{"update": {"autokarma": true, "autotime": true, "stable_karma": 2, "stable_days": 7, "unstable_karma": -1, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "## 2022-02-08, Version 16.14.0 'Gallium' (LTS), @danielleadams\n\n### Notable changes\n\n#### Importing JSON modules now requires experimental import assertions syntax\n\nThis release adds experimental support for the import assertions stage 3 proposal.\n\nTo keep Node.js ESM implementation as compatible as possible with the HTML spec, import assertions are now required to import JSON modules (still behind the `--experimental-json-modules` CLI flag):\n\n```mjs\nimport info from './package.json' assert { type: 'json' };\n```\n\nOr use dynamic import:\n\n```mjs\nconst info = await import('./package.json', { assert: { type: 'json' } });\n```\n\nContributed by Antoine du Hamel and Geoffrey Booth [#40250](https://github.com/nodejs/node/pull/40250)\n\n#### Other notable changes\n\n* **async\\_hooks**:\n  * **(SEMVER-MINOR)** expose async\\_wrap providers (Rafael Gonzaga) [#40760](https://github.com/nodejs/node/pull/40760)\n* **child\\_process**:\n  * **(SEMVER-MINOR)** add support for URL to `cp.fork` (Antoine du Hamel) [#41225](https://github.com/nodejs/node/pull/41225)\n* **doc**:\n  * add @Mesteery to collaborators (Mestery) [#41543](https://github.com/nodejs/node/pull/41543)\n  * add @bnb as a collaborator (Tierney Cyren) [#41100](https://github.com/nodejs/node/pull/41100)\n* **esm**:\n  * **(SEMVER-MINOR)** graduate capturerejections to supported (James M Snell) [#41267](https://github.com/nodejs/node/pull/41267)\n  * **(SEMVER-MINOR)** add EventEmitterAsyncResource to core (James M Snell) [#41246](https://github.com/nodejs/node/pull/41246)\n* **events**:\n  * **(SEMVER-MINOR)** propagate weak option for kNewListener (James M Snell) [#40899](https://github.com/nodejs/node/pull/40899)\n* **fs**:\n  * **(SEMVER-MINOR)** accept URL as argument for `fs.rm` and `fs.rmSync` (Antoine du Hamel) [#41132](https://github.com/nodejs/node/pull/41132)\n* **lib**:\n  * **(SEMVER-MINOR)** make AbortSignal cloneable/transferable (James M Snell) [#41050](https://github.com/nodejs/node/pull/41050)\n  * **(SEMVER-MINOR)** add AbortSignal.timeout (James M Snell) [#40899](https://github.com/nodejs/node/pull/40899)\n  * **(SEMVER-MINOR)** add reason to AbortSignal (James M Snell) [#40807](https://github.com/nodejs/node/pull/40807)\n  * **(SEMVER-MINOR)** add unsubscribe method to non-active DC channels (simon-id) [#40433](https://github.com/nodejs/node/pull/40433)\n  * **(SEMVER-MINOR)** add return value for DC channel.unsubscribe (simon-id) [#40433](https://github.com/nodejs/node/pull/40433)\n* **loader**:\n  * **(SEMVER-MINOR)** return package format from defaultResolve if known (Gabriel Bota) [#40980](https://github.com/nodejs/node/pull/40980)\n* **perf\\_hooks**:\n  * **(SEMVER-MINOR)** multiple fixes for Histogram (James M Snell) [#41153](https://github.com/nodejs/node/pull/41153)\n* **process**:\n  * **(SEMVER-MINOR)** add `getActiveResourcesInfo()` (Darshan Sen) [#40813](https://github.com/nodejs/node/pull/40813)\n* **src**:\n  * **(SEMVER-MINOR)** add x509.fingerprint512 to crypto module (3nprob) [#39809](https://github.com/nodejs/node/pull/39809)\n  * **(SEMVER-MINOR)** add flags for controlling process behavior (Cheng Zhao) [#40339](https://github.com/nodejs/node/pull/40339)\n* **stream**:\n  * **(SEMVER-MINOR)** add filter method to readable (Benjamin Gruenbaum) [#41354](https://github.com/nodejs/node/pull/41354)\n  * **(SEMVER-MINOR)** add isReadable helper (Robert Nagy) [#41199](https://github.com/nodejs/node/pull/41199)\n  * **(SEMVER-MINOR)** add map method to Readable (Benjamin Gruenbaum) [#40815](https://github.com/nodejs/node/pull/40815)\n  * deprecate thenable support (Antoine du Hamel) [#40860](https://github.com/nodejs/node/pull/40860)\n* **util**:\n  * **(SEMVER-MINOR)** pass through the inspect function to custom inspect functions (Ruben Bridgewater) [#41019](https://github.com/nodejs/node/pull/41019)\n  * **(SEMVER-MINOR)** add numericSeparator to util.inspect (Ruben Bridgewater) [#41003](https://github.com/nodejs/node/pull/41003)\n  * **(SEMVER-MINOR)** always visualize cause property in errors during inspection (Ruben Bridgewater) [#41002](https://github.com/nodejs/node/pull/41002)\n* **timers**:\n  * **(SEMVER-MINOR)** add experimental scheduler api (James M Snell) [#40909](https://github.com/nodejs/node/pull/40909)\n* **v8**:\n  * **(SEMVER-MINOR)** multi-tenant promise hook api (Stephen Belanger) [#39283](https://github.com/nodejs/node/pull/39283)\n\n\n----\n\nFix for CVE-2021-43616", "type": "security", "status": "stable", "request": null, "severity": "low", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2022-02-10 14:39:20", "date_modified": null, "date_approved": null, "date_testing": "2022-02-11 02:13:50", "date_stable": "2022-02-19 01:30:44", "alias": "FEDORA-2022-97b214b298", "test_gating_status": "ignored", "from_tag": null, "date_pushed": "2022-02-19 01:30:44", "meets_testing_requirements": true, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2022-97b214b298", "title": "nodejs-16.14.0-2.fc35", "version_hash": "1006e33f3329917b7c95b2bcb7cc86065494c9ef", "release": {"name": "F35", "long_name": "Fedora 35", "version": "35", "id_prefix": "FEDORA", "branch": "f35", "dist_tag": "f35", "stable_tag": "f35-updates", "testing_tag": "f35-updates-testing", "candidate_tag": "f35-updates-candidate", "pending_signing_tag": "f35-signing-pending", "pending_testing_tag": "f35-updates-testing-pending", "pending_stable_tag": "f35-updates-pending", "override_tag": "f35-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "sgallagh", "email": "sgallagh@redhat.com", "id": 535, "avatar": "https://seccdn.libravatar.org/avatar/bf298fff6edef11d0f53e6bd1fb1e649c131b75ad7200ab134883e8603591405?s=24&d=retro", "openid": "sgallagh.id.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "packager"}, {"name": "nodejs-sig"}, {"name": "eln-sig"}, {"name": "gitding-libs"}, {"name": "gitroller-derby"}, {"name": "communishift"}, {"name": "sysadmin-noc"}, {"name": "gitnodejs-packaging"}, {"name": "fedorabugs"}, {"name": "signed_fpca"}, {"name": "gitspin-kickstarts"}, {"name": "fesco"}, {"name": "epel-cabal"}, {"name": "gitsssd"}, {"name": "sysadmin"}, {"name": "modularity-wg"}, {"name": "cockpit-jenkins"}, {"name": "gitcura"}, {"name": "gitrolekit"}, {"name": "ipausers"}, {"name": "gitelapi"}, {"name": "cockpitteam"}, {"name": "server-wg"}, {"name": "fedora-contributor"}, {"name": "summer-coding"}, {"name": "bind-dyndb-ldap"}, {"name": "sysadmin-odcs"}, {"name": "gitlab-fedora-admin"}, {"name": "sysadmin-eln"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by sgallagh. ", "timestamp": "2022-02-10 14:39:21", "update_id": 378573, "user_id": 91, "id": 2402862, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2022-02-10 14:39:21", "update_id": 378573, "user_id": 91, "id": 2402863, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has obsoleted [nodejs-16.13.2-8.fc35](https://bodhi.fedoraproject.org/updates/FEDORA-2022-0c0c487184), and has inherited its bugs and notes.", "timestamp": "2022-02-10 14:39:24", "update_id": 378573, "user_id": 91, "id": 2402871, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2022-02-11 02:14:49", "update_id": 378573, "user_id": 91, "id": 2403690, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2022-02-11 03:12:45", "update_id": 378573, "user_id": 5881, "id": 2403874, "bug_feedback": [{"karma": 0, "comment_id": 2403874, "bug_id": 2050282, "bug": {"bug_id": 2050282, "title": "CVE-2021-43616 npm: npm ci succeeds when package-lock.json doesn't match package.json", "security": true, "parent": true}}, {"karma": 0, "comment_id": 2403874, "bug_id": 2050284, "bug": {"bug_id": 2050284, "title": "CVE-2021-43616 nodejs: npm: npm ci succeeds when package-lock.json doesn't match package.json [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 2403874, "bug_id": 2050285, "bug": {"bug_id": 2050285, "title": "CVE-2021-43616 nodejs: npm: npm ci succeeds when package-lock.json doesn't match package.json [epel-7]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by bodhi. ", "timestamp": "2022-02-18 02:16:39", "update_id": 378573, "user_id": 91, "id": 2414800, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2022-02-19 01:31:53", "update_id": 378573, "user_id": 91, "id": 2415570, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "nodejs-16.14.0-2.fc35", "signed": true, "release_id": 51, "type": "rpm", "epoch": 1}], "bugs": [{"bug_id": 2050282, "title": "CVE-2021-43616 npm: npm ci succeeds when package-lock.json doesn't match package.json", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 2403874, "bug_id": 2050282, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2022-02-11 03:12:45", "update_id": 378573, "user_id": 5881, "id": 2403874, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}]}, {"bug_id": 2050284, "title": "CVE-2021-43616 nodejs: npm: npm ci succeeds when package-lock.json doesn't match package.json [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 2403874, "bug_id": 2050284, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2022-02-11 03:12:45", "update_id": 378573, "user_id": 5881, "id": 2403874, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}]}, {"bug_id": 2050285, "title": "CVE-2021-43616 nodejs: npm: npm ci succeeds when package-lock.json doesn't match package.json [epel-7]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 2403874, "bug_id": 2050285, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2022-02-11 03:12:45", "update_id": 378573, "user_id": 5881, "id": 2403874, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}]}], "updateid": "FEDORA-2022-97b214b298", "karma": 1, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}