• Matthoffman/unpin brotli4j by @matthoffman in https://github.com/Netflix/zuul/pull/2151

Full Changelog: https://github.com/Netflix/zuul/compare/v3.6.15...v3.6.16

Apache Superset is a modern, enterprise-ready business intelligence web application

https://fluentbit.io/announcements/v5.0.8/

• release: update to 5.0.8 by @github-actions[bot] in https://github.com/fluent/fluent-bit/pull/11924
• github: workflows: Adjust permissions to make efficient package/integration tests by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11936
• github: workflows: Specify OS configs explicitly by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11934
• in_windows_exporter_metrics: Plug bitwise glitches on 32bit oses by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11940
• regex: Plug a regex literal crash by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11938
• out_forward: process type and length of pong strictly by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11945
• unicode: Use the correct maximum size of Cyrillic by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11928
• opentelemetry: render unset AnyValue in OTLP JSON by @edsiper in https://github.com/fluent/fluent-bit/pull/11943
• storage: fix stale chunks handling on limits by @edsiper in https://github.com/fluent/fluent-bit/pull/11632
• workflows: bump actions/checkout from 6.0.3 to 7.0.0 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/11965
• in_ebpf: Implement sched trace by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11743
• in_tail: Plug timer lifecycle glitches on progress check by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11956
• in_winevtlog: Handle structured xml query as separated subscriptions by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11957
• aws: error_reporter: Plug SEGV occurrences on cloudwatch logs by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11966
• in_tail: fix out-of-bounds read in unesc_ends_with_nl by @saddamr3e in https://github.com/fluent/fluent-bit/pull/11952
• config_format: fix caller-owned parse failure cleanup by @edsiper in https://github.com/fluent/fluent-bit/pull/11955
• workflows: bump softprops/action-gh-release from 3.0.0 to 3.0.1 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/11976
• workflows: bump github/codeql-action from 4.36.1 to 4.36.2 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/11975
• scheduler: Plug FD leaks on destroy by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11977
• dockefile: Install libxxhash0 on builder image by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11980
• workflows: bump aquasecurity/trivy-action from 0.35.0 to 0.36.0 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/11982
• workflows: bump reviewdog/action-hadolint from 1.50.5 to 1.51.0 by @dependabot[bot] in https://github.com/fluent/fluent-bit/pull/11981
• out_loki: Handle loki tenant_id_key properly by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11832
• out_cloudwatch_logs: Ensure escaping backslashes on cloudwatch API requests' body by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11933
• tests: runtime: Try to eliminate flakyness on CI load by @cosmo0920 in https://github.com/fluent/fluent-bit/pull/11984
• in_tail: fix ignore_active_older_files to re-check mtime on aged-out files by @zshuang0316 in https://github.com/fluent/fluent-bit/pull/11890
• aws: catch auth errors on XML responses by @antoniomrfranco in https://github.com/fluent/fluent-bit/pull/11891
• out_azure_blob: correctly handle successful Delete Blob responses by @Vaibhav-C-S in https://github.com/fluent/fluent-bit/pull/11925
• node_exporter_metrics: Add file path to error messages by @rossigee in https://github.com/fluent/fluent-bit/pull/11839
• out_es/out_opensearch: sanitize bulk action metadata by @edsiper in https://github.com/fluent/fluent-bit/pull/11967
• opentelemetry: fix JSON histogram bounds handling by @edsiper in https://github.com/fluent/fluent-bit/pull/11989
• lib: cmetrics: upgrade to v2.1.5 by @edsiper in https://github.com/fluent/fluent-bit/pull/11990

• @saddamr3e made their first contribution in https://github.com/fluent/fluent-bit/pull/11952
• @antoniomrfranco made their first contribution in https://github.com/fluent/fluent-bit/pull/11891
• @Vaibhav-C-S made their first contribution in https://github.com/fluent/fluent-bit/pull/11925
• @rossigee made their first contribution in https://github.com/fluent/fluent-bit/pull/11839

