit adds additional options so that dependencies with JavaScript code (including WASM) can also be externalized. This addition does not affect binaries shipped by the Node.js project but will allow other distributions to externalize additional dependencies when needed. Contributed by Michael Dawson in #44376 fs.watch recursive support on Linux: `fs.watch` supports recursive watch using the `recursive: true` option. ```js const watcher = fs.watch(testDirectory, { recursive: true }); watcher.on('change', function(event, filename) { }); ``` Contributed by Yagiz Nizipli in #45098 Support function mocking on Node.js test runner: The `node:test` module supports mocking during testing via a top-level `mock` object. ```js test('spies on an object method', (t) => { const number = { value: 5, add(a) { return this.value + a; }, }; t.mock.method(number, 'add'); assert.strictEqual(number.add(3), 8); assert.strictEqual(number.add.mock.calls.length, 1); }); ``` Contributed by Colin Ihrig in #45326 Other notable changes: buffer: * (SEMVER-MINOR) introduce File (Khafra) #45139 build: * disable v8 snapshot compression by default (Joyee Cheung) #45716 crypto: * update root certificates (Luigi Pinca) #45490 deps: * update ICU to 72.1 (Michaël Zasso) #45068 doc: * add doc-only deprecation for headers/trailers setters (Rich Trott) #45697 * add Rafael to the tsc (Michael Dawson) #45691 * deprecate use of invalid ports in `url.parse` (Antoine du Hamel) #45576 * add lukekarrys to collaborators (Luke Karrys) #45180 * add anonrig to collaborators (Yagiz Nizipli) #45002 * deprecate url.parse() (Rich Trott) #44919 lib: * drop fetch experimental warning (Matteo Collina) #45287 net: * (SEMVER-MINOR) add autoSelectFamily and autoSelectFamilyAttemptTimeout options (Paolo Insogna) #44731 * src: * (SEMVER-MINOR) add uvwasi version (Jithil P Ponnan) #45639 * (SEMVER-MINOR) add initial shadow realm support (Chengzhong Wu) #42869 test_runner: * (SEMVER-MINOR) add t.after() hook (Colin Ihrig) #45792 * (SEMVER-MINOR) don't use a symbol for runHook() (Colin Ihrig) #45792 tls: * (SEMVER-MINOR) add "ca" property to certificate object (Ben Noordhuis) #44935 * remove trustcor root ca certificates (Ben Noordhuis) #45776 tools: * update certdata.txt (Luigi Pinca) #45490 util: * add fast path for utf8 encoding (Yagiz Nizipli) #45412 * improve textdecoder decode performance (Yagiz Nizipli) #45294 * (SEMVER-MINOR) add MIME utilities (#21128) (Bradley Farias) #21128 PR-URL: #46025
danielleadams
added a commit
that referenced
this pull request
Dec 31, 2022
Notable changes: Add support for externally shared js builtins: By default Node.js is built so that all dependencies are bundled into the Node.js binary itself. Some Node.js distributions prefer to manage dependencies externally. There are existing build options that allow dependencies with native code to be externalized. This commit adds additional options so that dependencies with JavaScript code (including WASM) can also be externalized. This addition does not affect binaries shipped by the Node.js project but will allow other distributions to externalize additional dependencies when needed. Contributed by Michael Dawson in #44376 Introduce `File`: The File class is part of the [FileAPI](https://w3c.github.io/FileAPI/). It can be used anywhere a Blob can, for example in `URL.createObjectURL` and `FormData`. It contains two properties that Blobs do not have: `lastModified`, the last time the file was modified in ms, and `name`, the name of the file. Contributed by Khafra in #45139 Support function mocking on Node.js test runner: The `node:test` module supports mocking during testing via a top-level `mock` object. ```js test('spies on an object method', (t) => { const number = { value: 5, add(a) { return this.value + a; }, }; t.mock.method(number, 'add'); assert.strictEqual(number.add(3), 8); assert.strictEqual(number.add.mock.calls.length, 1); }); ``` Contributed by Colin Ihrig in #45326 Other notable changes: build: * disable v8 snapshot compression by default (Joyee Cheung) #45716 crypto: * update root certificates (Luigi Pinca) #45490 deps: * update ICU to 72.1 (Michaël Zasso) #45068 doc: * add doc-only deprecation for headers/trailers setters (Rich Trott) #45697 * add Rafael to the tsc (Michael Dawson) #45691 * deprecate use of invalid ports in `url.parse` (Antoine du Hamel) #45576 * add lukekarrys to collaborators (Luke Karrys) #45180 * add anonrig to collaborators (Yagiz Nizipli) #45002 * deprecate url.parse() (Rich Trott) #44919 lib: * drop fetch experimental warning (Matteo Collina) #45287 net: * (SEMVER-MINOR) add autoSelectFamily and autoSelectFamilyAttemptTimeout options (Paolo Insogna) #44731 * src: * (SEMVER-MINOR) add uvwasi version (Jithil P Ponnan) #45639 * (SEMVER-MINOR) add initial shadow realm support (Chengzhong Wu) #42869 test_runner: * (SEMVER-MINOR) add t.after() hook (Colin Ihrig) #45792 * (SEMVER-MINOR) don't use a symbol for runHook() (Colin Ihrig) #45792 tls: * (SEMVER-MINOR) add "ca" property to certificate object (Ben Noordhuis) #44935 * remove trustcor root ca certificates (Ben Noordhuis) #45776 tools: * update certdata.txt (Luigi Pinca) #45490 util: * add fast path for utf8 encoding (Yagiz Nizipli) #45412 * improve textdecoder decode performance (Yagiz Nizipli) #45294 * (SEMVER-MINOR) add MIME utilities (#21128) (Bradley Farias) #21128 PR-URL: #46025
danielleadams
added a commit
that referenced
this pull request
Dec 31, 2022
Notable changes: Add support for externally shared js builtins: By default Node.js is built so that all dependencies are bundled into the Node.js binary itself. Some Node.js distributions prefer to manage dependencies externally. There are existing build options that allow dependencies with native code to be externalized. This commit adds additional options so that dependencies with JavaScript code (including WASM) can also be externalized. This addition does not affect binaries shipped by the Node.js project but will allow other distributions to externalize additional dependencies when needed. Contributed by Michael Dawson in #44376 Introduce `File`: The File class is part of the [FileAPI](https://w3c.github.io/FileAPI/). It can be used anywhere a Blob can, for example in `URL.createObjectURL` and `FormData`. It contains two properties that Blobs do not have: `lastModified`, the last time the file was modified in ms, and `name`, the name of the file. Contributed by Khafra in #45139 Support function mocking on Node.js test runner: The `node:test` module supports mocking during testing via a top-level `mock` object. ```js test('spies on an object method', (t) => { const number = { value: 5, add(a) { return this.value + a; }, }; t.mock.method(number, 'add'); assert.strictEqual(number.add(3), 8); assert.strictEqual(number.add.mock.calls.length, 1); }); ``` Contributed by Colin Ihrig in #45326 Other notable changes: build: * disable v8 snapshot compression by default (Joyee Cheung) #45716 crypto: * update root certificates (Luigi Pinca) #45490 deps: * update ICU to 72.1 (Michaël Zasso) #45068 doc: * add doc-only deprecation for headers/trailers setters (Rich Trott) #45697 * add Rafael to the tsc (Michael Dawson) #45691 * deprecate use of invalid ports in `url.parse` (Antoine du Hamel) #45576 * add lukekarrys to collaborators (Luke Karrys) #45180 * add anonrig to collaborators (Yagiz Nizipli) #45002 * deprecate url.parse() (Rich Trott) #44919 lib: * drop fetch experimental warning (Matteo Collina) #45287 net: * (SEMVER-MINOR) add autoSelectFamily and autoSelectFamilyAttemptTimeout options (Paolo Insogna) #44731 * src: * (SEMVER-MINOR) add uvwasi version (Jithil P Ponnan) #45639 * (SEMVER-MINOR) add initial shadow realm support (Chengzhong Wu) #42869 test_runner: * (SEMVER-MINOR) add t.after() hook (Colin Ihrig) #45792 * (SEMVER-MINOR) don't use a symbol for runHook() (Colin Ihrig) #45792 tls: * (SEMVER-MINOR) add "ca" property to certificate object (Ben Noordhuis) #44935 * remove trustcor root ca certificates (Ben Noordhuis) #45776 tools: * update certdata.txt (Luigi Pinca) #45490 util: * add fast path for utf8 encoding (Yagiz Nizipli) #45412 * improve textdecoder decode performance (Yagiz Nizipli) #45294 * (SEMVER-MINOR) add MIME utilities (#21128) (Bradley Farias) #21128 PR-URL: #46025
guangwong
pushed a commit
to noslate-project/node
that referenced
this pull request
Jan 3, 2023
This is the certdata.txt[0] from NSS 3.85, released on 2022-11-10. This is the version of NSS that will ship in Firefox 108 on 2022-12-13. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_85_RTM/lib/ckfw/builtins/certdata.txt PR-URL: nodejs/node#45490 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
guangwong
pushed a commit
to noslate-project/node
that referenced
this pull request
Jan 3, 2023
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - Autoridad de Certificacion Firmaprofesional CIF A62634068 - Certainly Root E1 - Certainly Root R1 - D-TRUST BR Root CA 1 2020 - D-TRUST EV Root CA 1 2020 - DigiCert TLS ECC P384 Root G5 - DigiCert TLS RSA4096 Root G5 - E-Tugra Global Root CA ECC v3 - E-Tugra Global Root CA RSA v3 - HiPKI Root CA - G1 - ISRG Root X2 - Security Communication ECC RootCA1 - Security Communication RootCA3 - Telia Root CA v2 - vTrus ECC Root CA - vTrus Root CA Certificates removed: - Cybertrust Global Root - DST Root CA X3 - GlobalSign Root CA - R2 - Hellenic Academic and Research Institutions RootCA 2011 PR-URL: nodejs/node#45490 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
guangwong
pushed a commit
to noslate-project/node
that referenced
this pull request
Jan 3, 2023
This is the certdata.txt[0] from NSS 3.85, released on 2022-11-10. This is the version of NSS that will ship in Firefox 108 on 2022-12-13. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_85_RTM/lib/ckfw/builtins/certdata.txt PR-URL: nodejs/node#45490 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
guangwong
pushed a commit
to noslate-project/node
that referenced
this pull request
Jan 3, 2023
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - Autoridad de Certificacion Firmaprofesional CIF A62634068 - Certainly Root E1 - Certainly Root R1 - D-TRUST BR Root CA 1 2020 - D-TRUST EV Root CA 1 2020 - DigiCert TLS ECC P384 Root G5 - DigiCert TLS RSA4096 Root G5 - E-Tugra Global Root CA ECC v3 - E-Tugra Global Root CA RSA v3 - HiPKI Root CA - G1 - ISRG Root X2 - Security Communication ECC RootCA1 - Security Communication RootCA3 - Telia Root CA v2 - vTrus ECC Root CA - vTrus Root CA Certificates removed: - Cybertrust Global Root - DST Root CA X3 - GlobalSign Root CA - R2 - Hellenic Academic and Research Institutions RootCA 2011 PR-URL: nodejs/node#45490 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
danielleadams
pushed a commit
that referenced
this pull request
Jan 3, 2023
This is the certdata.txt[0] from NSS 3.85, released on 2022-11-10. This is the version of NSS that will ship in Firefox 108 on 2022-12-13. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_85_RTM/lib/ckfw/builtins/certdata.txt PR-URL: #45490 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
danielleadams
pushed a commit
that referenced
this pull request
Jan 3, 2023
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - Autoridad de Certificacion Firmaprofesional CIF A62634068 - Certainly Root E1 - Certainly Root R1 - D-TRUST BR Root CA 1 2020 - D-TRUST EV Root CA 1 2020 - DigiCert TLS ECC P384 Root G5 - DigiCert TLS RSA4096 Root G5 - E-Tugra Global Root CA ECC v3 - E-Tugra Global Root CA RSA v3 - HiPKI Root CA - G1 - ISRG Root X2 - Security Communication ECC RootCA1 - Security Communication RootCA3 - Telia Root CA v2 - vTrus ECC Root CA - vTrus Root CA Certificates removed: - Cybertrust Global Root - DST Root CA X3 - GlobalSign Root CA - R2 - Hellenic Academic and Research Institutions RootCA 2011 PR-URL: #45490 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
danielleadams
added a commit
that referenced
this pull request
Jan 3, 2023
Notable changes: Add support for externally shared js builtins: By default Node.js is built so that all dependencies are bundled into the Node.js binary itself. Some Node.js distributions prefer to manage dependencies externally. There are existing build options that allow dependencies with native code to be externalized. This commit adds additional options so that dependencies with JavaScript code (including WASM) can also be externalized. This addition does not affect binaries shipped by the Node.js project but will allow other distributions to externalize additional dependencies when needed. Contributed by Michael Dawson in #44376 Introduce `File`: The File class is part of the [FileAPI](https://w3c.github.io/FileAPI/). It can be used anywhere a Blob can, for example in `URL.createObjectURL` and `FormData`. It contains two properties that Blobs do not have: `lastModified`, the last time the file was modified in ms, and `name`, the name of the file. Contributed by Khafra in #45139 Support function mocking on Node.js test runner: The `node:test` module supports mocking during testing via a top-level `mock` object. ```js test('spies on an object method', (t) => { const number = { value: 5, add(a) { return this.value + a; }, }; t.mock.method(number, 'add'); assert.strictEqual(number.add(3), 8); assert.strictEqual(number.add.mock.calls.length, 1); }); ``` Contributed by Colin Ihrig in #45326 Other notable changes: build: * disable v8 snapshot compression by default (Joyee Cheung) #45716 crypto: * update root certificates (Luigi Pinca) #45490 deps: * update ICU to 72.1 (Michaël Zasso) #45068 doc: * add doc-only deprecation for headers/trailers setters (Rich Trott) #45697 * add Rafael to the tsc (Michael Dawson) #45691 * deprecate use of invalid ports in `url.parse` (Antoine du Hamel) #45576 * add lukekarrys to collaborators (Luke Karrys) #45180 * add anonrig to collaborators (Yagiz Nizipli) #45002 * deprecate url.parse() (Rich Trott) #44919 lib: * drop fetch experimental warning (Matteo Collina) #45287 net: * (SEMVER-MINOR) add autoSelectFamily and autoSelectFamilyAttemptTimeout options (Paolo Insogna) #44731 * src: * (SEMVER-MINOR) add uvwasi version (Jithil P Ponnan) #45639 * (SEMVER-MINOR) add initial shadow realm support (Chengzhong Wu) #42869 test_runner: * (SEMVER-MINOR) add t.after() hook (Colin Ihrig) #45792 * (SEMVER-MINOR) don't use a symbol for runHook() (Colin Ihrig) #45792 tls: * (SEMVER-MINOR) add "ca" property to certificate object (Ben Noordhuis) #44935 * remove trustcor root ca certificates (Ben Noordhuis) #45776 tools: * update certdata.txt (Luigi Pinca) #45490 util: * add fast path for utf8 encoding (Yagiz Nizipli) #45412 * improve textdecoder decode performance (Yagiz Nizipli) #45294 * (SEMVER-MINOR) add MIME utilities (#21128) (Bradley Farias) #21128 PR-URL: #46025
danielleadams
pushed a commit
that referenced
this pull request
Jan 4, 2023
This is the certdata.txt[0] from NSS 3.85, released on 2022-11-10. This is the version of NSS that will ship in Firefox 108 on 2022-12-13. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_85_RTM/lib/ckfw/builtins/certdata.txt PR-URL: #45490 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
danielleadams
pushed a commit
that referenced
this pull request
Jan 4, 2023
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - Autoridad de Certificacion Firmaprofesional CIF A62634068 - Certainly Root E1 - Certainly Root R1 - D-TRUST BR Root CA 1 2020 - D-TRUST EV Root CA 1 2020 - DigiCert TLS ECC P384 Root G5 - DigiCert TLS RSA4096 Root G5 - E-Tugra Global Root CA ECC v3 - E-Tugra Global Root CA RSA v3 - HiPKI Root CA - G1 - ISRG Root X2 - Security Communication ECC RootCA1 - Security Communication RootCA3 - Telia Root CA v2 - vTrus ECC Root CA - vTrus Root CA Certificates removed: - Cybertrust Global Root - DST Root CA X3 - GlobalSign Root CA - R2 - Hellenic Academic and Research Institutions RootCA 2011 PR-URL: #45490 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
danielleadams
added a commit
that referenced
this pull request
Jan 4, 2023
Notable changes: Add support for externally shared js builtins: By default Node.js is built so that all dependencies are bundled into the Node.js binary itself. Some Node.js distributions prefer to manage dependencies externally. There are existing build options that allow dependencies with native code to be externalized. This commit adds additional options so that dependencies with JavaScript code (including WASM) can also be externalized. This addition does not affect binaries shipped by the Node.js project but will allow other distributions to externalize additional dependencies when needed. Contributed by Michael Dawson in #44376 Introduce `File`: The File class is part of the [FileAPI](https://w3c.github.io/FileAPI/). It can be used anywhere a Blob can, for example in `URL.createObjectURL` and `FormData`. It contains two properties that Blobs do not have: `lastModified`, the last time the file was modified in ms, and `name`, the name of the file. Contributed by Khafra in #45139 Support function mocking on Node.js test runner: The `node:test` module supports mocking during testing via a top-level `mock` object. ```js test('spies on an object method', (t) => { const number = { value: 5, add(a) { return this.value + a; }, }; t.mock.method(number, 'add'); assert.strictEqual(number.add(3), 8); assert.strictEqual(number.add.mock.calls.length, 1); }); ``` Contributed by Colin Ihrig in #45326 Other notable changes: build: * disable v8 snapshot compression by default (Joyee Cheung) #45716 crypto: * update root certificates (Luigi Pinca) #45490 deps: * update ICU to 72.1 (Michaël Zasso) #45068 doc: * add doc-only deprecation for headers/trailers setters (Rich Trott) #45697 * add Rafael to the tsc (Michael Dawson) #45691 * deprecate use of invalid ports in `url.parse` (Antoine du Hamel) #45576 * add lukekarrys to collaborators (Luke Karrys) #45180 * add anonrig to collaborators (Yagiz Nizipli) #45002 * deprecate url.parse() (Rich Trott) #44919 lib: * drop fetch experimental warning (Matteo Collina) #45287 net: * (SEMVER-MINOR) add autoSelectFamily and autoSelectFamilyAttemptTimeout options (Paolo Insogna) #44731 * src: * (SEMVER-MINOR) add uvwasi version (Jithil P Ponnan) #45639 * (SEMVER-MINOR) add initial shadow realm support (Chengzhong Wu) #42869 test_runner: * (SEMVER-MINOR) add t.after() hook (Colin Ihrig) #45792 * (SEMVER-MINOR) don't use a symbol for runHook() (Colin Ihrig) #45792 tls: * (SEMVER-MINOR) add "ca" property to certificate object (Ben Noordhuis) #44935 * remove trustcor root ca certificates (Ben Noordhuis) #45776 tools: * update certdata.txt (Luigi Pinca) #45490 util: * add fast path for utf8 encoding (Yagiz Nizipli) #45412 * improve textdecoder decode performance (Yagiz Nizipli) #45294 * (SEMVER-MINOR) add MIME utilities (#21128) (Bradley Farias) #21128 PR-URL: #46025
danielleadams
added a commit
that referenced
this pull request
Jan 4, 2023
Notable changes: Add support for externally shared js builtins: By default Node.js is built so that all dependencies are bundled into the Node.js binary itself. Some Node.js distributions prefer to manage dependencies externally. There are existing build options that allow dependencies with native code to be externalized. This commit adds additional options so that dependencies with JavaScript code (including WASM) can also be externalized. This addition does not affect binaries shipped by the Node.js project but will allow other distributions to externalize additional dependencies when needed. Contributed by Michael Dawson in #44376 Introduce `File`: The File class is part of the [FileAPI](https://w3c.github.io/FileAPI/). It can be used anywhere a Blob can, for example in `URL.createObjectURL` and `FormData`. It contains two properties that Blobs do not have: `lastModified`, the last time the file was modified in ms, and `name`, the name of the file. Contributed by Khafra in #45139 Support function mocking on Node.js test runner: The `node:test` module supports mocking during testing via a top-level `mock` object. ```js test('spies on an object method', (t) => { const number = { value: 5, add(a) { return this.value + a; }, }; t.mock.method(number, 'add'); assert.strictEqual(number.add(3), 8); assert.strictEqual(number.add.mock.calls.length, 1); }); ``` Contributed by Colin Ihrig in #45326 Other notable changes: build: * disable v8 snapshot compression by default (Joyee Cheung) #45716 crypto: * update root certificates (Luigi Pinca) #45490 deps: * update ICU to 72.1 (Michaël Zasso) #45068 doc: * add doc-only deprecation for headers/trailers setters (Rich Trott) #45697 * add Rafael to the tsc (Michael Dawson) #45691 * deprecate use of invalid ports in `url.parse` (Antoine du Hamel) #45576 * add lukekarrys to collaborators (Luke Karrys) #45180 * add anonrig to collaborators (Yagiz Nizipli) #45002 * deprecate url.parse() (Rich Trott) #44919 lib: * drop fetch experimental warning (Matteo Collina) #45287 net: * (SEMVER-MINOR) add autoSelectFamily and autoSelectFamilyAttemptTimeout options (Paolo Insogna) #44731 * src: * (SEMVER-MINOR) add uvwasi version (Jithil P Ponnan) #45639 * (SEMVER-MINOR) add initial shadow realm support (Chengzhong Wu) #42869 test_runner: * (SEMVER-MINOR) add t.after() hook (Colin Ihrig) #45792 * (SEMVER-MINOR) don't use a symbol for runHook() (Colin Ihrig) #45792 tls: * (SEMVER-MINOR) add "ca" property to certificate object (Ben Noordhuis) #44935 * remove trustcor root ca certificates (Ben Noordhuis) #45776 tools: * update certdata.txt (Luigi Pinca) #45490 util: * add fast path for utf8 encoding (Yagiz Nizipli) #45412 * improve textdecoder decode performance (Yagiz Nizipli) #45294 * (SEMVER-MINOR) add MIME utilities (#21128) (Bradley Farias) #21128 PR-URL: #46025
danielleadams
pushed a commit
that referenced
this pull request
Jan 5, 2023
This is the certdata.txt[0] from NSS 3.85, released on 2022-11-10. This is the version of NSS that will ship in Firefox 108 on 2022-12-13. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_85_RTM/lib/ckfw/builtins/certdata.txt PR-URL: #45490 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
danielleadams
pushed a commit
that referenced
this pull request
Jan 5, 2023
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - Autoridad de Certificacion Firmaprofesional CIF A62634068 - Certainly Root E1 - Certainly Root R1 - D-TRUST BR Root CA 1 2020 - D-TRUST EV Root CA 1 2020 - DigiCert TLS ECC P384 Root G5 - DigiCert TLS RSA4096 Root G5 - E-Tugra Global Root CA ECC v3 - E-Tugra Global Root CA RSA v3 - HiPKI Root CA - G1 - ISRG Root X2 - Security Communication ECC RootCA1 - Security Communication RootCA3 - Telia Root CA v2 - vTrus ECC Root CA - vTrus Root CA Certificates removed: - Cybertrust Global Root - DST Root CA X3 - GlobalSign Root CA - R2 - Hellenic Academic and Research Institutions RootCA 2011 PR-URL: #45490 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
danielleadams
added a commit
that referenced
this pull request
Jan 5, 2023
Notable changes: Add support for externally shared js builtins: By default Node.js is built so that all dependencies are bundled into the Node.js binary itself. Some Node.js distributions prefer to manage dependencies externally. There are existing build options that allow dependencies with native code to be externalized. This commit adds additional options so that dependencies with JavaScript code (including WASM) can also be externalized. This addition does not affect binaries shipped by the Node.js project but will allow other distributions to externalize additional dependencies when needed. Contributed by Michael Dawson in #44376 Introduce `File`: The File class is part of the [FileAPI](https://w3c.github.io/FileAPI/). It can be used anywhere a Blob can, for example in `URL.createObjectURL` and `FormData`. It contains two properties that Blobs do not have: `lastModified`, the last time the file was modified in ms, and `name`, the name of the file. Contributed by Khafra in #45139 Support function mocking on Node.js test runner: The `node:test` module supports mocking during testing via a top-level `mock` object. ```js test('spies on an object method', (t) => { const number = { value: 5, add(a) { return this.value + a; }, }; t.mock.method(number, 'add'); assert.strictEqual(number.add(3), 8); assert.strictEqual(number.add.mock.calls.length, 1); }); ``` Contributed by Colin Ihrig in #45326 Other notable changes: build: * disable v8 snapshot compression by default (Joyee Cheung) #45716 crypto: * update root certificates (Luigi Pinca) #45490 deps: * update ICU to 72.1 (Michaël Zasso) #45068 doc: * add doc-only deprecation for headers/trailers setters (Rich Trott) #45697 * add Rafael to the tsc (Michael Dawson) #45691 * deprecate use of invalid ports in `url.parse` (Antoine du Hamel) #45576 * add lukekarrys to collaborators (Luke Karrys) #45180 * add anonrig to collaborators (Yagiz Nizipli) #45002 * deprecate url.parse() (Rich Trott) #44919 lib: * drop fetch experimental warning (Matteo Collina) #45287 net: * (SEMVER-MINOR) add autoSelectFamily and autoSelectFamilyAttemptTimeout options (Paolo Insogna) #44731 * src: * (SEMVER-MINOR) add uvwasi version (Jithil P Ponnan) #45639 * (SEMVER-MINOR) add initial shadow realm support (Chengzhong Wu) #42869 test_runner: * (SEMVER-MINOR) add t.after() hook (Colin Ihrig) #45792 * (SEMVER-MINOR) don't use a symbol for runHook() (Colin Ihrig) #45792 tls: * (SEMVER-MINOR) add "ca" property to certificate object (Ben Noordhuis) #44935 * remove trustcor root ca certificates (Ben Noordhuis) #45776 tools: * update certdata.txt (Luigi Pinca) #45490 util: * add fast path for utf8 encoding (Yagiz Nizipli) #45412 * improve textdecoder decode performance (Yagiz Nizipli) #45294 * (SEMVER-MINOR) add MIME utilities (#21128) (Bradley Farias) #21128 PR-URL: #46025
danielleadams
added a commit
that referenced
this pull request
Jan 5, 2023
