Stay Informed

This week, read about:

Key Security, Maintenance, and Features Releases

Security Based Updates

Apache Cassandra 3.11.16          
Merged from 3.0:          
 * Suppress CVE-2023-2251 (CASSANDRA-18497)  

Apache Cassandra 3.11.15          
 * Fix the capital P usage in the CQL parser (CASSANDRA-17919)          
 * Fix sstable_count metric missing from tablestats json/yaml output (CASSANDRA-18448)          
 * Suppress CVE-2022-45688 (CASSANDRA-18389)          
 * Fix Splitter sometimes creating more splits than requested (CASSANDRA-18013)          
Merged from 3.0:          
 * Do not remove SSTables when cause of FSReadError is OutOfMemoryError while using best_effort disk failure policy (CASSANDRA-18336)          
 * Do not remove truncated_at entry in system.local while dropping an index (CASSANDRA-18105)          
 * Save host id to system.local and flush immediately after startup (CASSANDRA-18153)          
 * Fix RepairJob unnecessarily reporting cancellation error (CASSANDRA-17701)          
 * Fix the ordering of sstables when running sstableupgrade tool (CASSANDRA-18143)          
 * Fix default file system error handler for disk_failure_policy die (CASSANDRA-18294)          
 * Introduce check for names of test classes (CASSANDRA-17964)          
 * Suppress CVE-2022-41915 (CASSANDRA-18147)          
 * Suppress CVE-2021-1471, CVE-2021-3064, CVE-2021-4235 (CASSANDRA-18149)          
 * Switch to snakeyaml's SafeConstructor (CASSANDRA-18150)          
 * Expand build.dir property in rat targets (CASSANDRA-18183)          
 * Suppress CVE-2022-41881 (CASSANDRA-18148)          
 * Default role is created with zero timestamp (CASSANDRA-12525)          
 * Suppress CVE-2021-37533 (CASSANDRA-18146)          
 * Add to the IntelliJ Git Window issue navigation links to Cassandra's Jira (CASSANDRA-18126)          
 * Avoid anticompaction mixing data from two different time windows with TWCS (CASSANDRA-17970)          
 * Do not spam the logs with MigrationCoordinator not being able to pull schemas (CASSANDRA-18096)          
 * Fix incorrect resource name in LIST PERMISSION output (CASSANDRA-17848)          
 * Suppress CVE-2022-41854 and similar (CASSANDRA-18083)          
 * Fix running Ant rat targets without git (CASSANDRA-17974) 

GitLab Critical Security Release: 15.11.2, 15.10.6, and 15.9.7 

  • These versions contain important security fixes, and we strongly recommend that all GitLab installations be upgraded to one of these versions immediately. is already running the patched version. 
  • GitLab releases patches for vulnerabilities in dedicated security releases. There are two types of security releases: a monthly, scheduled security release, released a week after the feature release (which deploys on the 22nd of each month), and ad-hoc security releases for critical vulnerabilities. In addition, the issues detailing each vulnerability are made public on our issue tracker 30 days after the release in which they were patched. 
  • We are dedicated to ensuring all aspects of GitLab that are exposed to customers or that host customer data are held to the highest security standards. As part of maintaining good security hygiene, it is highly recommended that all customers upgrade to the latest security release for their supported version. 

Recommended Action:

  • We strongly recommend that all installations running a version affected by the issues described below are upgraded to the latest version as soon as possible. 
  • When no specific deployment type (omnibus, source code, helm chart, etc.) of a product is mentioned, this means all types are affected. 

Table of Fixes:

Title Severity 
Malicious Runner Attachment via GraphQL critical 

Malicious Runner Attachment via GraphQL: 

  • An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.9.7, all versions starting from 15.10 before 15.10.6, all versions starting from 15.11 before 15.11.2. Under certain conditions, any GitLab user account on the instance may use a GraphQL endpoint to attach a malicious runner to any project on the instance. This is a critical severity issue (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N, 9.6). It is now mitigated in the latest release and is assigned CVE-2023-2478

Non-Security Based Updates

Angular 16.0.0       

  • feat - Provide MockPlatformLocation by default in BrowserTestingModule (#49137) 
  • fix - strict type checking for ngtemplateoutlet (#48374) 
  • refactor - remove deprecated XhrFactory export from http entrypoint (#49251) 


  • feat - add support for compile-time required inputs (#49304) 
  • feat - add support for compile-time required inputs (#49453) 
  • feat - add support for compile-time required inputs (#49468) 
  • feat - drop support for TypeScript 4.8 (#49155) 
  • feat - support multiple configuration files in extends (#49125) 
  • fix - incorrectly matching directives on attribute bindings (#49713) 
  • fix - Produce diagnositc if directive used in host binding is not exported (#49527) 


  • feat - Add an extended diagnostic for nSkipHydration (#49512) 
  • fix - Catch FatalDiagnosticError during template type checking (#49527) 
  • perf - optimize NgModule emit for standalone components (#49837) 


  • feat - add assertInInjectionContext (#49529) 
  • feat - add mergeApplicationConfig method (#49253) 
  • feat - Add ability to configure NgZone in bootstrapApplication (#49557) 
  • feat - add Angular Signals to the public API (#49150) 
  • feat - add API to provide CSP nonce for inline stylesheets (#49444) 
  • feat - add migration to remove moduleId references (#49496) 
  • feat - add support for TypeScript 5.0 (#49126) 
  • feat - allow removal of previously registered DestroyRef callbacks (#49493) 
  • feat - Allow typeguards on QueryList.filter (#48042) 
  • feat - Drop public factories property for IterableDiffers : Breaking change (#49598) 
  • feat - drop support for zone.js versions <=0.12.0 (#49331) 
  • feat - effects can optionally return a cleanup function (#49625) 
  • feat - expose makeStateKey, StateKey and TransferState (#49563) 
  • feat - expose onDestroy on ApplicationRef (#49677) 
  • feat - implement takeUntilDestroyed in rxjs-interop (#49154) 
  • feat - introduce runInInjectionContext and deprecate prior version (#49396) 
  • feat - introduce concept of DestroyRef (#49158) 
  • feat - Mark components for check if they read a signal (#49153) 
  • feat - prototype implementation of @angular/core/rxjs-interop (#49154) 
  • feat - remove entryComponents (#49484) 
  • feat - support usage of non-experimental decorators with TypeScript 5.0 (#49492) 
  • fix - add newline to hydration mismatch error (#49965) 
  • fix - allow async functions in effects (#49783) 
  • fix - catch errors from source signals outside of .next (#49769) 
  • fix - ComponentRef.setInput only sets input when not equal to previous (#49607) 
  • fix - deprecate moduleId @Component property (#49496) 
  • fix - Ensure effects can be created when Zone is not defined (#49890) 
  • fix - ensure takeUntilDestroyed unregisters onDestroy listener on unsubscribe (#49901) 
  • fix - error if document body is null (#49818) 
  • fix - execute input setters in non-reactive context (#49906) 
  • fix - execute query setters in non-reactive context (#49906) 
  • fix - execute template creation in non-reactive context (#49883) 
  • fix - Fix capitalization of toObservableOptions (#49832) 
  • fix - generate consistent component IDs (#48253) 
  • fix - include inner ViewContainerRef anchor nodes into ViewRef.rootNodes output (#49867) 
  • fix - make sure that lifecycle hooks are not tracked (#49701) 
  • fix - onDestroy should be registered only on valid DestroyRef (#49804) 
  • fix - resolve InitialRenderPendingTasks promise on complete (#49784) 
  • fix - toObservable should allow writes to signals in the effect (#49769) 
  • fix - typing of TestBed Common token. (#49997) 
  • fix - When using setInput, mark view dirty in same was as markForCheck (#49711) 
  • perf - change RendererType2.styles to accept a only a flat array (#49072) 
  • refactor - generate a static application ID (#49422) 
  • refactor - Remove ReflectiveInjector symbol (#48103) 
  • refactor - remove Node.js v14 support (#49255) 


  • feat - Improve typings form (async)Validators (#48679) 


  • feat - allow HttpClient to cache requests (#49509) 
  • fix - delay accessing pendingTasks.whenAllTasksComplete (#49784) 
  • fix - ensure new cache state is returned on each request (#49749) 
  • fix - force macro task creation during HTTP request (#49546) 
  • fix - HTTP cache was being disabled prematurely (#49826) 
  • fix - wait for all XHR requests to finish before stabilizing application (#49776) 


  • feat - Migration to remove Router guard and resolver interfaces (#49337) 


  • feat - add a public API function to enable non-destructive hydration (#49666) 
  • feat - deprecate withServerTransition call (#49422) 
  • feat - enable HTTP request caching when using provideClientHydration (#49699) 
  • fix - export deprecated TransferState as type (#50015) 
  • fix - KeyEventsPlugin should keep the same behavior (#49330) 
  • fix - c934a8e72b                only add ng-app-id to style on server side (#49465) 
  • fix - reuse server generated component styles (#48253) 
  • fix - set nonce attribute in a platform compatible way (#49624) 
  • refactor - move ApplicationConfig to core (#49253) 
  • refactor - remove deprecated BrowserTransferStateModule symbol (#49718) 


  • feat - renderApplication now accepts a bootstrapping method (#49248) 
  • feat - add provideServerSupport function to provide server capabilities to an application (#49380) 
  • feat - rename provideServerSupport to provideServerRendering (#49678) 
  • fix - bundle @angular/domino in via esbuild (#49229) 
  • fix - remove dependency on @angular/platform-browser-dynamic (#50064) 
  • refactor - deprecate useAbsoluteUrl and baseUrl (#49546) 
  • refactor - remove renderApplication overload that accepts a component (#49463) 
  • refactor - remove deprecated renderModuleFactory (#49247) 


  • feat - Expose information about the last successful Navigation (#49235) 
  • feat - helper functions to convert class guards to functional (#48709) 
  • feat - Opt-in for binding Router information to component inputs (#49633) 
  • fix - Ensure anchor scrolling happens on ignored same URL navigations (#48025) 
  • fix - fix = not parsed in router segment name (#47332) 
  • fix - Remove deprecated ComponentFactoryResolver from APIs (#49239) 
  • fix - remove RouterEvent from Event union type (#46061) 
  • fix - Route matching should only happen once when navigating (#49163) 
  • fix - Route matching should only happen once when navigating (#49163) 
  • fix - Router.createUrlTree should work with any ActivatedRoute (#48508) 

Elasticsearch 8.7.1       
*Compute balancer threshold based on max shard size        
*Use applied state after DiskThresholdMonitor reroute        
*Weaken node-replacement decider during reconciliation 

*Downsample ILM action should skip non-time-series indices 

Ingest Node:       
*Fix async enrich execution prematurely releases enrich policy lock 

*Fix off-by-one bug in RecyclerBytesStreamOutput  

*-Async creation of IndexShard instances  

*Return 200 when closing empty PIT or scroll 

*Fix _cluster/stats .nodes.fs deduplication        
*Fix FsInfo device deduplication 

Jenkins 2.403      
*Remove support for WebSocket agents when running inside Jetty 9.      
*Align source code text and line numbers in views that render source code with the Prism plugin.      
*Rework clouds management into multiple pages to better scale to a large numbers of clouds. Users of EC2 Plugin should update it to version 2.0.7 or newer for compatibility.      
*Show full width filter field for builds on pages less than 970 pixels wide.      
*Do not write NUL values to XML files. A technically illegal #x0 (NUL) could be written to Jenkins XML files but could no longer be read. Now the write will fail as well (regression in 2.398).      
*Fix the warning icon in the workspaces temporary directory message.      
*Do not display a list of page sections on the System page breadcrumb.      
*Add padding to the right side of the full width side panel.      
*Developer: The experimental projectViewNested view has been removed without replacement. 

