chore(deps): update node.js

This MR contains the following updates:

Package	Type	Update	Change
node		minor	18.17 -> 18.20
node	image	minor	18.17-alpine -> 18.20-alpine

---

Release Notes

nodejs/node

v18.20.2

Compare Source

This is a security release.

Notable Changes

• CVE-2024-27980 - Command injection via args parameter of child_process.spawn without shell option enabled on Windows

Commits

• [6627222409] - src: disallow direct .bat and .cmd file spawning (Ben Noordhuis) nodejs-private/node-private#​564

v18.20.1

Compare Source

This is a security release.

Notable Changes

• CVE-2024-27983 - Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash- (High)
• CVE-2024-27982 - HTTP Request Smuggling via Content Length Obfuscation - (Medium)
• llhttp version 9.2.1
• undici version 5.28.4

Commits

• [60d24938de] - deps: update undici to v5.28.4 (Matteo Collina) nodejs-private/node-private#​577
• [5d4d5848cf] - http: do not allow OBS fold in headers by default (Paolo Insogna) nodejs-private/node-private#​558
• [0fb816dbcc] - src: ensure to close stream when destroying session (Anna Henningsen) nodejs-private/node-private#​561

v18.20.0

Compare Source

Notable Changes

Added support for import attributes

Support has been added for import attributes, to replace the old import assertions syntax. This will aid migration by making the new syntax available across all currently supported Node.js release lines.

This adds the with keyword which should be used in place of the previous assert keyword, which will be removed in a future semver-major Node.js release.

For example,

import "foo" assert { ... }

should be replaced with

import "foo" with { ... }

For more details, see

• #​50134
• #​51622

Contributed by Nicolò Ribaudo in #​51136 and Antoine du Hamel in #​50140.

Doc deprecation for dirent.path

Please use newly added dirent.parentPath instead.

Contributed by Antoine du Hamel in #​50976 and #​51020.

Experimental node-api feature flags

Introduces an experimental feature to segregate finalizers that affect GC state. A new type called node_api_nogc_env has been introduced as the const version of napi_env and node_api_nogc_finalize as a variant of napi_finalize that accepts a node_api_nogc_env as its first argument.

This feature can be turned off by defining NODE_API_EXPERIMENTAL_NOGC_ENV_OPT_OUT.

Contributed by Gabriel Schulhof in #​50060.

Root certificates updated to NSS 3.98

Certificates added:

• Telekom Security TLS ECC Root 2020
• Telekom Security TLS RSA Root 2023

Certificates removed:

• Security Communication Root CA

Updated dependencies

• ada updated to 2.7.6.
• base64 updated to 0.5.2.
• c-ares updated to 1.27.0.
• corepack updated to 0.25.2.
• ICU updated to 74.2. Includes CLDR 44.1 and Unicode 15.1.
• npm updated to 10.5.0. Fixes a regression in signals not being passed onto child processes.
• simdutf8 updated to 4.0.8.
• Timezone updated to 2024a.
• zlib updated to 1.3.0.1-motley-40e35a7.

vm: fix V8 compilation cache support for vm.Script

Previously repeated compilation of the same source code using vm.Script stopped hitting the V8 compilation cache after v16.x when support for importModuleDynamically was added to vm.Script, resulting in a performance regression that blocked users (in particular Jest users) from upgrading from v16.x.

The recent fixes allow the compilation cache to be hit again for vm.Script when --experimental-vm-modules is not used even in the presence of the importModuleDynamically option, so that users affected by the performance regression can now upgrade. Ongoing work is also being done to enable compilation cache support for vm.CompileFunction.

Contributed by Joyee Cheung in #​49950 and #​50137.

Commits

• [c70383b8d4] - build: support Python 3.12 (Shi Pujin) #​50209
• [4b960c3a4a] - build: fix incorrect g++ warning message (Richard Lau) #​51695
• [8fdea67694] - crypto: update root certificates to NSS 3.98 (Node.js GitHub Bot) #​51794
• [812b126dd9] - deps: V8: cherry-pick d90d453 (Michaël Zasso) #​50077
• [9ab8c3db87] - deps: update c-ares to 1.27.0 (Node.js GitHub Bot) #​51846
• [c688680387] - deps: update c-ares to 1.26.0 (Node.js GitHub Bot) #​51582
• [9498ac8a47] - deps: compile c-ares with C11 support (Michaël Zasso) #​51410
• [8fb743642f] - deps: update c-ares to 1.25.0 (Node.js GitHub Bot) #​51385
• [7bea2d7c12] - deps: update zlib to 1.3.0.1-motley-40e35a7 (Node.js GitHub Bot) #​51274
• [57a38c8f75] - deps: update zlib to 1.3.0.1-motley-dd5fc13 (Node.js GitHub Bot) #​51105
• [b0ca084a6b] - deps: update zlib to 1.3-22124f5 (Node.js GitHub Bot) #​50910
• [4b43823f37] - deps: update zlib to 1.2.13.1-motley-5daffc7 (Node.js GitHub Bot) #​50803
• [f0da591812] - deps: update zlib to 1.2.13.1-motley-dfc48fc (Node.js GitHub Bot) #​50456
• [16d28a883a] - deps: update base64 to 0.5.2 (Node.js GitHub Bot) #​51455
• [13a9e81cb6] - deps: update base64 to 0.5.1 (Node.js GitHub Bot) #​50629
• [b4502d3ac5] - deps: update simdutf to 4.0.8 (Node.js GitHub Bot) #​51000
• [183cf8a74a] - deps: update simdutf to 4.0.4 (Node.js GitHub Bot) #​50772
• [11ba8593ea] - deps: update ada to 2.7.6 (Node.js GitHub Bot) #​51542
• [73a946d55c] - deps: update ada to 2.7.5 (Node.js GitHub Bot) #​51542
• [cc434c1a39] - deps: update ada to 2.7.4 (Node.js GitHub Bot) #​50815
• [3a3808a6ae] - deps: upgrade npm to 10.5.0 (npm team) #​51913
• [c8876d765c] - deps: upgrade npm to 10.3.0 (npm team) #​51431
• [5aec3af460] - deps: update corepack to 0.25.2 (Node.js GitHub Bot) #​51810
• [a593985326] - deps: update corepack to 0.24.1 (Node.js GitHub Bot) #​51459
• [d1a9237bf5] - deps: update corepack to 0.24.0 (Node.js GitHub Bot) #​51318
• [adac0c7a63] - deps: update corepack to 0.23.0 (Node.js GitHub Bot) #​50563
• [4a6f83e32a] - deps: escape Python strings correctly (Michaël Zasso) #​50695
• [c13969e52a] - deps: V8: cherry-pick ea996ad (Nicolò Ribaudo) #​51136
• [6fbf0ba5c3] - deps: V8: cherry-pick a0fd320 (Nicolò Ribaudo) #​51136
• [68fd7516e1] - deps: update timezone to 2024a (Michaël Zasso) #​51723
• [f9b229ebe1] - deps: update icu to 74.2 (Michaël Zasso) #​51723
• [90c73d2eb4] - deps: update timezone to 2023d (Node.js GitHub Bot) #​51461
• [2a2bf57028] - deps: update icu to 74.1 (Node.js GitHub Bot) #​50515
• [425e011e52] - deps: add v8::Object::SetInternalFieldForNodeCore() (Joyee Cheung) #​49874
• [58c70344a2] - deps: V8: cherry-pick 705e374 (Joyee Cheung) #​51004
• [b0e88899e1] - deps: V8: cherry-pick 1fada6b (Joyee Cheung) #​51004
• [d87a810b81] - deps: V8: cherry-pick 3dd9576 (Joyee Cheung) #​51004
• [6d50966876] - deps: V8: cherry-pick 94e8282 (Joyee Cheung) #​51004
• [fafbacdfec] - deps: V8: cherry-pick 9a98f96 (Joyee Cheung) #​51004
• [d4a530ed8d] - deps: V8: cherry-pick 7f5daed (Joyee Cheung) #​51004
• [1ce901b164] - deps: V8: cherry-pick c400af4 (Joyee Cheung) #​51004
• [f232064f35] - doc: fix historical experimental fetch flag (Kenrick) #​51506
• [194ff6a40f] - (SEMVER-MINOR) doc: add deprecation notice to dirent.path (Antoine du Hamel) #​50976
• [0f09267dc6] - (SEMVER-MINOR) doc: deprecate dirent.path (Antoine du Hamel) #​50976
• [8bfb8f5b2f] - doc,crypto: further clarify RSA_PKCS1_PADDING support (Tobias Nießen) #​51799
• [c7baf7b274] - doc,crypto: add changelog and note about disabled RSA_PKCS1_PADDING (Filip Skokan) #​51782
• [a193be3dc2] - esm: use import attributes instead of import assertions (Antoine du Hamel) #​50140
• [26e8f7793e] - (SEMVER-MINOR) fs: introduce dirent.parentPath (Antoine du Hamel) #​50976
• [5b5e5192f7] - lib: fix compileFunction throws range error for negative numbers (Jithil P Ponnan) #​49855
• [7552de6806] - module: fix the leak in SourceTextModule and ContextifySript (Joyee Cheung) #​48510
• [2e05cf1c60] - module: fix leak of vm.SyntheticModule (Joyee Cheung) #​48510
• [a86a2e14a3] - module: use symbol in WeakMap to manage host defined options (Joyee Cheung) #​48510
• [32906ddcac] - node-api: segregate nogc APIs from rest via type system (Gabriel Schulhof) #​50060
• [1aa71c26ff] - node-api: factor out common code into macros (Gabriel Schulhof) #​50664
• [3d0b233f52] - node-api: introduce experimental feature flags (Gabriel Schulhof) #​50991
• [96514a8b9f] - src: iterate on import attributes array correctly (Michaël Zasso) #​50703
• [2c2892bf88] - src: set ModuleWrap internal fields only once (Joyee Cheung) #​49391
• [ff334cb774] - src: cast v8::Object::GetInternalField() return value to v8::Value (Joyee Cheung) #​48943
• [270b519971] - stream: do not defer construction by one microtick (Matteo Collina) #​52005
• [95d7a75084] - test: fix dns test case failures after c-ares update to 1.21.0+ (Brad House) #​50743
• [cd613e5167] - test: handle relative https redirect (Richard Lau) #​51121
• [40f10eafcf] - test: fix internet/test-inspector-help-page (Richard Lau) #​51693
• [5e426511b1] - test: deflake test-vm-contextified-script-leak (Joyee Cheung) #​49710
• [0b156c6d28] - test: use checkIfCollectable in vm leak tests (Joyee Cheung) #​49671
• [1586c11b3c] - test: add checkIfCollectable to test/common/gc.js (Joyee Cheung) #​49671
• [902d8b3d4b] - test: fix flaky http-chunk-extensions-limit test (Ethan Arrowood) #​51943
• [1743d2bdc1] - test: test surrogate pair filenames on windows (Mert Can Altın) #​51800
• [1c1a7ec22d] - test: increase platform timeout zlib-brotli-16gb (Rafael Gonzaga) #​51792
• [931d02fe3e] - test, v8: fix wrong import attributes test (Nicolò Ribaudo) #​52184
• [d9ea6c1f8d] - tls: fix order of setting cipher before setting cert and key (Kumar Rishav) #​50186
• [3184befa2e] - tools: fix update-icu.sh (Michaël Zasso) #​51723
• [06646e11be] - (SEMVER-MINOR) vm: use import attributes instead of import assertions (Antoine du Hamel) #​50141
• [fe66e9d06e] - vm: reject in importModuleDynamically without --experimental-vm-modules (Joyee Cheung) #​50137
• [052e095c6b] - vm: use internal versions of compileFunction and Script (Joyee Cheung) #​50137
• [9f7899ed0a] - vm: unify host-defined option generation in vm.compileFunction (Joyee Cheung) #​50137
• [6291c107d0] - vm: use default HDO when importModuleDynamically is not set (Joyee Cheung) #​49950

v18.19.1

Compare Source

Notable changes

This is a security release.

Notable changes

• CVE-2024-21892 - Code injection and privilege escalation through Linux capabilities- (High)
• CVE-2024-22019 - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High)
• CVE-2023-46809 - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#​1 v1.5 padding) - (Medium)
• CVE-2024-22025 - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium)
• undici version 5.28.3
• npm version 10.2.4

Commits

• [69e0a1dba8] - crypto: update root certificates to NSS 3.95 (Node.js GitHub Bot) #​50805
• [d3d357ab09] - crypto: disable PKCS#​1 padding for privateDecrypt (Michael Dawson) nodejs-private/node-private#​525
• [3d27175c42] - deps: fix GHSA-f74f-cvh7-c6q6/CVE-2024-24806 (Santiago Gimeno) #​51614
• [331558b8ab] - deps: update archs files for openssl-3.0.13+quic1 (Node.js GitHub Bot) #​51614
• [99b77dfb9c] - deps: upgrade openssl sources to quictls/openssl-3.0.13+quic1 (Node.js GitHub Bot) #​51614
• [6cdc71bff1] - deps: upgrade npm to 10.2.4 (npm team) #​50751
• [911cb33cda] - http: add maximum chunk extension size (Paolo Insogna) nodejs-private/node-private#​520
• [f48b89689d] - lib: update undici to v5.28.3 (Matteo Collina) nodejs-private/node-private#​536
• [e6b4c105e0] - src: fix HasOnly(capability) in node::credentials (Tobias Nießen) nodejs-private/node-private#​505
• [97c49076cd] - test: skip test-child-process-stdio-reuse-readable-stdio on Windows (Joyee Cheung) #​49621
• [60affdde8e] - tools: add macOS notarization verification step (Ulises Gascón) #​50833
• [ccc676a327] - tools: use macOS keychain to notarize the releases (Ulises Gascón) #​50715
• [31f1ceb380] - tools: remove unused file (Ulises Gascon) #​50622
• [bd5f6fb92a] - tools: add macOS notarization stapler (Ulises Gascón) #​50625
• [4168c4f71b] - tools: improve macOS notarization process output readability (Ulises Gascón) #​50389
• [4622f775aa] - tools: remove unused version function (Ulises Gascón) #​50390
• [b90804b1e7] - win,tools: upgrade Windows signing to smctl (Stefan Stojanovic) #​50956
• [f31d47e135] - zlib: pause stream if outgoing buffer is full (Matteo Collina) nodejs-private/node-private#​542

v18.19.0

Compare Source

Notable Changes

npm updated to v10

After two months of baking time in Node.js 20, npm 10 is backported, so that all release lines include a supported version of npm. This release includes npm v10.2.3.

Refer to nodejs/Release#​884 for the plan to land npm 10.

ESM and customization hook changes

Leverage loaders when resolving subsequent loaders

Loaders now apply to subsequent loaders, for example: --experimental-loader ts-node --experimental-loader loader-written-in-typescript.

Contributed by Maël Nison in #​43772.

New node:module API register for module customization hooks; new initialize hook

There is a new API register available on node:module to specify a file that exports module customization hooks, and pass data to the hooks, and establish communication channels with them. The “define the file with the hooks” part was previously handled by a flag --experimental-loader, but when the hooks moved into a dedicated thread in 20.0.0 there was a need to provide a way to communicate between the main (application) thread and the hooks thread. This can now be done by calling register from the main thread and passing data, including MessageChannel instances.

We encourage users to migrate to an approach that uses --import with register, such as:

node --import ./file-that-calls-register.js ./app.js

Using --import ensures that the customization hooks are registered before any application code runs, even the entry point.

Contributed by João Lenon and Jacob Smith in #​46826, Izaak Schroeder and Jacob Smith in #​48842 and #​48559.

import.meta.resolve unflagged

In ES modules, import.meta.resolve(specifier) can be used to get an absolute URL string to which specifier resolves, similar to require.resolve in CommonJS. This aligns Node.js with browsers and other server-side runtimes.

Contributed by Guy Bedford in #​49028.

--experimental-default-type flag to flip module defaults

The new flag --experimental-default-type can be used to flip the default module system used by Node.js. Input that is already explicitly defined as ES modules or CommonJS, such as by a package.json "type" field or .mjs/.cjs file extension or the --input-type flag, is unaffected. What is currently implicitly CommonJS would instead be interpreted as ES modules under --experimental-default-type=module:

• String input provided via --eval or STDIN, if --input-type is unspecified.

• Files ending in .js or with no extension, if there is no package.json file present in the same folder or any parent folder.

• Files ending in .js or with no extension, if the nearest parent package.json field lacks a type field; unless the folder is inside a node_modules folder.

In addition, extensionless files are interpreted as Wasm if --experimental-wasm-modules is passed and the file contains the "magic bytes" Wasm header.

Contributed by Geoffrey Booth in #​49869.

Other ESM-related changes

• [ed2d46f4cc] - doc: move and rename loaders section (Geoffrey Booth) #​49261
• [92734d4480] - esm: use import attributes instead of import assertions (Antoine du Hamel) #​50140
• [e96f7ef881] - (SEMVER-MINOR) vm: use import attributes instead of import assertions (Antoine du Hamel) #​50141

Test runner changes

Many changes to the built-in test runner have been backported. This includes the following additions:

• [b283ae4238] - (SEMVER-MINOR) test_runner: accept testOnly in run (Moshe Atlow) #​49753
• [059b1945d8] - (SEMVER-MINOR) test_runner: add junit reporter (Moshe Atlow) #​49614
• [d61a505546] - (SEMVER-MINOR) test_runner: expose location of tests (Colin Ihrig) #​48975
• [b55eb2a8d1] - (SEMVER-MINOR) test_runner: add shards support (Raz Luvaton) #​48639
• [05e7f28b40] - (SEMVER-MINOR) test_runner: add initial draft for fakeTimers (Erick Wendel) #​47775
• [428301ad27] - (SEMVER-MINOR) test_runner, cli: add --test-concurrency flag (Colin Ihrig) #​49996

Other notable changes

• [0c4a84e8e9] - (SEMVER-MINOR) deps: update uvwasi to 0.0.19 (Node.js GitHub Bot) #​49908
• [fae60c5841] - stream: use bitmap in readable state (Benjamin Gruenbaum) #​49745
• [17246be158] - (SEMVER-MINOR) lib: add api to detect whether source-maps are enabled (翠 / green) #​46391
• [2e9f7284a1] - (SEMVER-MINOR) lib: add tracing channel to diagnostics_channel (Stephen Belanger) #​44943
• [cc7bf1f641] - (SEMVER-MINOR) src: add cjs_module_lexer_version base64_version (Jithil P Ponnan) #​45629
• [b5d16cd8f0] - (SEMVER-MINOR) tls: add ALPNCallback server option for dynamic ALPN negotiation (Tim Perry) #​45190

Commits

• [0d0eb47e2a] - benchmark: add benchmarks for the test_runner (Raz Luvaton) #​48931
• [8bb03d10f4] - benchmark: differentiate whatwg and legacy url (Yagiz Nizipli) #​47377
• [3d7734cbe3] - benchmark: lower URL.canParse runs (Khafra) #​47351
• [24d3fcf415] - benchmark: stablize encode benchmark (Joyee Cheung) #​46658
• [e08fd98bcc] - bootstrap: use correct descriptor for Symbol.{dispose,asyncDispose} (Jordan Harband) #​48703
• [cf9ddcd6c8] - bootstrap: simplify initialization of source map handlers (Joyee Cheung) #​48304
• [12d731e431] - bootstrap: log isolate data info in mksnapshot debug logs (Joyee Cheung) #​47768
• [d66873871a] - bootstrap: store internal loaders in C++ via a binding (Joyee Cheung) #​47215
• [1a499c5082] - bootstrap: optimize modules loaded in the built-in snapshot (Joyee Cheung) #​45849
• [e0e09caafe] - bootstrap: make CJS loader snapshotable (Joyee Cheung) #​45849
• [5f37decd56] - bootstrap: include event_target into the built-in snapshot (Joyee Cheung) #​45849
• [c3f56a3dee] - bootstrap: support module_wrap binding in snapshot (Joyee Cheung) #​45849
• [6466acbc89] - bootstrap: lazy load non-essential modules (Joyee Cheung) #​45659
• [a0d4b69df4] - bootstrap: lazy-load Performance.prototype.timeOrigin (Joyee Cheung) #​46425
• [c1bc8118e3] - bootstrap: generate bootstrapper arguments in BuiltinLoader (Joyee Cheung) #​44488
• [075c57e88b] - build: add symlink to compile_commands.json file if needed (Juan José) #​49260
• [9e1c531b8d] - build: expand when we run internet tests (Michael Dawson) #​49218
• [a781d24624] - build: fix typo libray -> library (configure.py) (michalbiesek) #​49106
• [f2eccb7a04] - build: fix configure --link-module (Richard Lau) #​48522
• [a44d555494] - build: fix IBM i build with Python 3.9 (Richard Lau) #​48056
• [7f68e14ea2] - child_process: improve spawn performance on Linux (Keyhan Vakil) #​48523
• [76e4d4117c] - crypto: ensure valid point on elliptic curve in SubtleCrypto.importKey (Filip Skokan) #​50234
• [7af54279b5] - deps: V8: cherry-pick 70caf33 (kxxt) #​50506
• [49c5495339] - deps: update zlib to 1.2.13.1-motley-fef5869 (Node.js GitHub Bot) #​50085
• [e0fd52bf07] - deps: update googletest to 2dd1c13 (Node.js GitHub Bot) #​50081
• [1b103cc567] - deps: update googletest to e47544a (Node.js GitHub Bot) #​49982
• [736c869eeb] - deps: update googletest to d1467f5 (Node.js GitHub Bot) #​49676
• [cd99ee1f35] - deps: update googletest to 8a6feab (Node.js GitHub Bot) #​49463
• [5c338573ff] - deps: update zlib to 1.2.13.1-motley-f5fd0ad (Node.js GitHub Bot) #​49252
• [374ec3d623] - deps: update googletest to 7e33b6a (Node.js GitHub Bot) #​49034
• [c15dd6679b] - deps: update zlib to 1.2.13.1-motley-526382e (Node.js GitHub Bot) #​49033
• [588bd5e524] - deps: update googletest to c875c4e (Node.js GitHub Bot) #​48964
• [6059b59018] - deps: update zlib to 1.2.13.1-motley-61dc0bd (Node.js GitHub Bot) #​48788
• [e455dd4003] - deps: update googletest to cc36671 (Node.js GitHub Bot) #​48789
• [747fbb49ca] - deps: V8: cherry-pick 1a782f6 (Keyhan Vakil) #​48523
• [272e55c66f] - deps: upgrade npm to 10.2.3 (npm team) #​50531
• [3f6dcc62e5] - deps: update archs files for openssl-3.0.12+quic1 (Node.js GitHub Bot) #​50411
• [da26cdbe84] - deps: upgrade openssl sources to quictls/openssl-3.0.12+quic1 (Node.js GitHub Bot) #​50411
• [23069c34b2] - deps: V8: cherry-pick d69c793 (Michaël Zasso) #​46425
• [5f852cc9fe] - deps: V8: cherry-pick f7d000a (Luke Albao) #​50344
• [0c4a84e8e9] - (SEMVER-MINOR) deps: update uvwasi to 0.0.19 (Node.js GitHub Bot) #​49908
• [8682b90d02] - deps: update simdutf to 3.2.18 (Node.js GitHub Bot) #​50091
• [11ecd06aeb] - deps: update simdutf to 3.2.17 (Node.js GitHub Bot) #​49019
• [43bfe5f020] - deps: upgrade npm to 10.2.0 (npm team) #​50027
• [a140bc284b] - deps: upgrade npm to 10.1.0 (npm team) #​49570
• [65ca41c276] - (SEMVER-MINOR) deps: upgrade npm to 10.0.0 (npm team) #​49423
• [df1ff8e3da] - deps: fix call to undeclared functions 'ntohl' and 'htons' (MatteoBax) #​49979
• [f228dc7955] - deps: update corepack to 0.22.0 (Node.js GitHub Bot) #​50325
• [4324ebab67] - deps: update corepack to 0.21.0 (Node.js GitHub Bot) #​50088
• [1cabb77659] - deps: update corepack to 0.20.0 (Node.js GitHub Bot) #​49464
• [04227b287e] - deps: update c-ares to 1.20.1 (Node.js GitHub Bot) #​50082
• [13e69ee11c] - deps: update c-ares to 1.20.0 (Node.js GitHub Bot) #​50082
• [ac717df17e] - deps: update ada to 2.7.2 (Node.js GitHub Bot) #​50338
• [6885fc9386] - deps: update ada to 2.6.10 (Node.js GitHub Bot) #​49984
• [76c5f4039f] - deps: update ada to 2.6.9 (Node.js GitHub Bot) #​49340
• [597ea77422] - deps: update ada to 2.6.8 (Node.js GitHub Bot) #​49340
• [8e7dcba553] - deps: update ada to 2.6.7 (Node.js GitHub Bot) #​49340
• [9f2037e8ee] - deps: update ada to 2.6.5 (Node.js GitHub Bot) #​49340
• [4723976703] - deps: update ada to 2.6.3 (Node.js GitHub Bot) #​49340
• [7ccb478664] - deps: update undici to 5.26.4 (Node.js GitHub Bot) #​50274
• [88f9ebb770] - diagnostics_channel: fix ref counting bug when reaching zero subscribers (Stephen Belanger) #​47520
• [284a869540] - dns: call ada::idna::to_ascii directly from c++ (Yagiz Nizipli) #​47920
• [10968370b5] - doc: drop github actions check in sec release process (Rafael Gonzaga) #​48978
• [07c3b88c74] - doc: remove @anonrig from performance initiative (Yagiz Nizipli) #​49641
• [e26b89e8be] - doc: fix node-api call example (Chengzhong Wu) #​49395
• [4c93905f6c] - doc: add news issue for Diagnostics WG (Michael Dawson) #​49306
• [3f1a237a8f] - doc: add print results for examples in StringDecoder (Jungku Lee) #​49326
• [45caad82bb] - doc: update outdated reference to NIST SP 800-131A (Tobias Nießen) #​49316
• [62f823d5a2] - doc: use cjs as block code's type in MockTimers (Deokjin Kim) #​49309
• [0dda724d3f] - doc: update options.filter description for fs.cp (Shubham Pandey) #​49289
• [4ba11e352b] - doc: avoid "not currently recommended" (Tobias Nießen) #​49300
• [9ca85b58b3] - doc: modify param description for end(),write() in StringDecoder (Jungku Lee) #​49285
• [3f771cab67] - doc: use NODE_API_SUPPORTED_VERSION_MAX in release doc (Cheng Zhao) #​49268
• [f181c37e75] - doc: fix typo in stream.finished documentation (Antoine du Hamel) #​49271
• [c70945ddc2] - doc: update description for percent_encode sets in WHATWG API (Jungku Lee) #​49258
• [f9c2a3fb3e] - doc: clarify use of Uint8Array for n-api (Fedor Indutny) #​48742
• [bf22a5f66e] - doc: use same name in the doc as in the code (Hyunjin Kim) #​49216
• [72bd527fb6] - doc: add notable-change label mention to MR template (Rafael Gonzaga) #​49188
• [2247e52fe0] - doc: add h1 summary to security release process (Rafael Gonzaga) #​49112
• [3b82e9aed1] - doc: fix wording in napi_async_init (Tobias Nießen) #​49180
• [55171d88a0] - doc: fix Type notation in webstreams (Deokjin Kim) #​49121
• [79c0497398] - doc: make the NODE_VERSION_IS_RELEASE revert clear (Rafael Gonzaga) #​49114
• [7ee26fb8df] - doc: update with latest security release (Rafael Gonzaga) #​49085
• [9ce73964be] - doc: add description for --port flag of node inspect (Michael Bianco) #​48785
• [633b8cd181] - doc: add missing period (Rich Trott) #​49094
• [6daa9ec2a4] - doc: add ESM examples in http.md (btea) #​47763
• [12b83e81b9] - doc: detailed description of keystrokes Ctrl-Y and Meta-Y (Ray) #​43529
• [ead654f976] - doc: clarify use of process.env in worker threads on Windows (Daeyeon Jeong) #​49008
• [4047947838] - doc: remove v14 mention (Rafael Gonzaga) #​49005
• [833c643eb4] - doc: run license-builder (github-actions[bot]) #​48898
• [cb43717c97] - doc: add ver of 18.x where Node-api 9 is supported (Michael Dawson) #​48876
• [a8d5c16a2a] - doc: include experimental features assessment (Rafael Gonzaga) #​48824
• [e6d8735e2b] - doc: add new TSC members (Michael Dawson) #​48841
• [d4fe00d0c7] - doc: refactor node-api support matrix (Michael Dawson) #​48774
• [629132d84c] - doc: declare path on example of async_hooks.executionAsyncId() (Deokjin Kim) #​48556
• [dfd368ac9f] - doc: remove the . in the end to reduce confusing (Jason) #​48719
• [74d8f96413] - doc: nodejs-social over nodejs/tweet (Rafael Gonzaga) #​48769
• [73a7e00d06] - doc: add missing history info for import.meta.resolve (Antoine du Hamel) #​49700
• [c20fdb4e52] - doc: edit import.meta.resolve documentation (Antoine du Hamel) #​49247
• [1ac389ecef] - doc: update module hooks docs (Geoffrey Booth) #​49265
• [ed2d46f4cc] - doc: move and rename loaders section (Geoffrey Booth) #​49261
• [258df0e72d] - doc: add signature for module.register (Geoffrey Booth) #​49251
• [58eaf3f6ae] - doc: caveat unavailability of import.meta.resolve in custom loaders (Jacob Smith) #​49242
• [2fef28b2b9] - doc: fix name of the flag in initialize() docs (Antoine du Hamel) #​49158
• [15280fb42c] - doc: add steps about signing the binary in single-executable docs (Darshan Sen) #​46764
• [e374ba296c] - doc: add "type" to test runner event details (Phil Nash) #​49014
• [ec0a6c1f1b] - doc: add new reporter events to custom reporter examples (Chemi Atlow) #​48903
• [e8a32fb49b] - doc: change duration to duration_ms on test documentation (Ardi_Nugraha) #​48892
• [2b30c8b8a3] - doc: fix globalPreload example (bmacnaughton) #​50300
• [8a57182769] - doc,test: extend the list of platforms supported by single-executables (Darshan Sen) #​47026
• [92734d4480] - esm: use import attributes instead of import assertions (Antoine du Hamel) #​50140
• [c3c945e654] - esm: bypass CommonJS loader under --default-type (Geoffrey Booth) #​49986
• [fe691984b2] - esm: unflag extensionless javascript and wasm in module scope (Geoffrey Booth) #​49974
• [56bd9a88ac] - esm: --experimental-default-type flag to flip module defaults (Geoffrey Booth) #​49869
• [72644d62e7] - esm: improve JSDoc annotation of internal functions (Antoine du Hamel) #​49959
• [957725f601] - esm: require braces for modules code (Geoffrey Booth) #​49657
• [c12685f82d] - esm: fix cache collision on JSON files using file: URL (Antoine du Hamel) #​49887
• [ed8dd33493] - esm: identify parent importing a url with invalid host (Jacob Smith) #​49736
• [46d730ab75] - esm: fix return type of import.meta.resolve (Antoine du Hamel) #​49698
• [12cb700478] - esm: update loaders warning (Geoffrey Booth) #​49633
• [47193a347e] - esm: fix support for URL instances in register (Antoine du Hamel) #​49655
• [51ced0f1a1] - esm: clarify ERR_REQUIRE_ESM errors (Daniel Compton) #​49521
• [4be5612bae] - esm: remove return value for Module.register (Antoine du Hamel) #​49529
• [0875867e27] - esm: refactor test-esm-loader-resolve-type (Geoffrey Booth) #​49493
• [9b7c9d93e9] - esm: refactor test-esm-named-exports (Geoffrey Booth) #​49493
• [d1f5514917] - esm: refactor mocking test (Geoffrey Booth) #​49465
• [01ca6d277d] - esm: fix globalPreload warning (Antoine du Hamel) #​49069
• [c1a84398b4] - esm: unflag import.meta.resolve (Guy Bedford) #​49028
• [ef43f084e9] - esm: import.meta.resolve exact module not found errors should return (Guy Bedford) #​49038
• [385f24c9cc] - esm: protect ERR_UNSUPPORTED_DIR_IMPORT against prototype pollution (Antoine du Hamel) #​49060
• [10e7c3a376] - esm: add initialize hook, integrate with register (Izaak Schroeder) #​48842
• [f96b610268] - esm: fix typo parentUrl -> parentURL (Antoine du Hamel) #​48999
• [03c1b5e647] - esm: unflag Module.register and allow nested loader import() (Izaak Schroeder) #​48559
• [63aa5d7270] - esm: add back globalPreload tests and fix failing ones (Antoine du Hamel) #​48779
• [1c7be606f1] - esm: remove support for arrays in import internal method (Antoine du Hamel) #​48296
• [655111fa00] - esm: handle globalPreload hook returning a nullish value (Antoine du Hamel) #​48249
• [9938a8bf13] - esm: handle more error types thrown from the loader thread (Antoine du Hamel) #​48247
• [8cab32a5d1] - esm: do not use 'beforeExit' on the main thread (Antoine du Hamel) #​47964
• [b61efcce95] - esm: rename URLCanParse to be consistent (Antoine du Hamel) #​47668
• [ca20f5931d] - esm: remove support for deprecated hooks (Antoine du Hamel) #​47580
• [5de37a1e37] - esm: initialize import.meta on eval (Antoine du Hamel) #​47551
• [39fbce7313] - esm: propagate process.exit from the loader thread to the main thread (Antoine du Hamel) #​47548
• [2a528b76e6] - esm: avoid try/catch when validating urls (Yagiz Nizipli) #​47541
• [bac9b1758f] - esm: move hook execution to separate thread (Jacob Smith) #​44710
• [dfa444477a] - esm: skip file: URL conversion to path when possible (Antoine du Hamel) #​46305
• [45de8d1bd7] - esm: allow resolve to return import assertions (Geoffrey Booth) #​46153
• [5ffc90a06b] - esm: move hooks handling into separate class (Geoffrey Booth) #​45869
• [490b598dbf] - esm: leverage loaders when resolving subsequent loaders (Maël Nison) #​43772
• [acd987287c] - events: remove weak listener for event target (Raz Luvaton) #​48952
• [69b7f91a92] - fs: remove redundant code in readableWebStream() (Deokjin Kim) #​49298
• [ae8bb162b4] - fs: remove redundant nullCheck (Livia Medeiros) #​48826
• [48c25b154b] - fs: make mkdtemp accept buffers and URL (LiviaMedeiros) #​48828
• [edf46c1b59] - fs: move fs_use_promises_symbol to per-isolate symbols (Joyee Cheung) #​47768
• [fe41d22afc] - fs: use kResistStopPropagation (Chemi Atlow) #​48521
• [7c758f60ab] - fs: fix readdir recursive sync & callback (Ethan Arrowood) #​48698
• [8874b2e11d] - http: start connections checking interval on listen (Paolo Insogna) #​48611
• [29697229b6] - https: fix connection checking interval not clearing on server close (Nitzan Uziely) #​48383
• [981aa7866d] - lib: fix MIME overmatch in data URLs (André Alves) #​49104
• [fe26f8a860] - lib: merge cjs and esm package json reader caches (Yagiz Nizipli) #​48477
• [17246be158] - (SEMVER-MINOR) lib: add api to detect whether source-maps are enabled (翠 / green) #​46391
• [2e9f7284a1] - (SEMVER-MINOR) lib: add tracing channel to diagnostics_channel (Stephen Belanger) #​44943
• [04dad9c2f6] - lib: fix BroadcastChannel initialization location (Shelley Vohr) #​46864
• [671d2c0067] - lib: fix DOMException property descriptors after being lazy loaded (Filip Skokan) #​46799
• [9a4b57d6d4] - lib: improve esm resolve performance (Yagiz Nizipli) #​46652
• [c6b2f56723] - lib: lazy-load deps in modules/run_main.js (Joyee Cheung) #​45849
• [baa280a4f6] - lib: lazy-load deps in source_map_cache.js (Joyee Cheung) #​45849
• [00bdb72b6e] - lib: add getLazy() method to internal/util (Joyee Cheung) #​45849
• [b77a6b2376] - loader: use default loader as cascaded loader in the in loader worker (Joyee Cheung) #​47620
• [7778e190b0] - meta: move Trott to TSC regular member (Rich Trott) #​50297
• [5b9575dd30] - meta: ping TSC for offboarding (Tobias Nießen) #​50147
• [d24c3a0692] - meta: update website team with new name (Rich Trott) #​49883
• [332d2aedb4] - meta: fix linter error (Antoine du Hamel) #​49755
• [dc70c444f4] - meta: add primordials strategic initiative (Benjamin Gruenbaum) #​49706
• [213a9f8a4b] - meta: bump rtCamp/action-slack-notify from 2.2.0 to 2.2.1 (dependabot[bot]) #​49437
• [2827779faa] - meta: remove modules team from CODEOWNERS (Benjamin Gruenbaum) #​49412
• [5d6daf0d01] - meta: add test/reporters to codeowners (Chemi Atlow) #​49186
• [dee7dc5d54] - meta: bump actions/upload-artifact from 3.1.2 to 3.1.3 (dependabot[bot]) #​50000
• [98294fdeee] - meta: bump actions/cache from 3.3.1 to 3.3.2 (dependabot[bot]) #​50003
• [79270327d0] - meta: bump github/codeql-action from 2.21.5 to 2.21.9 (dependabot[bot]) #​50002
• [6591a03c89] - meta: bump github/codeql-action from 2.21.2 to 2.21.5 (dependabot[bot]) #​49438
• [3a107f80bc] - meta: bump actions/checkout from 3.6.0 to 4.1.0 (dependabot[bot]) #​50001
• [26c5c3c4a2] - meta: bump actions/checkout from 3.5.3 to 3.6.0 (dependabot[bot]) #​49436
• [0fc0b88d97] - meta: bump step-security/harden-runner from 2.5.0 to 2.5.1 (dependabot[bot]) #​49435
• [dad5785d5d] - meta: bump actions/setup-node from 3.7.0 to 3.8.1 (dependabot[bot]) #​49434
• [155a275acb] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #​49264
• [bd17f0b992] - meta: mention nodejs/tsc when changing GH templates (Rafael Gonzaga) #​49189
• [f6e68a0238] - meta: bump github/codeql-action from 2.20.1 to 2.21.2 (dependabot[bot]) #​48986
• [5c352eeecb] - meta: bump step-security/harden-runner from 2.4.1 to 2.5.0 (dependabot[bot]) #​48985
• [42ac5a6e5f] - meta: bump actions/setup-node from 3.6.0 to 3.7.0 (dependabot[bot]) #​48984
• [b0d769fe7c] - meta: bump actions/setup-python from 4.6.1 to 4.7.0 (dependabot[bot]) #​48983
• [f62b24276c] - meta: add mailmap entry for atlowChemi (Chemi Atlow) #​48810
• [8c55f317a3] - module: move helpers out of cjs loader (Geoffrey Booth) #​49912
• [14e148ee6c] - module: ensure successful import returns the same result (Antoine du Hamel) #​46662
• [65dfe85f03] - module: implement register utility (João Lenon) #​46826
• [6f0458d0a6] - module: refactor to use normalizeRequirableId in the CJS module loader (Darshan Sen) #​47896
• [89ed24b94a] - module: do less CJS module loader initialization at run time (Joyee Cheung) #​47194
• [939c8764b8] - module: move callbacks and conditions into modules/esm/utils.js (Joyee Cheung) #​45849
• [a3b0f4cf55] - module: move modules/cjs/helpers.js to modules/helpers.js (Joyee Cheung) #​45849
• [97579895f2] - module, esm: jsdoc for modules files (Geoffrey Booth) #​49523
• [daca87bbef] - net: use asserts in JS Socket Stream to catch races in future (Tim Perry) #​49400
• [03063bd022] - net: fix crash due to simultaneous close/shutdown on JS Stream Sockets (Tim Perry) #​49400
• [67fe7d8822] - net: fix setting of value in 'setDefaultAutoSelectFamilyAttemptTimeout' (Deokjin Kim) #​47012
• [f449b222fd] - node-api: update headers for better wasm support (Toyo Li) #​49037
• [5148f030b8] - node-api: run finalizers directly from GC (Vladimir Morozov) #​42651
• [edef4fa668] - node-api: enable uncaught exceptions policy by default (Chengzhong Wu) #​49313
• [48a1b9336b] - node-api: fix compiler warning in node_api.h (Michael Graeb) #​49103
• [57966318fe] - node-api: avoid macro redefinition (Tobias Nießen) #​48879
• [d4f26f4651] - policy: fix path to URL conversion (Antoine du Hamel) #​49133
• [a625f22acb] - readline: add paste bracket mode (Jakub Jankiewicz) #​47150
• [bbafd42d75] - repl: display dynamic import variant in static import error messages (Hemanth HM) #​48129
• [b8634eeb16] - sea: allow requiring core modules with the "node:" prefix (Darshan Sen) #​47779
• [066d9d4492] - src: remove unused function GetName() in node_perf (Jungku Lee) #​49244
• [158c91a38a] - src: use ARES_SUCCESS instead of 0 (Jungku Lee) #​49048
• [8c33731ac6] - src: add a condition if the argument of DomainToUnicode is empty (Jungku Lee) #​49097
• [67dba57d77] - src: use ARES_SUCCESS instead of 0 (Hyunjin Kim) #​48834
• [97d87495c7] - src: remove unnecessary temporary creation (Jason) #​48734
• [f5384c3262] - src: fix nullptr access on realm (Jan Olaf Krems) #​48802
• [358273d77f] - src: remove OnScopeLeaveImpl's move assignment overload (Jason) #​48732
• [cc7bf1f641] - (SEMVER-MINOR) src: add cjs_module_lexer_version base64_version (Jithil P Ponnan) #​45629
• [0a950c3752] - src: add missing to_ascii method in dns queries (Daniel Lemire) #​48354
• [3552afb904] - src: fix duplication of externalized builtin code (Keyhan Vakil) #​47079
• [66e4ba5062] - src: fix AliasedBuffer memory attribution in heap snapshots (Joyee Cheung) #​46817
• [946f19b5e3] - src: move AliasedBuffer implementation to -inl.h (Joyee Cheung) #​46817
• [d35f8702c9] - src: bootstrap prepare stack trace callback in shadow realm (Chengzhong Wu) #​47107
• [3551a19205] - src: make BuiltinLoader threadsafe and non-global (Anna Henningsen) #​45942
• [92311a0801] - src: define per-isolate internal bindings registration callback (Chengzhong Wu) #​45547
• [629fc774ca] - src: use an array for faster binding data lookup (Joyee Cheung) #​46620
• [62e2e590fc] - src: fix TLSWrap lifetime bug in ALPN callback (Ben Noordhuis) #​49635
• [fae60c5841] - stream: use bitmap in readable state (Benjamin Gruenbaum) #​49745
• [ee4fc7d78c] - stream: use Buffer.from when constructor is a Buffer (Matthew Aitken) #​49250
• [651e4504ce] - stream: add highWaterMark for the map operator (Raz Luvaton) #​49249
• [d585d13127] - stream: improve WebStreams performance (Raz Luvaton) #​49089
• [7f39f8e805] - test: replace forEach with for..of in test-http-perf_hooks.js (Niya Shiyas) #​49818
• [2f0ffde842] - test: replace forEach with for..of in test-net-isipv4.js (Niya Shiyas) #​49822
• [bbd302b5ab] - test: replace forEach with for..of in test-http2-server (Niya Shiyas) #​49819
• [128ca3e213] - test: replace forEach with for..of in test-http2-client-destroy.js (Niya Shiyas) #​49820
• [a2ca1a605f] - test: print instruction for creating missing snapshot in assertSnapshot (Raz Luvaton) #​48914
• [a0bb30cdca] - test: set test-watch-mode-inspect as flaky (Yagiz Nizipli) #​50259
• [1047d95698] - test: set test-emit-after-on-destroyed as flaky (Yagiz Nizipli) #​50246
• [91a3b57962] - test: set inspector async stack test as flaky (Yagiz Nizipli) #​50244
• [b41aa7b82a] - test: set test-worker-nearheaplimit-deadlock flaky (StefanStojanovic) #​50277
• [e81b066fb1] - test: set test-cli-node-options as flaky (Yagiz Nizipli) #​50296
• [0c05c25c4e] - test: set crypto-timing test as flaky (Yagiz Nizipli) #​50232
• [83e339dbba] - test: set test-structuredclone-* as flaky (Yagiz Nizipli) #​50261
• [866a399488] - test: set inspector async hook test as flaky (Yagiz Nizipli) #​50252
• [cb0bd2116b] - test: set parallel http server test as flaky (Yagiz Nizipli) #​50227
• [54f3d877ae] - test: set test-worker-nearheaplimit-deadlock flaky (Stefan Stojanovic) #​50238
• [5953a255b6] - test: set test-runner-watch-mode as flaky (Yagiz Nizipli) #​50221
• [5820d7e14d] - test: deflake test-runner-output (Moshe Atlow) #​49878
• [1d75da43f2] - Revert "test: mark test-http-regr-gh-2928 as flaky" (Luigi Pinca) #​49708
• [5df23520e7] - test: mark test-runner-watch-mode as flaky (Joyee Cheung) #​49627
• [7e714e6497] - test: remove --no-warnings flag in test_runner fixtures (Raz Luvaton) #​48989
• [0fea550641] - test: reorder test files fixtures for better understanding (Raz Luvaton) #​48787
• [c5857bde42] - test: avoid copying test source files (Chengzhong Wu) #​49515
• [67cb6f9a34] - test: reduce length in crypto keygen tests (Joyee Cheung) #​49221
• [958e114655] - test: split JWK async elliptic curve keygen tests (Joyee Cheung) #​49221
• [344592dc00] - test: split test-crypto-keygen.js (Joyee Cheung) #​49221
• [5f1a1aeeed] - test: rename test-crypto-modp1-error (Tobias Nießen) #​49348
• [107015b45d] - test: migrate message source map tests from Python to JS (Yiyun Lei) #​49238
• [ddebd29515] - test: fix compiler warning in NodeCryptoEnv (Tobias Nießen) #​49206
• [0261c5de56] - test: make test-perf-hooks more robust and work with workers (Joyee Cheung) #​49197
• [e18de802c8] - test: use gcUntil() in test-v8-serialize-leak (Joyee Cheung) #​49168
• [52d5dd8dba] - test: add expectSyncExitWithoutError() and expectSyncExit() utils (Joyee Cheung) #​49020
• [67925bb914] - test: add Symbol.dispose support to mock timers (Benjamin Gruenbaum) #​48549
• [00c08539b6] - test: fix edge snapshot stack traces (Geoffrey Booth) #​49659
• [48f6d9a975] - test: refactor test-node-output-errors (Antoine du Hamel) #​48992
• [c1a8ae38c0] - test: deflake test-loaders-workers-spawned (Antoine du Hamel) #​50251
• [d5cc5d7956] - test: deflake test-esm-loader-resolve-type (Antoine du Hamel) #​50273
• [866d646b0e] - test: increase coverage of Module.register and initialize hook (Antoine du Hamel) #​49532
• [65201ab36b] - test: isolate globalPreload tests (Geoffrey Booth) #​49545
• [65058d9a35] - test: add tmpdir.fileURL() (Livia Medeiros) #​49040
• [e1c6f46926] - test: reduce flakiness of test-esm-loader-hooks (Antoine du Hamel) #​49248
• [e8d475ffc4] - test: refactor test-esm-loader-hooks for easier debugging (Antoine du Hamel) #​49131
• [26f01669fc] - test: reduce flakiness of test-esm-loader-hooks (Antoine du Hamel) #​49105
• [d5a1153970] - test: use fixtures.fileURL when appropriate (Antoine du Hamel) #​48990
• [3424793013] - test: fix snapshot tests when cwd contains spaces or backslashes (Antoine du Hamel) #​48959
• [a9347a4635] - test: order common.mjs in ASCII order (Antoine du Hamel) #​48960
• [adb9280d8e] - test: fix some assumptions in tests (Antoine du Hamel) #​48958
• [f02637e805] - test: fix es-module/test-esm-initialization (Antoine du Hamel) #​48880
• [8c918e5e59] - test: relax version check with shared OpenSSL (Luigi Pinca) #​50505
• [c6caf13ad5] - test: fix crypto-dh error message for OpenSSL 3.x (Kerem Kat) #​50395
• [65b41ebd1f] - test: split test-crypto-dh to avoid timeout on slow machines in the CI (Joyee Cheung) #​49492
• [7606921e1d] - test: fix testsuite against zlib version 1.3 (Dominique Leuenberger) #​50364
• [4f78233254] - test: verify tracePromise does not do runStores (Stephen Belanger) #​47349
• [cb6ef74cf2] - test: fix IPv6 checks on IBM i (Abdirahim Musse) #​46546
• [bcf97ab1b2] - test: fix flaky test-runner-exit-code.js (Colin Ihrig) #​46138
• [f0e8ff90eb] - test: use an array for WPT gloablThis initialization scripts (Joyee Cheung) #​46425
• [0e0dd1fe90] - test: adapt tests for OpenSSL 3.1 (OttoHollmann) #​47859
• [e3ea906988] - test: disambiguate AIX and IBM i (Richard Lau) #​48056
• [088460d80c] - test: add os setPriority, getPriority test coverage (Wael) #​38771
• [b011a498c5] - test,benchmark: use tmpdir.fileURL() (Livia Medeiros) #​49138
• [54168b7364] - test_runner: add test location for FileTests (Colin Ihrig) #​49999
• [1d9c37161d] - test_runner: replace spurious if with else (Colin Ihrig) #​49943
• [b283ae4238] - (SEMVER-MINOR) test_runner: accept testOnly in run (Moshe Atlow) #​49753
• [103c4a088a] - test_runner: catch reporter errors (Moshe Atlow) #​49646
• [e459598cf2] - test_runner: fix test runner watch mode when no positional arguments (Moshe Atlow) #​49578
• [059b1945d8] - (SEMVER-MINOR) test_runner: add junit reporter (Moshe Atlow) #​49614
• [76a35632d3] - test_runner: add jsdocs to mock.js (Caio Borghi) #​49555
• [ba57c24fde] - test_runner: fix invalid timer call (Erick Wendel) #​49477
• [5949ae016f] - test_runner: add jsdocs to MockTimers (Erick Wendel) #​49476
• [429846f258] - test_runner: fix typescript coverage (Moshe Atlow) #​49406
• [760c98280e] - test_runner: preserve original property descriptor (Erick Wendel) #​49433
• [95cc98e14b] - test_runner: expose spec reporter as newable function (Chemi Atlow) #​49184
• [d83964031b] - test_runner: reland run global after() hook earlier (Colin Ihrig) #​49116
• [d61a505546] - (SEMVER-MINOR) test_runner: expose location of tests (Colin Ihrig) #​48975
• [00c70e12f7] - test_runner: dont set exit code on todo tests (Moshe Atlow) #​48929
• [71f7ed728d] - test_runner: fix global after not failing the tests (Raz Luvaton) #​48913
• [11fbd924ed] - test_runner: add support for setImmediate (Erick Wendel) #​49397
• [fb64d415be] - test_runner: fix timeout in *Each hook failing further tests (Raz Luvaton) #​48925
• [67d7faddb2] - test_runner: cleanup test timeout abort listener (Raz Luvaton) #​48915
• [d217435cd3] - test_runner: fix todo and only in spec reporter (Moshe Atlow) #​48929
• [9f122be15a] - test_runner: unwrap error message in TAP reporter (Colin Ihrig) #​48942
• [3a74316624] - test_runner: add __proto__ null (Raz Luvaton) #​48663
• [66ea9bdb4d] - test_runner: fix global before not called when no global test exists (Raz Luvaton) #​48877
• [0bd9704018] - test_runner: use os.availableParallelism() (Colin Ihrig) #​45969
• [b55eb2a8d1] - (SEMVER-MINOR) test_runner: add shards support (Raz Luvaton) #​48639
• [c2575c8db0] - test_runner: fix test_runner test:fail event type (Ethan Arrowood) #​48854
• [6b186d41cd] - test_runner: fix async callback in describe not awaited (Raz Luvaton) #​48856
• [2d4511baab] - test_runner: call abort on test finish (Raz Luvaton) #​48827
• [05e7f28b40] - (SEMVER-MINOR) test_runner: add initial draft for fakeTimers (Erick Wendel) #​47775
• [428301ad27] - (SEMVER-MINOR) test_runner, cli: add --test-concurrency flag (Colin Ihrig) #​49996
• [4b2e258c76] - test_runner,test: fix flaky test-runner-cli-concurrency.js (Colin Ihrig) #​50108
• [b5d16cd8f0] - (SEMVER-MINOR) tls: add ALPNCallback server option for dynamic ALPN negotiation (Tim Perry) #​45190
• [a1c94037ab] - tools: fix --v8-non-optimized-debug for v18.x (Joyee Cheung) #​50612
• [3b65c61f5c] - tools: update lint-md-dependencies (Node.js GitHub Bot) #​50083
• [07941a3609] - tools: update lint-md-dependencies (Node.js GitHub Bot) #​49983
• [ad6e7a6270] - tools: update lint-md-dependencies to rollup@3.29.2 (Node.js GitHub Bot) #​49679
• [3511b13c94] - tools: update lint-md-dependencies to rollup@3.29.0 unified@11.0.3 (Node.js GitHub Bot) #​49584
• [b6522a2b6b] - tools: update lint-md-dependencies (Node.js GitHub Bot) #​49342
• [01b2588acf] - tools: update lint-md-dependencies (Node.js GitHub Bot) #​49253
• [0cb42ccb5c] - tools: update lint-md-dependencies (Node.js GitHub Bot) #​49122
• [caa7ecca30] - tools: update lint-md-dependencies to rollup@3.27.2 (Node.js GitHub Bot) #​49035
• [42846a02b3] - tools: limit the number of auto start CIs (Antoine du Hamel) #​49067
• [9cc3b2061f] - tools: update lint-md-dependencies to rollup@3.27.0 (Node.js GitHub Bot) #​48965
• [1cbb186039] - tools: update lint-md-dependencies to rollup@3.26.3 (Node.js GitHub Bot) #​48888
• [f7d6e9ba43] - tools: update lint-md-dependencies to @​rollup/plugin-commonjs@​25.0.3 (Node.js GitHub Bot) #​48791
• [a98addb626] - tools: skip ruff on tools/node_modules (Moshe Atlow) #​49838
• [6cf8dd95d1] - tools: update eslint to 8.51.0 (Node.js GitHub Bot) #​50084
• [b8d2a29ff5] - tools: update eslint to 8.50.0 (Node.js GitHub Bot) #​49989
• [1c1cbf06f0] - tools: update eslint to 8.49.0 (Node.js GitHub Bot) #​49586
• [92d21864c5] - tools: update eslint to 8.48.0 (Node.js GitHub Bot) #​49343
• [0940de36ee] - tools: update eslint to 8.47.0 (Node.js GitHub Bot) #​49124
• [4880a05fa2] - tools: update eslint to 8.46.0 (Node.js GitHub Bot) #​48966
• [e9632454cd] - tools: update eslint to 8.45.0 (Node.js GitHub Bot) #​48793
• [ae49f319c4] - tools: drop support for osx notarization with gon (Ulises Gascón) #​50291
• [014b65e9b7] - tools: use osx notarytool for future releases (Ulises Gascon) #​48701
• [71c386a25c] - typings: update JSDoc for cwd in child_process (LiviaMedeiros) #​49029
• [4d70a2c344] - typings: sync JSDoc with the actual implementation (Hyunjin Kim) #​48853
• [945609487c] - typings: fix missing property in ExportedHooks (Antoine du Hamel) #​49567
• [2ef80f12b9] - typings: fix JSDoc in ESM loader modules (Antoine du Hamel) #​48424
• [7fc15b6d42] - url: fix isURL detection by checking path (Zhuo Zhang) #​48928
• [916a63b124] - url: improve isURL detection (Yagiz Nizipli) #​47886
• [ac27431372] - url: validate pathToFileURL(path) argument as string (LiviaMedeiros) #​49161
• [f256b160bf] - url: handle unicode hostname if empty (Yagiz Nizipli) #​49396
• [2441415c68] - url: reduce pathToFileURL cpp calls (Yagiz Nizipli) #​48709
• [227e749888] - url: validate URL constructor arg length (Matthew Aitken) #​47513
• [bf4ee17d18] - url: validate argument length in canParse (Matthew Aitken) #​47513
• [a67fa2a107] - util: add getCwdSafe internal util fn (João Lenon) #​48434
• [e96f7ef881] - (SEMVER-MINOR) vm: use import attributes instead of import assertions (Antoine du Hamel) #​50141
• [525de686a7] - (SEMVER-MINOR) wasi: updates required for latest uvwasi version (Michael Dawson) #​49908
• [f27d505805] - watch: decrease debounce rate (Moshe Atlow) #​48926
• [83a6d20d70] - watch: use debounce instead of throttle (Moshe Atlow) #​48926
• [879b958184] - worker: protect against user mutating well-known prototypes (Antoine du Hamel) #​49270

v18.18.2

Compare Source

This is a security release.

Notable Changes

The following CVEs are fixed in this release:

• CVE-2023-44487: nghttp2 Security Release (High)
• CVE-2023-45143: undici Security Release (High)
• CVE-2023-38552: Integrity checks according to policies can be circumvented (Medium)
• CVE-2023-39333: Code injection via WebAssembly export names (Low)

More detailed information on each of the vulnerabilities can be found in October 2023 Security Releases blog post.

Commits

• [55028468db] - deps: update undici to v5.26.3 (Matteo Collina) #​50153
• [a792bbc515] - deps: update nghttp2 to 1.57.0 (James M Snell) #​50121
• [f6444defa4] - deps: update nghttp2 to 1.56.0 (Node.js GitHub Bot) #​49582
• [7e9b08dfd4] - deps: update nghttp2 to 1.55.1 (Node.js GitHub Bot) #​48790
• [85672c153f] - deps: update nghttp2 to 1.55.0 (Node.js GitHub Bot) #​48746
• [300a902422] - deps: update nghttp2 to 1.53.0 (Node.js GitHub Bot) #​47997
• [7d83ed0bf6] - Revert "deps: update nghttp2 to 1.55.0" (Richard Lau) #​50151
• [1193ca5fdb] - lib: let deps require node prefixed modules (Matthew Aitken) #​50047
• [eaf9083cf1] - module: fix code injection through export names (Tobias Nießen) nodejs-private/node-private#​461
• [1c538938cc] - policy: use tamper-proof integrity check function (Tobias Nießen) nodejs-private/node-private#​462

v18.18.1

Compare Source

Notable Changes

This release addresses some regressions that appeared in Node.js 18.18.0:

• (Windows) FS can not handle certain characters in file name #​48673
• 18 and 20 node images give error - Text file busy (after re-build images) nodejs/docker-node#​1968
• libuv update in 18.18.0 breaks webpack's thread-loader #​49911

The libuv 1.45.0 and 1.46.0 updates that were released in Node.js 18.18.0 have been temporarily reverted.

Commits

• [3e3a75cc46] - Revert "build: sync libuv header change" (Richard Lau) #​50036
• [14ece2c479] - Revert "deps: upgrade to libuv 1.45.0" (Richard Lau) #​50036
• [022352acbe] - Revert "deps: upgrade to libuv 1.46.0" (Richard Lau) #​50036
• [d9f138189c] - Revert "deps: add missing thread-common.c in uv.gyp" (Richard Lau) #​50036
• [7a3e1ffbb8] - fs: make sure to write entire buffer (Robert Nagy) #​49211
• [04cba95a67] - test: add tmpdir.resolve() (Livia Medeiros) #​49079

v18.18.0

Compare Source

Notable Changes

• [7dc731d4bf] - build: sync libuv header change (Jiawen Geng) #​48078
• [490fc004b0] - crypto: update root certificates to NSS 3.93 (Node.js GitHub Bot) #​49341
• [dd8cd97d4d] - crypto: update root certificates to NSS 3.90 (Node.js GitHub Bot) #​48416
• [ea23870bec] - deps: add missing thread-common.c in uv.gyp (Santiago Gimeno) #​48078
• [88855e0b1b] - deps: upgrade to libuv 1.46.0 (Santiago Gimeno) #​48078
• [fb2b80fca0] - deps: upgrade to libuv 1.45.0 (Santiago Gimeno) #​48078
• [249879e46c] - doc: add atlowChemi to collaborators (atlowChemi) #​48757
• [e8dc7bde6a] - doc: add vmoroz to collaborators (Vladimir Morozov) #​48527
• [a30f2fbcc1] - doc: add kvakil to collaborators (Keyhan Vakil) #​48449
• [c39b7c240e] - (SEMVER-MINOR) esm: add --import flag (Moshe Atlow) #​43942
• [a68a67f54d] - (SEMVER-MINOR) events: allow safely adding listener to abortSignal (Chemi Atlow) #​48596
• [3a8586bee2] - fs, stream: initial Symbol.dispose and Symbol.asyncDispose support (Moshe Atlow) #​48518
• [863bdb785d] - net: add autoSelectFamily global getter and setter (Paolo Insogna) #​45777
• [c59ae86ba0] - (SEMVER-MINOR) url: add value argument to has and delete methods (Sankalp Shubham) #​47885

Commits

• [d1f43317ea] - benchmark: add bar.R (Rafael Gonzaga) #​47729
• [4f74be3c92] - benchmark: refactor crypto oneshot (Filip Skokan) #​48267
• [fe9da9df0f] - benchmark: add crypto.create*Key (Filip Skokan) #​48284
• [9cb18b3e9d] - build: do not pass target toolchain flags to host toolchain (Ivan Trubach) #​48597
• [7dc731d4bf] - build: sync libuv header change (Jiawen Geng) #​48078
• [211a4f88a9] - build: update action to close stale MRs (Michael Dawson) #​48196
• [cc33a1864b] - child_process: harden against prototype pollution (Livia Medeiros) #​48726
• [b5df084e1e] - child_process: use addAbortListener (atlowChemi) #​48550
• [611db8df1a] - child_process: support Symbol.dispose (Moshe Atlow) #​48551
• [490fc004b0] - crypto: update root certificates to NSS 3.93 (Node.js GitHub Bot) #​49341
• [dd8cd97d4d] - crypto: update root certificates to NSS 3.90 (Node.js GitHub Bot) #​48416
• [b2bc839d4c] - crypto: remove OPENSSL_FIPS guard for OpenSSL 3 (Richard Lau) #​48392
• [c8da8c80b9] - deps: update nghttp2 to 1.55.0 (Node.js GitHub Bot) #​48746
• [7e04242dcb] - deps: update minimatch to 9.0.3 (Node.js GitHub Bot) #​48704
• [ea23870bec] - deps: add missing thread-common.c in uv.gyp (Santiago Gimeno) #​48078
• [88855e0b1b] - deps: upgrade to libuv 1.46.0 (Santiago Gimeno) #​48078
• [fb2b80fca0] - deps: upgrade to libuv 1.45.0 (Santiago Gimeno) #​48078
• [59fca4e09a] - deps: update acorn to 8.10.0 (Node.js GitHub Bot) #​48713
• [bcb255d5a8] - deps: V8: cherry-pick cb00db4 (Keyhan Vakil) #​48671
• [65a6c90fc6] - deps: update acorn to 8.9.0 (Node.js GitHub Bot) #​48484
• [6b6d5d91e9] - deps: update zlib to 1.2.13.1-motley-f81f385 (Node.js GitHub Bot) #​48541
• [56249b0770] - deps: update googletest to ec4fed9 (Node.js GitHub Bot) #​48538
• [8914a5204a] - deps: update minimatch to 9.0.2 (Node.js GitHub Bot) #​48542
• [1b960d9988] - deps: update icu to 73.2 (Node.js GitHub Bot) #​48502
• [f0e2e3c549] - deps: update zlib to 1.2.13.1-motley-3ca9f16 (Node.js GitHub Bot) #​48413
• [9cf8fe6b93] - deps: upgrade npm to 9.8.1 (npm team) #​48838
• [d9ff473ff3] - deps: upgrade npm to 9.8.0 (npm team) #​48665
• [4a6177daad] - deps: upgrade npm to 9.7.2 (npm team) #​48514
• [104b58feb1] - deps: update ada to 2.6.0 (Node.js GitHub Bot) #​48896
• [7f7a125d78] - deps: update corepack to 0.19.0 (Node.js GitHub Bot) #​48540
• [5e1eb451d1] - deps: update corepack to 0.18.1 (Node.js GitHub Bot) #​48483
• [3be53358bc] - deps: add loong64 config into openssl gypi (Shi Pujin) #​48043
• [555982c59e] - deps: upgrade npm to 9.7.1 (npm team) #​48378
• [3c03ec0832] - deps: update simdutf to 3.2.14 (Node.js GitHub Bot) #​48344
• [a2964a4583] - deps: update ada to 2.5.1 (Node.js GitHub Bot) #​48319
• [38f6e0d8cd] - deps: update zlib to 982b036 (Node.js GitHub Bot) #​48327
• [f4617a4f81] - deps: add loongarch64 into openssl Makefile and gen openssl-loongarch64 (Shi Pujin) #​46401
• [573eb4be12] - dgram: socket add asyncDispose (atlowChemi) #​48717
• [f3c4300e00] - dgram: use addAbortListener (atlowChemi) #​48550
• [d3041df738] - doc: expand on squashing and rebasing to land a MR (Chengzhong Wu) #​48751
• [249879e46c] - doc: add atlowChemi to collaborators (atlowChemi) #​48757
• [42ecd46d1f] - doc: fix ambiguity in http.md and https.md (an5er) #​48692
• [e78824e053] - doc: add release key for Ulises Gascon (Ulises Gascón) #​49196
• [1aa798d69f] - doc: clarify transform._transform() callback argument logic (Rafael Sofi-zada) #​48680
• [d723e870a2] - doc: mention git node release prepare (Rafael Gonzaga) #​48644
• [a9a1394388] - doc: fix options order (Luigi Pinca) #​48617
• [989ea6858f] - doc: update security release stewards (Rafael Gonzaga) #​48569
• [f436ac1803] - doc: update return type for describe (Shrujal Shah) #​48572
• [fbe89e6320] - doc: run license-builder (github-actions[bot]) #​48552
• [f18b287bc3] - doc: add description of autoAllocateChunkSize in ReadableStream (Debadree Chatterjee) #​48004
• [e2f3ed1444] - doc: fix filename type in watch result (Dmitry Semigradsky) #​48032
• [1fe75dc2b0] - doc: unnest mime and MIMEParams from MIMEType constructor (Dmitry Semigradsky) #​47950
• [e1339d58e8] - doc: update security-release-process.md (Rafael Gonzaga) #​48504
• [e8dc7bde6a] - doc: add vmoroz to collaborators (Vladimir Morozov) #​48527
• [f8ba672c7b] - doc: link to Runtime Keys in export conditions (Jacob Hummer) #​48408
• [0056cb93e9] - doc: update fs flags documentation (sinkhaha) #​48463
• [3cf3fb9479] - doc: revise error.md introduction (Antoine du Hamel) #​48423
• [7575d8b90e] - doc: add preveen-stack to triagers (Preveen P) #​48387
• [820aa550a4] - doc: refine when file is undefined in test events (Moshe Atlow) #​48451
• [a30f2fbcc1] - doc: add kvakil to collaborators (Keyhan Vakil) #​48449
• [239b4ea66f] - doc: mark --import as experimental (Moshe Atlow) #​44067
• [2a561aefe2] - doc: add additional info on TSFN dispatch (Michael Dawson) #​48367
• [5cc6eee30d] - doc: add link for news from security wg (Michael Dawson) #​48396
• [ffece88452] - doc: fix typo in events.md (Darshan Sen) #​48436
• [06513585dc] - doc: run license-builder (github-actions[bot]) #​48336
• [d9a800ee5c] - esm: fix emit deprecation on legacy main resolve (Antoine du Hamel) #​48664
• [c39b7c240e] - (SEMVER-MINOR) esm: add --import flag (Moshe Atlow) #​43942
• [a00464ee06] - esm: fix specifier resolution and symlinks (Zack Newsham) #​47674
• [3b8ec348b0] - events: fix bug listenerCount don't compare wrapped listener (yuzheng14) #​48592
• [a68a67f54d] - (SEMVER-MINOR) events: allow safely adding listener to abortSignal (Chemi Atlow) #​48596
• [5354af3dab] - fs: call the callback with an error if writeSync fails (killa) #​47949
• [c3a27d1d3d] - fs: remove unneeded return statement (Luigi Pinca) #​48526
• [3a8586bee2] - fs, stream: initial Symbol.dispose and Symbol.asyncDispose support (Moshe Atlow) #​48518
• [01746c71df] - http: null the joinDuplicateHeaders property on cleanup (Luigi Pinca) #​48608
• [d47eb73a85] - http: remove useless ternary in test (geekreal) #​48481
• [977e9a38b4] - http: fix for handling on boot timers headers and request (Franciszek Koltuniuk) #​48291
• [be88f7cd22] - http2: use addAbortListener (atlowChemi) #​48550
• [7c7230a85c] - http2: send RST code 8 on AbortController signal (Devraj Mehta) #​48573
• [f74c2fc72a] - lib: use addAbortListener (atlowChemi) #​48550
• [db355d1f37] - lib: add option to force handling stopped events (Chemi Atlow) #​48301
• [5d682c55a5] - lib: reduce url getters on makeRequireFunction (Yagiz Nizipli) #​48492
• [5260f53e55] - lib: add support for inherited custom inspection methods (Antoine du Hamel) #​48306
• [69aaf8b1d1] - lib: remove invalid parameter to toASCII (Yagiz Nizipli) #​48878
• [51863b80e4] - meta: bump actions/checkout from 3.5.2 to 3.5.3 (dependabot[bot]) #​48625
• [7ec370991d] - meta: bump step-security/harden-runner from 2.4.0 to 2.4.1 (dependabot[bot]) #​48626
• [34b8e980d4] - meta: bump ossf/scorecard-action from 2.1.3 to 2.2.0 (dependabot[bot]) #​48628
• [dfed9a7da9] - meta: bump github/codeql-action from 2.3.6 to 2.20.1 (dependabot[bot]) #​48627
• [071eaadc5a] - module: add SourceMap.findOrigin (Isaac Z. Schlueter) #​47790
• [bf1525c549] - module: reduce url invocations in esm/load.js (Yagiz Nizipli) #​48337
• [f8921630a2] - net: server add asyncDispose (atlowChemi) #​48717
• [b5f53d9a0b] - net: fix family autoselection SSL connection handling (Paolo Insogna) #​48189
• [267439fc34] - net: rework autoSelectFamily implementation (Paolo Insogna) #​46587
• [d3637cdbbf] - net: fix address iteration with autoSelectFamily (Fedor Indutny) #​48258
• [e8289a83f1] - net: fix family autoselection timeout handling (Paolo Insogna) #​47860
• [863bdb785d] - net: add autoSelectFamily global getter and setter (Paolo Insogna) #​45777
• [04dc090bfa] - node-api: provide napi_define_properties fast path (Gabriel Schulhof) #​48440
• [feb6a54dc3] - node-api: implement external strings (Gabriel Schulhof) #​48339
• [121f74c463] - perf_hooks: convert maxSize to IDL value in setResourceTimingBufferSize (Chengzhong Wu) #​44902
• [804d880589] - permission: fix data types in PrintTree (Tobias Nießen) #​48770
• [7aaecce9bf] - permission: add debug log when inserting fs nodes (Rafael Gonzaga) #​48677
• [cb51ef2905] - readline: use addAbortListener (atlowChemi) #​48550
• [07065d0814] - report: disable js stack when no context is entered (Chengzhong Wu) #​48495
• [572b82ffef] - src: make BaseObject iteration order deterministic (Joyee Cheung) #​48702
• [3f65598a41] - src: remove kEagerCompile for CompileFunction (Keyhan Vakil) #​48671
• [f43eacac9b] - src: deduplicate X509 getter implementations (Tobias Nießen) #​48563
• [0c19621bdc] - src: fix uninitialized field access in AsyncHooks (Jan Olaf Krems) #​48566
• [0c38184d62] - src: fix Coverity issue regarding unnecessary copy (Yagiz Nizipli) #​48565
• [0d73009ba3] - src: refactor SplitString in util (Yagiz Nizipli) #​48491
• [6c72622df9] - src: handle wasm out of bound in osx will raise SIGBUS correctly (Congcong Cai) #​46561
• [e4261809b0] - src: replace idna functions with ada::idna (Yagiz Nizipli) #​47735
• [3dd82b1820] - stream: use addAbortListener (atlowChemi) #​48550
• [786fbdb824] - stream: fix premature pipeline end (Robert Nagy) #​48435
• [c224e1b255] - stream: fix deadlock when pipeing to full sink (Robert Nagy) #​48691
• [2c75b9ece2] - test: fix flaky test-string-decode.js on x86 (Stefan Stojanovic) #​48750
• [279c4f64c1] - test: mark test-http-regr-gh-2928 as flaky (Joyee Cheung) #​49565
• [01eacccd9a] - test: deflake test-net-throttle (Luigi Pinca) #​48599
• [33886b271c] - test: move test-net-throttle to parallel (Luigi Pinca) #​48599
• [a79112b5f4] - Revert "test: remove test-crypto-keygen flaky designation" (Luigi Pinca) #​48652
• [6ec57984db] - test: add missing assertions to test-runner-cli (Moshe Atlow) #​48593
• [dd1805e802] - test: remove test-crypto-keygen flaky designation (Luigi Pinca) #​48575
• [df9a9afc99] - test: remove test-timers-immediate-queue flaky designation (Luigi Pinca) #​48575
• [3ae96ae380] - test: make IsolateData per-isolate in cctest (Joyee Cheung) #​48450
• [f2ce8e0c06] - test: define NAPI_VERSION before including node_api.h (Chengzhong Wu) #​48376
• [13ac0a5e26] - test: remove unnecessary noop function args to mustNotCall() (Antoine du Hamel) #​48513
• [8fdd4c55b3] - test: skip test-runner-watch-mode on IBMi (Moshe Atlow) #​48473
• [9d90409241] - test: fix flaky test-watch-mode (Moshe Atlow) #​48147
• [27a4bc7c32] - test: add missing <algorithm> include for std::find (Sam James) #​48380
• [cb92c4b9fe] - test: update url web-platform tests (Yagiz Nizipli) #​48319
• [f35c4d3190] - test: ignore the copied entry_point.c (Luigi Pinca) #​48297
• [41d1e6888f] - test: refactor test-gc-http-client-timeout (Luigi Pinca) #​48292
• [125bca621a] - test: update encoding web-platform tests (Yagiz Nizipli) #​48320
• [e9ac111d02] - test: update FileAPI web-platform tests (Yagiz Nizipli) #​48322
• [3da57d17f5] - test: update user-timing web-platform tests (Yagiz Nizipli) #​48321
• [c728b8a29b] - test: fix test-net-autoselectfamily for kernel without IPv6 support (Livia Medeiros) #​45856
• [6de7aa1d19] - test: move test-tls-autoselectfamily-servername to test/internet (Antoine du Hamel) #​47029
• [2de9868292] - test: validate host with commas on url.parse (Yagiz Nizipli) #​48878
• [e7d2e8ef2a] - test: delete test-net-bytes-per-incoming-chunk-overhead (Michaël Zasso) #​48811
• [f5494fa1b0] - test_runner: fixed test shorthands return type (Shocker) #​48555
• [7051cafdfa] - test_runner: make --test-name-pattern recursive (Moshe Atlow) #​48382
• [f302286442] - test_runner: refactor coverage report output for readability (Damien Seguin) #​47791
• [7822a541e5] - timers: support Symbol.dispose (Moshe Atlow) #​48633
• [3eeca52db1] - tls: fix bugs of double TLS (rogertyang) #​48969
• [4826379516] - tools: run fetch_deps.py with Python 3 (Richard Lau) #​48729
• [e2688c8d79] - tools: update doc to unist-util-select@5.0.0 unist-util-visit@5.0.0 (Node.js GitHub Bot) #​48714
• [7399481096] - tools: update lint-md-dependencies to rollup@3.26.2 (Node.js GitHub Bot) #​48705
• [31c07153ce] - tools: update eslint to 8.44.0 (Node.js GitHub Bot) #​48632
• [4e53f51e24] - tools: update lint-md-dependencies to rollup@3.26.0 (Node.js GitHub Bot) #​48631
• [7d52950a96] - tools: update lint-md-dependencies (Node.js GitHub Bot) #​48544
• [e168eab3ee] - tools: update lint-md-dependencies (Node.js GitHub Bot) #​48486
• [9711bc24f6] - tools: replace sed with perl (Luigi Pinca) #​48499
• [9c1937c0a7] - tools: update eslint to 8.43.0 (Node.js GitHub Bot) #​48487
• [9449f05ab1] - tools: update doc to to-vfile@8.0.0 (Node.js GitHub Bot) #​48485
• [79dcd968b1] - tools: prepare tools/doc for to-vfile 8.0.0 (Rich Trott) #​48485
• [538f388ac0] - tools: update lint-md-dependencies (Node.js GitHub Bot) #​48417
• [01bc10dcd5] - tools: update create-or-update-pull-request-action (Richard Lau) #​48398
• [590a072657] - tools: update eslint-plugin-jsdoc (Richard Lau) #​48393
• [6a5805491e] - tools: update eslint to 8.42.0 (Node.js GitHub Bot) #​48328
• [2eb13e3986] - tools: disable jsdoc/no-defaults rule (Luigi Pinca) #​48328
• [3363cfa6c7] - typings: remove unused primordials (Yagiz Nizipli) #​48509
• [c59ae86ba0] - (SEMVER-MINOR) url: add value argument to has and delete methods (Sankalp Shubham) #​47885
• [f59c9636f4] - url: conform to origin getter spec changes (Yagiz Nizipli) #​48319
• [0beb5ab93d] - url: ensure getter access do not mutate observable symbols (Antoine du Hamel) #​48897
• [0a022c496d] - util: use primordials.ArrayPrototypeIndexOf instead of mutable method (DaisyDogs07) #​48586

---

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever MR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This MR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this MR, click this checkbox.

---

This MR has been generated by Renovate Bot.