lib: add warning when binding inspector to public IP #55736
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add `isLoopback` function to `internal/net` module to check if a given host is a loopback address. Add a warning when binding the inspector to a public IP with an open port, as it allows external hosts to connect to the inspector. Fixes: #23444 Refs: https://nodejs.org/api/cli.html#--inspecthostport
|
Review requested:
|
anonrig
reviewed
Nov 5, 2024
avivkeller
reviewed
Nov 6, 2024
Comment on lines
+18
to
+19
| '192.168.1.1', | ||
| '10.0.0.1', |
There was a problem hiding this comment.
Should we really warn for these? IMHO binding to IP in private subnet is usually fine.
There was a problem hiding this comment.
The condition when to warn was discussed in #23756 (review) and #23756 (comment). So, I think we should warn for all non-loopback addresses. WDYT?
There was a problem hiding this comment.
Overall Comments:
Great work on implementing the inspector-related logic and improving security awareness for users when binding the inspector to a public IP. The added validation and warning mechanism demonstrates a thoughtful approach to ensuring safety and guiding users toward secure practices.
Specific Suggestions:
- Security Warning:
o The warning message regarding binding the inspector to a public IP is excellent. However, consider rephrasing the message for conciseness and clarity, such as:
o 'Binding the inspector to a public IP is insecure. It allows external hosts to connect to the inspector and potentially perform remote code execution. Refer to the documentation: https://nodejs.org/api/cli.html#--inspecthostport'
This reduces redundancy and ensures the warning remains impactful. - Documentation URL:
o Ensure the provided documentation URL is current and accurate. You might want to verify if the URL points to the specific section for --inspect-host/port in the Node.js CLI docs. - Validation Enhancements:
o The isLoopback check is a great addition. To further improve, consider logging the specific host being checked in case debugging becomes necessary for unusual cases. - Error Handling:
o Ensure that the ERR_INSPECTOR_NOT_AVAILABLE exception is sufficiently descriptive for developers to understand why the inspector might not be available. Providing actionable guidance (e.g., checking the Node.js version or enabling certain build flags) could enhance user experience. - Coding Style:
o The logic is clear and concise. Just ensure adherence to consistent indentation (e.g., within the if blocks) for readability.
Minor Suggestions:
• Add inline comments to the isLoopback and validateInt32 checks for better maintainability.
• Consider unit testing or including examples in the documentation on how to use the inspectorOpen function securely.
jasnell
approved these changes
Dec 28, 2024
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #55736 +/- ##
==========================================
+ Coverage 88.40% 90.24% +1.83%
==========================================
Files 654 629 -25
Lines 187655 184875 -2780
Branches 36109 36213 +104
==========================================
+ Hits 165905 166837 +932
+ Misses 14990 11011 -3979
- Partials 6760 7027 +267
🚀 New features to boost your workflow:
|
|
@anonrig @LiviaMedeiros I've made the requested changes. Could you make a review? |
LiviaMedeiros
approved these changes
Mar 17, 2025
This comment was marked as outdated.
This comment was marked as outdated.
LiviaMedeiros
approved these changes
Mar 18, 2025
|
Are there any actions that are expected from me? Can we merge this pull request? |
jasnell
pushed a commit
that referenced
this pull request
Mar 21, 2025
Add `isLoopback` function to `internal/net` module to check if a given host is a loopback address. Add a warning when binding the inspector to a public IP with an open port, as it allows external hosts to connect to the inspector. Fixes: #23444 Refs: https://nodejs.org/api/cli.html#--inspecthostport PR-URL: #55736 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: LiviaMedeiros <livia@cirno.name>
|
Landed in 56d8dc1 |
aduh95
pushed a commit
that referenced
this pull request
Mar 23, 2025
Add `isLoopback` function to `internal/net` module to check if a given host is a loopback address. Add a warning when binding the inspector to a public IP with an open port, as it allows external hosts to connect to the inspector. Fixes: #23444 Refs: https://nodejs.org/api/cli.html#--inspecthostport PR-URL: #55736 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: LiviaMedeiros <livia@cirno.name>
RafaelGSS
pushed a commit
that referenced
this pull request
Apr 1, 2025
Add `isLoopback` function to `internal/net` module to check if a given host is a loopback address. Add a warning when binding the inspector to a public IP with an open port, as it allows external hosts to connect to the inspector. Fixes: #23444 Refs: https://nodejs.org/api/cli.html#--inspecthostport PR-URL: #55736 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: LiviaMedeiros <livia@cirno.name>
RafaelGSS
pushed a commit
that referenced
this pull request
Apr 1, 2025
Add `isLoopback` function to `internal/net` module to check if a given host is a loopback address. Add a warning when binding the inspector to a public IP with an open port, as it allows external hosts to connect to the inspector. Fixes: #23444 Refs: https://nodejs.org/api/cli.html#--inspecthostport PR-URL: #55736 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: LiviaMedeiros <livia@cirno.name>
RafaelGSS
pushed a commit
to RafaelGSS/node
that referenced
this pull request
Apr 8, 2025
Add `isLoopback` function to `internal/net` module to check if a given host is a loopback address. Add a warning when binding the inspector to a public IP with an open port, as it allows external hosts to connect to the inspector. Fixes: nodejs#23444 Refs: https://nodejs.org/api/cli.html#--inspecthostport PR-URL: nodejs#55736 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: LiviaMedeiros <livia@cirno.name>
RafaelGSS
pushed a commit
that referenced
this pull request
Apr 14, 2025
Add `isLoopback` function to `internal/net` module to check if a given host is a loopback address. Add a warning when binding the inspector to a public IP with an open port, as it allows external hosts to connect to the inspector. Fixes: #23444 Refs: https://nodejs.org/api/cli.html#--inspecthostport PR-URL: #55736 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: LiviaMedeiros <livia@cirno.name>
RafaelGSS
pushed a commit
that referenced
this pull request
Apr 14, 2025
Add `isLoopback` function to `internal/net` module to check if a given host is a loopback address. Add a warning when binding the inspector to a public IP with an open port, as it allows external hosts to connect to the inspector. Fixes: #23444 Refs: https://nodejs.org/api/cli.html#--inspecthostport PR-URL: #55736 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: LiviaMedeiros <livia@cirno.name>
aduh95