Full Changelog: https://github.com/fluent/fluent-bit/compare/v5.0.7...v5.0.8

• [e07e7a31e1] - crypto: update root certificates to NSS 3.123.1 (Node.js GitHub Bot) #63527
• [44c8ebcbd6] - http: avoid stream listeners on idle agent sockets (Matteo Collina) #64004
• [d3ef4122ee] - (SEMVER-MINOR) buffer: increase Buffer.poolSize default to 64 KiB (Matteo Collina) #63597
• [bb2857b85a] - (SEMVER-MINOR) crypto: align key argument names in docs and error messages (Filip Skokan) #62527
• [b9d5e87880] - (SEMVER-MINOR) crypto: accept key data in crypto.diffieHellman() and cleanup DH jobs (Filip Skokan) #62527
• [ccd756d61e] - (SEMVER-MINOR) crypto: add TurboSHAKE and KangarooTwelve Web Cryptography algorithms (Filip Skokan) #62183
• [4c9251fc09] - (SEMVER-MINOR) http: add writeInformation to send arbitrary 1xx status codes (Tim Perry) #63155
• [8c989ec4a3] - (SEMVER-MINOR) inspector: expose precise coverage start to JS runtime (sangwook) #63079
• [3f54c8ba32] - Revert "stream: noop pause/resume on destroyed streams" (Stewart X Addison) #63834

• [d3ef4122ee] - (SEMVER-MINOR) buffer: increase Buffer.poolSize default to 64 KiB (Matteo Collina) #63597
• [9ff36e40f0] - build: add --enable-all-experimentals build flag (Paolo Insogna) #62755
• [7c22ee23aa] - build: def NODE_USE_NODE_CODE_CACHE only used in node_mksnapshot (Chengzhong Wu) #63588
• [2551abdb4a] - build,win: enable x64 PGO (Stefan Stojanovic) #62761
• [e8a55ce9b1] - crypto: strengthen argument CHECKs in TurboSHAKE (Tobias Nießen) #62763
• [ae61cd68f3] - crypto: harden WebCrypto against prototype pollution (Filip Skokan) #63363
• [3d05a1d396] - crypto: pass CryptoKey handles to KDF jobs (Filip Skokan) #63363
• [f9d10a3f6b] - crypto: remove async from WebCrypto methods (Filip Skokan) #63363
• [e431d93e9e] - crypto: add WebCrypto CryptoJob mode (Filip Skokan) #63363
• [56e2505e48] - crypto: wire ML-DSA and ML-KEM for use when using BoringSSL (Filip Skokan) #63255
• [3bac77f2a8] - crypto: wire ChaCha20-Poly1305 in Web Cryptography when using BoringSSL (Filip Skokan) #63255
• [1bff901b09] - crypto: wire AES-KW in Web Cryptography when using BoringSSL (Filip Skokan) #63255
• [4433fca3df] - crypto: harden CryptoKey algorithm slots (Filip Skokan) #63111
• [b5cf01217a] - crypto: harden KeyObject internal slots (Filip Skokan) #63111
• [ce84aef37d] - crypto: add guards and adjust tests for BoringSSL (Filip Skokan) #62883
• [26781689b0] - crypto: reject duplicate ML-KEM JWK key_ops (Filip Skokan) #62905
• [aeea8f4970] - crypto: add JWK support for ML-KEM and SLH-DSA key types (Filip Skokan) #62706
• [407cf91656] - crypto: guard against size_t overflow on experimental 32-bit arch (Filip Skokan) #62626
• [bb2857b85a] - (SEMVER-MINOR) crypto: align key argument names in docs and error messages (Filip Skokan) #62527
• [b9d5e87880] - (SEMVER-MINOR) crypto: accept key data in crypto.diffieHellman() and cleanup DH jobs (Filip Skokan) #62527
• [b46d52b283] - crypto: unify asymmetric key import through KeyObjectHandle::Init (Filip Skokan) #62499
• [ccd756d61e] - (SEMVER-MINOR) crypto: add TurboSHAKE and KangarooTwelve Web Cryptography algorithms (Filip Skokan) #62183
• [e07e7a31e1] - crypto: update root certificates to NSS 3.123.1 (Node.js GitHub Bot) #63527
• [61826df455] - crypto: coerce -0 keylen to +0 in pbkdf2 and scrypt (Jordan Harband) #63531
• [16d2fd3c07] - crypto: align verifyOneShot accepted types (Anshika Jain) #63280
• [3b8330deda] - crypto: improve system certificate enumeration logic on macOS (Robo) #62576
• [141de35399] - debugger: add --help to node inspect and improve docs (Joyee Cheung) #63201
• [b76bfcd4fa] - deps: upgrade npm to 11.16.0 (npm team) #63602
• [4ec142314c] - deps: SQLite: cherry-pick b869ed6b067d623cb1383549f2a18aa35508385d (Junsu Han) #63525
• [19e8ce1c36] - deps: upgrade npm to 11.15.0 (npm team) #63463
• [8a264260e2] - deps: update sqlite to 3.53.1 (Node.js GitHub Bot) #63217
• [50c8ff3f94] - deps: update simdjson to 4.6.4 (Node.js GitHub Bot) #62811
• [6e56f01c4b] - deps: V8: cherry-pick 435a2cdf664c (Matthias Liedtke) #63136
• [3ba813b242] - deps: cherry-pick libuv/libuv@a43e543 (Ali Hassan) #63222
• [2390e3a5ac] - doc: remove duplicated sentences in large-pull-requests.md (Joyee Cheung) #63650
• [52a1c18374] - doc: update git node land instructions for security releases (Antoine du Hamel) #63586
• [3e6b4da037] - doc: drop --experimental from --permission (Rafael Gonzaga) #63583
• [84d05163b9] - doc: explicitly ask for reproducible in JS (Rafael Gonzaga) #63479
• [7da2a4450e] - doc: fix URL postMessage example in worker_threads (Kit Dallege) #62203
• [3d79bd8b29] - doc: clarify filter option of sqlite.database.applyChangeset (Antoine du Hamel) #63515
• [4f4174aace] - doc: fix double spaces in ERR_TLS_INVALID_PROTOCOL_METHOD (Daijiro Wachi) #63511
• [388323ca4b] - doc: fix double space in modules.md (Daijiro Wachi) #63512
• [5258ccc058] - doc: fix "options" to "option" in tls.createServer (Daijiro Wachi) #63453
• [43e83e6507] - doc: fix typo in deprecations (Daijiro Wachi) #63434
• [f05a61d54c] - doc: remove unsupported template type from v8.md (René) #63410
• [c39d5fc820] - doc: fix article usage before vowel-sound acronyms (joao-oliveira-softtor) #62696
• [398261f911] - doc: remove the bi-monthly contributor spotlight section (Claudio Wunder) #62734
• [fd9e14c405] - doc: update http2's push and trailers events with rawHeaders param (YuSheng Chen) #63259
• [b943ce6933] - doc: remove inactive members from Triagers list (Antoine du Hamel) #63329
• [4b9cdfc022] - doc: reference correct function in Module docs (Robin Malfait) #63247
• [bed84b6df2] - doc: replace Visual Studio 2022 Evergreen version reference with 17.14 (Mike McCready) #63211
• [32ea70569b] - doc: recommend explicitly Tier 1 or 2 for production applications (Mike McCready) #63187
• [4627bcfd82] - doc: run license-builder (github-actions[bot]) #63232
• [28eba71845] - doc: add large pull requests contributing guide (Matteo Collina) #62829
• [2648efd438] - doc: remove unnecessary <!-- eslint- magic comments (Antoine du Hamel) #63200
• [a95fc1f8fc] - doc: clarify SEA platform support excludes darwin-x64 (MJSHANG) #63181
• [aaef29e2e1] - doc: update release steps when post-release fails (Rafael Gonzaga) #63131
• [7d81419cf2] - doc: add Hmac.digest() documentation-only deprecation (DEP0206) (Anshika Jain) #63121
• [ececd80d81] - doc: document the latest-vX.x schema (Marco Ippolito) #63033
• [27c1c1d842] - doc: remove list of versions in BUILDING.md (Antoine du Hamel) #63113
• [e369886a65] - doc,sqlite: document entryPoint argument for loadExtension (Edy Silva) #63152
• [e4e5137cbd] - errors: handle V8 warnings in DisallowJavascriptExecutionScope (Divyanshu Sharma) #63491
• [6d1f6048d2] - fs: make Date properties on Stats enumerable (LiviaMedeiros) #63328
• [44c8ebcbd6] - http: avoid stream listeners on idle agent sockets (Matteo Collina) #64004
• [4c9251fc09] - (SEMVER-MINOR) http: add writeInformation to send arbitrary 1xx status codes (Tim Perry) #63155
• [39f61fb06c] - http2: emit session close before stream close (Matteo Collina) #63414
• [8a8f2127d1] - http2: validate non-link headers in writeEarlyHints (Matteo Collina) #62017
• [8c989ec4a3] - (SEMVER-MINOR) inspector: expose precise coverage start to JS runtime (sangwook) #63079
• [c05f38229b] - lib: cleanup stateless diffiehellman key handling (Filip Skokan) #62645
• [1c16b45d35] - lib: refactor internal webidl converters (Filip Skokan) #62979
• [02f35d6dce] - lib: define kEnumerableProperty atomically (Antoine du Hamel) #63609
• [12c51547ba] - lib: fix typos in esm loader comments (RonGamzu) #63465
• [9b03b84262] - lib: fix typo idenity => identity (Daijiro Wachi) #63112
• [a84e6b0567] - lib: fixes validator message (Daijiro Wachi) #62823
• [11734166a8] - lib: narrow ReadableStreamBYOBRequest.view return type to Uint8Array (RoomWithOutRoof) #63017
• [7cead61d21] - meta: flip mcollina emails in .mailmap (Matteo Collina) #63621
• [a08cfcfd35] - meta: label "source maps" PRs (Chengzhong Wu) #63591
• [d56e8d2512] - meta: add vfs subsystem label (René) #62331
• [6201cfe488] - meta: skip scheduled workflows on forks (Jamie Magee) #63565
• [f095e2bd31] - meta: add additional gitignore entries (James M Snell) #63267
• [1ea52c444c] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #63402
• [b1b2327611] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #63235
• [7d88e130a9] - meta: ignore AI assistants files (Matteo Collina) #62612
• [a53b51df38] - module: load ESM helpers eagerly in the snapshot (Joyee Cheung) #63550
• [69df688fff] - module: fix sync hook short-circuit in require() in imported CJS (Joyee Cheung) #62920
• [75d9a4ed47] - node-api: support SharedArrayBuffer in napi_create_typedarray (Yilong Li) #62710
• [c20aa4c47b] - quic: add reusePort option to QuicEndpoint (James M Snell) #63267
• [26a30d8a7f] - quic: implement rate limiting for version nego and immediate close (James M Snell) #63267
• [0b534b5770] - quic: fixup linting issue after other changes (James M Snell) #63267
• [4b367cbe09] - quic: remove unused binding variable in session.cc (James M Snell) #63177
• [2574bef5a6] - repl: fix dedup comparing normalized line against raw history (Daijiro Wachi) #62886
• [30e71c7e49] - sqlite: keep source database alive during backup (Matteo Collina) #62673
• [677ca7e76c] - src: simplify OpenSSL feature gates (Filip Skokan) #63255
• [c863c75c39] - src: add BoringSSL EVP enumeration fallback (Filip Skokan) #63206
• [f6b2466921] - src: decouple KeyObject and CryptoKey and move CryptoKey to src (Filip Skokan) #62924
• [92d4f07dd2] - src: remove license headers for new node_profiling files (Chengzhong Wu) #63066
• [8ac5d771c8] - src: split profiling helpers from util (Ilyas Shabi) #63008
• [85d1639495] - src: remove TOCTOU race condition when encoding SAB-backed Buffers (Antoine du Hamel) #63517
• [9473c5f05c] - src: skip duplicate UTF-8 validation in TextDecoder fatal path (Mert Can Altin) #63231
• [f35c91ee68] - src: improve token return value check (James M Snell) #63483
• [26f677c1c5] - src: expose node::RegisterContext to make a node managed context (Chengzhong Wu) #62322
• [275cf909b6] - src,sqlite: only pass xFilter when user provided a callback (Antoine du Hamel) #63516
• [287e02303f] - src,sqlite: remove dead code (Edy Silva) #63204
• [58fa2ee189] - stream: switch to internal sleep binding (Antoine du Hamel) #63611
• [f954ab3f1a] - stream: use data listener for compose forwarding (Trivikram Kamat) #63593
• [dc57173003] - stream: fix Writable.toWeb() hang on synchronous drain (sangwook) #61197
• [3f54c8ba32] - Revert "stream: noop pause/resume on destroyed streams" (Stewart X Addison) #63834
• [cee279c5d6] - stream: remove unnecessary check (Antoine du Hamel) #63030
• [61b20f60a3] - test: update tls/crypto behaviour expectations when using BoringSSL (Filip Skokan) #63161
• [a835363808] - test: update WPT for WebCryptoAPI to 97bbc7247a (Node.js GitHub Bot) #63417
• [a00297480b] - test: update WPT resources, interfaces and WebCryptoAPI (Node.js GitHub Bot) #62389
• [5a95a2b055] - test: shorten path in net pipe connect errors (Matteo Collina) #63405
• [5e8ff22d8f] - test: remove test-node-output-v8-warning (Joyee Cheung) #63469
• [ee15380950] - test: update test426-fixtures to 9b9e225b5a63139e9a95cdd1bf874a8f0b9d131 (Node.js GitHub Bot) #63373
• [9e063d9bea] - test: update WPT for url to e4a4672e9e (Node.js GitHub Bot) #63372
• [503bee4b43] - test: deflake async-hooks statwatcher test (Trivikram Kamat) #63396
• [cccc7c32d8] - test: avoid test_runner watch restart in spec snapshot (Trivikram Kamat) #63392
• [c89489258c] - test: reduce watch mode restart flakiness (Trivikram Kamat) #63390
• [e4d5e2578e] - test: isolate rerun-failures state file under tmpdir (Chemi Atlow) #63449
• [362644a9ba] - test: wait for ok before initial break after restart (Yuya Inoue) #62807
• [c4058d0e05] - test: disable Maglev in near-heap-limit worker test (Trivikram Kamat) #63398
• [214da630a7] - test: deflake connection refused proxy tests (Trivikram Kamat) #63395
• [1d61a29876] - test: avoid repeated writes in watch helper (Trivikram Kamat) #63386
• [2004e25387] - test: deflake watch mode worker test (Trivikram Kamat) #63384
• [d691cccfc1] - test: relax test-memory-usage arrayBuffers check (inoway46) #63244
• [0ff6bf853c] - test: reduce flakiness of different-registry-per-thread (Antoine du Hamel) #63244
• [d9f4e8e503] - test: fix flaky test-watch-mode-inspect timeout (Matteo Collina) #63361
• [6d7cd50328] - test: relax min assertion in test-performance-eventloopdelay (Marco) #63100
• [9dafe1d2d8] - test: avoid flaky restart sync in debugger exceptions test (Yuya Inoue) #62055
• [989b2de973] - test: avoid initial-break wait in restart-message (inoway46) #62060
• [a072a25ee7] - test: move FFI tests to NATIVE_SUITES (Antoine du Hamel) #63165
• [64efbfd878] - test: use ERM to destroy sqlite database handles after tests (René) #63076
• [7dee66cd94] - test_runner: dont buffer unordered events in process isolation mode (Moshe Atlow) #63432
• [d257eec1e3] - test_runner: fix --test-rerun-failures swallowing failures on retry (Chemi Atlow) #63431
• [288c320e2f] - test_runner: show replayed-from-attempt hint in spec reporter (Moshe Atlow) #63429
• [904bdf5bb4] - test_runner: preserve run duration when using test-rerun (Moshe Atlow) #63429
• [df183d7bfa] - test_runner: avoid hanging on incomplete v8 frames (Ali Hassan) #62704
• [ec86c69726] - test_runner: fix diagnostics channel context tracking (Moshe Atlow) #63283
• [94e5f63b83] - tls: add unsupported renegotiation error (Filip Skokan) #63161
• [06d308fb61] - tools: prevent lib code from reading KeyObject and CryptoKey accessors (Filip Skokan) #63111
• [2e4a0d0c91] - tools: bump brace-expansion from 5.0.5 to 5.0.6 in /tools/eslint (dependabot[bot]) #63415
• [4c9666b366] - tools: skip commit-lint on backport pull requests (Marco) #63378
• [67d0c490a8] - tools: fix skip of test-internet on forks (Antoine du Hamel) #63492
• [02f73c7cac] - tools: bump the eslint group in /tools/eslint with 4 updates (dependabot[bot]) #63075
• [5d016d3241] - tools: update gyp-next to 0.22.2 (Node.js GitHub Bot) #63374
• [55af0f0edb] - tools: fix test426 updater (Antoine du Hamel) #63271
• [d8475e167a] - tools: use different branch for tool updates on staging branches (Antoine du Hamel) #63110
• [c605df9e50] - util: remove unused functions (Antoine du Hamel) #63612
• [fe4540ebdb] - util: create hex style cache and fast path (Guilherme Araújo) #62999

Apache Superset is a modern, enterprise-ready business intelligence web application

This release includes a fix for an unexpected behavior introduced by the recent security release (22.23.0).

• [41d2ee13be] - build: switch coverage-windows to windows-2022 (Richard Lau) #63940
• [eaa292549e] - http: avoid stream listeners on idle agent sockets (Matteo Collina) #64004

Apache Superset is a modern, enterprise-ready business intelligence web application

Download page What's new highlights

• Docker: Bump Alpine-based images to 3.24.1 #126548, @macabu
• Provisioning: Write _folder.json when creating dashboards in new folders #126323, @ferruvich
• Provisioning: Write _folder.json when moving dashboards into new folders #126676, @ferruvich

• Datasources: return 400 when payload UID does not match URL UID in PUT /api/datasources/uid/:uid #125771, @papagian
• Provisioning: Fix PR comments on multi-org Grafana instances #126887, @ferruvich
• Provisioning: Fix PR links when folder is renamed via UI #126858, @grafana-writer[bot]
• fix(provisioning): ignore terminating repositories when validating connection delete #126862, @grafana-writer[bot]
• fix: bad MySQL query in datasource_type column migration #126897, @grafana-writer[bot]