chore(deps): update dependency node to v22.22.0

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Update	Change
node (source)	minor	22.13.0 → 22.22.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

nodejs/node (node)

v22.22.0: 2026-01-13, Version 22.22.0 'Jod' (LTS), @​marco-ippolito

Compare Source

This is a security release.

Notable Changes

lib:

• (CVE-2025-59465) add TLSSocket default error handler
• (CVE-2025-55132) disable futimes when permission model is enabled
  lib,permission:
• (CVE-2025-55130) require full read and write to symlink APIs
  src:
• (CVE-2025-59466) rethrow stack overflow exceptions in async_hooks
  src,lib:
• (CVE-2025-55131) refactor unsafe buffer creation to remove zero-fill toggle
  tls:
• (CVE-2026-21637) route callback exceptions through error handlers

Commits

• [6badf4e6f4] - deps: update c-ares to v1.34.6 (Node.js GitHub Bot) #​60997
• [37509c3ff0] - deps: update undici to 6.23.0 (Matteo Collina) nodejs-private/node-private#791
• [eb8e41f8db] - (CVE-2025-59465) lib: add TLSSocket default error handler (RafaelGSS) nodejs-private/node-private#797
• [ebbf942a83] - (CVE-2025-55132) lib: disable futimes when permission model is enabled (RafaelGSS) nodejs-private/node-private#748
• [6b4849583a] - (CVE-2025-55130) lib,permission: require full read and write to symlink APIs (RafaelGSS) nodejs-private/node-private#760
• [ddadc31f09] - (CVE-2025-59466) src: rethrow stack overflow exceptions in async_hooks (Matteo Collina) nodejs-private/node-private#773
• [d4d9f3915f] - (CVE-2025-55131) src,lib: refactor unsafe buffer creation to remove zero-fill toggle (Сковорода Никита Андреевич) nodejs-private/node-private#759
• [25d6799df6] - (CVE-2026-21637) tls: route callback exceptions through error handlers (Matteo Collina) nodejs-private/node-private#796

v22.21.1: 2025-10-28, Version 22.21.1 'Jod' (LTS), @​aduh95

Compare Source

Commits

• [af33e8e668] - benchmark: remove unused variable from util/priority-queue (Bruno Rodrigues) #​59872
• [6764ce8756] - benchmark: update count to n in permission startup (Bruno Rodrigues) #​59872
• [4e8d99f0dc] - benchmark: update num to n in dgram offset-length (Bruno Rodrigues) #​59872
• [af0a8ba7f8] - benchmark: adjust dgram offset-length len values (Bruno Rodrigues) #​59708
• [78efd1be4a] - benchmark: update num to n in dgram offset-length (Bruno Rodrigues) #​59708
• [df72dc96e9] - console,util: improve array inspection performance (Ruben Bridgewater) #​60037
• [ef67d09f50] - http: improve writeEarlyHints by avoiding for-of loop (Haram Jeong) #​59958
• [23468fd76b] - http2: fix allowHttp1+Upgrade, broken by shouldUpgradeCallback (Tim Perry) #​59924
• [56abc4ac76] - lib: optimize priority queue (Gürgün Dayıoğlu) #​60039
• [ea5cfd98c5] - lib: implement passive listener behavior per spec (BCD1me) #​59995
• [c2dd6eed2f] - process: fix wrong asyncContext under unhandled-rejections=strict (Shima Ryuhei) #​60103
• [81a3055710] - process: fix default env for process.execve (Richard Lau) #​60029
• [fe492c7ace] - process: fix hrtime fast call signatures (Renegade334) #​59600
• [76b4cab8fc] - src: bring permissions macros in line with general C/C++ standards (Anna Henningsen) #​60053
• [21970970c7] - src: remove AnalyzeTemporaryDtors option from .clang-tidy (iknoom) #​60008
• [609c063e81] - src: remove unused variables from report (Moonki Choi) #​60047
• [987841a773] - src: avoid unnecessary string allocations in SPrintF impl (Anna Henningsen) #​60052
• [6e386c0632] - src: make ToLower/ToUpper input args more flexible (Anna Henningsen) #​60052
• [c3be1226c7] - src: allow std::string_view arguments to SPrintF() and friends (Anna Henningsen) #​60058
• [764d35647d] - src: remove unnecessary std::string error messages (Anna Henningsen) #​60057
• [1289ef89ec] - src: remove unnecessary shadowed functions on Utf8Value & BufferValue (Anna Henningsen) #​60056
• [d1fb8a538d] - src: avoid unnecessary string -> char* -> string round trips (Anna Henningsen) #​60055
• [54b439fb5a] - src: fill options_args, options_env after vectors are finalized (iknoom) #​59945
• [c7c597e2ca] - src: use RAII for uv_process_options_t (iknoom) #​59945
• [b928ea9716] - test: ensure that the message event is fired (Luigi Pinca) #​59952
• [e4b95a5158] - test: replace diagnostics_channel stackframe in output snapshots (Chengzhong Wu) #​60024
• [4206406694] - test: mark test-web-locks skip on IBM i (SRAVANI GUNDEPALLI) #​59996
• [26394cd5bf] - test: expand tls-check-server-identity coverage (Diango Gavidia) #​60002
• [b58df47995] - test: fix typo of test-benchmark-readline.js (Deokjin Kim) #​59993
• [af3a59dba8] - test: verify tracing channel doesn't swallow unhandledRejection (Gerhard Stöbich) #​59974
• [cee362242b] - timers: fix binding fast call signatures (Renegade334) #​59600
• [40fea57fdd] - tools: add message on auto-fixing js lint issues in gh workflow (Dario Piotrowicz) #​59128
• [aac90d351b] - tools: verify signatures when updating nghttp* (Antoine du Hamel) #​60113
• [9fae03c7d9] - tools: use dependabot cooldown and move tools/doc (Rafael Gonzaga) #​59978
• [81548abdf6] - wasi: fix WasiFunction fast call signature (Renegade334) #​59600

v22.21.0: 2025-10-20, Version 22.21.0 'Jod' (LTS), @​aduh95

Compare Source

Notable Changes

• [1486fedea1] - (SEMVER-MINOR) cli: add --use-env-proxy (Joyee Cheung) #​59151
• [bedaaa11fc] - (SEMVER-MINOR) http: support http proxy for fetch under NODE_USE_ENV_PROXY (Joyee Cheung) #​57165
• [af8b5fa29d] - (SEMVER-MINOR) http: add shouldUpgradeCallback to let servers control HTTP upgrades (Tim Perry) #​59824
• [42102594b1] - (SEMVER-MINOR) http,https: add built-in proxy support in http/https.request and Agent (Joyee Cheung) #​58980
• [686ac49b82] - (SEMVER-MINOR) src: add percentage support to --max-old-space-size (Asaf Federman) #​59082

Commits

• [a71dd592e3] - benchmark: calibrate config dgram multi-buffer (Bruno Rodrigues) #​59696
• [16c4b466f4] - benchmark: calibrate config cluster/echo.js (Nam Yooseong) #​59836
• [53cb9f3b6c] - build: add the missing macro definitions for OpenHarmony (hqzing) #​59804
• [ec5290fe01] - build: do not include custom ESLint rules testing in tarball (Antoine du Hamel) #​59809
• [1486fedea1] - (SEMVER-MINOR) cli: add --use-env-proxy (Joyee Cheung) #​59151
• [1f93913446] - crypto: use return await when returning Promises from async functions (Renegade334) #​59841
• [f488b2ff73] - crypto: use async functions for non-stub Promise-returning functions (Renegade334) #​59841
• [aed9fd5ac4] - crypto: avoid calls to promise.catch() (Renegade334) #​59841
• [37c2d186f0] - deps: update amaro to 1.1.4 (pmarchini) #​60044
• [28aea13419] - deps: update archs files for openssl-3.5.4 (Node.js GitHub Bot) #​60101
• [ddbc1aa0bb] - deps: upgrade openssl sources to openssl-3.5.4 (Node.js GitHub Bot) #​60101
• [badbba2da9] - deps: update googletest to 50b8600 (Node.js GitHub Bot) #​59955
• [48aaf98a08] - deps: update archs files for openssl-3.5.3 (Node.js GitHub Bot) #​59901
• [e02a562ea6] - deps: upgrade openssl sources to openssl-3.5.3 (Node.js GitHub Bot) #​59901
• [7e0e86cb92] - deps: upgrade npm to 10.9.4 (npm team) #​60074
• [91dda5facf] - deps: update undici to 6.22.0 (Matteo Collina) #​60112
• [3a3220a2f0] - dgram: restore buffer optimization in fixBufferList (Yoo) #​59934
• [09bdcce6b8] - diagnostics_channel: fix race condition with diagnostics_channel and GC (Ugaitz Urien) #​59910
• [b3eeb3bd13] - doc: provide alternative to url.parse() using WHATWG URL (Steven) #​59736
• [1ddaab1904] - doc: mention reverse proxy and include simple example (Steven) #​59736
• [3b3b71e99c] - doc: mark .env files support as stable (Santeri Hiltunen) #​59925
• [d37f67d1bd] - doc: remove optional title prefixes (Aviv Keller) #​60087
• [ca2dff63f9] - doc: fix typo on child_process.md (Angelo Gazzola) #​60114
• [3fca564a05] - doc: add automated migration info to deprecations (Augustin Mauroy) #​60022
• [4bc366fc16] - doc: use "WebAssembly" instead of "Web Assembly" (Tobias Nießen) #​59954
• [4808dbdd9a] - doc: fix typo in section on microtask order (Tobias Nießen) #​59932
• [d6e303d645] - doc: update V8 fast API guidance (René) #​58999
• [0a3a3f729e] - doc: add security escalation policy (Ulises Gascón) #​59806
• [8fd669c70d] - doc: type improvement of file http.md (yusheng chen) #​58189
• [9833dc6060] - doc: rephrase dynamic import() description (Nam Yooseong) #​59224
• [2870a73681] - doc,crypto: update subtle.generateKey and subtle.importKey (Filip Skokan) #​59851
• [85818db93c] - fs,win: do not add a second trailing slash in readdir (Gerhard Stöbich) #​59847
• [bedaaa11fc] - (SEMVER-MINOR) http: support http proxy for fetch under NODE_USE_ENV_PROXY (Joyee Cheung) #​57165
• [af8b5fa29d] - (SEMVER-MINOR) http: add shouldUpgradeCallback to let servers control HTTP upgrades (Tim Perry) #​59824
• [758271ae66] - http: optimize checkIsHttpToken for short strings (방진혁) #​59832
• [42102594b1] - (SEMVER-MINOR) http,https: add built-in proxy support in http/https.request and Agent (Joyee Cheung) #​58980
• [a33ed9bf96] - inspector: ensure adequate memory allocation for Binary::toBase64 (René) #​59870
• [34c686be2b] - lib: update inspect output format for subclasses (Miguel Marcondes Filho) #​59687
• [12e553529c] - lib: add source map support for assert messages (Chengzhong Wu) #​59751
• [d2a70571f8] - lib,src: refactor assert to load error source from memory (Chengzhong Wu) #​59751
• [20a9e86b5d] - meta: move Michael to emeritus (Michael Dawson) #​60070
• [c591cca15c] - meta: bump github/codeql-action from 3.30.0 to 3.30.5 (dependabot[bot]) #​60089
• [090ba141b1] - meta: bump codecov/codecov-action from 5.5.0 to 5.5.1 (dependabot[bot]) #​60091
• [a0ba6884a5] - meta: bump actions/stale from 9.1.0 to 10.0.0 (dependabot[bot]) #​60092
• [0feca0c541] - meta: bump actions/setup-node from 4.4.0 to 5.0.0 (dependabot[bot]) #​60093
• [7cd2b42d18] - meta: bump step-security/harden-runner from 2.12.2 to 2.13.1 (dependabot[bot]) #​60094
• [1f3b9d66ac] - meta: bump actions/cache from 4.2.4 to 4.3.0 (dependabot[bot]) #​60095
• [0fedbb3de7] - meta: bump ossf/scorecard-action from 2.4.2 to 2.4.3 (dependabot[bot]) #​60096
• [04590b8267] - meta: bump actions/setup-python from 5.6.0 to 6.0.0 (dependabot[bot]) #​60090
• [2bf0a9318f] - meta: add .npmrc with ignore-scripts=true (Joyee Cheung) #​59914
• [e10dc7b81c] - module: allow overriding linked requests for a ModuleWrap (Chengzhong Wu) #​59527
• [2237142369] - module: link module with a module request record (Chengzhong Wu) #​58886
• [6d24b88fbc] - node-api: added SharedArrayBuffer api (Mert Can Altin) #​59071
• [4cc84c96f4] - node-api: make napi_delete_reference use node_api_basic_env (Jeetu Suthar) #​59684
• [e790eb6b50] - repl: fix cpu overhead pasting big strings to the REPL (Ruben Bridgewater) #​59857
• [99ea08dc43] - repl: add isValidParentheses check before wrap input (Xuguang Mei) #​59607
• [e4a4f63019] - sqlite: fix crash session extension callbacks with workers (Bart Louwers) #​59848
• [42c5544b97] - src: assert memory calc for max-old-space-size-percentage (Asaf Federman) #​59460
• [686ac49b82] - (SEMVER-MINOR) src: add percentage support to --max-old-space-size (Asaf Federman) #​59082
• [84701ff668] - src: clear all linked module caches once instantiated (Chengzhong Wu) #​59117
• [8e182e561f] - src: remove unnecessary Environment::GetCurrent() calls (Moonki Choi) #​59814
• [c9cde35c4d] - src: simplify is_callable by making it a concept (Tobias Nießen) #​58169
• [892b425ee1] - src: rename private fields to follow naming convention (Moonki Choi) #​59923
• [36b68db7f5] - src: reduce the nearest parent package JSON cache size (Michael Smith) #​59888
• [26b40bad02] - src: replace FIXED_ONE_BYTE_STRING with Environment-cached strings (Moonki Choi) #​59891
• [34dcb7dc32] - src: create strings in FIXED_ONE_BYTE_STRING as internalized (Anna Henningsen) #​59826
• [4d748add05] - src: remove std::array overload of FIXED_ONE_BYTE_STRING (Anna Henningsen) #​59826
• [bb6fd7c2d1] - src: ensure v8::Eternal is empty before setting it (Anna Henningsen) #​59825
• [7a91282bf9] - src: use simdjson::pad (0hm☘️) #​59391
• [ba00875f01] - stream: use new AsyncResource instead of bind (Matteo Collina) #​59867
• [ebec3ef68b] - (SEMVER-MINOR) test: move http proxy tests to test/client-proxy (Joyee Cheung) #​58980
• [7067d79fb3] - test: mark sea tests flaky on macOS x64 (Richard Lau) #​60068
• [ca1942c9d5] - test: testcase demonstrating issue 59541 (Eric Rannaud) #​59801
• [660d57355e] - test,doc: skip --max-old-space-size-percentage on 32-bit platforms (Asaf Federman) #​60144
• [19a7b1ef26] - tls: load bundled and extra certificates off-thread (Joyee Cheung) #​59856
• [095e7a81fc] - tls: only do off-thread certificate loading on loading tls (Joyee Cheung) #​59856
• [c42c1204c7] - tools: fix tools/make-v8.sh for clang (Richard Lau) #​59893
• [b632a1d98d] - tools: skip test-internet workflow for draft PRs (Michaël Zasso) #​59817
• [6021c3ac76] - tools: copyedit build-tarball.yml (Antoine du Hamel) #​59808
• [ef005d0c9b] - typings: update 'types' binding (René) #​59692
• [28ef564ecd] - typings: remove unused imports (Nam Yooseong) #​59880
• [f88752ddb6] - url: replaced slice with at (Mikhail) #​59181
• [24c224960c] - url: add type checking to urlToHttpOptions() (simon-id) #​59753
• [f2fbcc576d] - util: fix debuglog.enabled not being present with callback logger (Ruben Bridgewater) #​59858
• [6277058e43] - vm: sync-ify SourceTextModule linkage (Chengzhong Wu) #​59000
• [5bf21a4309] - vm: explain how to share promises between contexts w/ afterEvaluate (Eric Rannaud) #​59801
• [312b33a083] - vm: "afterEvaluate", evaluate() return a promise from the outer context (Eric Rannaud) #​59801
• [1eadab863c] - win,tools: add description to signature (Martin Costello) #​59877
• [816e1befb1] - zlib: reduce code duplication (jhofstee) #​57810

v22.20.0: 2025-09-24, Version 22.20.0 'Jod' (LTS), @​richardlau

Compare Source

Notable Changes

OpenSSL updated to 3.5.2

For official Node.js builds, or builds using the default build configuration, Node.js now bundles OpenSSL 3.5.2. This update allows Node.js 22.x to be supported through to the planned End-of-Life date of 2027-04-30 as the previously bundled OpenSSL 3.0.x goes out of support in September 2026.

This change does not affect third-party builds of Node.js that link to an external OpenSSL (or OpenSSL-compatible) library.

Other notable changes

• [5b83e1e0a2] - crypto: update root certificates to NSS 3.114 (Node.js GitHub Bot) #​59571
• [34b25fd97b] - doc: stabilize --disable-sigusr1 (Rafael Gonzaga) #​59707
• [bf41218ed9] - doc: mark path.matchesGlob as stable (Aviv Keller) #​59572
• [1dbad2058f] - (SEMVER-MINOR) http: add Agent.agentKeepAliveTimeoutBuffer option (Haram Jeong) #​59315
• [062e837d5f] - (SEMVER-MINOR) http2: add support for raw header arrays in h2Stream.respond() (Tim Perry) #​59455
• [b8066611c3] - inspector: add http2 tracking support (Darshan Sen) #​59611
• [9b7dd40da8] - (SEMVER-MINOR) sea: implement execArgvExtension (Joyee Cheung) #​59560
• [48bfbd3dca] - (SEMVER-MINOR) sea: support execArgv in sea config (Joyee Cheung) #​59314
• [cf06e74076] - (SEMVER-MINOR) stream: add brotli support to CompressionStream and DecompressionStream (Matthew Aitken) #​59464
• [62bb80c17e] - (SEMVER-MINOR) test_runner: support object property mocking (Idan Goshen) #​58438
• [9e2aa23be9] - (SEMVER-MINOR) worker: add cpu profile APIs for worker (theanarkh) #​59428

Commits

• [b7b78fd565] - assert: cap input size in myersDiff to avoid Int32Array overflow (Haram Jeong) #​59578
• [9da50a6c53] - benchmark: sqlite prevent create both tables on prepare selects (Bruno Rodrigues) #​59709
• [4c1538770e] - benchmark: calibrate config array-vs-concat (Rafael Gonzaga) #​59587
• [fc3f82d683] - benchmark: calibrate config v8/serialize.js (Rafael Gonzaga) #​59586
• [e95c9b2950] - benchmark: reduce readfile-permission-enabled config (Rafael Gonzaga) #​59589
• [e4fea38b31] - benchmark: calibrate length of util.diff (Rafael Gonzaga) #​59588
• [c5d68c4a0f] - benchmark, test: replace CRLF variable with string literal (Lee Jiho) #​59466
• [129a1d673b] - build: fix getting OpenSSL version on Windows (Michaël Zasso) #​59609
• [9f53db7162] - build: fix 'implicit-function-declaration' on OpenHarmony platform (hqzing) #​59547
• [3839593e07] - build: use windows-2025 runner (Michaël Zasso) #​59673
• [e430464669] - build: compile bundled uvwasi conditionally (Carlo Cabrera) #​59622
• [e2c9cab0cd] - build: do not set -mminimal-toc with clang (Richard Lau) #​59484
• [208bc810a1] - child_process: remove unsafe array iteration (hotpineapple) #​59347
• [d74799d90c] - crypto: load system CA certificates off thread (Joyee Cheung) #​59550
• [5b83e1e0a2] - crypto: update root certificates to NSS 3.114 (Node.js GitHub Bot) #​59571
• [d289b1d1af] - deps: V8: cherry-pick e3df60f (Chengzhong Wu) #​58691
• [cf5d91e2a6] - deps: update uvwasi to 0.0.23 (Node.js GitHub Bot) #​59791
• [1cf24a0445] - deps: update histogram to 0.11.9 (Node.js GitHub Bot) #​59689
• [8638bd3f2e] - deps: update googletest to eb2d85e (Node.js GitHub Bot) #​59335
• [3ff4eb5b37] - deps: update amaro to 1.1.2 (Node.js GitHub Bot) #​59616
• [4d268ac034] - deps: V8: cherry-pick 7b91e3e (Milad Fa) #​59485
• [83410eb0e3] - deps: V8: cherry-pick 59d52e3 (Milad Fa) #​59485
• [5780af02cb] - deps: update amaro to 1.1.1 (Node.js GitHub Bot) #​59141
• [2986eca821] - deps: V8: cherry-pick 6b1b9bc (zhoumingtao) #​59283
• [98e399b3ea] - deps: update archs files for openssl-3.5.2 (Node.js GitHub Bot) #​59371
• [2b983a7520] - deps: upgrade openssl sources to openssl-3.5.2 (Node.js GitHub Bot) #​59371
• [7ffbb42454] - deps: update archs files for openssl-3.5.1 (Node.js GitHub Bot) #​59234
• [bd48a60a75] - deps: upgrade openssl sources to openssl-3.5.1 (Node.js GitHub Bot) #​59234
• [24762a10ca] - deps: fix OpenSSL security level at 1 (Richard Lau) #​59859
• [1233e92d10] - diagnostics_channel: revoke DEP0163 (René) #​59758
• [34b25fd97b] - doc: stabilize --disable-sigusr1 (Rafael Gonzaga) #​59707
• [d7adf8be64] - doc: update "Type stripping in dependencies" section (Josh Kelley) #​59652
• [a1d7e4fdbf] - doc: add Miles Guicent as triager (Miles Guicent) #​59562
• [bf41218ed9] - doc: mark path.matchesGlob as stable (Aviv Keller) #​59572
• [afaa1ccb74] - doc: improve documentation for raw headers in HTTP/2 APIs (Tim Perry) #​59633
• [b95ff56102] - doc: update install_tools.bat free disk space (Stefan Stojanovic) #​59579
• [6ff939b8d3] - doc: fix filehandle.read typo (Ruy Adorno) #​59635
• [963bfa9d6f] - doc: fix missing link to the Error documentation in the http page (Alexander Makarenko) #​59080
• [0e10a8ea27] - doc: improve sqlite.backup() progress/fulfillment documentation (René) #​59598
• [18ceefbabd] - doc: clarify experimental platform vulnerability policy (Matteo Collina) #​59591
• [66cdd00368] - doc: link to TypedArray.from() in signature (Aviv Keller) #​59226
• [9f058ce7c0] - doc: fix typos in environment_variables.md (PhistucK) #​59536
• [3cfec820e9] - doc: add security incident reponse plan (Rafael Gonzaga) #​59470
• [46aa3434e6] - doc: clarify maxRSS unit in process.resourceUsage() (Alex Yang) #​59511
• [adf98f600a] - doc: add missing Zstd strategy constants (RANDRIAMANANTENA Narindra Tiana Annaick) #​59312
• [f335989942] - doc: fix the version tls.DEFAULT_CIPHERS was added (Allon Murienik) #​59247
• [7fa14fcf54] - doc: clarify glob's exclude option behavior (hotpineapple) #​59245
• [85b8d255c9] - doc: add RafaelGSS as performance strategic lead (Rafael Gonzaga) #​59445
• [16b1f7a602] - doc: add new environment variables doc page (Dario Piotrowicz) #​59052
• [b4a43ed83a] - doc: add missing environment variables to manpage (amir lavasani) #​58963
• [c923cfe898] - doc: fix links in test.md (Vas Sudanagunta) #​58876
• [a93a8b5eda] - doc: mark type stripping as release candidate (Marco Ippolito) #​57705
• [d302cb3bb2] - esm: add experimental support for addon modules (Chengzhong Wu) #​55844
• [d55c3e7f0b] - esm: link modules synchronously when no async loader hooks are used (Joyee Cheung) #​59519
• [9e1fbb620f] - esm: show race error message for inner module job race (Joyee Cheung) #​59519
• [8c4dcd5199] - esm: sync-ify module translation (Joyee Cheung) #​59453
• [71038932d3] - fs: fix wrong order of file names in cpSync error message (Nicholas Paun) #​59775
• [5692dec451] - fs: fix dereference: false on cpSync (Nicholas Paun) #​59681
• [dafd561d37] - fs: fix return value of fs APIs (theanarkh) #​58996
• [da6e8cb75b] - http: unbreak keepAliveTimeoutBuffer (Robert Nagy) #​59784
• [673a48f0a2] - http: use cached '1.1' http version string (Robert Nagy) #​59717
• [1dbad2058f] - (SEMVER-MINOR) http: add Agent.agentKeepAliveTimeoutBuffer option (Haram Jeong) #​59315
• [062e837d5f] - (SEMVER-MINOR) http2: add support for raw header arrays in h2Stream.respond() (Tim Perry) #​59455
• [4d4fb51b89] - http2: report sent headers object in client stream dcs (Darshan Sen) #​59419
• [b8066611c3] - inspector: add http2 tracking support (Darshan Sen) #​59611
• [9b2c013032] - inspector: prevent propagation of promise hooks to noPromise hooks (Shima Ryuhei) #​58841
• [a2329895e7] - lib: fix DOMException subclass support (Chengzhong Wu) #​59680
• [edb9248bdd] - lib: make domexception a native error (Chengzhong Wu) #​58691
• [ccf29cda19] - Revert "lib: optimize writable stream buffer clearing" (Yoo) #​59743
• [f291eda277] - lib: fix isReadable and isWritable return type value (Gabriel Quaresma) #​59089
• [10ae8684ea] - lib: revert to using default derived class constructors (René) #​59650
• [5d3b80d62d] - lib: do not modify prototype deprecated asyncResource (encore) (Szymon Łągiewka) #​59518
• [3c4541f878] - lib: simplify IPv6 checks in isLoopback() (Krishnadas) #​59375
• [0b631bbffa] - lib: handle windows reserved device names on UNC (Rafael Gonzaga) #​59286
• [297f62ba1f] - meta: bump codecov/codecov-action (dependabot[bot]) #​59726
• [3dcd8446b6] - meta: bump actions/download-artifact from 4.3.0 to 5.0.0 (dependabot[bot]) #​59729
• [d0d357f683] - meta: bump github/codeql-action from 3.29.2 to 3.30.0 (dependabot[bot]) #​59728
• [2a0e264949] - meta: bump actions/cache from 4.2.3 to 4.2.4 (dependabot[bot]) #​59727
• [0a013d1da1] - meta: bump actions/checkout from 4.2.2 to 5.0.0 (dependabot[bot]) #​59725
• [c690b53d24] - meta: update devcontainer to the latest schema (Aviv Keller) #​54347
• [61171c7756] - module: correctly detect top-level await in ambiguous contexts (Shima Ryuhei) #​58646
• [75bf3f4a87] - node-api: link to other programming language bindings (Chengzhong Wu) #​59516
• [9a05107558] - node-api: clarify enum value ABI stability (Chengzhong Wu) #​59085
• [658c31d60c] - path: refactor path joining logic for clarity and performance (Lee Jiho) #​59781
• [9cc89f55f7] - path,win: fix bug in resolve and normalize (Hüseyin Açacak) #​55623
• [24e825f8f5] - sea: implement sea.getAssetKeys() (Joyee Cheung) #​59661
• [c66af21e55] - sea: allow using inspector command line flags with SEA (Joyee Cheung) #​59568
• [9b7dd40da8] - (SEMVER-MINOR) sea: implement execArgvExtension (Joyee Cheung) #​59560
• [48bfbd3dca] - (SEMVER-MINOR) sea: support execArgv in sea config (Joyee Cheung) #​59314
• [5559456fe4] - sqlite: add sqlite-type symbol for DatabaseSync (Alex Yang) #​59405
• [3478130da3] - sqlite: handle ?NNN parameters as positional (Edy Silva) #​59350
• [312bc4e5d1] - sqlite: avoid useless call to FromMaybe() (Tobias Nießen) #​59490
• [937e9bb1c6] - src: track BaseObjects with an efficient list (Chengzhong Wu) #​55104
• [be2a5e170d] - src: track async resources via pointers to stack-allocated handles (Anna Henningsen) #​59704
• [f232bf2c11] - src: fix build on NetBSD (Thomas Klausner) #​59718
• [e9a685bc3d] - src: fix race on process exit and off thread CA loading (Chengzhong Wu) #​59632
• [24428fc8fb] - src: add name for more threads (theanarkh) #​59601
• [fd7559f8c3] - src: remove JSONParser (Joyee Cheung) #​59619
• [8c296bac99] - src: enforce assumptions in FIXED_ONE_BYTE_STRIN

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.