Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade to Node 12.x #47968

Open
tylersmalley opened this issue Oct 11, 2019 · 7 comments
Open

Upgrade to Node 12.x #47968

tylersmalley opened this issue Oct 11, 2019 · 7 comments

Comments

@tylersmalley
Copy link
Member

@tylersmalley tylersmalley commented Oct 11, 2019

Node 12 is the next LTS release. It contains quite a few changes which will effect our project, including the changes to how heap limits are set. We need to understand the effect this upgrade has on Kibana and work to upgrade.

@elasticmachine

This comment has been minimized.

Copy link
Contributor

@elasticmachine elasticmachine commented Oct 11, 2019

Pinging @elastic/kibana-operations (Team:Operations)

@epixa

This comment has been minimized.

Copy link
Member

@epixa epixa commented Oct 11, 2019

I think there is a strong likelihood that Node 10 will be EOL before we release 9.0, so I think we need to upgrade to Node 12 in both 7.x and 8.0. It would need to block 8.0 unless we were OK with rolling out a major node upgrade in a 7.x patch, which I don't think we should be.

@watson

This comment has been minimized.

Copy link
Member

@watson watson commented Oct 14, 2019

Node.js 12 thoughts from a security perspective:

TL;DR: 👍

OpenSSL

Node.js 12 updates OpenSSL to v1.1.1b (nodejs/node#26327).

TLS

Node.js 12 adds support for TLSv1.3 (nodejs/node#26209).

llhttp

Node.js 12 ships with a brand new HTTP parser called llhttp (nodejs/node#24870).

The old http_parser was a bit of a mess and wasn't spec-compliant and had historically contained a few security bugs. And since nobody wanted to touch it there was a higer-than-normal risk of security-related issues hiding inside it.

You can tell Node.js 12 to keep using the old parser using the command line flag --http-parser=legacy. It would be fun to do a benchmark with and without this to see if the new parser also improved our processing speed.

@watson

This comment has been minimized.

Copy link
Member

@watson watson commented Dec 6, 2019

I think there is a strong likelihood that Node.js 12 will no longer be Active LTS once we release 8.0. So we should consider jumping directly to Node.js 14 if this is targeted for the v8.0 release.

Node.js 14 initial release: 2020-04-21
Node.js 14 Active LTS start: 2020-10-20
Node.js 12 exits Active LTS and enters maintenance mode: 2020-10-21
(Dates are subject to change).

@tylersmalley

This comment has been minimized.

Copy link
Member Author

@tylersmalley tylersmalley commented Jan 6, 2020

Thanks @watson, you're correct. I have created an issue for 14.x here: #54039

@joshdover

This comment has been minimized.

Copy link
Member

@joshdover joshdover commented Jan 22, 2020

So to be clear, we're expecting to use Node 14.x LTS in both 8.0 and 7.10?

@tylersmalley

This comment has been minimized.

Copy link
Member Author

@tylersmalley tylersmalley commented Jan 23, 2020

@joshdover that is correct since 7.10 is a long supported release, assuming 7.10 stays the last minor.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
5 participants
You can’t perform that action at this time.