Skip to content

Conversation

@MylesBorins
Copy link
Contributor

2019-12-17, Version 10.18.0 'Dubnium' (LTS), @MylesBorins

This is a security release.

This release includes a single commit, an update to npm to 6.13.4.

For more details about the vulnerability please consult the npm blog:

https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli

Notable changes

  • deps: update npm to 6.13.4 #30904

Commits

PR-URL: #30904
Reviewed-By: Ruben Bridgewater <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Michael Dawson <[email protected]>
Reviewed-By: Daijiro Wachi <[email protected]>
@nodejs-github-bot nodejs-github-bot added meta Issues and PRs related to the general management of the project. npm Issues and PRs related to the npm client dependency or the npm registry. v10.x labels Dec 13, 2019
@richardlau
Copy link
Member

Is the CI expected to pass without recent commits for Windows by @joaocgreis?

Copy link
Member

@BethGriggs BethGriggs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM (PR-URL: to be added)

Copy link
Member

@BridgeAR BridgeAR left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM with the PR-URL added.

@joaocgreis
Copy link
Member

CI needs c3e3862 to pass.

Ref: #30937 (comment)

Backport-PR-URL: #30726
PR-URL: #30724
Refs: nodejs/build#1996
Reviewed-By: Rod Vagg <[email protected]>
Reviewed-By: Sam Roberts <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
MylesBorins added a commit that referenced this pull request Dec 16, 2019
This is a security release.

This release includes a single commit, an update to npm to 6.13.4.

For more details about the vulnerability please consult the npm blog:

https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli

Notable Changes:

* deps: update npm to 6.13.4
  - #30904

PR-URL: #30940
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Dec 16, 2019

@nodejs-github-bot

This comment has been minimized.

This is a security release.

For more details about the vulnerability please consult the npm blog:

https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli

Notable Changes:

* deps: update npm to 6.13.4
  #30904

PR-URL: #30940
@nodejs-github-bot

This comment has been minimized.

@nodejs-github-bot
Copy link
Collaborator

@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Dec 17, 2019

@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Dec 17, 2019

@MylesBorins
Copy link
Contributor Author

Have a single failure that persists on arm test.sequential/test-https-server-keep-alive-timeout

As this failure is unrelated to this release, which only updates npm, I'm going to move forward with this test broken.

MylesBorins added a commit that referenced this pull request Dec 17, 2019
@MylesBorins MylesBorins merged commit 94365f0 into v10.x Dec 17, 2019
MylesBorins added a commit that referenced this pull request Dec 17, 2019
This is a security release.

For more details about the vulnerability please consult the npm blog:

https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli

Notable Changes:

* deps: update npm to 6.13.4
  #30904

PR-URL: #30940
MylesBorins added a commit to nodejs/nodejs.org that referenced this pull request Dec 17, 2019
@devsnek devsnek deleted the v10.18.0-proposal branch February 19, 2020 07:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

meta Issues and PRs related to the general management of the project. npm Issues and PRs related to the npm client dependency or the npm registry.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

9 participants