Skip to content

v5.16.1#372

Open
szegedi wants to merge 7 commits into
v5.xfrom
v5.16.1-proposal
Open

v5.16.1#372
szegedi wants to merge 7 commits into
v5.xfrom
v5.16.1-proposal

Conversation

dependabot Bot and others added 4 commits July 10, 2026 12:11
… group across 1 directory (#355)

Bumps the patch-updates group with 1 update in the / directory: [semver](https://github.com/npm/node-semver).

Updates `semver` from 7.8.4 to 7.8.5
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.8.4...v7.8.5)

---
updated-dependencies:
- dependency-name: semver
  dependency-version: 7.8.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: patch-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Dropping the no-op install script in #363 stopped Yarn Berry's YN0007
warning, but it let npm's publish-time normalization take over: with
binding.gyp present in the dev tree (and excluded from the tarball) and
no install/preinstall script, npm synthesizes "gypfile": true and
"install": "node-gyp rebuild" into the published manifest. Consumers on
npm then run node-gyp rebuild against a binding.gyp that isn't in the
package and the install fails, which shipped broken in 5.16.0.

Setting "gypfile": false suppresses that implicit hook while keeping the
manifest free of lifecycle scripts, so both npm and Yarn Berry install
the prebuilt binaries without a build step. The regression test now also
pins gypfile:false alongside the no-lifecycle-scripts assertion.

Fixes: #364 (review)
Bumps the minor-updates group with 2 updates: [eslint-plugin-n](https://github.com/eslint-community/eslint-plugin-n) and [nan](https://github.com/nodejs/nan).

Updates `eslint-plugin-n` from 18.1.0 to 18.2.1
- [Release notes](https://github.com/eslint-community/eslint-plugin-n/releases)
- [Changelog](https://github.com/eslint-community/eslint-plugin-n/blob/master/CHANGELOG.md)
- [Commits](eslint-community/eslint-plugin-n@v18.1.0...v18.2.1)

Updates `nan` from 2.27.0 to 2.28.0
- [Changelog](https://github.com/nodejs/nan/blob/main/CHANGELOG.md)
- [Commits](nodejs/nan@v2.27.0...v2.28.0)

---
updated-dependencies:
- dependency-name: eslint-plugin-n
  dependency-version: 18.2.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-updates
- dependency-name: nan
  dependency-version: 2.28.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@github-actions

github-actions Bot commented Jul 10, 2026

Copy link
Copy Markdown

Overall package size

Self size: 2.41 MB
Deduped: 3.11 MB
No deduping: 3.11 MB

Dependency sizes | name | version | self size | total size | |------|---------|-----------|------------| | pprof-format | 2.2.2 | 500.53 kB | 500.53 kB | | source-map | 0.7.6 | 185.63 kB | 185.63 kB | | node-gyp-build | 4.8.4 | 13.86 kB | 13.86 kB |

🤖 This report was automatically generated by heaviest-objects-in-the-universe

@datadog-prod-us1-5

datadog-prod-us1-5 Bot commented Jul 10, 2026

Copy link
Copy Markdown

Pipelines

Fix all issues with BitsAI

⚠️ Warnings

🚦 2 Pipeline jobs failed

Build | build / centos-test-24   View in Datadog   GitHub Actions

Build | build-successful   View in Datadog   GitHub Actions

Useful? React with 👍 / 👎

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 8b44122 | Docs | Datadog PR Page | Give us feedback!

@szegedi szegedi mentioned this pull request Jul 10, 2026
IlyasShabi and others added 3 commits July 14, 2026 14:03
* restore original heap size
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.9.2 to 26.1.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 26.1.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Address review feedback from PR #347

Four independently-flagged concerns:

- Accept optional third `attributes` arg in ThreadContext constructor.
  The TS ThreadContextCtor.new type declares `attributes` optional, but the
  C++ side hard-errored on `args.Length() != 3`. Loosen to accept 2 or 3
  args; EncodeAttrs already handled undefined/null attrs_val correctly.

- Fold `cleanup_registered` into `undefined_addr`. Uses the field's zero /
  non-zero state as the 'already-registered' flag: it starts at zero,
  ResetDiscoveryStruct clears it back to zero (so a re-init on the same
  thread would re-register), and any real V8 undefined singleton address is
  non-zero. Removes the separate thread_local static.

- Coerce attribute values to strings in a pre-pass in EncodeAttrs before
  writing to the output buffer. Value->ToString may execute user JS (custom
  toString methods) which could re-enter into the ThreadContext via
  appendAttributes and interleave with our writes. Separating the coerce
  phase from the encode phase keeps the encode phase re-entrancy-free.

- Make the 'enterWithContext attaches the record to the current async scope'
  test callback `async` and `await tcRun(...)`. Previously the callback
  returned a promise via `void tcRun(...)` and the promise's inner `.then`
  assertion could fire an unhandled rejection instead of a test failure.

* Explicitly guard against reentrant Append calls.

Also undo the two-phase encoding loop that was the previous
(insufficient) attempt at fixing the reentrancy.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants