Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

npm-base: Move cache dir to persistent location #70

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

npm-base: Move cache dir to persistent location #70

wants to merge 3 commits into from

Conversation

mdavis777
Copy link
Contributor

No description provided.

@imyller imyller mentioned this pull request May 10, 2017
Closed
@KurtSchluss KurtSchluss mentioned this pull request May 11, 2017
Open
@KurtSchluss
Copy link

Will you merge this?

@imyller
Copy link
Owner

imyller commented May 31, 2017

I'll land this along with Node.js v8.0.0

@mdavis777
Copy link
Contributor Author

8.0.0 already? Makes me miss the days when applications sat on the same major version for 10 years.

@imyller
Copy link
Owner

imyller commented May 31, 2017

Yes, Node.js upstream is dropping support for the now previous-Current line v7.x.x at the end of June 2017 and Node.js 8 will be new Current release - starting yesterday - and transition to LTS status in October 2017.

I'm going to keep following Node.js upstream release and maintenance schedule with meta-nodejs.

LTS

Michael Davis added 2 commits August 31, 2017 10:55
2017-08-01, Version 6.11.2 'Boron' (LTS)
5b8592a 
    Notable Changes

    * configure:
      - add mips64el to valid_arch (Aditya Anand) #13620
    * crypto:
      - Updated root certificates based on NSS 3.30 (Ben Noordhuis)
        - #13279
        - #12402
    * deps:
      - upgrade OpenSSL to version 1.0.2.l (Shigeki Ohtsu) #12913
    * http:
      - parse errors are now reported when NODE_DEBUG=http (SamRoberts) #13206
      - Agent construction can now be envoked without new (cjihrig)
        -#12927
    * zlib:
      - node will now throw an Error when zlib rejects the value of windowBits, instead of crashing (Alexey Orlenko) #13098
2017-07-11, Version 7.10.1 (Current)
4aa24f7 
    Notable changes

    * build:
      - Disable V8 snapshots - The hashseed embedded in the
        snapshot is currently the same for all runs of the binary. This opens
        node up to collision attacks which could result in a Denial of Service.
        We have temporarily disabled snapshots until a more robust solution is
        found (Ali Ijaz Sheikh)
    * deps:
      - CVE-2017-1000381 - The c-ares function ares_parse_naptr_reply(), which
        is used for parsing NAPTR responses, could be triggered to read memory
        outside of the given input buffer if the passed in DNS response packet
        was crafted in a particular way. This patch checks that there is enough
        data for the required elements of an NAPTR record (2 int16, 3 bytes for
        string lengths) before processing a record. (David Drysdale)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mdavis777 @KurtSchluss @imyller