--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-97b214b298
2022-02-19 01:30:44.345535
--------------------------------------------------------------------------------

Name        : nodejs
Product     : Fedora 35
Version     : 16.14.0
Release     : 2.fc35
URL         : https://nodejs.org/
Summary     : JavaScript runtime
Description :
Node.js is a platform built on Chrome's JavaScript runtime
for easily building fast, scalable network applications.
Node.js uses an event-driven, non-blocking I/O model that
makes it lightweight and efficient, perfect for data-intensive
real-time applications that run across distributed devices.

--------------------------------------------------------------------------------
Update Information:

## 2022-02-08, Version 16.14.0 'Gallium' (LTS), @danielleadams  ### Notable
changes  #### Importing JSON modules now requires experimental import assertions
syntax  This release adds experimental support for the import assertions stage 3
proposal.  To keep Node.js ESM implementation as compatible as possible with the
HTML spec, import assertions are now required to import JSON modules (still
behind the `--experimental-json-modules` CLI flag):  ```mjs import info from
'./package.json' assert { type: 'json' }; ```  Or use dynamic import:  ```mjs
const info = await import('./package.json', { assert: { type: 'json' } }); ```
Contributed by Antoine du Hamel and Geoffrey Booth
[#40250](https://github.com/nodejs/node/pull/40250)  #### Other notable changes
* **async\_hooks**:   * **(SEMVER-MINOR)** expose async\_wrap providers (Rafael
Gonzaga) [#40760](https://github.com/nodejs/node/pull/40760) *
**child\_process**:   * **(SEMVER-MINOR)** add support for URL to `cp.fork`
(Antoine du Hamel) [#41225](https://github.com/nodejs/node/pull/41225) *
**doc**:   * add @Mesteery to collaborators (Mestery)
[#41543](https://github.com/nodejs/node/pull/41543)   * add @bnb as a
collaborator (Tierney Cyren) [#41100](https://github.com/nodejs/node/pull/41100)
* **esm**:   * **(SEMVER-MINOR)** graduate capturerejections to supported (James
M Snell) [#41267](https://github.com/nodejs/node/pull/41267)   * **(SEMVER-
MINOR)** add EventEmitterAsyncResource to core (James M Snell)
[#41246](https://github.com/nodejs/node/pull/41246) * **events**:   * **(SEMVER-
MINOR)** propagate weak option for kNewListener (James M Snell)
[#40899](https://github.com/nodejs/node/pull/40899) * **fs**:   * **(SEMVER-
MINOR)** accept URL as argument for `fs.rm` and `fs.rmSync` (Antoine du Hamel)
[#41132](https://github.com/nodejs/node/pull/41132) * **lib**:   * **(SEMVER-
MINOR)** make AbortSignal cloneable/transferable (James M Snell)
[#41050](https://github.com/nodejs/node/pull/41050)   * **(SEMVER-MINOR)** add
AbortSignal.timeout (James M Snell)
[#40899](https://github.com/nodejs/node/pull/40899)   * **(SEMVER-MINOR)** add
reason to AbortSignal (James M Snell)
[#40807](https://github.com/nodejs/node/pull/40807)   * **(SEMVER-MINOR)** add
unsubscribe method to non-active DC channels (simon-id)
[#40433](https://github.com/nodejs/node/pull/40433)   * **(SEMVER-MINOR)** add
return value for DC channel.unsubscribe (simon-id)
[#40433](https://github.com/nodejs/node/pull/40433) * **loader**:   * **(SEMVER-
MINOR)** return package format from defaultResolve if known (Gabriel Bota)
[#40980](https://github.com/nodejs/node/pull/40980) * **perf\_hooks**:   *
**(SEMVER-MINOR)** multiple fixes for Histogram (James M Snell)
[#41153](https://github.com/nodejs/node/pull/41153) * **process**:   *
**(SEMVER-MINOR)** add `getActiveResourcesInfo()` (Darshan Sen)
[#40813](https://github.com/nodejs/node/pull/40813) * **src**:   * **(SEMVER-
MINOR)** add x509.fingerprint512 to crypto module (3nprob)
[#39809](https://github.com/nodejs/node/pull/39809)   * **(SEMVER-MINOR)** add
flags for controlling process behavior (Cheng Zhao)
[#40339](https://github.com/nodejs/node/pull/40339) * **stream**:   * **(SEMVER-
MINOR)** add filter method to readable (Benjamin Gruenbaum)
[#41354](https://github.com/nodejs/node/pull/41354)   * **(SEMVER-MINOR)** add
isReadable helper (Robert Nagy)
[#41199](https://github.com/nodejs/node/pull/41199)   * **(SEMVER-MINOR)** add
map method to Readable (Benjamin Gruenbaum)
[#40815](https://github.com/nodejs/node/pull/40815)   * deprecate thenable
support (Antoine du Hamel) [#40860](https://github.com/nodejs/node/pull/40860) *
**util**:   * **(SEMVER-MINOR)** pass through the inspect function to custom
inspect functions (Ruben Bridgewater)
[#41019](https://github.com/nodejs/node/pull/41019)   * **(SEMVER-MINOR)** add
numericSeparator to util.inspect (Ruben Bridgewater)
[#41003](https://github.com/nodejs/node/pull/41003)   * **(SEMVER-MINOR)**
always visualize cause property in errors during inspection (Ruben Bridgewater)
[#41002](https://github.com/nodejs/node/pull/41002) * **timers**:   * **(SEMVER-
MINOR)** add experimental scheduler api (James M Snell)
[#40909](https://github.com/nodejs/node/pull/40909) * **v8**:   * **(SEMVER-
MINOR)** multi-tenant promise hook api (Stephen Belanger)
[#39283](https://github.com/nodejs/node/pull/39283)   ----  Fix for
CVE-2021-43616
--------------------------------------------------------------------------------
ChangeLog:

* Wed Feb  9 2022 Zuzana Svetlikova  - 1:16.14.0-2
- Replace explicit version of npm in %check with variable and make build fail if it doesn't match
* Tue Feb  8 2022 Stephen Gallagher  - 1:16.14.0-1
- Update to Node.js 16.14.0
* Thu Feb  3 2022 Stephen Gallagher  - 1:16.13.2-8
- Update npm to 8.3.1 (CVE-2021-43616)
* Wed Feb  2 2022 Stephen Gallagher  - 1:16.13.2-7
- Fix incorrect version Provides: for npm (bz#2049873)
* Mon Jan 31 2022 Stephen Gallagher  - 1:16.13.2-6
- Rebuild for more architectures
* Mon Jan 31 2022 Stephen Gallagher  - 1:16.13.2-5
- Tweak some dependencies on EPEL 7 (bz2048589)
- Add Provides: bundled(zlib)
* Wed Jan 19 2022 Stephen Gallagher  - 1:16.13.2-3
- Bundle zlib on EPEL 7
* Mon Jan 17 2022 Stephen Gallagher  - 1:16.13.2-2
- Add support for building on EPEL 7
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2050282 - CVE-2021-43616 npm: npm ci succeeds when package-lock.json doesn't match package.json
        https://bugzilla.redhat.com/show_bug.cgi?id=2050282
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-97b214b298' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure