Merge remote-tracking branch 'upstream/master' into docs-improve-randomUUID

Author: srknzl

CHANGELOG.md

@@ -32,7 +32,8 @@ release.
 </tr>
 <tr>
     <td valign="top">
-<b><a href="doc/changelogs/CHANGELOG_V15.md#15.13.0">15.13.0</a></b><br/>
+<b><a href="doc/changelogs/CHANGELOG_V15.md#15.14.0">15.14.0</a></b><br/>
+<a href="doc/changelogs/CHANGELOG_V15.md#15.13.0">15.13.0</a><br/>
 <a href="doc/changelogs/CHANGELOG_V15.md#15.12.0">15.12.0</a><br/>
 <a href="doc/changelogs/CHANGELOG_V15.md#15.11.0">15.11.0</a><br/>
 <a href="doc/changelogs/CHANGELOG_V15.md#15.10.0">15.10.0</a><br/>
@@ -51,7 +52,8 @@ release.
 <a href="doc/changelogs/CHANGELOG_V15.md#15.0.0">15.0.0</a><br/>
     </td>
     <td valign="top">
-<b><a href="doc/changelogs/CHANGELOG_V14.md#14.16.0">14.16.0</a></b><br/>
+<b><a href="doc/changelogs/CHANGELOG_V14.md#14.16.1">14.16.1</a></b><br/>
+<a href="doc/changelogs/CHANGELOG_V14.md#14.16.0">14.16.0</a><br/>
 <a href="doc/changelogs/CHANGELOG_V14.md#14.15.5">14.15.5</a><br/>
 <a href="doc/changelogs/CHANGELOG_V14.md#14.15.4">14.15.4</a><br/>
 <a href="doc/changelogs/CHANGELOG_V14.md#14.15.3">14.15.3</a><br/>
@@ -77,7 +79,8 @@ release.
 <a href="doc/changelogs/CHANGELOG_V14.md#14.0.0">14.0.0</a><br/>
     </td>
     <td valign="top">
-<b><a href="doc/changelogs/CHANGELOG_V12.md#12.22.0">12.22.0</a></b><br/>
+<b><a href="doc/changelogs/CHANGELOG_V12.md#12.22.1">12.22.1</a></b><br/>
+<a href="doc/changelogs/CHANGELOG_V12.md#12.22.0">12.22.0</a><br/>
 <a href="doc/changelogs/CHANGELOG_V12.md#12.21.0">12.21.0</a><br/>
 <a href="doc/changelogs/CHANGELOG_V12.md#12.20.2">12.20.2</a><br/>
 <a href="doc/changelogs/CHANGELOG_V12.md#12.20.1">12.20.1</a><br/>
@@ -118,7 +121,8 @@ release.
 <a href="doc/changelogs/CHANGELOG_V12.md#12.0.0">12.0.0</a><br/>
     </td>
     <td valign="top">
-<b><a href="doc/changelogs/CHANGELOG_V10.md#10.24.0">10.24.0</a></b><br/>
+<b><a href="doc/changelogs/CHANGELOG_V10.md#10.24.1">10.24.1</a></b><br/>
+<a href="doc/changelogs/CHANGELOG_V10.md#10.24.0">10.24.0</a><br/>
 <a href="doc/changelogs/CHANGELOG_V10.md#10.23.3">10.23.3</a><br/>
 <a href="doc/changelogs/CHANGELOG_V10.md#10.23.2">10.23.2</a><br/>
 <a href="doc/changelogs/CHANGELOG_V10.md#10.23.1">10.23.1</a><br/>

doc/api/documentation.md

@@ -50,7 +50,8 @@ modifications occur. To avoid surprises, use of an Experimental feature may need
 a command-line flag. Experimental features may also emit a [warning][].
 
 ## Stability overview
-<!-- STABILITY_OVERVIEW_SLOT -->
+<!-- STABILITY_OVERVIEW_SLOT_BEGIN -->
+<!-- STABILITY_OVERVIEW_SLOT_END -->
 
 ## JSON output
 <!-- YAML

doc/api/domain.md

@@ -69,7 +69,7 @@ const d = require('domain').create();
 d.on('error', (er) => {
   // The error won't crash the process, but what it does is worse!
   // Though we've prevented abrupt process restarting, we are leaking
-  // resources like crazy if this ever happens.
+  // a lot of resources if this ever happens.
   // This is no better than process.on('uncaughtException')!
   console.log(`error, but oh well ${er.message}`);
 });

doc/api/errors.md

@@ -1367,7 +1367,7 @@ made to mark a stream and dependent of itself.
 <a id="ERR_HTTP2_TOO_MANY_INVALID_FRAMES"></a>
 ### `ERR_HTTP2_TOO_MANY_INVALID_FRAMES`
 <!--
-added: REPLACEME
+added: v15.14.0
 -->
 
 The limit of acceptable invalid HTTP/2 protocol frames sent by the peer,

doc/api/fs.md

@@ -1252,7 +1252,7 @@ All the [caveats][] for `fs.watch()` also apply to `fsPromises.watch()`.
 <!-- YAML
 added: v10.0.0
 changes:
-  - version: REPLACEME
+  - version: v15.14.0
     pr-url: https://github.com/nodejs/node/pull/37490
     description: The `data` argument supports `AsyncIterable`, `Iterable` & `Stream`.
   - version: v15.2.0
@@ -2768,9 +2768,9 @@ changes:
   * `bytesRead` {integer}
   * `buffer` {Buffer}
 
-Similar to the `fs.read90` function, this version takes an optional `options`
-object. If no `options` object is specified, it will default with the above
-values.
+Similar to the [`fs.read()`][] function, this version takes an optional
+`options` object. If no `options` object is specified, it will default with the
+above values.
 
 ### `fs.readdir(path[, options], callback)`
 <!-- YAML

doc/api/http.md

@@ -2720,7 +2720,7 @@ The `callback` is invoked with a single argument that is an instance of
 JSON fetching example:
 
 ```js
-http.get('http://nodejs.org/dist/index.json', (res) => {
+http.get('http://localhost:8000/', (res) => {
   const { statusCode } = res;
   const contentType = res.headers['content-type'];
 
@@ -2755,6 +2755,16 @@ http.get('http://nodejs.org/dist/index.json', (res) => {
 }).on('error', (e) => {
   console.error(`Got error: ${e.message}`);
 });
+
+// Create a local server to receive data from
+const server = http.createServer((req, res) => {
+  res.writeHead(200, { 'Content-Type': 'application/json' });
+  res.end(JSON.stringify({
+    data: 'Hello World!'
+  }));
+});
+
+server.listen(8000);
 ```
 
 ## `http.globalAgent`

doc/api/net.md

@@ -138,11 +138,11 @@ The list of rules added to the blocklist.
 
 ## Class: `net.SocketAddress`
 <!-- YAML
-added: REPLACEME
+added: v15.14.0
 -->
 ### `new net.SocketAddress([options])`
 <!-- YAML
-added: REPLACEME
+added: v15.14.0
 -->
 
 * `options` {Object}
@@ -155,28 +155,28 @@ added: REPLACEME
 
 ### `socketaddress.address`
 <!-- YAML
-added: REPLACEME
+added: v15.14.0
 -->
 
 * Type {string}
 
 ### `socketaddress.family`
 <!-- YAML
-added: REPLACEME
+added: v15.14.0
 -->
 
 * Type {string} Either `'ipv4'` or `'ipv6'`.
 
 ### `socketaddress.flowlabel`
 <!-- YAML
-added: REPLACEME
+added: v15.14.0
 -->
 
 * Type {number}
 
 ### `socketaddress.port`
 <!-- YAML
-added: REPLACEME
+added: v15.14.0
 -->
 
 * Type {number}
@@ -543,7 +543,7 @@ it to interact with the client.
 <!-- YAML
 added: v0.3.4
 changes:
-  - version: REPLACEME
+  - version: v15.14.0
     pr-url: https://github.com/nodejs/node/pull/37735
     description: AbortSignal support was added.
 -->

doc/api/readline.md

@@ -544,7 +544,7 @@ the current position of the cursor down.
 <!-- YAML
 added: v0.1.98
 changes:
-  - version: REPLACEME
+  - version: v15.14.0
     pr-url: https://github.com/nodejs/node/pull/37932
     description: The `signal` option is supported now.
   - version: v15.8.0
@@ -638,7 +638,7 @@ will not terminate until it receives `EOF` (<kbd>Ctrl</kbd>+<kbd>D</kbd> on
 Linux/macOS, <kbd>Ctrl</kbd>+<kbd>Z</kbd> followed by <kbd>Return</kbd> on
 Windows).
 If you want your application to exit without waiting for user input, you can
-[`unref`][] the standard input stream:
+[`unref()`][] the standard input stream:
 
 ```js
 process.stdin.unref();
@@ -978,5 +978,5 @@ const { createInterface } = require('readline');
 [`process.stdin`]: process.md#process_process_stdin
 [`process.stdout`]: process.md#process_process_stdout
 [`rl.close()`]: #readline_rl_close
+[`unref()`]: net.md#net_socket_unref
 [reading files]: #readline_example_read_file_stream_line_by_line
-[`unref`]: net.md#net_socket_unref

doc/api/worker_threads.md

@@ -527,7 +527,7 @@ are part of the channel.
 <!-- YAML
 added: v10.5.0
 changes:
-  - version: REPLACEME
+  - version: v15.14.0
     pr-url: https://github.com/nodejs/node/pull/37917
     description: Add 'BlockList' to the list of cloneable types.
   - version: v15.9.0

doc/changelogs/CHANGELOG_V10.md

@@ -11,6 +11,7 @@
 </tr>
 <tr>
 <td valign="top">
+<a href="#10.24.1">10.24.1</a><br/>
 <a href="#10.24.0">10.24.0</a><br/>
 <a href="#10.23.3">10.23.3</a><br/>
 <a href="#10.23.2">10.23.2</a><br/>
@@ -75,6 +76,34 @@
   * [io.js](CHANGELOG_IOJS.md)
   * [Archive](CHANGELOG_ARCHIVE.md)
 
+<a id="10.24.1"></a>
+## 2021-04-06, Version 10.24.1 'Dubnium' (LTS), @mylesborins
+
+This is a security release.
+
+### Notable Changes
+
+Vulerabilties fixed:
+
+* **CVE-2021-3450**: OpenSSL - CA certificate check bypass with X509_V_FLAG_X509_STRICT (High)
+  * This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt
+  * Impacts:
+    * All versions of the 15.x, 14.x, 12.x and 10.x releases lines
+* **CVE-2021-3449**: OpenSSL - NULL pointer deref in signature_algorithms processing (High)
+  * This is a vulnerability in OpenSSL which may be exploited through Node.js. You can read more about it in https://www.openssl.org/news/secadv/20210325.txt
+  * Impacts:
+    * All versions of the 15.x, 14.x, 12.x and 10.x releases lines
+* **CVE-2020-7774**: npm upgrade - Update y18n to fix Prototype-Pollution (High)
+  * This is a vulnerability in the y18n npm module which may be exploited by prototype pollution. You can read more about it in https://github.com/advisories/GHSA-c4w7-xm78-47vh
+  * Impacts:
+    * All versions of the 14.x, 12.x and 10.x releases lines
+
+### Commits
+
+* [[`5e526b96ce`](https://github.com/nodejs/node/commit/5e526b96ce)] - **deps**: upgrade npm to 6.14.12 (Ruy Adorno) [#37918](https://github.com/nodejs/node/pull/37918)
+* [[`781cb6df5c`](https://github.com/nodejs/node/commit/781cb6df5c)] - **deps**: update archs files for OpenSSL-1.1.1k (Tobias Nießen) [#37940](https://github.com/nodejs/node/pull/37940)
+* [[`5db0a05a90`](https://github.com/nodejs/node/commit/5db0a05a90)] - **deps**: upgrade openssl sources to 1.1.1k (Tobias Nießen) [#37940](https://github.com/nodejs/node/pull/37940)
+
 <a id="10.24.0"></a>
 ## 2021-02-23, Version 10.24.0 'Dubnium' (LTS), @richardlau