Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto: deprecate implicitly shortened GCM tags #52345

Merged
merged 1 commit into from
Apr 10, 2024
Merged

crypto: deprecate implicitly shortened GCM tags #52345

merged 1 commit into from
Apr 10, 2024

Conversation

tniessen
Copy link
Member

@tniessen tniessen commented Apr 3, 2024

This introduces a doc-only deprecation of using GCM authentication tags that are shorter than the cipher's block size, unless the user specified the authTagLength option.

Refs: #52327

@tniessen tniessen requested a review from bnoordhuis April 3, 2024 13:58
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/crypto

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. needs-ci PRs that need a full CI run. labels Apr 3, 2024
@tniessen tniessen added notable-change PRs with changes that should be highlighted in changelogs. deprecations Issues and PRs related to deprecations. labels Apr 3, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Apr 3, 2024

The notable-change PRs with changes that should be highlighted in changelogs. label has been added by @tniessen.

Please suggest a text for the release notes if you'd like to include a more detailed summary, then proceed to update the PR description with the text or a link to the notable change suggested text comment. Otherwise, the commit will be placed in the Other Notable Changes section.

@tniessen
crypto: deprecate implicitly shortened GCM tags
64e805b 
This introduces a doc-only deprecation of using GCM authentication tags
that are shorter than the cipher's block size, unless the user specified
the authTagLength option.

Refs: nodejs#52327
@tniessen tniessen requested a review from panva April 3, 2024 23:22
@panva panva added the request-ci Add this label to start a Jenkins CI on a PR. label Apr 4, 2024
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Apr 4, 2024
@nodejs-github-bot

This comment was marked as outdated.

Sign in to view
@nodejs-github-bot

This comment was marked as outdated.

Sign in to view
@nodejs-github-bot

This comment was marked as outdated.

Sign in to view
@nodejs-github-bot

This comment was marked as outdated.

Sign in to view
@nodejs-github-bot

This comment was marked as outdated.

Sign in to view
@tniessen
Copy link
Member Author

tniessen commented Apr 5, 2024

Would be good to have eyes on this from @bnoordhuis and/or @nodejs/tsc since this has the potential to break applications that do use this API correctly while providing better security margins for applications that don't.

I don't think we need to rush this to end-of-life status. Once we make this a runtime deprecation, we can probably better estimate the impact.

@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/58152/

@tniessen tniessen requested a review from jasnell April 8, 2024 10:55
@tniessen tniessen added the security Issues and PRs related to security. label Apr 8, 2024
@tniessen tniessen added author ready PRs that have at least one approval, no pending requests for changes, and a CI started. commit-queue Add this label to land a pull request using GitHub Actions. labels Apr 10, 2024
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Apr 10, 2024
@nodejs-github-bot nodejs-github-bot merged commit 8f61b65 into nodejs:main Apr 10, 2024
62 checks passed
@nodejs-github-bot
Copy link
Collaborator

Landed in 8f61b65

@RafaelGSS RafaelGSS mentioned this pull request Apr 15, 2024
Merged
tniessen added a commit to tniessen/node that referenced this pull request Apr 16, 2024
@tniessen
crypto: move DEP0182 to runtime deprecation
4584a10 
This introduces a runtime deprecation for using GCM authentication tags
that are shorter than the cipher's block size, unless the user
specified the authTagLength option. This behavior has been doc-only
deprecated since 8f61b65.

Refs: nodejs#52327
Refs: nodejs#52345
tniessen added a commit to tniessen/node that referenced this pull request Apr 16, 2024
@tniessen
crypto: move DEP0182 to runtime deprecation
bf6f632 
This introduces a runtime deprecation for using GCM authentication tags
that are shorter than the cipher's block size, unless the user
specified the authTagLength option. This behavior has been doc-only
deprecated since 8f61b65.

Refs: nodejs#52327
Refs: nodejs#52345
@tniessen tniessen mentioned this pull request Apr 16, 2024
Merged
nodejs-github-bot pushed a commit that referenced this pull request Apr 23, 2024
@tniessen
crypto: move DEP0182 to runtime deprecation
ff82606 
This introduces a runtime deprecation for using GCM authentication tags
that are shorter than the cipher's block size, unless the user
specified the authTagLength option. This behavior has been doc-only
deprecated since 8f61b65.