Kibana 8.7.1     
Bug Fixes:    
*Scoring is now applied by ES      
*Fixes the APM Java Agent download link      
*Improves the overflow message text  

*Disables the Edit in Lens action for the legacy savedVisualization function      
*Fixes the home page redirect loop      
*Fixes an issue where the image upload component was unable to load for image elements  

*Improves controls flyout performance for data views with a large number of fields  

*Fixes aborted request handling in the saved search embeddable  

*Fixes an issue where the Advanced options toggle in the policy editor was always showing      
*Fixes an issue where the warning icon was unable to display in 8.7      
*Adds updates to output logic  

*Fixes the inventory table pagination navigation  

Lens & Visualizations:     
*Fixes the timezone that Lens uses in normalize by unit  

Machine Learning:    
*Change point detection: Fixes applied filters and queries to the charts      
*Change point detection: Fixes support for running over relative time range      
*Reinstates cold and frozen tier filters for Linux and Windows security modules  

*Fixes an issue where geographic filters were unable to work when courier:ignoreFilterIfFieldNotInIndex was enabled  

*Fixes the CCR read_exceptions alert  

Querying & Filtering:    
*Fixes the ability to copy and paste the comma delimeter for multifields  

Logstash 8.7.1    
Performance Improvements and Notable Issues Fixed:   
*Fix inversion of pluginId and pluginType parameteres in DLQ entry creation #14906    
*Fix pipeline crash when reopening empty DLQ for writing #14981    
*Fix value of TimeoutStopSec on older systemd versions #14984 

Documentation Enhancements:    
*Document meaning of infinite flow metric rates #14999    
Updates to dependencies    
*Update JDK to 17.0.7+7 #15015 

Fluent Codec - 3.4.2    
*Fix: Convert LogStash::Timestamp values to iso-8601 to resolve crash issue with msgpack serialization #30 

Http Filter - 1.4.3:    
*DOC: add clarification on sending data as json #48    
*Fix: resolve content type when a content-type header contains an array #46    
Useragent Filter - 3.3.4    
*Upgrade snakeyaml dependency to 1.33 #84    
Aws Integration - 7.1.1   
*Fix failure to load Java dependencies making v7.1.0 unusable #24 

Node.js 20.1.0   
Notable Changes:   
- assert: deprecate CallTracker (Moshe Atlow) #47740   
- crypto: update root certificates to NSS 3.89 (Node.js GitHub Bot) #47659   
- (SEMVER-MINOR) dns: expose getDefaultResultOrder (btea) #46973   
- doc: add KhafraDev to collaborators (Matthew Aitken) #47510   
(SEMVER-MINOR) fs: add recursive option to readdir and opendir (Ethan Arrowood) #41439  
- (SEMVER-MINOR) fs: add support for mode flag to specify the copy behavior of the cp methods (Tetsuharu Ohzeki) #47084   
- (SEMVER-MINOR) http: add highWaterMark option http.createServer (HinataKah0) #47405   
- (SEMVER-MINOR) stream: preserve object mode in compose (Raz Luvaton) #47413   
- (SEMVER-MINOR) test_runner: add testNamePatterns to run API (Chemi Atlow) #47628   
- (SEMVER-MINOR) test_runner: execute before hook on test (Chemi Atlow) #47586   
- (SEMVER-MINOR) test_runner: support combining coverage reports (Colin Ihrig) #47686   
- (SEMVER-MINOR) wasi: make returnOnExit true by default (Michael Dawson) #47390 

- assert: deprecate callTracker (Moshe Atlow) #47740   
- benchmark: add eventtarget creation bench (Rafael Gonzaga) #47774   
- benchmark: differentiate whatwg and legacy url (Yagiz Nizipli) #47377   
- benchmark: add a benchmark for defaultResolve (Antoine du Hamel) #47543   
- bootstrap: support namespaced builtins in snapshot scripts (Joyee Cheung) #47467   
- build: use pathlib for paths (Mohammed Keyvanzadeh) #47581   
- build: refactor (Mohammed Keyvanzadeh) #47667   
- build: add devcontainer configuration (Tierney Cyren) #40825   
- build: bump ossf/scorecard-action from 2.1.2 to 2.1.3 (dependabot[bot]) #47367   
- build: replace Python linter flake8 with ruff (Christian Clauss) #47519   
- crypto: update root certificates to NSS 3.89 (Node.js GitHub Bot) #47659   
- crypto: remove INT_MAX restriction in randomBytes (Tobias Nießen) #47559   
- deps: disable V8 concurrent sparkplug compilation (Michaël Zasso) #47450   
- deps: V8: cherry-pick c5ab3e4f0c5a (Richard Lau) #47736   
- deps: update ada to 2.3.0 (Node.js GitHub Bot) #47737   
- deps: update undici to 5.22.0 (Node.js GitHub Bot) #47679   
- deps: update ada to 2.2.0 (Node.js GitHub Bot) #47678   
- deps: add minimatch as a dependency (Moshe Atlow) #47499   
- deps: update ada to 2.1.0 (Node.js GitHub Bot) #47598   
- deps: update ICU to 73.1 release (Steven R. Loomis) #47456   
- deps: patch V8 to (Michaël Zasso) #47536   
- deps: update undici to 5.21.2 (Node.js GitHub Bot) #47508   
- deps: update simdutf to 3.2.8 (Node.js GitHub Bot) #47507   
- deps: V8: cherry-pick 8e10685ff918 (Jiawen Geng) #47440   
- deps: update undici to 5.21.1 (Node.js GitHub Bot) #47488   
- (SEMVER-MINOR) dns: expose getDefaultResultOrder (btea) #46973   
- doc: create maintaining folder for deps (Marco Ippolito) #47589   
- doc: fix --allow-* CLI flag references (Tobias Nießen) #47804   
- doc: clarify fs permissions only affect fs module (Tobias Nießen) #47782   
- doc: add copy node executable guide on windows (XLor) #47781   
- doc: remove MoLow from Triagers (Moshe Atlow) #47792   
- doc: fix typo in (Christian Takle) #47766   
- doc: move BethGriggs to regular member (Rich Trott) #47776   
- doc: mark signing the binary is macOS and Windows only in SEA (Xuguang Mei) #47722   
- doc: move addaleax to TSC emeriti (Anna Henningsen) #47752   
- doc: add link to news for Node.js core (Michael Dawson) #47704   
- doc: fix a typo in (Daeyeon Jeong) #47730   
- doc: async_hooks asynchronous content example add mjs code (btea) #47401   
- doc: clarify concurrency model of test runner (Tobias Nießen) #47642   
- doc: fix a typo in fs.openAsBlob (Daeyeon Jeong) #47693   
- doc: fix typos (Mohammed Keyvanzadeh) #47685   
- doc: fix capitalization of ASan (Mohammed Keyvanzadeh) #47676   
- doc: fix typos in (Mohammed Keyvanzadeh) #47677   
- doc: update error code of buffer (Deokjin Kim) #47617   
- doc: change offset of example in Buffer.copyBytesFrom (Deokjin Kim) #47606   
- doc: improve fs permissions description (Tobias Nießen) #47596   
- doc: remove markdown link from heading (Tobias Nießen) #47585   
- doc: fix history ordering of WASI constructor (Antoine du Hamel) #47611   
- doc: fix release-post script location (Rafael Gonzaga) #47517   
- doc: fix typo in webcrypto metadata (Tobias Nießen) #47595   
- doc: add link for news from uvwasi team (Michael Dawson) #47531   
- doc: add missing setEncoding call in ESM example (Anna Henningsen) #47558   
- doc: update darwin-x64 toolchain used for Node.js 20 releases (Michaël Zasso) #47546   
- doc: fix split infinitive in Hooks caveat (Jacob Smith) #47550   
- doc: fix typo in util.types.isNativeError() (Julian Dax) #47532   
- doc: add KhafraDev to collaborators (Matthew Aitken) #47510   
- doc: create (Marco Ippolito) #47380   
- doc,fs: update description of fs.stat() method (Mert Can Altın) #47654   
- doc,test: fix concurrency option of test() (Tobias Nießen) #47734   
- esm: rename URLCanParse to be consistent (Antoine du Hamel) #47668   
- esm: remove support for deprecated hooks (Antoine du Hamel) #47580   
- esm: initialize import.meta on eval (Antoine du Hamel) #47551   
- esm: propagate process.exit from the loader thread to the main thread (Antoine du Hamel) #47548   
- esm: avoid accessing lazy getters for urls (Yagiz Nizipli) #47542   
- esm: avoid try/catch when validating urls (Yagiz Nizipli) #47541   
- (SEMVER-MINOR) fs: add recursive option to readdir and opendir (Ethan Arrowood) #41439   
- (SEMVER-MINOR) fs: add support for mode flag to specify the copy behavior (Tetsuharu Ohzeki) #47084   
- (SEMVER-MINOR) http: remove internal error in assignSocket (Matteo Collina) #47723   
- (SEMVER-MINOR) http: add highWaterMark opt in http.createServer (HinataKah0) #47405   
- inspector: add tips for Session (theanarkh) #47195   
- lib: improve esm resolve performance (Yagiz Nizipli) #46652   
- lib: disallow file-backed blob cloning (James M Snell) #47574   
- lib: use webidl DOMString converter in EventTarget (Matthew Aitken) #47514   
- loader: use default loader as cascaded loader in the in loader worker (Joyee Cheung) #47620   
- meta: fix dependabot commit message (Mestery) #47810   
- meta: ping nodejs/startup for startup test changes (Joyee Cheung) #47771   
- meta: add mailmap entry for KhafraDev (Rich Trott) #47512   
- node-api: test passing NULL to napi_define_class (Gabriel Schulhof) #47567   
- node-api: test passing NULL to number APIs (Gabriel Schulhof) #47549   
- node-api: remove unused mark_arraybuffer_as_untransferable (Chengzhong Wu) #47557   
- quic: add more QUIC implementation (James M Snell) #47494   
- readline: fix issue with newline-less last line (Ian Harris) #47317   
- src: avoid copying string in fs_permission (Yagiz Nizipli) #47746   
- src: replace idna functions with ada::idna (Yagiz Nizipli) #47735   
- src: fix typo in comment in quic/ (Tobias Nießen) #47754   
- src: mark fatal error functions as noreturn (Chengzhong Wu) #47695   
- src: split BlobSerializer/BlobDeserializer (Joyee Cheung) #47458   
- src: prevent changing FunctionTemplateInfo after publish (Shelley Vohr) #46979   
- src: add v8 fast api for url canParse (Matthew Aitken) #47552   
- src: make AliasedBuffers in the binding data weak (Joyee Cheung) #47354   
- src: use v8::Boolean(b) over b ? True() : False() (Tobias Nießen) #47554   
- src: fix typo in process.env accessor error message (Moritz Raho) #47014   
- src: replace static const string_view by static constexpr (Daniel Lemire) #47524   
- src: fix CSPRNG when length exceeds INT_MAX (Tobias Nießen) #47515   
- src: use correct variable in (Michaël Zasso) #47343   
- src: slim down stream_base-inl.h (lilsweetcaligula) #46972   
- stream: prevent pipeline hang with generator functions (Debadree Chatterjee) #47712   
- (SEMVER-MINOR) stream: preserve object mode in compose (Raz Luvaton) #47413   
- test: refactor to use getEventListeners in timers (Deokjin Kim) #47759   
- test: add and use tmpdir.hasEnoughSpace() (Tobias Nießen) #47767   
- test: remove spaces from test runner test names (Tobias Nießen) #47733   
- test: refactor WPTRunner and enable parallel WPT execution (Filip Skokan) #47635   
- Revert "test: run WPT files in parallel again" (Filip Skokan) #47627   
- test: mark test-cluster-primary-error flaky on asan (Yagiz Nizipli) #47422   
- test_runner: fix --require with --experimental-loader (Moshe Atlow) #47751   
- (SEMVER-MINOR) test_runner: support combining coverage reports (Colin Ihrig) #47686   
- test_runner: remove no-op validation (Colin Ihrig) #47687   
- test_runner: fix test runner concurrency (Moshe Atlow) #47675   
- test_runner: fix test counting (Moshe Atlow) #47675   
- test_runner: fix nested hooks (Moshe Atlow) #47648   
- (SEMVER-MINOR) test_runner: add testNamePatterns to run api (Chemi Atlow) #47628   
- test_runner: support coverage of unnamed functions (Colin Ihrig) #47652   
- test_runner: move coverage collection to root.postRun() (Colin Ihrig) #47651   
- (SEMVER-MINOR) test_runner: execute before hook on test (Chemi Atlow) #47586   
- test_runner: avoid reporting parents of failing tests in summary (Moshe Atlow) #47579   
- test_runner: fix spec skip detection (Moshe Atlow) #47537   
- tls: accept SecureContext object in server.addContext() (HinataKah0) #47570   
- tools: update doc to highlight.js@11.8.0 (Node.js GitHub Bot) #47786   
- tools: add the missing LoongArch64 definition in the v8.gyp file (Sun Haiyong) #47641   
- tools: update lint-md-dependencies to rollup@3.21.1 (Node.js GitHub Bot) #47787   
- tools: move update-npm to dep updaters (Marco Ippolito) #47619   
- tools: fix update-v8-patch cache (Marco Ippolito) #47725   
- tools: automate v8 patch update (Marco Ippolito) #47594   
- tools: fix skip message in update-cjs-module-lexer (Tobias Nießen) #47701   
- tools: update lint-md-dependencies to @rollup/plugin-commonjs@24.1.0 (Node.js GitHub Bot) #47577   
- tools: keep PR titles/description up-to-date (Tobias Nießen) #47621   
- tools: fix updating root certificates (Richard Lau) #47607   
- tools: update PR label config (Mohammed Keyvanzadeh) #47593   
- Revert "tools: ensure failed daily wpt run still generates a report" (Filip Skokan) #47627   
- tools: add execution permission to uvwasi script (Mert Can Altın) #47600   
- tools: add update script for googletest (Tobias Nießen) #47482   
- tools: add option to run workflow with specific tool id (Michaël Zasso) #47591   
- tools: automate zlib update (Marco Ippolito) #47417   
- tools: add url and whatwg-url labels automatically (Yagiz Nizipli) #47545   
- tools: add performance label to benchmark changes (Yagiz Nizipli) #47545   
- tools: automate uvwasi dependency update (Ranieri Innocenti Spada) #47509   
- tools: add missing pinned dependencies (Mateo Nunez) #47346   
- tools: automate ngtcp2 and nghttp3 update (Marco Ippolito) #47402   
- tools: move to dep_updaters and create maintain md (Marco Ippolito) #47380   
- typings: fix syntax error in tsconfig (Mohammed Keyvanzadeh) #47584   
- url: reduce revokeObjectURL cpp calls (Yagiz Nizipli) #47728   
- url: handle URL.canParse without base parameter (Yagiz Nizipli) #47547   
- url: validate URL constructor arg length (Matthew Aitken) #47513   
- url: validate argument length in canParse (Matthew Aitken) #47513   
- v8: fix ERR_NOT_BUILDING_SNAPSHOT is not a constructor (Chengzhong Wu) #47721   
- (SEMVER-MINOR) wasi: make returnOnExit true by default (Michael Dawson) #47390 

Prometheus 2.43.1+stringlabels 

  • *Special release build that incorporates performance improvements using the stringlabels Go tag. This release aims to provide a more efficient and faster solution for users managing large-scale deployments or facing performance issues with the default Prometheus binaries. 
  • The new labels data structure replaces the existing label/value storage with a single string, reducing heap size and improving performance in most cases. It enables Prometheus to use fewer system resources, particularly in memory-intensive environments. 
  • *[BUGFIX] Labels: Set() after Del() would be ignored, which broke some relabeling rules. #12322 

Sonatype Nexus Repository 3.53.0 

  • *There is a known issue in Sonatype Nexus Repository 3.53.0 impacting those using community or custom plugins. These plugins will not load from the typical install directory and, in some cases, this may prevent Sonatype Nexus Repository from starting. 
  • If you are using community or custom plugins and wish to upgrade, remove the plugin before doing so. Otherwise, wait to upgrade until we release a fix for this issue. 
  • If you are not using community or custom plugins, there is no impact. 

*Change in Database Property Evaluation Priority when Using PostgreSQL  
To help you more easily change database connection details, we've changed the way and order in which Sonatype Nexus Repository evaluates the mechanism for evaluating this information. You will also need to provide all required fields through the same mechanism. Read more below 

*Fix for RubyGems Dependency API Deprecation  
RubyGems will deprecate its dependency API as of May 10, 2023. Those using RubyGems will need to upgrade to Sonatype Nexus Repository 3.53.0 by May 10 to avoid encountering errors caused by this deprecation. Read more below 

*New Name & UI Changes  
As part of a Sonatype-wide renaming initiative impacting all of our products (see the Sonatype blog for full details), Nexus Repository has officially become Sonatype Nexus Repository. We've also adjusted some verbiage in our user interface. 

View all OpenUpdate editions >