Skip to content

chore(dockerfile): upgrade node version#8777

Merged
updateclibot[bot] merged 2 commits into
mainfrom
updatecli_main_node_version
May 15, 2026
Merged

chore(dockerfile): upgrade node version#8777
updateclibot[bot] merged 2 commits into
mainfrom
updatecli_main_node_version

Conversation

@updateclibot

@updateclibot updateclibot Bot commented May 15, 2026

Copy link
Copy Markdown
Contributor

chore(node): upgrade node version

deps: update pnpm version to 11.1.2"

change detected: * key "$.jobs.*.steps[?(@.uses =~ /^pnpm\\/action-setup/)].with.version" updated from "10.33.0" to "11.1.2", in file ".github/workflows/go.yaml" (doc 0)

v11.1.2 
> See full [v11.0.0 changelog](https://github.com/pnpm/pnpm/releases/tag/v11.0.0)
> Migration guide: [Migrating from v10 to v11](https://pnpm.io/11.x/migration)

## Patch Changes

* Strip `sec-fetch-*` headers from outgoing HTTP requests. These headers are automatically added by undici's `fetch()` implementation per the Fetch spec but cause Azure DevOps Artifacts to return HTTP 400 for uncached upstream packages, as ADO interprets them as browser requests [#11572](https://github.com/pnpm/pnpm/issues/11572).

* Fix `minimumReleaseAge` handling for cached abbreviated metadata.

  The version-spec cache fast path no longer rethrows `ERR_PNPM_MISSING_TIME` under `strictPublishedByCheck`; it now falls through to the registry-fetch path, consistent with the adjacent mtime-gated cache block.

  When the registry returns 304 Not Modified for a package whose cached metadata is abbreviated (no per-version `time`), pnpm now re-fetches with `fullMetadata: true` if `minimumReleaseAge` is active and the package was modified after the cutoff. The upgraded metadata is persisted to disk so subsequent installs don't repeat the fetch. Previously the abbreviated meta was used as-is and the maturity check fell back to its warn-and-skip path, silently bypassing the quarantine and emitting a misleading "metadata is missing the time field" warning.

  Closes #11619.

* Fix `pnpm upgrade --interactive --latest -r` not respecting named catalog groups. Previously, upgrading a dependency using a named catalog (e.g. `"catalog:foo"`) would incorrectly rewrite `package.json` to `"catalog:"` and place the updated version in the default catalog instead of the named one [#10115](https://github.com/pnpm/pnpm/issues/10115).

* Fixed `optimisticRepeatInstall` skipping `pnpm-lock.yaml` merge conflict resolution when the existing `node_modules` state appears up to date.

* Fix `minimumReleaseAge` / `resolutionMode: time-based` installs failing on lockfiles whose `time:` block is missing entries. The npm-resolver's peek-from-store fast path now surfaces `publishedAt` from the lockfile rather than discarding it, and falls through to a registry metadata fetch when the time-based cutoff can't be computed from the data on hand.


<!-- sponsors -->

## Platinum Sponsors

<table>
  <tbody>
    <tr>
      <td align="center" valign="middle">
        <a href="https://bit.cloud/?utm_source=pnpm&utm_medium=release_notes" target="_blank"><img src="https://pnpm.io/img/users/bit.svg" width="80" alt="Bit"></a>
      </td>
    </tr>
  </tbody>
</table>

## Gold Sponsors

<table>
  <tbody>
    <tr>
      <td align="center" valign="middle">
        <a href="https://sanity.io/?utm_source=pnpm&utm_medium=release_notes" target="_blank">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/sanity.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/sanity_light.svg" />
            <img src="https://pnpm.io/img/users/sanity.svg" width="120" alt="Sanity" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://discord.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/discord.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/discord_light.svg" />
            <img src="https://pnpm.io/img/users/discord.svg" width="220" alt="Discord" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://vite.dev/?utm_source=pnpm&utm_medium=release_notes" target="_blank"><img src="https://pnpm.io/img/users/vitejs.svg" width="42" alt="Vite"></a>
      </td>
    </tr>
    <tr>
      <td align="center" valign="middle">
        <a href="https://serpapi.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/serpapi_dark.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/serpapi_light.svg" />
            <img src="https://pnpm.io/img/users/serpapi_dark.svg" width="160" alt="SerpApi" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://coderabbit.ai/?utm_source=pnpm&utm_medium=release_notes" target="_blank">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/coderabbit.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/coderabbit_light.svg" />
            <img src="https://pnpm.io/img/users/coderabbit.svg" width="220" alt="CodeRabbit" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://stackblitz.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/stackblitz.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/stackblitz_light.svg" />
            <img src="https://pnpm.io/img/users/stackblitz.svg" width="190" alt="Stackblitz" />
          </picture>
        </a>
      </td>
    </tr>
    <tr>
      <td align="center" valign="middle">
        <a href="https://workleap.com/?utm_source=pnpm&utm_medium=release_notes" target="_blank">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/workleap.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/workleap_light.svg" />
            <img src="https://pnpm.io/img/users/workleap.svg" width="190" alt="Workleap" />
          </picture>
        </a>
      </td>
      <td align="center" valign="middle">
        <a href="https://nx.dev/?utm_source=pnpm&utm_medium=release_notes" target="_blank">
          <picture>
            <source media="(prefers-color-scheme: light)" srcset="https://pnpm.io/img/users/nx.svg" />
            <source media="(prefers-color-scheme: dark)" srcset="https://pnpm.io/img/users/nx_light.svg" />
            <img src="https://pnpm.io/img/users/nx.svg" width="50" alt="Nx" />
          </picture>
        </a>
      </td>
    </tr>
  </tbody>
</table>

<!-- sponsors end -->
deps: update node version to 26.1.0"

change detected: * key "$.jobs.*.steps[?(@.uses =~ /^actions\\/setup-node/)].with.node-version" updated from "25.9.0" to "26.1.0", in file ".github/workflows/go.yaml" (doc 0)

v26.1.0 
### Notable Changes

#### Experimental `node:ffi` module

Node.js now includes an experimental `node:ffi` module for loading dynamic
libraries and calling native symbols from JavaScript.

The API is gated behind the `--experimental-ffi` flag and, when the Permission
Model is enabled, requires `--allow-ffi`.

This API is inherently unsafe. Invalid pointers, incorrect signatures, or accessing memory
after it has been freed can crash the process or corrupt memory.

Contributed by Paolo Insogna in [#62072](https://github.com/nodejs/node/pull/62072).

#### Other Notable Changes

* \[[`34a6454fe3`](https://github.com/nodejs/node/commit/34a6454fe3)] - **(SEMVER-MINOR)** **buffer**: add `end` parameter (Robert Nagy) [#62390](https://github.com/nodejs/node/pull/62390)
* \[[`073e84d7fe`](https://github.com/nodejs/node/commit/073e84d7fe)] - **(SEMVER-MINOR)** **crypto**: accept key data in `crypto.diffieHellman()` and cleanup DH jobs (Filip Skokan) [#62527](https://github.com/nodejs/node/pull/62527)
* \[[`5b9cb10a5f`](https://github.com/nodejs/node/commit/5b9cb10a5f)] - **(SEMVER-MINOR)** **crypto**: implement `randomUUIDv7()` (nabeel378) [#62553](https://github.com/nodejs/node/pull/62553)
* \[[`98f9becd16`](https://github.com/nodejs/node/commit/98f9becd16)] - **(SEMVER-MINOR)** **debugger**: add edit-free runtime expression probes to `node inspect` (Joyee Cheung) [#62713](https://github.com/nodejs/node/pull/62713)
* \[[`06defaa2ea`](https://github.com/nodejs/node/commit/06defaa2ea)] - **(SEMVER-MINOR)** **fs**: add `signal` option to `fs.stat()` (Mert Can Altin) [#57775](https://github.com/nodejs/node/pull/57775)
* \[[`db66a963bf`](https://github.com/nodejs/node/commit/db66a963bf)] - **(SEMVER-MINOR)** **fs**: expose `frsize` field in `statfs` (Jinho Jang) [#62277](https://github.com/nodejs/node/pull/62277)
* \[[`87adb3472b`](https://github.com/nodejs/node/commit/87adb3472b)] - **(SEMVER-MINOR)** **http**: harden `ClientRequest` options merge (Matteo Collina) [#63082](https://github.com/nodejs/node/pull/63082)
* \[[`9047ec12ce`](https://github.com/nodejs/node/commit/9047ec12ce)] - **(SEMVER-MINOR)** **http**: add `req.signal` to `IncomingMessage` (Akshat) [#62541](https://github.com/nodejs/node/pull/62541)
* \[[`ab66de8eaa`](https://github.com/nodejs/node/commit/ab66de8eaa)] - **(SEMVER-MINOR)** **process**: throw on `execve(2)` failure instead of aborting (Bryan English) [#62878](https://github.com/nodejs/node/pull/62878)
* \[[`8273682c87`](https://github.com/nodejs/node/commit/8273682c87)] - **(SEMVER-MINOR)** **src**: allow empty `--experimental-config-file` (Marco Ippolito) [#61610](https://github.com/nodejs/node/pull/61610)
* \[[`fbff28f7e6`](https://github.com/nodejs/node/commit/fbff28f7e6)] - **(SEMVER-MINOR)** **stream**: propagate destruction in `duplexPair` (Ahmed Elhor) [#61098](https://github.com/nodejs/node/pull/61098)
* \[[`a8c773a0c7`](https://github.com/nodejs/node/commit/a8c773a0c7)] - **(SEMVER-MINOR)** **test\_runner**: align mock timeout api (sangwook) [#62820](https://github.com/nodejs/node/pull/62820)
* \[[`b883a5eaea`](https://github.com/nodejs/node/commit/b883a5eaea)] - **(SEMVER-MINOR)** **test\_runner**: add mock-timers support for `AbortSignal.timeout` (DeveloperViraj) [#60751](https://github.com/nodejs/node/pull/60751)
* \[[`a21ae1771e`](https://github.com/nodejs/node/commit/a21ae1771e)] - **(SEMVER-MINOR)** **test\_runner**: support test order randomization (Pietro Marchini) [#61747](https://github.com/nodejs/node/pull/61747)
* \[[`b85c73ff10`](https://github.com/nodejs/node/commit/b85c73ff10)] - **(SEMVER-MINOR)** **util**: colorize text with hex colors (Guilherme Araújo) [#61556](https://github.com/nodejs/node/pull/61556)

### Commits

* \[[`1b959d02c2`](https://github.com/nodejs/node/commit/1b959d02c2)] - **assert,util**: fix stale nested cycle memo entries (Ruben Bridgewater) [#62509](https://github.com/nodejs/node/pull/62509)
* \[[`bbeb38d210`](https://github.com/nodejs/node/commit/bbeb38d210)] - **buffer**: fix end parameter bugs in indexOf/lastIndexOf (Robert Nagy) [#62711](https://github.com/nodejs/node/pull/62711)
* \[[`34a6454fe3`](https://github.com/nodejs/node/commit/34a6454fe3)] - **(SEMVER-MINOR)** **buffer**: add end parameter (Robert Nagy) [#62390](https://github.com/nodejs/node/pull/62390)
* \[[`8b91526cd5`](https://github.com/nodejs/node/commit/8b91526cd5)] - **build**: track PDL files as inputs in inspector GN build (Robo) [#62888](https://github.com/nodejs/node/pull/62888)
* \[[`da40ed7842`](https://github.com/nodejs/node/commit/da40ed7842)] - **build**: remove armv6 from experimental platforms (René) [#63063](https://github.com/nodejs/node/pull/63063)
* \[[`b36e55a23e`](https://github.com/nodejs/node/commit/b36e55a23e)] - **build**: make test-addons dependency-free (Joyee Cheung) [#62388](https://github.com/nodejs/node/pull/62388)
* \[[`c27f3cf8f2`](https://github.com/nodejs/node/commit/c27f3cf8f2)] - **build**: add --enable-all-experimentals build flag (Paolo Insogna) [#62755](https://github.com/nodejs/node/pull/62755)
* \[[`0d73b63a76`](https://github.com/nodejs/node/commit/0d73b63a76)] - **build**: fix cargo check when Temporal is disabled (Antoine du Hamel) [#62730](https://github.com/nodejs/node/pull/62730)
* \[[`d8f97e6f7b`](https://github.com/nodejs/node/commit/d8f97e6f7b)] - **build**: fix ffi dependency compilation (Paolo Insogna) [#62731](https://github.com/nodejs/node/pull/62731)
* \[[`d1eb7b340f`](https://github.com/nodejs/node/commit/d1eb7b340f)] - **build**: fix stray debug string in LIEF defines (Om Ghante) [#62683](https://github.com/nodejs/node/pull/62683)
* \[[`845283009d`](https://github.com/nodejs/node/commit/845283009d)] - **build**: remove redundant -fuse-linker-plugin from GCC LTO flags (Daniel Lando) [#62667](https://github.com/nodejs/node/pull/62667)
* \[[`a6e99879f4`](https://github.com/nodejs/node/commit/a6e99879f4)] - **build,win**: enable x64 PGO (Stefan Stojanovic) [#62761](https://github.com/nodejs/node/pull/62761)
* \[[`38befee0fb`](https://github.com/nodejs/node/commit/38befee0fb)] - **crypto**: add JWK support for ML-KEM and SLH-DSA key types (Filip Skokan) [#62706](https://github.com/nodejs/node/pull/62706)
* \[[`b10653ad87`](https://github.com/nodejs/node/commit/b10653ad87)] - **crypto**: add guards and adjust tests for BoringSSL (Filip Skokan) [#62883](https://github.com/nodejs/node/pull/62883)
* \[[`2a7a69c6b0`](https://github.com/nodejs/node/commit/2a7a69c6b0)] - **crypto**: reject unintended raw key format string input (Filip Skokan) [#62974](https://github.com/nodejs/node/pull/62974)
* \[[`bad1e2fe6a`](https://github.com/nodejs/node/commit/bad1e2fe6a)] - **crypto**: fix unsigned conversion of 4-byte RSA publicExponent (DeepView Autofix) [#62839](https://github.com/nodejs/node/pull/62839)
* \[[`c9d5bae598`](https://github.com/nodejs/node/commit/c9d5bae598)] - **crypto**: remove Argon2 KDF derivation from its job setup (Filip Skokan) [#62863](https://github.com/nodejs/node/pull/62863)
* \[[`6eea52426f`](https://github.com/nodejs/node/commit/6eea52426f)] - **crypto**: reject duplicate ML-KEM JWK key\_ops (Filip Skokan) [#62905](https://github.com/nodejs/node/pull/62905)
* \[[`80d4836616`](https://github.com/nodejs/node/commit/80d4836616)] - **crypto**: deduplicate and canonicalize CryptoKey usages (Filip Skokan) [#62902](https://github.com/nodejs/node/pull/62902)
* \[[`8950247027`](https://github.com/nodejs/node/commit/8950247027)] - **crypto**: reject inherited key type names (Jonathan Lopes) [#62875](https://github.com/nodejs/node/pull/62875)
* \[[`3f42f9615a`](https://github.com/nodejs/node/commit/3f42f9615a)] - **crypto**: strengthen argument CHECKs in TurboSHAKE (Tobias Nießen) [#62763](https://github.com/nodejs/node/pull/62763)
* \[[`28346d999b`](https://github.com/nodejs/node/commit/28346d999b)] - **crypto**: guard against size\_t overflow on experimental 32-bit arch (Filip Skokan) [#62626](https://github.com/nodejs/node/pull/62626)
* \[[`d4cec263c4`](https://github.com/nodejs/node/commit/d4cec263c4)] - **(SEMVER-MINOR)** **crypto**: align key argument names in docs and error messages (Filip Skokan) [#62527](https://github.com/nodejs/node/pull/62527)
* \[[`073e84d7fe`](https://github.com/nodejs/node/commit/073e84d7fe)] - **(SEMVER-MINOR)** **crypto**: accept key data in crypto.diffieHellman() and cleanup DH jobs (Filip Skokan) [#62527](https://github.com/nodejs/node/pull/62527)
* \[[`518b578fe7`](https://github.com/nodejs/node/commit/518b578fe7)] - **crypto**: add memory tracking for secureContext openssl objects (Mert Can Altin) [#59051](https://github.com/nodejs/node/pull/59051)
* \[[`5b9cb10a5f`](https://github.com/nodejs/node/commit/5b9cb10a5f)] - **(SEMVER-MINOR)** **crypto**: implement randomUUIDv7() (nabeel378) [#62553](https://github.com/nodejs/node/pull/62553)
* \[[`7133826053`](https://github.com/nodejs/node/commit/7133826053)] - **debugger**: move ProbeInspectorSession and helpers to separate files (Joyee Cheung) [#63013](https://github.com/nodejs/node/pull/63013)
* \[[`98f9becd16`](https://github.com/nodejs/node/commit/98f9becd16)] - **(SEMVER-MINOR)** **debugger**: add edit-free runtime expression probes to `node inspect` (Joyee Cheung) [#62713](https://github.com/nodejs/node/pull/62713)
* \[[`94ac62a2d1`](https://github.com/nodejs/node/commit/94ac62a2d1)] - **deps**: update undici to 8.2.0 (Node.js GitHub Bot) [#63092](https://github.com/nodejs/node/pull/63092)
* \[[`ef71de87e6`](https://github.com/nodejs/node/commit/ef71de87e6)] - **deps**: update amaro to 1.1.9 (Node.js GitHub Bot) [#63090](https://github.com/nodejs/node/pull/63090)
* \[[`c4f0ef881a`](https://github.com/nodejs/node/commit/c4f0ef881a)] - **deps**: update llhttp to 9.4.1 (Node.js GitHub Bot) [#63045](https://github.com/nodejs/node/pull/63045)
* \[[`d29fbc0029`](https://github.com/nodejs/node/commit/d29fbc0029)] - **deps**: fix integration issues with the latest nghttp2 (Tim Perry) [#62891](https://github.com/nodejs/node/pull/62891)
* \[[`537825acee`](https://github.com/nodejs/node/commit/537825acee)] - **deps**: update nghttp2 to 1.69.0 (Node.js GitHub Bot) [#62891](https://github.com/nodejs/node/pull/62891)
* \[[`4446bf694d`](https://github.com/nodejs/node/commit/4446bf694d)] - **deps**: update corepack to 0.34.7 (Node.js GitHub Bot) [#62810](https://github.com/nodejs/node/pull/62810)
* \[[`8f55327f1c`](https://github.com/nodejs/node/commit/8f55327f1c)] - **deps**: fix libffi macos build (Paolo Insogna) [#63006](https://github.com/nodejs/node/pull/63006)
* \[[`3dee18f72f`](https://github.com/nodejs/node/commit/3dee18f72f)] - **deps**: patch V8 to 14.6.202.34 (Node.js GitHub Bot) [#62964](https://github.com/nodejs/node/pull/62964)
* \[[`e281b247e6`](https://github.com/nodejs/node/commit/e281b247e6)] - **deps**: update timezone to 2026b (Node.js GitHub Bot) [#62962](https://github.com/nodejs/node/pull/62962)
* \[[`4dd982df13`](https://github.com/nodejs/node/commit/4dd982df13)] - **deps**: upgrade npm to 11.13.0 (npm team) [#62898](https://github.com/nodejs/node/pull/62898)
* \[[`61c0ff4a13`](https://github.com/nodejs/node/commit/61c0ff4a13)] - **deps**: cherry-pick libuv/libuv\@439a54b (skooch) [#62881](https://github.com/nodejs/node/pull/62881)
* \[[`d26ca462ae`](https://github.com/nodejs/node/commit/d26ca462ae)] - **deps**: update undici to 8.1.0 (Node.js GitHub Bot) [#62728](https://github.com/nodejs/node/pull/62728)
* \[[`6f08489ac9`](https://github.com/nodejs/node/commit/6f08489ac9)] - **deps**: update sqlite to 3.53.0 (Node.js GitHub Bot) [#62699](https://github.com/nodejs/node/pull/62699)
* \[[`713601e8bd`](https://github.com/nodejs/node/commit/713601e8bd)] - **deps**: update nbytes to 0.1.4 (Node.js GitHub Bot) [#62698](https://github.com/nodejs/node/pull/62698)
* \[[`578cf1c0c1`](https://github.com/nodejs/node/commit/578cf1c0c1)] - **deps**: update archs files for openssl-3.5.6 (Node.js GitHub Bot) [#62629](https://github.com/nodejs/node/pull/62629)
* \[[`4a4ef13c67`](https://github.com/nodejs/node/commit/4a4ef13c67)] - **deps**: upgrade openssl sources to openssl-3.5.6 (Node.js GitHub Bot) [#62629](https://github.com/nodejs/node/pull/62629)
* \[[`2f3eca8c1e`](https://github.com/nodejs/node/commit/2f3eca8c1e)] - **deps**: update perfetto to 54.0 (Chengzhong Wu) [#62397](https://github.com/nodejs/node/pull/62397)
* \[[`944ed9b739`](https://github.com/nodejs/node/commit/944ed9b739)] - **deps**: add perfetto build files (Chengzhong Wu) [#62397](https://github.com/nodejs/node/pull/62397)
* \[[`15530a7484`](https://github.com/nodejs/node/commit/15530a7484)] - **deps**: update ngtcp2 to 1.22.0 (Node.js GitHub Bot) [#62595](https://github.com/nodejs/node/pull/62595)
* \[[`b813b4c4b5`](https://github.com/nodejs/node/commit/b813b4c4b5)] - **deps**: update minimatch to 10.2.5 (Node.js GitHub Bot) [#62594](https://github.com/nodejs/node/pull/62594)
* \[[`38e7ce58c5`](https://github.com/nodejs/node/commit/38e7ce58c5)] - **deps**: update googletest to d72f9c8aea6817cdf1ca0ac10887f328de7f3da2 (Node.js GitHub Bot) [#62593](https://github.com/nodejs/node/pull/62593)
* \[[`b5c573ed14`](https://github.com/nodejs/node/commit/b5c573ed14)] - **deps**: update simdjson to 4.6.1 (Node.js GitHub Bot) [#62592](https://github.com/nodejs/node/pull/62592)
* \[[`318e2c7cd3`](https://github.com/nodejs/node/commit/318e2c7cd3)] - **deps**: libuv: cherry-pick aabb7651de (Santiago Gimeno) [#62561](https://github.com/nodejs/node/pull/62561)
* \[[`c6ccbd742a`](https://github.com/nodejs/node/commit/c6ccbd742a)] - **deps**: libuv: reapply 3a9a6e3e6b (Andy Pan) [#62561](https://github.com/nodejs/node/pull/62561)
* \[[`4ad07de7ae`](https://github.com/nodejs/node/commit/4ad07de7ae)] - **diagnostics\_channel**: add BoundedChannel and scopes (Stephen Belanger) [#61680](https://github.com/nodejs/node/pull/61680)
* \[[`44416ea3fd`](https://github.com/nodejs/node/commit/44416ea3fd)] - **doc**: fix documentation history missing 25.9.0 (Antoine du Hamel) [#63151](https://github.com/nodejs/node/pull/63151)
* \[[`5f6dfbf68e`](https://github.com/nodejs/node/commit/5f6dfbf68e)] - **doc**: fix changelog for chromium numbering (Rafael Gonzaga) [#63133](https://github.com/nodejs/node/pull/63133)
* \[[`30c4b3658c`](https://github.com/nodejs/node/commit/30c4b3658c)] - **doc**: fix the TypeScript Execute (tsx) project link (David Thornton) [#63093](https://github.com/nodejs/node/pull/63093)
* \[[`ca3c3097f1`](https://github.com/nodejs/node/commit/ca3c3097f1)] - **doc**: minor structural stream/iter edits (René) [#63089](https://github.com/nodejs/node/pull/63089)
* \[[`92324aab6f`](https://github.com/nodejs/node/commit/92324aab6f)] - **doc**: remove typo comma from man page (Vas Sudanagunta) [#63080](https://github.com/nodejs/node/pull/63080)
* \[[`712a15da73`](https://github.com/nodejs/node/commit/712a15da73)] - **doc**: correct diagnostics\_channel built-in channel names (Bryan English) [#62995](https://github.com/nodejs/node/pull/62995)
* \[[`c92cb6fe0d`](https://github.com/nodejs/node/commit/c92cb6fe0d)] - **doc**: use mjs/cjs blocks for callbackify null reason example (Daijiro Wachi) [#62884](https://github.com/nodejs/node/pull/62884)
* \[[`020776d4d6`](https://github.com/nodejs/node/commit/020776d4d6)] - **doc**: fix typo in test.md (Rich Trott) [#62960](https://github.com/nodejs/node/pull/62960)
* \[[`7d52f2061e`](https://github.com/nodejs/node/commit/7d52f2061e)] - **doc**: correct typo in PR contribution instructions (Mike McCready) [#62738](https://github.com/nodejs/node/pull/62738)
* \[[`70e8944676`](https://github.com/nodejs/node/commit/70e8944676)] - **doc**: fix duplicate word "of of" in postMessageToThread (Daijiro Wachi) [#62917](https://github.com/nodejs/node/pull/62917)
* \[[`11c6c29284`](https://github.com/nodejs/node/commit/11c6c29284)] - **doc**: fix duplicate word "to to" in util.styleText (Daijiro Wachi) [#62917](https://github.com/nodejs/node/pull/62917)
* \[[`242adab671`](https://github.com/nodejs/node/commit/242adab671)] - **doc**: fix duplicate word "for for" in compile cache (Daijiro Wachi) [#62917](https://github.com/nodejs/node/pull/62917)
* \[[`b9f3abd63e`](https://github.com/nodejs/node/commit/b9f3abd63e)] - **doc**: fix doubled word typo in stream\_iter.md (Daijiro Wachi) [#62916](https://github.com/nodejs/node/pull/62916)
* \[[`7a52fd0448`](https://github.com/nodejs/node/commit/7a52fd0448)] - **doc**: fix typo in dns.lookup options description (Daijiro Wachi) [#62882](https://github.com/nodejs/node/pull/62882)
* \[[`acd7e18a8c`](https://github.com/nodejs/node/commit/acd7e18a8c)] - **doc**: fix Argon2 parameter bounds (Tobias Nießen) [#62868](https://github.com/nodejs/node/pull/62868)
* \[[`b43ecf40bb`](https://github.com/nodejs/node/commit/b43ecf40bb)] - **doc**: trust FFI in the threat model (Paolo Insogna) [#62852](https://github.com/nodejs/node/pull/62852)
* \[[`981ce96b03`](https://github.com/nodejs/node/commit/981ce96b03)] - **doc**: fix typos and inconsistencies in crypto.md and webcrypto.md (Filip Skokan) [#62828](https://github.com/nodejs/node/pull/62828)
* \[[`acc52ef257`](https://github.com/nodejs/node/commit/acc52ef257)] - **doc**: clarify diffieHellman.generateKeys recomputes same key (Kit Dallege) [#62205](https://github.com/nodejs/node/pull/62205)
* \[[`ae87597c07`](https://github.com/nodejs/node/commit/ae87597c07)] - **doc**: remove Ayase-252 and meixg from triagger team (Antoine du Hamel) [#62841](https://github.com/nodejs/node/pull/62841)
* \[[`1cd3694a5f`](https://github.com/nodejs/node/commit/1cd3694a5f)] - **doc**: clarify dns.lookup() callback signature when all is true (eungi) [#62800](https://github.com/nodejs/node/pull/62800)
* \[[`40a4337d65`](https://github.com/nodejs/node/commit/40a4337d65)] - **doc**: add experimental modules lifetime policy (Paolo Insogna) [#62753](https://github.com/nodejs/node/pull/62753)
* \[[`46f48222f8`](https://github.com/nodejs/node/commit/46f48222f8)] - **doc**: clarify process.\_debugProcess() in Permission Model (Fahad Khan) [#62537](https://github.com/nodejs/node/pull/62537)
* \[[`6eb9917497`](https://github.com/nodejs/node/commit/6eb9917497)] - **doc**: fix typo in devcontainer guide (Rohan Santhosh Kumar) [#62687](https://github.com/nodejs/node/pull/62687)
* \[[`3826c5ed7e`](https://github.com/nodejs/node/commit/3826c5ed7e)] - **doc**: clarify Backport-PR-URL metadata added automatically (Mike McCready) [#62668](https://github.com/nodejs/node/pull/62668)
* \[[`5d7e0dbbd8`](https://github.com/nodejs/node/commit/5d7e0dbbd8)] - **doc**: update WPT test runner README.md (Filip Skokan) [#62680](https://github.com/nodejs/node/pull/62680)
* \[[`e9d76b2a75`](https://github.com/nodejs/node/commit/e9d76b2a75)] - **doc**: fix spelling in release announcement guidance (Rohan Santhosh Kumar) [#62663](https://github.com/nodejs/node/pull/62663)
* \[[`1ae41cebb0`](https://github.com/nodejs/node/commit/1ae41cebb0)] - **doc**: note GCC >= 14 requirement for native riscv64 builds (Jamie Magee) [#62607](https://github.com/nodejs/node/pull/62607)
* \[[`9b29be6a28`](https://github.com/nodejs/node/commit/9b29be6a28)] - **doc**: note non-monotonic clock in crypto.randomUUIDv7 (nabeel378) [#62600](https://github.com/nodejs/node/pull/62600)
* \[[`5ae59553f6`](https://github.com/nodejs/node/commit/5ae59553f6)] - **doc**: update bug bounty program (Rafael Gonzaga) [#62590](https://github.com/nodejs/node/pull/62590)
* \[[`ce3f4c85dd`](https://github.com/nodejs/node/commit/ce3f4c85dd)] - **doc**: document TransformStream transformer.cancel option (Tom Pereira) [#62566](https://github.com/nodejs/node/pull/62566)
* \[[`08a9ba73e4`](https://github.com/nodejs/node/commit/08a9ba73e4)] - **doc**: mention test runner retry attemp is zero based (Moshe Atlow) [#62504](https://github.com/nodejs/node/pull/62504)
* \[[`32f2169ede`](https://github.com/nodejs/node/commit/32f2169ede)] - **doc,src,test**: fix dead inspector help URL (semimikoh) [#62745](https://github.com/nodejs/node/pull/62745)
* \[[`870c1cd3f4`](https://github.com/nodejs/node/commit/870c1cd3f4)] - **doc,test**: mem protection must be observed in ffi (Bryan English) [#62818](https://github.com/nodejs/node/pull/62818)
* \[[`3d5cf171dc`](https://github.com/nodejs/node/commit/3d5cf171dc)] - **esm**: add `ERR_REQUIRE_ESM_RACE_CONDITION` (Antoine du Hamel) [#62462](https://github.com/nodejs/node/pull/62462)
* \[[`2004d8d6db`](https://github.com/nodejs/node/commit/2004d8d6db)] - **ffi**: make `FFIFunctionInfo` a `BaseObject` subclass (Anna Henningsen) [#63071](https://github.com/nodejs/node/pull/63071)
* \[[`53eb7abeba`](https://github.com/nodejs/node/commit/53eb7abeba)] - **ffi**: prevent premature GC of DynamicLibrary (semimikoh) [#63024](https://github.com/nodejs/node/pull/63024)
* \[[`58dc92f502`](https://github.com/nodejs/node/commit/58dc92f502)] - **ffi**: support Symbol.dispose on DynamicLibrary (Matteo Collina) [#62925](https://github.com/nodejs/node/pull/62925)
* \[[`528f8b2bae`](https://github.com/nodejs/node/commit/528f8b2bae)] - **ffi**: add shared-buffer fast path for numeric and pointer signatures (Bryan English) [#62918](https://github.com/nodejs/node/pull/62918)
* \[[`42ac8b9ae7`](https://github.com/nodejs/node/commit/42ac8b9ae7)] - **fs**: add followSymlinks option to glob (Matteo Collina) [#62695](https://github.com/nodejs/node/pull/62695)
* \[[`873c2bca70`](https://github.com/nodejs/node/commit/873c2bca70)] - **fs**: restore fs patchability in ESM loader (Joyee Cheung) [#62835](https://github.com/nodejs/node/pull/62835)
* \[[`349c7502c3`](https://github.com/nodejs/node/commit/349c7502c3)] - **fs**: validate position argument before length === 0 early return (Edy Silva) [#62674](https://github.com/nodejs/node/pull/62674)
* \[[`06defaa2ea`](https://github.com/nodejs/node/commit/06defaa2ea)] - **(SEMVER-MINOR)** **fs**: add signal option to fs.stat() (Mert Can Altin) [#57775](https://github.com/nodejs/node/pull/57775)
* \[[`db66a963bf`](https://github.com/nodejs/node/commit/db66a963bf)] - **(SEMVER-MINOR)** **fs**: expose frsize field in statfs (Jinho Jang) [#62277](https://github.com/nodejs/node/pull/62277)
* \[[`3191d2936a`](https://github.com/nodejs/node/commit/3191d2936a)] - **http**: emit 'drain' on OutgoingMessage only after buffers drain (Robert Nagy) [#62936](https://github.com/nodejs/node/pull/62936)
* \[[`87adb3472b`](https://github.com/nodejs/node/commit/87adb3472b)] - **(SEMVER-MINOR)** **http**: harden ClientRequest options merge (Matteo Collina) [#63082](https://github.com/nodejs/node/pull/63082)
* \[[`e0b79633f6`](https://github.com/nodejs/node/commit/e0b79633f6)] - **http**: fix leaked error listener on sync HTTP req create + destroy (Tim Perry) [#62872](https://github.com/nodejs/node/pull/62872)
* \[[`70c5491f53`](https://github.com/nodejs/node/commit/70c5491f53)] - **http**: fix no\_proxy leading-dot suffix matching (Daijiro Wachi) [#62333](https://github.com/nodejs/node/pull/62333)
* \[[`60a585e68a`](https://github.com/nodejs/node/commit/60a585e68a)] - **http**: cleanup pipeline queue (Robert Nagy) [#62534](https://github.com/nodejs/node/pull/62534)
* \[[`9047ec12ce`](https://github.com/nodejs/node/commit/9047ec12ce)] - **(SEMVER-MINOR)** **http**: add req.signal to IncomingMessage (Akshat) [#62541](https://github.com/nodejs/node/pull/62541)
* \[[`01eed5901b`](https://github.com/nodejs/node/commit/01eed5901b)] - **http2**: expose writable stream state on compat response (T) [#63003](https://github.com/nodejs/node/pull/63003)
* \[[`19b7adf3ba`](https://github.com/nodejs/node/commit/19b7adf3ba)] - **inspector**: fix absolute URLs in network http (bugyaluwang) [#62955](https://github.com/nodejs/node/pull/62955)
* \[[`4d10823fbb`](https://github.com/nodejs/node/commit/4d10823fbb)] - **inspector**: coerce key and value to string in webstorage events (Ali Hassan) [#62616](https://github.com/nodejs/node/pull/62616)
* \[[`9a3ac66cc5`](https://github.com/nodejs/node/commit/9a3ac66cc5)] - **inspector**: return errors when CDP protocol event emission fails (Ryuhei Shima) [#62162](https://github.com/nodejs/node/pull/62162)
* \[[`c89501c6e5`](https://github.com/nodejs/node/commit/c89501c6e5)] - **inspector**: auto collect webstorage data (Ryuhei Shima) [#62145](https://github.com/nodejs/node/pull/62145)
* \[[`ef08c5016a`](https://github.com/nodejs/node/commit/ef08c5016a)] - **lib**: refactor internal webidl converters (Filip Skokan) [#62979](https://github.com/nodejs/node/pull/62979)
* \[[`d0744c6a99`](https://github.com/nodejs/node/commit/d0744c6a99)] - **lib**: add Temporal to frozen intrinsics (René) [#63029](https://github.com/nodejs/node/pull/63029)
* \[[`6d81cb17b3`](https://github.com/nodejs/node/commit/6d81cb17b3)] - **lib**: avoid quadratic shift() in startup snapshot callback (Daijiro Wachi) [#62914](https://github.com/nodejs/node/pull/62914)
* \[[`3491f73051`](https://github.com/nodejs/node/commit/3491f73051)] - **lib**: fix FLOAT\_32 and FLOAT\_64 type constants in ffi (Daijiro Wachi) [#62892](https://github.com/nodejs/node/pull/62892)
* \[[`c4ca303b36`](https://github.com/nodejs/node/commit/c4ca303b36)] - **lib**: harden kKeyOps lookup with null prototype (Filip Skokan) [#62877](https://github.com/nodejs/node/pull/62877)
* \[[`2e612fe070`](https://github.com/nodejs/node/commit/2e612fe070)] - **lib**: short-circuit WebIDL BufferSource SAB check (Filip Skokan) [#62833](https://github.com/nodejs/node/pull/62833)
* \[[`e850ee9c69`](https://github.com/nodejs/node/commit/e850ee9c69)] - **lib**: add new methods and error codes (Paolo Insogna) [#62762](https://github.com/nodejs/node/pull/62762)
* \[[`e21b873589`](https://github.com/nodejs/node/commit/e21b873589)] - **lib**: use js-only implementation of `isDataView()` (René) [#62780](https://github.com/nodejs/node/pull/62780)
* \[[`f454d1719d`](https://github.com/nodejs/node/commit/f454d1719d)] - **lib**: fix lint in internal/webstreams/util.js (Filip Skokan) [#62806](https://github.com/nodejs/node/pull/62806)
* \[[`fbd8ededba`](https://github.com/nodejs/node/commit/fbd8ededba)] - **lib**: fix sequence argument handling in Blob constructor (Ms2ger) [#62179](https://github.com/nodejs/node/pull/62179)
* \[[`16860e6abd`](https://github.com/nodejs/node/commit/16860e6abd)] - **lib**: improve Web Cryptography key validation ordering (Filip Skokan) [#62749](https://github.com/nodejs/node/pull/62749)
* \[[`ba3f3e1753`](https://github.com/nodejs/node/commit/ba3f3e1753)] - **lib**: reject SharedArrayBuffer in web APIs per spec (Ali Hassan) [#62632](https://github.com/nodejs/node/pull/62632)
* \[[`d065e996bb`](https://github.com/nodejs/node/commit/d065e996bb)] - **lib**: defer AbortSignal.any() following (sangwook) [#62367](https://github.com/nodejs/node/pull/62367)
* \[[`2a711f4b0c`](https://github.com/nodejs/node/commit/2a711f4b0c)] - **(SEMVER-MINOR)** **lib,src,test,doc**: add node:ffi module (Colin Ihrig) [#62072](https://github.com/nodejs/node/pull/62072)
* \[[`d578343582`](https://github.com/nodejs/node/commit/d578343582)] - **meta**: bump github/codeql-action from 4.35.1 to 4.35.3 (dependabot\[bot]) [#63074](https://github.com/nodejs/node/pull/63074)
* \[[`1b4b90d544`](https://github.com/nodejs/node/commit/1b4b90d544)] - **meta**: bump Mozilla-Actions/sccache-action from 0.0.9 to 0.0.10 (dependabot\[bot]) [#63073](https://github.com/nodejs/node/pull/63073)
* \[[`1477349e47`](https://github.com/nodejs/node/commit/1477349e47)] - **meta**: bump actions/upload-artifact from 7.0.0 to 7.0.1 (dependabot\[bot]) [#63072](https://github.com/nodejs/node/pull/63072)
* \[[`ecb7de271a`](https://github.com/nodejs/node/commit/ecb7de271a)] - **meta**: bump cachix/install-nix-action from 31.10.3 to 31.10.5 (dependabot\[bot]) [#62846](https://github.com/nodejs/node/pull/62846)
* \[[`fb91408312`](https://github.com/nodejs/node/commit/fb91408312)] - **meta**: bump actions/upload-artifact from 7.0.0 to 7.0.1 (dependabot\[bot]) [#62850](https://github.com/nodejs/node/pull/62850)
* \[[`7eb9a6be68`](https://github.com/nodejs/node/commit/7eb9a6be68)] - **meta**: add automation policy (Chengzhong Wu) [#62871](https://github.com/nodejs/node/pull/62871)
* \[[`6f053a4cb8`](https://github.com/nodejs/node/commit/6f053a4cb8)] - **meta**: update CODEOWNERS for FFI (Paolo Insogna) [#62853](https://github.com/nodejs/node/pull/62853)
* \[[`88fe50a725`](https://github.com/nodejs/node/commit/88fe50a725)] - **meta**: move VoltrexKeyva to emeritus (Matteo Collina) [#62895](https://github.com/nodejs/node/pull/62895)
* \[[`42e770bdd0`](https://github.com/nodejs/node/commit/42e770bdd0)] - **meta**: bump peter-evans/create-pull-request from 8.1.0 to 8.1.1 (dependabot\[bot]) [#62845](https://github.com/nodejs/node/pull/62845)
* \[[`952d005233`](https://github.com/nodejs/node/commit/952d005233)] - **meta**: bump step-security/harden-runner from 2.16.1 to 2.19.0 (dependabot\[bot]) [#62844](https://github.com/nodejs/node/pull/62844)
* \[[`1bd19d9768`](https://github.com/nodejs/node/commit/1bd19d9768)] - **meta**: bump actions/github-script from 8.0.0 to 9.0.0 (dependabot\[bot]) [#62843](https://github.com/nodejs/node/pull/62843)
* \[[`386244a7dd`](https://github.com/nodejs/node/commit/386244a7dd)] - **meta**: bump actions/setup-node from 6.3.0 to 6.4.0 (dependabot\[bot]) [#62842](https://github.com/nodejs/node/pull/62842)
* \[[`16b2c41f70`](https://github.com/nodejs/node/commit/16b2c41f70)] - **meta**: broaden stale bot (Aviv Keller) [#62658](https://github.com/nodejs/node/pull/62658)
* \[[`41e7a4ba82`](https://github.com/nodejs/node/commit/41e7a4ba82)] - **meta**: pass release version to release worker (flakey5) [#62777](https://github.com/nodejs/node/pull/62777)
* \[[`632821db85`](https://github.com/nodejs/node/commit/632821db85)] - **meta**: add QUIC to CODEOWNERS (Tim Perry) [#62652](https://github.com/nodejs/node/pull/62652)
* \[[`4a7ad93ed8`](https://github.com/nodejs/node/commit/4a7ad93ed8)] - **meta**: move Michael to emeritus (Michael Dawson) [#62536](https://github.com/nodejs/node/pull/62536)
* \[[`44d5a33efb`](https://github.com/nodejs/node/commit/44d5a33efb)] - **meta**: populate apt list for slim runner in update-openssl workflow (René) [#62628](https://github.com/nodejs/node/pull/62628)
* \[[`d874596aa3`](https://github.com/nodejs/node/commit/d874596aa3)] - **meta**: bump cachix/install-nix-action from 31.9.1 to 31.10.3 (dependabot\[bot]) [#62551](https://github.com/nodejs/node/pull/62551)
* \[[`1631b27e2b`](https://github.com/nodejs/node/commit/1631b27e2b)] - **meta**: bump step-security/harden-runner from 2.15.0 to 2.16.1 (dependabot\[bot]) [#62550](https://github.com/nodejs/node/pull/62550)
* \[[`4de376894d`](https://github.com/nodejs/node/commit/4de376894d)] - **meta**: bump actions/download-artifact from 8.0.0 to 8.0.1 (dependabot\[bot]) [#62549](https://github.com/nodejs/node/pull/62549)
* \[[`39da4d7bd6`](https://github.com/nodejs/node/commit/39da4d7bd6)] - **meta**: bump actions/setup-node from 6.2.0 to 6.3.0 (dependabot\[bot]) [#62548](https://github.com/nodejs/node/pull/62548)
* \[[`62e3aa55ad`](https://github.com/nodejs/node/commit/62e3aa55ad)] - **meta**: bump github/codeql-action from 4.32.4 to 4.35.1 (dependabot\[bot]) [#62547](https://github.com/nodejs/node/pull/62547)
* \[[`83986de8a2`](https://github.com/nodejs/node/commit/83986de8a2)] - **meta**: bump codecov/codecov-action from 5.5.2 to 6.0.0 (dependabot\[bot]) [#62545](https://github.com/nodejs/node/pull/62545)
* \[[`18e56861dc`](https://github.com/nodejs/node/commit/18e56861dc)] - **meta**: bump cachix/cachix-action from 16 to 17 (dependabot\[bot]) [#62544](https://github.com/nodejs/node/pull/62544)
* \[[`d4e49d567a`](https://github.com/nodejs/node/commit/d4e49d567a)] - **meta**: bump actions/cache from 5.0.3 to 5.0.4 (dependabot\[bot]) [#62543](https://github.com/nodejs/node/pull/62543)
* \[[`2c5a914af4`](https://github.com/nodejs/node/commit/2c5a914af4)] - **meta**: require DCO signoff in commit message guidelines (James M Snell) [#62510](https://github.com/nodejs/node/pull/62510)
* \[[`f21039ce59`](https://github.com/nodejs/node/commit/f21039ce59)] - **meta**: expand memory leak DoS criteria to all DoS (Joyee Cheung) [#62505](https://github.com/nodejs/node/pull/62505)
* \[[`824ac6b5bf`](https://github.com/nodejs/node/commit/824ac6b5bf)] - **module**: exclude `node:ffi` from `builtinModules` when not enabled (Jordan Harband) [#63158](https://github.com/nodejs/node/pull/63158)
* \[[`bb6293ab7c`](https://github.com/nodejs/node/commit/bb6293ab7c)] - **module**: remove duplicated checks from `_resolveFilename` (Antoine du Hamel) [#62729](https://github.com/nodejs/node/pull/62729)
* \[[`34ec8c9f5c`](https://github.com/nodejs/node/commit/34ec8c9f5c)] - **module,win**: fix long subpath import (Stefan Stojanovic) [#62101](https://github.com/nodejs/node/pull/62101)
* \[[`de46e68918`](https://github.com/nodejs/node/commit/de46e68918)] - **node-api**: update libuv ABI stability note (Chengzhong Wu) [#62789](https://github.com/nodejs/node/pull/62789)
* \[[`78c7d77bbf`](https://github.com/nodejs/node/commit/78c7d77bbf)] - **node-api**: add napi\_create\_external\_sharedarraybuffer (Ben Noordhuis) [#62623](https://github.com/nodejs/node/pull/62623)
* \[[`a0ccf94f61`](https://github.com/nodejs/node/commit/a0ccf94f61)] - **node-api**: execute tsfn finalizer after queue drains when aborted (Kevin Eady) [#61956](https://github.com/nodejs/node/pull/61956)
* \[[`ab66de8eaa`](https://github.com/nodejs/node/commit/ab66de8eaa)] - **(SEMVER-MINOR)** **process**: throw on execve(2) failure instead of aborting (Bryan English) [#62878](https://github.com/nodejs/node/pull/62878)
* \[[`20151be8cb`](https://github.com/nodejs/node/commit/20151be8cb)] - **process**: handle rejections only when needed (Gürgün Dayıoğlu) [#62919](https://github.com/nodejs/node/pull/62919)
* \[[`9b24a815a2`](https://github.com/nodejs/node/commit/9b24a815a2)] - **quic**: add QuicEndpoint.listening & QuicStream.destroy() and tests (Tim Perry) [#62648](https://github.com/nodejs/node/pull/62648)
* \[[`761a96740c`](https://github.com/nodejs/node/commit/761a96740c)] - **quic**: fixup token verification to handle zero expiration (James M Snell) [#62620](https://github.com/nodejs/node/pull/62620)
* \[[`4ade02ac85`](https://github.com/nodejs/node/commit/4ade02ac85)] - **quic**: support multiple ALPN negotiation (James M Snell) [#62620](https://github.com/nodejs/node/pull/62620)
* \[[`b2e2e648e4`](https://github.com/nodejs/node/commit/b2e2e648e4)] - **quic**: apply multiple TLS context improvements and SNI support (James M Snell) [#62620](https://github.com/nodejs/node/pull/62620)
* \[[`56b941af4a`](https://github.com/nodejs/node/commit/56b941af4a)] - **quic**: implement rapidhash for hashing improvements (James M Snell) [#62620](https://github.com/nodejs/node/pull/62620)
* \[[`7cda4300b8`](https://github.com/nodejs/node/commit/7cda4300b8)] - **quic**: use arena allocation for packets (James M Snell) [#62589](https://github.com/nodejs/node/pull/62589)
* \[[`1e8fa2f1bd`](https://github.com/nodejs/node/commit/1e8fa2f1bd)] - **sqlite**: use OneByte for ASCII text and internalize col names (Ali Hassan) [#61954](https://github.com/nodejs/node/pull/61954)
* \[[`3af44ee508`](https://github.com/nodejs/node/commit/3af44ee508)] - **sqlite**: add serialize() and deserialize() (Ali Hassan) [#62579](https://github.com/nodejs/node/pull/62579)
* \[[`6386914b4b`](https://github.com/nodejs/node/commit/6386914b4b)] - **src**: decouple KeyObject and CryptoKey and move CryptoKey to src (Filip Skokan) [#62924](https://github.com/nodejs/node/pull/62924)
* \[[`2dc1d205ee`](https://github.com/nodejs/node/commit/2dc1d205ee)] - **src**: replace uses of deprecated v8::External APIs (gahaas) [#61898](https://github.com/nodejs/node/pull/61898)
* \[[`cb33a794a5`](https://github.com/nodejs/node/commit/cb33a794a5)] - **src**: remove license headers for new node\_profiling files (Chengzhong Wu) [#63066](https://github.com/nodejs/node/pull/63066)
* \[[`59860eb798`](https://github.com/nodejs/node/commit/59860eb798)] - **src**: swap dotenv and config file parsing order (Marco Ippolito) [#63035](https://github.com/nodejs/node/pull/63035)
* \[[`fda439cb58`](https://github.com/nodejs/node/commit/fda439cb58)] - **src**: use `unique_ptr` for ffi memory management (Anna Henningsen) [#63071](https://github.com/nodejs/node/pull/63071)
* \[[`56917afc57`](https://github.com/nodejs/node/commit/56917afc57)] - **src**: split profiling helpers from util (Ilyas Shabi) [#63008](https://github.com/nodejs/node/pull/63008)
* \[[`fca56a409d`](https://github.com/nodejs/node/commit/fca56a409d)] - **src**: add missing \<cstdlib> for abort() declaration (Charles Kerr) [#63001](https://github.com/nodejs/node/pull/63001)
* \[[`d49c89e915`](https://github.com/nodejs/node/commit/d49c89e915)] - **src**: make node.config.json throw at unknown fields (Marco Ippolito) [#62992](https://github.com/nodejs/node/pull/62992)
* \[[`e89c8e9b68`](https://github.com/nodejs/node/commit/e89c8e9b68)] - **src**: fix crash in GetErrorSource() for invalid using syntax (semimikoh) [#62770](https://github.com/nodejs/node/pull/62770)
* \[[`d89f719ce0`](https://github.com/nodejs/node/commit/d89f719ce0)] - **src**: remove outdated comments in contextify (Chengzhong Wu) [#62932](https://github.com/nodejs/node/pull/62932)
* \[[`5117a3e52b`](https://github.com/nodejs/node/commit/5117a3e52b)] - **src**: simplify `TCPWrap::Connect` signature (Anna Henningsen) [#62929](https://github.com/nodejs/node/pull/62929)
* \[[`41bd288ec7`](https://github.com/nodejs/node/commit/41bd288ec7)] - **src**: align FFI error handling with Node.js source (Anna Henningsen) [#62858](https://github.com/nodejs/node/pull/62858)
* \[[`faaccfb9df`](https://github.com/nodejs/node/commit/faaccfb9df)] - **src**: simplify and fix FFI ArrayBuffer accesses (Anna Henningsen) [#62857](https://github.com/nodejs/node/pull/62857)
* \[[`43bf39c350`](https://github.com/nodejs/node/commit/43bf39c350)] - **src**: use DCHECK in AsyncWrap::MakeCallback instead emiting a warning (Gerhard Stöbich) [#62795](https://github.com/nodejs/node/pull/62795)
* \[[`da52b09859`](https://github.com/nodejs/node/commit/da52b09859)] - **src**: fix MaybeStackBuffer char\_traits deprecation warning (om-ghante) [#62507](https://github.com/nodejs/node/pull/62507)
* \[[`2b12bca317`](https://github.com/nodejs/node/commit/2b12bca317)] - **src**: use context-free V8 message column getters (René) [#62778](https://github.com/nodejs/node/pull/62778)
* \[[`7efc2ce7b3`](https://github.com/nodejs/node/commit/7efc2ce7b3)] - **src**: clean up experimental flag variables (Antoine du Hamel) [#62759](https://github.com/nodejs/node/pull/62759)
* \[[`8273682c87`](https://github.com/nodejs/node/commit/8273682c87)] - **(SEMVER-MINOR)** **src**: allow empty --experimental-config-file (Marco Ippolito) [#61610](https://github.com/nodejs/node/pull/61610)
* \[[`b844c24395`](https://github.com/nodejs/node/commit/b844c24395)] - **src**: coerce `spawnSync` args to string once (Antoine du Hamel) [#62633](https://github.com/nodejs/node/pull/62633)
* \[[`28679d76c4`](https://github.com/nodejs/node/commit/28679d76c4)] - **src**: use stack allocation for small string encoding (Ali Hassan) [#62431](https://github.com/nodejs/node/pull/62431)
* \[[`144ef93735`](https://github.com/nodejs/node/commit/144ef93735)] - **src**: add contextify interceptor debug logs (Chengzhong Wu) [#62460](https://github.com/nodejs/node/pull/62460)
* \[[`d34cfb512e`](https://github.com/nodejs/node/commit/d34cfb512e)] - **stream**: remove redundant method check from iter.pipeToSync (René) [#63099](https://github.com/nodejs/node/pull/63099)
* \[[`a95830b72a`](https://github.com/nodejs/node/commit/a95830b72a)] - **stream**: copyedit `webstreams/adapter.js` (Antoine du Hamel) [#63034](https://github.com/nodejs/node/pull/63034)
* \[[`4bf3e1e084`](https://github.com/nodejs/node/commit/4bf3e1e084)] - **stream**: remove duplicated utility (Antoine du Hamel) [#63031](https://github.com/nodejs/node/pull/63031)
* \[[`214a8c197b`](https://github.com/nodejs/node/commit/214a8c197b)] - **stream**: simplify `setPromiseHandled` utility (Antoine du Hamel) [#63032](https://github.com/nodejs/node/pull/63032)
* \[[`c12a767ff2`](https://github.com/nodejs/node/commit/c12a767ff2)] - **stream**: validate ReadableStream.from iterator objects (Daeyeon Jeong) [#62911](https://github.com/nodejs/node/pull/62911)
* \[[`b09953d2d4`](https://github.com/nodejs/node/commit/b09953d2d4)] - **stream**: reject duplicate nested transferables (Daeyeon Jeong) [#62831](https://github.com/nodejs/node/pull/62831)
* \[[`b9929622f3`](https://github.com/nodejs/node/commit/b9929622f3)] - **stream**: ensuring cross-destruction in \_duplexify to prevent leaks (Daijiro Wachi) [#62824](https://github.com/nodejs/node/pull/62824)
* \[[`c51a39b3ec`](https://github.com/nodejs/node/commit/c51a39b3ec)] - **stream**: simplify `readableStreamFromIterable` (Antoine du Hamel) [#62651](https://github.com/nodejs/node/pull/62651)
* \[[`36078574b9`](https://github.com/nodejs/node/commit/36078574b9)] - **stream**: fix nested compose error propagation (Matteo Collina) [#62556](https://github.com/nodejs/node/pull/62556)
* \[[`e1928cd481`](https://github.com/nodejs/node/commit/e1928cd481)] - **stream**: allow shared array buffer sources in writable webstream adapter (René) [#62163](https://github.com/nodejs/node/pull/62163)
* \[[`450e0519d9`](https://github.com/nodejs/node/commit/450e0519d9)] - **stream**: simplify `createPromiseCallback` (Antoine du Hamel) [#62650](https://github.com/nodejs/node/pull/62650)
* \[[`57e59ea070`](https://github.com/nodejs/node/commit/57e59ea070)] - **stream**: fix writev unhandled rejection in fromWeb (sangwook) [#62297](https://github.com/nodejs/node/pull/62297)
* \[[`958373413c`](https://github.com/nodejs/node/commit/958373413c)] - **stream**: noop pause/resume on destroyed streams (Robert Nagy) [#62557](https://github.com/nodejs/node/pull/62557)
* \[[`ee38d2c43d`](https://github.com/nodejs/node/commit/ee38d2c43d)] - **stream**: refactor duplexify to be less suceptible to prototype pollution (Antoine du Hamel) [#62559](https://github.com/nodejs/node/pull/62559)
* \[[`fbff28f7e6`](https://github.com/nodejs/node/commit/fbff28f7e6)] - **(SEMVER-MINOR)** **stream**: propagate destruction in duplexPair (Ahmed Elhor) [#61098](https://github.com/nodejs/node/pull/61098)
* \[[`d7317f4f90`](https://github.com/nodejs/node/commit/d7317f4f90)] - **stream**: add stream/iter to classic stream adapters (James M Snell) [#62469](https://github.com/nodejs/node/pull/62469)
* \[[`55298c443f`](https://github.com/nodejs/node/commit/55298c443f)] - **test**: accept OpenSSL 4 generic internal error for DH key-type mismatches (Filip Skokan) [#62805](https://github.com/nodejs/node/pull/62805)
* \[[`96581bccc7`](https://github.com/nodejs/node/commit/96581bccc7)] - **test**: update WPT for url to 258f285de0 (Node.js GitHub Bot) [#63087](https://github.com/nodejs/node/pull/63087)
* \[[`c73aba07fb`](https://github.com/nodejs/node/commit/c73aba07fb)] - **test**: run Temporal presence checks without V8 flag (René) [#63028](https://github.com/nodejs/node/pull/63028)
* \[[`9c94dce55b`](https://github.com/nodejs/node/commit/9c94dce55b)] - **test**: export isRiscv64 from common module (Jamie Magee) [#62609](https://github.com/nodejs/node/pull/62609)
* \[[`33c5f7fdbf`](https://github.com/nodejs/node/commit/33c5f7fdbf)] - **test**: normalize known inspector crash as completion (Joyee Cheung) [#62851](https://github.com/nodejs/node/pull/62851)
* \[[`8146a97bc3`](https://github.com/nodejs/node/commit/8146a97bc3)] - **test**: update WPT for streams to f8f26a372f (Node.js GitHub Bot) [#62864](https://github.com/nodejs/node/pull/62864)
* \[[`7c77c301c9`](https://github.com/nodejs/node/commit/7c77c301c9)] - **test**: account for RFC 7919 FFDHE negotiation in OpenSSL 4.0 (Filip Skokan) [#62805](https://github.com/nodejs/node/pull/62805)
* \[[`9bf7604eb6`](https://github.com/nodejs/node/commit/9bf7604eb6)] - **test**: skip tls-deprecated secp256k1 on OpenSSL 4.0 (Filip Skokan) [#62805](https://github.com/nodejs/node/pull/62805)
* \[[`d173604b53`](https://github.com/nodejs/node/commit/d173604b53)] - **test**: use an always invalid cipher and cover OpenSSL 4.0 behaviours (Filip Skokan) [#62805](https://github.com/nodejs/node/pull/62805)
* \[[`72f52163b4`](https://github.com/nodejs/node/commit/72f52163b4)] - **test**: use valid DER OCSP responses (Filip Skokan) [#62805](https://github.com/nodejs/node/pull/62805)
* \[[`e242394ad9`](https://github.com/nodejs/node/commit/e242394ad9)] - **test**: skip test-tls-error-stack when engines are unsupported (Filip Skokan) [#62805](https://github.com/nodejs/node/pull/62805)
* \[[`9bff52ebf8`](https://github.com/nodejs/node/commit/9bff52ebf8)] - **test**: accept renamed OpenSSL 4.0 error code and reason (Filip Skokan) [#62805](https://github.com/nodejs/node/pull/62805)
* \[[`d9b8cc1b68`](https://github.com/nodejs/node/commit/d9b8cc1b68)] - **test**: update test/addons/openssl-binding for OpenSSL 4.0 (Filip Skokan) [#62805](https://github.com/nodejs/node/pull/62805)
* \[[`960fb16287`](https://github.com/nodejs/node/commit/960fb16287)] - **test**: mark test-snapshot-reproducible flaky (Filip Skokan) [#62808](https://github.com/nodejs/node/pull/62808)
* \[[`7a12dd58cf`](https://github.com/nodejs/node/commit/7a12dd58cf)] - **test**: check contextify contextual store behavior in strict mode (René) [#62571](https://github.com/nodejs/node/pull/62571)
* \[[`c73c8e603f`](https://github.com/nodejs/node/commit/c73c8e603f)] - **test**: skip `test-temporal-with-zoneinfo` on system-icu builds (Antoine du Hamel) [#62754](https://github.com/nodejs/node/pull/62754)
* \[[`48a3ca303e`](https://github.com/nodejs/node/commit/48a3ca303e)] - **test**: generate `localstorage.db` in a temp dir (Chengzhong Wu) [#62660](https://github.com/nodejs/node/pull/62660)
* \[[`1a41c2c5db`](https://github.com/nodejs/node/commit/1a41c2c5db)] - **test**: update tls junk data error expectations (Filip Skokan) [#62629](https://github.com/nodejs/node/pull/62629)
* \[[`115e8c2052`](https://github.com/nodejs/node/commit/115e8c2052)] - **test**: ensure WPT report is in out/wpt (Filip Skokan) [#62637](https://github.com/nodejs/node/pull/62637)
* \[[`cb07b918bd`](https://github.com/nodejs/node/commit/cb07b918bd)] - **test**: improve WPT runner summary (Filip Skokan) [#62636](https://github.com/nodejs/node/pull/62636)
* \[[`7f48438380`](https://github.com/nodejs/node/commit/7f48438380)] - **test**: skip url WPT subtests instead of modifying test script (Filip Skokan) [#62635](https://github.com/nodejs/node/pull/62635)
* \[[`4097fb95d7`](https://github.com/nodejs/node/commit/4097fb95d7)] - **test**: capture negative utimes mtime at call time (Yuya Inoue) [#62490](https://github.com/nodejs/node/pull/62490)
* \[[`e29f46df81`](https://github.com/nodejs/node/commit/e29f46df81)] - **test**: allow skipping individual WPT subtests (Filip Skokan) [#62517](https://github.com/nodejs/node/pull/62517)
* \[[`4d546886c3`](https://github.com/nodejs/node/commit/4d546886c3)] - **test**: use on-disk fixture for test-npm-install (Joyee Cheung) [#62584](https://github.com/nodejs/node/pull/62584)
* \[[`5b35eb02ec`](https://github.com/nodejs/node/commit/5b35eb02ec)] - **test**: update WPT for url to 7a3645b79a (Node.js GitHub Bot) [#62591](https://github.com/nodejs/node/pull/62591)
* \[[`7a8610835d`](https://github.com/nodejs/node/commit/7a8610835d)] - **test\_runner**: fix failing suite hooks when marked with `todo` (Moshe Atlow) [#63097](https://github.com/nodejs/node/pull/63097)
* \[[`a8c773a0c7`](https://github.com/nodejs/node/commit/a8c773a0c7)] - **(SEMVER-MINOR)** **test\_runner**: align mock timeout api (sangwook) [#62820](https://github.com/nodejs/node/pull/62820)
* \[[`dc0d757c8a`](https://github.com/nodejs/node/commit/dc0d757c8a)] - **test\_runner**: fix suite rerun edge case (Moshe Atlow) [#62860](https://github.com/nodejs/node/pull/62860)
* \[[`b883a5eaea`](https://github.com/nodejs/node/commit/b883a5eaea)] - **(SEMVER-MINOR)** **test\_runner**: add mock-timers support for AbortSignal.timeout (DeveloperViraj) [#60751](https://github.com/nodejs/node/pull/60751)
* \[[`6fa62b7d58`](https://github.com/nodejs/node/commit/6fa62b7d58)] - **test\_runner**: add `testId` to test events (Moshe Atlow) [#62772](https://github.com/nodejs/node/pull/62772)
* \[[`39e08340ff`](https://github.com/nodejs/node/commit/39e08340ff)] - **test\_runner**: publish to TracingChannel for OTel instrumentation (Moshe Atlow) [#62502](https://github.com/nodejs/node/pull/62502)
* \[[`a21ae1771e`](https://github.com/nodejs/node/commit/a21ae1771e)] - **(SEMVER-MINOR)** **test\_runner**: support test order randomization (Pietro Marchini) [#61747](https://github.com/nodejs/node/pull/61747)
* \[[`cf0edeb65d`](https://github.com/nodejs/node/commit/cf0edeb65d)] - **test\_runner**: add passed, attempt, and diagnostic to SuiteContext (Moshe Atlow) [#62504](https://github.com/nodejs/node/pull/62504)
* \[[`644e2399d6`](https://github.com/nodejs/node/commit/644e2399d6)] - **test\_runner**: add `getTestContext()` (Moshe Atlow) [#62501](https://github.com/nodejs/node/pull/62501)
* \[[`480d538830`](https://github.com/nodejs/node/commit/480d538830)] - **tools**: use `npm ci` in Undici update script (Antoine du Hamel) [#63098](https://github.com/nodejs/node/pull/63098)
* \[[`9afb013edd`](https://github.com/nodejs/node/commit/9afb013edd)] - **tools**: update nixpkgs-unstable to c6d65881c5624c9cae5ea6cedef24699b0c (Node.js GitHub Bot) [#63091](https://github.com/nodejs/node/pull/63091)
* \[[`b9f2f5a90a`](https://github.com/nodejs/node/commit/b9f2f5a90a)] - **tools**: bump postcss from 8.5.8 to 8.5.10 in /tools/doc (dependabot\[bot]) [#62966](https://github.com/nodejs/node/pull/62966)
* \[[`09e4f4caca`](https://github.com/nodejs/node/commit/09e4f4caca)] - **tools**: use LTS Node.js in notify-on-push workflow (Nenad Spasenic) [#63084](https://github.com/nodejs/node/pull/63084)
* \[[`2af4c89774`](https://github.com/nodejs/node/commit/2af4c89774)] - **tools**: implements a few nits on `build-aarch64-linux-v8` (Antoine du Hamel) [#63048](https://github.com/nodejs/node/pull/63048)
* \[[`cf9c1849ca`](https://github.com/nodejs/node/commit/cf9c1849ca)] - **tools**: update gr2m/create-or-update-pull-request-action to v1.10.1 (Mike McCready) [#63065](https://github.com/nodejs/node/pull/63065)
* \[[`96370a57ed`](https://github.com/nodejs/node/commit/96370a57ed)] - **tools**: simplify `update-undici.sh` (Antoine du Hamel) [#63044](https://github.com/nodejs/node/pull/63044)
* \[[`b90486edd8`](https://github.com/nodejs/node/commit/b90486edd8)] - **tools**: do not run `test-linux` on unrelated tools changes (Antoine du Hamel) [#63037](https://github.com/nodejs/node/pull/63037)
* \[[`ac49e7c9fc`](https://github.com/nodejs/node/commit/ac49e7c9fc)] - **tools**: migrate from `openssl-matrix.json` to `openssl-matrix.nix` (Antoine du Hamel) [#63036](https://github.com/nodejs/node/pull/63036)
* \[[`a9df3e37fd`](https://github.com/nodejs/node/commit/a9df3e37fd)] - **tools**: update labels for nixpkgs pin bumps (Antoine du Hamel) [#62994](https://github.com/nodejs/node/pull/62994)
* \[[`cee0154af8`](https://github.com/nodejs/node/commit/cee0154af8)] - **tools**: reuse V8 builds even without Cachix on test-shared (Antoine du Hamel) [#62980](https://github.com/nodejs/node/pull/62980)
* \[[`78c183da6b`](https://github.com/nodejs/node/commit/78c183da6b)] - **tools**: do not include HTML docs in slim tarball (Antoine du Hamel) [#62989](https://github.com/nodejs/node/pull/62989)
* \[[`04ce9df084`](https://github.com/nodejs/node/commit/04ce9df084)] - **tools**: bump the eslint group in /tools/eslint with 4 updates (dependabot\[bot]) [#62848](https://github.com/nodejs/node/pull/62848)
* \[[`4d2952c00a`](https://github.com/nodejs/node/commit/4d2952c00a)] - **tools**: update nixpkgs-unstable to 01fbdeef22b76df85ea168fbfe1bfd9e636 (Node.js GitHub Bot) [#62963](https://github.com/nodejs/node/pull/62963)
* \[[`555ad12f27`](https://github.com/nodejs/node/commit/555ad12f27)] - **tools**: update gyp-next to 0.22.1 (Node.js GitHub Bot) [#62961](https://github.com/nodejs/node/pull/62961)
* \[[`f92cbc2c81`](https://github.com/nodejs/node/commit/f92cbc2c81)] - **tools**: fix commit linter for semver-major release proposals (Antoine du Hamel) [#62993](https://github.com/nodejs/node/pull/62993)
* \[[`3b5bb4d758`](https://github.com/nodejs/node/commit/3b5bb4d758)] - **tools**: consolidate and simplify .editorconfig deps section (Daijiro Wachi) [#62887](https://github.com/nodejs/node/pull/62887)
* \[[`027bef4f3e`](https://github.com/nodejs/node/commit/027bef4f3e)] - **tools**: add non-default OpenSSL versions to the test-shared workflow (Filip Skokan) [#62862](https://github.com/nodejs/node/pull/62862)
* \[[`fdcd7752de`](https://github.com/nodejs/node/commit/fdcd7752de)] - **tools**: set bot as author of tools-deps-update PRs (Antoine du Hamel) [#62856](https://github.com/nodejs/node/pull/62856)
* \[[`ab7be6d987`](https://github.com/nodejs/node/commit/ab7be6d987)] - **tools**: bump brace-expansion from 5.0.4 to 5.0.5 in /tools/eslint (dependabot\[bot]) [#62458](https://github.com/nodejs/node/pull/62458)
* \[[`82281ffd59`](https://github.com/nodejs/node/commit/82281ffd59)] - **tools**: bump brace-expansion in /tools/clang-format (dependabot\[bot]) [#62467](https://github.com/nodejs/node/pull/62467)
* \[[`48bb51b3d7`](https://github.com/nodejs/node/commit/48bb51b3d7)] - **tools**: update nixpkgs-unstable to ab72be9733b41190ea34f1422a3e4e243ed (Node.js GitHub Bot) [#62821](https://github.com/nodejs/node/pull/62821)
* \[[`67baa3254b`](https://github.com/nodejs/node/commit/67baa3254b)] - **tools**: bum...

updateclibot Bot added 2 commits May 15, 2026 13:57
@updateclibot
chore: deps: update node version to 26.1.0"
c8f1b56 
Made with ❤️️ by updatecli
@updateclibot
chore: deps: update pnpm version to 11.1.2"
1e9c18d 
Made with ❤️️ by updatecli
@updateclibot updateclibot Bot added dependencies Pull requests that update a dependency file chore labels May 15, 2026
@updateclibot updateclibot Bot enabled auto-merge May 15, 2026 14:20
@updateclibot updateclibot Bot merged commit b59de5b into main May 15, 2026
7 checks passed
@updateclibot updateclibot Bot deleted the updatecli_main_node_version branch May 15, 2026 15:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

chore dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants