Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added safe-buffer and updated dependencies #51

Merged
merged 2 commits into from Mar 21, 2018
Merged

Added safe-buffer and updated dependencies #51

merged 2 commits into from Mar 21, 2018

Conversation

mcollina
Copy link
Collaborator

@mcollina mcollina commented Mar 20, 2018
edited

Fixes #50

@mcollina mcollina requested a review from rvagg March 20, 2018 10:55
@ChALkeR ChALkeR mentioned this pull request Mar 20, 2018
Closed
5 tasks
@ChALkeR
Copy link

ChALkeR commented Mar 21, 2018

Tracking: nodejs/node#19079

rvagg
rvagg reviewed Mar 21, 2018
View reviewed changes
.travis.yml Outdated
@@ -6,6 +6,8 @@ node_js:
- '4'
- '6'
- '7'
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we could remove this I reckon

@rvagg
Copy link
Owner

rvagg commented Mar 21, 2018

yep, lgtm, I think you have enough perms to push through a release @mcollina

@mcollina
Copy link
Collaborator Author

Yes I'll do that.

@ChALkeR can you check if I should backport this to the 0.9.x release line as well?

@ChALkeR
Copy link

ChALkeR commented Mar 21, 2018
edited

@mcollina

1.x (together, hope you are backporting to 1.1 and 1.0, those are significant)

Query: "bl@1.
10197105        bl
5680853 tar-stream
3766709 log4js
3545797 karma
2316839 archiver
2234067 tar-fs
1787219 decompress
1753634 decompress-tar
1753011 decompress-targz
1752892 decompress-tarbz2
…

18716 modules total.

0.9

Query: "bl@0.9
59537   follow
54484   grunt-google-cdn
37878   gl-scatter2d
37624   gl-error2d
37617   gl-line2d
34128   tsd
33462   codecov.io
31725   gl-scatter2d-sdf
29722   zip-folder
26696   istanbul-middleware
…

4433 modules total.

0.8

Query: "bl@0.8
127110  level-sublevel
71615   rollup-plugin-node-builtins
59212   browserify-fs
13685   mosca
10907   dynalite
6666    weaver-sdk
6510    react-native-level-fs
4592    kinesalite
3270    deep-package-manager
3251    node-red-contrib-mqtt-broker
…

760 modules total.

0.7

Query: "bl@0.7
23425   vinyl-transform
13103   lasso
10969   raptor-cache
9923    dissolve
7248    response
4292    electrode-archetype-react-app-dev
3102    smild
2735    electrode-electrify
2470    questor
1816    duniter
…

202 modules total.

0.6

Query: "bl@0.6
660     hms
…

39 modules total.

You certainly don't need backporting to 0.6, everything else is up to you =).

@ChALkeR
Copy link

ChALkeR commented Mar 21, 2018
edited

@mcollina While I'm here, I also suggest considering using my polyfill instead — it would be a three byte change to this PR.

@mcollina
Copy link
Collaborator Author

safe-buffer is already going to be in the tree because of readable-stream and a lot of the other streams module that have been updated so far using it. I'd prefer not updating those at this time.

@rvagg any opinion on the subject?

@ChALkeR
Copy link

ChALkeR commented Mar 21, 2018
edited

@mcollina if this was my module, I would have backported to 0.8, I guess.

If that doesn't contain security issues that are fixed in later versions by braking backwards compat — in that case, making it seem like old insecure versions are supported and giving people less reasons to migrate from those would be harmful.

@mcollina mcollina merged commit 307da45 into master Mar 21, 2018
@mcollina mcollina deleted the safe-buffeer branch March 21, 2018 21:58
@mcollina mcollina mentioned this pull request Mar 21, 2018
Open
This was referenced Mar 9, 2021
Open
Open
Open
Open
Open
Merged
Open
Open
Merged
Open
Open
Open
Open
Merged
Merged
This was referenced Mar 16, 2021
Merged
Merged
Closed
Open
Open
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rvagg rvagg rvagg left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@mcollina @ChALkeR @rvagg