Refs: #52327
Refs: #52345
PR-URL: #52552
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
aduh95 pushed a commit that referenced this pull request Apr 30, 2024
@tniessen @aduh95
crypto: move DEP0182 to runtime deprecation
ae6988b 
This introduces a runtime deprecation for using GCM authentication tags
that are shorter than the cipher's block size, unless the user
specified the authTagLength option. This behavior has been doc-only
deprecated since 8f61b65.

Refs: #52327
Refs: #52345
PR-URL: #52552
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
marco-ippolito pushed a commit that referenced this pull request May 2, 2024
@tniessen @marco-ippolito
crypto: deprecate implicitly shortened GCM tags
ec3148a 
This introduces a doc-only deprecation of using GCM authentication tags
that are shorter than the cipher's block size, unless the user specified
the authTagLength option.

Refs: #52327
PR-URL: #52345
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
marco-ippolito added a commit that referenced this pull request May 2, 2024
@marco-ippolito
2024-05-07, Version 20.13.0 'Iron' (LTS)
7a683cc 
Notable changes:

benchmark:
  * add AbortSignal.abort benchmarks (Raz Luvaton) #52408
buffer:
  * improve `base64` and `base64url` performance (Yagiz Nizipli) #52428
crypto:
  * deprecate implicitly shortened GCM tags (Tobias Nießen) #52345
deps:
  * (SEMVER-MINOR) update simdutf to 5.0.0 (Daniel Lemire) #52138
  * (SEMVER-MINOR) update undici to 6.3.0 (Node.js GitHub Bot) #51462
  * (SEMVER-MINOR) update undici to 6.2.1 (Node.js GitHub Bot) #51278
dns:
  * (SEMVER-MINOR) add order option and support ipv6first (Paolo Insogna) #52492
doc:
  * update release gpg keyserver (marco-ippolito) #52257
  * add release key for marco-ippolito (marco-ippolito) #52257
  * add UlisesGascon as a collaborator (Ulises Gascón) #51991
  * (SEMVER-MINOR) deprecate fs.Stats public constructor (Marco Ippolito) #51879
events,doc:
  * mark CustomEvent as stable (Daeyeon Jeong) #52618
fs:
  * add stacktrace to fs/promises (翠 / green) #49849
lib, url:
  * (SEMVER-MINOR) add a `windows` option to path parsing (Aviv Keller) #52509
net:
  * (SEMVER-MINOR) add CLI option for autoSelectFamilyAttemptTimeout (Paolo Insogna) #52474
report:
  * (SEMVER-MINOR) add `--report-exclude-network` option (Ethan Arrowood) #51645
src:
  * (SEMVER-MINOR) add `string_view` overload to snapshot FromBlob (Anna Henningsen) #52595
  * (SEMVER-MINOR) add C++ ProcessEmitWarningSync() (Joyee Cheung) #51977
  * (SEMVER-MINOR) add uv_get_available_memory to report and process (theanarkh) #52023
  * (SEMVER-MINOR) preload function for Environment (Cheng Zhao) #51539
stream:
  * (SEMVER-MINOR) support typed arrays (IlyasShabi) #51866
test_runner:
  * (SEMVER-MINOR) add suite() (Colin Ihrig) #52127
  * (SEMVER-MINOR) support forced exit (Colin Ihrig) #52038
  * (SEMVER-MINOR) add `test:complete` event to reflect execution order (Moshe Atlow) #51909
util:
  * (SEMVER-MINOR) support array of formats in util.styleText (Marco Ippolito) #52040
v8:
  * (SEMVER-MINOR) implement v8.queryObjects() for memory leak regression testing (Joyee Cheung) #51927
watch:
  * mark as stable (Moshe Atlow) #52074

PR-URL: TODO
@marco-ippolito marco-ippolito mentioned this pull request May 2, 2024
Merged
marco-ippolito added a commit that referenced this pull request May 2, 2024
@marco-ippolito
2024-05-07, Version 20.13.0 'Iron' (LTS)
6db6838 
Notable changes:

