Upgrade Cube to NodeJS 20 #8087
Comments
spljs
added
the
question
|
Hi @spljs 👋 Could you please provide more context on why you'd like this upgrade? Since you're running Cube in Docker (are you?), does the Node version make much difference? |
|
Initially cgroup is a Linux kernel process, focus on system resources allocation. And croupsv2 is an evolution offering a simplified API, an improved resource management system (unified hierarchy, more granular control) and an enhanced security, inc. for containers. And so, cgroupsv2 is being progressively deployed since mid 2023 on cloud providers environments, including Kubernetes, that we use for our PaaS environments. Thus we want to upgrade in order to prevent outage with any languages, frameworks & libraries that are not compatible. |
|
@igorlukanin We have a similar ask. Here's some context for you: As part of our security and compliance requirements, we do not use versions of nodejs that have reached EOL. Node 16 went EOL in Oct 2023 & node 18 is already in maintenance mode. We have a number of CI systems & processes that check for and enforce our minimum node versions (currently 18, but about to be 20). Having cube lag behind on 16 is a problem, because it makes integrating cube into our engineering processes more challenging. In addition, even though cube is running in a container, node 16 may have active vulnerabilities that have been patched in newer versions, and the nodejs ecosystem generally does not provide support for security fixes, etc. after EOL. I would also add that it is near impossible for anyone to guarantee that they are not affected by vulnerabilities. Docker containers can be vulnerable as well. We are SOC2 compliant, and I can see that cube is as well. Using unsupported versions of runtimes is generally considered a gap, and should be treated as not being actively compliant, in my opinion. I, of course, understand that there are many moving pieces and it's not easy to be 100% compliant in all cases, but node 16 is becoming very outdated given that node 22 is targeted to become active this month. |
igorlukanin
added
enhancement
|
hey @igorlukanin, any updates on the node upgrade? Node 18 will go end of life in April (https://endoflife.date/nodejs), and we too are now starting to investigate upgrading our architecture to be node 20 and/or 22 compliant for security. |
|
We might do that soon, however, I don't have any ETA to share as of now. |
|
Upgrade to Node.js 20 is coming with a |
|
We released v0.36.0 Thanks |
Problem
Hello, is it possible to upgrade to nodeJS 20 ?
Additional context
I've tried to run cube using nodeJS 20 and it runs well. But there might be some tests i've missed , i would like to know your opinion about that
The text was updated successfully, but these errors were encountered: