IO.js 1.6.4 发布，服务器 JS 引擎

4月18日 武汉 源创会开始报名，送华为开发板

io.js 1.6.4 发布，此版本值得关注的更新如下：

• npm: upgrade npm to 2.7.5. See npm CHANGELOG.md for details. Includes two important security fixes. Summary:

• 300834etar@2.0.0: Normalize symbolic links that point to targets outside theextraction root. This prevents packages containing symbolic links fromoverwriting targets outside the expected paths for a package. Thanks to TimCuthbertson and the team at LiftSecurity for working with the npm team to identifythis issue. (@othiym23)

• 0dc6875semver@4.3.2: Package versions can be no more than 256 characters long.This prevents a situation in which parsing the version number can useexponentially more time and memory to parse, leading to a potential denial ofservice. Thanks to Adam Baldwin at Lift Security for bringing this to ourattention.  (@isaacs)

• eab6184#7766 One last tweak to ensure thatGitHub shortcuts work with private repositories.(@iarna)

• a840a13#7746 Only fix up git URL paths whenthere are paths to fix up. (@othiym23)

• openssl: preliminary work has been done for an upcoming upgrade to OpenSSL 1.0.2a #1325 (Shigeki Ohtsu). See #589 for additional details.

• timers: a minor memory leak when timers are unreferenced was fixed, alongside some related timers issues #1330 (Fedor Indutny). This appears to have fixed the remaining leak reported in #1075.

• android: it is now possible to compile io.js for Android and related devices #1307 (Giovanny Andres Gongora Granada).

详细更新内容请看更新日志。

此版本现已提供下载：https://github.com/iojs/io.js/releases/tag/v1.6.4

IO.js 是为 V8 引擎编写的基于事件 IO 的实现。

构建要求：

* `gcc` and `g++` 4.8 or newer, or
* `clang` and `clang++` 3.3 or newer
* Python 2.6 or 2.7
* GNU Make 3.81 or newer
* libexecinfo (FreeBSD and OpenBSD only)