Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

modules: throw an error for invalid package.json main entries #26823

Closed
wants to merge 1 commit into from

Conversation

BridgeAR
Copy link
Member

We currently ignore invalid main entries in package.json files.
This does not seem to be very user friendly as it's certainly an
error if the main entry is not a valid file name. So instead of
trying to resolve the file otherwise, throw an error immediately to
improve the user experience.

Fixes: #26588

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines

@BridgeAR BridgeAR added the semver-major PRs that contain breaking changes and should be released in the next major version. label Mar 20, 2019
@nodejs-github-bot nodejs-github-bot added the errors Issues and PRs related to JavaScript errors originated in Node.js core. label Mar 20, 2019
Copy link
Contributor

@guybedford guybedford left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we need to remain consistent with the existing not found error code.

doc/api/errors.md Outdated Show resolved Hide resolved
lib/internal/modules/cjs/loader.js Show resolved Hide resolved
doc/api/errors.md Outdated Show resolved Hide resolved
@BridgeAR BridgeAR added the wip Issues and PRs that are still a work in progress. label Mar 20, 2019
Copy link
Contributor

@guybedford guybedford left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for changing the error.

The only other concern with this PR would be the chance of breaking scenarios - say if users are relying on the main not found causing a fallback in the in the main _findPath algorithm.

For example, consider the following folder structure

app/node_modules/pkg/package.json = { "main": "./does-not-exist" }
node_modules/pkg/package.json = { "main": "./does-exist.js" }

currently I think the lookup algorithm for require('pkg') in app/ will actually load node_modules/pkg/does-exist.js just fine (and this is just from scanning the code, do correct me if I'm wrong). So that is, there could well be working code that relies on this fallback.

@guybedford guybedford dismissed their stale review March 21, 2019 00:58

errors were aligned

@BridgeAR
Copy link
Member Author

@guybedford that observation is correct. The code would theoretically run but it does seem like the expectation is that the other module would be loaded instead. So it does seem to be a clear user mistake. If someone provides an invalid main entry, we should notify the user about the mistake in what ever code that happens in.

CITGM actually revealed one failure: https://github.com/dominictarr/assertions seems to have an invalid main entry but it has an index.js in the directory which is resolved instead (I am going to open a PR to fix that).

I could add a runtime deprecation for cases that resolve with the index.js file being in the same directory (that's why I marked it as WIP, I wanted to give it some more thought) or should we throw the error right away? I guess having a transition time would be good. I do not fear files being able to resolve in other node_modules directories and more about this case.

@nodejs/modules PTAL.

@BridgeAR BridgeAR removed the wip Issues and PRs that are still a work in progress. label Mar 22, 2019
Copy link
Contributor

@guybedford guybedford left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@BridgeAR I didn't realise this code path applied separately to the index.js directory check for packages. If that is the case then I don't think this can land, as there will likely be many more user packages with invalid package.json mains, that have valid index.js files that are being loaded.

@BridgeAR
Copy link
Member Author

@guybedford I'll change it to a deprecation warning in case the main entry is invalid but there is a index.js file in the same directory as well.

@guybedford
Copy link
Contributor

That seems sensible to me.

@guybedford
Copy link
Contributor

One thing that could be quite frustrating is, as per usual, if the warning is in a dependency the user doesn't necessarily have control over.

Perhaps we should docs-only deprecate first as per policy?

Which makes me wish there could be a more gradual way to introduce warnings... say a node --latest-warnings or similar, where only those users interested in being ahead can do the checks, then get the fixes published to the third-party packages for everyone else before they become annoyance.

@targos
Copy link
Member

targos commented Mar 22, 2019

Which makes me wish there could be a more gradual way to introduce warnings...

We have the --pending-deprecation flag.

@BridgeAR
Copy link
Member Author

I updated the PR to keep on working in case the index.js file is in the same directory as the package.json.

Now, only completely broken modules throw the error (as in: no file could be found what so ever). On top of that I added a pending deprecation in case the main entry is invalid.

Copy link
Contributor

@guybedford guybedford left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like a great approach.

@richardlau
Copy link
Member

This changes the high-level algorithm described in https://github.com/nodejs/node/blob/master/doc/api/modules.md#all-together. Please could you update that to match?

@BridgeAR
Copy link
Member Author

@richardlau we did not document potential parsing errors so far either. Shall I include that as well?

@BridgeAR
Copy link
Member Author

PTAL. I updated the documentation accordingly. It now includes the steps that we took but that were never documented so far.

@vsemozhetbyt vsemozhetbyt added the deprecations Issues and PRs related to deprecations. label Mar 22, 2019
@nodejs-github-bot
Copy link
Collaborator

@BridgeAR
Copy link
Member Author

BridgeAR commented Mar 25, 2019

Resumed CI for a yellow build: https://ci.nodejs.org/job/node-test-pull-request/21870/ ✅ (yellow build with ARM failing)
Rebuild ARM https://ci.nodejs.org/job/node-test-commit-arm-fanned/7560/ ✔️

CITGM looks good to me.

@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Mar 26, 2019

CI: https://ci.nodejs.org/job/node-test-pull-request/21926/ (yellow build with ARM failing)

Copy link
Member

@mcollina mcollina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

doc/api/deprecations.md Show resolved Hide resolved
BridgeAR added a commit to BridgeAR/node that referenced this pull request Mar 27, 2019
We currently ignore invalid `main` entries in package.json files.
This does not seem to be very user friendly as it's certainly an
error if the `main` entry is not a valid file name. So instead of
trying to resolve the file otherwise, throw an error immediately to
improve the user experience.
To keep it backwards compatible `index.js` files in the same directory
as the `package.json` will continue to be resolved instead but that
behavior is now deprecated.

PR-URL: nodejs#26823
Fixes: nodejs#26588
Reviewed-By: Guy Bedford <[email protected]>
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
@BridgeAR
Copy link
Member Author

Thanks a lot for the reviews.

Landed in 115f0f5 🎉

@BridgeAR BridgeAR closed this Mar 27, 2019
addaleax added a commit to addaleax/node that referenced this pull request Mar 30, 2019
Some people set the `NODE_PENDING_DEPRECATION` environment variable
globally. This makes the test added in 115f0f5
pass when that is the case.

Refs: nodejs#26823
ZYSzys pushed a commit that referenced this pull request Apr 3, 2019
Some people set the `NODE_PENDING_DEPRECATION` environment variable
globally. This makes the test added in 115f0f5
pass when that is the case.

Refs: #26823

PR-URL: #27019
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Ruben Bridgewater <[email protected]>
Reviewed-By: Myles Borins <[email protected]>
BethGriggs pushed a commit that referenced this pull request Apr 4, 2019
Some people set the `NODE_PENDING_DEPRECATION` environment variable
globally. This makes the test added in 115f0f5
pass when that is the case.

Refs: #26823

PR-URL: #27019
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Ruben Bridgewater <[email protected]>
Reviewed-By: Myles Borins <[email protected]>
BethGriggs pushed a commit that referenced this pull request Apr 9, 2019
Some people set the `NODE_PENDING_DEPRECATION` environment variable
globally. This makes the test added in 115f0f5
pass when that is the case.

Refs: #26823

PR-URL: #27019
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Ruben Bridgewater <[email protected]>
Reviewed-By: Myles Borins <[email protected]>
BethGriggs pushed a commit that referenced this pull request Apr 10, 2019
Some people set the `NODE_PENDING_DEPRECATION` environment variable
globally. This makes the test added in 115f0f5
pass when that is the case.

Refs: #26823

PR-URL: #27019
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Ruben Bridgewater <[email protected]>
Reviewed-By: Myles Borins <[email protected]>
@BethGriggs BethGriggs mentioned this pull request Apr 18, 2019
BethGriggs added a commit that referenced this pull request Apr 22, 2019
Notable changes:

* assert:
  * improve performance to instantiate errors (Ruben Bridgewater)
    [#26738](#26738)
  * validate required arguments (Ruben Bridgewater)
    [#26641](#26641)
  * adjust loose assertions (Ruben Bridgewater)
    [#25008](#25008)
* async_hooks:
  * remove deprecated emitBefore and emitAfter (Matteo Collina)
    [#26530](#26530)
  * remove promise object from resource (Andreas Madsen)
    [#23443](#23443)
* bootstrap
  * make Buffer and process non-enumerable (Ruben Bridgewater)
    [#24874](#24874)
* buffer:
  * use stricter range checks (Ruben Bridgewater)
    [#27045](#27045)
  * harden SlowBuffer creation (ZYSzys)
    [#26272](#26272)
  * harden validation of buffer allocation size (ZYSzys)
    [#26162](#26162)
  * do proper error propagation in addon methods (Anna Henningsen)
    [#23939](#23939)
* child_process:
  * change the defaults maxBuffer size (kohta ito)
    [#27179](#27179)
  * harden fork arguments validation (ZYSzys)
    [#27039](#27039)
  * use non-infinite maxBuffer defaults (kohta ito)
    [#23027](#23027)
* console:
  * don't use ANSI escape codes when TERM=dumb (Vladislav Kaminsky)
    [#26261](#26261)
* crypto:
  * remove legacy native handles (Tobias Nießen)
    [#27011](#27011)
  * decode missing passphrase errors (Tobias Nießen)
    [#25208](#25208)
  * move DEP0113 to End-of-Life (Tobias Nießen)
    [#26249](#26249)
  * remove deprecated crypto.\_toBuf (Tobias Nießen)
    [#25338](#25338)
  * set `DEFAULT\_ENCODING` property to non-enumerable
    (Antoine du Hamel)
    [#23222](#23222)
* deps:
  * silence irrelevant V8 warning (Michaël Zasso)
    [#26685](#26685)
  * update postmortem metadata generation script (cjihrig)
    [#26685](#26685)
  * V8: un-cherry-pick bd019bd (Refael Ackermann)
    [#26685](#26685)
  * V8: cherry-pick 6 commits (Michaël Zasso)
    [#26685](#26685)
  * V8: cherry-pick d82c9af (Anna Henningsen)
    [#26685](#26685)
  * V8: cherry-pick e5f01ba (Anna Henningsen)
    [#26685](#26685)
  * V8: cherry-pick d5f08e4 (Anna Henningsen)
    [#26685](#26685)
  * V8: cherry-pick 6b09d21 (Anna Henningsen)
    [#26685](#26685)
  * V8: cherry-pick f0bb5d2 (Anna Henningsen)
    [#26685](#26685)
  * V8: cherry-pick 5b0510d (Anna Henningsen)
    [#26685](#26685)
  * V8: cherry-pick 91f0cd0 (Anna Henningsen)
    [#26685](#26685)
  * V8: cherry-pick 392316d (Anna Henningsen)
    [#26685](#26685)
  * V8: cherry-pick 2f79d68 (Anna Henningsen)
    [#26685](#26685)
  * sync V8 gypfiles with 7.4 (Ujjwal Sharma)
    [#26685](#26685)
  * update V8 to 7.4.288.13 (Ujjwal Sharma)
    [#26685](#26685)
  * bump minimum icu version to 63 (Ujjwal Sharma)
    [#25852](#25852)
  * silence irrelevant V8 warnings (Michaël Zasso)
    [#25852](#25852)
  * V8: cherry-pick 7803fa6 (Jon Kunkee)
    [#25852](#25852)
  * V8: cherry-pick 58cefed (Jon Kunkee)
    [#25852](#25852)
  * V8: cherry-pick d3308d0 (Michaël Zasso)
    [#25852](#25852)
  * V8: cherry-pick 74571c8 (Michaël Zasso)
    [#25852](#25852)
  * cherry-pick fc0ddf5 from upstream V8 (Anna Henningsen)
    [#25852](#25852)
  * sync V8 gypfiles with 7.3 (Ujjwal Sharma)
    [#25852](#25852)
  * sync V8 gypfiles with 7.2 (Michaël Zasso)
    [#25852](#25852)
  * update V8 to 7.3.492.25 (Michaël Zasso)
    [#25852](#25852)
  * add s390 asm rules for OpenSSL-1.1.1 (Shigeki Ohtsu)
    [#19794](#19794)
  * sync V8 gypfiles with 7.1 (Refael Ackermann)
    [#23423](#23423)
  * update V8 to 7.1.302.28 (Michaël Zasso)
    [#23423](#23423)
* doc:
  * update behaviour of fs.writeFile
    (Sakthipriyan Vairamani (thefourtheye))
    [#25080](#25080)
  * add internal functionality details of util.inherits
    (Ruben Bridgewater)
    [#24755](#24755)
* errors:
  * update error name (Ruben Bridgewater)
    [#26738](#26738)
* fs:
  * use proper .destroy() implementation for SyncWriteStream
    (Matteo Collina)
    [#26690](#26690)
  * improve mode validation (Ruben Bridgewater)
    [#26575](#26575)
  * harden validation of start option in createWriteStream (ZYSzys)
    [#25579](#25579)
  * make writeFile consistent with readFile wrt fd
    (Sakthipriyan Vairamani (thefourtheye))
    [#23709](#23709)
* http:
  * validate timeout in ClientRequest() (cjihrig)
    [#26214](#26214)
  * return HTTP 431 on HPE\_HEADER\_OVERFLOW error (Albert Still)
    [#25605](#25605)
  * switch default parser to llhttp (Anna Henningsen)
    [#24870](#24870)
  * change DEP0066 to a runtime deprecation (Morgan Roderick)
    [#24167](#24167)
  * else case is not reachable (szabolcsit)
    [#24176](#24176)
* lib:
  * move DEP0021 to end of life (cjihrig)
    [#27127](#27127)
  * remove Atomics.wake (Gus Caplan)
    [#27033](#27033)
  * validate Error.captureStackTrace() calls (Ruben Bridgewater)
    [#26738](#26738)
  * refactor Error.captureStackTrace() usage (Ruben Bridgewater)
    [#26738](#26738)
  * move DTRACE\_\* probes out of global scope (James M Snell)
    [#26541](#26541)
  * deprecate \_stream\_wrap (Sam Roberts)  [#26245]
  (#26245)
  * don't use `util.inspect()` internals (Ruben Bridgewater)
    [#24971](#24971)
  * improve error message for MODULE\_NOT\_FOUND (Ali Ijaz Sheikh)
    [#25690](#25690)
  * requireStack property for MODULE\_NOT\_FOUND (Ali Ijaz Sheikh)
    [#25690](#25690)
  * move DEP0029 to end of life (cjihrig)
    [#25377](#25377)
  * move DEP0028 to end of life (cjihrig)
    [#25377](#25377)
  * move DEP0027 to end of life (cjihrig)
    [#25377](#25377)
  * move DEP0026 to end of life (cjihrig)
    [#25377](#25377)
  * move DEP0023 to end of life (cjihrig)
    [#25280](#25280)
  * move DEP0006 to end of life (cjihrig)
    [#25279](#25279)
  * remove unintended access to deps/ (Anna Henningsen)
    [#25138](#25138)
  * move DEP0120 to end of life (cjihrig)
    [#24862](#24862)
  * use ES6 class inheritance style (Ruben Bridgewater)
    [#24755](#24755)
  * remove `inherits()` usage (Ruben Bridgewater)
    [#24755](#24755)
* module:
  * remove dead code (Ruben Bridgewater)
    [#26983](#26983)
  * mark DEP0019 as End-of-Life (Ruben Bridgewater)
    [#26973](#26973)
  * throw an error for invalid package.json main entries
    (Ruben Bridgewater)
    [#26823](#26823)
  * don't search in require.resolve.paths (cjihrig)
    [#23683](#23683)
* n-api:
  * remove code from error name (Ruben Bridgewater)
    [#26738](#26738)
* net:
  * do not manipulate potential user code (Ruben Bridgewater)
    [#26751](#26751)
  * emit "write after end" errors in the next tick (Ouyang Yadong)
    [#24457](#24457)
  * deprecate \_setSimultaneousAccepts() undocumented function
    (James M Snell)
    [#23760](#23760)
* net,http2:
  * merge setTimeout code (ZYSzys)
    [#25084](#25084)
* os:
  * implement os.type() using uv\_os\_uname() (cjihrig)
    [#25659](#25659)
* process:
  * global.process, global.Buffer getters (Guy Bedford)
    [#26882](#26882)
  * move DEP0062 (node --debug) to end-of-life (Joyee Cheung)
    [#25828](#25828)
  * exit on --debug and --debug-brk after option parsing (Joyee Cheung)
    [#25828](#25828)
  * improve `--redirect-warnings` handling (Ruben Bridgewater)
    [#24965](#24965)
* readline:
  * support TERM=dumb (Vladislav Kaminsky)
    [#26261](#26261)
* repl:
  * add welcome message (gengjiawen)
    [#25947](#25947)
  * fix terminal default setting (Ruben Bridgewater)
    [#26518](#26518)
  * check colors with .getColorDepth() (Vladislav Kaminsky)
    [#26261](#26261)
  * deprecate REPLServer.rli (Ruben Bridgewater)
    [#26260](#26260)
* src:
  * remove unused INT\_MAX constant (Sam Roberts)
    [#27078](#27078)
  * update NODE\_MODULE\_VERSION to 72 (Ujjwal Sharma)
    [#26685](#26685)
  * remove `AddPromiseHook()` (Anna Henningsen)
    [#26574](#26574)
  * update NODE\_MODULE\_VERSION to 71 (Michaël Zasso)
    [#25852](#25852)
  * clean up MultiIsolatePlatform interface (Anna Henningsen)
    [#26384](#26384)
  * properly configure default heap limits (Ali Ijaz Sheikh)
    [#25576](#25576)
  * remove icuDataDir from node config (GauthamBanasandra)
    [#24780](#24780)
  * explicitly allow JS in ReadHostObject (Yang Guo)
    [#23423](#23423)
  * update postmortem constant (cjihrig)
    [#23423](#23423)
  * update NODE\_MODULE\_VERSION to 68 (Michaël Zasso)
    [#23423](#23423)
* tls:
  * support TLSv1.3 (Sam Roberts)
    [#26209](#26209)
  * return correct version from getCipher() (Sam Roberts)
    [#26625](#26625)
  * check arg types of renegotiate() (Sam Roberts)
    [#25876](#25876)
  * add code for ERR\_TLS\_INVALID\_PROTOCOL\_METHOD (Sam Roberts)
    [#24729](#24729)
  * emit a warning when servername is an IP address (Rodger Combs)
    [#23329](#23329)
  * disable TLS v1.0 and v1.1 by default (Ben Noordhuis)
    [#23814](#23814)
  * remove unused arg to createSecureContext() (Sam Roberts)
    [#24241](#24241)
  * deprecate Server.prototype.setOptions() (cjihrig)[
    #23820](#23820)
  * load NODE\_EXTRA\_CA\_CERTS at startup (Ouyang Yadong)
    [#23354](#23354)
* util:
  * change inspect compact and breakLength default (Ruben Bridgewater)
    [#27109](#27109)
  * improve inspect edge cases (Ruben Bridgewater)
    [#27109](#27109)
  * only the first line of the error message (Simon Zünd)
    [#26685](#26685)
  * don't set the prototype of callbackified functions
    (Ruben Bridgewater)
    [#26893](#26893)
  * rename callbackified function (Ruben Bridgewater)
    [#26893](#26893)
  * increase function length when using `callbackify()`
    (Ruben Bridgewater)
    [#26893](#26893)
  * prevent tampering with internals in `inspect()` (Ruben Bridgewater)
    [#26577](#26577)
  * fix proxy inspection (Ruben Bridgewater)
    [#26241](#26241)
  * prevent leaking internal properties (Ruben Bridgewater)
    [#24971](#24971)
  * protect against monkeypatched Object prototype for inspect()
    (Rich Trott)
    [#25953](#25953)
  * treat format arguments equally (Roman Reiss)
    [#23162](#23162)
* win, fs:
  * detect if symlink target is a directory (Bartosz Sosnowski)
    [#23724](#23724)
* zlib:
  * throw TypeError if callback is missing (Anna Henningsen)[
    #24929](#24929)
  * make “bare” constants un-enumerable (Anna Henningsen)
    [#24824](#24824)

PR-URL: #26930
BethGriggs added a commit that referenced this pull request Apr 23, 2019
Notable changes:

* assert:
    * validate required arguments (Ruben Bridgewater)
      [#26641](#26641)
    * adjust loose assertions (Ruben Bridgewater)
      [#25008](#25008)
* async_hooks:
    * remove deprecated `emitBefore` and `emitAfter` (Matteo Collina)
      [#26530](#26530)
    * remove promise object from resource (Andreas Madsen)
      [#23443](#23443)
* bootstrap: make Buffer and process non-enumerable (Ruben Bridgewater)
      [#24874](#24874)
* buffer:
    * use stricter range checks (Ruben Bridgewater)
      [#27045](#27045)
    * harden `SlowBuffer` creation (ZYSzys)
      [#26272](#26272)
    * harden validation of buffer allocation size (ZYSzys)
      [#26162](#26162)
    * do proper error propagation in addon methods (Anna Henningsen)
      [#23939](#23939)
* child_process:
    * remove `options.customFds` (cjihrig)
      [#25279](#25279)
    * harden fork arguments validation (ZYSzys)
      [#27039](#27039)
    * use non-infinite `maxBuffer` defaults (kohta ito)
      [#23027](#23027)
* console:
    * don't use ANSI escape codes when `TERM=dumb` (Vladislav Kaminsky)
      [#26261](#26261)
* crypto:
    * remove legacy native handles (Tobias Nießen)
      [#27011](#27011)
    * decode missing passphrase errors (Tobias Nießen)
      [#25208](#25208)
    * remove `Cipher.setAuthTag()` and `Decipher.getAuthTag()`
      (Tobias Nießen)
      [#26249](#26249)
    * remove deprecated `crypto._toBuf()` (Tobias Nießen)
      [#25338](#25338)
    * set `DEFAULT\_ENCODING` property to non-enumerable
      (Antoine du Hamel)
      [#23222](#23222)
* deps:
    * update V8 to 7.4.288.13
    (Michaël Zasso, cjihrig, Refael Ackermann)
    (Anna Henningsen, Ujjwal Sharma)
      [#26685](#26685)
    * bump minimum icu version to 63 (Ujjwal Sharma)
      [#25852](#25852)
    * update OpenSSL to 1.1.1b (Sam Roberts, Shigeki Ohtsu)
      [#26327](#26327)
* errors:
    * update error name (Ruben Bridgewater)
      [#26738](#26738)
* fs:
    * use proper .destroy() implementation for SyncWriteStream
      (Matteo Collina)
      [#26690](#26690)
    * improve mode validation (Ruben Bridgewater)
      [#26575](#26575)
    * harden validation of start option in `createWriteStream()`
      (ZYSzys)
      [#25579](#25579)
    * make writeFile consistent with readFile wrt fd
      (Sakthipriyan Vairamani (thefourtheye))
      [#23709](#23709)
* http:
    * validate timeout in `ClientRequest()` (cjihrig)
      [#26214](#26214)
    * return HTTP 431 on `HPE_HEADER_OVERFLOW` error (Albert Still)
      [#25605](#25605)
    * switch default parser to llhttp (Anna Henningsen)
      [#24870](#24870)
    * Runtime-deprecate `outgoingMessage._headers` and
      `outgoingMessage._headerNames` (Morgan Roderick)
      [#24167](#24167)
* lib:
    * remove `Atomics.wake()` (Gus Caplan)
      [#27033](#27033)
    * move DTRACE\_\* probes out of global scope (James M Snell)
      [#26541](#26541)
    * deprecate `_stream_wrap` (Sam Roberts)
      [#26245](#26245)
    * use ES6 class inheritance style (Ruben Bridgewater)
      [#24755](#24755)
* module:
    * remove unintended access to deps/ (Anna Henningsen)
      [#25138](#25138)
    * improve error message for MODULE\_NOT\_FOUND (Ali Ijaz Sheikh)
      [#25690](#25690)
    * requireStack property for MODULE\_NOT\_FOUND (Ali Ijaz Sheikh)
      [#25690](#25690)
    * remove dead code (Ruben Bridgewater)
      [#26983](#26983)
    * make `require('.')` never resolve outside the current directory
      (Ruben Bridgewater)
      [#26973](#26973)
    * throw an error for invalid package.json main entries
      (Ruben Bridgewater)
      [#26823](#26823)
    * don't search in `require.resolve.paths` (cjihrig)
      [#23683](#23683)
* net:
    * remove `Server.listenFD()` (cjihrig)
      [#27127](#27127)
    * do not add `.host` and `.port` properties to DNS error
      (Ruben Bridgewater)
      [#26751](#26751)
    * emit "write after end" errors in the next tick (Ouyang Yadong)
      [#24457](#24457)
    * deprecate `_setSimultaneousAccepts()` undocumented function
      (James M Snell)
      [#23760](#23760)
* os:
    * implement `os.type()` using `uv_os_uname()` (cjihrig)
      [#25659](#25659)
    * remove `os.getNetworkInterfaces()` (cjihrig)
      [#25280](#25280)
* process:
    * make global.process, global.Buffer getters (Guy Bedford)
      [#26882](#26882)
    * move DEP0062 (node --debug) to end-of-life (Joyee Cheung)
      [#25828](#25828)
    * exit on --debug and --debug-brk after option parsing
      (Joyee Cheung)
      [#25828](#25828)
    * improve `--redirect-warnings` handling (Ruben Bridgewater)
      [#24965](#24965)
* readline:
    * support TERM=dumb (Vladislav Kaminsky)
      [#26261](#26261)
* repl:
    * add welcome message (gengjiawen)
      [#25947](#25947)
    * fix terminal default setting (Ruben Bridgewater)
      [#26518](#26518)
    * check colors with `.getColorDepth()` (Vladislav Kaminsky)
      [#26261](#26261)
    * deprecate REPLServer.rli (Ruben Bridgewater)
      [#26260](#26260)
* src:
    * remove unused `INT_MAX` constant (Sam Roberts)
      [#27078](#27078)
    * update `NODE_MODULE_VERSION` to 72 (Ujjwal Sharma)
      [#26685](#26685)
    * remove `AddPromiseHook()` (Anna Henningsen)
      [#26574](#26574)
    * clean up `MultiIsolatePlatform` interface (Anna Henningsen)
      [#26384](#26384)
    * properly configure default heap limits (Ali Ijaz Sheikh)
      [#25576](#25576)
    * remove `icuDataDir` from node config (GauthamBanasandra)
      [#24780](#24780)
* tls:
    * support TLSv1.3 (Sam Roberts)
      [#26209](#26209)
    * return correct version from `getCipher()` (Sam Roberts)
      [#26625](#26625)
    * check arg types of renegotiate() (Sam Roberts)
      [#25876](#25876)
    * add code for `ERR_TLS_INVALID_PROTOCOL_METHOD` (Sam Roberts)
      [#24729](#24729)
    * emit a warning when servername is an IP address (Rodger Combs)
      [#23329](#23329)
    * disable TLS v1.0 and v1.1 by default (Ben Noordhuis)
      [#23814](#23814)
    * remove unused arg to createSecureContext() (Sam Roberts)
      [#24241](#24241)
    * deprecate `Server.prototype.setOptions()` (cjihrig)
      [#23820](#23820)
    * load `NODE_EXTRA_CA_CERTS` at startup (Ouyang Yadong)
      [#23354](#23354)
* util:
    * remove `util.print()`, `util.puts()`, `util.debug()`
      and `util.error()` (cjihrig)
      [#25377](#25377)
    * change inspect compact and breakLength default
      (Ruben Bridgewater)
      [#27109](#27109)
    * improve inspect edge cases (Ruben Bridgewater)
      [#27109](#27109)
    * only the first line of the error message (Simon Zünd)
      [#26685](#26685)
    * don't set the prototype of callbackified functions
      (Ruben Bridgewater)
      [#26893](#26893)
    * rename callbackified function (Ruben Bridgewater)
      [#26893](#26893)
    * increase function length when using `callbackify()`
      (Ruben Bridgewater)
      [#26893](#26893)
    * prevent tampering with internals in `inspect()`
      (Ruben Bridgewater)
      [#26577](#26577)
    * prevent Proxy traps being triggered by `.inspect()`
      (Ruben Bridgewater)
      [#26241](#26241)
    * prevent leaking internal properties (Ruben Bridgewater)
      [#24971](#24971)
    * protect against monkeypatched Object prototype for inspect()
      (Rich Trott)
      [#25953](#25953)
    * treat format arguments equally (Roman Reiss)
      [#23162](#23162)
* win, fs:
    * detect if symlink target is a directory (Bartosz Sosnowski)
      [#23724](#23724)
* zlib:
    * throw TypeError if callback is missing (Anna Henningsen)
      [#24929](#24929)
    * make “bare” constants un-enumerable (Anna Henningsen)
      [#24824](#24824)

PR-URL: #26930
BethGriggs added a commit that referenced this pull request Apr 23, 2019
Notable changes:

* assert:
    * validate required arguments (Ruben Bridgewater)
      [#26641](#26641)
    * adjust loose assertions (Ruben Bridgewater)
      [#25008](#25008)
* async_hooks:
    * remove deprecated `emitBefore` and `emitAfter` (Matteo Collina)
      [#26530](#26530)
    * remove promise object from resource (Andreas Madsen)
      [#23443](#23443)
* bootstrap: make Buffer and process non-enumerable (Ruben Bridgewater)
      [#24874](#24874)
* buffer:
    * use stricter range checks (Ruben Bridgewater)
      [#27045](#27045)
    * harden `SlowBuffer` creation (ZYSzys)
      [#26272](#26272)
    * harden validation of buffer allocation size (ZYSzys)
      [#26162](#26162)
    * do proper error propagation in addon methods (Anna Henningsen)
      [#23939](#23939)
* child_process:
    * remove `options.customFds` (cjihrig)
      [#25279](#25279)
    * harden fork arguments validation (ZYSzys)
      [#27039](#27039)
    * use non-infinite `maxBuffer` defaults (kohta ito)
      [#23027](#23027)
* console:
    * don't use ANSI escape codes when `TERM=dumb` (Vladislav Kaminsky)
      [#26261](#26261)
* crypto:
    * remove legacy native handles (Tobias Nießen)
      [#27011](#27011)
    * decode missing passphrase errors (Tobias Nießen)
      [#25208](#25208)
    * remove `Cipher.setAuthTag()` and `Decipher.getAuthTag()`
      (Tobias Nießen)
      [#26249](#26249)
    * remove deprecated `crypto._toBuf()` (Tobias Nießen)
      [#25338](#25338)
    * set `DEFAULT\_ENCODING` property to non-enumerable
      (Antoine du Hamel)
      [#23222](#23222)
* deps:
    * update V8 to 7.4.288.13
    (Michaël Zasso, cjihrig, Refael Ackermann)
    (Anna Henningsen, Ujjwal Sharma)
      [#26685](#26685)
    * bump minimum icu version to 63 (Ujjwal Sharma)
      [#25852](#25852)
    * update OpenSSL to 1.1.1b (Sam Roberts, Shigeki Ohtsu)
      [#26327](#26327)
* errors:
    * update error name (Ruben Bridgewater)
      [#26738](#26738)
* fs:
    * use proper .destroy() implementation for SyncWriteStream
      (Matteo Collina)
      [#26690](#26690)
    * improve mode validation (Ruben Bridgewater)
      [#26575](#26575)
    * harden validation of start option in `createWriteStream()`
      (ZYSzys)
      [#25579](#25579)
    * make writeFile consistent with readFile wrt fd
      (Sakthipriyan Vairamani (thefourtheye))
      [#23709](#23709)
* http:
    * validate timeout in `ClientRequest()` (cjihrig)
      [#26214](#26214)
    * return HTTP 431 on `HPE_HEADER_OVERFLOW` error (Albert Still)
      [#25605](#25605)
    * switch default parser to llhttp (Anna Henningsen)
      [#24870](#24870)
    * Runtime-deprecate `outgoingMessage._headers` and
      `outgoingMessage._headerNames` (Morgan Roderick)
      [#24167](#24167)
* lib:
    * remove `Atomics.wake()` (Gus Caplan)
      [#27033](#27033)
    * move DTRACE\_\* probes out of global scope (James M Snell)
      [#26541](#26541)
    * deprecate `_stream_wrap` (Sam Roberts)
      [#26245](#26245)
    * use ES6 class inheritance style (Ruben Bridgewater)
      [#24755](#24755)
* module:
    * remove unintended access to deps/ (Anna Henningsen)
      [#25138](#25138)
    * improve error message for MODULE\_NOT\_FOUND (Ali Ijaz Sheikh)
      [#25690](#25690)
    * requireStack property for MODULE\_NOT\_FOUND (Ali Ijaz Sheikh)
      [#25690](#25690)
    * remove dead code (Ruben Bridgewater)
      [#26983](#26983)
    * make `require('.')` never resolve outside the current directory
      (Ruben Bridgewater)
      [#26973](#26973)
    * throw an error for invalid package.json main entries
      (Ruben Bridgewater)
      [#26823](#26823)
    * don't search in `require.resolve.paths` (cjihrig)
      [#23683](#23683)
* net:
    * remove `Server.listenFD()` (cjihrig)
      [#27127](#27127)
    * do not add `.host` and `.port` properties to DNS error
      (Ruben Bridgewater)
      [#26751](#26751)
    * emit "write after end" errors in the next tick (Ouyang Yadong)
      [#24457](#24457)
    * deprecate `_setSimultaneousAccepts()` undocumented function
      (James M Snell)
      [#23760](#23760)
* os:
    * implement `os.type()` using `uv_os_uname()` (cjihrig)
      [#25659](#25659)
    * remove `os.getNetworkInterfaces()` (cjihrig)
      [#25280](#25280)
* process:
    * make global.process, global.Buffer getters (Guy Bedford)
      [#26882](#26882)
    * move DEP0062 (node --debug) to end-of-life (Joyee Cheung)
      [#25828](#25828)
    * exit on --debug and --debug-brk after option parsing
      (Joyee Cheung)
      [#25828](#25828)
    * improve `--redirect-warnings` handling (Ruben Bridgewater)
      [#24965](#24965)
* readline:
    * support TERM=dumb (Vladislav Kaminsky)
      [#26261](#26261)
* repl:
    * add welcome message (gengjiawen)
      [#25947](#25947)
    * fix terminal default setting (Ruben Bridgewater)
      [#26518](#26518)
    * check colors with `.getColorDepth()` (Vladislav Kaminsky)
      [#26261](#26261)
    * deprecate REPLServer.rli (Ruben Bridgewater)
      [#26260](#26260)
* src:
    * remove unused `INT_MAX` constant (Sam Roberts)
      [#27078](#27078)
    * update `NODE_MODULE_VERSION` to 72 (Ujjwal Sharma)
      [#26685](#26685)
    * remove `AddPromiseHook()` (Anna Henningsen)
      [#26574](#26574)
    * clean up `MultiIsolatePlatform` interface (Anna Henningsen)
      [#26384](#26384)
    * properly configure default heap limits (Ali Ijaz Sheikh)
      [#25576](#25576)
    * remove `icuDataDir` from node config (GauthamBanasandra)
      [#24780](#24780)
* tls:
    * support TLSv1.3 (Sam Roberts)
      [#26209](#26209)
    * return correct version from `getCipher()` (Sam Roberts)
      [#26625](#26625)
    * check arg types of renegotiate() (Sam Roberts)
      [#25876](#25876)
    * add code for `ERR_TLS_INVALID_PROTOCOL_METHOD` (Sam Roberts)
      [#24729](#24729)
    * emit a warning when servername is an IP address (Rodger Combs)
      [#23329](#23329)
    * disable TLS v1.0 and v1.1 by default (Ben Noordhuis)
      [#23814](#23814)
    * remove unused arg to createSecureContext() (Sam Roberts)
      [#24241](#24241)
    * deprecate `Server.prototype.setOptions()` (cjihrig)
      [#23820](#23820)
    * load `NODE_EXTRA_CA_CERTS` at startup (Ouyang Yadong)
      [#23354](#23354)
* util:
    * remove `util.print()`, `util.puts()`, `util.debug()`
      and `util.error()` (cjihrig)
      [#25377](#25377)
    * change inspect compact and breakLength default
      (Ruben Bridgewater)
      [#27109](#27109)
    * improve inspect edge cases (Ruben Bridgewater)
      [#27109](#27109)
    * only the first line of the error message (Simon Zünd)
      [#26685](#26685)
    * don't set the prototype of callbackified functions
      (Ruben Bridgewater)
      [#26893](#26893)
    * rename callbackified function (Ruben Bridgewater)
      [#26893](#26893)
    * increase function length when using `callbackify()`
      (Ruben Bridgewater)
      [#26893](#26893)
    * prevent tampering with internals in `inspect()`
      (Ruben Bridgewater)
      [#26577](#26577)
    * prevent Proxy traps being triggered by `.inspect()`
      (Ruben Bridgewater)
      [#26241](#26241)
    * prevent leaking internal properties (Ruben Bridgewater)
      [#24971](#24971)
    * protect against monkeypatched Object prototype for inspect()
      (Rich Trott)
      [#25953](#25953)
    * treat format arguments equally (Roman Reiss)
      [#23162](#23162)
* win, fs:
    * detect if symlink target is a directory (Bartosz Sosnowski)
      [#23724](#23724)
* zlib:
    * throw TypeError if callback is missing (Anna Henningsen)
      [#24929](#24929)
    * make “bare” constants un-enumerable (Anna Henningsen)
      [#24824](#24824)

PR-URL: #26930
@BridgeAR BridgeAR deleted the improve-loader-errors branch January 20, 2020 11:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. deprecations Issues and PRs related to deprecations. errors Issues and PRs related to JavaScript errors originated in Node.js core. module Issues and PRs related to the module subsystem. semver-major PRs that contain breaking changes and should be released in the next major version.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Improve "Cannot find module" error