2026-05-20, Version 26.2.0 (Current)#63440
Draft
github-actions[bot] wants to merge 107 commits into
Draft
Conversation
Signed-off-by: James M Snell <jasnell@gmail.com> Assisted-by: Opencode:Opus 4.6 PR-URL: #62876 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Paolo Insogna <paolo@cowtech.it> Reviewed-By: Robert Nagy <ronagy@icloud.com>
When Promise.race() or Promise.any() settles, V8 fires kPromiseResolveAfterResolved / kPromiseRejectAfterResolved for each "losing" promise. The PromiseRejectCallback in node_task_queue.cc was crossing into JS for these events, but since the multipleResolves event reached EOL in v25 (PR #58707), the JS handler does nothing. The unnecessary C++-to-JS boundary crossings accumulate references in a tight loop, causing OOM when using Promise.race() with immediately-resolving promises. Return early in PromiseRejectCallback() for these two events, skipping the JS callback entirely. Also remove the dead case branches and unused constant imports from the JS side. Move early returns for kPromiseResolveAfterResolved and kPromiseRejectAfterResolved before Number::New and CHECK(!callback), avoiding unnecessary work. Remove dead NODE_DEFINE_CONSTANT exports and fix comment placement in the JS switch statement. Bump test --max-old-space-size from 20 to 64 for safety on instrumented builds. Fixes: #51452 Refs: #60184 Refs: #61960 PR-URL: #62336 Refs: #51452 Reviewed-By: Jordan Harband <ljharb@gmail.com> Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Gürgün Dayıoğlu <hey@gurgun.day>
Signed-off-by: Mert Can Altin <mertgold60@gmail.com> PR-URL: #63144 Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
Replace the O(n) case-insensitive algorithm-name scan
with an O(1) SafeMap lookup. The map is pre-built at
module init alongside kSupportedAlgorithms.
Hoist the opts object literal used in normalizeAlgorithm
to module level to avoid allocating identical
{ prefix, context } objects on every call.
Pre-compute ObjectKeys() for simpleAlgorithmDictionaries
entries at module init to avoid allocating a new keys
array on every normalizeAlgorithm call.
Signed-off-by: Filip Skokan <panva.ip@gmail.com>
PR-URL: #62756
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Replace object spread in nested WebIDL conversion options with stable-shape ordinary objects. This keeps hot dictionary and sequence conversion paths from allocating null-prototype spread results. Apply the same pattern to Web Crypto converter wrappers that override allowResizable or enable [EnforceRange]. Signed-off-by: Filip Skokan <panva.ip@gmail.com> PR-URL: #62756 Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Signed-off-by: Antoine du Hamel <duhamelantoine1995@gmail.com> PR-URL: #63113 Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: René <contact.9a5d6388@renegade334.me.uk> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Signed-off-by: Filip Skokan <panva.ip@gmail.com> PR-URL: #63104 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Signed-off-by: Marco Ippolito <marcoippolito54@gmail.com> PR-URL: #63033 Reviewed-By: Pietro Marchini <pietro.marchini94@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Signed-off-by: Marco Ippolito <marcoippolito54@gmail.com> PR-URL: #63033 Reviewed-By: Pietro Marchini <pietro.marchini94@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Since they aren't built by default Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: #63149 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Tim Perry <pimterry@gmail.com>
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com> PR-URL: #63047 Reviewed-By: Paolo Insogna <paolo@cowtech.it> Reviewed-By: James M Snell <jasnell@gmail.com>
Signed-off-by: Matteo Collina <hello@matteocollina.com> PR-URL: #62673 Reviewed-By: Daniel Lemire <daniel@lemire.me> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Edy Silva <edigleyssonsilva@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
- For imported CJS, if it's not customized by asynchronous hooks, make sure it won't use the quirky re-invented require in all cases. - When the imported CJS module is customized by synchronous hooks, in the synthetic module evalutation step, avoid calling the respective default step again. - Make the branching of loadCJSModuleWithModuleLoad() and loadCJSModuleWithSpecialRequire() more explicit, and fold the tentative fs read in the 'commonjs' translator into the share createCJSModuleWrap() helper instead of checking it twice in the same path. Signed-off-by: Joyee Cheung <joyeec9h3@gmail.com> PR-URL: #62920 Fixes: #63060 Reviewed-By: Paolo Insogna <paolo@cowtech.it> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Gürgün Dayıoğlu <hey@gurgun.day>
Signed-off-by: Filip Skokan <panva.ip@gmail.com> PR-URL: #63134 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: James M Snell <jasnell@gmail.com>
Move KeyObject type and handle storage behind NativeKeyObject and expose it to JS through a module-private slot reader, mirroring the CryptoKey hardening. Cache the native slot tuple in a private field and lazily derive secret and asymmetric metadata from the cached KeyObjectHandle. Update internal crypto, QUIC, and comparison callers to use private helpers instead of public KeyObject accessors. Keep getKeyObjectSlots restricted to internal/crypto/keys with an ESLint guard. Add regression coverage for brand checks, hidden slots, clone and transfer behavior, own-property reflection, and post-clone crypto operations. Extend the CryptoKey brand test to assert getSlots is not reachable through the public constructor or prototype chain. Signed-off-by: Filip Skokan <panva.ip@gmail.com> PR-URL: #63111 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Clone CryptoKey algorithm dictionaries into null-prototype objects before storing or caching them internally. Copy nested hash dictionaries and publicExponent bytes so internal consumers and transferred keys do not observe user-mutable input objects or polluted Object.prototype fields. Keep public algorithm and inspect output as ordinary objects. Make the clone path check only own hash and publicExponent properties. Signed-off-by: Filip Skokan <panva.ip@gmail.com> PR-URL: #63111 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Add ESLint rules that reject public KeyObject and CryptoKey accessor reads after internal brand checks. Internal code must use the private key helpers so it reads native-backed slots instead of user-replaceable properties. Add a separate rule that rejects instanceof checks against KeyObject and CryptoKey constructors, including the global CryptoKey constructor. Signed-off-by: Filip Skokan <panva.ip@gmail.com> PR-URL: #63111 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Signed-off-by: Antoine du Hamel <duhamelantoine1995@gmail.com> PR-URL: #63147 Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Signed-off-by: geeksilva97 <edigleyssonsilva@gmail.com> PR-URL: #63152 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: René <contact.9a5d6388@renegade334.me.uk>
Signed-off-by: Renegade334 <contact.9a5d6388@renegade334.me.uk> PR-URL: #63132 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com> PR-URL: #63131 Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Signed-off-by: James M Snell <jasnell@gmail.com> Assisted-by: Opencode:Opus 4.6 PR-URL: #63157 Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Tim Perry <pimterry@gmail.com>
PR-URL: #62812 Reviewed-By: James M Snell <jasnell@gmail.com>
Map BoringSSL's native renegotiation failure to ERR_TLS_RENEGOTIATION_UNSUPPORTED when TLSSocket#renegotiate() is called. This avoids exposing an implementation-specific OpenSSL error when the TLS backend does not support caller-initiated renegotiation. Signed-off-by: Filip Skokan <panva.ip@gmail.com> PR-URL: #63161 Reviewed-By: Tim Perry <pimterry@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: #63177 Reviewed-By: Tim Perry <pimterry@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>
Signed-off-by: James M Snell <jasnell@gmail.com> PR-URL: #63177 Reviewed-By: Tim Perry <pimterry@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>
The Platform support section of the single-executable-applications doc listed `macOS` without qualifying which architecture is supported. SEA on x64 macOS is not supported and is skipped in CI; only arm64 macOS is exercised. Refs: #62893 Signed-off-by: mokashang <64570909+mokashang@users.noreply.github.com> PR-URL: #63181 Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
Signed-off-by: Antoine du Hamel <duhamelantoine1995@gmail.com> PR-URL: #63199 Reviewed-By: Jacob Smith <jacob@frende.me> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Chemi Atlow <chemi@atlow.co.il> Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com>
Signed-off-by: LiviaMedeiros <livia@cirno.name> PR-URL: #63328 Reviewed-By: René <contact.9a5d6388@renegade334.me.uk> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Signed-off-by: Antoine du Hamel <duhamelantoine1995@gmail.com> PR-URL: #63329 Fixes: nodejs/admin#1058 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Moshe Atlow <moshe@atlow.co.il>
Add OPENSSL_WITH_* feature macros for crypto capabilities that vary by OpenSSL version and use those instead of repeating version checks. Signed-off-by: Filip Skokan <panva.ip@gmail.com> PR-URL: #63255 Refs: electron/electron#36256 Refs: electron/electron#41720 Refs: electron/electron#51127 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Signed-off-by: Filip Skokan <panva.ip@gmail.com> PR-URL: #63255 Refs: electron/electron#36256 Refs: electron/electron#41720 Refs: electron/electron#51127 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Signed-off-by: Filip Skokan <panva.ip@gmail.com> PR-URL: #63255 Refs: electron/electron#36256 Refs: electron/electron#41720 Refs: electron/electron#51127 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Signed-off-by: Filip Skokan <panva.ip@gmail.com> PR-URL: #63255 Refs: electron/electron#36256 Refs: electron/electron#41720 Refs: electron/electron#51127 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Signed-off-by: marcopiraccini <marco.piraccini@gmail.com> PR-URL: #63100 Reviewed-By: Paolo Insogna <paolo@cowtech.it> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
merge() treated any final non-iterable object as an options object. That dropped valid from() inputs such as ArrayBuffer, ArrayBufferView, and streamable protocol objects. Fixes: #63355 Signed-off-by: Kamat, Trivikram <16024985+trivikr@users.noreply.github.com> Assisted-by: openai:gpt-5.5 PR-URL: #63356 Fixes: #63355 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: René <contact.9a5d6388@renegade334.me.uk>
Avoid normalizing sync iterable sources through from() when pipeTo() has no transforms or signal and the writer can accept sync writes. This keeps writes incremental while preserving async fallback for values that still need it. Signed-off-by: Kamat, Trivikram <16024985+trivikr@users.noreply.github.com> Assisted-by: openai:gpt-5.5 PR-URL: #63318 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ethan Arrowood <ethan@arrowood.dev>
Signed-off-by: Ali Hassan <ali-hassan27@outlook.com> PR-URL: #62704 Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
Only decrement the remaining byte count after a stream/iter broadcast write is accepted. If writeSync() is blocked by strict backpressure, fall back to the async write() path for the same chunk. Signed-off-by: Kamat, Trivikram <16024985+trivikr@users.noreply.github.com> Assisted-by: openai:gpt-5.5 PR-URL: #63314 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
This test randomly times out (~120s) on CI due to a race condition between child-process restart (triggered by touching the watched file) and the second inspector-session connection. The old code used an interval-based restart (write every 500ms) and a 'gettingDebuggedPid' flag to pause writes during a session. This still left a race window where getDebuggedPid() would attempt to connect the inspector via HTTP GET /json/list + WebSocket upgrade either before the new child was ready (empty target list) or after the old session was being destroyed, causing the promise to hang. Fix: Replace the interval with a single write that triggers exactly one restart, then wait for the restarted child's 'safe to debug now' stdout line before connecting the second inspector session. This eliminates the race by ensuring the new child process and its inspector session are fully ready before any connection attempt. Removes the now-unused gettingDebuggedPid flag and the pending setTimeout delay that was needed as a backstop for the interval. Fixes: #44898 Signed-off-by: Matteo Collina <hello@matteocollina.com> PR-URL: #63361 Reviewed-By: Moshe Atlow <moshe@atlow.co.il> Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Signed-off-by: Mike McCready <66998419+MikeMcC399@users.noreply.github.com> PR-URL: #63367 Refs: #63225 Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Ulises Gascón <ulisesgascongonzalez@gmail.com> Reviewed-By: Stefan Stojanovic <stefan.stojanovic@janeasystems.com>
PR-URL: #63375 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
There was an assumption that the `WeakRef` would be kept alive but it seems to not always be true on Windows. This commit makes sure it's kept alive. Signed-off-by: Antoine du Hamel <duhamelantoine1995@gmail.com> PR-URL: #63244 Reviewed-By: Richard Lau <richard.lau@ibm.com> Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br> Reviewed-By: Stefan Stojanovic <stefan.stojanovic@janeasystems.com>
Signed-off-by: inoway46 <inoueyuya416@gmail.com> PR-URL: #63244 Reviewed-By: Richard Lau <richard.lau@ibm.com> Reviewed-By: Vinícius Lourenço Claro Cardoso <contact@viniciusl.com.br> Reviewed-By: Stefan Stojanovic <stefan.stojanovic@janeasystems.com>
PR-URL: #63374 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Bumps the eslint group in /tools/eslint with 4 updates: [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core), [@babel/eslint-parser](https://github.com/babel/babel/tree/HEAD/eslint/babel-eslint-parser), [@babel/plugin-syntax-import-source](https://github.com/babel/babel/tree/HEAD/packages/babel-plugin-syntax-import-source) and [eslint](https://github.com/eslint/eslint). Updates `@babel/core` from 8.0.0-rc.3 to 8.0.0-rc.4 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v8.0.0-rc.4/packages/babel-core) Updates `@babel/eslint-parser` from 8.0.0-rc.3 to 8.0.0-rc.4 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v8.0.0-rc.4/eslint/babel-eslint-parser) Updates `@babel/plugin-syntax-import-source` from 8.0.0-rc.3 to 8.0.0-rc.4 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v8.0.0-rc.4/packages/babel-plugin-syntax-import-source) Updates `eslint` from 10.2.0 to 10.2.1 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v10.2.0...v10.2.1) --- updated-dependencies: - dependency-name: "@babel/core" dependency-version: 8.0.0-rc.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: eslint - dependency-name: "@babel/eslint-parser" dependency-version: 8.0.0-rc.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: eslint - dependency-name: "@babel/plugin-syntax-import-source" dependency-version: 8.0.0-rc.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: eslint - dependency-name: eslint dependency-version: 10.2.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: eslint ... PR-URL: #63075 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: #63377 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Trigger watch restarts by appending whitespace instead of rewriting watched modules. This avoids transient empty or partial ESM dependency contents while the restarted worker is loading. Use a separate temporary directory for each subtest so concurrent subtests do not share worker and dependency file names. Signed-off-by: Kamat, Trivikram <16024985+trivikr@users.noreply.github.com> Assisted-by: openai:gpt-5.5 PR-URL: #63384 Refs: https://github.com/nodejs/reliability/blob/main/reports/2026-05-17.md#jstest-failure Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Use performFileOperation() for test runner watch updates so the run() API path schedules a single delayed write instead of rewriting the file until the second run completes. Repeated writes can trigger another watch restart while the previous rerun is still active. The runner then terminates the in-flight child process with SIGTERM, which can make the captured output include both a failed file-level subtest and the next successful run. Also count only root summary duration lines when detecting completed runs. Signed-off-by: Kamat, Trivikram <16024985+trivikr@users.noreply.github.com> Assisted-by: openai:gpt-5.5 PR-URL: #63386 Refs: https://github.com/nodejs/reliability/blob/main/reports/2026-05-17.md#jstest-failure Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Chemi Atlow <chemi@atlow.co.il>
Collaborator
|
Review requested:
|
github-actions
Bot
added
release
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
2026-05-20, Version 26.2.0 (Current), @aduh95
Notable Changes
189d43a193] - doc: mark stream.compose stable (Matteo Collina) #62562f858c6140e] - (SEMVER-MINOR) fs: addTemporal.Instantsupport toStatsandBigIntStats(Livia Medeiros) #607890cbb3895df] - (SEMVER-MINOR) http: add writeInformation to send arbitrary 1xx status codes (Tim Perry) #63155Commits
9a394bab84] - benchmark: respect stream/iter broadcast backpressure (Trivikram Kamat) #63314ad98b4620b] - crypto: align verifyOneShot accepted types (Anshika Jain) #63280ba0736a847] - crypto: wire ML-DSA and ML-KEM for use when using BoringSSL (Filip Skokan) #632555573a6a4a8] - crypto: wire ChaCha20-Poly1305 in Web Cryptography when using BoringSSL (Filip Skokan) #632557dc563b8d6] - crypto: wire AES-KW in Web Cryptography when using BoringSSL (Filip Skokan) #63255b55e2b1f4d] - crypto: improve system certificate enumeration logic on macOS (Robo) #62576fd509a755a] - crypto: harden CryptoKey algorithm slots (Filip Skokan) #631118657df39e7] - crypto: harden KeyObject internal slots (Filip Skokan) #63111729274e046] - crypto: reject invalid raw key imports (Filip Skokan) #631348fc9cb9c01] - crypto: improve accuracy of SubtleCrypto.supports (Filip Skokan) #63104288065cb3f] - crypto: optimize normalizeAlgorithm dispatch hot path (Filip Skokan) #62756ecf3797d09] - debugger: disambiguate probe location binding (Joyee Cheung) #63286bdc57135fd] - debugger: add --help tonode inspectand improve docs (Joyee Cheung) #632012a6e6058e9] - deps: update undici to 8.3.0 (Node.js GitHub Bot) #63377327b927271] - deps: update corepack to 0.35.0 (Node.js GitHub Bot) #633755828fadf52] - deps: update sqlite to 3.53.1 (Node.js GitHub Bot) #63217fe127a999b] - deps: update simdjson to 4.6.4 (Node.js GitHub Bot) #62811a34c4ea159] - deps: V8: cherry-pick 435a2cdf664c (Matthias Liedtke) #63136ad91efcc43] - deps: cherry-pick libuv/libuv@a43e543 (Ali Hassan) #632225ea6c3ee7e] - deps: add missing static linking targets for libffi (Paolo Insogna) #63168c1f6ba22b4] - deps: update ngtcp2 to 1.22.1 (Node.js GitHub Bot) #62812f0d008439b] - doc: add Rust toolchain manual installation instructions Windows (Mike McCready) #6336768b1220fbd] - doc: remove inactive members from Triagers list (Antoine du Hamel) #63329189d43a193] - doc: mark stream.compose stable (Matteo Collina) #62562c4fb894039] - doc: fix CHANGELOG (Richard Lau) #632929f319a77e4] - doc: reference correct function in Module docs (Robin Malfait) #632472c13acc88e] - doc: replace Visual Studio 2022 Evergreen version reference with 17.14 (Mike McCready) #632117e42c336c9] - doc: recommend explicitly Tier 1 or 2 for production applications (Mike McCready) #63187d99e0bb6d5] - doc: document Temporal configure flags in BUILDING.md (ChrisJr404) #63248c0ea77b305] - doc: run license-builder (github-actions[bot]) #632328265aba0f4] - doc: add large pull requests contributing guide (Matteo Collina) #62829be241bacc8] - doc: remove unnecessary<!-- eslint-magic comments (Antoine du Hamel) #63200e0b1f092c3] - doc: fix inconsistencies in CJS code snippets (Antoine du Hamel) #63199a3feb15871] - doc: clarify SEA platform support excludes darwin-x64 (MJSHANG) #63181cafd7667fc] - doc: improve quic documentation (James M Snell) #631573c784edb6f] - doc: update release steps when post-release fails (Rafael Gonzaga) #631319de954e9be] - doc: fix deprecation list in 26.0.0 changelog (Antoine du Hamel) #6314720c553e456] - doc: add Hmac.digest() documentation-only deprecation (DEP0206) (Anshika Jain) #631213494eae2c8] - doc: document the latest-vX.x schema (Marco Ippolito) #63033c02413d29d] - doc: remove list of versions inBUILDING.md(Antoine du Hamel) #6311353f9a902a1] - doc,sqlite: document entryPoint argument for loadExtension (Edy Silva) #63152f858c6140e] - (SEMVER-MINOR) fs: addTemporal.Instantsupport toStatsandBigIntStats(Livia Medeiros) #60789b2ba62ca0e] - fs: makeDateproperties onStatsenumerable (LiviaMedeiros) #633280cbb3895df] - (SEMVER-MINOR) http: add writeInformation to send arbitrary 1xx status codes (Tim Perry) #63155f712e6856e] - http2: validate non-link headers in writeEarlyHints (Matteo Collina) #620173acadae676] - lib: fix typo idenity => identity (Daijiro Wachi) #63112460329e886] - lib: fixes validator message (Daijiro Wachi) #628239438c832b2] - lib: narrow ReadableStreamBYOBRequest.view return type to Uint8Array (RoomWithOutRoof) #63017c7d27c82c4] - lib: handle --permission-audit when propagating flags (Rafael Gonzaga) #630479f19915276] - lib: optimize webidl conversion options (Filip Skokan) #6275667d094a554] - meta: move one or more collaborators to emeritus (Node.js GitHub Bot) #632359091398f3d] - meta: ignore AI assistants files (Matteo Collina) #6261296f19a16d0] - module: fix sync hook short-circuit in require() in imported CJS (Joyee Cheung) #6292045f3e3ef11] - node-api: support SharedArrayBuffer in napi_create_typedarray (Yilong Li) #62710d7afa617bb] - quic: send correct OpenSSL alert for ALPN mismatches (Tim Perry) #63193526313beb8] - quic: fixup quic stream variable chunk len (James M Snell) #632301613c7fe70] - quic: support --allow-net permissions (James M Snell) #6318472ab7444a8] - quic: remove unused env_ variable in session_manager.h/cc (James M Snell) #631772b55656778] - quic: remove unused binding variable in session.cc (James M Snell) #6317783f0d37400] - quic: ignore coverage for quic files (James M Snell) #631497e6b77b14d] - quic: complete the internal implementation of QUIC (James M Snell) #6287671372418f1] - repl: fix dedup comparing normalized line against raw history (Daijiro Wachi) #6288620f40c2c25] - sqlite: keep source database alive during backup (Matteo Collina) #62673592f741bd0] - src: simplify OpenSSL feature gates (Filip Skokan) #63255520ab7ad40] - src: add BoringSSL EVP enumeration fallback (Filip Skokan) #6320612be49acbc] - src: support multiple versions in node.config.json (Marco Ippolito) #63033296f907585] - src: remove unused using declarations in node_task_queue (Mert Can Altin) #631447703f11b3c] - src: skip JS callback for settled Promise.race losers (Felipe Coelho) #6233674ab710c3a] - src,sqlite: remove dead code (Edy Silva) #63204e49154f4c8] - stream: add sync iterable fast path to pipeTo (Trivikram Kamat) #63318537455e98d] - stream: fix merge handling for object-like sources (Trivikram Kamat) #63356e21b8a47f0] - stream: limit iter from sync iterable batches (Trivikram Kamat) #633243bdb64dc67] - stream: cache minimum cursor count in broadcast (Trivikram Kamat) #6332281819add6b] - stream: remove unnecessary check (Antoine du Hamel) #6303022e3579d74] - stream: avoid retrying accepted pipeTo writes (Trivikram Kamat) #63297691915ea94] - stream: validate broadcast writer writev chunks (Trivikram Kamat) #63300253f5f4ca2] - stream: uncork fromWritable writev on chunk error (Trivikram Kamat) #63295aa6913cc4a] - stream: validate fromWritable() options before cache (Trivikram Kamat) #632786c53ddb988] - stream: optimize single-slot push queue drain (Trivikram Kamat) #63274b568649f6f] - stream: preserve toReadableSync batch after backpressure (Trivikram Kamat) #63276cdcefd7e2f] - stream: cache minimum cursor count in share (Trivikram Kamat) #63262ba7000e4f7] - stream: minor stream/iter implementation edits (René) #6313231d89c4f59] - test: avoid repeated writes in watch helper (Trivikram Kamat) #633866f3587c773] - test: deflake watch mode worker test (Trivikram Kamat) #63384a57aebaa73] - test: update tls/crypto behaviour expectations when using BoringSSL (Filip Skokan) #63161b871cff2db] - test: relax test-memory-usage arrayBuffers check (inoway46) #6324425189bcb95] - test: reduce flakiness ofdifferent-registry-per-thread(Antoine du Hamel) #632445bdb1f8426] - test: fix flaky test-watch-mode-inspect timeout (Matteo Collina) #63361d57bd2bf59] - test: relax min assertion in test-performance-eventloopdelay (Marco) #63100014e1f00c1] - test: avoid flaky restart sync in debugger exceptions test (Yuya Inoue) #62055dd28ff8a80] - test: avoid initial-break wait in restart-message (inoway46) #62060e89a49a13a] - test: move FFI tests toNATIVE_SUITES(Antoine du Hamel) #6316551ef0258ba] - test: update WPT for wasm/jsapi to 288c467d35 (Node.js GitHub Bot) #63136c0175a9ba1] - test: use ERM to destroy sqlite database handles after tests (René) #6307683054e8aba] - test_runner: avoid hanging on incomplete v8 frames (Ali Hassan) #627044f1426d361] - test_runner: fix hooks test context (Moshe Atlow) #632856a4c4b7193] - test_runner: fix diagnostics channel context tracking (Moshe Atlow) #63283eba9c3481b] - test_runner: add tags option and tag-name filter (Chemi Atlow) #632212ba124f23b] - tls: add unsupported renegotiation error (Filip Skokan) #631617c5048495a] - tools: bump the eslint group in /tools/eslint with 4 updates (dependabot[bot]) #630756c574110a7] - tools: update gyp-next to 0.22.2 (Node.js GitHub Bot) #63374f14ed762b3] - tools: add boringssl to tools/nix/openssl-matrix.nix (Filip Skokan) #6320614d3924c48] - tools: fix test426 updater (Antoine du Hamel) #632710d017ece8d] - tools: filter V8 scripts for build toolchain (Richard Lau) #630693859a8700e] - tools: use different branch for tool updates on staging branches (Antoine du Hamel) #631104a32ed82bd] - tools: prevent lib code from reading KeyObject and CryptoKey accessors (Filip Skokan) #63111