Notable changes: Add support for externally shared js builtins: By default Node.js is built so that all dependencies are bundled into the Node.js binary itself. Some Node.js distributions prefer to manage dependencies externally. There are existing build options that allow dependencies with native code to be externalized. This commit adds additional options so that dependencies with JavaScript code (including WASM) can also be externalized. This addition does not affect binaries shipped by the Node.js project but will allow other distributions to externalize additional dependencies when needed. Contributed by Michael Dawson in #44376 Introduce `File`: The File class is part of the [FileAPI](https://w3c.github.io/FileAPI/). It can be used anywhere a Blob can, for example in `URL.createObjectURL` and `FormData`. It contains two properties that Blobs do not have: `lastModified`, the last time the file was modified in ms, and `name`, the name of the file. Contributed by Khafra in #45139 Support function mocking on Node.js test runner: The `node:test` module supports mocking during testing via a top-level `mock` object. ```js test('spies on an object method', (t) => { const number = { value: 5, add(a) { return this.value + a; }, }; t.mock.method(number, 'add'); assert.strictEqual(number.add(3), 8); assert.strictEqual(number.add.mock.calls.length, 1); }); ``` Contributed by Colin Ihrig in #45326 Other notable changes: build: * disable v8 snapshot compression by default (Joyee Cheung) #45716 crypto: * update root certificates (Luigi Pinca) #45490 deps: * update ICU to 72.1 (Michaël Zasso) #45068 doc: * add doc-only deprecation for headers/trailers setters (Rich Trott) #45697 * add Rafael to the tsc (Michael Dawson) #45691 * deprecate use of invalid ports in `url.parse` (Antoine du Hamel) #45576 * add lukekarrys to collaborators (Luke Karrys) #45180 * add anonrig to collaborators (Yagiz Nizipli) #45002 * deprecate url.parse() (Rich Trott) #44919 lib: * drop fetch experimental warning (Matteo Collina) #45287 net: * (SEMVER-MINOR) add autoSelectFamily and autoSelectFamilyAttemptTimeout options (Paolo Insogna) #44731 * src: * (SEMVER-MINOR) add uvwasi version (Jithil P Ponnan) #45639 * (SEMVER-MINOR) add initial shadow realm support (Chengzhong Wu) #42869 test_runner: * (SEMVER-MINOR) add t.after() hook (Colin Ihrig) #45792 * (SEMVER-MINOR) don't use a symbol for runHook() (Colin Ihrig) #45792 tls: * (SEMVER-MINOR) add "ca" property to certificate object (Ben Noordhuis) #44935 * remove trustcor root ca certificates (Ben Noordhuis) #45776 tools: * update certdata.txt (Luigi Pinca) #45490 util: * add fast path for utf8 encoding (Yagiz Nizipli) #45412 * improve textdecoder decode performance (Yagiz Nizipli) #45294 * (SEMVER-MINOR) add MIME utilities (#21128) (Bradley Farias) #21128 PR-URL: #46025
danielleadams
added a commit
that referenced
this pull request
Jan 5, 2023
Notable changes: Add support for externally shared js builtins: By default Node.js is built so that all dependencies are bundled into the Node.js binary itself. Some Node.js distributions prefer to manage dependencies externally. There are existing build options that allow dependencies with native code to be externalized. This commit adds additional options so that dependencies with JavaScript code (including WASM) can also be externalized. This addition does not affect binaries shipped by the Node.js project but will allow other distributions to externalize additional dependencies when needed. Contributed by Michael Dawson in #44376 Introduce `File`: The File class is part of the [FileAPI](https://w3c.github.io/FileAPI/). It can be used anywhere a Blob can, for example in `URL.createObjectURL` and `FormData`. It contains two properties that Blobs do not have: `lastModified`, the last time the file was modified in ms, and `name`, the name of the file. Contributed by Khafra in #45139 Support function mocking on Node.js test runner: The `node:test` module supports mocking during testing via a top-level `mock` object. ```js test('spies on an object method', (t) => { const number = { value: 5, add(a) { return this.value + a; }, }; t.mock.method(number, 'add'); assert.strictEqual(number.add(3), 8); assert.strictEqual(number.add.mock.calls.length, 1); }); ``` Contributed by Colin Ihrig in #45326 Other notable changes: build: * disable v8 snapshot compression by default (Joyee Cheung) #45716 crypto: * update root certificates (Luigi Pinca) #45490 deps: * update ICU to 72.1 (Michaël Zasso) #45068 doc: * add doc-only deprecation for headers/trailers setters (Rich Trott) #45697 * add Rafael to the tsc (Michael Dawson) #45691 * deprecate use of invalid ports in `url.parse` (Antoine du Hamel) #45576 * add lukekarrys to collaborators (Luke Karrys) #45180 * add anonrig to collaborators (Yagiz Nizipli) #45002 * deprecate url.parse() (Rich Trott) #44919 lib: * drop fetch experimental warning (Matteo Collina) #45287 net: * (SEMVER-MINOR) add autoSelectFamily and autoSelectFamilyAttemptTimeout options (Paolo Insogna) #44731 * src: * (SEMVER-MINOR) add uvwasi version (Jithil P Ponnan) #45639 * (SEMVER-MINOR) add initial shadow realm support (Chengzhong Wu) #42869 test_runner: * (SEMVER-MINOR) add t.after() hook (Colin Ihrig) #45792 * (SEMVER-MINOR) don't use a symbol for runHook() (Colin Ihrig) #45792 tls: * (SEMVER-MINOR) add "ca" property to certificate object (Ben Noordhuis) #44935 * remove trustcor root ca certificates (Ben Noordhuis) #45776 tools: * update certdata.txt (Luigi Pinca) #45490 util: * add fast path for utf8 encoding (Yagiz Nizipli) #45412 * improve textdecoder decode performance (Yagiz Nizipli) #45294 * (SEMVER-MINOR) add MIME utilities (#21128) (Bradley Farias) #21128 PR-URL: #46025
danielleadams
added a commit
that referenced
this pull request
Jan 6, 2023
Notable changes: Add support for externally shared js builtins: By default Node.js is built so that all dependencies are bundled into the Node.js binary itself. Some Node.js distributions prefer to manage dependencies externally. There are existing build options that allow dependencies with native code to be externalized. This commit adds additional options so that dependencies with JavaScript code (including WASM) can also be externalized. This addition does not affect binaries shipped by the Node.js project but will allow other distributions to externalize additional dependencies when needed. Contributed by Michael Dawson in #44376 Introduce `File`: The File class is part of the [FileAPI](https://w3c.github.io/FileAPI/). It can be used anywhere a Blob can, for example in `URL.createObjectURL` and `FormData`. It contains two properties that Blobs do not have: `lastModified`, the last time the file was modified in ms, and `name`, the name of the file. Contributed by Khafra in #45139 Support function mocking on Node.js test runner: The `node:test` module supports mocking during testing via a top-level `mock` object. ```js test('spies on an object method', (t) => { const number = { value: 5, add(a) { return this.value + a; }, }; t.mock.method(number, 'add'); assert.strictEqual(number.add(3), 8); assert.strictEqual(number.add.mock.calls.length, 1); }); ``` Contributed by Colin Ihrig in #45326 Other notable changes: build: * disable v8 snapshot compression by default (Joyee Cheung) #45716 crypto: * update root certificates (Luigi Pinca) #45490 deps: * update ICU to 72.1 (Michaël Zasso) #45068 doc: * add doc-only deprecation for headers/trailers setters (Rich Trott) #45697 * add Rafael to the tsc (Michael Dawson) #45691 * deprecate use of invalid ports in `url.parse` (Antoine du Hamel) #45576 * add lukekarrys to collaborators (Luke Karrys) #45180 * add anonrig to collaborators (Yagiz Nizipli) #45002 * deprecate url.parse() (Rich Trott) #44919 lib: * drop fetch experimental warning (Matteo Collina) #45287 net: * (SEMVER-MINOR) add autoSelectFamily and autoSelectFamilyAttemptTimeout options (Paolo Insogna) #44731 * src: * (SEMVER-MINOR) add uvwasi version (Jithil P Ponnan) #45639 * (SEMVER-MINOR) add initial shadow realm support (Chengzhong Wu) #42869 test_runner: * (SEMVER-MINOR) add t.after() hook (Colin Ihrig) #45792 * (SEMVER-MINOR) don't use a symbol for runHook() (Colin Ihrig) #45792 tls: * (SEMVER-MINOR) add "ca" property to certificate object (Ben Noordhuis) #44935 * remove trustcor root ca certificates (Ben Noordhuis) #45776 tools: * update certdata.txt (Luigi Pinca) #45490 util: * add fast path for utf8 encoding (Yagiz Nizipli) #45412 * improve textdecoder decode performance (Yagiz Nizipli) #45294 * (SEMVER-MINOR) add MIME utilities (#21128) (Bradley Farias) #21128 PR-URL: #46025
richardlau
added
backported-to-v14.x
backported-to-v18.x
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Update the root certs as per the instructions in https://github.com/nodejs/node/blob/master/doc/guides/maintaining-root-certs.md.
tools: update certdata.txt
This is the certdata.txt[0] from NSS 3.85, released on 2022-11-10.
This is the version of NSS that will ship in Firefox 108 on
2022-12-13.
[0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_85_RTM/lib/ckfw/builtins/certdata.txt
crypto: update root certificates
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.
Certificates added:
Certificates removed: