Skip to content

chore(deps): update node docker tag to v16.13.1

FW Serviceworker requested to merge dependencies/node-16.x into main

This MR contains the following updates:

Package Type Update Change
node final minor 16.9.1-alpine3.13 -> 16.13.1-alpine3.13

Release Notes

nodejs/node

v16.13.1

Compare Source

Notable Changes
  • [c14eb2325d] - deps: upgrade npm to 8.1.2 (npm team) #​40643
  • [a901b6c53c] - deps: update c-ares to 1.18.1 (Richard Lau) #​40660
    • This release contains a c-ares update to fix a regression introduced in Node.js v16.6.2 resolving CNAME records containing underscores (#​39780).
  • [755c08573f] - doc: add VoltrexMaster to collaborators (voltrexmaster) #​40566
  • [881dd7ba2a] - lib: fix regular expression to detect `/` and `\` (Francesco Trotta) #​40325
Commits

v16.13.0

Compare Source

Notable Changes

This release marks the transition of Node.js 16.x into Long Term Support (LTS) with the codename 'Gallium'. The 16.x release line now moves into "Active LTS" and will remain so until October 2022. After that time, it will move into "Maintenance" until end of life in April 2024.

v16.12.0

Compare Source

Notable Changes
Experimental ESM Loader Hooks API

Node.js ESM Loader hooks have been consolidated to represent the steps involved needed to facilitate future loader chaining:

  1. resolve: resolve [+ getFormat]
  2. load: getFormat + getSource + transformSource

For consistency, getGlobalPreloadCode has been renamed to globalPreload.

A loader exporting obsolete hook(s) will trigger a single deprecation warning (per loader) listing the errant hooks.

Contributed by Jacob Smith, Geoffrey Booth, and Bradley Farias - https://github.com/nodejs/node/pull/37468

Other Notable Changes
Commits

v16.11.1

Compare Source

This is a security release.

Notable changes
  • CVE-2021-22959: HTTP Request Smuggling due to spaced in headers (Medium)
    • The http parser accepts requests with a space (SP) right after the header name before the colon. This can lead to HTTP Request Smuggling (HRS). More details will be available at CVE-2021-22959 after publication.
  • CVE-2021-22960: HTTP Request Smuggling when parsing the body (Medium)
    • The parse ignores chunk extensions when parsing the body of chunked requests. This leads to HTTP Request Smuggling (HRS) under certain conditions. More details will be available at CVE-2021-22960 after publication.
Commits

v16.11.0

Compare Source

Notable Changes
  • crypto
    • update root certificates (Richard Lau) #​40280
  • deps
    • upgrade npm to 8.0.0 (npm team) #​40369
    • update nghttp2 to v1.45.1 (thunder-coding) #​40206
    • update V8 to 9.4.146.19 (Michaël Zasso) #​40285
  • tools
    • update certdata.txt (Richard Lau) #​40280
Commits

v16.10.0

Compare Source

Notable Changes
  • [fb226ff2ee] - (SEMVER-MINOR) crypto: add rsa-pss keygen parameters (Filip Skokan) #​39927
  • [85206b7311] - deps: upgrade npm to 7.24.0 (npm team) #​40167
  • [98f56d179c] - deps: update Acorn to v8.5.0 (Michaël Zasso) #​40015
  • [9655329772] - doc: add Ayase-252 to collaborators (Qingyu Deng) #​40078
  • [59fff925be] - (SEMVER-MINOR) fs: make open and close stream override optional when unused (Antoine du Hamel) #​40013
  • [a63a4bce90] - (SEMVER-MINOR) http: limit requests per connection (Artur K) #​40082
    • The maximum number of requests a socket can handle before closing keep alive connection can be set with server.maxRequestsPerSocket.
  • [9a672961fa] - (SEMVER-MINOR) src: add --no-global-search-paths cli option (Cheng Zhao) #​39754
    • Adds the --no-global-search-paths command-line option to not search modules from global paths like $HOME/.node_modules and $NODE_PATH.
  • [fe920b6cbf] - (SEMVER-MINOR) src: make napi_create_reference accept symbol (JckXia) #​39926
  • [97f3072ceb] - (SEMVER-MINOR) stream: add signal support to pipeline generators (Robert Nagy) #​39067
Commits

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.


  • If you want to rebase/retry this MR, check this box.
Edited by FW Serviceworker

Merge request reports

Loading