pushed a commit
that referenced
this pull request
Apr 14, 2025
Add `isLoopback` function to `internal/net` module to check if a given host is a loopback address. Add a warning when binding the inspector to a public IP with an open port, as it allows external hosts to connect to the inspector. Fixes: #23444 Refs: https://nodejs.org/api/cli.html#--inspecthostport PR-URL: #55736 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: LiviaMedeiros <livia@cirno.name>
aduh95
pushed a commit
that referenced
this pull request
Apr 14, 2025
Add `isLoopback` function to `internal/net` module to check if a given host is a loopback address. Add a warning when binding the inspector to a public IP with an open port, as it allows external hosts to connect to the inspector. Fixes: #23444 Refs: https://nodejs.org/api/cli.html#--inspecthostport PR-URL: #55736 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: LiviaMedeiros <livia@cirno.name>
aduh95
pushed a commit
that referenced
this pull request
Apr 15, 2025
Add `isLoopback` function to `internal/net` module to check if a given host is a loopback address. Add a warning when binding the inspector to a public IP with an open port, as it allows external hosts to connect to the inspector. Fixes: #23444 Refs: https://nodejs.org/api/cli.html#--inspecthostport PR-URL: #55736 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: LiviaMedeiros <livia@cirno.name>
RafaelGSS
pushed a commit
that referenced
this pull request
Apr 16, 2025
Add `isLoopback` function to `internal/net` module to check if a given host is a loopback address. Add a warning when binding the inspector to a public IP with an open port, as it allows external hosts to connect to the inspector. Fixes: #23444 Refs: https://nodejs.org/api/cli.html#--inspecthostport PR-URL: #55736 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: LiviaMedeiros <livia@cirno.name>
RafaelGSS
pushed a commit
that referenced
this pull request
Apr 17, 2025
Add `isLoopback` function to `internal/net` module to check if a given host is a loopback address. Add a warning when binding the inspector to a public IP with an open port, as it allows external hosts to connect to the inspector. Fixes: #23444 Refs: https://nodejs.org/api/cli.html#--inspecthostport PR-URL: #55736 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: LiviaMedeiros <livia@cirno.name>
tmeijn
pushed a commit
to tmeijn/dotfiles
that referenced
this pull request
Apr 20, 2025
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [node](https://nodejs.org) ([source](https://github.com/nodejs/node)) | minor | `23.10.0` -> `23.11.0` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>nodejs/node (node)</summary> ### [`v23.11.0`](https://github.com/nodejs/node/releases/tag/v23.11.0): 2025-04-01, Version 23.11.0 (Current), @​aduh95 [Compare Source](nodejs/node@v23.10.0...v23.11.0) ##### Notable Changes - \[[`64b086740a`](nodejs/node@64b086740a)] - **(SEMVER-MINOR)** **assert**: implement partial error comparison (Ruben Bridgewater) [#​57370](nodejs/node#57370) - \[[`053cef70e0`](nodejs/node@053cef70e0)] - **(SEMVER-MINOR)** **crypto**: add optional callback to `crypto.diffieHellman` (Filip Skokan) [#​57274](nodejs/node#57274) - \[[`f8aff90235`](nodejs/node@f8aff90235)] - **(SEMVER-MINOR)** **process**: add `execve` (Paolo Insogna) [#​56496](nodejs/node#56496) - \[[`4b04c92d7d`](nodejs/node@4b04c92d7d)] - **(SEMVER-MINOR)** **sqlite**: add `StatementSync.prototype.columns()` (Colin Ihrig) [#​57490](nodejs/node#57490) - \[[`1b8d1d3a3a`](nodejs/node@1b8d1d3a3a)] - **(SEMVER-MINOR)** **util**: expose diff function used by the assertion errors (Giovanni Bucci) [#​57462](nodejs/node#57462) ##### Commits - \[[`7b72396c8b`](nodejs/node@7b72396c8b)] - **assert**: improve partialDeepStrictEqual performance (Ruben Bridgewater) [#​57509](nodejs/node#57509) - \[[`64b086740a`](nodejs/node@64b086740a)] - **(SEMVER-MINOR)** **assert**: implement partial error comparison (Ruben Bridgewater) [#​57370](nodejs/node#57370) - \[[`f694d7de0e`](nodejs/node@f694d7de0e)] - **(SEMVER-MINOR)** **assert**: improve partialDeepStrictEqual (Ruben Bridgewater) [#​57370](nodejs/node#57370) - \[[`80d9d5653f`](nodejs/node@80d9d5653f)] - **(SEMVER-MINOR)** **assert,util**: improve performance (Ruben Bridgewater) [#​57370](nodejs/node#57370) - \[[`d52a71f832`](nodejs/node@d52a71f832)] - **(SEMVER-MINOR)** **benchmark**: adjust assert runtimes (Ruben Bridgewater) [#​57370](nodejs/node#57370) - \[[`7592cf4cd7`](nodejs/node@7592cf4cd7)] - **(SEMVER-MINOR)** **benchmark**: skip running some assert benchmarks by default (Ruben Bridgewater) [#​57370](nodejs/node#57370) - \[[`e4cc54a746`](nodejs/node@e4cc54a746)] - **(SEMVER-MINOR)** **benchmark**: add assert partialDeepStrictEqual benchmark (Ruben Bridgewater) [#​57370](nodejs/node#57370) - \[[`de48407011`](nodejs/node@de48407011)] - **build**: fix update-wpt workflow (Jonas) [#​57468](nodejs/node#57468) - \[[`52cd0954f9`](nodejs/node@52cd0954f9)] - **cli**: clarify --cpu-prof-name allowed values (Eugenio Ceschia) [#​57433](nodejs/node#57433) - \[[`7611fc14de`](nodejs/node@7611fc14de)] - **crypto**: fix output of privateDecrypt with zero-length data (Filip Skokan) [#​57575](nodejs/node#57575) - \[[`cc42ee8fc7`](nodejs/node@cc42ee8fc7)] - **crypto**: ensure expected JWK alg in SubtleCrypto.importKey RSA imports (Filip Skokan) [#​57450](nodejs/node#57450) - \[[`053cef70e0`](nodejs/node@053cef70e0)] - **(SEMVER-MINOR)** **crypto**: add optional callback to crypto.diffieHellman (Filip Skokan) [#​57274](nodejs/node#57274) - \[[`1f08864fd7`](nodejs/node@1f08864fd7)] - **debugger**: fix behavior of plain object exec in debugger repl (Dario Piotrowicz) [#​57498](nodejs/node#57498) - \[[`162b2828eb`](nodejs/node@162b2828eb)] - **deps**: update undici to 6.21.2 (Matteo Collina) [#​57442](nodejs/node#57442) - \[[`43bea6bb80`](nodejs/node@43bea6bb80)] - **deps**: V8: cherry-pick [`c172ffc`](nodejs/node@c172ffc5bf54) (Choongwoo Han) [#​57437](nodejs/node#57437) - \[[`99f93afb9d`](nodejs/node@99f93afb9d)] - **deps**: update ada to v3.2.1 (Yagiz Nizipli) [#​57429](nodejs/node#57429) - \[[`30e5658f12`](nodejs/node@30e5658f12)] - **deps**: update googletest to [`0bdccf4`](nodejs/node@0bdccf4) (Node.js GitHub Bot) [#​57380](nodejs/node#57380) - \[[`573467c070`](nodejs/node@573467c070)] - **deps**: update acorn to 8.14.1 (Node.js GitHub Bot) [#​57382](nodejs/node#57382) - \[[`affeaac0c7`](nodejs/node@affeaac0c7)] - **doc**: add gurgunday as triager (Gürgün Dayıoğlu) [#​57594](nodejs/node#57594) - \[[`4ed1a098f5`](nodejs/node@4ed1a098f5)] - **doc**: clarify behaviour of node-api adjust function (Michael Dawson) [#​57463](nodejs/node#57463) - \[[`921041b284`](nodejs/node@921041b284)] - **doc**: remove Corepack documentation (Antoine du Hamel) [#​57635](nodejs/node#57635) - \[[`99dbd8b391`](nodejs/node@99dbd8b391)] - **doc**: remove mention of `--require` not supporting ES modules (Huáng Jùnliàng) [#​57620](nodejs/node#57620) - \[[`8c76b2949e`](nodejs/node@8c76b2949e)] - **doc**: mention reports should align with Node.js CoC (Rafael Gonzaga) [#​57607](nodejs/node#57607) - \[[`ee1c78a7a3`](nodejs/node@ee1c78a7a3)] - **doc**: add section stating that very stale MRs should be closed (Dario Piotrowicz) [#​57541](nodejs/node#57541) - \[[`595e9e5ad6`](nodejs/node@595e9e5ad6)] - **doc**: add bjohansebas as triager (Sebastian Beltran) [#​57564](nodejs/node#57564) - \[[`3742d2a198`](nodejs/node@3742d2a198)] - **doc**: update support channels (Claudio W.) [#​57538](nodejs/node#57538) - \[[`717c44dead`](nodejs/node@717c44dead)] - **doc**: make stability labels more consistent (Antoine du Hamel) [#​57516](nodejs/node#57516) - \[[`b4576a6f57`](nodejs/node@b4576a6f57)] - **doc**: remove cryptoStream API reference (Jonas) [#​57579](nodejs/node#57579) - \[[`2c4f894036`](nodejs/node@2c4f894036)] - **doc**: module resolution pseudocode corrections (Marcel Laverdet) [#​57080](nodejs/node#57080) - \[[`c45894f90c`](nodejs/node@c45894f90c)] - **doc**: add history entry for DEP0190 in `child_process.md` (Antoine du Hamel) [#​57544](nodejs/node#57544) - \[[`c21068b696`](nodejs/node@c21068b696)] - **doc**: remove deprecated pattern in `child_process.md` (Antoine du Hamel) [#​57568](nodejs/node#57568) - \[[`87e0dda352`](nodejs/node@87e0dda352)] - **doc**: mark multiple experimental APIS as stable (James M Snell) [#​57510](nodejs/node#57510) - \[[`d637763e4e`](nodejs/node@d637763e4e)] - **doc**: remove mertcanaltin from Triagers (Mert Can Altin) [#​57531](nodejs/node#57531) - \[[`ee6025495d`](nodejs/node@ee6025495d)] - **doc**: recommend watching the collaborators repo in the onboarding doc (Darshan Sen) [#​57527](nodejs/node#57527) - \[[`706b64638b`](nodejs/node@706b64638b)] - **doc**: remove mention of visa fees from onboarding doc (Darshan Sen) [#​57526](nodejs/node#57526) - \[[`176d951bd0`](nodejs/node@176d951bd0)] - **doc**: deprecate passing `args` to `spawn` and `execFile` (Antoine du Hamel) [#​57389](nodejs/node#57389) - \[[`5c05ba119b`](nodejs/node@5c05ba119b)] - **doc**: remove some inconsistencies in `deprecations.md` (Antoine du Hamel) [#​57512](nodejs/node#57512) - \[[`9d5be4bb8c`](nodejs/node@9d5be4bb8c)] - **doc**: run license-builder (github-actions\[bot]) [#​57511](nodejs/node#57511) - \[[`273607edb4`](nodejs/node@273607edb4)] - **doc**: add new writing-docs contributing md (Dario Piotrowicz) [#​57502](nodejs/node#57502) - \[[`e28c723f24`](nodejs/node@e28c723f24)] - **doc**: add node.js streams references to Web Streams doc (Dario Piotrowicz) [#​57393](nodejs/node#57393) - \[[`47296492ba`](nodejs/node@47296492ba)] - **doc**: replace NOTEs that do not render properly (Colin Ihrig) [#​57484](nodejs/node#57484) - \[[`db9c37f792`](nodejs/node@db9c37f792)] - **doc**: prefer to sign commits under nodejs repository (Rafael Gonzaga) [#​57311](nodejs/node#57311) - \[[`e5e3987ae7`](nodejs/node@e5e3987ae7)] - **doc**: fixed the incorrect splitting of multiple words (letianpailove) [#​57454](nodejs/node#57454) - \[[`91a824e43b`](nodejs/node@91a824e43b)] - **doc**: add review guidelines for collaborator nominations (Antoine du Hamel) [#​57449](nodejs/node#57449) - \[[`2a5fcb2172`](nodejs/node@2a5fcb2172)] - **doc**: fix typo in `url.md` (Allon Murienik) [#​57467](nodejs/node#57467) - \[[`17ccf9282f`](nodejs/node@17ccf9282f)] - **doc**: add history info for --use-system-ca (Darshan Sen) [#​57432](nodejs/node#57432) - \[[`9adaaeb965`](nodejs/node@9adaaeb965)] - **doc**: remove typo YAML snippet from tls.getCACertificates doc (Darshan Sen) [#​57459](nodejs/node#57459) - \[[`ee4e855f8e`](nodejs/node@ee4e855f8e)] - **doc**: fix typo in sqlite.md (Tobias Nießen) [#​57473](nodejs/node#57473) - \[[`8cb3441443`](nodejs/node@8cb3441443)] - **doc**: explicit mention arbitrary code execution as a vuln (Rafael Gonzaga) [#​57426](nodejs/node#57426) - \[[`27f183ad03`](nodejs/node@27f183ad03)] - **doc**: update maintaining-openssl.md for openssl (Richard Lau) [#​57413](nodejs/node#57413) - \[[`ca67145d60`](nodejs/node@ca67145d60)] - **doc**: add missing `deprecated` badges in `fs.md` (Yukihiro Hasegawa) [#​57384](nodejs/node#57384) - \[[`3687390510`](nodejs/node@3687390510)] - **doc**: fix small typo in `process.md` (Felix Rieseberg) [#​57333](nodejs/node#57333) - \[[`097d9926e3`](nodejs/node@097d9926e3)] - **doc**: add note about sync nodejs-private branches (Rafael Gonzaga) [#​57404](nodejs/node#57404) - \[[`5006627969`](nodejs/node@5006627969)] - **fs**: apply exclude function to root path (Rich Trott) [#​57420](nodejs/node#57420) - \[[`0583c3db92`](nodejs/node@0583c3db92)] - **http**: coerce content-length to number (Marco Ippolito) [#​57458](nodejs/node#57458) - \[[`2a580b9332`](nodejs/node@2a580b9332)] - **lib**: add warning when binding inspector to public IP (Demian Parkhomenko) [#​55736](nodejs/node#55736) - \[[`fda56b9837`](nodejs/node@fda56b9837)] - **lib**: limit split function calls to prevent excessive array length (Gürgün Dayıoğlu) [#​57501](nodejs/node#57501) - \[[`d5a26f6525`](nodejs/node@d5a26f6525)] - **lib**: make getCallSites sourceMap option truly optional (James M Snell) [#​57388](nodejs/node#57388) - \[[`00a5b18043`](nodejs/node@00a5b18043)] - **meta**: add some clarification to the nomination process (James M Snell) [#​57503](nodejs/node#57503) - \[[`d0c96c463c`](nodejs/node@d0c96c463c)] - **meta**: remove collaborator self-nomination (Rich Trott) [#​57537](nodejs/node#57537) - \[[`a9a93f31ee`](nodejs/node@a9a93f31ee)] - **meta**: edit collaborator nomination process (Antoine du Hamel) [#​57483](nodejs/node#57483) - \[[`0ca362f5f2`](nodejs/node@0ca362f5f2)] - **meta**: move ovflowd to emeritus (Claudio W.) [#​57443](nodejs/node#57443) - \[[`f8aff90235`](nodejs/node@f8aff90235)] - **(SEMVER-MINOR)** **process**: add execve (Paolo Insogna) [#​56496](nodejs/node#56496) - \[[`e8d4a31d4b`](nodejs/node@e8d4a31d4b)] - **sqlite**: add support for unknown named parameters (Colin Ihrig) [#​57552](nodejs/node#57552) - \[[`5652da642d`](nodejs/node@5652da642d)] - **sqlite**: add DatabaseSync.prototype.isOpen (Colin Ihrig) [#​57522](nodejs/node#57522) - \[[`5c976f16cd`](nodejs/node@5c976f16cd)] - **sqlite**: add DatabaseSync.prototype\[Symbol.dispose]\() (Colin Ihrig) [#​57506](nodejs/node#57506) - \[[`4b04c92d7d`](nodejs/node@4b04c92d7d)] - **(SEMVER-MINOR)** **sqlite**: add StatementSync.prototype.columns() (Colin Ihrig) [#​57490](nodejs/node#57490) - \[[`7f5e31645c`](nodejs/node@7f5e31645c)] - **src**: ensure primordials are initialized exactly once (Chengzhong Wu) [#​57519](nodejs/node#57519) - \[[`9611980f58`](nodejs/node@9611980f58)] - **src**: improve error handling in multiple files (James M Snell) [#​57507](nodejs/node#57507) - \[[`3ddc5cd875`](nodejs/node@3ddc5cd875)] - **src**: cache urlpattern properties (JonasBa) [#​57465](nodejs/node#57465) - \[[`b9d9ee4da2`](nodejs/node@b9d9ee4da2)] - **src**: make minor cleanups in encoding_binding.cc (James M Snell) [#​57448](nodejs/node#57448) - \[[`f8acf2dd2a`](nodejs/node@f8acf2dd2a)] - **src**: make minor cleanups in compile_cache.cc (James M Snell) [#​57448](nodejs/node#57448) - \[[`6ee15c6509`](nodejs/node@6ee15c6509)] - **src**: define urlpattern components using a macro (JonasBa) [#​57452](nodejs/node#57452) - \[[`4ab3c1690a`](nodejs/node@4ab3c1690a)] - **src**: cleanup crypto more (James M Snell) [#​57323](nodejs/node#57323) - \[[`5be80b1748`](nodejs/node@5be80b1748)] - **src**: refine ncrypto more (James M Snell) [#​57300](nodejs/node#57300) - \[[`6a13319a6e`](nodejs/node@6a13319a6e)] - **src**: cleanup aliased_buffer.h (Mohammed Keyvanzadeh) [#​57395](nodejs/node#57395) - \[[`3cff7f80bb`](nodejs/node@3cff7f80bb)] - **src**: suggest --use-system-ca when a certificate error occurs (Aditi) [#​57362](nodejs/node#57362) - \[[`3d372ad9f3`](nodejs/node@3d372ad9f3)] - **test**: update WPT for urlpattern to [`6ceca69`](nodejs/node@6ceca69d26) (Node.js GitHub Bot) [#​57486](nodejs/node#57486) - \[[`481ea665af`](nodejs/node@481ea665af)] - **test**: add more number cases for buffer.indexOf (Meghan Denny) [#​57200](nodejs/node#57200) - \[[`27b01ed4e7`](nodejs/node@27b01ed4e7)] - **test**: update parallel/test-tls-dhe for OpenSSL 3.5 (Richard Lau) [#​57477](nodejs/node#57477) - \[[`8f7debcf41`](nodejs/node@8f7debcf41)] - **timers**: optimize timer functions with improved argument handling (Gürgün Dayıoğlu) [#​57072](nodejs/node#57072) - \[[`d4abd9d3fb`](nodejs/node@d4abd9d3fb)] - **timers**: remove unnecessary allocation of \_onTimeout (Gürgün Dayıoğlu) [#​57497](nodejs/node#57497) - \[[`f8f81c8ba2`](nodejs/node@f8f81c8ba2)] - **timers**: remove unused parameter from insertGuarded (Gürgün Dayıoğlu) [#​57251](nodejs/node#57251) - \[[`c4fdb27b51`](nodejs/node@c4fdb27b51)] - **tls**: remove unnecessary type check on normalize (Yagiz Nizipli) [#​57336](nodejs/node#57336) - \[[`ad5dcc5798`](nodejs/node@ad5dcc5798)] - **tools**: fix WPT update cron string (Antoine du Hamel) [#​57665](nodejs/node#57665) - \[[`7faa482588`](nodejs/node@7faa482588)] - **tools**: remove stalled label on unstalled issues and MRs (Rich Trott) [#​57630](nodejs/node#57630) - \[[`e3bb26da2b`](nodejs/node@e3bb26da2b)] - **tools**: update sccache to support GH cache changes (Michaël Zasso) [#​57573](nodejs/node#57573) - \[[`f0c9f505d9`](nodejs/node@f0c9f505d9)] - **tools**: bump [@​babel/helpers](https://github.com/babel/helpers) from 7.26.9 to 7.26.10 in /tools/eslint (dependabot\[bot]) [#​57444](nodejs/node#57444) - \[[`a40ff1f646`](nodejs/node@a40ff1f646)] - **url**: fix constructor error message for URLPattern (jakecastelli) [#​57482](nodejs/node#57482) - \[[`f36bee4b89`](nodejs/node@f36bee4b89)] - **util**: avoid run debug when enabled is false (fengmk2) [#​57494](nodejs/node#57494) - \[[`1b8d1d3a3a`](nodejs/node@1b8d1d3a3a)] - **(SEMVER-MINOR)** **util**: expose diff function used by the assertion errors (Giovanni Bucci) [#​57462](nodejs/node#57462) - \[[`1f7b08a317`](nodejs/node@1f7b08a317)] - **win,test**: disable test case failing with ClangCL (Stefan Stojanovic) [#​57397](nodejs/node#57397) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMzAuMiIsInVwZGF0ZWRJblZlciI6IjM5LjIzMC4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJSZW5vdmF0ZSBCb3QiXX0=-->
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add
isLoopbackfunction tointernal/netmodule to check if a given host is a loopback address.Add a warning when binding the inspector to a public IP with an open port, as it allows external hosts to connect to the inspector.
Fixes: #23444
Refs: https://nodejs.org/api/cli.html#--inspecthostport IANA IPv4 Special-Purpose Address Registry
IANA IPv6 Special-Purpose Address Registry
Special-Use Domain Names