benchmark:
  * add AbortSignal.abort benchmarks (Raz Luvaton) #52408
buffer:
  * improve `base64` and `base64url` performance (Yagiz Nizipli) #52428
crypto:
  * deprecate implicitly shortened GCM tags (Tobias Nießen) #52345
deps:
  * (SEMVER-MINOR) update simdutf to 5.0.0 (Daniel Lemire) #52138
  * (SEMVER-MINOR) update undici to 6.3.0 (Node.js GitHub Bot) #51462
  * (SEMVER-MINOR) update undici to 6.2.1 (Node.js GitHub Bot) #51278
dns:
  * (SEMVER-MINOR) add order option and support ipv6first (Paolo Insogna) #52492
doc:
  * update release gpg keyserver (marco-ippolito) #52257
  * add release key for marco-ippolito (marco-ippolito) #52257
  * add UlisesGascon as a collaborator (Ulises Gascón) #51991
  * (SEMVER-MINOR) deprecate fs.Stats public constructor (Marco Ippolito) #51879
events,doc:
  * mark CustomEvent as stable (Daeyeon Jeong) #52618
fs:
  * add stacktrace to fs/promises (翠 / green) #49849
lib, url:
  * (SEMVER-MINOR) add a `windows` option to path parsing (Aviv Keller) #52509
net:
  * (SEMVER-MINOR) add CLI option for autoSelectFamilyAttemptTimeout (Paolo Insogna) #52474
report:
  * (SEMVER-MINOR) add `--report-exclude-network` option (Ethan Arrowood) #51645
src:
  * (SEMVER-MINOR) add `string_view` overload to snapshot FromBlob (Anna Henningsen) #52595
  * (SEMVER-MINOR) add C++ ProcessEmitWarningSync() (Joyee Cheung) #51977
  * (SEMVER-MINOR) add uv_get_available_memory to report and process (theanarkh) #52023
  * (SEMVER-MINOR) preload function for Environment (Cheng Zhao) #51539
stream:
  * (SEMVER-MINOR) support typed arrays (IlyasShabi) #51866
test_runner:
  * (SEMVER-MINOR) add suite() (Colin Ihrig) #52127
  * (SEMVER-MINOR) support forced exit (Colin Ihrig) #52038
  * (SEMVER-MINOR) add `test:complete` event to reflect execution order (Moshe Atlow) #51909
util:
  * (SEMVER-MINOR) support array of formats in util.styleText (Marco Ippolito) #52040
v8:
  * (SEMVER-MINOR) implement v8.queryObjects() for memory leak regression testing (Joyee Cheung) #51927
watch:
  * mark as stable (Moshe Atlow) #52074

PR-URL: TODO
marco-ippolito added a commit that referenced this pull request May 2, 2024
@marco-ippolito
2024-05-07, Version 20.13.0 'Iron' (LTS)
3db5f4c 
Notable changes:

benchmark:
  * add AbortSignal.abort benchmarks (Raz Luvaton) #52408
buffer:
  * improve `base64` and `base64url` performance (Yagiz Nizipli) #52428
crypto:
  * deprecate implicitly shortened GCM tags (Tobias Nießen) #52345
deps:
  * (SEMVER-MINOR) update simdutf to 5.0.0 (Daniel Lemire) #52138
  * (SEMVER-MINOR) update undici to 6.3.0 (Node.js GitHub Bot) #51462
  * (SEMVER-MINOR) update undici to 6.2.1 (Node.js GitHub Bot) #51278
dns:
  * (SEMVER-MINOR) add order option and support ipv6first (Paolo Insogna) #52492
doc:
  * update release gpg keyserver (marco-ippolito) #52257
  * add release key for marco-ippolito (marco-ippolito) #52257
  * add UlisesGascon as a collaborator (Ulises Gascón) #51991
  * (SEMVER-MINOR) deprecate fs.Stats public constructor (Marco Ippolito) #51879
events,doc:
  * mark CustomEvent as stable (Daeyeon Jeong) #52618
fs:
  * add stacktrace to fs/promises (翠 / green) #49849
lib, url:
  * (SEMVER-MINOR) add a `windows` option to path parsing (Aviv Keller) #52509
net:
  * (SEMVER-MINOR) add CLI option for autoSelectFamilyAttemptTimeout (Paolo Insogna) #52474
report:
  * (SEMVER-MINOR) add `--report-exclude-network` option (Ethan Arrowood) #51645
src:
  * (SEMVER-MINOR) add `string_view` overload to snapshot FromBlob (Anna Henningsen) #52595
  * (SEMVER-MINOR) add C++ ProcessEmitWarningSync() (Joyee Cheung) #51977
  * (SEMVER-MINOR) add uv_get_available_memory to report and process (theanarkh) #52023
  * (SEMVER-MINOR) preload function for Environment (Cheng Zhao) #51539
stream:
  * (SEMVER-MINOR) support typed arrays (IlyasShabi) #51866
test_runner:
  * (SEMVER-MINOR) add suite() (Colin Ihrig) #52127
  * (SEMVER-MINOR) support forced exit (Colin Ihrig) #52038
  * (SEMVER-MINOR) add `test:complete` event to reflect execution order (Moshe Atlow) #51909
util:
  * (SEMVER-MINOR) support array of formats in util.styleText (Marco Ippolito) #52040
v8:
  * (SEMVER-MINOR) implement v8.queryObjects() for memory leak regression testing (Joyee Cheung) #51927
watch:
  * mark as stable (Moshe Atlow) #52074

PR-URL: #52793
marco-ippolito added a commit that referenced this pull request May 2, 2024
@marco-ippolito
2024-05-07, Version 20.13.0 'Iron' (LTS)
2e68800 
Notable changes:

benchmark:
  * add AbortSignal.abort benchmarks (Raz Luvaton) #52408
buffer:
  * improve `base64` and `base64url` performance (Yagiz Nizipli) #52428
crypto:
  * deprecate implicitly shortened GCM tags (Tobias Nießen) #52345
deps:
  * (SEMVER-MINOR) update simdutf to 5.0.0 (Daniel Lemire) #52138
  * (SEMVER-MINOR) update undici to 6.3.0 (Node.js GitHub Bot) #51462
  * (SEMVER-MINOR) update undici to 6.2.1 (Node.js GitHub Bot) #51278
dns:
  * (SEMVER-MINOR) add order option and support ipv6first (Paolo Insogna) #52492
doc:
  * update release gpg keyserver (marco-ippolito) #52257
  * add release key for marco-ippolito (marco-ippolito) #52257
  * add UlisesGascon as a collaborator (Ulises Gascón) #51991
  * (SEMVER-MINOR) deprecate fs.Stats public constructor (Marco Ippolito) #51879
events,doc:
  * mark CustomEvent as stable (Daeyeon Jeong) #52618
fs:
  * add stacktrace to fs/promises (翠 / green) #49849
lib, url:
  * (SEMVER-MINOR) add a `windows` option to path parsing (Aviv Keller) #52509
net:
  * (SEMVER-MINOR) add CLI option for autoSelectFamilyAttemptTimeout (Paolo Insogna) #52474
report:
  * (SEMVER-MINOR) add `--report-exclude-network` option (Ethan Arrowood) #51645
src:
  * (SEMVER-MINOR) add `string_view` overload to snapshot FromBlob (Anna Henningsen) #52595
  * (SEMVER-MINOR) add C++ ProcessEmitWarningSync() (Joyee Cheung) #51977
  * (SEMVER-MINOR) add uv_get_available_memory to report and process (theanarkh) #52023
  * (SEMVER-MINOR) preload function for Environment (Cheng Zhao) #51539
stream:
  * (SEMVER-MINOR) support typed arrays (IlyasShabi) #51866
test_runner:
  * (SEMVER-MINOR) add suite() (Colin Ihrig) #52127
  * (SEMVER-MINOR) support forced exit (Colin Ihrig) #52038
  * (SEMVER-MINOR) add `test:complete` event to reflect execution order (Moshe Atlow) #51909
util:
  * (SEMVER-MINOR) support array of formats in util.styleText (Marco Ippolito) #52040
v8:
  * (SEMVER-MINOR) implement v8.queryObjects() for memory leak regression testing (Joyee Cheung) #51927
watch:
  * mark as stable (Moshe Atlow) #52074

PR-URL: #52793
marco-ippolito pushed a commit that referenced this pull request May 3, 2024
@tniessen @marco-ippolito
crypto: deprecate implicitly shortened GCM tags
03e05b0 
This introduces a doc-only deprecation of using GCM authentication tags
that are shorter than the cipher's block size, unless the user specified
the authTagLength option.

Refs: #52327
PR-URL: #52345
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
marco-ippolito added a commit that referenced this pull request May 3, 2024
@marco-ippolito
2024-05-07, Version 20.13.0 'Iron' (LTS)
1766b1d 
Notable changes:

benchmark:
  * add AbortSignal.abort benchmarks (Raz Luvaton) #52408
buffer:
  * improve `base64` and `base64url` performance (Yagiz Nizipli) #52428
crypto:
  * deprecate implicitly shortened GCM tags (Tobias Nießen) #52345
deps:
  * (SEMVER-MINOR) update simdutf to 5.0.0 (Daniel Lemire) #52138
  * (SEMVER-MINOR) update undici to 6.3.0 (Node.js GitHub Bot) #51462
  * (SEMVER-MINOR) update undici to 6.2.1 (Node.js GitHub Bot) #51278
dns:
  * (SEMVER-MINOR) add order option and support ipv6first (Paolo Insogna) #52492
doc:
  * update release gpg keyserver (marco-ippolito) #52257
  * add release key for marco-ippolito (marco-ippolito) #52257
  * add UlisesGascon as a collaborator (Ulises Gascón) #51991
  * (SEMVER-MINOR) deprecate fs.Stats public constructor (Marco Ippolito) #51879
events,doc:
  * mark CustomEvent as stable (Daeyeon Jeong) #52618
fs:
  * add stacktrace to fs/promises (翠 / green) #49849
lib, url:
  * (SEMVER-MINOR) add a `windows` option to path parsing (Aviv Keller) #52509
net:
  * (SEMVER-MINOR) add CLI option for autoSelectFamilyAttemptTimeout (Paolo Insogna) #52474
report:
  * (SEMVER-MINOR) add `--report-exclude-network` option (Ethan Arrowood) #51645
src:
  * (SEMVER-MINOR) add `string_view` overload to snapshot FromBlob (Anna Henningsen) #52595
  * (SEMVER-MINOR) add C++ ProcessEmitWarningSync() (Joyee Cheung) #51977
  * (SEMVER-MINOR) add uv_get_available_memory to report and process (theanarkh) #52023
  * (SEMVER-MINOR) preload function for Environment (Cheng Zhao) #51539
stream:
  * (SEMVER-MINOR) support typed arrays (IlyasShabi) #51866
test_runner:
  * (SEMVER-MINOR) add suite() (Colin Ihrig) #52127
  * (SEMVER-MINOR) add `test:complete` event to reflect execution order (Moshe Atlow) #51909
util:
  * (SEMVER-MINOR) support array of formats in util.styleText (Marco Ippolito) #52040
v8:
  * (SEMVER-MINOR) implement v8.queryObjects() for memory leak regression testing (Joyee Cheung) #51927
watch:
  * mark as stable (Moshe Atlow) #52074

PR-URL: #52793
marco-ippolito added a commit that referenced this pull request May 7, 2024
@marco-ippolito
2024-05-07, Version 20.13.0 'Iron' (LTS)
0d0efa4 
Notable changes:

benchmark:
  * add AbortSignal.abort benchmarks (Raz Luvaton) #52408
buffer:
  * improve `base64` and `base64url` performance (Yagiz Nizipli) #52428
crypto:
  * deprecate implicitly shortened GCM tags (Tobias Nießen) #52345
deps:
  * (SEMVER-MINOR) update simdutf to 5.0.0 (Daniel Lemire) #52138
  * (SEMVER-MINOR) update undici to 6.3.0 (Node.js GitHub Bot) #51462
  * (SEMVER-MINOR) update undici to 6.2.1 (Node.js GitHub Bot) #51278
dns:
  * (SEMVER-MINOR) add order option and support ipv6first (Paolo Insogna) #52492
doc:
  * update release gpg keyserver (marco-ippolito) #52257
  * add release key for marco-ippolito (marco-ippolito) #52257
  * add UlisesGascon as a collaborator (Ulises Gascón) #51991
  * (SEMVER-MINOR) deprecate fs.Stats public constructor (Marco Ippolito) #51879
events,doc:
  * mark CustomEvent as stable (Daeyeon Jeong) #52618
fs:
  * add stacktrace to fs/promises (翠 / green) #49849
lib, url:
  * (SEMVER-MINOR) add a `windows` option to path parsing (Aviv Keller) #52509
net:
  * (SEMVER-MINOR) add CLI option for autoSelectFamilyAttemptTimeout (Paolo Insogna) #52474
report:
  * (SEMVER-MINOR) add `--report-exclude-network` option (Ethan Arrowood) #51645
src:
  * (SEMVER-MINOR) add `string_view` overload to snapshot FromBlob (Anna Henningsen) #52595
  * (SEMVER-MINOR) add C++ ProcessEmitWarningSync() (Joyee Cheung) #51977
  * (SEMVER-MINOR) add uv_get_available_memory to report and process (theanarkh) #52023
  * (SEMVER-MINOR) preload function for Environment (Cheng Zhao) #51539
stream:
  * (SEMVER-MINOR) support typed arrays (IlyasShabi) #51866
test_runner:
  * (SEMVER-MINOR) add suite() (Colin Ihrig) #52127
  * (SEMVER-MINOR) add `test:complete` event to reflect execution order (Moshe Atlow) #51909
util:
  * (SEMVER-MINOR) support array of formats in util.styleText (Marco Ippolito) #52040
v8:
  * (SEMVER-MINOR) implement v8.queryObjects() for memory leak regression testing (Joyee Cheung) #51927
watch:
  * mark as stable (Moshe Atlow) #52074

PR-URL: #52793
marco-ippolito added a commit that referenced this pull request May 7, 2024
@marco-ippolito
2024-05-07, Version 20.13.0 'Iron' (LTS)
9a1df15 
Notable changes:

benchmark:
  * add AbortSignal.abort benchmarks (Raz Luvaton) #52408
buffer:
  * improve `base64` and `base64url` performance (Yagiz Nizipli) #52428
crypto:
  * deprecate implicitly shortened GCM tags (Tobias Nießen) #52345
deps:
  * (SEMVER-MINOR) update simdutf to 5.0.0 (Daniel Lemire) #52138
  * (SEMVER-MINOR) update undici to 6.3.0 (Node.js GitHub Bot) #51462
  * (SEMVER-MINOR) update undici to 6.2.1 (Node.js GitHub Bot) #51278
dns:
  * (SEMVER-MINOR) add order option and support ipv6first (Paolo Insogna) #52492
doc:
  * update release gpg keyserver (marco-ippolito) #52257
  * add release key for marco-ippolito (marco-ippolito) #52257
  * add UlisesGascon as a collaborator (Ulises Gascón) #51991
  * (SEMVER-MINOR) deprecate fs.Stats public constructor (Marco Ippolito) #51879
events,doc:
  * mark CustomEvent as stable (Daeyeon Jeong) #52618
fs:
  * add stacktrace to fs/promises (翠 / green) #49849
lib, url:
  * (SEMVER-MINOR) add a `windows` option to path parsing (Aviv Keller) #52509
net:
  * (SEMVER-MINOR) add CLI option for autoSelectFamilyAttemptTimeout (Paolo Insogna) #52474
report:
  * (SEMVER-MINOR) add `--report-exclude-network` option (Ethan Arrowood) #51645
src:
  * (SEMVER-MINOR) add `string_view` overload to snapshot FromBlob (Anna Henningsen) #52595
  * (SEMVER-MINOR) add C++ ProcessEmitWarningSync() (Joyee Cheung) #51977
  * (SEMVER-MINOR) add uv_get_available_memory to report and process (theanarkh) #52023
  * (SEMVER-MINOR) preload function for Environment (Cheng Zhao) #51539
stream:
  * (SEMVER-MINOR) support typed arrays (IlyasShabi) #51866
test_runner:
  * (SEMVER-MINOR) add suite() (Colin Ihrig) #52127
  * (SEMVER-MINOR) add `test:complete` event to reflect execution order (Moshe Atlow) #51909
util:
  * (SEMVER-MINOR) support array of formats in util.styleText (Marco Ippolito) #52040
v8:
  * (SEMVER-MINOR) implement v8.queryObjects() for memory leak regression testing (Joyee Cheung) #51927
watch:
  * mark as stable (Moshe Atlow) #52074

PR-URL: #52793
Ch3nYuY pushed a commit to Ch3nYuY/node that referenced this pull request May 8, 2024
@marco-ippolito @Ch3nYuY
2024-05-07, Version 20.13.0 'Iron' (LTS)
ed91569 
Notable changes:

benchmark:
  * add AbortSignal.abort benchmarks (Raz Luvaton) nodejs#52408
buffer:
  * improve `base64` and `base64url` performance (Yagiz Nizipli) nodejs#52428
crypto:
  * deprecate implicitly shortened GCM tags (Tobias Nießen) nodejs#52345
deps:
  * (SEMVER-MINOR) update simdutf to 5.0.0 (Daniel Lemire) nodejs#52138
  * (SEMVER-MINOR) update undici to 6.3.0 (Node.js GitHub Bot) nodejs#51462
  * (SEMVER-MINOR) update undici to 6.2.1 (Node.js GitHub Bot) nodejs#51278
dns:
  * (SEMVER-MINOR) add order option and support ipv6first (Paolo Insogna) nodejs#52492
doc:
  * update release gpg keyserver (marco-ippolito) nodejs#52257
  * add release key for marco-ippolito (marco-ippolito) nodejs#52257
  * add UlisesGascon as a collaborator (Ulises Gascón) nodejs#51991
  * (SEMVER-MINOR) deprecate fs.Stats public constructor (Marco Ippolito) nodejs#51879
events,doc:
  * mark CustomEvent as stable (Daeyeon Jeong) nodejs#52618
fs:
  * add stacktrace to fs/promises (翠 / green) nodejs#49849
lib, url:
  * (SEMVER-MINOR) add a `windows` option to path parsing (Aviv Keller) nodejs#52509
net:
  * (SEMVER-MINOR) add CLI option for autoSelectFamilyAttemptTimeout (Paolo Insogna) nodejs#52474
report:
  * (SEMVER-MINOR) add `--report-exclude-network` option (Ethan Arrowood) nodejs#51645
src:
  * (SEMVER-MINOR) add `string_view` overload to snapshot FromBlob (Anna Henningsen) nodejs#52595
  * (SEMVER-MINOR) add C++ ProcessEmitWarningSync() (Joyee Cheung) nodejs#51977
  * (SEMVER-MINOR) add uv_get_available_memory to report and process (theanarkh) nodejs#52023
  * (SEMVER-MINOR) preload function for Environment (Cheng Zhao) nodejs#51539
stream:
  * (SEMVER-MINOR) support typed arrays (IlyasShabi) nodejs#51866
test_runner:
  * (SEMVER-MINOR) add suite() (Colin Ihrig) nodejs#52127
  * (SEMVER-MINOR) add `test:complete` event to reflect execution order (Moshe Atlow) nodejs#51909
util:
  * (SEMVER-MINOR) support array of formats in util.styleText (Marco Ippolito) nodejs#52040
v8:
  * (SEMVER-MINOR) implement v8.queryObjects() for memory leak regression testing (Joyee Cheung) nodejs#51927
watch:
  * mark as stable (Moshe Atlow) nodejs#52074

PR-URL: nodejs#52793
eliphazbouye pushed a commit to eliphazbouye/node that referenced this pull request Jun 20, 2024
@marco-ippolito @eliphazbouye
2024-05-07, Version 20.13.0 'Iron' (LTS)
66ad117 
Notable changes:

benchmark:
  * add AbortSignal.abort benchmarks (Raz Luvaton) nodejs#52408
buffer:
  * improve `base64` and `base64url` performance (Yagiz Nizipli) nodejs#52428
crypto:
  * deprecate implicitly shortened GCM tags (Tobias Nießen) nodejs#52345
deps:
  * (SEMVER-MINOR) update simdutf to 5.0.0 (Daniel Lemire) nodejs#52138
  * (SEMVER-MINOR) update undici to 6.3.0 (Node.js GitHub Bot) nodejs#51462
  * (SEMVER-MINOR) update undici to 6.2.1 (Node.js GitHub Bot) nodejs#51278
dns:
  * (SEMVER-MINOR) add order option and support ipv6first (Paolo Insogna) nodejs#52492
doc:
  * update release gpg keyserver (marco-ippolito) nodejs#52257
  * add release key for marco-ippolito (marco-ippolito) nodejs#52257
  * add UlisesGascon as a collaborator (Ulises Gascón) nodejs#51991
  * (SEMVER-MINOR) deprecate fs.Stats public constructor (Marco Ippolito) nodejs#51879
events,doc:
  * mark CustomEvent as stable (Daeyeon Jeong) nodejs#52618
fs:
  * add stacktrace to fs/promises (翠 / green) nodejs#49849
lib, url:
  * (SEMVER-MINOR) add a `windows` option to path parsing (Aviv Keller) nodejs#52509
net:
  * (SEMVER-MINOR) add CLI option for autoSelectFamilyAttemptTimeout (Paolo Insogna) nodejs#52474
report:
  * (SEMVER-MINOR) add `--report-exclude-network` option (Ethan Arrowood) nodejs#51645
src:
  * (SEMVER-MINOR) add `string_view` overload to snapshot FromBlob (Anna Henningsen) nodejs#52595
  * (SEMVER-MINOR) add C++ ProcessEmitWarningSync() (Joyee Cheung) nodejs#51977
  * (SEMVER-MINOR) add uv_get_available_memory to report and process (theanarkh) nodejs#52023
  * (SEMVER-MINOR) preload function for Environment (Cheng Zhao) nodejs#51539
stream:
  * (SEMVER-MINOR) support typed arrays (IlyasShabi) nodejs#51866
test_runner:
  * (SEMVER-MINOR) add suite() (Colin Ihrig) nodejs#52127
  * (SEMVER-MINOR) add `test:complete` event to reflect execution order (Moshe Atlow) nodejs#51909
util:
  * (SEMVER-MINOR) support array of formats in util.styleText (Marco Ippolito) nodejs#52040
v8:
  * (SEMVER-MINOR) implement v8.queryObjects() for memory leak regression testing (Joyee Cheung) nodejs#51927
watch:
  * mark as stable (Moshe Atlow) nodejs#52074

