The current list of modules (line 2630) is outdated and somewhat insecure. This change allows builtin node modules to be imported without issue
Information
The list of allowed modules was incomplete (missing assert module for example). The current best practice is to load built-in modules via require("node:...."), to avoid the hijacking of packages through NPM or other repository.
Therefore this change was made to allow importing of all built-in modules.
TL;DR
The current list of
modules
(line 2630) is outdated and somewhat insecure. This change allows builtin node modules to be imported without issueInformation
The list of allowed modules was incomplete (missing
assert
module for example). The current best practice is to load built-in modules viarequire("node:....")
, to avoid the hijacking of packages through NPM or other repository.Therefore this change was made to allow importing of all built-in modules.