Softpedia >Windows >Internet >Servers >WEB Servers >io.js >  Changelog

io.js Changelog

What's new in io.js 3.3.0

Sep 4, 2015
  • build: Add a --link-module option to configure that can be used to bundle additional JavaScript modules into a built binary
  • docs: Merge outstanding doc updates from joyent/node
  • http_parser: Significant performance improvement by having http.Server consume all initial data from its net.Socket and parsing directly without having to enter JavaScript. Any 'data' listeners on the net.Socket will result in the data being "unconsumed" into JavaScript, thereby undoing any performance gains.
  • libuv: Upgrade to 1.7.3 (from 1.6.1), see ChangeLog for details
  • V8: Upgrade to 4.4.63.30 (from 4.4.63.26)

New in io.js 3.2.0 (Aug 27, 2015)

  • events: Added EventEmitter#listenerCount(event) as a replacement for EventEmitter.listenerCount(emitter, event), which has now been marked as deprecated in the docs.
  • module: Fixed an error with preloaded modules when the current working directory doesn't exist.
  • node: Startup time is now about 5% faster when not passing V8 flags.
  • repl: Tab-completion now works better with arrays.
  • string_bytes: Fixed an unaligned write in the handling of UCS2 encoding.
  • tls: Added a new --tls-cipher-list flag that can be used to override the built-in default cipher list. Note: it is suggested you use the built-in cipher list as it has been carefully selected to reflect current security best practices and risk mitigation.

New in io.js 3.1.0 (Aug 27, 2015)

  • buffer:
  • Fixed a couple large memory leaks
  • crypto:
  • Fixed a couple of minor memory leaks
  • Signing now checks for OpenSSL errors (P.S.V.R) #2342. Note that this may expose previously hidden errors in user code.
  • intl:
  • Intl support using small-icu is now enabled by default in builds
  • String#normalize() can now be used for unicode normalization.
  • The Intl object and various String and Number methods are present, but only support the English locale.
  • For support of all locales, node must be built with full-icu.
  • tls:
  • Fixed tls throughput being much lower after an incorrect merge
  • tools:
  • The v8 tick processor now comes bundled with node
  • This can be used by producing performance profiling output by running node with --perf, then running your appropriate platform's script on the output as found in tools/v8-prof.
  • util:
  • util.inspect(obj) now prints the constructor name of the object if there is one

New in io.js 3.0.0 (Aug 6, 2015)

  • buffer:
  • Due to changes in V8, it has been necessary to reimplement Buffer on top of V8's Uint8Array. Every effort has been made to minimize the performance impact, however Buffer instantiation is measurably slower. Access operations may be faster in some circumstances but the exact performance profile and difference over previous versions will depend on how Buffer is used within applications.
  • Buffer can now take ArrayBuffers as a constructor argument
  • When a single buffer is passed to Buffer.concat(), a new, copied Buffer object will be returned; previous behavior was to return the original Buffer object
  • build: PPC support has been added to core to allow compiling on pLinux BE and LE (AIX support coming soon)
  • dgram: If an error occurs within socket.send() and a callback has been provided, the error is only passed as the first argument to the callback and not emitted on the socket object; previous behavior was to do both
  • freelist: Deprecate the undocumented freelist core module
  • http:
  • Status codes now all use the official IANA names as per RFC7231, e.g. http.STATUS_CODES[414] now returns 'URI Too Long' rather than 'Request-URI Too Large'
  • Calling .getName() on an HTTP agent no longer returns a trailing colon, HTTPS agents will no longer return an extra colon near the middle of the string
  • node:
  • NODE_MODULE_VERSION has been bumped to 45 to reflect the break in ABI
  • Introduce a new process.release object that contains a name property set to 'io.js' and sourceUrl, headersUrl and libUrl (Windows only) properties containing URLs for the relevant resources; this is intended to be used by node-gyp
  • The version of node-gyp bundled with io.js now downloads and uses a tarball of header files from iojs.org rather than the full source for compiling native add-ons; it is hoped this is a temporary floating patch and the change will be upstreamed to node-gyp soon
  • repl: Persistent history is now enabled by default. The history file is located at ~/.node_repl_history, which can be overridden by the new environment variable NODE_REPL_HISTORY. This deprecates the previous NODE_REPL_HISTORY_FILE variable. Additionally, the format of the file has been changed to plain text to better handle file corruption.
  • smalloc: The smalloc module has been removed as it is no longer possible to provide the API due to changes in V8
  • tls: Add server.getTicketKeys() and server.setTicketKeys() methods for TLS session key rotation
  • v8: Upgraded to 4.4.63.26:
  • ES6: Enabled computed property names
  • ES6: Array can now be subclassed in strict mode
  • ES6: Implement rest parameters in staging, use the --harmony-rest-parameters command line flag
  • ES6: Implement the spread operator in staging, use the --harmony-spreadcalls command line flag
  • Removed SetIndexedPropertiesToExternalArrayData and related APIs, forcing a shift to Buffer to be reimplemented based on Uint8Array
  • Introduction of Maybe and MaybeLocal C++ API for objects which may or may not have a value.
  • Added support for PPC

New in io.js 2.5.0 (Aug 6, 2015)

  • https: TLS sessions in Agent are reused
  • src: base64 decoding is now 50% faster
  • npm: Upgraded to v2.13.2

New in io.js 2.4.0 (Jul 27, 2015)

  • Notable changes:
  • src: Added a new --track-heap-objects flag to track heap object allocations for heap snapshots.
  • readline: Fixed a freeze that affected the repl if the keypress event handler threw.
  • npm: Upgraded to v2.13.0

New in io.js 2.3.4 (Jul 27, 2015)

  • Notable changes:
  • openssl: Upgrade to 1.0.2d, fixes CVE-2015-1793.
  • npm: Upgraded to v2.12.1

New in io.js 2.3.3 (Jul 27, 2015)

  • Notable changes:
  • deps: Fixed an out-of-band write in utf8 decoder. This is an important security update as it can be used to cause a denial of service attack.

New in io.js 2.3.2 (Jul 27, 2015)

  • Notable changes:
  • build
  • Added support for compiling with Microsoft Visual C++ 2015
  • Started building and distributing headers-only tarballs along with binaries

New in io.js 2.3.1 (Jul 27, 2015)

  • Notable changes:
  • module: The number of syscalls made during a require() have been significantly reduced again (see #1801 from v2.2.0 for previous work), which should lead to a performance improvement (Pierre Inglebert) #1920.
  • npm
  • Upgrade to v2.11.2 (Rebecca Turner) #1956.
  • Upgrade to v2.11.3 (Forrest L Norvell) #2018.
  • zlib: A bug was discovered where the process would abort if the final part of a zlib decompression results in a buffer that would exceed the maximum length of 0x3fffffff bytes (~1GiB). This was likely to only occur during buffered decompression (rather than streaming). This is now fixed and will instead result in a thrown RangeError

New in io.js 2.3.0 (Jul 27, 2015)

  • Notable changes:
  • libuv: Upgraded to 1.6.0 and 1.6.1, see full ChangeLog for details. (Saúl Ibarra Corretgé) #1905 #1889. Highlights include
  • Fix TTY becoming blocked on OS X
  • Fix UDP send callbacks to not to be synchronous
  • Add uv_os_homedir() (exposed as os.homedir(), see below)
  • npm: Highlight
  • Use GIT_SSH_COMMAND (available as of Git 2.3)
  • openssl
  • Upgrade to 1.0.2b and 1.0.2c, introduces DHE man-in-the-middle protection (Logjam) and fixes malformed ECParameters causing infinite loop (CVE-2015-1788). See the security advisory for full details. (Shigeki Ohtsu) #1950 #1958
  • Support FIPS mode of OpenSSL, see README for instructions. (Fedor Indutny) #1890
  • os: Add os.homedir() method. (Colin Ihrig) #1791
  • smalloc: Deprecate whole module. (Vladimir Kurchatkin) #1822
  • Add new collaborators

New in io.js 2.2.1 (Jul 27, 2015)

  • Notable changes:
  • http: Reverts the move of the client property of IncomingMessage to its prototype. Although undocumented, this property was used and assumed to be an "own property" in the wild, most notably by request which is used by npm.

New in io.js 2.2.0 (Jul 27, 2015)

  • Notable changes:
  • node: Speed-up require() by replacing usage of fs.statSync() and fs.readFileSync() with internal variants that are faster for this use-case and do not create as many objects for the garbage collector to clean up. The primary two benefits are: significant increase in application start-up time on typical applications and better start-up time for the debugger by eliminating almost all of the thousands of exception events. (Ben Noordhuis) #1801.
  • node: Resolution of pre-load modules (-r or --require) now follows the standard require() rules rather than just resolving paths, so you can now pre-load modules in node_modules. (Ali Ijaz Sheikh) #1812.
  • npm: Upgraded npm to v2.11.0. New hooks for preversion, version, and postversion lifecycle events, some SPDX-related license changes and license file inclusions.

New in io.js 2.1.0 (Jul 27, 2015)

  • Notable changes:
  • crypto: Diffie-Hellman key exchange (DHE) parameters ('dhparams') must now be 1024 bits or longer or an error will be thrown. A warning will also be printed to the console if you supply less than 2048 bits. See https://weakdh.org/ for further context on this security concern. (Shigeki Ohtsu) #1739.
  • node: A new --trace-sync-io command line flag will print a warning and a stack trace whenever a synchronous API is used. This can be used to track down synchronous calls that may be slowing down an application. (Trevor Norris) #1707.
  • node: To allow for chaining of methods, the setTimeout(), setKeepAlive(), setNoDelay(), ref() and unref() methods used in 'net', 'dgram', 'http', 'https' and 'tls' now return the current instance instead of undefined (Roman Reiss & Evan Lucas) #1699 #1768 #1779.
  • npm: Upgraded to v2.10.1
  • util: A significant speed-up (in the order of 35%) for the common-case of a single string argument to util.format(), used by console.log()

New in io.js 2.0.2 (Jul 27, 2015)

  • Notable changes:
  • win,node-gyp: the delay-load hook for windows addons has now been correctly enabled by default, it had wrongly defaulted to off in the release version of 2.0.0 (Bert Belder) #1433
  • os: tmpdir()'s trailing slash stripping has been refined to fix an issue when the temp directory is at '/'. Also considers which slash is used by the operating system. (cjihrig) #1673
  • tls: default ciphers have been updated to use gcm and aes128 (Mike MacCana) #1660
  • build: v8 snapshots have been re-enabled by default as suggested by the v8 team, since prior security issues have been resolved. This should give some perf improvements to both startup and vm context creation. (Trevor Norris) #1663
  • src: fixed preload modules not working when other flags were used before --require (Yosuke Furukawa) #1694
  • dgram: fixed send()'s callback not being asynchronous (Yosuke Furukawa) #1313
  • readline: emitKeys now keeps buffering data until it has enough to parse. This fixes an issue with parsing split escapes. (Alex Kocharin) #1601
  • cluster: works now properly emit 'disconnect' to cluser.worker (Oleg Elifantiev) #1386
  • events: uncaught errors now provide some context (Evan Lucas) #1654

New in io.js 2.0.1 (May 11, 2015)

  • Notable changes:
  • async_wrap: (Trevor Norris) #1614
  • it is now possible to filter by providers
  • bit flags have been removed and replaced with method calls on the binding object
  • note that this is an unstable API so feature additions and breaking changes won't change io.js semver
  • libuv: resolves numerous io.js issues:
  • #862 prevent spawning child processes with invalid stdio file descriptors
  • #1397 fix EPERM error with fs.access(W_OK) on Windows
  • #1621 build errors associated with the bundled libuv
  • #1512 should properly fix Windows termination errors
  • addons: the NODE_DEPRECATED macro was causing problems when compiling addons with older compilers, this should now be resolved (Ben Noordhuis) #1626
  • V8: upgrade V8 from 4.2.77.18 to 4.2.77.20 with minor fixes, including a bug preventing builds on FreeBSD

New in io.js 2.0.0 (May 5, 2015)

  • Notable changes:
  • crypto: significantly reduced memory usage for TLS (Fedor Indutny & Сковорода Никита Андреевич) #1529
  • net: socket.connect() now accepts a 'lookup' option for a custom DNS resolution mechanism, defaults to dns.lookup() (Evan Lucas) #1505
  • npm: Upgrade npm to 2.9.0. Notable items:
  • Add support for default author field to make npm init -y work without user-input (@othiym23) npm/npm/d8eee6cf9d
  • Include local modules in npm outdated and npm update (@ArnaudRinquin) npm/npm#7426
  • The prefix used before the version number on npm version is now configurable via tag-version-prefix (@kkragenbrink) npm/npm#8014
  • os: os.tmpdir() is now cross-platform consistent and will no longer returns a path with a trailling slash on any platform (Christian Tellnes) #747
  • process:
  • process.nextTick() performance has been improved by between 2-42% across the benchmark suite, notable because this is heavily used across core (Brian White) #1548
  • New process.geteuid(), process.seteuid(id), process.getegid() and process.setegid(id) methods allow you to get and set effective UID and GID of the process (Evan Lucas) #1536
  • repl:
  • REPL history can be persisted across sessions if the NODE_REPL_HISTORY_FILE environment variable is set to a user accessible file, NODE_REPL_HISTORY_SIZE can set the maximum history size and defaults to 1000 (Chris Dickinson) #1513
  • The REPL can be placed in to one of three modes using the NODE_REPL_MODE environment variable: sloppy, strict or magic (default); the new magic mode will automatically run "strict mode only" statements in strict mode (Chris Dickinson) #1513
  • smalloc: the 'smalloc' module has been deprecated due to changes coming in V8 4.4 that will render it unusable
  • util: add Promise, Map and Set inspection support (Christopher Monsanto) #1471
  • V8: upgrade to 4.2.77.18. Notable items:
  • Classes have moved out of staging; the class keyword is now usable in strict mode without flags
  • Object literal enhancements have moved out of staging; shorthand method and property syntax is now usable ({ method() { }, property })
  • Rest parameters (function(...args) {}) are implemented in staging behind the --harmony-rest-parameters flag
  • Computed property names ({['foo'+'bar']:'bam'}) are implemented in staging behind the --harmony-computed-property-names flag
  • Unicode escapes ('\u{xxxx}') are implemented in staging behind the --harmony_unicode flag and the --harmony_unicode_regexps flag for use in regular expressions
  • Windows:
  • Random process termination on Windows fixed (Fedor Indutny) #1512 / #1563
  • The delay-load hook introduced to fix issues with process naming (iojs.exe / node.exe) has been made opt-out for native add-ons. Native add-ons should include 'win_delay_load_hook': 'false' in their binding.gyp to disable this feature if they experience problems . (Bert Belder) #1433
  • Governance:
  • Rod Vagg (@rvagg) was added to the Technical Committee (TC)
  • Jeremiah Senkpiel (@Fishrock123) was added to the Technical Committee (TC)

New in io.js 1.8.1 (May 5, 2015)

  • Notable changes:
  • NOTICE: Skipped v1.8.0 due to problems with release tooling. See #1436 for details.
  • build: Support for building io.js as a static library (Marat Abdullin) #1341
  • deps: Upgrade openssl to 1.0.2a (Shigeki Ohtsu) #1389
  • Users should see performance improvements when using the crypto API.
  • npm: Upgrade npm to 2.8.3. Includes improved git support. Summary:
  • 387f889 #7961 Ensure that hosted git SSH URLs always have a valid protocol when stored in resolved fields in npm-shrinkwrap.json. (@othiym23)
  • 394c2f5 Switch the order in which hosted Git providers are checked to git:, git+https:, then git+ssh: (from git:, git+ssh:, then git+https:) in an effort to go from most to least likely to succeed, to make for less confusing error message. (@othiym23)
  • 431c3bf #7699 [email protected]: Don't send body with HTTP GET requests when logging in. (@smikes)
  • 15efe12 #7872 Use the new version of hosted-git-info to pass along credentials embedded in git URLs. Test it. Test it a lot. (@othiym23)
  • b027319 #7920 Scoped packages with peerDependencies were installing the peerDependencies into the wrong directory. (@ewie)
  • 6b0f588 #7867 Use git shorthand and git URLs as presented by user. Support new hosted-git-info shortcut syntax. Save shorthand in package.json. Try cloning via git:, git+ssh:, and git+https:, in that order, when supported by the underlying hosting provider. (@othiym23)
  • src: Allow multiple arguments to be passed to process.nextTick (Trevor Norris) #1077
  • module: The interaction of require('.') with NODE_PATH has been restored and deprecated. This functionality will be removed at a later point. (Roman Reiss) #1363

New in io.js 1.7.1 (May 5, 2015)

  • Notable changes:
  • build: A syntax error in the Makefile for release builds caused 1.7.0 to be DOA and unreleased. (Rod Vagg) #1421.

New in io.js 1.7.0 (May 5, 2015)

  • Notable changes:
  • C++ API: Fedor Indutny contributed a feature to V8 which has been backported to the V8 bundled in io.js. SealHandleScope allows a C++ add-on author to seal a HandleScope to prevent further, unintended allocations within it. Currently only enabled for debug builds of io.js. This feature helped detect the leak in #1075 and is now activated on the root HandleScope in io.js. (Fedor Indutny) #1395.
  • ARM: This release includes significant work to improve the state of ARM support for builds and tests. The io.js CI cluster's ARMv6, ARMv7 and ARMv8 build servers are now all (mostly) reporting passing builds and tests.
  • ARMv8 64-bit (AARCH64) is now properly supported, including a backported fix in libuv that was mistakenly detecting the existence of epoll_wait(). (Ben Noordhuis) #1365.
  • ARMv6: #1376 reported a problem with Math.exp() on ARMv6 (incl Raspberry Pi). The culprit is erroneous codegen for ARMv6 when using the "fast math" feature of V8. --nofast_math has been turned on for all ARMv6 variants by default to avoid this, fast math can be turned back on with --fast_math. (Ben Noordhuis) #1398.
  • Tests: timeouts have been tuned specifically for slower platforms, detected as ARMv6 and ARMv7. (Roman Reiss) #1366.
  • npm: Upgrade npm to 2.7.6. See the release notes for details. Summary:
  • b747593#7630 Don't automatically log all git failures as errors. maybeGithub needs to be able to fail without logging to support its fallback logic. (@othiym23)
  • 78005eb#7743 Always quote arguments passed to npm run-script. This allows build systems and the like to safely escape glob patterns passed as arguments to run-scripts with npm run-script -- . This is a tricky change to test, and may be reverted or moved to npm@3 if it turns out it breaks things for users. (@mantoni)
  • da015ee#7074 [email protected]: read-package-json no longer caches package.json files, which trades a very small performance loss for the elimination of a large class of really annoying race conditions. See #7074 for the grisly details. (@othiym23)

New in io.js 1.6.4 (May 5, 2015)

  • Notable changes:
  • npm: upgrade npm to 2.7.5. Includes two important security fixes. Summary:
  • 300834e [email protected]: Normalize symbolic links that point to targets outside the extraction root. This prevents packages containing symbolic links from overwriting targets outside the expected paths for a package. Thanks to Tim Cuthbertson and the team at Lift Security for working with the npm team to identify this issue. (@othiym23)
  • 0dc6875 [email protected]: Package versions can be no more than 256 characters long. This prevents a situation in which parsing the version number can use exponentially more time and memory to parse, leading to a potential denial of service. Thanks to Adam Baldwin at Lift Security for bringing this to our attention. (@isaacs)
  • eab6184 #7766 One last tweak to ensure that GitHub shortcuts work with private repositories. (@iarna)
  • a840a13 #7746 Only fix up git URL paths when there are paths to fix up. (@othiym23)
  • openssl: preliminary work has been done for an upcoming upgrade to OpenSSL 1.0.2a #1325 (Shigeki Ohtsu). See #589 for additional details.
  • timers: a minor memory leak when timers are unreferenced was fixed, alongside some related timers issues #1330 (Fedor Indutny). This appears to have fixed the remaining leak reported in #1075.
  • android: it is now possible to compile io.js for Android and related devices #1307 (Giovanny Andres Gongora Granada).

New in io.js 1.6.3 (May 5, 2015)

  • Notable changes:
  • fs: corruption can be caused by fs.writeFileSync() and append-mode fs.writeFile() and fs.writeFileSync() under certain circumstances, reported in #1058, fixed in #1063 (Olov Lassus).
  • iojs: an "internal modules" API has been introduced to allow core code to share JavaScript modules internally only without having to expose them as a public API, this feature is for core-only #848 (Vladimir Kurchatkin).
  • timers: two minor problems with timers have been fixed:
  • Timer#close() is now properly idempotent #1288 (Petka Antonov).
  • setTimeout() will only run the callback once now after an unref() during the callback #1231 (Roman Reiss).
  • NOTE: there are still other unresolved concerns with the timers code, such as #1152.
  • Windows: a "delay-load hook" has been added for compiled add-ons on Windows that should alleviate some of the problems that Windows users may be experiencing with add-ons in io.js #1251 (Bert Belder).
  • V8: minor bug-fix upgrade for V8 to 4.1.0.27.
  • npm: upgrade npm to 2.7.4. Summary:
  • 1549106 #7641 Due to 448efd0, running npm shrinkwrap --dev caused production dependencies to no longer be included in npm-shrinkwrap.json. Whoopsie! (@othiym23)
  • fb0ac26 #7579 Only block removing files and links when we're sure npm isn't responsible for them. This change is hard to summarize, because if things are working correctly you should never see it, but if you want more context, just go read the commit message, which lays it all out. (@othiym23)
  • 051c473 #7552 bundledDependencies are now properly included in the installation context. This is another fantastically hard-to-summarize bug, and once again, I encourage you to read the commit message if you're curious about the details. The snappy takeaway is that this unbreaks many use cases for ember-cli. (@othiym23)
  • fe1bc38#7672 [email protected]: Fix client-side certificate handling by correcting property name. (@atamon)
  • 89ce829#7630 [email protected]: Part 3 of ensuring that GitHub shorthand is handled consistently. (@othiym23)
  • 63313eb#7630 [email protected]: Part 2 of ensuring that GitHub shorthand is handled consistently. (@othiym23)
  • 3ed41bf#7630 [email protected]: Part 1 of ensuring that GitHub shorthand is handled consistently. (@othiym23)

New in io.js 1.6.2 (May 5, 2015)

  • Notable changes:
  • Windows: The ongoing work in improving the state of Windows support has resulted in full test suite passes once again. As noted in the release notes for v1.4.2, CI system and configuration problems prevented it from properly reporting problems with the Windows tests, the problems with the CI and the codebase appear to have been fully resolved.
  • FreeBSD: A kernel bug impacting io.js/Node.js was discovered and a patch has been introduced to prevent it causing problems for io.js (Fedor Indutny) #1218.
  • module: you can now require('.') instead of having to require('./'), this is considered a bugfix (Michaël Zasso) #1185.
  • v8: updated to 4.1.0.25 including patches for --max_old_space_size values above 4096 and Solaris support, both of which are already included in io.js.

New in io.js 1.6.1 (May 5, 2015)

  • Notable changes:
  • path: New type-checking on path.resolve() #1153 uncovered some edge-cases being relied upon in the wild, most notably path.dirname(undefined). Type-checking has been loosened for path.dirname(), path.basename(), and path.extname() (Colin Ihrig) #1216.
  • querystring: Internal optimizations in querystring.parse() and querystring.stringify() #847 prevented Number literals from being properly converted via querystring.escape() #1208, exposing a blind-spot in the test suite. The bug and the tests have now been fixed (Jeremiah Senkpiel) #1213.

New in io.js 1.6.0 (May 5, 2015)

  • Notable changes:
  • node: a new -r or --require command-line option can be used to pre-load modules at start-up (Ali Ijaz Sheikh) #881.
  • querystring: parse() and stringify() are now faster (Brian White) #847.
  • http: the http.ClientRequest#flush() method has been deprecated and replaced with http.ClientRequest#flushHeaders() to match the same change now in Node.js v0.12 as per joyent/node#9048 (Yosuke Furukawa) #1156.
  • net: allow server.listen() to accept a String option for port, e.g. { port: "1234" }, to match the same option being accepted in net.connect() as of joyent/node#9268 (Ben Noordhuis) #1116.
  • tls: further work on the reported memory leak although there appears to be a minor leak remaining for the use-case in question, track progress at #1075.
  • v8: backport a fix for an integer overflow when --max_old_space_size values above 4096 are used (Ben Noordhuis) #1166.
  • platforms: the io.js CI system now reports passes on FreeBSD and SmartOS (Solaris).
  • npm: upgrade npm to 2.7.1. Summary:
  • 6823807 #7121 npm install --save for Git dependencies saves the URL passed in, instead of the temporary directory used to clone the remote repo. Fixes using Git dependencies when shrinkwwapping. In the process, rewrote the Git dependency caching code. Again. No more single-letter variable names, and a much clearer workflow. (@othiym23)
  • abdd040 [email protected]: Provide more helpful error messages when JSON parse errors are encountered by using a more forgiving JSON parser than JSON.parse. (@smikes)
  • c56cfcd #7525 npm dedupe handles scoped packages. (@KidkArolis)
  • 4ef1412 #7075 If you try to tag a release as a valid semver range, npm publish and npm tag will error early instead of proceeding.

New in io.js 1.5.1 (May 5, 2015)

  • Notable changes:
  • tls: The reported TLS memory leak has been at least partially resolved via various commits in this release. Current testing indicated that there may still be some leak problems. Track complete progress at #1075.
  • http: Fixed an error reported at joyent/node#9348 and npm/npm#7349. Pending data was not being fully read upon an 'error' event leading to an assertion failure on socket.destroy().

New in io.js 1.0.1 (Jan 15, 2015)

  • Rebuild due to stale build slave git reflogs for 1.0.0 release
  • doc: improve write style consistency (Rui Marinho)
  • win,msi: correct doc website link (Bert Belder)

New in io.js 1.0.0 (Jan 15, 2015)

  • Many fixes and performance improvements,
  • Additional support for new ES6 language features
  • Other bundled technologies were upgraded:
  • c-ares: 1.9.0-DEV to 1.10.0-DEV
  • http_parser: 1.0 to 2.3
  • libuv: 0.10.30 to 1.2.0
  • npm: 1.4.28 to 2.1.18
  • openssl: 1.0.1j to 1.0.1k
  • punycode: 1.2.0 to 1.3.2.
  • Performance and stability improvements on all platforms.