Releases: cloudfoundry/nodejs-buildpack
v1.5.19
- Add node 4.5.0, remove node 4.4.6
(https://www.pivotaltracker.com/story/show/128431641) - Add node 6.4.0, remove node 6.3.0
(https://www.pivotaltracker.com/story/show/128863283) - Add node 6.5.0, remove node 6.3.1
(https://www.pivotaltracker.com/story/show/129366607) - Add support for New Relic configuration through service binding
(https://www.pivotaltracker.com/story/show/110040634) - Filter credentials from dependency urls printed during staging
(https://www.pivotaltracker.com/story/show/126514693) - Add default_versions support for specifying node default version
(https://www.pivotaltracker.com/story/show/126394943)
Packaged binaries:
| name | version | cf_stacks |
|---|---|---|
| node | 0.10.45 | cflinuxfs2 |
| node | 0.10.46 | cflinuxfs2 |
| node | 0.12.14 | cflinuxfs2 |
| node | 0.12.15 | cflinuxfs2 |
| node | 4.4.7 | cflinuxfs2 |
| node | 4.5.0 | cflinuxfs2 |
| node | 5.11.1 | cflinuxfs2 |
| node | 5.12.0 | cflinuxfs2 |
| node | 6.4.0 | cflinuxfs2 |
| node | 6.5.0 | cflinuxfs2 |
Default binary versions:
| name | version |
|---|---|
| node | 4.5.0 |
- SHA256: 2050323c8b845906d999dec0a11528184062fdccb434945bb22441abe7c6f29b
v1.5.18
- Add nodejs 6.3.1, remove nodejs 6.2.2
(https://www.pivotaltracker.com/story/show/126830705)
Packaged binaries:
| name | version | cf_stacks |
|---|---|---|
| node | 0.10.45 | cflinuxfs2 |
| node | 0.10.46 | cflinuxfs2 |
| node | 0.12.14 | cflinuxfs2 |
| node | 0.12.15 | cflinuxfs2 |
| node | 4.4.6 | cflinuxfs2 |
| node | 4.4.7 | cflinuxfs2 |
| node | 5.11.1 | cflinuxfs2 |
| node | 5.12.0 | cflinuxfs2 |
| node | 6.3.0 | cflinuxfs2 |
| node | 6.3.1 | cflinuxfs2 |
- SHA256: 5804ec3e290c58f532f0231ab597f27cde760a6eb1d3cd3cce3014edaf181f31
v1.5.17
- Make buildpacks.cloudfoundry.org the default url for buildpack dependencies
(https://www.pivotaltracker.com/story/show/121757949) - Update node to 4.4.7
(https://www.pivotaltracker.com/story/show/123264921) - Update node to 6.3.0
(https://www.pivotaltracker.com/story/show/125266811)
Packaged binaries:
| name | version | cf_stacks |
|---|---|---|
| node | 0.10.45 | cflinuxfs2 |
| node | 0.10.46 | cflinuxfs2 |
| node | 0.12.14 | cflinuxfs2 |
| node | 0.12.15 | cflinuxfs2 |
| node | 4.4.6 | cflinuxfs2 |
| node | 4.4.7 | cflinuxfs2 |
| node | 5.11.1 | cflinuxfs2 |
| node | 5.12.0 | cflinuxfs2 |
| node | 6.2.2 | cflinuxfs2 |
| node | 6.3.0 | cflinuxfs2 |
- SHA256: fbaa187a88966f7f552244cfa0f4e14e2562f0d3754cd0d63ffa9f5b2242a762
v1.5.16
- Add nodejs 0.10.46, remove nodejs 0.10.44
(https://www.pivotaltracker.com/story/show/122177127) - Add nodejs 0.12.15, remove nodejs 0.12.13
(https://www.pivotaltracker.com/story/show/122177127) - Add nodejs 4.4.6, remove nodejs 4.4.4
(https://www.pivotaltracker.com/story/show/122177127) - Add nodejs 5.12.0, remove nodejs 5.10.1
(https://www.pivotaltracker.com/story/show/122177127) - Add nodejs 6.2.2. Remove nodejs 6.2.0
(https://www.pivotaltracker.com/story/show/121759045)
Packaged binaries:
| name | version | cf_stacks |
|---|---|---|
| node | 0.10.45 | cflinuxfs2 |
| node | 0.10.46 | cflinuxfs2 |
| node | 0.12.14 | cflinuxfs2 |
| node | 0.12.15 | cflinuxfs2 |
| node | 4.4.5 | cflinuxfs2 |
| node | 4.4.6 | cflinuxfs2 |
| node | 5.11.1 | cflinuxfs2 |
| node | 5.12.0 | cflinuxfs2 |
| node | 6.2.1 | cflinuxfs2 |
| node | 6.2.2 | cflinuxfs2 |
- SHA256: 766d716937fb4a6935c4b9e83e791619efd2c33084fb3f4672fda713e9926a9e
v1.5.15
- Add nodejs 6.2.0 and 6.2.1, remove nodejs 6.0.0 and 6.1.0
(https://www.pivotaltracker.com/story/show/120806559)
(https://www.pivotaltracker.com/story/show/119775517) - Add nodejs 4.4.5, remove nodejs 4.4.3
(https://www.pivotaltracker.com/story/show/120225945) - Add a helpful error message for case where npm fails to download
(https://www.pivotaltracker.com/story/show/118775597)
Packaged binaries:
| name | version | cf_stacks |
|---|---|---|
| node | 0.10.44 | cflinuxfs2 |
| node | 0.10.45 | cflinuxfs2 |
| node | 0.12.13 | cflinuxfs2 |
| node | 0.12.14 | cflinuxfs2 |
| node | 4.4.4 | cflinuxfs2 |
| node | 4.4.5 | cflinuxfs2 |
| node | 5.10.1 | cflinuxfs2 |
| node | 5.11.1 | cflinuxfs2 |
| node | 6.2.0 | cflinuxfs2 |
| node | 6.2.1 | cflinuxfs2 |
- SHA256: be1916e84cedcf379ee14561f5433fc2b13f97bc4623e844a947c99a344efa8e
v1.5.14
Notably, this version of the nodejs buildpack addresses the following openssl vulnerabilities for the following CVEs:
-
CVE-2016-2107: Padding oracle in AES-NI CBC MAC check
-
CVE-2016-2105: EVP_EncodeUpdate overflow
-
CVE-2016-2108: Memory corruption in the ASN.1 encoder
-
CVE-2016-2106: EVP_EncryptUpdate overflow
-
CVE-2016-2109: ASN.1 BIO excessive memory allocation (CVE-2016-2109)
-
CVE-2016-2176: EBCDIC overread
More information can be found here
https://nodejs.org/en/blog/vulnerability/openssl-may-2016/Version changes:
- Replace 0.10.43 with 0.10.45
- Replace 0.12.12 with 0.12.14
- Replace 4.4.2 with 4.4.4
- Replace 5.11.0 with 5.11.1
- Add 6.1.0
(https://www.pivotaltracker.com/story/show/119080687)
(https://www.pivotaltracker.com/story/show/119053109)
(https://www.pivotaltracker.com/story/show/119050895)
(https://www.pivotaltracker.com/story/show/119055011)
Packaged binaries:
| name | version | cf_stacks |
|---|---|---|
| node | 0.10.44 | cflinuxfs2 |
| node | 0.10.45 | cflinuxfs2 |
| node | 0.12.13 | cflinuxfs2 |
| node | 0.12.14 | cflinuxfs2 |
| node | 4.4.3 | cflinuxfs2 |
| node | 4.4.4 | cflinuxfs2 |
| node | 5.10.1 | cflinuxfs2 |
| node | 5.11.1 | cflinuxfs2 |
| node | 6.0.0 | cflinuxfs2 |
| node | 6.1.0 | cflinuxfs2 |
- SHA256: 8ac8e19ed2c8ed1ac58e4836aff342c67b1de388c1b01e5f93e1541acaf40a57
v1.5.13
-
Add nodejs 6.0.0
Note that many node packages do not yet and possibly will not support the node 6 series
Ex. bson_ext is not compatible with v8 and node 6: https://github.com/christkv/bson-ext/issues/28#issuecomment-212258411
-
Fix bug where versions with an odd minor semver portion get filtered out
during version resolution
(https://www.pivotaltracker.com/story/show/118436661) -
Add nodejs 5.11.0, Remove 5.10.0
(https://www.pivotaltracker.com/story/show/118134235)
Packaged binaries:
| name | version | cf_stacks |
|---|---|---|
| node | 0.10.43 | cflinuxfs2 |
| node | 0.10.44 | cflinuxfs2 |
| node | 0.12.12 | cflinuxfs2 |
| node | 0.12.13 | cflinuxfs2 |
| node | 4.4.2 | cflinuxfs2 |
| node | 4.4.3 | cflinuxfs2 |
| node | 5.10.1 | cflinuxfs2 |
| node | 5.11.0 | cflinuxfs2 |
| node | 6.0.0 | cflinuxfs2 |
- SHA256: a3d2a78d8007b697b16d91609fd0aa641ba8c3001b52c4c443d52f0116cafa0f
v1.5.12
- Add nodejs 4.4.3
(https://www.pivotaltracker.com/story/show/117495347)
Packaged binaries:
| name | version | cf_stacks |
|---|---|---|
| node | 0.10.43 | cflinuxfs2 |
| node | 0.10.44 | cflinuxfs2 |
| node | 0.12.12 | cflinuxfs2 |
| node | 0.12.13 | cflinuxfs2 |
| node | 4.4.2 | cflinuxfs2 |
| node | 4.4.3 | cflinuxfs2 |
| node | 5.10.0 | cflinuxfs2 |
| node | 5.10.1 | cflinuxfs2 |
- SHA256: 41aa8714a6a65573e1f27e6b2614958d3976b4ae53e85a16d7dd903df2fbdab6
v1.5.11
- Add node 5.10.1
(https://www.pivotaltracker.com/story/show/117023173)
Packaged binaries:
| name | version | cf_stacks |
|---|---|---|
| node | 0.10.43 | cflinuxfs2 |
| node | 0.10.44 | cflinuxfs2 |
| node | 0.12.12 | cflinuxfs2 |
| node | 0.12.13 | cflinuxfs2 |
| node | 4.4.2 | cflinuxfs2 |
| node | 5.10.0 | cflinuxfs2 |
| node | 5.10.1 | cflinuxfs2 |
- SHA256: 4023010e90b91a641213a1b7680b1d8cf2484dade6b702389ebaf87afa84b323
v1.5.10
Notably, this release includes updated versions of nodejs that addresses security issues mentioned in:
https://nodejs.org/en/blog/vulnerability/npm-tokens-leak-march-2016/
- Add nodejs 0.12.13, 0.10.44, 4.4.2, 5.10.0, remove nodejs 0.12.11,
0.10.42, 4.4.1, 5.9.1
(https://www.pivotaltracker.com/story/show/116741361)
Packaged binaries:
| name | version | cf_stacks |
|---|---|---|
| node | 0.10.43 | cflinuxfs2 |
| node | 0.10.44 | cflinuxfs2 |
| node | 0.12.12 | cflinuxfs2 |
| node | 0.12.13 | cflinuxfs2 |
| node | 4.4.2 | cflinuxfs2 |
| node | 5.10.0 | cflinuxfs2 |
- SHA256: 988da954cbfc42bb4957f31b68ba30df01e01e6fb638c5064ee726287e6ddc5a