PR-URL: nodejs#52793
bmeck pushed a commit to bmeck/node that referenced this pull request Jun 22, 2024
@tniessen @bmeck
crypto: move DEP0182 to runtime deprecation
27327e4 
This introduces a runtime deprecation for using GCM authentication tags
that are shorter than the cipher's block size, unless the user
specified the authTagLength option. This behavior has been doc-only
deprecated since 8f61b65.

Refs: nodejs#52327
Refs: nodejs#52345
PR-URL: nodejs#52552
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
bmeck pushed a commit to bmeck/node that referenced this pull request Jun 22, 2024
@marco-ippolito @bmeck
2024-05-07, Version 20.13.0 'Iron' (LTS)
9ac15e3 
Notable changes:

benchmark:
  * add AbortSignal.abort benchmarks (Raz Luvaton) nodejs#52408
buffer:
  * improve `base64` and `base64url` performance (Yagiz Nizipli) nodejs#52428
crypto:
  * deprecate implicitly shortened GCM tags (Tobias Nießen) nodejs#52345
deps:
  * (SEMVER-MINOR) update simdutf to 5.0.0 (Daniel Lemire) nodejs#52138
  * (SEMVER-MINOR) update undici to 6.3.0 (Node.js GitHub Bot) nodejs#51462
  * (SEMVER-MINOR) update undici to 6.2.1 (Node.js GitHub Bot) nodejs#51278
dns:
  * (SEMVER-MINOR) add order option and support ipv6first (Paolo Insogna) nodejs#52492
doc:
  * update release gpg keyserver (marco-ippolito) nodejs#52257
  * add release key for marco-ippolito (marco-ippolito) nodejs#52257
  * add UlisesGascon as a collaborator (Ulises Gascón) nodejs#51991
  * (SEMVER-MINOR) deprecate fs.Stats public constructor (Marco Ippolito) nodejs#51879
events,doc:
  * mark CustomEvent as stable (Daeyeon Jeong) nodejs#52618
fs:
  * add stacktrace to fs/promises (翠 / green) nodejs#49849
lib, url:
  * (SEMVER-MINOR) add a `windows` option to path parsing (Aviv Keller) nodejs#52509
net:
  * (SEMVER-MINOR) add CLI option for autoSelectFamilyAttemptTimeout (Paolo Insogna) nodejs#52474
report:
  * (SEMVER-MINOR) add `--report-exclude-network` option (Ethan Arrowood) nodejs#51645
src:
  * (SEMVER-MINOR) add `string_view` overload to snapshot FromBlob (Anna Henningsen) nodejs#52595
  * (SEMVER-MINOR) add C++ ProcessEmitWarningSync() (Joyee Cheung) nodejs#51977
  * (SEMVER-MINOR) add uv_get_available_memory to report and process (theanarkh) nodejs#52023
  * (SEMVER-MINOR) preload function for Environment (Cheng Zhao) nodejs#51539
stream:
  * (SEMVER-MINOR) support typed arrays (IlyasShabi) nodejs#51866
test_runner:
  * (SEMVER-MINOR) add suite() (Colin Ihrig) nodejs#52127
  * (SEMVER-MINOR) add `test:complete` event to reflect execution order (Moshe Atlow) nodejs#51909
util:
  * (SEMVER-MINOR) support array of formats in util.styleText (Marco Ippolito) nodejs#52040
v8:
  * (SEMVER-MINOR) implement v8.queryObjects() for memory leak regression testing (Joyee Cheung) nodejs#51927
watch:
  * mark as stable (Moshe Atlow) nodejs#52074

PR-URL: nodejs#52793
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@panva panva panva approved these changes

@jasnell jasnell jasnell approved these changes

@benjamingr benjamingr benjamingr approved these changes

@bnoordhuis bnoordhuis Awaiting requested review from bnoordhuis

Assignees
No one assigned
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. deprecations Issues and PRs related to deprecations. needs-ci PRs that need a full CI run. notable-change PRs with changes that should be highlighted in changelogs. security Issues and PRs related to security.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@tniessen @nodejs-github-bot @panva @jasnell @benjamingr