Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: v0.10.16-relea…
Commits on Aug 16, 2013
  1. @isaacs

    2013.08.16, Version 0.10.16 (Stable)

    isaacs authored
    * v8: back-port fix for CVE-2013-2882
    
    * npm: Upgrade to 1.3.8
    
    * crypto: fix assert() on malformed hex input (Ben Noordhuis)
    
    * crypto: fix memory leak in randomBytes() error path (Ben Noordhuis)
    
    * events: fix memory leak, don't leak event names (Ben Noordhuis)
    
    * http: Handle hex/base64 encodings properly (isaacs)
    
    * http: improve chunked res.write(buf) performance (Ben Noordhuis)
    
    * stream: Fix double pipe error emit (Eran Hammer)
  2. @isaacs

    npm: Upgrade to 1.3.8

    isaacs authored
  3. @bnoordhuis

    crypto: fix memory leak in randomBytes() error path

    bnoordhuis authored
    This is the conceptual back-port of commit ec54873 from the master
    branch.
Commits on Aug 15, 2013
  1. @isaacs

    http: Handle hex/base64 encodings properly

    isaacs authored
    This is a backport of 6d3d60a for
    v0.10.
Commits on Aug 7, 2013
  1. @tjfontaine

    blog: Post for v0.11.5

    tjfontaine authored
Commits on Aug 6, 2013
  1. @hueniverse @isaacs

    stream: Fix double pipe error emit

    hueniverse authored isaacs committed
    If an error listener is added to a stream using once() before it is
    piped, it is invoked and removed during pipe() but before pipe() sees it
    which causes it to be emitted again.
    
    Fixes #4155 #4978
Commits on Aug 5, 2013
  1. @isaacs
  2. @bnoordhuis

    v8: back-port fix for CVE-2013-2882

    mstarzinger@chromium.org authored bnoordhuis committed
    Quoting the CVE:
    
        Google V8, as used in Google Chrome before 28.0.1500.95, allows
        remote attackers to cause a denial of service or possibly have
        unspecified other impact via vectors that leverage "type confusion."
    
    Likely has zero impact on node.js because it only runs local, trusted
    code but let's apply it anyway.
    
    This is a back-port of upstream commit r15665. Original commit log:
    
        Use internal array as API function cache.
    
        R=yangguo@chromium.org
        BUG=chromium:260106
        TEST=cctest/test-api/Regress260106
    
        Review URL: https://codereview.chromium.org/19159003
    
    Fixes #5973.
  3. @othiym23 @bnoordhuis

    doc: document domain.enter() and domain.exit()

    othiym23 authored bnoordhuis committed
    Adds the documentation requested in #5017.
  4. @sam-github @bnoordhuis

    doc: fs.open, fix flag/mode confusion, etc.

    sam-github authored bnoordhuis committed
    Flags and modes aren't the same, symlinks are followed in all of the
    path but the last component, docs should say something about what the
    mode argument is for and when its used, fs.openSync should point to the
    function that contains the docs for its args, as fs.writeSync does.
Commits on Aug 2, 2013
  1. @isaacs

    npm: Upgrade to 1.3.7

    isaacs authored
Commits on Aug 1, 2013
  1. @bnoordhuis

    test: future-proof simple/test-event-emitter-memory-leak

    bnoordhuis authored
    Run the garbage collector before running the actual test. It doesn't
    matter now but if in the future something in node.js core creates a lot
    of reclaimable garbage, that will break the test's expectation.
  2. @bnoordhuis

    test: fix pummel/test-net-connect-memleak

    bnoordhuis authored
    * Run the garbage collector before creating the big array. It doesn't
      matter now but if in the future something in node.js core creates
      a lot of reclaimable garbage, that will break the test's expectation.
    
    * The first RSS check was being done too late. The garbage collector
      might have run before the check, throwing off the 'reclaimed memory'
      calculation.
    
    * Due to changes in how V8 represents the big array internally, the
      actual memory usage is just below 256 MB on x64. Update the test's
      expectation.
  3. @bnoordhuis

    events: fix memory leak, don't leak event names

    bnoordhuis authored
    Before this commit, events were set to undefined rather than deleted
    from the EventEmitter's backing dictionary for performance reasons:
    `delete obj.key` causes a transition of the dictionary's hidden class
    and that can be costly.
    
    Unfortunately, that introduces a memory leak when many events are added
    and then removed again. The strings containing the event names are never
    reclaimed by the garbage collector because they remain part of the
    dictionary.
    
    That's why this commit makes EventEmitter delete events again. This
    effectively reverts commit 0397223.
    
    Fixes #5970.
Commits on Jul 31, 2013
  1. @bnoordhuis

    http: improve chunked res.write(buf) performance

    bnoordhuis authored
    Avoid a costly buffer-to-string operation. Instead, allocate a new
    buffer, copy the chunk header and data into it and send that.
    
    The speed difference is negligible on small payloads but it really
    shines with larger (10+ kB) chunks. benchmark/http/end-vs-write-end
    with 64 kB chunks gives 45-50% higher throughput. With 1 MB chunks,
    the difference is a staggering 590%.
    
    Of course, YMMV will vary with real workloads and networks but this
    commit should have a positive impact on CPU and memory consumption.
    
    Big kudos to Wyatt Preul (@wpreul) for reporting the issue and providing
    the initial patch.
    
    Fixes #5941 and #5944.
Commits on Jul 30, 2013
  1. @geek @isaacs

    docs: Warning about consuming response

    geek authored isaacs committed
  2. @bnoordhuis

    crypto: fix assert() on malformed hex input

    bnoordhuis authored
    Use the StringBytes::IsValidString() function introduced in commit
    dce26cc to ensure that the input string meets the expectations of the
    other StringBytes functions before processing it further.
    
    Fixes the following assertion:
    
        Assertion failed: (str->Length() % 2 == 0 && "invalid hex string
        length"), function StorageSize, file ../../src/string_bytes.cc,
        line 301.
    
    Fixes #5725.
  3. @bnoordhuis

    string_bytes: add StringBytes::IsValidString()

    bnoordhuis authored
    Performs a quick, non-exhaustive check on the input string to see if
    it's compatible with the specified string encoding.
    
    Curently it only checks that hex strings have a length that is a
    multiple of two.
Commits on Jul 27, 2013
  1. @bnoordhuis
  2. @chilts @bnoordhuis

    doc: add nodejs.geek.nz to the community page

    chilts authored bnoordhuis committed
  3. @rvagg @bnoordhuis

    doc: add nodejs.org.au to community listing

    rvagg authored bnoordhuis committed
Commits on Jul 26, 2013
  1. @tjfontaine

    blog: Post for v0.10.15

    tjfontaine authored
  2. @tjfontaine

    Now working on 0.10.16

    tjfontaine authored
  3. @tjfontaine
Commits on Jul 25, 2013
  1. @bnoordhuis

    test: fix simple/test-setproctitle

    bnoordhuis authored
    The title shouldn't be too long; libuv's uv_set_process_title() out of
    security considerations no longer overwrites envp, only argv, so the
    maximum title length is possibly quite short.
    
    Fixes #5908.
  2. @tjfontaine

    2013.07.25, Version 0.10.15 (Stable)

    tjfontaine authored
    * src: fix process.getuid() return value (Ben Noordhuis)
  3. @bnoordhuis

    src: fix process.getuid() return value

    bnoordhuis authored
    And process.getgid() too.
    
    Commit ed80638 changed fs.chown() and fs.fchown() to only accept
    unsigned integers. Make process.getuid() and process.getgid() follow
    suit.
    
    This commit should unbreak npm on OS X - it's hitting the new 'uid must
    be an unsigned int' check when installing as e.g. user 'nobody' (which
    has an UID of -2 in /etc/passwd or 4294967294 when cast to an uid_t.)
    
    Fixes #5904.
  4. @bnoordhuis
  5. @tjfontaine

    blog: Post for v0.10.14

    tjfontaine authored
  6. @tjfontaine

    Now working on 0.10.15

    tjfontaine authored
  7. @tjfontaine
  8. @tjfontaine

    2013.07.25, Version 0.10.14 (Stable)

    tjfontaine authored
    * uv: Upgrade to v0.10.13
    
    * npm: Upgrade to v1.3.5
    
    * os: Don't report negative times in cpu info (Ben Noordhuis)
    
    * fs: Handle large UID and GID (Ben Noordhuis)
    
    * url: Fix edge-case when protocol is non-lowercase (Shuan Wang)
    
    * doc: Streams API Doc Rewrite (isaacs)
    
    * node: call MakeDomainCallback in all domain cases (Trevor Norris)
    
    * crypto: fix memory leak in LoadPKCS12 (Fedor Indutny)
  9. @tjfontaine

    uv: Upgrade to v0.10.13

    tjfontaine authored
Commits on Jul 24, 2013
  1. @isaacs
  2. @isaacs

    npm: Upgrade to v1.3.5

    isaacs authored
Something went wrong with that request. Please try again.