housekeeping: Update node Docker tag to v18.20.3

This PR contains the following updates:

Package	Type	Update	Change
node	stage	minor	`18.19.0-buster` -> `18.20.3-buster`

Release Notes

nodejs/node (node)

### [`v18.20.3`](https://togithub.com/nodejs/node/releases/tag/v18.20.3): 2024-05-21, Version 18.20.3 'Hydrogen' (LTS), @richardlau [Compare Source](https://togithub.com/nodejs/node/compare/v18.20.2...v18.20.3) ##### Notable Changes This release fixes a regression introduced in Node.js 18.19.0 where `http.server.close()` was incorrectly closing idle connections. A fix has also been included for compiling Node.js from source with newer versions of Clang. The list of keys used to sign releases has been synchronized with the current list from the `main` branch. ##### Updated dependencies - acorn updated to 8.11.3. - acorn-walk updated to 8.3.2. - ada updated to 2.7.8. - c-ares updated to 1.28.1. - corepack updated to 0.28.0. - nghttp2 updated to 1.61.0. - ngtcp2 updated to 1.3.0. - npm updated to 10.7.0. Includes a fix from npm@10.5.1 to limit the number of open connections [npm/cli#7324](https://togithub.com/npm/cli/pull/7324). - simdutf updated to 5.2.4. - zlib updated to 1.3.0.1-motley-7d77fb7. ##### Commits - \[[`0c260e10e7`](https://togithub.com/nodejs/node/commit/0c260e10e7)] - **deps**: update zlib to 1.3.0.1-motley-7d77fb7 (Node.js GitHub Bot) [#52516](https://togithub.com/nodejs/node/pull/52516) - \[[`1152d7f919`](https://togithub.com/nodejs/node/commit/1152d7f919)] - **deps**: update zlib to 1.3.0.1-motley-24c07df (Node.js GitHub Bot) [#52199](https://togithub.com/nodejs/node/pull/52199) - \[[`755399db9d`](https://togithub.com/nodejs/node/commit/755399db9d)] - **deps**: update zlib to 1.3.0.1-motley-24342f6 (Node.js GitHub Bot) [#52123](https://togithub.com/nodejs/node/pull/52123) - \[[`af3e32073b`](https://togithub.com/nodejs/node/commit/af3e32073b)] - **deps**: update ada to 2.7.8 (Node.js GitHub Bot) [#52517](https://togithub.com/nodejs/node/pull/52517) - \[[`e4ea2db58b`](https://togithub.com/nodejs/node/commit/e4ea2db58b)] - **deps**: update c-ares to 1.28.1 (Node.js GitHub Bot) [#52285](https://togithub.com/nodejs/node/pull/52285) - \[[`14e857bea2`](https://togithub.com/nodejs/node/commit/14e857bea2)] - **deps**: update corepack to 0.28.0 (Node.js GitHub Bot) [#52616](https://togithub.com/nodejs/node/pull/52616) - \[[`7f5dd44ca6`](https://togithub.com/nodejs/node/commit/7f5dd44ca6)] - **deps**: upgrade npm to 10.7.0 (npm team) [#52767](https://togithub.com/nodejs/node/pull/52767) - \[[`78f84ebb09`](https://togithub.com/nodejs/node/commit/78f84ebb09)] - **deps**: update ngtcp2 to 1.3.0 (Node.js GitHub Bot) [#51796](https://togithub.com/nodejs/node/pull/51796) - \[[`1f489a3753`](https://togithub.com/nodejs/node/commit/1f489a3753)] - **deps**: update ngtcp2 to 1.2.0 (Node.js GitHub Bot) [#51584](https://togithub.com/nodejs/node/pull/51584) - \[[`3034968225`](https://togithub.com/nodejs/node/commit/3034968225)] - **deps**: update ngtcp2 to 1.1.0 (Node.js GitHub Bot) [#51319](https://togithub.com/nodejs/node/pull/51319) - \[[`1aa9da467f`](https://togithub.com/nodejs/node/commit/1aa9da467f)] - **deps**: add nghttp3/\*\*/.deps to .gitignore (Luigi Pinca) [#51400](https://togithub.com/nodejs/node/pull/51400) - \[[`28c0c78c9a`](https://togithub.com/nodejs/node/commit/28c0c78c9a)] - **deps**: update ngtcp2 and nghttp3 (James M Snell) [#51291](https://togithub.com/nodejs/node/pull/51291) - \[[`8fd5a35364`](https://togithub.com/nodejs/node/commit/8fd5a35364)] - **deps**: upgrade npm to 10.5.2 (npm team) [#52458](https://togithub.com/nodejs/node/pull/52458) - \[[`2c53ff31c9`](https://togithub.com/nodejs/node/commit/2c53ff31c9)] - **deps**: update acorn-walk to 8.3.2 (Node.js GitHub Bot) [#51457](https://togithub.com/nodejs/node/pull/51457) - \[[`12f28f33c2`](https://togithub.com/nodejs/node/commit/12f28f33c2)] - **deps**: update acorn to 8.11.3 (Node.js GitHub Bot) [#51317](https://togithub.com/nodejs/node/pull/51317) - \[[`dddb7eb3e0`](https://togithub.com/nodejs/node/commit/dddb7eb3e0)] - **deps**: update acorn-walk to 8.3.1 (Node.js GitHub Bot) [#50457](https://togithub.com/nodejs/node/pull/50457) - \[[`c86550e607`](https://togithub.com/nodejs/node/commit/c86550e607)] - **deps**: update acorn-walk to 8.3.0 (Node.js GitHub Bot) [#50457](https://togithub.com/nodejs/node/pull/50457) - \[[`9500817f66`](https://togithub.com/nodejs/node/commit/9500817f66)] - **deps**: update acorn to 8.11.2 (Node.js GitHub Bot) [#50460](https://togithub.com/nodejs/node/pull/50460) - \[[`7a8c7b6275`](https://togithub.com/nodejs/node/commit/7a8c7b6275)] - **deps**: update ada to 2.7.7 (Node.js GitHub Bot) [#52028](https://togithub.com/nodejs/node/pull/52028) - \[[`b199889943`](https://togithub.com/nodejs/node/commit/b199889943)] - **deps**: update corepack to 0.26.0 (Node.js GitHub Bot) [#52027](https://togithub.com/nodejs/node/pull/52027) - \[[`052b0ba0c6`](https://togithub.com/nodejs/node/commit/052b0ba0c6)] - **deps**: upgrade npm to 10.5.1 (npm team) [#52351](https://togithub.com/nodejs/node/pull/52351) - \[[`209823d3af`](https://togithub.com/nodejs/node/commit/209823d3af)] - **deps**: update simdutf to 5.2.4 (Node.js GitHub Bot) [#52473](https://togithub.com/nodejs/node/pull/52473) - \[[`5114cbe18a`](https://togithub.com/nodejs/node/commit/5114cbe18a)] - **deps**: update simdutf to 5.2.3 (Yagiz Nizipli) [#52381](https://togithub.com/nodejs/node/pull/52381) - \[[`be30309ea0`](https://togithub.com/nodejs/node/commit/be30309ea0)] - **deps**: update simdutf to 5.0.0 (Daniel Lemire) [#52138](https://togithub.com/nodejs/node/pull/52138) - \[[`b56f66e250`](https://togithub.com/nodejs/node/commit/b56f66e250)] - **deps**: update simdutf to 4.0.9 (Node.js GitHub Bot) [#51655](https://togithub.com/nodejs/node/pull/51655) - \[[`a9f3b9d9d1`](https://togithub.com/nodejs/node/commit/a9f3b9d9d1)] - **deps**: update nghttp2 to 1.61.0 (Node.js GitHub Bot) [#52395](https://togithub.com/nodejs/node/pull/52395) - \[[`1b6fa70620`](https://togithub.com/nodejs/node/commit/1b6fa70620)] - **deps**: update nghttp2 to 1.60.0 (Node.js GitHub Bot) [#51948](https://togithub.com/nodejs/node/pull/51948) - \[[`3c9dbbf4d4`](https://togithub.com/nodejs/node/commit/3c9dbbf4d4)] - **deps**: update nghttp2 to 1.59.0 (Node.js GitHub Bot) [#51581](https://togithub.com/nodejs/node/pull/51581) - \[[`e28316da54`](https://togithub.com/nodejs/node/commit/e28316da54)] - **deps**: update nghttp2 to 1.58.0 (Node.js GitHub Bot) [#50441](https://togithub.com/nodejs/node/pull/50441) - \[[`678641f470`](https://togithub.com/nodejs/node/commit/678641f470)] - **deps**: V8: cherry-pick [`d15d49b`](https://togithub.com/nodejs/node/commit/d15d49b09dc7) (Bo Anderson) [#52337](https://togithub.com/nodejs/node/pull/52337) - \[[`1147fee7d9`](https://togithub.com/nodejs/node/commit/1147fee7d9)] - **doc**: remove ableist language from crypto (Jamie King) [#52063](https://togithub.com/nodejs/node/pull/52063) - \[[`5e93eae972`](https://togithub.com/nodejs/node/commit/5e93eae972)] - **doc**: add release key for marco-ippolito (marco-ippolito) [#52257](https://togithub.com/nodejs/node/pull/52257) - \[[`6689a98488`](https://togithub.com/nodejs/node/commit/6689a98488)] - **http**: remove closeIdleConnections function while calling server close (Kumar Rishav) [#52336](https://togithub.com/nodejs/node/pull/52336) - \[[`71616e8a8a`](https://togithub.com/nodejs/node/commit/71616e8a8a)] - **node-api**: make tsfn accept napi_finalize once more (Gabriel Schulhof) [#51801](https://togithub.com/nodejs/node/pull/51801) - \[[`d9d9e62474`](https://togithub.com/nodejs/node/commit/d9d9e62474)] - **src**: avoid draining platform tasks at FreeEnvironment (Chengzhong Wu) [#51290](https://togithub.com/nodejs/node/pull/51290) - \[[`e5fc8ec9fc`](https://togithub.com/nodejs/node/commit/e5fc8ec9fc)] - **test**: skip v8-updates/test-linux-perf (Michaël Zasso) [#49639](https://togithub.com/nodejs/node/pull/49639) - \[[`351ef189ca`](https://togithub.com/nodejs/node/commit/351ef189ca)] - **test**: v8: Add test-linux-perf-logger test suite (Luke Albao) [#50352](https://togithub.com/nodejs/node/pull/50352) - \[[`5cec2efc31`](https://togithub.com/nodejs/node/commit/5cec2efc31)] - **test**: reduce the number of requests and parsers (Luigi Pinca) [#50240](https://togithub.com/nodejs/node/pull/50240) - \[[`5186e453d9`](https://togithub.com/nodejs/node/commit/5186e453d9)] - **test**: deflake test-http-regr-[gh-2928](https://togithub.com/nodejs/node/issues/2928) (Luigi Pinca) [#49574](https://togithub.com/nodejs/node/pull/49574) - \[[`c60cd67e1c`](https://togithub.com/nodejs/node/commit/c60cd67e1c)] - **test**: skip test for dynamically linked OpenSSL (Richard Lau) [#52542](https://togithub.com/nodejs/node/pull/52542) ### [`v18.20.2`](https://togithub.com/nodejs/node/releases/tag/v18.20.2): 2024-04-10, Version 18.20.2 'Hydrogen' (LTS), @RafaelGSS [Compare Source](https://togithub.com/nodejs/node/compare/v18.20.1...v18.20.2) This is a security release. ##### Notable Changes - CVE-2024-27980 - Command injection via args parameter of `child_process.spawn` without shell option enabled on Windows ##### Commits - \[[`6627222409`](https://togithub.com/nodejs/node/commit/6627222409)] - **src**: disallow direct .bat and .cmd file spawning (Ben Noordhuis) [nodejs-private/node-private#564](https://togithub.com/nodejs-private/node-private/pull/564) ### [`v18.20.1`](https://togithub.com/nodejs/node/releases/tag/v18.20.1): 2024-04-03, Version 18.20.1 'Hydrogen' (LTS), @RafaelGSS [Compare Source](https://togithub.com/nodejs/node/compare/v18.20.0...v18.20.1) This is a security release. ##### Notable Changes - CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High) - CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium) - llhttp version 9.2.1 - undici version 5.28.4 ##### Commits - \[[`60d24938de`](https://togithub.com/nodejs/node/commit/60d24938de)] - **deps**: update undici to v5.28.4 (Matteo Collina) [nodejs-private/node-private#577](https://togithub.com/nodejs-private/node-private/pull/577) - \[[`5d4d5848cf`](https://togithub.com/nodejs/node/commit/5d4d5848cf)] - **http**: do not allow OBS fold in headers by default (Paolo Insogna) [nodejs-private/node-private#558](https://togithub.com/nodejs-private/node-private/pull/558) - \[[`0fb816dbcc`](https://togithub.com/nodejs/node/commit/0fb816dbcc)] - **src**: ensure to close stream when destroying session (Anna Henningsen) [nodejs-private/node-private#561](https://togithub.com/nodejs-private/node-private/pull/561) ### [`v18.20.0`](https://togithub.com/nodejs/node/releases/tag/v18.20.0): 2024-03-26, Version 18.20.0 'Hydrogen' (LTS), @richardlau [Compare Source](https://togithub.com/nodejs/node/compare/v18.19.1...v18.20.0) ##### Notable Changes ##### Added support for import attributes Support has been added for import attributes, to replace the old import assertions syntax. This will aid migration by making the new syntax available across all currently supported Node.js release lines. This adds the `with` keyword which should be used in place of the previous `assert` keyword, which will be removed in a future semver-major Node.js release. For example, ```console import "foo" assert { ... } ``` should be replaced with ```console import "foo" with { ... } ``` For more details, see - [#50134](https://togithub.com/nodejs/node/issues/50134) - [#51622](https://togithub.com/nodejs/node/issues/51622) Contributed by Nicolò Ribaudo in [#51136](https://togithub.com/nodejs/node/pull/51136) and Antoine du Hamel in [#50140](https://togithub.com/nodejs/node/pull/50140). ##### Doc deprecation for `dirent.path` Please use newly added `dirent.parentPath` instead. Contributed by Antoine du Hamel in [#50976](https://togithub.com/nodejs/node/pull/50976) and [#51020](https://togithub.com/nodejs/node/pull/51020). ##### Experimental node-api feature flags Introduces an experimental feature to segregate finalizers that affect GC state. A new type called `node_api_nogc_env` has been introduced as the const version of `napi_env` and `node_api_nogc_finalize` as a variant of `napi_finalize` that accepts a `node_api_nogc_env` as its first argument. This feature can be turned off by defining `NODE_API_EXPERIMENTAL_NOGC_ENV_OPT_OUT`. Contributed by Gabriel Schulhof in [#50060](https://togithub.com/nodejs/node/pull/50060). ##### Root certificates updated to NSS 3.98 Certificates added: - Telekom Security TLS ECC Root 2020 - Telekom Security TLS RSA Root 2023 Certificates removed: - Security Communication Root CA ##### Updated dependencies - ada updated to 2.7.6. - base64 updated to 0.5.2. - c-ares updated to 1.27.0. - corepack updated to 0.25.2. - ICU updated to 74.2. Includes CLDR 44.1 and Unicode 15.1. - npm updated to 10.5.0. Fixes a regression in signals not being passed onto child processes. - simdutf8 updated to 4.0.8. - Timezone updated to 2024a. - zlib updated to 1.3.0.1-motley-40e35a7. ##### vm: fix V8 compilation cache support for vm.Script Previously repeated compilation of the same source code using `vm.Script` stopped hitting the V8 compilation cache after v16.x when support for `importModuleDynamically` was added to `vm.Script`, resulting in a performance regression that blocked users (in particular Jest users) from upgrading from v16.x. The recent fixes allow the compilation cache to be hit again for `vm.Script` when `--experimental-vm-modules` is not used even in the presence of the `importModuleDynamically` option, so that users affected by the performance regression can now upgrade. Ongoing work is also being done to enable compilation cache support for `vm.CompileFunction`. Contributed by Joyee Cheung in [#49950](https://togithub.com/nodejs/node/pull/49950) and [#50137](https://togithub.com/nodejs/node/pull/50137). ##### Commits - \[[`c70383b8d4`](https://togithub.com/nodejs/node/commit/c70383b8d4)] - **build**: support Python 3.12 (Shi Pujin) [#50209](https://togithub.com/nodejs/node/pull/50209) - \[[`4b960c3a4a`](https://togithub.com/nodejs/node/commit/4b960c3a4a)] - **build**: fix incorrect g++ warning message (Richard Lau) [#51695](https://togithub.com/nodejs/node/pull/51695) - \[[`8fdea67694`](https://togithub.com/nodejs/node/commit/8fdea67694)] - **crypto**: update root certificates to NSS 3.98 (Node.js GitHub Bot) [#51794](https://togithub.com/nodejs/node/pull/51794) - \[[`812b126dd9`](https://togithub.com/nodejs/node/commit/812b126dd9)] - **deps**: V8: cherry-pick [`d90d453`](https://togithub.com/nodejs/node/commit/d90d4533b053) (Michaël Zasso) [#50077](https://togithub.com/nodejs/node/pull/50077) - \[[`9ab8c3db87`](https://togithub.com/nodejs/node/commit/9ab8c3db87)] - **deps**: update c-ares to 1.27.0 (Node.js GitHub Bot) [#51846](https://togithub.com/nodejs/node/pull/51846) - \[[`c688680387`](https://togithub.com/nodejs/node/commit/c688680387)] - **deps**: update c-ares to 1.26.0 (Node.js GitHub Bot) [#51582](https://togithub.com/nodejs/node/pull/51582) - \[[`9498ac8a47`](https://togithub.com/nodejs/node/commit/9498ac8a47)] - **deps**: compile c-ares with C11 support (Michaël Zasso) [#51410](https://togithub.com/nodejs/node/pull/51410) - \[[`8fb743642f`](https://togithub.com/nodejs/node/commit/8fb743642f)] - **deps**: update c-ares to 1.25.0 (Node.js GitHub Bot) [#51385](https://togithub.com/nodejs/node/pull/51385) - \[[`7bea2d7c12`](https://togithub.com/nodejs/node/commit/7bea2d7c12)] - **deps**: update zlib to 1.3.0.1-motley-40e35a7 (Node.js GitHub Bot) [#51274](https://togithub.com/nodejs/node/pull/51274) - \[[`57a38c8f75`](https://togithub.com/nodejs/node/commit/57a38c8f75)] - **deps**: update zlib to 1.3.0.1-motley-dd5fc13 (Node.js GitHub Bot) [#51105](https://togithub.com/nodejs/node/pull/51105) - \[[`b0ca084a6b`](https://togithub.com/nodejs/node/commit/b0ca084a6b)] - **deps**: update zlib to 1.3-22124f5 (Node.js GitHub Bot) [#50910](https://togithub.com/nodejs/node/pull/50910) - \[[`4b43823f37`](https://togithub.com/nodejs/node/commit/4b43823f37)] - **deps**: update zlib to 1.2.13.1-motley-5daffc7 (Node.js GitHub Bot) [#50803](https://togithub.com/nodejs/node/pull/50803) - \[[`f0da591812`](https://togithub.com/nodejs/node/commit/f0da591812)] - **deps**: update zlib to 1.2.13.1-motley-dfc48fc (Node.js GitHub Bot) [#50456](https://togithub.com/nodejs/node/pull/50456) - \[[`16d28a883a`](https://togithub.com/nodejs/node/commit/16d28a883a)] - **deps**: update base64 to 0.5.2 (Node.js GitHub Bot) [#51455](https://togithub.com/nodejs/node/pull/51455) - \[[`13a9e81cb6`](https://togithub.com/nodejs/node/commit/13a9e81cb6)] - **deps**: update base64 to 0.5.1 (Node.js GitHub Bot) [#50629](https://togithub.com/nodejs/node/pull/50629) - \[[`b4502d3ac5`](https://togithub.com/nodejs/node/commit/b4502d3ac5)] - **deps**: update simdutf to 4.0.8 (Node.js GitHub Bot) [#51000](https://togithub.com/nodejs/node/pull/51000) - \[[`183cf8a74a`](https://togithub.com/nodejs/node/commit/183cf8a74a)] - **deps**: update simdutf to 4.0.4 (Node.js GitHub Bot) [#50772](https://togithub.com/nodejs/node/pull/50772) - \[[`11ba8593ea`](https://togithub.com/nodejs/node/commit/11ba8593ea)] - **deps**: update ada to 2.7.6 (Node.js GitHub Bot) [#51542](https://togithub.com/nodejs/node/pull/51542) - \[[`73a946d55c`](https://togithub.com/nodejs/node/commit/73a946d55c)] - **deps**: update ada to 2.7.5 (Node.js GitHub Bot) [#51542](https://togithub.com/nodejs/node/pull/51542) - \[[`cc434c1a39`](https://togithub.com/nodejs/node/commit/cc434c1a39)] - **deps**: update ada to 2.7.4 (Node.js GitHub Bot) [#50815](https://togithub.com/nodejs/node/pull/50815) - \[[`3a3808a6ae`](https://togithub.com/nodejs/node/commit/3a3808a6ae)] - **deps**: upgrade npm to 10.5.0 (npm team) [#51913](https://togithub.com/nodejs/node/pull/51913) - \[[`c8876d765c`](https://togithub.com/nodejs/node/commit/c8876d765c)] - **deps**: upgrade npm to 10.3.0 (npm team) [#51431](https://togithub.com/nodejs/node/pull/51431) - \[[`5aec3af460`](https://togithub.com/nodejs/node/commit/5aec3af460)] - **deps**: update corepack to 0.25.2 (Node.js GitHub Bot) [#51810](https://togithub.com/nodejs/node/pull/51810) - \[[`a593985326`](https://togithub.com/nodejs/node/commit/a593985326)] - **deps**: update corepack to 0.24.1 (Node.js GitHub Bot) [#51459](https://togithub.com/nodejs/node/pull/51459) - \[[`d1a9237bf5`](https://togithub.com/nodejs/node/commit/d1a9237bf5)] - **deps**: update corepack to 0.24.0 (Node.js GitHub Bot) [#51318](https://togithub.com/nodejs/node/pull/51318) - \[[`adac0c7a63`](https://togithub.com/nodejs/node/commit/adac0c7a63)] - **deps**: update corepack to 0.23.0 (Node.js GitHub Bot) [#50563](https://togithub.com/nodejs/node/pull/50563) - \[[`4a6f83e32a`](https://togithub.com/nodejs/node/commit/4a6f83e32a)] - **deps**: escape Python strings correctly (Michaël Zasso) [#50695](https://togithub.com/nodejs/node/pull/50695) - \[[`c13969e52a`](https://togithub.com/nodejs/node/commit/c13969e52a)] - **deps**: V8: cherry-pick [`ea996ad`](https://togithub.com/nodejs/node/commit/ea996ad04a68) (Nicolò Ribaudo) [#51136](https://togithub.com/nodejs/node/pull/51136) - \[[`6fbf0ba5c3`](https://togithub.com/nodejs/node/commit/6fbf0ba5c3)] - **deps**: V8: cherry-pick [`a0fd320`](https://togithub.com/nodejs/node/commit/a0fd3209dda8) (Nicolò Ribaudo) [#51136](https://togithub.com/nodejs/node/pull/51136) - \[[`68fd7516e1`](https://togithub.com/nodejs/node/commit/68fd7516e1)] - **deps**: update timezone to 2024a (Michaël Zasso) [#51723](https://togithub.com/nodejs/node/pull/51723) - \[[`f9b229ebe1`](https://togithub.com/nodejs/node/commit/f9b229ebe1)] - **deps**: update icu to 74.2 (Michaël Zasso) [#51723](https://togithub.com/nodejs/node/pull/51723) - \[[`90c73d2eb4`](https://togithub.com/nodejs/node/commit/90c73d2eb4)] - **deps**: update timezone to 2023d (Node.js GitHub Bot) [#51461](https://togithub.com/nodejs/node/pull/51461) - \[[`2a2bf57028`](https://togithub.com/nodejs/node/commit/2a2bf57028)] - **deps**: update icu to 74.1 (Node.js GitHub Bot) [#50515](https://togithub.com/nodejs/node/pull/50515) - \[[`425e011e52`](https://togithub.com/nodejs/node/commit/425e011e52)] - **deps**: add v8::Object::SetInternalFieldForNodeCore() (Joyee Cheung) [#49874](https://togithub.com/nodejs/node/pull/49874) - \[[`58c70344a2`](https://togithub.com/nodejs/node/commit/58c70344a2)] - **deps**: V8: cherry-pick [`705e374`](https://togithub.com/nodejs/node/commit/705e374124ae) (Joyee Cheung) [#51004](https://togithub.com/nodejs/node/pull/51004) - \[[`b0e88899e1`](https://togithub.com/nodejs/node/commit/b0e88899e1)] - **deps**: V8: cherry-pick [`1fada6b`](https://togithub.com/nodejs/node/commit/1fada6b36f8d) (Joyee Cheung) [#51004](https://togithub.com/nodejs/node/pull/51004) - \[[`d87a810b81`](https://togithub.com/nodejs/node/commit/d87a810b81)] - **deps**: V8: cherry-pick [`3dd9576`](https://togithub.com/nodejs/node/commit/3dd9576ce336) (Joyee Cheung) [#51004](https://togithub.com/nodejs/node/pull/51004) - \[[`6d50966876`](https://togithub.com/nodejs/node/commit/6d50966876)] - **deps**: V8: cherry-pick [`94e8282`](https://togithub.com/nodejs/node/commit/94e8282325a1) (Joyee Cheung) [#51004](https://togithub.com/nodejs/node/pull/51004) - \[[`fafbacdfec`](https://togithub.com/nodejs/node/commit/fafbacdfec)] - **deps**: V8: cherry-pick [`9a98f96`](https://togithub.com/nodejs/node/commit/9a98f96b6d68) (Joyee Cheung) [#51004](https://togithub.com/nodejs/node/pull/51004) - \[[`d4a530ed8d`](https://togithub.com/nodejs/node/commit/d4a530ed8d)] - **deps**: V8: cherry-pick [`7f5daed`](https://togithub.com/nodejs/node/commit/7f5daed62d47) (Joyee Cheung) [#51004](https://togithub.com/nodejs/node/pull/51004) - \[[`1ce901b164`](https://togithub.com/nodejs/node/commit/1ce901b164)] - **deps**: V8: cherry-pick [`c400af4`](https://togithub.com/nodejs/node/commit/c400af48b5ef) (Joyee Cheung) [#51004](https://togithub.com/nodejs/node/pull/51004) - \[[`f232064f35`](https://togithub.com/nodejs/node/commit/f232064f35)] - **doc**: fix historical experimental fetch flag (Kenrick) [#51506](https://togithub.com/nodejs/node/pull/51506) - \[[`194ff6a40f`](https://togithub.com/nodejs/node/commit/194ff6a40f)] - **(SEMVER-MINOR)** **doc**: add deprecation notice to `dirent.path` (Antoine du Hamel) [#50976](https://togithub.com/nodejs/node/pull/50976) - \[[`0f09267dc6`](https://togithub.com/nodejs/node/commit/0f09267dc6)] - **(SEMVER-MINOR)** **doc**: deprecate `dirent.path` (Antoine du Hamel) [#50976](https://togithub.com/nodejs/node/pull/50976) - \[[`8bfb8f5b2f`](https://togithub.com/nodejs/node/commit/8bfb8f5b2f)] - **doc,crypto**: further clarify RSA_PKCS1\_PADDING support (Tobias Nießen) [#51799](https://togithub.com/nodejs/node/pull/51799) - \[[`c7baf7b274`](https://togithub.com/nodejs/node/commit/c7baf7b274)] - **doc,crypto**: add changelog and note about disabled RSA_PKCS1\_PADDING (Filip Skokan) [#51782](https://togithub.com/nodejs/node/pull/51782) - \[[`a193be3dc2`](https://togithub.com/nodejs/node/commit/a193be3dc2)] - **esm**: use import attributes instead of import assertions (Antoine du Hamel) [#50140](https://togithub.com/nodejs/node/pull/50140) - \[[`26e8f7793e`](https://togithub.com/nodejs/node/commit/26e8f7793e)] - **(SEMVER-MINOR)** **fs**: introduce `dirent.parentPath` (Antoine du Hamel) [#50976](https://togithub.com/nodejs/node/pull/50976) - \[[`5b5e5192f7`](https://togithub.com/nodejs/node/commit/5b5e5192f7)] - **lib**: fix compileFunction throws range error for negative numbers (Jithil P Ponnan) [#49855](https://togithub.com/nodejs/node/pull/49855) - \[[`7552de6806`](https://togithub.com/nodejs/node/commit/7552de6806)] - **module**: fix the leak in SourceTextModule and ContextifySript (Joyee Cheung) [#48510](https://togithub.com/nodejs/node/pull/48510) - \[[`2e05cf1c60`](https://togithub.com/nodejs/node/commit/2e05cf1c60)] - **module**: fix leak of vm.SyntheticModule (Joyee Cheung) [#48510](https://togithub.com/nodejs/node/pull/48510) - \[[`a86a2e14a3`](https://togithub.com/nodejs/node/commit/a86a2e14a3)] - **module**: use symbol in WeakMap to manage host defined options (Joyee Cheung) [#48510](https://togithub.com/nodejs/node/pull/48510) - \[[`32906ddcac`](https://togithub.com/nodejs/node/commit/32906ddcac)] - **node-api**: segregate nogc APIs from rest via type system (Gabriel Schulhof) [#50060](https://togithub.com/nodejs/node/pull/50060) - \[[`1aa71c26ff`](https://togithub.com/nodejs/node/commit/1aa71c26ff)] - **node-api**: factor out common code into macros (Gabriel Schulhof) [#50664](https://togithub.com/nodejs/node/pull/50664) - \[[`3d0b233f52`](https://togithub.com/nodejs/node/commit/3d0b233f52)] - **node-api**: introduce experimental feature flags (Gabriel Schulhof) [#50991](https://togithub.com/nodejs/node/pull/50991) - \[[`96514a8b9f`](https://togithub.com/nodejs/node/commit/96514a8b9f)] - **src**: iterate on import attributes array correctly (Michaël Zasso) [#50703](https://togithub.com/nodejs/node/pull/50703) - \[[`2c2892bf88`](https://togithub.com/nodejs/node/commit/2c2892bf88)] - **src**: set ModuleWrap internal fields only once (Joyee Cheung) [#49391](https://togithub.com/nodejs/node/pull/49391) - \[[`ff334cb774`](https://togithub.com/nodejs/node/commit/ff334cb774)] - **src**: cast v8::Object::GetInternalField() return value to v8::Value (Joyee Cheung) [#48943](https://togithub.com/nodejs/node/pull/48943) - \[[`270b519971`](https://togithub.com/nodejs/node/commit/270b519971)] - **stream**: do not defer construction by one microtick (Matteo Collina) [#52005](https://togithub.com/nodejs/node/pull/52005) - \[[`95d7a75084`](https://togithub.com/nodejs/node/commit/95d7a75084)] - **test**: fix dns test case failures after c-ares update to 1.21.0+ (Brad House) [#50743](https://togithub.com/nodejs/node/pull/50743) - \[[`cd613e5167`](https://togithub.com/nodejs/node/commit/cd613e5167)] - **test**: handle relative https redirect (Richard Lau) [#51121](https://togithub.com/nodejs/node/pull/51121) - \[[`40f10eafcf`](https://togithub.com/nodejs/node/commit/40f10eafcf)] - **test**: fix `internet/test-inspector-help-page` (Richard Lau) [#51693](https://togithub.com/nodejs/node/pull/51693) - \[[`5e426511b1`](https://togithub.com/nodejs/node/commit/5e426511b1)] - **test**: deflake test-vm-contextified-script-leak (Joyee Cheung) [#49710](https://togithub.com/nodejs/node/pull/49710) - \[[`0b156c6d28`](https://togithub.com/nodejs/node/commit/0b156c6d28)] - **test**: use checkIfCollectable in vm leak tests (Joyee Cheung) [#49671](https://togithub.com/nodejs/node/pull/49671) - \[[`1586c11b3c`](https://togithub.com/nodejs/node/commit/1586c11b3c)] - **test**: add checkIfCollectable to test/common/gc.js (Joyee Cheung) [#49671](https://togithub.com/nodejs/node/pull/49671) - \[[`902d8b3d4b`](https://togithub.com/nodejs/node/commit/902d8b3d4b)] - **test**: fix flaky http-chunk-extensions-limit test (Ethan Arrowood) [#51943](https://togithub.com/nodejs/node/pull/51943) - \[[`1743d2bdc1`](https://togithub.com/nodejs/node/commit/1743d2bdc1)] - **test**: test surrogate pair filenames on windows (Mert Can Altın) [#51800](https://togithub.com/nodejs/node/pull/51800) - \[[`1c1a7ec22d`](https://togithub.com/nodejs/node/commit/1c1a7ec22d)] - **test**: increase platform timeout zlib-brotli-16gb (Rafael Gonzaga) [#51792](https://togithub.com/nodejs/node/pull/51792) - \[[`931d02fe3e`](https://togithub.com/nodejs/node/commit/931d02fe3e)] - **test, v8**: fix wrong import attributes test (Nicolò Ribaudo) [#52184](https://togithub.com/nodejs/node/pull/52184) - \[[`d9ea6c1f8d`](https://togithub.com/nodejs/node/commit/d9ea6c1f8d)] - **tls**: fix order of setting cipher before setting cert and key (Kumar Rishav) [#50186](https://togithub.com/nodejs/node/pull/50186) - \[[`3184befa2e`](https://togithub.com/nodejs/node/commit/3184befa2e)] - **tools**: fix update-icu.sh (Michaël Zasso) [#51723](https://togithub.com/nodejs/node/pull/51723) - \[[`06646e11be`](https://togithub.com/nodejs/node/commit/06646e11be)] - **(SEMVER-MINOR)** **vm**: use import attributes instead of import assertions (Antoine du Hamel) [#50141](https://togithub.com/nodejs/node/pull/50141) - \[[`fe66e9d06e`](https://togithub.com/nodejs/node/commit/fe66e9d06e)] - **vm**: reject in importModuleDynamically without --experimental-vm-modules (Joyee Cheung) [#50137](https://togithub.com/nodejs/node/pull/50137) - \[[`052e095c6b`](https://togithub.com/nodejs/node/commit/052e095c6b)] - **vm**: use internal versions of compileFunction and Script (Joyee Cheung) [#50137](https://togithub.com/nodejs/node/pull/50137) - \[[`9f7899ed0a`](https://togithub.com/nodejs/node/commit/9f7899ed0a)] - **vm**: unify host-defined option generation in vm.compileFunction (Joyee Cheung) [#50137](https://togithub.com/nodejs/node/pull/50137) - \[[`6291c107d0`](https://togithub.com/nodejs/node/commit/6291c107d0)] - **vm**: use default HDO when importModuleDynamically is not set (Joyee Cheung) [#49950](https://togithub.com/nodejs/node/pull/49950) ### [`v18.19.1`](https://togithub.com/nodejs/node/releases/tag/v18.19.1): 2024-02-14, Version 18.19.1 'Hydrogen' (LTS), @RafaelGSS prepared by @marco-ippolito [Compare Source](https://togithub.com/nodejs/node/compare/v18.19.0...v18.19.1) ##### Notable changes This is a security release. ##### Notable changes - CVE-2024-21892 - Code injection and privilege escalation through Linux capabilities- (High) - CVE-2024-22019 - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High) - CVE-2023-46809 - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against [PKCS#1](https://togithub.com/PKCS/node/issues/1) v1.5 padding) - (Medium) - CVE-2024-22025 - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium) - undici version 5.28.3 - npm version 10.2.4 ##### Commits - \[[`69e0a1dba8`](https://togithub.com/nodejs/node/commit/69e0a1dba8)] - **crypto**: update root certificates to NSS 3.95 (Node.js GitHub Bot) [#50805](https://togithub.com/nodejs/node/pull/50805) - \[[`d3d357ab09`](https://togithub.com/nodejs/node/commit/d3d357ab09)] - **crypto**: disable [PKCS#1](https://togithub.com/PKCS/node/issues/1) padding for privateDecrypt (Michael Dawson) [nodejs-private/node-private#525](https://togithub.com/nodejs-private/node-private/pull/525) - \[[`3d27175c42`](https://togithub.com/nodejs/node/commit/3d27175c42)] - **deps**: fix GHSA-f74f-cvh7-c6q6/CVE-2024-24806 (Santiago Gimeno) [#51614](https://togithub.com/nodejs/node/pull/51614) - \[[`331558b8ab`](https://togithub.com/nodejs/node/commit/331558b8ab)] - **deps**: update archs files for openssl-3.0.13+quic1 (Node.js GitHub Bot) [#51614](https://togithub.com/nodejs/node/pull/51614) - \[[`99b77dfb9c`](https://togithub.com/nodejs/node/commit/99b77dfb9c)] - **deps**: upgrade openssl sources to quictls/openssl-3.0.13+quic1 (Node.js GitHub Bot) [#51614](https://togithub.com/nodejs/node/pull/51614) - \[[`6cdc71bff1`](https://togithub.com/nodejs/node/commit/6cdc71bff1)] - **deps**: upgrade npm to 10.2.4 (npm team) [#50751](https://togithub.com/nodejs/node/pull/50751) - \[[`911cb33cda`](https://togithub.com/nodejs/node/commit/911cb33cda)] - **http**: add maximum chunk extension size (Paolo Insogna) [nodejs-private/node-private#520](https://togithub.com/nodejs-private/node-private/pull/520) - \[[`f48b89689d`](https://togithub.com/nodejs/node/commit/f48b89689d)] - **lib**: update undici to v5.28.3 (Matteo Collina) [nodejs-private/node-private#536](https://togithub.com/nodejs-private/node-private/pull/536) - \[[`e6b4c105e0`](https://togithub.com/nodejs/node/commit/e6b4c105e0)] - **src**: fix HasOnly(capability) in node::credentials (Tobias Nießen) [nodejs-private/node-private#505](https://togithub.com/nodejs-private/node-private/pull/505) - \[[`97c49076cd`](https://togithub.com/nodejs/node/commit/97c49076cd)] - **test**: skip test-child-process-stdio-reuse-readable-stdio on Windows (Joyee Cheung) [#49621](https://togithub.com/nodejs/node/pull/49621) - \[[`60affdde8e`](https://togithub.com/nodejs/node/commit/60affdde8e)] - **tools**: add macOS notarization verification step (Ulises Gascón) [#50833](https://togithub.com/nodejs/node/pull/50833) - \[[`ccc676a327`](https://togithub.com/nodejs/node/commit/ccc676a327)] - **tools**: use macOS keychain to notarize the releases (Ulises Gascón) [#50715](https://togithub.com/nodejs/node/pull/50715) - \[[`31f1ceb380`](https://togithub.com/nodejs/node/commit/31f1ceb380)] - **tools**: remove unused file (Ulises Gascon) [#50622](https://togithub.com/nodejs/node/pull/50622) - \[[`bd5f6fb92a`](https://togithub.com/nodejs/node/commit/bd5f6fb92a)] - **tools**: add macOS notarization stapler (Ulises Gascón) [#50625](https://togithub.com/nodejs/node/pull/50625) - \[[`4168c4f71b`](https://togithub.com/nodejs/node/commit/4168c4f71b)] - **tools**: improve macOS notarization process output readability (Ulises Gascón) [#50389](https://togithub.com/nodejs/node/pull/50389) - \[[`4622f775aa`](https://togithub.com/nodejs/node/commit/4622f775aa)] - **tools**: remove unused `version` function (Ulises Gascón) [#50390](https://togithub.com/nodejs/node/pull/50390) - \[[`b90804b1e7`](https://togithub.com/nodejs/node/commit/b90804b1e7)] - **win,tools**: upgrade Windows signing to smctl (Stefan Stojanovic) [#50956](https://togithub.com/nodejs/node/pull/50956) - \[[`f31d47e135`](https://togithub.com/nodejs/node/commit/f31d47e135)] - **zlib**: pause stream if outgoing buffer is full (Matteo Collina) [nodejs-private/node-private#542](https://togithub.com/nodejs-private/node-private/pull/542)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

lyft / clutch

housekeeping: Update node Docker tag to v18.20.3 #3091

Release Notes

Configuration

Renovate Ignore Notification