惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

The Last Watchdog
The Last Watchdog
C
Cyber Attacks, Cyber Crime and Cyber Security
L
LINUX DO - 热门话题
G
GRAHAM CLULEY
S
Schneier on Security
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
S
SegmentFault 最新的问题
IT之家
IT之家
阮一峰的网络日志
阮一峰的网络日志
Recorded Future
Recorded Future
I
Intezer
云风的 BLOG
云风的 BLOG
博客园 - Franky
月光博客
月光博客
大猫的无限游戏
大猫的无限游戏
T
Tenable Blog
The Hacker News
The Hacker News
T
The Blog of Author Tim Ferriss
Attack and Defense Labs
Attack and Defense Labs
D
DataBreaches.Net
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
N
News and Events Feed by Topic
有赞技术团队
有赞技术团队
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
N
News and Events Feed by Topic
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
S
Secure Thoughts
The Register - Security
The Register - Security
B
Blog
Security Archives - TechRepublic
Security Archives - TechRepublic
The Cloudflare Blog
Webroot Blog
Webroot Blog
W
WeLiveSecurity
H
Heimdal Security Blog
博客园 - 三生石上(FineUI控件)
V
Vulnerabilities – Threatpost
G
Google Developers Blog
O
OpenAI News
V
V2EX
罗磊的独立博客
博客园_首页
N
News | PayPal Newsroom
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
TaoSecurity Blog
TaoSecurity Blog
Cloudbric
Cloudbric
H
Hacker News: Front Page
博客园 - 叶小钗
T
Tor Project blog
AI
AI

Node.js Blog

Node.js — Security Bug Bounty Program Paused Due to Loss of Funding Node.js — Node.js 25.9.0 (Current) Node.js — Developing a minimally HashDoS resistant, yet quickly reversible integer hash for V8 Node.js — Node.js 25.8.2 (Current) Node.js — Node.js 24.14.1 (LTS) Node.js — Node.js 22.22.2 (LTS) Node.js — Node.js 20.20.2 (LTS) Node.js — Tuesday, March 24, 2026 Security Releases Node.js — Node.js 25.8.1 (Current) Node.js — Evolving the Node.js Release Schedule Node.js — Node.js 22.22.1 (LTS) Node.js — Node.js 20.20.1 (LTS) Node.js — Node.js 25.8.0 (Current) Node.js — Node.js 25.7.0 (Current) Node.js — Node.js 24.14.0 (LTS) Node.js — New HackerOne Signal Requirement for Vulnerability Reports Node.js — Node.js 25.6.1 (Current) Node.js — Node.js 24.13.1 (LTS) Node.js — Node.js 25.6.0 (Current) Node.js — OpenSSL Security Advisory Assessment, January 2026 Node.js — Node.js 25.5.0 (Current) Node.js — Chalk to Node.js util styleText Node.js — Node.js 25.4.0 (Current) Node.js — Mitigating Denial-of-Service Vulnerability from Unrecoverable Stack Space Exhaustion for React, Next.js, and APM Users Node.js — Node.js 22.22.0 (LTS) Node.js — Node.js 25.3.0 (Current) Node.js — Node.js 24.13.0 (LTS) Node.js — Node.js 20.20.0 (LTS) Node.js — Tuesday, January 13, 2026 Security Releases Node.js — Node.js 24.12.0 (LTS) Node.js — Node.js 20.19.6 (LTS) Node.js — Node.js 25.2.1 (Current) Node.js — Node.js 24.11.1 (LTS) Node.js — Node.js 25.2.0 (Current) Node.js — Node.js 25.1.0 (Current) Node.js — Node.js 22.21.1 (LTS) Node.js — Node.js 24.11.0 (LTS) Node.js — Node.js v22 to v24 Node.js — Node.js v20 to v22 Node.js — Node.js v14 to v16 Node.js — Node.js v12 to v14 Node.js — Node.js 22.21.0 (LTS) Node.js — Node.js 25.0.0 (Current) Node.js — Node.js 24.10.0 (Current) Node.js — Node.js 24.9.0 (Current) Node.js — Node.js 22.20.0 (LTS) Node.js — Node.js 24.8.0 (Current) Node.js — Node.js 20.19.5 (LTS) Node.js — Node.js 22.19.0 (LTS) Node.js — Node.js 24.7.0 (Current) Node.js — Node.js 24.6.0 (Current) Node.js — Node.js 22.18.0 (LTS) Node.js — Node.js 24.5.0 (Current) Node.js — Node.js 20.19.4 (LTS) Node.js — Node.js 22.17.1 (LTS) Node.js — Node.js 24.4.1 (Current) Node.js — Tuesday, July 15, 2025 Security Releases Node.js — Node.js 24.4.0 (Current) Node.js — Node.js LGBTQIA+ Stories: Emelia Smith Node.js — Open sourced identity Node.js — Node.js 22.17.0 (LTS) Node.js — Node.js 24.3.0 (Current) Node.js — Node.js 20.19.3 (LTS) Node.js — In Memory of Mikeal Rogers: A Builder of Communities Node.js — Node.js 24.2.0 (Current) Node.js — Beware of End-of-Life Node.js Versions - Upgrade or Seek Post-EOL Support Node.js — Trip report: Node.js collaboration summit (2025 Paris) Node.js — Node.js 22.16.0 (LTS) Node.js — Node.js 24.1.0 (Current) Node.js — Node.js 24.0.2 (Current) Node.js — Node.js 23.11.1 (Current) Node.js — Node.js 22.15.1 (LTS) Node.js — Node.js 20.19.2 (LTS) Node.js — Wednesday, May 14, 2025 Security Releases Node.js — Node.js 24.0.1 (Current) Node.js — Node.js 24.0.0 (Current) Node.js — Node.js Test CI Security Incident Node.js — Node.js 22.15.0 (LTS) Node.js — Node.js 20.19.1 (LTS) Node.js — Making Node.js Downloads Reliable Node.js — Node.js 23.11.0 (Current) Node.js — Node.js 23.10.0 (Current) Node.js — Node.js 20.19.0 (LTS) Node.js — Updates on CVE for End-of-Life Versions Node.js — Node.js 23.9.0 (Current) Node.js — Node.js 18.20.7 (LTS) Node.js — Node.js 20.18.3 (LTS) Node.js — Node.js 9.3.0 (Current) Node.js — Data Confidentiality/Integrity Vulnerability, December 2017 Node.js — Node.js 9.2.1 (Current) Node.js — Node.js 8.9.3 (LTS) Node.js — Node.js 4.8.7 (Maintenance) Node.js — Node.js 8.9.2 (LTS) Node.js — Node.js 6.12.1 (LTS) Node.js — Node.js 9.2.0 (Current) Node.js — Node.js 8.9.1 (LTS) Node.js — Node.js 9.1.0 (Current) Node.js — Node.js 0.10.35 (Stable) Node.js — Node.js 0.10.34 (Stable) Node.js — Node.js 0.10.29 (Stable)
Node.js — Weekly Update - Aug 7th, 2015
2015-08-07 · via Node.js Blog

Steven Sinatra

io.js and Node.js News — August 7th

io.js v3.0 and the new goodness, breaking changes, and our ongoing call for an LTS build V8 maintainer.

io.js v3.0 Release

This week, io.js v3.0.0 is released! Since this is a major version bump, new features have been introduced to io.js. These are:

  • V8 upgrade from v4.2 to v4.4. Rod Vagg (@rvagg) has a Gist containing the changelogs of v4.3 and v4.4.
  • Computed property names ({['foo'+'bar']:'bam'}) is now shipped without the need for any harmony- flag.
  • Unicode escape sequence (\u{xxxxx}) is also shipped. There is no need for the --harmony option anymore.
  • Previously classes are available but built-in Array subclasses are not supported or problematic. The new version of V8 has solved this problem.
  • The spread operator (...) is supported with the --es-staging flag. This allows you to use it in places where multiple arguments (for function calls) or multiple elements (for array literals) are expected.
  • The Rest parameters (function(...args) {}) are implemented behind the --es-staging flag as well.
  • REPL now gets a history file. Previously REPL needs to specify NODE_REPL_HISTORY_FILE but the current version will have the history saved by default.
  • Buffer is now a subclass of Uint8Array.
  • The smalloc module has been removed, and the freelist module has now been deprecated.

With a major version bump, there are also breaking changes. These include:

  • Changes on Buffer.concat, dgram send() error and http server timing behaviors.
  • The upgrade on V8, which gives the need for recompiling of all native add-ons and the new Maybe<> and MaybeLocal<> types for add-on authors to transition to these new APIs as soon as possible.
  • HTTP status codes. The code mappings conform to the IANA standard now and will be a backwards incompatible change to consumers that depend on the text value of a header.
  • The HTTP agent .getName(), which fixes the unnecessary extra colon at the end of the return values.

You can find out more information about this release in the complete changelog, the Breaking Changes document and the pull request for the release proposal. In addition, Yosuke Furukawa has made a repo with details about the new features.

Notable changes

  • buffer:
    • Due to changes in V8, it has been necessary to reimplement Buffer on top of V8's Uint8Array. Every effort has been made to minimize the performance impact, however Buffer instantiation is measurably slower. Access operations may be faster in some circumstances but the exact performance profile and difference over previous versions will depend on how Buffer is used within applications. (Trevor Norris) #1825.
    • Buffer can now take ArrayBuffers as a constructor argument (Trevor Norris) #2002.
    • When a single buffer is passed to Buffer.concat(), a new, copied Buffer object will be returned; previous behavior was to return the original Buffer object (Sakthipriyan Vairamani) #1937.
  • build: PPC support has been added to core to allow compiling on pLinux BE and LE (AIX support coming soon) (Michael Dawson) #2124.
  • dgram: If an error occurs within socket.send() and a callback has been provided, the error is only passed as the first argument to the callback and not emitted on the socket object; previous behavior was to do both (Matteo Collina & Chris Dickinson) #1796
  • freelist: Deprecate the undocumented freelist core module (Sakthipriyan Vairamani) #2176.
  • http:
    • Status codes now all use the official IANA names as per RFC7231, e.g. http.STATUS_CODES[414] now returns 'URI Too Long' rather than 'Request-URI Too Large' (jomo) #1470.
    • Calling .getName() on an HTTP agent no longer returns a trailing colon, HTTPS agents will no longer return an extra colon near the middle of the string (Brendan Ashworth) #1617.
  • node:
    • NODE_MODULE_VERSION has been bumped to 45 to reflect the break in ABI (Rod Vagg) #2096.
    • Introduce a new process.release object that contains a name property set to 'io.js' and sourceUrl, headersUrl and libUrl (Windows only) properties containing URLs for the relevant resources; this is intended to be used by node-gyp (Rod Vagg) #2154.
    • The version of node-gyp bundled with io.js now downloads and uses a tarball of header files from iojs.org rather than the full source for compiling native add-ons; it is hoped this is a temporary floating patch and the change will be upstreamed to node-gyp soon (Rod Vagg) #2066.
  • repl: Persistent history is now enabled by default. The history file is located at ~/.node_repl_history, which can be overridden by the new environment variable NODE_REPL_HISTORY. This deprecates the previous NODE_REPL_HISTORY_FILE variable. Additionally, the format of the file has been changed to plain text to better handle file corruption. (Jeremiah Senkpiel) #2224.
  • smalloc: The smalloc module has been removed as it is no longer possible to provide the API due to changes in V8 (Ben Noordhuis) #2022.
  • tls: Add server.getTicketKeys() and server.setTicketKeys() methods for TLS session key rotation (Fedor Indutny) #2227.
  • v8: Upgraded to 4.4.63.26
    • ES6: Enabled computed property names
    • ES6: Array can now be subclassed in strict mode
    • ES6: Implement rest parameters in staging, use the --harmony-rest-parameters command line flag
    • ES6: Implement the spread operator in staging, use the --harmony-spreadcalls command line flag
    • Removed SetIndexedPropertiesToExternalArrayData and related APIs, forcing a shift to Buffer to be reimplemented based on Uint8Array
    • Introduction of Maybe and MaybeLocal C++ API for objects which may or may not have a value.
    • Added support for PPC

See also https://github.com/nodejs/node/wiki/Breaking-Changes#300-from-2x for a summary of the breaking changes (SEMVER-MAJOR).

Known issues

See https://github.com/nodejs/node/labels/confirmed-bug for complete and current list of known issues.

  • Some problems with unreferenced timers running during beforeExit are still to be resolved. See #1264.
  • Surrogate pair in REPL can freeze terminal. #690
  • process.send() is not synchronous as the docs suggest, a regression introduced in 1.0.2, see #760.
  • Calling dns.setServers() while a DNS query is in progress can cause the process to crash on a failed assertion. #894
  • url.resolve may transfer the auth portion of the url when resolving between two full hosts, see #1435.

If you have spotted or written something about Node.js and io.js, do come over to our Evangelism team repo and suggest it on the Issues page, specifically the Weekly Updates issue.

Upcoming Events

  • BrazilJS Conf tickets are on sale, August 21st - 22nd at Shopping Center BarraShoppingSul
  • NodeConf EU tickets are on sale, September 6th - 9th at Waterford, Ireland
  • Node.js Italian Conference tickets are on sale, October 10th at Desenzano - Brescia, Italy
  • JSConf CO, October 16th - 17th at Ruta N, Medellin

Have an event about Node.js and io.js coming up? You can put your events here through the Evangelism team repo and announce it in the Issues page, specifically the Weekly Updates issue.