2025-02-20, Version 18.20.7 'Hydrogen' (LTS) #57122
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
PR-URL: #53190 Reviewed-By: Moshe Atlow <[email protected]> Reviewed-By: Christian Clauss <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Mohammed Keyvanzadeh <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]>
Refs: https://github.com/actions/upload-artifact/releases/tag/v4.0.0 Refs: https://github.com/actions/download-artifact/releases/tag/v4.1.0 PR-URL: #51219 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.0.0 to 4.3.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@c7d193f...26f96df) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> PR-URL: #51643 Refs: actions/upload-artifact@26f96df Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Trivikram Kamat <[email protected]>
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@f44cd7b...6b208ae) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> PR-URL: #51644 Refs: actions/download-artifact@6b208ae Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Trivikram Kamat <[email protected]>
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.1 to 4.1.3. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@6b208ae...87c5514) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> PR-URL: #51938 Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.0 to 4.3.1. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@26f96df...5d5d22a) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> PR-URL: #51941 Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Moshe Atlow <[email protected]>
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.3 to 4.1.4. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@87c5514...c850b93) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> PR-URL: #52314 Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.4 to 4.1.7. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@c850b93...65a9edc) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> PR-URL: #52784 Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Mohammed Keyvanzadeh <[email protected]> Reviewed-By: Ulises Gascón <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.1 to 4.3.3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@5d5d22a...6546280) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> PR-URL: #52785 Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Mohammed Keyvanzadeh <[email protected]> Reviewed-By: Ulises Gascón <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.7 to 4.1.8. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@65a9edc...fa0a91b) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> PR-URL: #54167 Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.3 to 4.3.4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@6546280...0b2256b) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> PR-URL: #54166 Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.4 to 4.4.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@0b2256b...5076954) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> PR-URL: #54703 Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.4.0 to 4.4.3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@5076954...b4b15b8) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> PR-URL: #55685 Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
Signed-off-by: dependabot[bot] <[email protected]> PR-URL: #56861 Reviewed-By: Antoine du Hamel <[email protected]>
PR-URL: #55855 Backport-PR-URL: #55962 Refs: #55333 Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Jacob Smith <[email protected]>
PR-URL: #55977 Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Trivikram Kamat <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]>
PR-URL: #56795 Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Chengzhong Wu <[email protected]>
PR-URL: #55699 Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]>
PR-URL: #55850 Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
PR-URL: #55889 Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Marco Ippolito <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]>
PR-URL: #55973 Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]>
PR-URL: #56255 Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Luigi Pinca <[email protected]>
PR-URL: #54432 Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]>
PR-URL: #55980 Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Marco Ippolito <[email protected]>
PR-URL: #56995 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Juan José Arboleda <[email protected]> Reviewed-By: Marco Ippolito <[email protected]>
Previously when checking the initial timing we did a lot of checks after accessing and copying timing.duration and before we check that timing.duration is roughly the same as performance.now(), which can lead to flakes if the overhead of the checking is big enough. Update the test to check timing.duration against performance.now() as soon as possible when it's copied instead of computed. :# PR-URL: #49892 Refs: nodejs/reliability#676 Reviewed-By: Chemi Atlow <[email protected]> Reviewed-By: Richard Lau <[email protected]>
PR-URL: #53993 Fixes: #53989 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Daeyeon Jeong <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Stefan Stojanovic <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]>
The `out/Makefile` target in `Makefile` has an incomplete list of `.gyp` files for Node.js dependencies in `deps`, but also the ones that are listed are unconditional. If using any of the `--shared-*` configure options, it should be possible to still build Node.js if the corresponding directory under `deps` is removed. Convert the explicit list of dependency `*.gyp` files for the `out/Makefile` target to a glob. This will pick up any toplevel `.gyp` files for dependencies present in `deps`. PR-URL: #55789 Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Juan José Arboleda <[email protected]>
OpenSSL 3.4 has a breaking change where the outputLength is now mandatory for shake* hash algorithms. openssl/openssl@b911fef PR-URL: #56160 Refs: #56159 Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Richard Lau <[email protected]>
This is the certdata.txt[0] from NSS 3.107. This is the version of NSS that shipped in Firefox 134.0 on 2025-01-07. Certificates removed: - SecureSign RootCA11 - Entrust Root Certification Authority - G4 - Security Communication RootCA3 [0] https://raw.githubusercontent.com/nss-dev/nss/refs/tags/NSS_3_107_RTM/lib/ckfw/builtins/certdata.txt PR-URL: #56566 Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Richard Lau <[email protected]> Reviewed-By: James M Snell <[email protected]>
PR-URL: #55873 Fixes: #55869 Reviewed-By: Richard Lau <[email protected]>
Original commit message:
[import-attributes] Deprecate 'assert' for removal in 12.6
See https://groups.google.com/a/chromium.org/g/blink-dev/c/ZHvzLaJZRvo/m/FgNDBjrtBQAJ
Bug: v8:10958
Change-Id: I4d21c9f7aad1024b198b4a1cdfb4792a011da464
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/5055681
Reviewed-by: Rezvan Mahdavi Hezaveh <[email protected]>
Auto-Submit: Shu-yu Guo <[email protected]>
Commit-Queue: Shu-yu Guo <[email protected]>
Cr-Commit-Position: refs/heads/main@{#92044}
Refs: v8/v8@ae5a4db
Co-authored-by: Antoine du Hamel <[email protected]>
PR-URL: #55873
Fixes: #55869
Reviewed-By: Richard Lau <[email protected]>
Original commit message:
[import-attributes] Deprecate 'assert' for dynamic import as well
Bug: v8:10958
Change-Id: I7847bdb5d2c79f057f4e1df99f8f5889788f09cb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/5249778
Commit-Queue: Shu-yu Guo <[email protected]>
Reviewed-by: Leszek Swirski <[email protected]>
Cr-Commit-Position: refs/heads/main@{#92123}
Refs: v8/v8@26fd1df
Co-authored-by: Antoine du Hamel <[email protected]>
PR-URL: #55873
Fixes: #55869
Reviewed-By: Richard Lau <[email protected]>
github-actions
bot
added
release
|
Review requested:
|
github-actions
bot
removed
the
request-ci
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as duplicate.
This comment was marked as duplicate.
richardlau
approved these changes
Feb 20, 2025
aduh95
added a commit
to aduh95/nodejs.org
that referenced
this pull request
Feb 20, 2025
5 tasks
github-merge-queue bot
pushed a commit
to nodejs/nodejs.org
that referenced
this pull request
Feb 20, 2025
acidiney
pushed a commit
to acidiney/node
that referenced
this pull request
Feb 23, 2025
Notable changes: crypto: * update root certificates to NSS 3.107 (Node.js GitHub Bot) nodejs#56566 PR-URL: nodejs#57122
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
2025-02-20, Version 18.20.7 'Hydrogen' (LTS), @aduh95
Notable Changes
ea5eb0e98b] - crypto: update root certificates to NSS 3.107 (Node.js GitHub Bot) #56566Commits
bb2977ca6c] - build: use glob for dependencies of out/Makefile (Richard Lau) #5578992896945b8] - build: support python 3.13 (Chengzhong Wu) #53190ea5eb0e98b] - crypto: update root certificates to NSS 3.107 (Node.js GitHub Bot) #56566d03a23577d] - deps: V8: cherry-pick 26fd1dfa9cd6 (Shu-yu Guo) #5587353bb21b093] - deps: V8: backport ae5a4db8ad86 (Shu-yu Guo) #558735eb6dfe284] - deps: update zlib to 1.3.0.1-motley-82a5fec (Node.js GitHub Bot) #55980734515a0f7] - deps: update zlib to 1.3.0.1-motley-7e2e4d7 (Node.js GitHub Bot) #54432d64cc98324] - deps: update simdutf to 5.6.4 (Node.js GitHub Bot) #562559eab21dd1d] - deps: update simdutf to 5.6.3 (Node.js GitHub Bot) #559732e3367b46a] - deps: update simdutf to 5.6.2 (Node.js GitHub Bot) #55889df74d66207] - deps: update simdutf to 5.6.1 (Node.js GitHub Bot) #55850ade37ee0b3] - deps: update acorn to 8.14.0 (Node.js GitHub Bot) #55699a3c367adbd] - deps: update corepack to 0.31.0 (Node.js GitHub Bot) #567952cff6a8428] - deps: update corepack to 0.30.0 (Node.js GitHub Bot) #559778b8c9a2cf5] - doc: update macOS and Xcode versions for releases (Michaël Zasso) #56337706af28113] - doc: add "Skip to content" button (Antoine du Hamel) #56750634a6b3a14] - doc: improve accessibility of expandable lists (Antoine du Hamel) #56749f0b60c5bf9] - doc: fix arrow vertical alignment in HTML version (Akash Yeole) #5219391cce27ebb] - doc: remove flicker on page load on dark theme (Dima Demakov) #50942522fbb00a8] - doc: make theme consistent across api and other docs (Dima Demakov) #508771486465520] - doc: save user preference for JS flavor (Vidar Eldøy) #49526d74cff7e59] - doc: rename possibly confusing variable and CSS class (Antoine du Hamel) #495364829d976fe] - doc: add main ARIA landmark to API docs (Rich Trott) #498826c4ce1f1d4] - doc: add navigation ARIA landmark to doc ToC (Rich Trott) #4988233548f8c1f] - doc: add history entries for JSON modules stabilization (Antoine du Hamel) #55855e12bdf6141] - meta: bumpactions/upload-artifactfrom 4.4.3 to 4.6.0 (dependabot[bot]) #568616f44ef388b] - meta: bump actions/upload-artifact from 4.4.0 to 4.4.3 (dependabot[bot]) #55685ae39211117] - meta: bump actions/upload-artifact from 4.3.4 to 4.4.0 (dependabot[bot]) #547034cf80b37c7] - meta: bumpactions/upload-artifactfrom 4.3.3 to 4.3.4 (dependabot[bot]) #541664d402b79cb] - meta: bumpactions/download-artifactfrom 4.1.7 to 4.1.8 (dependabot[bot]) #541671c01f93497] - meta: bump actions/upload-artifact from 4.3.1 to 4.3.3 (dependabot[bot]) #527856558a516ec] - meta: bump actions/download-artifact from 4.1.4 to 4.1.7 (dependabot[bot]) #52784dd70860ec8] - meta: bump actions/download-artifact from 4.1.3 to 4.1.4 (dependabot[bot]) #523144a24d92a45] - meta: bump actions/upload-artifact from 4.3.0 to 4.3.1 (dependabot[bot]) #51941655b9071b9] - meta: bump actions/download-artifact from 4.1.1 to 4.1.3 (dependabot[bot]) #519380e6ad795aa] - meta: bump actions/download-artifact from 4.1.0 to 4.1.1 (dependabot[bot]) #5164461babc5037] - meta: bump actions/upload-artifact from 4.0.0 to 4.3.0 (dependabot[bot]) #516438b16d80029] - meta: update artifact actions to v4 (Michaël Zasso) #51219d47e8cb86d] - test: do not use deprecated import assertions (Antoine du Hamel) #5587306c523d693] - test: marktest-inspector-stop-profile-after-doneas flaky (Antoine du Hamel) #57001dafea86962] - test: marktest-perf-hooksas flaky on macOS (Antoine du Hamel) #570018e53f1f43d] - test: mark test-inspector-multisession-ws as flaky (Antoine du Hamel) #57001350eb50bbe] - test: marktest-performance-functionas flaky (Antoine du Hamel) #57001a1f428a343] - test: skiptest-perf-hookson SmartOS (Antoine du Hamel) #57001199f52fcc0] - test: make test-crypto-hash compatible with OpenSSL > 3.4.0 (Jelle van der Waa) #56160b08ce67d48] - test: compare paths on Windows without considering case (Early Riser) #539936e84d211a1] - test: deflake test-perf-hooks.js (Joyee Cheung) #49892a7f565fc7f] - tools: fix failinglint-shworkflow (Antoine du Hamel) #56995